Dave Massy's Blog

# re: More secure @ Tuesday, March 22, 2005 5:18 PM

I don't understand what people mean when they "IE is part of the OS". Isn't it just that the rendering part IE is an OLE component, which means things like Windows Explorer can embed an IE view in it's main window?

To me, "part of the OS" would mean it has bits running in kernel mode (so a driver would be "part of the OS" by that definition, but Microsoft Word would not be). Now, correct me if I'm wrong here, but I'd be very surprised if any of the code considered to be "Internet Explorer" ran in anything but user-land or even with privileges more elevated than the user running it.

Perhaps when they say "part of the OS" they mean "ships with the OS" but notepad.exe ships with the OS, so is Notepad "part of the OS" as well? And is notepad any less secure because it ships with the OS?

Dean Harding

# re: More secure @ Tuesday, March 22, 2005 5:28 PM

End result matters. Given that Microsoft is a professional organization
a) without any constraints whatsoever (funding, brillant software engineers, brilliant security experts etc.)
b) developing software for money (significant money)
c) having very thorough and stringent security reviews in your own words, we must not see any grave security bugs in Windows and IE at all. So why do we see so many of them?

I am not wanting to start a flamewar but I guess Microsoft should analyze and answer this question. Why so many repeated security related failures? Fix is fine but I can't imagine how things such as IE and IIS can have a security hole - before a fix someone might lose millions. You can't afford to fail when people are trusting million dollar businesses on your software and are paying for it dearly.

DoesntMatter

# re: More secure @ Tuesday, March 22, 2005 5:54 PM

DoesntMatter:

No one is ready to pay what really bug-free code would cost. We accept a few bugs. Please note that we even accept some airplane crashes (not to mention car accidents), but, naturally, different industries and software components pose different levels of "reasonable" bug count. A non-security bug resulting in a resource leak in IE would, in my mind, for example be more acceptable than an adverse remote-code-execution hole.

CN

# re: More secure @ Tuesday, March 22, 2005 6:06 PM

Be careful when you say "no one". Some folks with mission critical applications ARE willing to pay for that kind of reliability. Take for example:

- NASA
- The Big Three
- Medical applications: especially if the result of failure would be death.

That being said, your general point is true that most of us are willing to trade cost for reliability (look at the huge number of no name brand electronics as a example).

Eric W

# re: More secure @ Tuesday, March 22, 2005 6:33 PM

One thing that would be nice at some level would be to have an interface to which programmers could develop browser components. Then a user can use their chosen brower to display content for which a browser component is necessary.

This would do two things: it would remove part of the IE is part of the OS claims and it would encourage a more standardized markup to be sent to the browser component.

Part of this interface should have the application request certain technologies of the browsing component and Windows would pick the most preferred component matching those technologies.

That way, stuff that is using Microsoft-proprietary VML could be easily accomidated unless IE was somehow removed.

Brant Gurganus

# re: More secure @ Tuesday, March 22, 2005 11:17 PM

I've watched enough master thief romantic thrillers, where the 'hero' pulls of a 'heroic heist' to know this: man is a creative being and that's the only bug in the house.

If you really can't break into it, somehow, it's pure fíction, together with the timemachine and perpeetum mobile.

I think we underestimate the brilliance of the human mind if we truly belive that we'd ever create a completely secure software.
It's the enviroment that is the problem.

I live on the countryside, and even though it might sound like romantic drivel, we can actually leave the door open for days in a row, and return to a house where everything is still there.

The overall atmosphere and the IT-culture of today, is the real problem.

Of course, bugs needs to be fixed and holes need to be plugged, but simultainiously with that, politicians and the like need to help building an atmosphere where you dont always have to lock down the door.

This is a general problem today, and we need to adress it across the board, from personal safety to technical security.

Our best tool is the one it has always been, that man is also a morally aware being.

We need to make it very clear - that it's just plain wrong to break into systems - it's not romantic, not heroic, not cool - but just plain wrong.
It's no better than being a petty thief and it only contributes to an overall sense of insecurity that none of us really wants.

Mikael Bergkvist

# re: More secure @ Wednesday, March 23, 2005 5:45 AM

Trading cost for "reliability" might be fine not cost for "security" since then security will most certainly change the cost side of the equation. IE crash on one_obscure_site - OK. IE leaking user id and password on bank.com - NOT AT ALL OK.

And CN - Microsoft already charges hefty enough to be able to provide security hole free software. People develop free software with far better security reputation than Microsoft. It's just plain sloppyness which drives up the holes.

Mikael Bergkvist - I envy you that you are still able to dream for such a better place that I doubt world will ever be - It's deterioration everywhere.

DoesntMatter

# re: More secure @ Wednesday, March 23, 2005 9:39 AM

I would agree there are some loopholes on both sides of the arguement, but recent reports do show IE lagging further in their security over the past year than firefox did:
http://www.greatreporter.com/modules.php?name=News&file=article&sid=362

We all are aware of the weaknesses in IE, why are we even defending it other than PR purposes?

Brady J. Frey

# re: More secure @ Wednesday, March 23, 2005 10:41 PM

Brant: The problem with potentially allowing a third-party component to replace the various IE components is that Microsoft is ultimately responsible for supporting and maintaining the operating system. If something goes wrong--the browser (or parts of the OS or other 3rd party apps that use the browser) starts crashing, who will the end user blame? Microsoft. For example, just look at how people blame MS for blue screens of death when the vast majority of them are caused by 3rd party drivers.

Also, if Microsoft were to enable all these hooks for third parties to replace parts of the OS, that severely limits their ability to maintain the code. They can't make changes to the browser infrastructure without verifying that all of the third party components continue to work. Otherwise, people will blame MS. "I just downloaded a security patch and now I can't even open IE!" some users would say.

In addition, what's next after swapping in your own browser? Replacing the MSXML parser? Replacing the text box control? This would open pandora's box and result in a bigger mess than we have today.

That said, I do have to take issue with some of the stuff that Dave said in his post about APIs. I've been doing shell/IE related programming for many years, and have always been interested in the integration between the two. The documentation leaves a lot to be desired: there are many functions that are still undocumented, even after the huge number that were documented as part of the DOJ settlement. (see http://members.ozemail.com.au/~geoffch/samples/win32/shell/) And, most of these functions are documented in such a bare bones fashion that makes them virtually unusable. So, I would say that there's still work to be done there.

On a related note... the releasing of Avalon to Windows XP raises some questions. It would surely qualify as "middleware" under the settlement, and I hope that any additional APIs that it uses are documented as well. (That is, anyone today should be able to write their own equivalent of Avalon for XP using the existing documentation that is out there.)

Jonathan

# Let me explain, Dave @ Thursday, March 24, 2005 6:50 AM

"Now I'm pretty confident that Mitchell doesn't actually know the details of how IE is developed so I don't fully understand the basis of the statement."

The basis of the statement is:

(1) That Microsoft itself argued in a court of law that IE was embedded in the operating system.

(2) That many Windows apps, such as Explorer and the Help System, use the guts of IE to render content.

This is why people say IE is in the operating system. Because IT IS. No, not from a "I'm a kernel hacking geek" point of view, but from a practical one.

And why does this matter in terms of security? Because when IE gets hacked, it means all those programs that make up the OS environment are now vulnerable, and in many cases, now present new vectors for the attack, and more importantly, hacking IE can present a person with many channels into core OS programs.

This does not happen with Firefox. If you find an exploit in Firefox, you have exploited Firefox.

Thomas

# Pure PR bullshit. @ Thursday, March 24, 2005 6:56 AM

"As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack."

This is not meant to be read by geeks, it's for PHBs. Either that or I'll have some of what you're smoking.

Justin.

Justin

# Text Boxes @ Thursday, March 24, 2005 7:02 AM

Actually, replacing the text box is something I would KILL for. I use Emacs and have for 20ish years, and Windows-standard shortcuts simply never make any sense to my fingers.

When I worked on the Amiga OS, one of the things I did was design an interface to allow users to replace the command-line shell, and document it in AmigaMail to developers. (Partly because I wanted a more powerful unix-like one myself.) If (most) everything is a library/COM/OLE/whatever object WITH DOCUMENTED INTERFACES, then you can replace things without negative impacts. (Modulo bugs of course.)

Does this open up possible issues? Sure. Is this really the "here be dragons" evil mentioned above? No, not really.

Randell Jesup

# re: More secure @ Thursday, March 24, 2005 7:01 AM

> If we are to debate security of browsers then let's bring in relevant arguments and accurate details

Like the fact that Microsoft made the bad decision years ago to allow remote site operators to post ActiveX controls as part of their websites which would cause the browser to run unknown code?

chet

# re: More secure @ Thursday, March 24, 2005 7:02 AM

NASA is willing to pay for absolute zero bugs?

Funny, because when I think of 'people that write software that costs billions every time it crashes', NASA tops my list.

cosinezero

# re: More secure @ Thursday, March 24, 2005 7:08 AM

"This is not the case as any software has access to the same set of OS APIs and can therefore expose the same set of OS functionality as IE."

Let me get this straight, because other software can expose your system, it is OK for IE to do it?

lbm

# very thorough, stringent security reviews @ Thursday, March 24, 2005 7:03 AM

>>As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack.


And how do you think those are working out? Pretty well? Perhaps those reviews just started happening in 2005?

Rob Davis

# re: More secure @ Thursday, March 24, 2005 7:08 AM

Misspelled functionality "funcitonality" in your original post. Maybe it's time to bring Office spell checking "funcitonality" into IE...?

Da Man

# Operating System funcitonality @ Thursday, March 24, 2005 7:05 AM

You had me going for a bit.

xxx

# re: More secure @ Thursday, March 24, 2005 7:05 AM

So I guess we'll just have to take your word on it, since Microsoft won't release the source code. You COULD be lying about everything, we don't know. The Closed-Source model is what is hurting Microsoft.

CypherXero

# re: More secure @ Thursday, March 24, 2005 7:05 AM

Thomas: My thoughts exactly! Even if an alternative browser is compromised, because it is not bound to the OS (as microsoft freely admitted in a court of law, under penalty of perjury) you've only managed to exploit the browser.

Now the standard response from microsoft will be, but you can then execute arbitrary code and exploit the entire system. While that may be possible, the likelihood of a third party app, that doesn't rely on core OS functionality to render a web page, allowing the OS to be compromised is highly improbable.

Dave: If you have the time, and are in a position to speak further about this issue, I'd love to hear your thoughts on how IE does not create more problems than it solves by being so tightly integrated to the OS?

Eric W - 2

# you missed the point @ Thursday, March 24, 2005 7:07 AM

>The security of any browser is irrelevant to if it is part of the operating system.

With IE there are many more ways for me to take over the full machine because the browser is sprinkled throughout the OS. With Firefox, I get less of a payoff for the time I spend hacking.

Ben Archibald

# re: More secure @ Thursday, March 24, 2005 7:14 AM

You could convince me that IE is just an application if I could uninstall it like any application. BTW, I would love to be able to uninstall it like any application. Can I have this?

During the Netscape wars, you wanted every desktop to have a big blue 'E' on it so you embedded it in all kinds of loop ways (with painful results) and told the DoJ it was a core feature of the OS. What's with the short-term memory?

Jim Storch

# OSS vs closed product @ Thursday, March 24, 2005 7:09 AM

> Now I'm pretty confident that Mitchell doesn't actually know the details of how IE is developed so I don't fully understand the basis of the statement.

True... where's IE source code? Ah, Mozilla is OSS and you *can see* its code to verify his claims, but we cannot see IE source code to verify your words.

Do you believe? :(

Juanjo

# re: More secure @ Thursday, March 24, 2005 7:17 AM

I know you work for Microsoft, so it must be wilfull ignorance you are posting here. ActiveX, VBScript and so on, have proved over time to be security holes large enough to drive several trucks through. I wish Microsoft was more like Apple, that looks at their OS and says 'Hmm, better throw it all out, and start over.' - their new OSX is fabulous, ive been using windows since v3.11 till this winter where i got my first very own apple machine, they take all these great open components like KHTML, H.264, BSD and builds wonderful things with them, in a short amount of time.

But Microsoft seems to think "if it wasent made my microsoft, we dont know it exists" -- talk about reality distortion field? You could even take the Gecko engine and embed it into the next version of IE and have instantly the same features as Firefoxs rendering engine, free of charge! its tri-licensed, im sure one of the fits microsoft strategy.

But no, it would be better to just have IE crushing standards all over again? The web is alot bigger than Microsoft. Remember that.

Jamie

# re: More secure @ Thursday, March 24, 2005 7:18 AM

I'm impressed, this is the most W3C-compilant page that has anything to do with MS I have ever seen, only 18 errors in the HTML markup. As for the article, "the security of any browser is irrelevant to if it is part of the operating system." is obviously very little throught-through. Anything that is integrated into anything can obviously interact with that, something a stand-alone program obviously can not. See?

xiando

# re: More secure @ Thursday, March 24, 2005 7:19 AM

I'd be curious what you blame all of IE's security problems on then. IE's had some nasty vulnerabilites in the past which have resulted in quite a few problems for IE users.

Is the Security team testing releases just really untrained and lacking?

Are programmers just sloppy?

What is the major fault that resulted in the wealth of problems? Why would someone think that a technology such as ActiveX wouldn't result in abuse? Didn't that raise a flag right away (if not, I'd love to know why, and if so, I'd love to know why it remained).

Robert Accettura

# re: More secure @ Thursday, March 24, 2005 7:15 AM

Dave Massey said, "This is not the case as any software has access to the same set of OS APIs and can therefore expose the same set of OS functionality as IE."

Microsoft keeps most of these API's and protocols secure from other software devlopers so that MS software runs better on Windows than their competitors. This is one of the ways MS continues to maintain their monopoly and attempts to keep it "secure". When bugs are found for it then they are exploited with disasterous results. Since Dave works for MS, then yes, he has access to the API's and protocols, but not everyone else. Though his statement that any software has access to the same set of API's is true, if you dont work for M$, then good luck getting full access to them. Even with a governments court ordered mandate that the API's and protocols be opened up, MS still has yet to do it freely.

Jack Webb

# re: Please get your story straight @ Thursday, March 24, 2005 7:21 AM

During the Microsoft anti-trust trial, the court was told over and over again that IE was part of the operating system and couldn’t be removed. Now we have a MS employee stating that IE isn’t part of the operating system. Which is it?? I’m amazed that everyone at MS isn’t on the same page on this, or was it just another example of MS lying in court?

Todd

# re: More secure @ Thursday, March 24, 2005 7:21 AM

"As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack."

We? Who is we? A room full of monkeys? IE is NOT secure - the proof is in the attacks and exploits that are publically announced and that we all suffer.

Mozilla is also not secure but I trust it a hell of a lot more than IE.

IE is NOT in the operating system. It's a separate product that they turned into a "technology" so they could resume their browser monopoly. It's like saying that the Mozilla rendering engine is part of the OS because it's in a shared library which is available to all applications, and uses OS calls.

IE is a separate product - Microsoft even agree with me on that, as they let you download IE as a separate named download called "Internet Explorer".

Microsoft are just trying to pull the wool over peoples' eyes. Some fall for it, some don't.

I use Linux - Microsoft will never get another cent from me again.

Mike

# re: More secure @ Thursday, March 24, 2005 7:18 AM

So what's the difference? One word - ActiveX.

Scott

# re: More secure @ Thursday, March 24, 2005 7:19 AM

"As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack."

The word "not" needs to be three words earlier.

Anuda Man

# re: More secure @ Thursday, March 24, 2005 7:19 AM

No one is ready to pay what really bug-free code would cost

dont be so sure on that ms makes buggy code. i guess they allways have. pretty sad when a websight can highjack a browser or spyware can be installed or a vrii just by going to a web sight.i switched over to mac and on the wifes comp we are switching over to linux when i get a chance to download mandrake linux. i for one am not willing to put up with the buggy code ms puts out. seems funny that theres no viruses on linux but thounds on the win platform and i dont belive that its because theres more windows computers out there i belive that its because of the buggy code ms writes

unhappy with ms

# re: More secure @ Thursday, March 24, 2005 7:19 AM

Mozilla Firefox SO FAR is more secure from what i can tell. dont be dissin the Firefox OR te linux, both more secure and stable than their Microsoft counterparts.

Tucker

# re: More secure @ Thursday, March 24, 2005 7:20 AM

Yeah? It's not part of the operating system, ugh? Then tell me how to remove IE entirely from my system???

Joro

# re: More secure @ Thursday, March 24, 2005 7:20 AM

Given that the author is a representative of Microsoft, and that this is a public blog trying to extol the virtues of Microsoft's code review process I would have expected the author to spell check the text before publishing it.

"Oh we perform stringent checks of our code but I can't spell check or proof this document"

Doesn't read too well does it? If this is comparable to a short section of code then we can safely expect similar errors in the code base. Too lazy to check now too lazy to check at work.

Sloppy.

Soops

# re: More secure @ Thursday, March 24, 2005 7:21 AM

I just knew I'd been slashdotted when I received 10 comments in less than ten minutes :-)

I do encourage people to read what I wrote.
"I'd love to hear your thoughts on how IE does not create more problems than it solves by being so tightly integrated to the OS?"
I don't know what you mean by tightly integrated, it's not a term that I believe we've used. IE components ship as part of the Operating system so that other part of windows and other applciaitons can make use of that rich functionality. The benefits there are fairly clear, an application can incorporate rich HTML rendering as part of their user interface and benefit from any updates made available through Windows update.

Thanks
-Dave

Dave Massy

# re: More secure @ Thursday, March 24, 2005 7:21 AM

"As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack."

Pssst. Your process is broken. It doesn't work.

