IE7 to be Pushed to Users Via Windows Update 608
dfrick writes "CNET is reporting that IE7 will be pushed to users via Windows Update. This has serious implications for e-commerce websites whose functionality might be affected by any bugs in the software. Also to have end users suddenly using a new browser right before the holiday shopping season could magnify the cost any bugs that might create a bad user experience on sites."
Another Get Firefox day coming soon... (Score:5, Insightful)
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
Re:Another Get Firefox day coming soon... (Score:3, Funny)
Re:Another Get Firefox day coming soon... (Score:5, Informative)
browser.sessionhistory.max_total_viewers set to 0
Problem solved.
Re:Another Get Firefox day coming soon... (Score:4, Informative)
This, however, does: config.trim_on_minimize = true.
You're wrong. Stop spreading bad advice! (Score:4, Informative)
You don't understand the memory statistic (Working Set) [wikipedia.org] that Windows Task Manager is showing you. It doesn't mean what you think it does, but you can blame Microsoft for defaulting to misleading memory statistic (and mislabeling it as 'Memory Usage')
Use Process Explorer [sysinternals.com] to get an accurate representation of the memory usage on your computer.
Re:Another Get Firefox day coming soon... (Score:4, Informative)
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
The problem will be solved when either it's by default or they provide a clickie in the preferences panel to change it. In the mean time, it's simply a fix for those who know it's a configuration issue instead of a run-of-the-mill memory leak.
Re:Another Get Firefox day coming soon... (Score:5, Interesting)
I've never understood why people with 1-2GB of RAM freak out when applications actually use some of that available memory. What good is a ton of memory if it's not being used? Firefox is a memory pig, yes, but it's giving it back to Windows should other programs actually need it.
The same can be said about the aggresive memory trimming. Why are people willing to put up with a frozen UI whenever Firefox trims its memory is beyond me.
I have plenty of free memory and don't really care either way, so I value usability higher than low memory use. People should probably get their learn on about Windows memory usage [shsc.info] before posting any more wrong statements about Firefox.
That's not to say that Firefox (and some of the more well-known) extensions don't leak memory like a proverbial sieve. I'm just saying that the above instances aren't memory leaks and anyone claiming that they are should be modded down.
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
Read the explanation I linked to on Windows memory usage. If the only leak symptom you're seeing on your machine is a scary number in the Task Manager, things probably aren't as bad as you think.
Re:Another Get Firefox day coming soon... (Score:5, Informative)
Re:Another Get Firefox day coming soon... (Score:5, Funny)
Re:Another Get Firefox day coming soon... (Score:5, Informative)
Here at home, FF has been running about 10 minutes, currently has 6 tabs open, and is using 56meg of RAM.
At work, it's been running for a couple of days, and is using 161meg.
I generally have to kill FF every few days due to the amount of RAM it uses. Now, I tend to go through tabs like nobody's business and have a couple of extensions installed (although not *that* many), so perhaps I'm not the typical user. However, just because *you* get it to run in next to no RAM on a POS machine doesn't mean the rest of us can.
Re:Another Get Firefox day coming soon... (Score:4, Insightful)
Re:Another Get Firefox day coming soon... (Score:3, Interesting)
As do I - so I'll provide some more.
I'm at work and currently have 12 FF tabs loaded across two windows (one for work, one for...well, slashdot). With that number of tabs open Firefox is currently using 136 MB of ram (started it within the past few hours). After reading some of the delightful comments on this story, I decided to load the exact same pages in IE 7 beta 2 (haven't gotten around to installing beta 3 yet). After loading all of the exact same pages into IE7 it was using (boggle) 60 MB of ram...
Re:Another Get Firefox day coming soon... (Score:5, Funny)
Re:Another Get Firefox day coming soon... (Score:3, Interesting)
So? I could quite happily surf the web in 1996 with 40 megs of RAM and a 100 MHz pentium. And believe it or not, the web hasn't changed too much since then. Just because Firefox isn't consuming all of your memory doesn't mean it's not using a lot more than it should be.
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
Re:Windows...still... booting... (Score:4, Insightful)
Interesting. My computer has 4 gigs of RAM and uses only 200 megs or so at boot. Never had it use a gig, or close to it, even when IE was my primary browser. The pre-loaded DLLs don't store IE's cache.
I'm confused? (Score:5, Funny)
wtf? (Score:5, Informative)
IE has to re-load all of its DLL even if another application has already loaded the Windows HTML rendering engine. So the memory reported in TaskMgr for IE is WHAT IE IS USING. Get it?
Um... what did the above just mean? If I remember my CS courses correctly, the reason DLL's exist is to REUSE the CODE by putting it ONCE in MEMORY and then allowing ACCESS from (gasp) DIFFERENT applications. Perhaps you are talking about DATA. There, you will have separate pages copied. That does no mean that CODE does not take space. If I am correct in assuming the HTML rendering engine code IS provided as a DLL, and the IE is just a wrapper around it, the rendering CODE could easily take 5-10MB of RAM, because rendering engines ARE COMPLEX.
Moreover, in Windows, fonts are bundled into the DLLs, making them shared as well. This means that IE can re-use fonts loaded into the HTML rendering engine, while Firefox probably cannot (It would make no point to write a browser that depends on another rendering engine, IMHO).
That's what I think the parent meant.
