Too little, too late?
I’ll admit that I’m something of a geek when it comes to the browser wars – I will read postings from Internet Explorer software engineers over at the official Microsoft IEBlog (http://blogs.msdn.com/ie/default.aspx) for minutes on end, though it sometimes feels like hours, as for example with the latest bunch of posts about security improvements to Internet Explorer 8. The engineers are promising an improved user interface and faster performance, but what about security? Well, they’ll be replacing the Phishing Filter with a tarted up version and calling it a SmartScreen Filter instead, and oddly enough this will have an improved user interface and faster performance, along with new heuristics and “enhanced telemetry” (so you can fire missiles at other applications?). Hang on, I may be getting my words mixed: telemetry appears to mean remote measurement and reporting of information of interest to the system operator or designer. Glad that’s clear.
The SmartScreen Filter will also get, we’re promised, anti-malware support to go with its new and improved name. AN Other software engineer gets all misty eyed talking about the Cross Site Scripting (XSS) filter he’s working on for IE8. This is, he says, an “heuristic-based mitigation that sanitises injected scripts”. I feel better already. Actually, putting my serious hat on for as long as I can bear, this is a good thing: it acts as an IE8 component that’s visible to all requests and responses that flow through the browser and should help clear up the ongoing XSS problem that exists today.
But there’s still one big problem with Internet Explorer that will remain even after IE8 is released, namely that it isn’t Firefox. Firefox 3 has, as I’m sure you’ll all have heard by now, set a world record for most software downloads in a day (a record that didn’t exist before some marketing bunny came up with this jolly good wheeze). Firefox hit 8,002,530 downloads, which is impressive but meaningless in the overall scheme of things, and I’m starting to think the same about the market share enjoyed by Internet Explorer. It may well have 73.01% of the market to Firefox’s 19.03% (www.pcpro.co.uk/links/169online1) but that doesn’t make it the better browser, it just shows how lazy and uninformed most internet users are. Why should they bother to download and install a different browser when the one that came with their computer works perfectly well? The no-nonsense answer is that the one that came with their computer doesn’t work perfectly well but is in fact deeply broken. Or to be more precise, it’s deeply unsafe. In fact, to get to the point, it’s the least safe choice compared with Firefox, Opera and Safari, because more people fail to keep it patched and up to date.
Look at the research (such as the most recent by a combination of Google, IBM and Communications System Group) and you’ll discover that 83% of Firefox users are using a fully up-to-date and securely patched browser, 63.3% of Safari users and 56.1% of Opera users, but when it comes to Internet Explorer, specifically IE7, only 47.6% of users are fully patched. And that, dear reader, is bad news for Microsoft but even worse news for the rest of the internet-using public, because it’s we who have to put up with the consequences of more people being infected with malware, more computers being “pwned” and hence more spam heading our way.
Take this browser to Cuba