Tom

# re: More secure @ Thursday, March 24, 2005 7:26 AM

"we go through very thorough and stringent security reviews". Security reviews? Last time I checked IE has had the more problems with security compared to firefox. Long live firefox!

phil

# re: More secure @ Thursday, March 24, 2005 7:22 AM

You use some very nice word play. Doublespeak, I beleve it's called.

Of course IE uses standard Windows calls, but then again, Windows also makes calls to IE functions. Suppose I have Mozilla and IE on my computer, and I wanted to remove both of them from my computer, how long would it take? I would suspect that Mozilla's uninstall would take less than a minute. What about IE? Is it even possible? So you are still saying that it's not part of the operating system?

Also Firefox at least has a very nice safeguard against security flaws: $500 if you report a security issue. This means that, unlike with IE where google will turn up links to exploits for "IE Exploits", unless you keep your new found exploit secret, someone'll cash in on it and it'll get fixed.

Martin

# re: More secure @ Thursday, March 24, 2005 7:23 AM

Hmmm. So what part of the Windows Operating System is Internet Explorer for MacOS? This "bundling" arguement is as flaky as the "market share increases attacks." FUD.

You know what I want to see with IE 7.0? You freaking HTML rendering engine *not* running as Kernel service.

Acidus

# Architectural weakness @ Thursday, March 24, 2005 7:29 AM

>If something goes wrong--the browser (or parts
>of the OS or other 3rd party apps that use the
>browser) starts crashing, who will the end user
>blame? Microsoft. For example, just look at how
>people blame MS for blue screens of death when >the vast majority of them are caused by 3rd >party drivers.

MS architected their system in such a way that allows device drivers to take down the entire system. I also well remember the decision in NT4 to run video drivers in the kernel space to improve performance - and incidentally make the system much less stable.

So yes, given that PC architecture always comprises a set of diverse hardware compoments that *require* a diverse array of third party drivers to function at all, and MS Windows has always only worked on the PC architecture, I'd say it's quite reasonable to blame MS when their OS is not stable or secure due to fundamental architectural weaknesses.

Matt Palmer

# re: More secure @ Thursday, March 24, 2005 7:25 AM

"You know what I want to see with IE 7.0? You freaking HTML rendering engine *not* running as Kernel service."

I don't know who told you IE runs in the kernel. It doesn't and never has.
Thanks
-Dave

Dave Massy

# Spelling @ Thursday, March 24, 2005 7:30 AM

"Update - Fixed the typo. Thanks for the feedback. I didn't have http://www.iespell.com installed on teh machine I posted from."

Was the "teh" an intentional pun? :-)

Chris

# re: More secure @ Thursday, March 24, 2005 7:36 AM

unhappy with ms said:<BR><BR><I>pretty sad when a websight can highjack a browser or spyware can be installed or a vrii just by going to a web sight.i switched over to mac and on the wifes comp we are switching over to linux when i get a chance to download mandrake linux.</I><BR><BR>My university has become unhappy with MS too, critically. They've decided to move over to Linux. While talking with one if the enthusiastic techies, she reccomended me Mepis Linux, and hell, it's spread like wild-fire through the whole graphic design department. So check it out at <a href = http://mepis.com>Mepis Linux</a>, it's simply fantastic and has firefox onboard by deafult. It takes about 20mins to install and asks 10 basic questions. My 12year old sister installed it, all drivers detected and ready to go. It's a really good multi-media machine, video/flash/audio all working out of the box!

Susan.M

# re: More secure @ Thursday, March 24, 2005 7:37 AM

Is this a Microsoft employee stating that Microsoft puts its products through "very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack" Can you please then tell me why you end up with this report (http://secunia.com/product/11/) from Secunia? The truth is that you are only focused on one area of Mitchell Baker’s argument. I have an idea, why don’t you explain to the people about those Active X controls that help hackers’ compromise their systems? But you won’t even go close to that subject because you just can’t defend it and you go and take the easy way out. Anther argument that Mitchell failed to delve upon is the fact that Firefox (as well as Safari, Opera and those others in Linux) are all W3C standards compliant browsers but for some reason Microsoft fails to be one. If Microsoft is to be this company that believes in cooperation, it should get on the bandwagon. Don’t waste you blog space babbling on your irrelevancies about how you have had the M$ brain wash and wax special without providing a real argument for continuing to actually use your browser.

Ivan,Firefox Forever

# re: More secure @ Thursday, March 24, 2005 7:33 AM

Why do people say it's part of the operating system? Try opening My Computer or some other folder and typing a URL in the address bar. Wow! Instantly morphed into Internet Explorer. Now uninstall internet explorer and do the same thing again...Wow! Morphed into IE! But, it's not part of the "OS", people confuse that with inextricable part of the software packages.

K.J.

# haaaa @ Thursday, March 24, 2005 7:39 AM

"I don't know what you mean by tightly integrated, it's not a term that I believe we've used. "

Right, the term you used in a court of law was "embedded." Sorry.

Thomas

# re: More secure @ Thursday, March 24, 2005 7:35 AM

If IE isn't part of the OS then try uninstalling IE sometime. Thought not.

Keith Harrelson

# slashdotted @ Thursday, March 24, 2005 7:41 AM

Well you are not slashdoted, I can see your page a write a comment. Slashdoted is used when the page becames unreachable.

Trukichu

# re: More secure @ Thursday, March 24, 2005 7:37 AM

The thing which I have noticed and concerns me is how, once you open a folder, you can go to the path of the folder, type in a URL, and it instantly opens IE and the webpage with absolutely zero lag. I admit I do not know all the details on how IE has been integrated with the OS, however I do gather a sense that IE is still tightly coupled and probably inseparable. With such a close tie in with the OS, I am not surprised that the simplest IE bug/hack can cause havoc on the machine.

By the way, there are several grammatical and spelling errors in the original posting at the top; just a fyi incase you werent thorough enough.

Anonymous Coward

# re: More secure @ Thursday, March 24, 2005 7:38 AM

I find this sort of comic. I seem to recall Bill Gates testifying that the browser *was* part of the OS and *couldn't* be removed. Now, when it turns out that that architecture renders it insecure (and Firefox is eating its lunch), we have the team claiming it's not part of the OS.

enodo

# re: More secure @ Thursday, March 24, 2005 7:39 AM

long live open source

William Gates III

# re: More secure @ Thursday, March 24, 2005 7:39 AM

ouch! no HTML. posted again for a better read ;)

unhappy with ms said:

pretty sad when a websight can highjack a browser or spyware can be installed or a vrii just by going to a web sight.i switched over to mac and on the wifes comp we are switching over to linux when i get a chance to download mandrake linux.

My university has become unhappy with MS too, in fact critically. Service Pack 2 broke about 200 machines and the spyware problem has become unmanageable. They moved to FireFox, or at least reccommended it wherever possible. That helped but then some botnet ended up slowing down the whole network. Anyway, they've decided to move over to Linux (Redhat Fedora actually). However, while talking with one of the enthusiastic techies, she reccomended me Mepis Linux, and hell, it's spread like wild-fire through the whole graphic design department (amongst the students). They can run whatever programs that normally run on Windows (photoshop, macromedia stuff etc).

So check it out at http://mepis.com. This Mepis Linux, it's simply EASY to use and has firefox onboard by default.

It takes about 20mins to install and asks 10 basic questions, all from a running CD - just put it in and reboot. My 12year old sister installed it BY HERSELF!! All drivers detected and ready to go. It's a really good multi-media machine, video/flash/audio all working out of the box!

Susan.M

# re: More secure @ Thursday, March 24, 2005 7:44 AM

First there was the story (the anti trust case) that Internet Explorer was part of the Operating System and couldn’t be separated. Then when the public asked for an updated version of Internet explorer there was a time that it wasn’t possible until the release of a new Windows (Longhorn). IE was too tied in with the OS and updating it would require changes at the OS itself.

Now it’s a 180degree turn. IE7 will be released for an older version of Windows XP and it seems that the claim today is that IE isn’t part of the operating system.

Somewhere you lost me!

silence

# re: More secure @ Thursday, March 24, 2005 7:45 AM

His spelling is almost as bad as IE

_

# re: More secure @ Thursday, March 24, 2005 7:46 AM

"I don't know who told you IE runs in the kernel. It doesn't and never has."

Herrr, IF it's not in KernelLand (don't run in kernel), so it's in Userland ?

But "That Microsoft itself argued in a court of law that IE was embedded in the operating system. ".

so we have an program which is embeded in the operating system and not in kernel ?

GeoVah

# re: More secure @ Thursday, March 24, 2005 7:43 AM

Kernel != GUI

You could seperate IE from windows if some other app was willing to be the windows GUI. But why?

IE is an app that other apps rely on for UI rendering.

You'd think linux & firefox fans had no concept of layered applications, with all these comments about how IE -IS- the OS.

cosinezero

# re: More secure @ Thursday, March 24, 2005 7:43 AM

Martin's comments are correct, and completely negate the point trying to be made in this blog...

Windows was LUCKY that firefox came around...or else to this day every windows PC would still be inundated with horrid virus/spyware issues.

Every computer I see running IE has nothing but problems...Any computer I see that is actively running FIREFOX...well I guess that it just shows a good measure of that user's intelligence. :)

Is it possible that an open source project is out-witting Microsoft's deep pockets?

My 2 Cents

Homan

Homan Towliat

# re: More secure @ Thursday, March 24, 2005 7:44 AM

The distinction between Windows and IE is blurry conceptually, if not technically, because you can just type an URL into the path bar of any open window and suddenly you have a browser in front of you. There is a conceptual illusion that IE is somehow inextricably tied into the operating system. This idea is compacted by the fact that there's no way to go into Add/Remove programs and remove IE. People consider it "part of the OS" and they will until Microsoft sees fit to give users more of a choice as to what components of the operating system they want on thier systems.

Tux

# re: More secure @ Thursday, March 24, 2005 7:49 AM

IE doesn't run in the kernel, but it still runs higher than most apps.

And you can remove IE, but even if you delete all of the files required, if you run the Windows Update EXE, it puts everything back.

Erase:
C:\Windows\System32\dllcache\iexplore.exe
C:\Windows\System32\IEXPLORE.EXE
C:\Program Files\Internet Explorer

And this only removes the IE shell. You can *STILL* use IE through explorer.exe, and there is absolutely no way around this unless you use another desktop shell.

In the OS? Yes. If the desktop shell depends on a web browser, it's in the OS. Sure, it's not a kernel service, a service, or anything of that sort, but the "core Windows functionality" (eg: a GUI) depends on it (Active Desktop, viewing C:\, browsing your music, some taskbar toolbars).

So, in IE, if something does break the sandbox (does IE have one? not sure..), they get the same set of APIs that Windows Explorer uses to view/erase/delete/move files. If you break Firefox's sandbox, you can run stuff as the local user, but typically it's only XUL/XUL apps. The APIs exposed to XUL apps/XPCOM/XUL/JavaScript is not a full set of system calls -- just enough to get the job done (yes, you can delete files, but no, you can't execute arbitrary kernel functions or edit the registry [XPCOM can, but the objects do that themselves; the APIs Mozilla/Firefox expose don't allow it]).

Ziggy

# re: More secure @ Thursday, March 24, 2005 7:51 AM

What, man is the problem. Oh I am sure that security risk POS activeX has nothing to do with it. In reality, IE would be a great browser if it wasn't for ActiveX. Since I have been working in this field professionally, (over 10 years), the biggest problem I continually run into is the pathetically weak security offered to a system from IE. From everything I can tell, this all stems back to that POS ActiveX. All the spyware/malware that exists in the world is all surviving on ActiveX and its completely fundementally flawed design/conception/implementation/existence. Maybe the developers would learn a lot if they took six months off from their job and actually went out into the wild and did support on their monstrosity of a creation. The lessons learned from this, I think would forever change the design team. If they had to sit through all the BS repair time I have dealt with brought on by the anemic security that IE wishes it had. When I moved all my clients off of IE and onto FireFox, I quit have to go and remove 300+ pieces of spyware off of machines once a month. When browsing the internet a few hours a day loads up a PC with so much malware that it becomes unusable, there is a MAJOR problem. But yet, these cheese head programmers that never have to deal with the results of their boss's POOR decisions, people like me are stuck cleaning up their mess daily, instead of being able to spend my time convincing my customers they need to buy new equipment, and new OS's.

bemenaker

# re: More secure @ Thursday, March 24, 2005 7:46 AM

I was wondering why there are so many simplistic and naive posts here. Now I know.

Thanks /.

Now how do I can browse at +5 for a while ;)

Go away /.

# re: More secure @ Thursday, March 24, 2005 7:54 AM

Eric: "the likelihood of a third party app, that doesn't rely on core OS functionality to render a web page, allowing the OS to be compromised is highly improbable"

I don't get it. Maybe I'm out of the loop but I would have sworn even FF requires an OS before it can run. Can you just install FireFox on a freshly formated drive (no OS no nothing) and it runs fine? I don't think so! Every application, including 3-rd party browsers (yes even FF) DO rely on core OS functionality.

Yes, IE is a component (siting on top of the OS) which other components use. But that doesn't make it any more part of the OS than my speakers are part of the OS because my MP3 player needs them to play the music.

I think part of the problem stems from "Windows" now often being used to refer to much more than just the OS. There is now basically Windows the OS, and Windows the OS bundle. As stated above things like NotePad, Calculater, Solitare, and IE are not part of the Windows OS, but are part of the Windows bundle which perhaps causes confusion. Would the strict Windows OS fail if IE was removed? Probably not, but Windows layers of components many other items in the Windows bundle probably would.

Should these things be more losely coupled? Strictly speaking, yes. From an architecture stand-point that might be nice. Pragmatically speaking is it possible to not have these dependcies and still give the users what they want (easy full functioning use)? I'm not so sure.

I think FF does some cool stuff and I enjoy it (aside from every "auto-update" being a new full install, and other stupid stuff it does), but mainly because it finally forced IE to reply shortly with features I've been waiting for.

I wish MS was more open and didn't need the FF threat to be forced into action, but I'm getting tired of the F/OSS community (of which I'm part of) tossing out claims without bothering to site references of studies to back them up. The more involved I get with F/OSS the more I see a lot of the "conventional wisedom" about what is better and more secure in fact has no real base in reality, it just that a bunch of zealots have repeated it enough that it must be true.

Goku

# re: More secure @ Thursday, March 24, 2005 7:50 AM

"His spelling is almost as bad as IE"

+1 Funny :P

Sindri

# re: More secure @ Thursday, March 24, 2005 7:51 AM

Dave, you are a stand-up guy for posting this and taking the feedback from both MS and *nix drones. It feels like the whole *nix vs MS is like Rep. vs Demo.

=)

Odium Devonix

# Part of the OS @ Thursday, March 24, 2005 7:52 AM

IE is part of the Windows OS because Bill says so. It can not be removed without breaking the OS and compatibility with other applications.

TeroV

# Microsoft Employee on IE Security @ Thursday, March 24, 2005 9:54 AM

This IE developer disputes claims by Firefox and Mozella about the way IE interacts with the operating system.

Firefox

# re: More secure @ Thursday, March 24, 2005 8:05 AM

Every operating system is vulnerable to malware. Windows just happens to have the largest community of malware authors who consider it a good target.

Why? Because Windows provides more accessible tools for the largely-unskilled developer to produce working applications quickly, and because people are constantly running around blaming Microsoft for everything. So a bunch of stupid people with little skill and less wisdom are saying "I'll show those Microsoft pigs!", and they whip out some basic trojan in five minutes that deletes a bunch of files. Then they send it out in a spam email, victimise a bunch of innocent morons who don't have anything to do with Microsoft, everyone starts whining and crying about security, and these jerks think they've struck a blow for the little guy.

The fix, of course, is for Microsoft to make Windows development more difficult and less accessible to the novie developer. This seems like a bad idea.

Caliban Darklock

# re: More secure @ Thursday, March 24, 2005 8:02 AM

<rant>Of course the committed OSS fans started the flame again (could you live without it?). Ok, why not, but have you checked the Firefox security bug vulnerability count recently? And the time it took to ship bugfixes for them? Nah? You should.</rant>

Now, forget about if IE is insecure or not for a moment (it is insecure, but Firefox doesn't do it better).

Internet Explorer is only a lightweight shell above the MSHTML engine. Nor MSHTML, neither iexplore.exe are part of the kernel. They do not operate more in kernel mode than Firefox, Mozilla or whatever user software does. That's a fact.

Ok, now move on. Both MSHTML and Internet Explorer are shipped with the operating system itself. That's a fact.

MSHTML is used by other operating system *applications*, such as the Add/Remove Programs applet, the HTML Help Viewer, the Explorer shell and a few other software (including IE). That's a fact.

Here we have three facts and now it's up to you to tell whether Internet Explorer is integrated with the OS.

Depending on what you mean under OS, you might be correct or wrong. Linux users often say that Linux is kernel only (especially when making security vulnerability count comparisons <g>). From this viewpoint, I think IE is not the part of the OS. If think about Linux as a distribution, which typically includes one of more browsers, I'd say IE is part of the OS.

pb

# re: More secure @ Thursday, March 24, 2005 8:03 AM

"As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack."

I am sure the security reviews are very thorough and stringent, however, the method in which your development model is based on is inheritently insecure. Open source software is more secure because MORE programmers can and do eye the code. The bigger team you have the more productive and more secure the product is. When will Microsoft start taking similar approaches with their products?

The track record shows us that Mozilla and even other browsers such as Opera (which isn't open source), release patches far faster than Microsoft. I know you have to test and test again before you release patches to make sure it doesn't hose any exisiting systems. IMHO, thats a design flaw. One reason why Mozilla, Opera, etc. can release patches much faster is because generally those patches won't mess up the product, nor mess up the OS. In otherwords it requires less regression testing than what is needed when there is a flaw in IE.