If you need substantiation for these claims, here you go (wikipedia):
The shared library term is slightly ambiguous, because it covers at least two different concepts. First, it is the sharing of code located on disk by unrelated programs. The second concept is the sharing of code in memory, when programs execute the same physical page of RAM, mapped into different address spaces. It would seem that the latter would be preferable, and indeed it has a number of advantages. For instance on the OpenStep system, applications were often only a few hundred kilobytes in size and loaded almost instantly; the vast majority of their code was located in libraries that had already been loaded for other purposes by the operating system.
In Windows, the concept was taken one step further, with even system resources such as fonts being bundled in the DLL file format. The same is true under OpenStep, where the universal "bundle" format is used for almost all system resources.
And, BTW, you're wrong about denied access. There is a function in the Windows API that allows any process run a thread in another process. Yep, any app can do that. From the Phrack magazine, issue 62:
The CreateRemoteThread function creates a thread that
runs in the address space of another process.
HANDLE CreateRemoteThread(
HANDLE hProcess,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
DWORD dwStackSize,
LPTHREAD_START_ROUTINE lpStartAddress,
LPVOID lpParameter,
DWORD dwCreationFlags,
LPDWORD lpThreadId
);
Two more functions:
VirtualAllocEx()
WriteProcessMemory()
give us the power to inject our own arbitrary code to the
address space of another process - and once it is there, we can
create a thread remotely to execute it.
Re:wtf? (Score:5, Informative)
#1) DLLs can be shared, but the IE HTML COM objects are NOT shared, IE launches them in its own process. This shift was a security change in WinME and Win2k, that was even further extended in WinXP. IE 'could' in theory piggy back some of the HTML DLLs if another application like the shell had them loaded, but it 'specifically' DOES NOT for security reasons. (Go look this up, please. Do a google or a search on microsoft.com about COM isolation, also do a search on DLL isloation, and do a search on IE's Engine isloation from the OS.)
#2) Your assertions about DLL sharing and submitting that FireFox cannot use the Font sharing abilities of Windows are crazy. If ANY application is running under Windows and is writing to the screen in some matter, they are 'inherently' using the Win32 GDI+ API and 'shared' DLLs that all applications have access to, although there is distinction between shared core libraries and ones that are not.
#3) Your example of pushing code into another process is not needed, this is something that is well known by most people, and is not isolated to just Windows. It is something that Vista deals with in a way that shattering cannot allow process elevation. (Go look this stuff up.) Also this has NOTHING to do with whether Firefox or IE have a smaller memory footprint.
FireFox 'being a Win32' Application has JUST as much advantage to using the shared core OS DLLS as any windows application from Notepad to iTunes to Photoshop. I realize that some of the UI elements and programming in FireFox forgoes using some of the Windows APIs, but that is the FireFox teams decision and why cross platform applications often end up appearing slow and bloated and often uncompatibile with new OS releases because they do not adhere to the common UI structures or APIs provided.
This is true of FireFox running on KDE, OSX, or Win32. FireFox does employ 'some' optimizations on 'each' platform using the core OS, so FireFox is not Win32 free in any respect. For example it draws to the display context, it is using the standard Windows GDI APIs and DLLs as well.
The silliness in the responses I have seen are people are trying to define Firefox as sometihng it is and something it isn't, just as they are IE. Applications that run on ANY OS take advantage of the 'platform' available to it, the core or underlying APIs or Libraries that makeup the UI portion of the OS. (Yes we are sticking with GUI concepts here)
So Firefox can use any Windows TrueType Font, because it uses the WIndows Font API and therefore the Windows Font Rendering technologies. That is why you get cleartype in Firefox when running it on Windows, because it is LETTING Windows draw the fonts to its display bitmap, which is also something it is using Windows to maintain.
See, this is why I find your comment on the 'Fonts' as an example of something Firefox 'might not' have access to to be insane. Prove yourself wrong, next time you are at a Windows Machine, option the Option and change the Default rendering Font in FireFox to ANY Windows supported Font, and bingo, it will use that font, because it is LETTING Windows do the Font Rendering. Also notice that if cleartype is enabled, it is used and the Windows Font Hinting technology is also used.
FireFox is NOT at a loss of advantages when it comes to comparing itself to IE. If FireFox does eat more Memory (and sometimes it truly doesn't) then this is a problem with FireFox, not BECAUSE IE gets ANY special treatment in Windows.
Ok?
Re:wtf? (Score:4, Informative)
So you have to let it have that access. I don't think these flags are set by default, so you have to explicitly ask for them, and to change the ccess flags for the creating app, the user you run as needs to have the SeDebugPriviliege privilege. (ie admin)
As for dlls being loaded, it depends what he meant - all apps will share the memory that is used by a dll as they only map it into their address space on load (unless you have delay-loading speciifed when you built the app, whereupon it gets mapped in when it is first used). So generally for all apps, all dlls are loaded on startup. If the dll is already used by another app, then you'll get that one instead of the one on disk. Its not that much of a speed boost however, and I find that all apps that 'preload' are run so they can perform some work (eg lengthy initialisation) instead of simply loading dlls into their address space.
For memory use, there is a difference between what task manager shows you (the apps memory usage) against the memory used solely by an app for that app (Private Bytes).
Re:wtf? (Score:3, Informative)
These three fun
Re:Windows...still... booting... (Score:5, Informative)
1) DLLs are shared across processes. If one process loads a DLL, it resides in physical memory, at a specific virtual address. If another process loads the same DLL, it reuses the same copy in physical memory, but in a different virtual address space. It may even be loaded at a different virtual address in the second process. The pages are read-only so any attempt by either process to modify them will result in an access violation.