Secondly, Mozilla is standards compliant. Where is the full CSS2 standards compliance in IE? Will Microsoft stop sitting on their asses and start LISTENING to their customers about web standards and stop trying to reinvent the wheel? Atleast in theory, the more standards compliant you are will ultimatly lead to a more secure product, and happier customers. From my experience, Microsoft has alienated a lot of their customers because of this issue.

I suppose thats another difference between OSS and closed systems, the OSS programmers are more likely to listen to feature requests and implement them. We don't have to sit back and whine and cry about the implementation of web standards either. Bill, where is this interoperability you promised your customers a long time ago? I have yet to see it.


Thirdly, IE is more prone to spyware because its integrated into the OS. There are no containment procedures in place to prevent spyware. Now, really evil hackers are taking advantage of that flaw to steal financial information from unsuspecting IE users.


I am not anti-Microsoft, however being a developer from both sides of the fence I already see the better design approach to systems such as KDE as compared with Microsoft's design. I hope that Longhorn will prove me wrong, but IMHO, that will take a complete rewrite of the Windows operating system. For now, I will stick with the Dept of Homeland Security's recommendation not to use IE DUE to the current security flaws and current undiscovered security flaws in IE. You know you have a BIG problem when a government agency which purpose is to protect the citizens of the US recommends not to use IE.


Just my 2 cents worth

Thanks

Anonymous KDE Developer

# Fallacy of logic... @ Thursday, March 24, 2005 8:09 AM

The "Straw Man" attack, eh? I like how you completely dodge any real argument and instead focus on your blurred version of what he was talking about.

For those people unfamiliar with the fallacies of logic: the following excerpt is from here: http://www.nizkor.org/features/fallacies/straw-man.html

Description of Straw Man

The Straw Man fallacy is committed when a person simply ignores a person's actual position and substitutes a distorted, exaggerated or misrepresented version of that position. This sort of "reasoning" has the following pattern:

1. Person A has position X.
2. Person B presents position Y (which is a distorted version of X).
3. Person B attacks position Y.
4. Therefore X is false/incorrect/flawed.

This sort of "reasoning" is fallacious because attacking a distorted version of a position simply does not constitute an attack on the position itself. One might as well expect an attack on a poor drawing of a person to hurt the person.

Scooter

# re: More secure @ Thursday, March 24, 2005 8:05 AM

Dave,

I would be good if you could answer some of the tougher questions being presented here, not just the useless fanboy type flames.

For example, how do you reconcile your post with the fact that Microsoft swore under oath that Internet explorer is a tightly integrated component of Windows? Several people have asked this (not just here) and I have yet to see a serious reply.

Either you are lying, Microsoft lied at the trial or the situation is now completely different and IE is no longer tightly integrated. I would be curious to know what you think.

regards

adavidm

adavidm

# re: More secure @ Thursday, March 24, 2005 8:11 AM

You can remove IE. Using XPLite you can completely remove it and all its components (the dlls that actually render content inside of other windows tools like explorer and the help system.)

gregg

# re: More secure @ Thursday, March 24, 2005 8:11 AM

I think that it does not matter what anyone says because people who does not trust IE/MS will always take one or two of the statements from what they say and twist it to mean anything you want it to mean.

There are fundamental differences between how a corporation develops applications and how an OSS group does it, simply because the corporation have to weigh cost vs. effect.

If you think that means that a corporation will never be able to produce as secure an application as an OSS group, well, go right ahead and believe that, I don't.

One of the reasons, IMO, that IE has so "many" security holes is that everybody loves to poke holes in IE. Which means that not only is there a much larger group of people trying to create programs that take advantage of the holes, there's also a bigger group of people trying to expose the holes either so that MS can get them fixed or to just expose IE/MS as bad.

In time this will change if FireFox or other browsers steal enough market from IE.

And the reasoning that since you can look at the source code from OSS software and not at the MS code, that doesn't mean anything at all. The number of people qualified to both look at, understand, and find flaws with the source in so complex projects is a lot smaller than you think and the number of those again that would even bother to do so is even less.

Yes, you can, so there's a theoretical bonus. I don't think it's as big as people want it to be though.

As a final note, I still have a FireFox 1.0 installation running with the checkbox for a periodic check for updates checked, and it still hasn't asked me to upgrade, even though there's been two upgrades since 1.0. Must be a bug...

Lasse

# re: More secure @ Thursday, March 24, 2005 8:08 AM

Forget the security flaws in IE. We forgive you. But, at least, make the damn thing fully web standard compliant.

.

# re: More secure @ Thursday, March 24, 2005 8:13 AM

Sounds like a really bad design decision to me, why should the browser be integral to the OS? - and typical of the microsoft way of thinking: i.e. don't just design something to do one or two things: design it to do absolutely everything under the sun.

If microsft made toasters, they'd cost £200 and come with a CD-Rom, USB, IE 6 and bluetooth as standard - all unistallable 'because they're part of the OS'.

Mr Monkey

# re: More secure @ Thursday, March 24, 2005 8:19 AM

Well first of all I'd like to say this thread has about three types of posts thus far...

1) Firefox fanboys *stupidly* insulting IE/MS "MS suxxx, die gates die!!"
2) IE fanboys *stupidly* insulting Firefox and Mitch's article "IE isnt part of the OS. Nope nope nope. Its not running at the kernel level!"
3) People who actually know what theyre talking about...

Anyway.. With this era of "managed" software development, and API/COM+/.NET/whatever sharing across the board, something really doesnt have to be part of the kernel to be part of the OS. Windows ships with IE, and you cant remove it or the Windows OS basic functional is broken. Simple as that. Now maybe Dave's point is its not part of the "Windows OS" and he means the Windows Kernel. This is true.

At work we have many specially built (Dual Xeons, really tight machines) MRI consoles for various customers. Yep, we're a medical software and integration company. Back in "the day" the predacessors of these machines ran SunOS, since PC hardware/software just wasnt reliable enough when your worried about brain cancer :P However nowadays these machines are being built with Windows XP Embeded edition. In the configuration we have, IE is not imbeded into explorer/Windows UI at all. And let me tell you, it not only looks nicer, but they run like a dream... Although really a Dual Xeon is going to run like a dream anyway. So in this sense IE is not part of the "OS"

But in the version that Ships to end consumers IT CERTAINLY IS PART OF THE OS!

Now as per the articles claim, yes firefox IS more secure than IE. Whether its its because its not integrated into the OS or not, the fact remains true. Look at the track record over the last couple years. Microsoft has made some very poor decisions, aswell as released some very poor code. I know that testing is very difficult, and thankfully we do not have any products that are user-end or involve the internet(s) :P. We just have to worry about frying people with radiation, or other drug treatments in our dosimetry software. And yes, this is an industry that demands bug free code!

Oh and Dave, why do you only respond to the comments that are by Firefox fanboys and are easily debunked... There have been many credible questions that have gone unanswered.

Heh

# re: More secure @ Thursday, March 24, 2005 8:13 AM

Is it really possible to completely remove IE from Windows and still expect it to work flawlessly? (In fact is it possible to completely remove IE at all?) As far as I know - no (however, I'm no expert). As for notepad.exe - it makes no difference whatsoever.
I guess that's what is differen between beeing "a part of an OS" and beeing "shipped with an OS"...

arakell

# re: More secure @ Thursday, March 24, 2005 8:17 AM

You said:

If we are to debate security of browsers then let's bring in relevant arguments and accurate details about different possible attacks ...

I say:

IE - Active X
FF - no Active X

therefore IE is MUCH LESS secure than FF

Joe7pak

# re: More secure @ Thursday, March 24, 2005 8:22 AM

Face it, Microsoft is losing.

Mark

# re: More secure @ Thursday, March 24, 2005 8:23 AM

Has anyone noticed that Dave Massey only answers softball questions? I think there are some very valid points in this discussion, but he (or his lawyers) won't answer them. I can summarize for you Dave...

"As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack."

We? Who is we? A room full of monkeys? IE is NOT secure - the proof is in the attacks and exploits that are publically announced and that we all suffer.

Why so many repeated security related failures?

What is the major fault that resulted in the wealth of problems? Why would someone think that a technology such as ActiveX wouldn't result in abuse? Didn't that raise a flag right away (if not, I'd love to know why, and if so, I'd love to know why it remained).

Yeah? It's not part of the operating system, ugh? Then tell me how to remove IE entirely from my system???

Of course IE uses standard Windows calls, but then again, Windows also makes calls to IE functions. Suppose I have Mozilla and IE on my computer, and I wanted to remove both of them from my computer, how long would it take? I would suspect that Mozilla's uninstall would take less than a minute. What about IE? Is it even possible? So you are still saying that it's not part of the operating system?

During the Microsoft anti-trust trial, the court was told over and over again that IE was part of the operating system and couldn’t be removed. Now we have a MS employee stating that IE isn’t part of the operating system. Which is it?? I’m amazed that everyone at MS isn’t on the same page on this, or was it just another example of MS lying in court?

Go for it!

Me

# re: More secure @ Thursday, March 24, 2005 8:26 AM

Dave,

Thanks for your perspective and opening yourself up to abuse from the slashdot crowd. I personally use Firefox for browsing the web, but in my development job we use the IE rendering engine (mshtml.dll) for custom intranet based solutions. The ability to integrate our own custom written ActiveX controls into the HTML layout makes getting things done much easier.

Joseph Willcoxson

# you can uninstall IE with LitePC @ Thursday, March 24, 2005 8:34 AM

on my home computer with windows XP, I removed internet explorer with a program named LitePC at www.LitePC.com

in a nutshell, LitePC "fixes" windows so that it can be run without IE. What does that mean? well, a lot of programs installed on my home PC use IE for some function or another, and LitePC makes it so that they won't miss it. Why can't they program so that they don't have to use IE? wouldnt that be smarter? Is IE documented better than these APIs that are found in MSDN as referenced above? well, that is another argument.

so after I installed LitePC, and it uninstalled IE, it was great. I felt more secure immediately. Those nasty baddies wont get into my computer now... well sorta. They suffer from the same problem that mozilla has: They don't know exactly what IE does, they can just see results. so there is quirkiness with some programs, and others will just plain not run. however, since IE has been thought of as always being there *I don't know why anyone would think that* then software developers write code specifically for IE to run.

My question is.. if IE isn't part of the OS, but software developers can pretty much rely on it being there, isn't that then a defacto piece of the OS?

if it is *not* a defacto part of the OS, then that means you are telling a lot of developers that they are really stupid. That relegates IE to a mere *program* status. you would need to admonish these developers much like you would if they relied on notepad, or solitaire to be there.

Kevin Gabbert

# re: More secure @ Thursday, March 24, 2005 8:29 AM

OT maybe:

a reply on Dean Harding

>And is notepad any less secure because it ships >with the OS?

Yes, as is common knowledge one can acces streams on any NTFS volume through notepad. That is, store data not vissible to the user/sysop in it, and read it back.

EG run: notepad c:\temp\test.txt:test.txt

type something, store the file, take a look at the filesize and be amazed. where did the data go? into a named stream...

just search on: notepad and NTFS streams
in google and you'll find a bunch of sites related to this.

anyway i think this is insecurity...

TP

# re: More secure @ Thursday, March 24, 2005 8:35 AM

Do you understand billions of dollars lost for businesses, individuals because of viruses, trojans leave their computer pretty much useless? Do you really understand how companies and people use Microsoft product for mission critical applications and lose millions of dollars per day due to some bug in your products. It should be criminal to produce software like this. Shame on you to defend it!

Hem Ramachandran

Hem Ramachandran

# re: More secure @ Thursday, March 24, 2005 8:37 AM

Ok, on the "No one is willing to pay what it costs for bug free code" argument.

By that logic, Free as in beer code should have a lot more bugs than expensive MS code. So Firefox should crash every few minutes.

And why did MS say that IE was part of the OS in court. Maybe the AG should look into this.

stormesj

# re: More secure @ Thursday, March 24, 2005 8:37 AM

internet explorer may or may not be more secure than firefox. but because the API's that are tied to it are also tied to the OS so tightly that you cant remove IE, that makes the OS less secure, because if you exploit IE your accually exploiting Windows.

prove me wrong, i dare you.

accually i double dare you, and your whole department.

serialhex

# re: More secure @ Thursday, March 24, 2005 8:33 AM

The poster that stated people would pay large amounts of money that was bug free. I challenge you to show me an app of over 15,000 lines of code that is 100% bug free.

Brian

# re: More secure @ Thursday, March 24, 2005 8:33 AM

I dont understand how people can claim firefox is more secure than IE.

Things like http://www.securityfocus.com/archive/1/378632 indicate firefox QA isn't all that is cracked up to be, and possibly seemingly more secure as its only being used by a small minority.

Plus the fact there seems to be alot of "LOOK Microsoft stuffed up yet AGAIN!" from Firefox fanatics, when an exploit is found, but Mozilla/Firefox exploits dont seem to get the same negative attention.

Ren

# re: More secure @ Thursday, March 24, 2005 8:39 AM

I know that IE is supposed to be the browser equivalent of a door with no hinges but I'm not convinced. I run Firefox because of features, because of tabs, and css support, but prior to firefox 0.8 I ran nothing but IE when using Windows. I never once had my start page redirected, I never once go any virii that stemmed from my use of IE, I never once got any spyware except for the bundled kind that came with other software.

I can't claim to be representative as clearly other people have problems but how manny of the reported problems are theoretical security holes and how many actually cause real day-to-day problems?

A lot of them seem pretty unlikely to me.

That said, CSS support should not be an option that can be debated, it should just be, so flame on...

seriously though

# re: More secure @ Thursday, March 24, 2005 8:40 AM

About the "IE is part of the OS" statement...rather, so many things - even in the base Windows system - interface with IE that removing it would mean quite a few nasty things would happen.

niteice

# re: More secure @ Thursday, March 24, 2005 8:48 AM

I feel sorry for you. I must be somewhat depressing to read all these comments about your company. Some time ago it used to be great thing to say "I work at Microsoft". I don't think that's true any more. I guess people at Microsoft are more and more hiding the thing they are working there.

What comes to IE and it being part of the operating system I guess the view of you about the subject might be pretty interesting in some courts. In EU they'd like to get IE permanently removed from Windows to make it more secure. So far Microsoft has been telling it cannot be done (which I believe is true as it's clearly part of OS and running _inside_ the OS). However, if your point about IE being just a standalone application is correct then we have to start to push our EU MEPs more to get MS to release a version of Windows with IE removed.

Mike

# re: More secure @ Thursday, March 24, 2005 8:49 AM

This is a bit OT but will IE 7 finally display a PNG graphics file correctly?

tuco

# re: More secure @ Thursday, March 24, 2005 8:49 AM

I'll say this, speaking as someone who works with mozilla.org code:

Windows XP SP2 heralded a lot of great improvements on security, and several of those improvements impacted IE6 positively. I'm fairly confident that IE7 will be better in the security viewpoint.

Microsoft has been burned pretty badly over the whole security issue, and their response as I've seen it is all for the betterment of the users.

That said, I think people will be nodding their heads and saying, "Yeah, riiiiiight" until IE7 is actually released... after all, that's how a lot of people felt about Mozilla 1.0, having seen Netscape 6.0 (based on Mozilla 0.6)...

Alex Vincent

# re: More secure @ Thursday, March 24, 2005 8:51 AM

seriously though:
You clearly are a computer oriented user. For ANY non-techie IE is huge risk on their computers. I've seen very bad situations on some computers I constantly keep clearing from all bad things mostly coming from IE (and increasingly from the messenger) mostly on my relatives computers.

seriously indeed

# re: More secure @ Thursday, March 24, 2005 8:53 AM

DM-->"I don't know what you mean by tightly integrated"
Can you give us a link of a Microsoft KB on how to completely remove Internet Explorer from our systems and still to be able to use all the features we already use?

Anonymous Coward

# re: More secure @ Thursday, March 24, 2005 8:55 AM

If it isn't part of the OS, then why can't you uninstall it?

random troll

# HERE'S A SUGGESTION @ Thursday, March 24, 2005 8:59 AM

Hey I got a good idea. How about in the next release of M$ they include two DIFFERENT programs. ONE for that BS crap about how so parts of the OS "can rely on the functionality and APIs being present". And a completely other, separate, OPTIONAL program for BROWSING the internet (sounds like a simple concept), not something that "in turn relies on Operating System functionality to do it's job."
M$ SHOULD NOT HAVE EVER combined the two into one. This is what people mean when they say that "IE is part of the OS". Because IE has ties with OS and can be manipulated
"The security of any browser IS RELEVANT to if it is part of the operating system." IF only M$ would have taken this approach, instead of shoving IE down our throats and embedding it into the OS, spyware/malware wouldn't be in the dictionary.

And another thing:
"As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack"
-Yea I'm sure you pay your developers lots of money to do this... but what kind of environment do you provide them with? Probably fast running computers with nothing installed on it. Maybe this is why open-source software is always so much better then "cubicle-made" software... because a lot of the code gets developed on "real life" machines. And therefore it gets tested in real life scenarios, on actual setups that people are going to be browsing with.

And only the icons for IE can be erased. If IE were really able to be uninstalled the HELP system should never work after this occurs, along with many other things embedded into the OS, but the help system does work and I can go to "My Computer" and type in www.firefox.com and have the "uninstalled" IE open from thin air.

Apotropaic

# re: More secure @ Thursday, March 24, 2005 9:05 AM

The IE architecture is fundamentally flawed -- ActiveX. Microsoft was warned by security experts when they first got into the Internet game, but took the attitude of, "we've got really smart programmers, so don't worry we'll get it right." Well, Microsoft didn't get it right, the security experts were in fact correct. There's a huge difference between bugs in code and a fundamentally flawed design. Someone at Microsoft needs to call "do over."