2) Windows explorer is a process which exists as an application called explorer.exe. It is started when you log on to Windows, and explorer.exe links to mshtml.dll and shdocvw.dll. These are the IE core DLLs (the Microsoft HTML parser and the Shell Document View, respectively). It also happens to link to gdiplus.dll, gdi.dll, user.exe, ntdll.dll and a bunch of others.
3) Internet explorer is a very small application (a few hundred KB compiled) which links into shdocvw.dll and mshtml.dll. It also happens to link to a bunch of other DLLs like ntdll.dll.
4) Firefox is another application. It links to such Windows DLLs as ntdll.dll and user.exe. It also happens to link to gecko.dll, which no other Windows application will load. Therefore when Firefox starts up, it is going to be the first to load gecko.dll.
5) Going back to point 1; every time any application loads a specific DLL, the loader will check to see if it is already present in physical memory, and will create a new virtual mapping for it. The physical memory used is shared across each process. When Windows starts, it loads the IE core DLLs. Most of IE is in memory by the time you can view the desktop. Firefox however, has a much smaller percentage of the application in memory before you click on it.
Hence: Most of IE is loaded before you click on the IE icon. Most of Firefox is not loaded until you click on the IE icon.
Re:Windows...still... booting... (Score:3, Informative)
If Windows doesn't automatically share libraries between applications then it's a worse operating system than I originally thought. *Every* other modern OS shares dynamically linked code between applications that use it, to do otherwise would be woefully inefficient (both in memory usage and startup time).
Let's look at how Linux handles shared libs (this is about the same
Re:Another Get Firefox day coming soon... (Score:3, Informative)
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
Re:Another Get Firefox day coming soon... (Score:3, Insightful)
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
All this coming from someone who DOES dislike the my-broswer-makes-coffee-too mentality so common today. But really, why do you single ActiveX out?
Re:Another Get Firefox day coming soon... (Score:5, Informative)
Why single out ActiveX? (Score:5, Informative)
You must be new here. Here are a few reasons, some of them obvious:
Re:Another Get Firefox day coming soon... (Score:5, Funny)
I believe they are calling it a 'feature'.
Demonizing ActiveX... (Score:5, Informative)
a) It's a security risk waiting to happen - ActiveX controls have no limits placed on what they can do to your machine. Even Internet Explorer has finally heaved a sigh and is now blocking them by default.
b) It's more Microsoft lock-in. An ActiveX site is a Windows(tm)-only site.
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
The difference with FireFox extensions is that they can't be embedded in a web page; you need to download them and install them manually. You will never visit a site which requires a particular FireFox extension (running with the same privileges as the rest of your applications) in order to navigate.
Now COM is an idea I like. It's a logical extension of the VMS Common Language Environment from procedural to pseudo-OO languages. The problem is not the underlying technology, it is the deployment. If ActiveX controls were run through something like systrace, which would validate arguments to system calls and block any that didn't match a fairly restrictive security model, then it would be fine.
Re:Another Get Firefox day coming soon... (Score:5, Informative)
The internet is, by its very nature, to be considered an insecure and hostile network. Pages you surf to are by definition to be seen as hostile until proven benign. And even then, it's happened more than once that a page considered safe was hacked and turned into a malicious site.
AX is a "direct link" between net applications and your system. Which is incredibly convenient, but also incredibly dangerous considering the described problems with the internet. If the internet was a trusted medium, this would be THE technology. Since it is not, it is THE threat.
Yes, PEBKAC is part of this danger. But then, think again how many of the "killer viruses" that spread within the last few years relied ONLY on the stupidity of people and how successful they were. ILoveYou, Kournicova (or however she's spelled) and their variants required user interaction to become active. Without a stupid user, these programs would have had zero chance of spreading.
A web application or technology has no business with my machine's system. It may run in a sandbox, which is great, it may read/write in certain, predetermined places (which are secured against the rest of the system), that's it. Giving an application from an insecure, potentially malicious, source the ability to run at system level is simply and plainly stupid. It's like playing russian roulette with 5 chambers loaded and, after hearing the 'click' once, thinking that nothing can happen and it's safe.
Re:Another Get Firefox day coming soon... (Score:5, Insightful)
2. I actually discovered one of the first activeX security holes, way back in 1999.
The problem with AX is that it is really Ole Controls, OCX, upgraded for the internet era. OCX was nice, a version of Visual Basic (VBX) controls that was language neutral. Their goal was to make it easy for anyone to embed their controls inside their apps, and so have fancy apps with less coding. Classic Java Beans were sun's ill-fated attempt to copy this. VBX and OCX were probably the enablers of the best market in re-usable client-side components. Want fancy reports in your app? Crystal Reports OCX. Want good database access? Use the db access controls that ship from MS. OCX was a really nice design.
The trouble with ActiveX was that they turned the web browser into a container, with the ability to download and run any activeX control. By default, all OCXs that are installed on a PC are enabled for use in IE, even though they were never written for the assumption that their caller was trusted. There's nothing wrong with an OCX to be embedded inside a C++ app letting you open files in the local filesystem. delete files there, overwrite things. But have some random javascript do that and your box is owned. Most emergency patches by MS and PC manufacturers is for built in controls. to mark them as unsafe for scripting, or to mark them as revoked.
Failing one: ActiveX is only secure if the controls are designed to be called by untrusted people. Even if the controls arent scripted, they can still take params which can be malicious and read/write illegitimate files. Example: windows media control lets you pass in a path in the local filesystem. Script doesnt have access to the contents, but you can work out if the file is present or not. It is leaking information.
Auto control download is the other problem. AX controls are pulled down, their signature verified. There is no sandbox, so the system is built entirely on the model that the people who write the controls are well meaning. The spyware industry showed the lie for that.
Failing two: there is no sandbox for control.
Now, for a few hundred dollars verisign will sell a cerificate in the name "Microsoft requires you to install this component.ltd" and that is what appears on the click-here-to-be-0wned dialog.
Failing three: the vendors of certificates are more interested in certificate sales fees than the safety of the box. If verisign took some financial hit for every bit of spyware they signed off, things would be different.
AX controls are usually written in C++, which is one of the C/C++ family of 'buffer overflow enabled' languages. I know I always get marked down for flame baiting when I say that, but the truth is while compentent people can write really secure code in C/C++ (eg. Apache HTTPD, openSSH), too many developers are in a hurry that ship something that just about works on the deadline required. Because AX controls are not in a sandbox, every single attribute and method has to be treated as something that a malicious piece of javascript can call.
Failing four: the lack of a sandbox forces AX developers to write secure code, and they don't appear up to the job.
If you find a security hole in an active x control, it can be rereleased, a new
failing 5: its nearly impossible to stop malicious sites pushing out buggy versions of other people's AX controls.
Re:Another Get Firefox day coming soon... (Score:5, Interesting)
ActiveX allows arbitrary code from an arbitrary web page to run on your machine with full administrative priviliges, and the only defence against it is the computer-savviness of the user.
.305 Magnum that automatically points at your foot, or a cruise missile that automatically targets friendly units. Sure, it requires user-intervention to cause a disaster, and if something happens it's technically the user's fault, but it's clearly also the bloody stupid design of the system that contributed to the disaster.
Uh-oh.
Now, you can argue that technology shouldn't be castigated because of user-error, but that's like saying there's nothing wrong with a
And in case you've missed it, it's no longer considered professional as any kind of IT engineer to go "Oh, ID10T error" and wash your hands of the problem. Users will ever be clueless, but well-designed technology has a learning curve that allows for this.
ActiveX offers a simple Yes/No dialogue choice, and to fully comprehend the implications of each that answer could take the average user weeks of study.
Microsoft (as ever) badly dropped the ball on security, and rather than fix the problem they just slapped a dialog box in front of it and claimed any disasters caused were now officially the fault of the user.
Indeed. However, when you've got an interesting idea with some nice applications than also just happens to cause the apocalypse, don't be surprised if the people huddling in craters across the broken, sulphur-spewing landscape happen to, y'know, not fixate on the few things it did pretty well.
Erm, not really. The first thing any sensible user wants any technology like that to do is to not open his machine to infection from every scumbag on the net... and make the browser do something more than render (D)HTML. See, the thing is, that first part is so freaking obvious that most people forget it's even a consideration.
An analogy:
People want tasty cakes, but they also don't want to be poisoned.
Microsoft produces a range of tasty cakes, some of which (at random) are chock-full of arsenic.
When people complain, they "solve" the problem by printing in big letters on the front: "WARNING: cake may conceivably not be perfectly free of element number 33".
Sensible people who can afford to thus avoid the cakes altogether, but people who can't read and people who don't know element number 33 is arsenic all risk ending up dead with every bite. As do people who work in Microsoft-only offices, who save with Microsoft-cake-mandating banks and a whole range of other people.
So whenever bakers gather to talk about Microsoft Cakes, unaccountably they ignore its fluffy texture and pleasing aroma, and bizarrely fixate on the fact that it regularly kills anyone uneducated enough to ingest it.
See the point now?
Because Java applets run in a sandbox, plugins weren't generally produced by anyone but large, trustworthy companies, and have massively dropped out of favour (because of lack of security) even so, and FF extensions and Opera widgets are both (i) somewhat insulated from the operating system, and (ii) selected, once, by the user due to their utility, and not pushed at the user by any weirdo third-party
Re:Demonizing ActiveX... (Score:5, Funny)
Here are the minutes from the meeting where this was decided:
Some Dev: Let's use DURRRRRRRR our OS-level component model for DURRRRRRRRRRR web plugins *grand mal seizure*
Billy G: That will help fucking kill Netscape
Ballmer: *throws chair in a way indicating approval*
Re:Another Get Firefox day coming soon... (Score:3, Informative)
Sungard Higher Education does it's timesheets online. It only works in IE. It's quite simple. If I want to be paid, I *must* use IE.
Force-Feeding (Score:5, Informative)
Re:Force-Feeding (Score:3, Informative)
My favourite quote: (Score:5, Informative)
My favorite quote FTA: "It will be available from Microsoft's Download Center Web site, Schare said. "We're really trying to get the world ready for a major new browser release."
Sorry, I already got my "major new browser release" about the time Microsoft were claiming "nobody needs tabbed browsing." IE7 is too little, too late, even for the poor unfortunates I know who are still stuck running Windows.
I like your favourite quote and I hope M$ dies... (Score:4, Insightful)
I manage around twenty websites for businesses around my state for some spare pocket money each month and all of them are xhtml1.1/css2 compliant (w3c) with a large hacks section for each to get them to work in ie6 (and in the case of one ie5 through 6) and instead of a nice easy integration with Vista coming with ie7 out of the box and a steady stream to xp users I'm being told it will all come in one hit in less than six months? Fuck that. Maybe M$ (and the general web community) has forgotten why we, the web developers, pushed so hard for Firefox in the first place - it wasn't fancy tabs, it wasn't speed, it wasn't popup block...it was the fact that they gave a damn about web standards - and they expect us to learn all of the quirks for ie7 and hack up our sites for them while it's still in beta but that's just not going to happen for many of us.