Anonymous

# Trial Information @ Thursday, March 24, 2005 9:07 AM

This is from an section of this link...It appears MS can never make up it's mind...
http://www.theregister.co.uk/1999/01/21/schmalensee_trips_on_doj_banana/

Boies produced a Microsoft email from the Bristol versus Microsoft case (in which Schmalensee had testified): "We are now describing IE as part of the OS and putting it in the box. Conclusion: they already have rights to things like IE. It's a legal stretch, but I want to hear from our attorneys and you, Bob. But in any case, I'd rather use IE as a bargaining chip to clarify the extent of their rights; ie., treat IE as a separate deal and, thereby, set the precedent that apps in the box aren't really part of the OS." It now seemed that even Microsoft was willing to regard IE as something separate from Windows if it suited them. It was a very significant document. Urowsky was objecting furiously, but was overruled by Judge Jackson, who paraphrased Boies argument very well, thereby showing he was paying very close attention. The date of the email was 22 December 1995, just a couple of weeks after Microsoft's Internet strategy meeting in New York.

Just tell the TRUTH

# Is IE part of the OS? What is the official word? @ Thursday, March 24, 2005 9:18 AM

Ddue, your employer spent alot of time a few years back arguing that IE is integral to the OS, so I think it is pretty fair to recall that position.

mike

# re: More secure @ Thursday, March 24, 2005 9:13 AM

IE is so essential, in fact, that you can rip it out and not miss it.
http://nuhi.msfn.org/nlite.html
http://www.vorck.com/remove-ie.html

Fred Vorck

# Define "Part" of Windows @ Thursday, March 24, 2005 9:18 AM

I'd like for a M$ employee to define the term, "part of windows". How can you separate an application from and OS when it is "part" of the OS? If it is not integrated in a fashion that would allow it to be taken out of the OS and not cause a degrading of features of that OS, well that would conclude the OS depends on the features of the application and therefore is itself more than just an application.

"While scant on details for IE 7, Gates said the security enhancements will protect customers against phishing and other malware. The features will also be included in the version of IE for Longhorn. IE is part of Windows and is used by most Web users, but it has a bad security reputation."

DoubleSpeak

# re: More secure @ Thursday, March 24, 2005 9:19 AM

I think that there are two points of view about "IE is part of OS" On one hand we talk about OS as kernel (I/O, drivers, memory managment and so on) in that case - yes, IE is not part of OS and lays much higher (i suppose :)) Hence, base operations couldn't be affected by exploiting IE bugs. On the other user works with GUI wich, being higher level app is still part of OS (could you operate "windows" without windows in normal way anyway?).
Hence, using windows explorer, help system an other third part apps we still USE IE which is buggy :) we can't exclude IE presence from windows so, it doesn't matter what which API uses...

Swan

# re: More secure @ Thursday, March 24, 2005 9:26 AM

" I don't understand what people mean when they "IE is part of the OS". "

I thought this is what the mothership said in its multiple antitrust suits, no?

anymouse

# Spelling @ Thursday, March 24, 2005 9:26 AM

You should try Mac OS X - it has a Spelling checker built into the OS.

Oh... hang-on.. is that a good thing or a bad thing....

<brain explodes>

Diggory Laycock

# M$ behind the scenes @ Thursday, March 24, 2005 9:28 AM

Some decessions are particulary nasty. For example a couple of years ago, when the browser war was still running, Microsoft got sued for integrating Internet Explorer into Windows. The court ordered that Microsoft should also offer a version of Windows without IE. After some debate Microsoft decided to ship an additional version of Windows with every line of IE code removed. Because IE was part of the OS, and certain parts of the OS relied on IE components, this Windows version was broken. It just didn’t work. So people had the choice between an IE-less broken Windows version or a working one which did include IE. They followed the court’s order, but well, it didn’t work out how people hoped it would.

blah blah

# re: More secure @ Thursday, March 24, 2005 9:28 AM

ActiveX, ActiveX, ActiveX. Please get rid of it. Nope, I don't use IE, I use Opera or FF. But I spend a lot of time cleaning up the mess ActiveX allows mallicious users to make. It's been a problem for a long time. Even if nobody realise it was a mistake in the first place (why not?), it is a well documented problem now. Just remove it.

Oh yes, real CSS2 would be nice, if you've got some spare time.

another users

# Least Privilege @ Thursday, March 24, 2005 9:31 AM

Personally, I don't think it matters which browser is more secure. There will always be "one more bug". At the end of the day, virus writers, browser hijackers, etc (aka "the bad guys"), will aim for the biggest target they can find, and sometimes, they may aim more narrow, to try to go undetected.

Anyway, the point of this is that IE & Mozilla would both be much more secure if the user was not a Admin, super-user by default. I highly recommend using the technique's found at Aaron Margosis' blog --> http://blogs.msdn.com/aaron_margosis.

Change this to the default, and you improve security for everyone.

Jeff

# USE LINUX or MAC @ Thursday, March 24, 2005 9:33 AM

Linux and Mac make a user jump thru hoops to run as "admin"...if you do on these systems it's YOUR OWN FAULT...NOT THE OS

ADMIN_RIGHTS

# re: More secure @ Thursday, March 24, 2005 9:39 AM

" Linux and Mac make a user jump thru hoops to run as "admin"...if you do on these systems it's YOUR OWN FAULT...NOT THE OS"

What? Note there is no "admin" on *nix boxes. It is root and if you call su to root a hoop to jump through,you are lazy indeed.

Sergio Leone

# re: More secure @ Thursday, March 24, 2005 9:40 AM

"The security of any browser is irrelevant to if it is part of the operating system."

Clearly that stament is MS corporate aproach. If the browser is part of the operating system, the security must be a priority!.

Trukichu

# re: More secure @ Thursday, March 24, 2005 9:41 AM

The anonymouse kde developer had an excellent point. Orthogonality is the key, and I believe that if Microsoft practiced this, their patches for IE would be released faster. Dave, you should read the pragmatic programmer.

Peter

# re: More secure @ Thursday, March 24, 2005 9:46 AM

What's the UA string for IE7? I'd like to block it. Thanks.

your name

# re: More secure @ Thursday, March 24, 2005 9:47 AM

I would like to make a few suggestions to make IE (and Windows a bit more secure):

1. Discontinue the support of Active X. I think this is a gigantic area of future opportunity. I believe this is a big factor as to why FF appears more secure (I won't argue that it is or isn't more secure -- I'll leave that fight to others).

2. Don't use the browser to manage Software updates. Not only does this result in a poor interface, but I don't feel very secure using what may be a compromised browser to update my OS.

Mark

# re: More secure @ Thursday, March 24, 2005 9:58 AM

If IE is not tied to the OS, why can't I simply uninstall it?Forget about whether it runs inside the kernel or floating on the Apps.My understanding is IE or any other apps which is developed my microsoft to kill the competition can not be uninstalled by default.If you do, the OS supposed to crash.That's microsoft security(market share) rule number 1 I guess.

Need proof:
1) IE
2) http://www.theinquirer.net/?article=22055

Shen

# re: More secure @ Thursday, March 24, 2005 10:05 AM

Right, so when can we uninstall the shitty thing?

~A!

~A!

# re: More secure @ Thursday, March 24, 2005 10:13 AM

"This is not the case as any software has access to the same set of OS APIs and can therefore expose the same set of OS functionality as IE."

Huh? How does that absolve IE from being a security risk? All that says is: any app that accesses the IE/OS APIs can be a security threat.

Now, I don't know what the inherent risks may be, but I don't see how you've defended or explained anything.

gb

# re: More secure @ Thursday, March 24, 2005 10:11 AM

To be secure IE needs to be re-started from the ground up. Give up on the patch-of-the moment system. Tied to the OS not tied to the OS who cares? It's a patchwork of rush-job fixes and bad ideas (*caugh* ActiveX *caugh*).

You want IE to be secure? Start fresh. Try adopting standars instead of creating new ones for no apparent reason other than to stifle competion and inovation.

The rate at which average people have adopted and continue to adopted Firefox, should tell Microsfot something: people are tired of gimmicky featues if it means constantly having to to update or dealing with continual browser crashes.

The Web is a fast paced ever chaning enviroment. 800 lb Gorillas just don't have the flexibility to adapt to work in that enviroment.

I apologize in advance for the typos. I don't
have Spellbound for Firefox (http://spellbound.sourceforge.net/install)
Installed on this machine :).

David

# re: More secure @ Thursday, March 24, 2005 10:29 AM

Another thing I have noticed with surfing websites is that a lot of sites which has asp or aspx as their pages does not work with browsers other than IE. Obviously it looks like they have built into .NET and ASP the refusal to serve pages if the browser is not IE.

Hem Ramachandran

# re: More secure @ Thursday, March 24, 2005 10:36 AM

If (as I've seen) advertising malware pops up when I open "Control Panel" tools in (someone elses) Windows, you know something has gone badly wrong.

But it isn't that IE is/or isn't part of the OS, I suspect here it is that version of XP didn't make a clean division between "end user" and "system". And indeed probably let the user run with unfettered privileges.

The failure to make that distinction back in, oh 1982 or so, has dogged Microsoft ever since in the security stakes.

Similarly ActiveX failed to produce the kind of effective barrier between the OS and the mobile code needed. The default settings for different partitions were too generous to the less trustworthy bits of the net, and the attempts to partition things into those partition were also badly flawed, and in one version of OE didn't even work when you clicked the buttons.

The result of too few barriers is flaws can be exploited to escalate privileges or access.

That said I don't see why the OS would be better protected from Firefox than IE, the problems here are architectural. The flaws in ActiveX components are just that - flaws in ActiveX components, the fact that these own your PC is by design, not an IE bug. If you wanted more secure mobile code, stick to running Java applets ;)

On the other hand you can run Firefox on OSes which better protect themselves from flaws in any applications handling untrusted data, where as last time I looked IE was being ported to less and less platforms.

Simon

# re: More secure @ Thursday, March 24, 2005 10:36 AM

Microsoft has claimed under oath in court that IE is a part of the OS. Are you claiming the MS lied in court?

Also, if IE is not a part of the OS then why is IE7 going to available as an OS upgrade to XP users only? If it's a separate product then I should be able to run IE7 under Windows 2000.

confused

# re: More secure @ Thursday, March 24, 2005 10:38 AM

Windows XP can be installed perfectly functional with the IE executables and libraries forcefully removed (since there's no other way to remove them).

(nt)

# IE bloats the OS @ Thursday, March 24, 2005 10:40 AM

...and is crap.

It is quite clear that you have drunk the kool-aid. Did someone in legal call you and 'remind' you that IE is not an app but is sooo deeply embedded in the operating system that it could never be removed?

I don't even think this counts as FUD; just misguided corporate jingoism.
--

Brody Miller

# re: More secure @ Thursday, March 24, 2005 10:41 AM

So, what do you call it when the FAVORITES menu is showing up on EVERY EXPLORER WINDOW in the operating system ? What ?! Thats not IE integrated with the OS ? Cheah right.

Don

# re: More secure @ Thursday, March 24, 2005 10:46 AM

Blaaaaaaaahhhhhhhh

Bob Smitty

# re: More secure @ Thursday, March 24, 2005 10:56 AM

As I pointed out in an earlier post, the security can never be good enough.
Perfectly safe software doesn't run at all.
Whatever solution one is offering, someone will find a way around it, simply because this is what the human mind does.
- This said, I'd like to point out that I dont disagree with any of the security flaws mentioned in these posts.
Your are all right on target, I'm sure, but there's a larger picture here.

To preach fear as singleminded as you all do here, never resulted in anything good in the entire history of man, and has almost always resulted in fascism and inhuman societies.

There's one type of software that is seldomly attacked, even though it should be very easy to attack, and that's open source.
That's strange, dont you all agree?
I mean, if I wanted to attack something, I'd find it very helpful indeed, to be able to access the sourcecode and therefor being able to thouroughly analyze it's weaknesses, and then exploit those.

But no, not very often, and yet there's a lot of it out there now, Firefox ironically being one such open source venture - still safer than IE - and I would say that this has to do with the political climate surrounding this approach, which does not invite this type of behavior.
A climate which is less dominated by fear..
Parallels to certain aspects of modern politics can easily be identified here.

The conclusion is that fear can be a bad thing in itself, and this frenzy has aspects of self fullfilling prophesies..


Here's a thought.. release IE as open source.


Think about it.....


There are obvious strategic advantages to this.
You can specify what the browser needs to be able to do in the 'contract' when releasing it - making sure that your strategic partners will not bail on you because their business breaks for one reason or another with the new browser, while still getting rid of the responsibilties associated with developing it, responsibilities that hurts current business even though it doesn't have to - and we, the world, would have a browser supporting all standards.
- Because really, is there a good solid reason for IE to remain inhouse?
It's not like you are selling it.

Do the right thing then, and support a friendlier atmosphere.
If for no other reason than the fun of it, as it would surely stun the whole planet.
It would surely become the greatest PR-ploy ever for Microsoft, while simultainiously unloading a shitload of trouble..

Leave the misery to the open source community, and keep the business and the browser.

Mikael Bergkvist

# I can BULLSHIT! @ Thursday, March 24, 2005 10:58 AM

Heh. Well as a developer for a Microsoft vendor, I can say you are wrong. Microsoft's inherent weakness is the result of being built into the OS. The rendering engine is the same engine that renders folders, Outlook and several other applications... and it has ROOT ACCESS!

This was shown when a security flaw in 2004 allowed someone to get ROOT access via the browser. Microsoft created a work around for the browser and called it fixed but you can avoid the work around just by calling it directly.

If it not being built into the OS was not a problem, then this security problem and many others would not be an issue. The rendering engine that IE uses is part of the OS. This is the inherent flaw thatcontinues to make not only IE a security nightmare, but all other apps that use the same engine... and trust me, there are alot.

I highly suggest anyone who thinks this is bullshit to just search through their registry sometime for 'explorer' and read the properties of some of those entries. You will be amazed at just how easy it is to get access to the OS through IE.

Xeno

# re: More secure @ Thursday, March 24, 2005 10:59 AM

Being a linux guy I kind of enjoy bashing MS.

But this "IE is part of the operating system and that makes it inherently insecure" is pure BS.

If IE components are an integral part of OS, and used by many other apps, arent the IE components really operating system components, which IE uses? While they may be developed by the internet explorer team, they are still used by lots of other stuff and are technically part of the WIN32 API (or whatever it's called these days) since they are available to any program written on the platform.

I think with a subtle mindshift most people would agree with me.

If you do, the security focus really becomes, are these components inherently insecure? Or is just the software which is written that uses them insecure?

In linux land we use a std c library among other things, and I am sure that browser developers have contributed to it at least in some way. All browsers use this library either directly or indirectly, so doesn't this make the browser part of OS on linux too?

Am I reaching here?

-AC

Is IE part of OS or is OS part of IE?

# re: More secure @ Thursday, March 24, 2005 11:05 AM

Several people have already pointed out that you in fact CAN completely remove IE from your system using the tools available here: http://www.litepc.com - however, applications and OS components that require IE functionality either 1.) won't run correctly, or 2.) won't run at all (e.g. Outlook). With those caveats, I've found the various application and OS quirks resulting from removing IE to be minor.

Megadeus Domineum

# Is it really so? @ Thursday, March 24, 2005 11:16 AM

I heard the opinion that Microsof does so little to improve the browser is to slow down the popularity of the Internet as OS. So that the Windows OS keeps selling.

Max

# Obvious Problems with IE @ Thursday, March 24, 2005 11:16 AM

These are obvious things that many people have said but here are my 0.02:

1) The fact you can't remove IE from Windows XP is a huge problem.
2) IE's lack of support for CSS2 (and intent to not support CSS2) is an even bigger problem.
3) IE's dumbing down of the browser just makes stupid users even more dumb, causing more support issues.
4) How about supporting Transparent PNG Alpha blending by default since you're already using libpng? Having to enable this via javascript is a pain in the... well you know.

I'm sure I can come up with more issues, if I thought hard enough, but you guys have enough bitching going on here. I know you can't really address #1, as it's bigger picture than 2-4... but hey, 2-4 shouldnt be too hard to tackle. Thanks for reading :)

Gavin Roy

# re: More secure @ Thursday, March 24, 2005 11:27 AM

MS is flailing like a red headed stepchild before the whip comes down.
Their credibility is nearing zero, and every time BG opens his mouth, one needs knee-high boots. And now his minions are out braying the ministry of Microsoft to convert the converted?

Note* No ispell was needed in the rendering of this post via Mozilla 1.7.5 - my 'i spell' comes from a quaint concept known as 'English class'

wonkster

# re: More secure @ Thursday, March 24, 2005 11:37 AM

Here's another angle on the "IE is part of the OS" thing: you can download, install, and run it on a completely Windows-free Linux machine with WINE and it's commercial varients (Crossover Office). I tend to think that ultimately proves it's clearly not part of the OS.

IoT

# re: More secure @ Thursday, March 24, 2005 11:31 AM

-- Now I'm pretty confident that Mitchell doesn't actually know the details of how IE is developed so I don't fully understand the basis of the statement. As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack. --

I don't know the details of how IE is developed, and I don't really care. Here are some points I have about IE and your blog entry, Dave:

1. I can't uninstall IE.

2. I want to uninstall IE (I hate everything about that browser, the functionality, the slowness, the security problems). All I want from IE is one piece of functionality: "UNINSTALL"!!!

3. Microsoft doesn't care that I can't uninstall IE.

4. When people teach an Operating System class at University, somehow the scholars missed the part where the browser should be part of the OS... Hrm. Maybe because putting the browser as part of the OS is a BAD IDEA!

5. If the review process for updates to IE are so flawless, then why is the product so flawed?

M$ is in the business of selling software, and if they make you pay for an update/upgrade, they have sold more software. It behooves of them to have lots of bugs -- they sell more upgrades that way. But it's a bad way to run a software business if you asked me.