Though that isn't what really scares me, what scares me is none of the company's I have done websites for and also maintain for will understand the implication of the sites needing recoded until customers start complaining. I can put that number, personally, to about thirty five businesses phoning up and complaining that their sites don't work which will a) not be their fault and b) be my fault for selling them a broken site which leads to two problems 1) they wont want to pay for the update and 2) I lose my god damn holiday or I lose my reputation if I tell them to stuff off. Worse still is that many of these are reasonably large sites so fixing and testing them all in that time frame is just going to hurt.
So I'm pissed. Vista, DRM, selling out free speech in china, what ever
Most CSS bugs are fixed in IE7 (Score:5, Informative)
Well the good news is, they fixed most CSS2.1 bugs in IE7. They killed almost every bug mentioned at positioniseverything.net [positioniseverything.net]. They also added support for CSS2 selectors.
The bad news is they didn't add ":after" support..
If you used this to clear floats without structural markup [positioniseverything.net], you need to find another way.
And worth mentioning:
Note that pages render fine now without this hack!
Re:I like your favourite quote and I hope M$ dies. (Score:3, Insightful)
The IE7 beta has been out for ages. Beta 1 was available at the end of July last year. The public beta started about 6 months ago.
Don't blame MS for them not knocking on your door and telling you.
Re:I like your favourite quote and I hope M$ dies. (Score:5, Interesting)
If it takes 60 hours, then it takes 60 hours. This is what happens when you take on responsibility for something. If you agree to do it and got paid to do it, then you can't complain. Nobody forced you after all. Your inexperience with business shows that you didn't require them to pay for 'support' either on an as-needed basis, or with a regular payment to.
You get what you pay for. If the poster doesn't know how to manage his clients expectations properly, then he deserves to find out the hard way that working for someone requires more effort than just knocking up some website practically for fun.
Suggestion: contact clients, tell them IE7 is coming out and will be automatically updated. Suggest that some changes will be required to their websites to support the new browser and that these changes will be charged at £xx a hour, with estimated times for the sites. All the clients will be thankful you informed them before the changes occurred, all will pay for the changes. All will assume that upgrades are necessary because that's the way of the computer industry - we all upgrade to the latest version all the time, its ingrained as normal.
You then start work on upgrading the sites to support IE7 today, keep the changes stored away so that, in a few months time when the browser does come out, upgrading your client's sites is a simple matter of uploading the changes the day before. No stress, no weeny complaints about how 'fucking microsoft' ruined your life, no problems. This is how professionals do it. Learn.
Re:My favourite quote: (Score:3, Funny)
Re:My favourite quote: (Score:5, Insightful)
I seriously doubt it will end up on 90% of the worlds' computers.
First off, Microsoft is releasing a tool that will allow businesses to block the upgrade, and you can be sure that after the problems with other forced rollouts, business is taking a wait-and-see approach.
Second, its to little, too late. Firefox already has more than 10% market share, and as people continue to use it, they get used to not using IE. Case in point - I asked a friend of mine to check out one of my sites using IE. After talking with him on the phone, and checking 3 or 4 times "You're sure you're using Internet Explorer, right?" - it turned out that he was so used to using Firefox that it had completely replaced IE in his mind for "connecting to the internet"
Third, WGA is going to be mandatory for downloading the final version of IE7. What's the piracy rate for Windows XP again?
Developers (Score:3, Insightful)
-Ed
Re:Developers (Score:4, Insightful)
Re:Developers (Score:3, Funny)
Re:Developers (Score:5, Insightful)
Re:Developers (Score:5, Insightful)
Re:Developers (Score:5, Insightful)
The argument here isn't idealistic or puritanical or religious - it's practical. CSS allows web developers to effectively separate content and presentation, which in turn allows for more efficient development. It's not about laziness either. We web developers have finite time. We either spend that time working on new features/content/layouts/whatever, or chasing down 4 year old bugs in IE.
Take as an example a group of mechanical engineers plotting designs for a car. Group A favors one brand of mechanical pencils. Group B favors another. An astute engineer might attempt to settle the matter as you do: "all mechanical pencils have their quirks." Unfortunately, group C is using crayons that are worn nearly to the nub. IE is a crayon that is worn quite to the nub.
To write off the pitiful state of IE's HTML, CSS and javascript support as "quirks" is to let MS off the hook. They leveraged their monopoly and "won" the browser wars. Having done so, it appears that they intend to use their dominant browser in order to defend their Big Two products by retarding the progress of web technologies indefinitely.
As a side note, why does "realist" now refer to people who give up on ethics (and other such long term concerns) for short-run gains?
Re:Developers (Score:3, Interesting)
Re:Developers (Score:3, Insightful)
Business trumps standards thumping on the web. That's why we are where we are.
Halo 2 (Score:5, Funny)
Nine Inch Nails? (Score:3, Funny)
Why push halo 2 [wikipedia.org] when you can push halo 5 [wikipedia.org]?
Re:Nine Inch Nails? (Score:4, Funny)
http://en.wikipedia.org/wiki/The_Downward_Spiral [wikipedia.org]
(long time NIN fan)
Bugs? (Score:5, Informative)
I've fiddled around with beta 3 for a bit, it's just as stable as IE6 is (even moreso, if you can believe that). I think this summary was written by someone scared of "beta" software.
As for breaking webpages, big deal. IE6 has been breaking webpages for years. Now at least the web designers who built pages for the IE6 "standard" instead of the STANDARD standards will taste a bit of our pain.
Only IE7 bug I noticed is that IE7 REFUSES to remove borders on iframes (or maybe it's the body tag inside the iframe). Using CSS or deprecated HTML attributes have no effect. IE6 does not have this problem.
Re:Bugs? (Score:3, Informative)
Thus no need to use MSIE at all.
Really a problem? (Score:5, Funny)
He has also been referring to himself in the third person since earlier this morning.
Re:Really a problem? (Score:4, Insightful)
Re:Really a problem? (Score:5, Informative)
More information here:
http://support.microsoft.com/?kbid=890830 [microsoft.com]
Sorry "Tears for Fear"... (Score:3, Funny)
Push,
Push it all out...
These are things that they've been waiting for
Come on
It's updating your PCs
Come on
[choirs]
In monopolistic times
You shouldn't have to ruin your PC
In blue and white
They really really ought to know
Those one track minds
That took you for a working end-user
Kiss them goodbye
You shouldn't have to jump for joy
You shouldn't have to
[choirs 2X]
They gave you Windows
And in return
you gave them them hell
As cold as ice
I hope we live to
tell the tale
I hope we live to
[choirs 2X]
[rift]
[choirs 2X]
And when you've taken down your guard
If they could change your mind
Hackers really love to BSOD your PC
Hackers really love to
[choirs 2X]
[rift]
[choirs 2X]
They will push it. (Score:4, Insightful)
Okay... on a more serious note, I actually (don't flame me) like Windows XP. It is incredibly stable on my PC. But it is Microsoft style to push their products onto users my force. So my bets are on MS putting this out as a critical security updates.
I'll give 2 to 1 odds. Who's placing a bet??
Re:They will push it. (Score:3, Informative)
"IE 7 will be delivered in the fourth quarter as a "high priority" update via Automatic Updates in Windows XP"
not a critical one at all. Also, apparently it will pop up a dialog instead telling the user how great IE7 is and asking if they want to install it. Of course people will, as we all blindly upgrade to the latest version all the time without thinking.
Re:They will push it. (Score:3, Informative)
Of course microsoft is labeling this as critical, which is just plain stupid... no matter how many bugs from IE6 are fixed.
Good... (Score:5, Insightful)
I for one welcome this. IE6 sucks. Badly.
IE7 has a few problems, but the faster IE6 dies, the better.
This and as a web developer, I hope the bugs associated with pushing this app out will create a bad user experience and force developers that rely on hacks and nonstandard practices to get screwed over. I've had several sites I use not work with IE7 and the simplest has been because their simple javascript that detects IE versions tells me I need to use IE5.5 or greater. I've had others not work with the activeX controls because of new security models (or so I imagine).
The sooner developers move towards standards the better. IE7 is a good push towards this goal, and having it pushed out buggy and forcing developers to address the idiotic IE Only Features is just another milestone on this route.
Re:Good... (Score:4, Interesting)
Re:Good... (Score:3, Insightful)
Obligatory.... (Score:3, Funny)
<SARCASM>
Seriously? Microsoft software can be buggy?
</SARCASM>
How wonderful for the dialup users (Score:4, Informative)
(no, it probably won't be _that _ big)
(ie 6 _was_ 75 or so.. yay for bloat)
Do it the simple way (Score:5, Funny)
What's the problem? (Score:5, Insightful)
As for the ecommerce sites being broken, it's not like they haven't had time to check to make sure their sites work in the new version. When the first beta came out, even I checked to see if there were any problems with my sites. I didn't fix them straight away, but I made sure to note down where the issues were for later repair.
Re:What's the problem? (Score:3, Interesting)
Now I appreciate security improvements more than most, even in MS software. However, no one ever remembers the things that SP2 broke. Trust me--in order to use any software six months from now, IE7 will be required, so this whole "it's an option" thing is specious in the extreme.
That said, if it can usher in a new world of working CSS and consistent
How Ironic (Score:5, Informative)
Ironic that I received that message as I was reading this story, and about to post that automatic update will only download IE7, but will give the users a choice of whether or not to install it. Kind of like the message I just received for Firefox.
Bandwidth is really the only issue with this release method, but not so much for a single user. Businesses who would be affected by the download can install the IE7 Update Blocker Toolkit to prevent even the download.
This really isn't that big of a deal.
Makes sense (Score:5, Insightful)
It makes sense. IE6 is obviously a critical security vulnerability, and apparently it can't be fixed without IE7 (I doubt IE7 will actually "fix" the problem, but it'd be pretty hard to make the situation any worse at this point).
The sooner *any* versions of MSIE go away (even if they're only replaced with new versions), the better, IMHO.
What is the issue? (Score:4, Insightful)
If sites are not using W3C standards for development then they should know that they can't expect compatibility with browser updates.
Blame the web developers.
An update to Internet Explorer is critical for security reasons and shouldn't be delayed because some developers are idiots.
The same issue occured with XP SP2. Idiot developers using non-standard APIs had issues in their software.
instructions (Score:5, Funny)
msi http://microsoft.com/xp [microsoft.com] ie6 main
and replace it with this:
msi http://microsoft.com/xp [microsoft.com] ie7 main
in your c:/etc/apt/sources.list file. then do:
apt-get update
apt-get upgrade
No Worries (Score:4, Funny)
I see this as a good thing, honestly. (Score:3, Insightful)
I suppose it's that bias against Microsoft in general that makes this a bad thing.