People will always pay for non-buggy software. I use a database that costs thousands per seat b/c it's fast and reliable. I won't accept buggy or unreliable software. NO. I don't buy crap.

So when it comes to suggesting OS/platform to my higher-ups, I never ever ever will suggest a microsoft product. They suck, and all they care about is cashing your check. I'll send my checks to redhat or sun, or Mac (alternatives exist for everything that M$ sells: both sun and redhat have been very good to me).

Microsoft lost me as a customer right about windows 98. MS-DOS 6.22 was limited, but IMHO, was the last stable release of an OS that M$ produced (and if some M$ freak says NT 4.0, or AS2k3, they can just piss right off: I'm tired of rebooting for mysterious unknown reasons).

Finally, no system is perfect, absolutely bug-free or secure. If Linux had the install-base of windows, there is no doubt that some amount of malware could be propagated. But security is a process: attitude is everything. The Open Source guys will at least listen to you and try to fix things in a timely manner (I have emailed several developers about their projects, and they are courteous, respond very quickly, and usually have solutions very rapidly). I get no such confidence or support by microsoft (just being put on hold and transferred to three different departments). I have been asking to uninstall IE for years, and since redhat/sun/mac/every other os in existence allows me to un/install browsers willy-nilly, I'll live without bill gates ruling my desktop (both at home and at work).

Until M$ releases it's OS as source (and thereby allowing me to extend or change it to my liking), I will take my OS dollars to other vendors. My work hasn't suffered one bit, quite the contrary (you can learn alot when you graduate from "point-and-oink").

Big thanks to Linus, mozilla.org, OO.org, RMS, redhat, and everyone else who makes GNU/LINUX a complete substitute for an inferior, proprietary, and bloated OS.

Anonymous Penguin

# re: More secure @ Thursday, March 24, 2005 11:42 AM

I wish some of the morons who were posting here could appreciate that "IE" is not just a web browser, but a suite of tools for writing internet enabled applications, for processing and displaying HTML (and XML), for excuting JavaScript and VBScript, for connecting to and communicating with plugins, for implementing security protocols, and a whole more than any of us are willing to read about here.

IE is a frame work that culminates in the IEXPLORE.EXE executable, which makes a browser frame with an address bar and bookmarks, with some desktop integration.

The "OS" is the thing that talks to hardware and manages your memory & storage. Your "Desktop Shell" is the start menu, window manager, and the different little tools that MS uses to emulate the desktop-metaphor UI we all know and love.

This shell makes use of many parts of the IE framework, from using the XML parser to read/write data files to using the HTML rendering engine to display web-pages on your desktop. MediaPlayer uses IE's security & communication framework to connect to the web and authenticate secure connections.

You could EASILY toss out the "full" browser frame and bookmarks system, but you could never toss out the IE framework. Windows seems to be using it all over the place, and for good reason. Why re-invent the wheel in every application you write? Why write a web-browser as a single "closed" executable, where none of its code is available to other programs (without copying that code to your own projects, or linking against some common libraries?)

What's fundamentally wrong about the way IE and Windows are designed? If you ask me, I say nothing. The implementation and execution of that design may not be ideal, but all of you naysayers that put down IE & Windows and the integration are either misinformed, not aware of the advantages of modular design, or are just plain stupid.

Armen

# re: More secure @ Thursday, March 24, 2005 11:45 AM

I am not a software developer. I am a simple end user who came upon this forum through a link. I have read all the comments accusatory and defensive and, while I am no big fan of Microsofts business practices, I do think some of the hostility is misdirected at this individual. Having said that, it was probably a poor decision for him to stick his a** into the wind this way. I don't know from a programming standpoint whether or notIE is more or less secure than FF, but I can say that since load FF onto my personal machine I have seen my instances of adware, spyware, and malware diminish considerably (my regualr AdAware scans usually only return results when I am forced to use IE for one reason or another). What I do have a problem with is MS's inconsistant stance on whether or not IE is part of the OS. It's one of two things; either the poster of this blog is lying or doesnt know what he's talking about, or Gates and Co. lied to congress about it. If IE can be removed, and MS is so intent on showing that their market share is the result of better products, then why don't they just release Windows without IE? Any way you look at it, it comes back to decisions that MS has made. Therefore, it is their resposibility and the burden is on their shoulders, and no amount of defense can be leveled if what they are doing is unethical, dishonest, or just plain stupid.

Michael

# Firefox and Microsoft @ Thursday, March 24, 2005 11:45 AM

I am the customer of Microsoft and I read the Mr.Gates's book "The Road Ahead", but I am to tell frankly that the Firefox is simply better. Better feel, better speed, better everything.

It is strange, since the Mozilla has much less resources. If MS comes out with IE7, which is better than the Firefox, as it happened with IE4 vs. Netscape, then it would be great.

For me it is already clear that the browser is to become the next OS, and it is in vain to try to stop it by not complying with the standards. It is too big. It is bigger than MS. It is unstoppable.

Max again

# re: More secure @ Thursday, March 24, 2005 11:41 AM

Well, there nothing like an invasion of slashdroids to make things "interesting".

I find it amusing that somehow, when discussing IE, the slashdroids seem to forget the concept of layered access... or even their own idea of what the "OS" is.

Item: IE ships as part of the Windows OS to provide a common API base for rendering some types of information. it is heavily used.

Item: IE does not run in kernal space as a deeply tied process (liek a driver).

The inability to understand this concept seems to come and go with how it suits the Linux FUD machine.

IE is "part of" the operating system the same way the GNU "C" library is "aprt of" the Linux OS. The kernal might not need the glibc files to load itself, but most of the programs and tools that make up the effective OS would fail without it. So is glibc part of the Linux OS or not? It >depends< on your working definitions.

Oh, and all of you with your "ActiveX" issue so on your sleeve... you do know it is disable by default these days right? No, of course you don't. Why let a fact get in the way?

Soulhuntre

# re: More secure @ Thursday, March 24, 2005 11:50 AM

<i> The security of any browser is irrelevant to if it is part of the operating system.</i>
huh? I read it in context a couple of times but I am not sure what you are getting at. Are you suggesting that is IE excused from blaim somehow? It does seem that the most critical flaw in this house of cards, the one that is going to lend itself to the most security hazards, is that MS seems to actually believe the browser is part of the OS. Once you start confusing your application layers, your doomed. "IE seven to run at ring0, Gates says 'we dont need no stinking rings'".

dilvish_the_damned

# Ensure Security? @ Thursday, March 24, 2005 11:49 AM

"...As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack..."

I can see this.. Well, Microsoft have a very very good developmente process here. But WHY THE HELL MY WINDOWS+IE IS TOO INSECURE???

Maybe this is cause Microsoft have lamers working there as this blogs author. Go study, go learn about programming.. lamer.

Foxxer

# re: More secure @ Thursday, March 24, 2005 11:57 AM

Te reasons that "there are so many security holes in Win32/IE whatever are very, very simple.

1. Microsoft almost missed the Internet and hurriedly added thousands of lines of net active code to it's product line to drive revenue. MS realized the issues this caused two years ago and began a concerted effort to fix them. The large number of patches shipping now are the fruits of that effort.

2. Win32 is by far the most dominant platform on the planet, with a robust development tool base and comprehensive documentation publicly available for almost every interface. It's only natural that it's the most attacked target. Notice as Linux and MacOS desktop percentages rise we're seeing more attacks on those platforms.

Personally I'm astounded that Win32 is as tight as it is considering I can go buy the OS in a box, bolt together almost any bizarre combination of frankenparts, and the installer manages to create a useful, reasonably secure platform out of them with zero intervention from me. Could my mother set up Linux on her own? Can I walk into the apple store and buy a decent box for under $1000? No. MS does an amazing job all things considered.

OpenSource MS BreakGiver

# re: More secure @ Thursday, March 24, 2005 11:59 AM

As one prior poster points out: "Finally, no system is perfect, absolutely bug-free or secure. If Linux had the install-base of windows there is no doubt that some amount of malware could be propagated."

While this is no doubt true, one of THE best things about 'nix is that (as long as you're not running around as root), you need a second password to install software.

[One can argure that as long as you're not running around as Administrator, you get the same benefit, but I think there are too many proofs to the contrary that that point even warrants a mention. (This was the idea behind "runas", and it works, but the problematic underpinnings are what I'm talking about.)]

That said, admittedly, the bad guys out there will (have?) found ways around the 'nix password-to-install need, but it *does* prevent basic "easier" attacks from happening without causing undue confusion / duress to the user. (Let's face it the whole Active X dialog box-even in XP SP2 is really pretty darned icky.)

www.ebiinc.com

# re: More secure @ Thursday, March 24, 2005 11:59 AM

- Returning to my previous point that even though open source *should* be more unsecure, because it can be freely analyzed for flaws to exploit, the climate is not such that this occurs to any extent.

Point in case: Firefox is assumed safer that IE, even though one is open source and the other is not.
Theoretically, I could download the code and analyze it for flaws to exploit.
There's no point in saying that it's 'not as attractive' for attacks, because Firefox is very successful for windows, which is the primary target for malicous code today.
It's theoretically a very practical vehicle for attacks, for those so inclined.

Now, through history, management by fear produced uncertainty and violence, because the climate doesn't spur creativity and respect for each others work.
That's why the soviet union crumbled and fell.
No production, no creativity, no security..
Ironically, they are now safer from a potential attack from us now than they ever where back then.

So, here's a situation where 'FUD' actually backfires, producing a downward spiral, which is a rather sweet irony..

Mikael Bergkvist

# Ignore the assholes, Dave @ Thursday, March 24, 2005 12:11 PM

Look, Firefox is getting patched just as much as any MS product yet nobody mentions it. The fact the Firefox can WIPE YOUR ENTIRE DRIVE if you try to install it, well, the OSS people just tend to forgive such little quirks. Firefox users are slowly starting to moan about Popups appearing when before there was none.

These supposedly educated people don't realise that the more market share it gains the more it will become a target. It is not some piece of wondercode that is invulnerable to attack.

I never realised the world was populated with such a bunch of kiddies. IE *IS* a fantastic product, truly astonishing what it is capable of. It's had some security quirks, YOU WILL GET THOSE when you have hundreds of millions of users. Has the world gone mad?

Just give us a cool IE 7 and, please, please shut these OSS fuckwits up once and for all.

GO IE TEAM ULTRA!

Alan

# re: More secure @ Thursday, March 24, 2005 12:17 PM

"Firefox can WIPE YOUR ENTIRE DRIVE if you try to install it"

"Has the world gone mad?"

Mikael Bergkvist

# re: More secure @ Thursday, March 24, 2005 12:15 PM

Meta comment: it's not obvious whether comments are attributed to the username above or below the comment.

AnonyMouse

# re: More secure @ Thursday, March 24, 2005 12:21 PM

Just to clarify, notepad is part of the OS. Notepad is a very small thin wrapper around a multi EDIT line control.

Matt

# re: More secure @ Thursday, March 24, 2005 12:22 PM

Somebody send this blog to the Justice Department.

If one of the IE programmers claims that IE is not part of the OS, then MS committed perjury during the trials.

Calling Judge Collar Kottelly!!!!

J N

# re: More secure @ Thursday, March 24, 2005 12:37 PM

To Arman,

Ok, jugging by your comments we can assume that Windows is just a browser app itself.

That would explain why Windows is such a poor server. It's true purpose is just to run the browser that in turn runs everything else.

stormesj

# re: More secure @ Thursday, March 24, 2005 12:37 PM

>>I don't know what you mean by tightly integrated, it's not a term that I believe we've used. IE components ship as part of the Operating system so that other part of windows and other applciaitons can make use of that rich functionality. The benefits there are fairly clear, an application can incorporate rich HTML rendering as part of their user interface and benefit from any updates made available through Windows update.<<

This comment you made earlier Dave blows away your own argument.

If IE were not part of the OS it would be possible to replace its APIs with a substitute like Gecko and still have all the rich HTML rendering you speak of. But you can't, why? because the IE components are relied upon exclusively by the OS for it's rendering needs. Thus, using a bit of logic we can see that if the OS requires IE APIs to do something, then IE can be considered part of the OS. As I recall this was one of MSs arguments in court.

P.S. who needs Windows update? Most programs have their own built in, including Firefox. In fact, there is even an extension for FF that allows you to apply Windows updates just like IE does.

Scott

# re: More secure @ Thursday, March 24, 2005 12:47 PM

>>Firefox can WIPE YOUR ENTIRE DRIVE if you try to install it<<

LOL, pure bs.

Even if FF did manage to wipe your HD I would blame MS. Why would any 3rd party program on your computer be priviledged enough to wipe your HD? The answer of course is that you are running under an Administrative user, something which happens by default in Windblows.

Scott

# re: More secure @ Thursday, March 24, 2005 12:59 PM

Seriously, what OS today hasn't a browser included with the window-handling?
- Linux, mac, whatever..
It's expected, and Windows simply responded to that.
It's too bad for Netscape, but there goes..
The fact of the matter is that the browser as a software was never destined to be a product to be sold.
Nobody would buy Firefox, it's a freeware, developed as open source, enough said about that.

That's not the point of the discussion - which is whether IE is more unsecure because it's so deeply embedded in Windows as it is.

I'd say no, I would say it's unsecure because it's not content with rendering (x)html+css.
Css - if properly supported - can do a lot of things that you would otherwise need javascripts for, except in IE, where the support is insufficient.
*sigh*
Instead, it's supporting a host of other things, like mutlimedia, activeX, vbscript, jscript, etc, which pretty much is the cause of all our problems.

The greater the support for all the surrounding technologies is, the more powerful/unsecure the browser is expected to be.

Strangely enough, nobody ever specified, technically, why the OS aspect would matter when the issue was originally raised.
Is there anyone who could offer an actual case scenario for this?
I mean, specifically, technically, why exactly would it matter?
- How would it go down and why would it differ from how it would work if IE wasn't embedded the same way, but supporting the same technologies?

Mikael Bergkvist

# re: More secure @ Thursday, March 24, 2005 1:10 PM

One thing I've always thought strange is that Windows will recreate the iexplore.exe file if you delete it. If IE is not tied into the operating system in any way then what the heck is recreating the IE executable? I don't think IE can because it was the application that was deleted...

erik

# re: More secure @ Thursday, March 24, 2005 1:31 PM

To Mikael Bergkvist,

Your point is excellent. If I could replace the IE "Shell" with another "Shell" the way I can replace csh with bash in unix, that would do the trick.

I could have a restricted “shell”, like bash running in restricted mode. I could make this the default for my servers and terminal services sessions.

In schools and libraries and large common desktop arenas like call centers the ability to replace IE with a restricted but reasonably functional gui shell would be great.

That is why I view IE as less secure as I cannot simply replace it like I can on a Linux system. I have to “lock down” IE and hope an automatic update will not “open it up”.

On Linux I can setup a simple window manager like FluxBox and know the users have less of an opportunity to abuse it. In Windows trying to get rid of IE and still have a usable machine is almost impossible.

On Firefox deleting your hard drive:

I am not sure that FF can delete your hard drive but I know IE can. Just type c:\ in the Address box then Edit->Select all, then hold your shift and delete key. Answer yes if you dare.

You can also just type My Computer in the Address box then right click the drive you want and format.

Not sure if this is a bug or a feature, depends on your environment.

stormesj

# re: More secure @ Thursday, March 24, 2005 1:36 PM

For those that believe that an OS is comprised solely of kernel-mode processes, P'shaw. What about the explorer shell? Does browsing the filesystem in a user-mode app imply that the functionality that app provides is peripheral? For that matter, the GUI shell of windows, it's command line, or a bash shell or X session on Unix all run in usermode. None is dipensable (save possibly the X session).

In fact, I dare you to produce (or name) a useful desktop OS that does not include a vast collection of user mode apps (and a browser).

Yes, Notepad is part of the OS. A text editor is a neccessity. As is a browser. What good is a desktop system that isn't web-enabled? Should we regress to 1994 to achieve a "correct" OS, abandoning our current, infinitely more useful paradigm?

None of these questions address the real issue at hand though, which is one of comparative security between IE and Firefox. For this I can only offer this anecdotal evidence: Before My conversion to Firefox, my weekly ad/spy/malware scans removed an average of 30-50 Items. Since Firefox, it has been 0-2 consistently.

I must admit that IE presents a bigger target by virtue of it's market share. However, it also provides an easier target by it's support of ActiveX. In fact, IE seems to take a fingers-in-ears attitude about the existance of malicious code in a control, relying instead on the clunky "Security Levels" in Internet options. Configuration should have been much more granular. However, hindsight fixes nothing. We have to cut our losses.

The code that plays nice in IE could very likely be sandboxed safely. Perhaps the .NET CLI could help accomplish this. Short of this, I believe embedded ActiveX must be abandoned as an option if any reasonable security is to be attained.

BnWasteland

# re: More secure @ Thursday, March 24, 2005 1:45 PM

Does that mean you agree to document each and every use of any API that we can show IE to use?

me

# re: More secure @ Thursday, March 24, 2005 2:06 PM

"Does that mean you agree to document each and every use of any API that we can show IE to use?"

We already do. http://msdn.microsoft.com
We take this very seriously and our documentation team is constantly working to ensure that all the API's are adequately documented.

Dave Massy

# Wrong interpretation of the quote @ Thursday, March 24, 2005 2:42 PM

---------------------------------------------
The CNet article quoted is a bit light on detail, but to reiterate part of your quote:

"Not being in the operating system is a phenomenal advantage for us," Baker said.

Perhaps he was saying that since IE is "part of the operating system," Microsoft doesn't view it as having its own separate product cycle. This is very bad because an OS tends to have a multi-year cycle for features.

Until recently, Microsoft was saying that IE7 would wait for Longhorn. This would tend to reinforce Baker's statement that Microsoft sees IE as part of the OS, and therefore it must be on the same multi-year feature cycle.

---------------------------------------------

Alt-Shift-Dave

# Firefox @ Thursday, March 24, 2005 2:35 PM

The FireFox can be installed on Win32, Linux, Mac and behave in the same way everywhere.

This "market cornering" with supporting / not supporting some standards cost a lot of unnecessary work and injury to web developers, who are to observe all those browsers' whimsical quirks.

I think it would not be bad if web developers could organize something like "one million web developers" march on the headquarters demanding - "Observe the Standards! Let us program for the Internet in the consistent way!"

The whole world now works via browsers - airlines' web sites with timetables, Internet shops, railroad web sites, and so on and so forth, and still to support or not support the standard is decided by a single wunderkind turned businessman. This is not the right way to move forward.

Max

# re: More secure @ Thursday, March 24, 2005 2:37 PM

"No one is ready to pay what really bug-free code would cost."

Oh bullshit. How much *cash* does MS currently have in it's coffers? 40Bn ? Most of that was from your two cash cows, Office and Windows.

If you can't think of how to significantly improve the security of IE a fraction of that - say 500million dollars, then maybe that shows why you have the problems you do.

bassplayerchris

# re: More secure @ Thursday, March 24, 2005 2:42 PM

"Perhaps he was saying that since IE is "part of the operating system," Microsoft doesn't view it as having its own separate product cycle."

Baker's a she ;-)

John

# re: More secure @ Thursday, March 24, 2005 2:55 PM

We take this very seriously and our documentation team is constantly working to ensure that all the API's are adequately documented.

Ok. That's awesome. I heartily applaud any and all efforts to document any system/API/ABI, whether it's M$ or whoever. The best products usually have great documentation.

But where does compliance with standards get factored in? CSS2? Compliance with other W3C standards?

If M$ complied with agreed-upon standards, they would lose their vendor lock-in.

IE is the method they can keep organizations locked into their products. If you can only use a web application with IIS/AS2k3 (for serving), and only IE6 to view, you have the content, the delivery, and the endpoint all addicted to your products. M$ wants the whole internet left with one choice: M$ products.

Mr. Massy: please please please just make your product comply with the accepted standards of the internet (CSS2 namely). It would make my job (as a web application developer) much easier, and I would spend alot less time fussing over little differences in your interpretation of a 'standard.' I can tell you're truly concerned with the quality of your product, so take it to heart when I will put all over the sites I create "Best viewed with Mozilla." It's not because I'm a slashdroid, it's because coding for the 'moving target' of IE is much harder than coding to the (well-documented) standards accepted by everyone else.

Anonymous Penguin

# Sorry Dave @ Thursday, March 24, 2005 2:58 PM

It's clear that most of the people posting here are not developers, and/or do not know how exploits work or what they are talking about (you know who you are).

Yes, there are problems with ActiveX, let it go. Service pack 2 keeps everyone but morons safe from installing malicious code via ActiveX. If MS changes the way ActiveX controls work, it will break the thousands of useful controls out there that are used in intranets, plug ins, etc.

---------------------------------------------------

My observations after 5 years in top spots with the creative development teams in 4 major US corporations:

Firefox in general does not know the meaning of legacy code compatability (don't get me started on quirks mode).

Mozilla/Firefox fixes are generally developed after the web application works in IE.

Firefox is LESS reliable from an application development standpoint when code includes more than just HTML.

Internet Explorer is THE browser to build intranet applications for.

IE has an unrivaled feature set as a content delivery medium. Love the HTC controls and zero footprint .Net assembly deployment by the way :).

The IE team fixes issues.

---------------------------------------------------

If you are looking for a buggy browser to flame, join an Apple Safari forum. Personally I am very happy with Internet Explorer, and the windows functionality it is embedded in. I am looking forward to version 7 and the new functionality it will include.

BTW Dave: Thank you very much for your help with my overlayed AlphaImageLoader event stealing issue a month or so ago. After a workaround, the component works great and looks incredible.

We are all big fans of yours here.

Aaron de Zeeuw

# What about the rest of us?! @ Thursday, March 24, 2005 2:57 PM

I don't pretend to know the ins and outs of an OS but as a university helpdesk technician, I have to deal with people who's sole complaint is "the internet is broken." They don't care that IE is a "suite of tools for writing internet enabled applications, for processing and displaying HTML (and XML), for excuting JavaScript and VBScript, for connecting to and communicating with plugins, [and] for implementing security protocols." Most of my customers don't know the difference between an OS and a window manager. One thing they have in common though is a desire for their computer to work - first time, every time - even when they don't know how to scan for malware or configure a firewall. Call it coincidence, but the majority of the computers we check in for spyware and malware use IE as the primary OS. Most of our firefox users get their viruses and spyware from p2p or IM clients and have far fewer problems. Most of them enjoy the degree of flexibility and configureability given to them by firefox which seems to run contrary to MS theories of "simplicity by default." I can't say which app is more secure, but I know which causes fewer helpdesk calls. I vote firefox.

On a related note, several members of my family are completely computer illiterate, and no matter how many times I secure their systems and set them to autoupdate, I find myself defragging, scanning, updating, and uninstalling every few months. I installed ubuntu linux on their machines a few months ago, and what do you know.....everything's current, no defrags, no scans to run, everything runs fast and smooth. My sysadmin responsibilities went from 8 hours of scans to less than an hour of perusing log files. Until windows can respond to "average joe" user issues such as these, I will continue to advocate alternative OSs.

--on a side note - I don't want my browser running .vbs scripts. That IS unsecure.

mmHg

# re: More secure @ Thursday, March 24, 2005 3:15 PM

To Aaron de Zeeuw

"It's clear that most of the people posting here are not developers"

Oh yes, they are, and yes, a developer wants access, and to run his app, and I can completely relate to IE being very nice in this respect.
It is very comfortable in many ways.

BUT IE is'nt catering to developers exclusivly, is it?
No, a lot of ordinary people who couldn't care less about our woes and who most certainly aren't developers (you know who you are) has to be factored in too, because some of our apps are presented for these people.

The fact of the matter is that IE is a media tool for the general public, and not so much for intranets, surfing the web for lesiure, reading the news, reading about movies, downloading music, chatting, having fun and generally interacting with eachother.
They dont give a rats ass if developers like it or not, and if it's good for intranets or not.
Why not create an intranet-browser then, and sell that one?

All the general public know is that their cmputers are littered with crap that sneaked it's way in through their browser.

So, if it's ever decided if IE is infact more or less safe than for example Firefox, and if this is related to it being embedded in the OS or not, there's still the task of explaining that in terms that the general public can understand.

So, how can one explain away the fact that activeX messes things up for the ordinary user, who basically know nothing about security-levels, without telling a straightfaced lie?

Perhaps the right approach would be to split IE into two browsers, one for developers and intranets, and one for the rest of the world (you know who you are), who sees it as a tool for enlightment and fun, interacting with people all over the world, without risking frying their computer in the process.


I'd like to point out that I really enjoy IE for the most part, and it's my default browser, but it's age is definitly showing.
It's good news that IE7 is on it's way, because time has catched up with this one, that's for sure, and I - like many others - can only hope that it finally adheres to standards at long last.

Mikael Bergkvist

# why IE gets exploited @ Thursday, March 24, 2005 3:25 PM

Why do people exploit software? Here are some reasons:

1. it's fun

2. to get revenge on a person/corporation

3. money (adware)

Based on these reasons, open source software is theoretically less vulnerable; not for any technical reason, but simply because reason #2 usually doesn't apply. As someone mentioned earlier, some people exploit IE to get "revenge" on "evil" Microsoft. This desire for revenge doesn't really occur when dealing with OSS because OSS is generally free and is created in the spirit of helping people, not for profit. Also, since OSS is developed by a group of individuals, there isn't any specific person to hate.

This certainly doesn't eliminate reasons #1 and #3, which need to be dealt with in a more technical manner. Still, this leaves Firefox only 2/3 as vulnerable as IE.

Brandon Walsh

# re: More secure @ Thursday, March 24, 2005 3:21 PM

The first function I see is the 'DPA_LoadStream' function. Please provide accurate documentation of what it does, what the parameters mean and what it returns.

me

# re: More secure @ Thursday, March 24, 2005 3:34 PM

"This desire for revenge doesn't really occur when dealing with OSS"

Exactly the point I made earlier.
- One needs to create a friendlier atmosphere, gaining support from coders, more so than trying to police security by force, which historically never really worked.
It's how Firefox is viewed by the community that is different, not so much the actual software itself, which is probably not that much safer, technically speaking, when all is said and done, but it's besides the point, really.
- It's viewed in a different light.

The security gain from this rather simple, approach is potentially worth millions to certain buinesses because of this.

Mikael Bergkvist

# re: More secure @ Thursday, March 24, 2005 3:42 PM

> Aaron de Zeeuw
>
> Yes, there are problems with ActiveX, let it
> go...

Sorry, Aaron, can't. It has done too much damage. ActiveX was conceived by someone (or group) who had no future vision of how hostile the Internet would be. And for the mighty Microsoft to let it go as far as it did deserves a verbal lashing (over and over again). Now since you are a developer and much wiser than us mere mortals and you live in the Microsoft sphere, lets talk about the worst EULA ever created.

I don't know how you guys can sleep at night who work for MS when they push such a terrible thing on people. Especially for those who have tasted FREEDOM and don't want to settle for less. The lock-in/lock-out mentality has got to change. Our only hope for MS is it will die then be reborn a better company.

Sergio

# buahha ha haha... @ Thursday, March 24, 2005 3:45 PM

"Windows" is a collection of programs loading on DOS. Deal with it.

Windows is NOT an OS!

# The "more eyeballs" argument @ Thursday, March 24, 2005 3:40 PM

I have to call baloney on the "more eyeballs" argument that the OSS people trot out as a selling point for OSS. How many people have taken an extensive look at Mozilla's codebase? Other than the main developers, I would say the number is approximately zero - and Mozilla is in the top 5 of OSS projects in terms of use. If anything, it could be argued that the financial incentive that most closed source developers work under is a good reason that closed source is superior.

CSS Zealot

# Eyeballs @ Thursday, March 24, 2005 3:52 PM

Well, I'm not a main developer, but I've browsed through sections of the GRE when something crashed - which is actually a rather good time to examine a section.

I imagine a surprising number of users, well, unix users at least, have looked through the GRE.

Plus, probably a good fraction of the people developing against it, whether they are building browsers or other web apps.

nemo

# re: More secure @ Thursday, March 24, 2005 3:49 PM

To Mikael Bergkvist:

A lot of things have changed since SP2. ActiveX is optional by default now (yay for the yellow bar), and it's functionality has been replaced by zero footprint .net assembly deployment; which I assure you is well locked down. A lot (or most) of the exploits are fixed. Things are better.

The only remaining issue I can see are those who do not know to install the service pack, and I cannot imagine microsoft can do much more than they already are to ask users to update. As far as pre SP2 exploits on a SP2 box are concerned, I believe Norton AntiVirus with current definitions can rid you of those.

Firewalls are a dime a dozen now as well.

Your average users should be happy once they have taken the appropriate steps (SP2 and NAV).

I would like to some sort of skinning in IE, but there is really no need for it. You can skin the task bar, the window (and the OS) with windows blinds (stardock.com) and even use the IE API to build your own browser if you don't like the way it looks. Users are pretty accustomed to the IE UI anyhow, and it's far from an eyesore.

Aaron de Zeeuw

# Eyeballs @ Thursday, March 24, 2005 4:02 PM

Browsing through the code doesn't count. I mean extensive review where you are going to find logical or other programming errors. It doesn't happen in the real world. OSS developers are delusional in this regard.

finding nemo

# re: More secure @ Thursday, March 24, 2005 4:02 PM

"Your average users should be happy once they have taken the appropriate steps (SP2 and NAV)."

Untrue. SAV definitions do not always catch virii until after they are installed. Ever heard of SdBot? And SP2 works ok.....for now....but then there's SP3...SP4....oops time to upgrade....SP1.....SP2...etc.

me

# re: More secure @ Thursday, March 24, 2005 4:14 PM

I think everyone else here has pretty much beaten the security issue to death. As a web developer, I have another qualm--Make your browser compliant with the current web standards.

My current plan for creating a web site is as follows:
-Write the page to work on Mozilla
-Test it on all the gecko browers (netscape, mozilla, k-melon, opera, firefox, ...)
-Test it on lower leverl browsers (dillo, links, lynx, ...)
-Start adding css hacks till the site looks decent in IE.

Lansing

# part of the OS @ Thursday, March 24, 2005 4:27 PM

>I don't understand what people mean when they "IE is part of the OS". <

Dean you're the first post I pray you aren't as ignorant as to truely not have any idea what we're talking about.

When we say IE is part of the OS we mean it's part of the OS. Unlike notepad you can not remove IE. Word may come with the computer but you can remove it uninstall it. No matter what you do IE will always be there.

You can argue whether or not this is 'true OS integration' but whether or not the terminology is syntactically correct it's implied meaning is accurate. This is what we (the anti-MS) have a problem with. It's all fine and well to say IE is the greatest browser ever but if MS is truly about choice we should be able to remove it completely when we wish. We can not. We can 'not use it' but it's still there affecting our operating system.

Wolfkin

# re: More secure @ Thursday, March 24, 2005 4:34 PM

Well, it's obvious at what point the Slashdot crowd arrived. Be that as it may, I'm so pissed off with Microsoft right now for *completely* ignoring the web development community on the standards issue, and brazenly developing another version of IE which flaunts the standards to suit their own ends. But, I'm even more pissed off that MS never replies to criticism about their standards compliance. It's like if they ignore the problem it will go away.

I don't think I can face another non standards compliant IE. I'm seriously tempted to get out of the web development game if MS release IE7 with shitty standards compliance. The fight's just not in me any more :)

Eriatarka

# Sigh @ Thursday, March 24, 2005 5:34 PM

People don't read what's in front of them anymore. That's the real problem.

If people read the dialog boxes before blindly clicking yes, most spyware would not get on the system. This still leaves phishing attacks, but this is where updates to the browser come in to remove those exploits.

Case in point, how many posts in this thread were posted before the author bothered to read the thread and see that their comment had already been mentioned several times? (Ditto this point for /. in general :P )

Couple of points.
1) if you are concerned about security on a public computer, use group policy and a limited user. No activex installs, no OS changes....
Can even use Security Templates to roll the lockdown out easily once you decide on the exact environment you want.

2) The point about political climate is well said. One day someone at Firefox will do something to annoy someone else. It can't be helped where people are concerned. And then there will be a concerted attack on Firefox because of it.

3) Granted, home users don't have an IT department to lock down their systems for them. This pretty much guarantees that they'll run as admin in order to be able to install programs. Maybe XP Home could be re-arranged so that all users run as limited user and when a change to OS is warranted a friendly dialog asking for the admin password or some other auth (say image selection) would appear. This would be similar to the run user setup that popups now when setup is run. But it needs to be clearly articulated and disclosure of admin password should only be given to the user after an education wizard. Uninformed users will make uninformed choices. Would be tricky to implement but gotta be done someday.

4) on a related note.... developers, stop developing programs that rely on admin privileges. it shits me no end! if it requires some level of admin, do it through a service and restrict the interface to just what is needed. The number of LOB apps and Accounting packages that prevent me from getting customers to run in a limited account is too high!

*Will only respond to informed criticism*

Sigh-maker

# Guess What? @ Thursday, March 24, 2005 5:35 PM

We crushed you on your own blog.

John

# re: More secure @ Thursday, March 24, 2005 5:33 PM

"We crushed you on your own blog."

No I'm still here with a big smile on my face. I don't feel crushed at all :-)
There have been a few sensible comments, however many show that people have failed to actually read my original post.

Dave Massy

# re: More secure @ Thursday, March 24, 2005 5:42 PM

Microsoft won't commit to CSS2 in IE7 because frankly CSS2 is half-baked. If the W3C would do a good job with CSS2 it would be supported. I completely agree with not supporting standards that arent completely thought out.

CSS

# re: More secure @ Thursday, March 24, 2005 5:45 PM

Dave, how about an answer to the PNG image file (it's an easy one). Is IE7 going to support it or not?

tuco

# re: More secure @ Thursday, March 24, 2005 5:53 PM

So where's your documentation to DPA_LoadStream?

me

# re: More secure @ Thursday, March 24, 2005 5:51 PM

"Dave, how about an answer to the PNG image file (it's an easy one). Is IE7 going to support it or not?"
Sorry we're not discussing details of IE7 yet.

"So where's your documentation to DPA_LoadStream?"
Can you provide some background on where this function is and what it is used for? Then I can pass ont eh request to teh SDK team repsonsible. I'm afraid I am not familiar with every APi in Windows and certainly not aware of any use of such an API by IE.

Thanks
-Dave

Dave Massy

# re: More secure @ Thursday, March 24, 2005 5:53 PM

-- Yes, there are problems with ActiveX, let it go. Service pack 2 keeps everyone but morons safe from installing malicious code via ActiveX. --

And the "typical" windows user is... NOT a moron?

I'll just let that one go.

And CSS Zealot: if the "more eyeballs" theory is false, then why is apache (F/OSS) more accepted and more widely used (even on the windows platform) than IIS? Because M$ pays the IIS developers more and gives them better "financial incentives"? Ha.

M$ could pay each IIS developer 1 Bn. per year, and they still would not be able to overcome the install-base of apache.

If the 'many eyeballs' theory weren't true, then IBM, google, HP, Novell, RedHat, and anybody who uses linux must have their head up their ass, right?

Apache proves the 'many eyes' theory. Both in the number of dedicated users, and in the high quality of code.