Calm down - Blocking and uninstall possible (Score:4, Informative)
Calm down. It is easy to succumb to media hype and not look deeper. But if you do, you'll find that administrators have options available to them and so do users.
1) IE7 Blocker Toolkit - non-expiring toolkit will assist admistrators through Group Policy or script to set registry to prevent automatic update to IE7:
http://www.microsoft.com/downloads/details.aspx?F
2) Admins who have Windows Server Update Services (WSUS) deployed already has control over what is pushed to the corporate desktop
3) Users individually have the ability to decline the install
I have also heard that users can uninstall IE7 from add/remove programs, this will revert the user back to IE6.
Thank you (Score:4, Interesting)
The three biggest generalized statements I've read so far involve functionality, it's an abuse of a monopoly, and get firefox.
[Functionality]
IE7 runs better than IE6. The only sites that would be affected would be those sites that resort to explicitly stating that they only run in IE6 and those sites can fix that problem very, very easily. This leads directly into firefox.
["Get Firefox"]
How many sites have you used that don't work in firefox? Let's call those number of sites, X. It's a pretty logical assumption that internet explorer's replacement would have a higher probability of working with IE6 sites than firefox. It would be logical to say that ie's X value is less than firefox's X.
[Abuse of a monopoly]
Come on! Why is it that when Microsoft tries to fix a problem with an upgrade that they the monopoly arguement comes along? Someone else brought up the example of how tightly integrated Safari is in OSX. But if Microsoft wants to reduce the number of unsecured machines; it's a monopolistic move. Sometimes it seems that if MS ever released a free "Office lite" to compete with a product like iLife that we would have people screaming bloody murder. Wordpad is not acceptable. And for those saying that they went through a lot of trouble of uninstalling IE6 and being forced to upgrade to IE7. IE6 was uninstalled, how would it upgrade an uninstalled component? And then install itself, activate itself, and make it the default? All without any input.
The only thing I see wrong with this is the burden it would put on dial-up users. But this is microsoft so I would expect them to at least offer to purchase a cd containing the update. Or having the CD option with SP3 and making it mandatory then.
Re:Thank you (Score:3, Insightful)
This is simply not true. Pretty much EVERY site built these days using XHTML 1.1 and CSS2 has to include hacks for IE6. That's the long and short of web development these days. A number of these hacks are going to break in IE7, and that means a HUGE number of sites are going to have to be tweaked to ru
Genuine Advantage Rears It's Head Again (Score:5, Insightful)
As it turns out Microsoft isn't that benevolent. You run smack dab into a check to see whether or not you've installed Windows Genuine Advantage. I haven't. My copy of XP is perfectly legal and has never touched another computer. But I still am not comfortable with my computer calling Microsoft every day telling them what a happy customer I am, so I have no intention on installing it in the near future. Call me paranoid, but any software from Microsoft that will be doing any sort of hidden connection and any sort of transmission of data that I'm not allowed to monitor or check on crosses a boundary for me. Today it's that my copy of Windows is legal. Tomorrow it's what my favorite websites are. The day after that it's what DVDs I stick in my hard drive. But we've all heard this rant, so I'll just move on.
I hope somebody brings this up within the tech community or in the blogosphere. It doesn't seem kosher to have to install spyware in order to get my legal copy of Windows to behave like I'd like it to. Oh well, time to go buy a MacBook Pro.
Link:http://www.microsoft.com/downloads/details.a
We can call it good and we can call it bad... (Score:5, Insightful)
Good
Security is much higher than IE6
IE7 supports CSS and XHTML 100 times better than IE6 so sites can start using them
Too many people still use IE6, and IE7 is better than sticking with IE6
Bad
Sites that use some of the 'old' IE6 hacks to make stuff work, will break
--- Actually, that might be a good thing
Companies that have used 'old' IE standards instead of moving forward with
compliance like XHTMl and CSS will face problems if their work arounds
Assume that IE7 is just like IE6. So some web sites need to be testing for
IE7 Now.
I think the good does out weigh the bad, as it will push users that are still using IE6 to get a more standards compliant browser. And it might even educate some of them, so they understand their browser has changed and explore other browsers as well. It will probably help Firefox downloads even.
The other thing this article seems to miss is that IE7 'will be forced' on users in Vista as well, so this will be good for Web Sites to get ready for the Vista Launch, because Vista simply does not do IE6. (And IE7 in Vista is like the stupid cousin, as it runs in protected mode on Vista, several levels below the user's own security even.)
MS has made a lot of big press about IE7, has supplied what it does and doesn't do to developers and beta testers for a long time now, and any reasonable web site administrator or developer should already be ensuring that their sites doesn't assume IE7 is as stupida s IE6 and make things fail.
It would be different if the IE7 list of supported standards, and testing of the Browser itself was not widescale. It has been available almost a full year before its release date, and if that is not enough time for web sites to rip out the crap IE6 kludge code, then maybe this will be a wake up call for them to do so.
MS fek'd up bad with IE6 and I still don't like that IE7 still maintains some backward compatibility for the IE tags, (hence why it won't pass the ACID2 test), but IE7 is the first push from Microsoft to support standards that are not only MS standards, and if anything we should welcome Microsoft and keep encouraging to do the right thing. (It might actually work.)
So in the end, we can start using more advanced CSS and XHTML concepts in the next year without having separate coding to make it display properly in IE6. We can also just send the users to Firefox or the IE7 download site and finally write sites like we should have been doing for a while now but couldn't because of the widespread use of IE6.