And there are more examples (apache is fitting example b/c M$ produces IIS, and they do roughly the same thing). But the bottom line remains: OSS software is completely comparable (and in most cases superior, IMHO) to closed source alternatives.

Dave Massy: IE is your baby. It could be the best browser. Make it compliant to accepted standards, and don't make it the tool of the monopolist to keep us locked into a platform. Please please please just code to the existing standards without "innovating" new ones. I'm so tired of "innovation" from M$ so much so that when I hear that word, I just think: "Something else is going to be broken now."

Maybe I'm just bitter from a few thousand reinstalls (I've been using M$ products since i first booted MS-DOS 2.11 on a Tandy 1000).

I just want 2 features from IE: w3c compliance and uninstall. I would use windows much more if IE had those two things (I'm paid to develop whatever they say, hence I try to be platform-agnostic: I just like things that work).

But I'm a normal human being, not a corporate mogul or billionaire, so why on earth would M$ listen to me?

The only reason I'm writing this is so that some M$ bigwig might be reading this and feeling some part of my years of agonizing frustration.

I'm tired of lather, rinse, reboot. I'm tired of explaining malware to people.

I'm also tired of complaining about it, too.

Finally: Dave, fix your product and play fair with the rest of the market. Trust me, you'll sell more software, and the "slashdroids" will have fewer valid reasons to hate M$ (but you can't please all the people all the time, and slashdotters aren't the most forgiving group, I'll admit).

Anonymous Penguin

# re: More secure @ Thursday, March 24, 2005 6:06 PM

Here comes the FUD brigade: "CSS2 is half baked".

Hmm. Opinion. Even getting into that off-topic subject will cloud the discussion, so let's try some FACTS:

FACT #1) As a major player in W3.ORG, Microsoft CO-AUTHORED CSS2.

FACT #2) Along with other W3.ORG players, Microsoft AGREED to CSS2. As in, a concensus, a signing off, etc.

CSS support in IE was a HUGE benefit to MSIE 3.0, because it became clear Microsoft could affort to outpace Netscape by embracing standards as fast as they could be written.

Today, there's no reason to improve IE6 -- whose "oxygen supply" can Microsoft cut off by improving their free browser?

FACT #3) Bill Gates testified during the Microsoft trial that different software projects were instructed to damage interoperability with Microsoft products. Special attention was paid towards products that generated documents, such as FrontPage.

As a result, Microsoft FORKED a standard they co-authored, into a half-baked variant of HTML with loads of UNDOCUMENTED bugs in MS products that generate HTML. Conveniently, Microsoft bloated IE with "fixes" to support illegal HTML markup (such as improper nesting of tags, broken CSS box models, etc)

MSIE being the only browser that can render Frontpage HTML code is undeniably a competitive advantage!


Now here's the REAL problem:
MILLIONS of Microsoft customers designed products around Microsoft's version of HTML.

Microsoft will claim if they "fix" their CSS bugs, then backwards compatability will suffer.

This is of course rubbish, but there's just enough truth in it to persuade those who support Microsoft, that this giant is looking out for the customers. Sorry.

How can CSS2 be half-baked?

# re: More secure @ Thursday, March 24, 2005 6:12 PM

it is part of the shell not part of the os

when you cant even open your control panel your not happy

when you cant even press start your really not happy

al because it is essentially IE and spyware just got on there, and IE is so complicated you cant simply uninstall it and reinstall it

jason

# re: More secure @ Thursday, March 24, 2005 6:15 PM

More information on DPA_LoadStream may be found here :

http://members.ozemail.com.au/~geoffch/samples/win32/shell/missing.htm

It's one of the functions Microsoft agreed to document in the US DoJ settlement, and didn't. The wine devlopers see this call being made by a IE binary.

The problem with you Microsoft people is you publicly *lie*. Do you think you won't get caught out ?

jeremy

# re: More secure @ Thursday, March 24, 2005 6:41 PM

whateva, move over IE, firefox is taking over!

Dr Dogood

# re: More secure @ Thursday, March 24, 2005 6:51 PM

>"...Today, there's no reason to >improve IE6 -- whose "oxygen supply" >can Microsoft cut off by improving >their free browser?..."

Is IE really free (money wise)? Don't you have to purchase a license for the OS it runs on? And does the cost of that license add in the "free" HTTP user agent?

I dunno.

Thanx for the answer to the PNG, Dave. If IE7 doesn't support PNG fully... oooh... the tin foil hat theories could bear more truth than fiction. I think it would be politically benifical to do so. Just MHO though.

tuco

# re: More secure @ Thursday, March 24, 2005 7:19 PM

I still run Windows 98 but I suppose Windows XP personal addition is similar? i.e. No real concept of an admin user? Anybody can install and remove software?

This is what I think makes IE vulnerabilities more devastating. Anyone who finds an exploit has a good chance of taking over your computer because IE on a Windows-home-edition version is basically running as admin/root.

I imagine in a locked down Windows NT/2000/XP network environment where users are logging in as users with limited privileges that the chance of an exploit in IE causing damage are much more limited.

Personally I agree with Dave. Having the IE libraries as part of the OS (not the kernel!) is not inherently bad security wise. And I do see the benefits. The problem is IE running as admin/root on home-edition environments. Firefox also has the same exposure on Windows home-edition versions.

Posters have said "well if there is a hole in IE then the whole operating system is effected". I don't think that's necessarily the case. It is only the case if that code runs in the kernel as a privileged user. Which according to Dave's post I don't think it does. The problem here is people are confusing OS with kernel. Slashdotters: OS=Debian,Redhat,Suse,Mandrake, ... etc, Kernel=Linux.

I think Firefox is more secure than IE for other reasons, but in general I agree with Dave's post.

That said, I'm no expert. Does anybody out there know of any vulnerabilities in IE that would not have happened if the APIs weren't part of the OS? I see a lot of flames on this board but nobody really countering the argument in Dave's post with any facts, just wild speculation and half-baked theories.

David

# re: More secure @ Thursday, March 24, 2005 7:46 PM

"...That said, I'm no expert. Does anybody out there know of any vulnerabilities in IE that would not have happened if the APIs weren't part of the OS?..."

I'd have to look into this one again. But remember last July(?). Crackers put together an exploite in IE (listed as not critical and not fixed) with one in IIS. Then, somehow, cracked banks running IIS and when someone connected with IE, they could intercept their user/pswd and therefore account info that was sent to a server in Russia? The exploited banks were a guarded secret too (which is bull crap). You were safe if you didn't use IE. So was it ActiveX or a RPC or something? Since other HTTP user agents weren't affected, I speculate it was a "feature" of IE tied to the OS but I only going off a fading memory of the incident.

tuco

# DS @ Thursday, March 24, 2005 8:31 PM

GO AWAY IE.

DSHJUT

# re: More secure @ Thursday, March 24, 2005 8:43 PM

long debate ... phew!
how about open sourcing Internet Explorer? lol!
i think it would help sort out a lot of issues without much trouble.

tux

# re: More secure @ Thursday, March 24, 2005 9:04 PM

Oh great, more slashdot 12-year-olds. *yawn*

anon

# re: More secure @ Thursday, March 24, 2005 10:54 PM

I never liked IE. Terrible browser since its debut. Making the browser a part of the OS is just stupid. It's all a monopoly ploy. Other OS'es fare better in browsing without hardwiring it into the OS. Isn't IE and Windows the only operating system/browser that does this?
Anyway, I never use my pc online. Period. It's just terrible the crap IE lets into my computer. And EVERY person I know has endless plagues of BS problems due to IE. It's just the worst thing for a user experience to have tons of pop ups, spyware, and self executing nonsense happening all the time.

yEap!

# re: More secure @ Friday, March 25, 2005 12:18 AM

I actually liked IE embedded to the OS. It made me switch from Netscape to IE5 because IE5 was so much faster. It's faster to load up than Firefox. But after reading all the articles about IE's security flaws, I'm scared to even open up IE. I sacrificed the split second time difference for security and have stuck with Firefox.

Shouldn't Microsoft address these fears, or are they hard facts that Microsoft cannot defend? Or perhaps, Microsoft's client base is so big that they have forgotten the little people?

As for Microsoft bashers, could we have a more intelligent discussion instead of a religious war (put your bitterness aside). There's so many questions that Dave Massy has left unanswered. Give the guy a break so he can actually answer intelligent questions. Snide remarks will only make him gloss over the really tough questions. If they still remain unanswered, I will assume he is unable to defend Microsoft.

Browser Newbie

# re: More secure @ Friday, March 25, 2005 12:16 AM

>
> " ...
> any software has access to the same set
> of OS APIs and can therefore expose the
> same set of OS functionality as IE.
> ... "
>


Ok, so what you are actually saying, is that the security of IE is really highly dependent on the security of the underlying OS, and that any security flaws found in IE are not really IE's fault but the direct result of flaws found in the underlying operating system ? Which also implies that this means that this will not only cause IE to be insecure, but all other applications running on the same operating system as well ?


Food for thought ...

Anonymous Coward

# re: More secure @ Friday, March 25, 2005 3:51 AM

DPA_LoadStream is an undocumented function of the comctl32 library, and it is called by browseui.dll .

If you are for real, you could instead use <a href="http://members.ozemail.com.au/~geoffch/samples/win32/shell/missing.htm">the list posted by Jeremy</a> that contains all apis that Microsoft should have documented as part of the settlement, neatly organised in one page.

me

# re: More secure @ Friday, March 25, 2005 3:52 AM

Hmm, second try.

DPA_LoadStream is an undocumented function of the comctl32 library, and it is called by browseui.dll .

If you are for real, you could instead use the list posted by Jeremy that contains all apis that Microsoft should have documented as part of the settlement, neatly organised in one page:

http://members.ozemail.com.au/~geoffch/samples/win32/shell/missing.htm

me

# re: More secure @ Friday, March 25, 2005 6:32 AM

Thanks for the link. Sorry I had missed it before as it was part of the confused flood if less than clear comments that came in yesterday.
I'll forward this off to our documentation team for their attention.
As I said before the documentation of APIs used is something we are committed to.
Thanks
-Dave

Dave Massy

# re: More secure @ Friday, March 25, 2005 7:07 AM

Browser Newbie wrote "There's so many questions that Dave Massy has left unanswered. Give the guy a break so he can actually answer intelligent questions. Snide remarks will only make him gloss over the really tough questions. If they still remain unanswered, I will assume he is unable to defend Microsoft. "

I'll be happy to answer the questions I can. If you'd like to post the questions you'd like to see answered I'll do my best. As you say it's becoming difficult to separate the wheat from the chaff here. There seems to be some almost willful misinterpretation of my original post so I encourage people to read that first or I'll be repeating myself.
Thanks
-Dave

Dave Massy

# re: More secure @ Friday, March 25, 2005 7:18 AM

Yeah, right...
IE is really an ESSENTIAL part of Windows operating system? From when? The 'first real 32 bit OS, Windows 95'? Heck, no... Microsoft considered Internet for just being a "hype" back then and the only thing that they provided, but it wasn't enabled by default, was TCP/IP protocol... After they saw the internet users going up, they have released OSR2 with IE built-in, but not yet tightly integrated part of Windows...

But then came Windows 98... Windows 98 had MSIE already integrated, 'explorer' being as well as 'explorer' and 'iexplore', but someone had an idea of creating a package, that kept a explorer from the previous version of Windows (95) and 2 or 3 libraries, and by properly installing that package, Presto! You could make Windows 98 work without Internet explorer...

After that, those kind of people just gave up, because in Windows ME / 2000 / XP, Microsoft started to work on preventing that 'win98 without IE' disaster to repeat, by tying up IE and other libraries closely together...

And on the side note, the lawsuit, that ordered Microsoft, that unbundles the IE from Windows was never met... (read more here: http://www.microsoftusernetwork.com/bgfn/antitrust/monopolylawsuit.htm )

But, OK... That can be discarded as 'old stuff'...

The question here is that if 'IE is an essential part of the Windows Operating system' or not? No it isn't... It never was... But it does all comes to the 2 points of view...
1) from programmer's view to tie up things so closely together is the bad engineering... Because changing a child behaviour changes parent's one, and not the opposite...
2) From business view that integration IS essential. IE and Widows cannot be separated, because the financial loss would be enormous... People would *have* to download a browser, probably NOT IE, and would probaby never wanted to use such services as MSN or Hotmail... That would be just soooo wrong...

Oh, yeah, and um... There were some talks about security and such? You have to be REALLY specific about which part is so closely and tightly monitored, that it doesn't comes to vulnerabilities? JScript? (JScript) JScript is known to be very vulnerable... Specially in combinations with activeX (read spyware / virus upload), there was a time (IE5 / IE 5.5, I think), that you could read from or write to the users hard drive remotely, you could open a CD drive bay remotely with JS... Or maybe secure is the IFRAME buffer overflow vulnerability present 'till winXP SP2? Or maybe these unpatched vulnerabilities shown here: http://secunia.com/product/11/#advisories
Do you want me to continue, or should everyone be happy with 'tight integration' and 'very secure' way the IE is developed... There is one reason only, why Windows is that successful: The MS's PR can bullshit a shitload of 'get the facts' when there is nothing, that is even WORTH using IE...

onemore

# re: More secure @ Friday, March 25, 2005 7:24 AM

I'll be deleting comments that use offensive language. I've probably been over tollerant until now.
Plenty of people manage to comment and convey their point of view without using offensive language. I'd ask everyone to do the same.

Thanks
-Dave

Dave Massy

# re: More secure @ Friday, March 25, 2005 7:44 AM

figures.

noone

# re: More secure @ Friday, March 25, 2005 7:53 AM

You could actually leave the entire post, but filter out the offensive words...
I still stand behind my post and claims, that there is a huge difference between thinking of 'making secure application', making a secure application and what PR says about that 'secure' application and the 'get the facts'...

If microsoft has a bad reputation of what it does and how it's doing it, it surely deserves it...

noone

# re: More secure @ Friday, March 25, 2005 8:00 AM

The tool we use does not allow us to edit individual comments. Even if it did, I have more important tasks today than censor individual comments on my blog. Keep it clean and avoid abusie comments or it will be deleted. Anyone should be able to make their point without being offensive. If you cannot then you are free to post on your own blog and link here.
Evidence shows that work around security such as that undertaken in Windows XP SP2 has helped users remain safe. Turning around a reputation even if undeserved takes time.

Thanks
-Dave

Dave Massy

# re: More secure @ Friday, March 25, 2005 8:23 AM

With Microsoft's bussines model like that that reputation is not really likely to change...

noone

# re: More secure @ Friday, March 25, 2005 10:32 AM

Dave Massy said :

"As I said before the documentation of APIs used is something we are committed to."

No Dave, that's *not* what you said. Re-read your own words. What you really said was this :

"To be clear there are no Operating System APIs that IE uses that are not documented on MSDN as part of the platform SDK and available to other browsers and any other software that runs on Windows."

Now that's been demonstrated to be a lie, hasn't it ? Can we have an apology and a retraction please ? What's the matter, legal department got your tongue ?

You started to get in trouble when you nailed the browser into the OS to *kill* Netscape. No other reason. Now you've had to defend that decision in court you can't back-track, can you ?

As anyone who knows a little about software engineering would tell you, that was a *dreadful* mistake, security-wise. I even got Robert Scoble to admit it once on his blog.

But you just can't say that can you. Not now it's been in court. These legal cases will be the death of you....

Jeremy.

jeremy

# re: More secure @ Friday, March 25, 2005 10:36 AM

Typical msspeak. You are a wannabee lawyer, not an engineer: "I don't believe I ever used the word(s) _____." The last "engineer" I met from ms had a degree in urban planning. In my state, you need an accredited degree in a real engineering discipline to even think about calling yourself an engineer. Ms seems to keep reinventing the wheel in the Algol-based language du jour. Keep coasting. No wonder Firefox and Linux's market share keeps increasing at a phenomenal rate.

p

# re: More secure @ Friday, March 25, 2005 3:20 PM

jeremy wrote: "Now that's been demonstrated to be a lie, hasn't it ? Can we have an apology and a retraction please ? What's the matter, legal department got your tongue ?"

Jeremy, I object very strongly to be called a liar. This has not yet been demonstrated to be true and we are looking into it as we do with all such questions that come in. If this is proved to be the case it is still not a lie unless I wrote something with full knowledge that it was not true.
To my knowledge we document all used APIs. If we find that not to be the case then we will update our documentation to ensure that it is.

-Dave

Dave Massy

# re: More secure @ Friday, March 25, 2005 3:48 PM

If you don't want to be called a liar, don't write things like :

"To be clear there are no Operating System APIs that IE uses that are not documented on MSDN as part of the platform SDK and available to other browsers and any other software that runs on Windows."

followed by a weasely back-track of :

"To my knowledge we document all used APIs"

Not quite as strong as your first statement, is it ? If you'd have said that in the first place I wouldn't have reacted so stongly. I'd have thought you were maybe willfully ignorant but not a liar.

Don't make claims you're not 100% sure of. Especially when you're currently under anti-trust investigation. I hope that's a lesson you remember.

Jeremy.

jeremy

# re: More secure @ Friday, March 25, 2005 4:08 PM

Jeremy,
When I made the claim I was sure it was true. I would not have made the claim if I was not confident. A question has arrisen that calls the accuracy into quesiton. As a result I have forwarded it to the relevant teams so it can be addressed. None of that makes me a liar and I take that accusation personally.
We welcome feedback so we can correct errors and improve things. I ask that people be respectful when giving feedback. I will not tollerate insulting, obscene or offtopic comments here, and in future they will be immediately deleted. Many people manage to comment here and disagree with me without resorting to insults. I fail to see why you cannot do the same.
-Dave

Dave Massy

# re: More secure @ Friday, March 25, 2005 4:28 PM

Ok, maybe I was too strong in calling you a liar, but I have a long history with Microsoft and, let's just say, your propensity for stretching the truth in these matters. That's including a VP of Microsoft.