Re:We can call it good and we can call it bad... (Score:3, Interesting)
Internet Explorer 7 hasn't got any support for XHTML whatsoever. You are still stuck having to pretend that your XHTML is actually HTML for Internet Explorer to do anything with it.
The CSS improvements are marginal. They've fixed a lot of bugs, but the new functionality is very sparse, it's just selectors I think. The rest of CSS 2 remains unimplemented.
Re:We can call it good and we can call it bad... (Score:5, Informative)
You are very misinformed.
I quote from the Internet Explorer developers' weblog [msdn.com]:
No version of Internet Explorer supports XHTML. If you label XHTML as text/html, Internet Explorer will render it because it thinks it's HTML. There's a problem that XML prologs cause because of this, so they implemented a special-case workaround.
All of this is very well known to web developers, I suggest you actually ask your developers about this if you don't believe me.
XHTML is being treated as a buzzword these days. The document included in that video included a <meta> element that claimed the media type was text/html. This is not XHTML being parsed as XHTML. It's XHTML pretending to be HTML and being parsed as HTML - which is the only way in which any version of Internet Explorer can understand XHTML as it doesn't support XHTML.
In every way in which XHTML differs from HTML, Internet Explorer follows the HTML rules. If you disagree, please give examples. If you don't disagree, please explain how that means that Internet Explorer supports XHTML rather than "pretend XHTML".
Are you seriously making assumptions about what Internet Explorer supports by trying to spot implications from marketing material for a tangentially related product by the same company?
I'm sorry, but this simply isn't the case. Have you looked at the Acid2 test at all? The problems Internet Explorer has with it are either parsing problems or outright lack of support for various features of CSS and HTML. Internet Explorer's support for non-standard CSS extensions are not a factor.
You can argue that people should upgrade all you like, it makes no difference as to whether they actually do it or not. I'm saying that lots of people don't upgrade for years. Telling me that they should is completely irrelevant. It's not up to me whether they upgrade.
suprised (Score:3, Informative)
thing is, soon i'm going to have to start maintaining 2 extra stylesheets included by conditional comments for every website
TFA Makes No Menton of Breaking Commerce (Score:3, Insightful)
The implication from the summary is that IE7 breaks online shopping, but gives absolutely NO evidence towards this.
And even if there were an issue with certain sites, they've got MONTHS to fix it before the big shopping season. Is that not enough notice? Maybe Microsoft should just hold the update until January, or would that affect Valentine's Day websites? They could it 'till March but what about all the April Fool's websites that might break?
This is a great example of the OSS world using FUD to slam Microsoft, while they complain about the FUD that Microsoft spreads.
If its serious they should take it seriously (Score:3, Insightful)
Beta versions have been out for a while now. Even IF the application worked so differently then previous versions that it would affect your site your:
a) Making a website that hardly works on any browser (including old versions of IE)
b) Not taking your job seriously. If your job is to manage this sites that will be affected by a new browser version you should have all ready started your testing a year ago.
c) If you are not capable of a and b then I'm willing to bet your site has more serious problems to worry about then the 5 people a week that go to your site to begin with.
The W3Schools suggest otherwise (Score:3, Interesting)
Obviously they fear that people wouldn't want to download it themselves.
The W3Schools stats suggest otherwise:
July IE 7 1.9% Opera 1.4% Browser Statistics [w3schools.com]
The only movement I see is from IE6 to IE7. The "alternative" browsers stand pretty much where they did last November.
Re:The W3Schools suggest otherwise (Score:3, Informative)
Those statistics are essentially meaningless, because they are based on a verifiably bad sample. This fact is even stated on the page you pointed to.
The choice of default browser is unaffected (Score:5, Informative)
Secondly, even if you don't install the blocker, and the user does elect to install IE7 (after downloading IE7, Windows Update presents the options "Install", "Don't Install", "Ask me later" (if you select "Don't Install", you're never asked again, even for future security updates)), IE7 will not be installed as the default browser, unless an older IE was already the default browser.
From the IE blog [msdn.com]: "If you decide to install IE7, it will preserve your current toolbars, home page, search settings, and favorites and installing will not change your choice of default browser. You will also be able to roll back to IE6 at any point by using Add/Remove Programs in the Control Panel."
Re:How is this NOT in violation of Antitrust? (Score:3, Interesting)
Regarding your Safari comment, are you referring to Apple not releasing Safari 2.x as a separate download for pre-10.4 folks? I'm certain the reason for that has nothing to do with it being "[bolted] into OSX so bad that in order to update Safari you need to update your entire OS." They simply decided to have version 2 of Safa
Re:How is this NOT in violation of Antitrust? (Score:3, Interesting)
MS makes an OS for a generic range of x86 PCs. Many different operating systems can run on these PCs, though the courts found that MS had a monopoly on the PC OS market. That in itself is not a bad thing. However, MS tried to use the monopoly it had in the OS market to force a competitor out of the browser market. That is where MS went wrong: trying to use the monopoly they had in one sphere to influence choice in another (manufacturers weren't preinstalling Netscape on PCs). MS tr
Re:Backfire (Score:5, Insightful)
Oh, it's the "major website admins" who block non-IE browsers, then? I could have sworn that was opnly something 12-year-olds, and deluded MS fanbois do.
Re:Try this. (Score:3, Interesting)
However, it does not work out that way. Apparently Microsoft still have some way to go to become standards compliant.
Try my employer's website http://www.uw.nl/ [www.uw.nl] in some different browsers (including MSIE 7) and you'll see the differences (in the CSS-based menu system).