If indeed you honestly believed that you do document all your API's then I apologise for calling you a liar.

But let's be direct - do you honestly believe all the complaints about hidden API's are groundless ? Do you think it's all a conspiricy by your competitors ? Don't you think some people might be legitimately pissed off because you deliberately hide API's that your code uses that you won't document for them. Don't you think that the people bringing the anti-trust case might have some legitimate complaints ? Or is all rosy in your garden in Redmond, and you don't like to look outside ?

How much history do you have at Microsoft ? Do you not remember Andrew Schulmanns "Undocumented Windows" ? Do you believe the company has done any wrong ? Don't you think it's time you changed and become adults who can co-operate with the rest of the computing world rather than childishly trying to dominate it ? IBM changed, can you ?

Jeremy.

jeremy

# re: More secure @ Friday, March 25, 2005 4:29 PM

This brings up an interesting problem with bloggers. There you are, out there, making claims that are demonstrably incorrect with a trivial google search. Not your fault I supose, you seem to believe what your marketing department tells you is the truth about your complience with the various legal settlements you've entered into. But what if they're not telling you the truth ?

But you're putting this stuff out on the web, and eventually you run into someone who *knows* better, who has been involved in the legal cases, who has real knowledge of what your company has done behind the shiney PR facade.

Your marketing people shouldn't be exposing you to this - it's not fair of companies to allow their employees to misreprepent them on the web, by ignorance or not. Scoble suffers from the same problem. He doesn't like to look in the mirror at the Microsoft behind the friendly words and PR statements.

Neither, I suspect, do you.

Jeremy.

jeremy

# re: More secure @ Friday, March 25, 2005 4:40 PM

Jeremy,
Thankyou for that.
We have worked over the past years to steadily improve the documentation of APIs and it is no longer appropriate to base information on books from a few years back in this regard. To my knowledge we have documented everything used by Internet Explorer, if that proves not to be the case then it will be corrected. In a complex software engineering project it is possible to miss things and while it is easy to jump to the conclusion that it might be deliberate I can assure you that it is not. We take the responsibility very seriously and are constantly looking for ways to improve.

Thanks
-Dave

Dave Massy

# re: More secure @ Friday, March 25, 2005 4:51 PM

>> Jeremy,
>> When I made the claim I was sure it was true. I would not have made the claim if I was not confident. A question has arrisen that calls the accuracy into quesiton. As a result I have forwarded it to the relevant teams so it can be addressed. None of that makes me a liar and I take that accusation personally.

That reminds me of the original Blues Brothers movie:
"You lied to me."
"Not lies, just bull$%^&."

Nobody likes being called a liar. I don't think Dave Massy was willfully bearing false witness (he was making an overstatement).

But I feel as though I need to whine incessantly and call names to get a response from anyone at M$.

And in the end, you can always count on microsoft to be right. They are always right, and even when they might be wrong, they are always right. That attitude really rubs me the wrong way.

Why not just give us 'straight talk' instead of: "forward it to relevant teams so it can be addressed." When I hear people talk like that, I immediately think fast-talking-snake-oil-salesman.

I would much rather hear: "My comments about documentation were an overstatement. That doesn't make me a liar. But more importantly, the documentation will be provided."

My experience has taught me that being honest isn't the easiest thing to do, but people will *always* have respect for an honest opinion.

Honesty and integrity will never go out of style. It would be nice if M$ would be humble enough to recognize this.

Anonymous Penguin

# re: More secure @ Friday, March 25, 2005 4:59 PM

Just a friendly reminder for all of you "FireFox is infallible" bloggers out there.

<a href="http://www.computerworld.com/securitytopics/security/holes/story/0,10801,100585,00.html?source=NLT_SEC2&nid=100585">Mozilla releases patch for another Firefox hole</a>

Just because FireFox is Open Source does not necessarily mean that it is more secure. I understand all of the complaints against MS and even see some very valid points it them. Yet, I also think that Mr. Massy is not out to decieve anyone. He is merely rebutting a comment from a competitor.

There are a lot of posts on here that have good, <b>informative</b> information. Why not keep it that way so that maybe we can all learn something about both sides. If you resort to flaming, you are not really helping or hurting the situation, rather you are just being retarded and ingorant. (Do you honestly think that MS has not heard "IE sucks" before?)

I think that this post presents a good opportunity to talk about the issues facing both sides in an intelligent and respectable manner.

Just my 2 cents

miahrugger

# Is IE essential for Windows? @ Saturday, March 26, 2005 9:24 AM

Dave said: "IE is an essential part of the Windows Operating system."

If this is true then why can I get away without using IE?

I've never had to use IE to do anything, so why is it essential?

I hope you can clear this up for me Dave, because your statement seems to imply that one can not use Windows properly without IE.

Rowan

# re: More secure @ Saturday, March 26, 2005 11:38 AM

Rowan Said:
>>If this is true then why can I get away without using IE?

I can help you out there Rowan. When he says "essential", he does not mean that it is not possible to use the operating system without firing up ie and browsing msn. He means that if you were able to remove all of the IE code from your system (which of course you are not, thus the antitrust lawsuit) then your system would not run (or even probably compile).

You can never run it, or even 'remove' it in an attempt to keep its fun security holes closed, but you can never entirely be rid ot it, It's kind of like some STDs really.

Ashton Honnecke

# re: More secure @ Saturday, March 26, 2005 11:32 AM

Rowan,
I thought I'd been clear. Of course you can use a browser of your choice with windows, we've always been clear about that. However parts of the Windows operating system and other applications rely on the components of IE for rich content rendering amongst other things. These include the help system and applciations such as Money, Encarta and the AOL client amongst many others. If IE were not part of the operating system these other parts of Windows and other applications would not work. Therefore IE and its components are an essential part of Windows.
Thanks
-Dave

Dave Massy

# re: More secure @ Saturday, March 26, 2005 3:20 PM

Did you ever address this question?

Eric W - 2 wrote:

Dave: If you have the time, and are in a position to speak further about this issue, I'd love to hear your thoughts on how IE does not create more problems than it solves by being so tightly integrated to the OS?

Browser Newbie

# re: More secure @ Saturday, March 26, 2005 6:05 PM

Browser Newbie,
I thought that was explained in the original post. If you have a question I will do my best to answer it but this is asking for comment on something I have already explained. It is also a deliberately leading comment as we've never used the term "tightly integrated".
Sorry if I sound a little frustrated but I've already repeated myself more than once in the comments here as people have willfully misinterpreted what I wrote.
-Dave

Dave Massy

# re: More secure @ Sunday, March 27, 2005 3:49 AM

The IE functionality is used by other applications in various ways, so it's a 'service' supplied by the OS, even though it's not absolutly required for the OS to function for a great number of other apps.

That's not hard a concept to grip.

The question is whether this particular service is flawed, and thereby rendering the OS as a whole insecure.

Thing is, even though FireFox might be every bit as insecure as IE is, it's not used by other applications as IE is..
That means that FireFox flaws remains within the FireFox realm and is not transferred to other applications, thereyby offering other points of entries for attacks.
- Like through outlook a couple a years ago, for example.
I doubt that anything in Office or Outlook is specifically compromised by FireFox flaws other than very indirectly.

So, IE is infact more insecure as a result of being a part of the OS - for other aplications - because there are more points of entry to exloit.

But strictly speaking, IE is as safe as FireFox is, if we compare the browsers as such and not how they are associated with other applications.

Now, that means that one cannot state explicitly that IE is more unsecure, only that the possible ramifications of flaws in IE are bigger than of flaws in FireFox.

- This is partly the case because IE is used more often by developers, and there's no guarantee that FireFox might not end up in the same fix if used in the same manner for the same amount of apps/tasks.

Mikael Bergkvist

# Another question @ Sunday, March 27, 2005 6:40 AM

Thanks for answering Dave.

Now I have a somewhat off-topic question; I was wondering if it's possible to get the complete IE source code the same way that OSS source code is available.

I saw some other posts that mentioned we can't get IE's source, but no one denied nor confirmed those claims.

Rowan

# Standards compliance @ Sunday, March 27, 2005 8:43 AM

Dave: I am curious why Microsoft hasn't chosen to be more W3C standards compliant with Internet Explorer? I currently work developing enterprise applications for a health care firm and obviously need to test to make sure that the web pages I develop fully work in Internet Explorer and Firefox. I routinely get things to work well in Firefox using clean and simple Javascript and CSS only to have to completely scrap my approach because it doesn't work at all in Internet Explorer.

Jim

# re: More secure @ Sunday, March 27, 2005 12:05 PM

Rowan wrote: "I was wondering if it's possible to get the complete IE source code the same way that OSS source code is available."
I'm not going to engage in the open vs closed debate here. This debate is well covered in other forums. See http://www.microsoft.com/resources/sharedsource/default.mspx for Microsoft's shared source programs.

Jim wrote: "I am curious why Microsoft hasn't chosen to be more W3C standards compliant with Internet Explorer..."
This has been well covered by Chris Wilson on the IE team blog at http://blogs.msdn.com/ie/archive/2005/03/09/391362.aspx">http://blogs.msdn.com/ie/archive/2005/03/09/391362.aspx where it has been endlessly debated in the comments as well. We've acknowledged that since IE6 our implementation for some parts of CSS has fallen behind and that we hope to address this as we move forward. I am always slightly amused by statements such as this some of which go even further and state the we are "refusing to adopt W3C standards". We completed full support for CSS1 and key parts of CSS2 in IE6 and at that time few people were making use of the functionality, as a result resources were focused elsewhere. Since then more and more people have started to adopt CSS which I think is fantastic, and issues with our implementation have as a result come to light. At no time have we refused to adopt W3C standards and such inflamatory language is unhelpful to a useful debate.
Again I apologise if I sound frustrated but it does seem to me that we've said this often on this blog and the team blog at http://blogs.msdn.com/ie and Channel 9 at http://channel9.msdn.com/
On the team blog Chris asked for specific feedback around this issue. I encourage you to read that post and give specific feedback.

Thanks
-Dave

Dave Massy

# re: More secure @ Sunday, March 27, 2005 12:52 PM

Dave, there's no need to feel frustrated.
- On some level, you must have expected some of this, but there's nothing personal to anything stated here though, I'm sure.
IE is universally accepted as a fair winner of the browserwars as it where, being a much better browser than netscape was at the time, regardless what the motifs may have been for developing it.
You dont have to defend what it has been up until now, IE lead the pack for a long time, and it might very well continue to do so.
- But being there for so long means that people developed some pretty passionated opinions about it.
- Hey, better that, than not being noticed at all, right?
(*snif*)

Mikael Bergkvist

# re: More secure @ Sunday, March 27, 2005 5:58 PM

Wow Dave, lots of comments, people are very passionate about Internet browsers apparently.

ieSpell looks really cool, thanks for mentioning it. I usually just type things in OneNote and then C/P.

@Matthew

Matthew Weyer

# re: More secure @ Sunday, March 27, 2005 10:55 PM

At the very start of all this was the assertion:

To be clear there are no Operating System
APIs that IE uses that are not documented
on MSDN as part of the platform SDK and
available to other browsers and any other
software that runs on Windows.

This is indeed what Microsoft has represented to the courts, albeit with later corrections. However, it is untrue except possibly with very heavy and careful qualification. Inasmuch as anything in the discussion that followed depended on this assertion, none of it should be allowed to stand unchallenged.

As far as I can tell, the only way the assertion might be made to look true is if we allow a very artificial separation in which each of several important DLLs is part Windows and part IE. That would fit an observation that IE is so much part of Windows that they cannot sensibly be separated, but it would make nonsense of the assertion (and also of the settlement that brought about the documentation described in the assertion).

For instance, most people would look at SHLWAPI.DLL and think it obviously a Windows component. Many would look at SHDOCVW.DLL as an IE component, not least because Microsoft itself has suggested that the SHDOCVW version can be used as a way to determine what IE version is installed.

But consider that SHLWAPI exports a function SHAboutInfoW which is used by SHDOCVW. Microsoft does not document this function, and so we must say from your assertion that either the part of SHDOCVW that calls this function is a part of Windows, or that the part of SHLWAPI that implements it is a part of IE. If we allow this, then the assertion is true only by the tautology that Microsoft gets to define what code fragments count as IE or Windows no matter what DLL they're in.

If we divide the DLLs, perhaps naively, such that COMCTL32, SHELL32 and SHLWAPI are Windows but BROWSEUI and SHDOCVW are IE, then Microsoft has underdocumented by at least several hundred. I'll go into any amount of detail that you like, but in a blog, perhaps it suffices just to note that the assertion is dodgy and any argument built on it is unsound.

Geoff.

Geoff Chappell

# re: More secure @ Monday, March 28, 2005 6:35 AM

Geoff,
Please offer evidence that "Microsoft has underdocumented by at least several hundred". If there is something not documented then that will be fixed, and we are investigating some isues raised in the comments here. I'm not going to discuss legal issues here as I am not a lawyer, but as I have said repeatedly here we take this issue extremely seriously.
Thanks
-Dave

Dave Massy

# re: More secure @ Monday, March 28, 2005 10:07 PM

Dave,

As I said, I'm happy to go into details. I just didn't think you'd want me to stuff your blog with large amounts of technical detail from a site that you have anyway been told about already.

The site presents a survey of functions implemented in three shell DLLs (namely COMCTL32, SHELL32 and SHLWAPI), with notes on their history and on the use that Microsoft currently makes of them. Some are treated to an attempt at documentation.

The page www.ozemail.com.au/~geoffch/samples/win32/shell/settlement.htm introduces the particular issue of what such a survey may say about Microsoft's documentation of shell functions for the court settlement.

Another page, namely www.ozemail.com.au/~geoffch/samples/win32/shell/missing.htm, lists several hundred functions that are implemented in one of these three shell DLLs (almost all in SHLWAPI), and were not documented for the MSDN (by late 2004), but which are used by one or more executables such as BROWSEUI and SHDOCVW that arguably count as components of Internet Explorer (or other Microsoft Middleware).

I don't doubt that Microsoft takes "extremely seriously" its obligations about API disclosure in the settlement. I have no trouble at all believing that a lot of people at Microsoft have worked very hard and honestly at the issue. However, I wonder if the work counts for much if it was designed from the start to favour revealing as few APIs as possible - and, of course, I wonder who checks Microsoft's work.

This is not merely cynical. It seems justified by some simple plausibility checks (and I wonder who at Microsoft or the relevant compliance authorities has raised these checks).

For instance, of all the many hundreds of SHLWAPI functions that were undocumented at the time the first list of API disclosures was released (in 1992), all Microsoft's efforts at compliance resulted in the documentation of just one more. Didn't that strike anyone at Microsoft as being strange enough to question the success of Microsoft's effort?

Some SHLWAPI functions have subsequently been documented (in 2004, as far as I can tell), but the selection is sometimes not plausibly complete.

At a simple level are examples such as some function getting documented while an obvious counterpart does not (e.g., IStream_Read and IStream_Write).

More complex is the example provided by SHLWAPI's "stop watch" profiling facility. The functions StopWatchFlush and StopWatchMode are now documented. Didn't anyone wonder about investigative methods that turn up a "flush" function and a "get mode" function but no functions at all that actually enter data into the profile? If they had, they might have noticed that among such functions, StopWatchA is called from IEXPLORE.EXE, so there is absolutely no credible argument that it ought not be documented for the settlement.

Other really simple plausibility checks arise just from Microsoft's own names. For instance, a COM interface named IBrowserService is implemented in SHELL32 and so is presumably a Windows API. Among its members are functions named IEGetDisplayName and IEParseDisplayName, which at least suggest use by or for IE. It's only natural then to ask how IBrowserService can have escaped documentation.

Many plausibility checks will of course have reasonable explanations, most likely just as matters of how exactly to interpret the terms of the settlement. I leave it to the court, the plaintiffs, the Technical Committee or whoever to press for explanations, if they care. My point is just that your assertion at the start of all this discussion is not as plain as it reads - and nowhere near as plain as it needs to be if any arguments are built on it.

Geoff.

Geoff Chappell

# re: More secure @ Tuesday, March 29, 2005 7:06 AM

Geoff,
As I explained previously we are investigting the issues raised by the particular URL you mention. I'll also follow up with teh documentation team to check the otehr API's you mention. I still stand by what I said previously that the APIs IE makes use of are documented. As exceptions are found we document them. I see no evidence however to your original claim that "Microsoft has underdocumented by at least several hundred".
Thanks
-Dave

Dave Massy

# re: More secure @ Tuesday, March 29, 2005 7:01 PM

Dave, what would ever count as evidence for you?

The original claim is that "if we divide the DLLs, perhaps naively, such that COMCTL32, SHELL32 and SHLWAPI are Windows but BROWSEUI and SHDOCVW are IE, then Microsoft has underdocumented by at least several hundred."

I have given you a list of several hundred functions that: are exported from COMCTL32, SHELL32 or SHLWAPI; are each imported by one or more of BROWSEUI and SHDOCVW; and are not documented by Microsoft (at least, not by late last year).

The list plainly makes good on exactly the points of the claim. It is evidence, to be interpreted and assessed. Its accuracy is up for dispute, e.g., by asking how to verify that each function is actually used as I say. Its relevance is up for dispute, e.g., by denying my supposition that SHDOCVW is an IE component such that every Windows function it calls must be documented.

There may be any number of other ways the evidence might be disputed, but while you say just that you "see no evidence", you have no credibility as a serious interlocutor. I leave you to your blog.

Geoff.

Geoff Chappell

# re: More secure @ Tuesday, March 29, 2005 9:53 PM

Geoff,
I'm sorry but all I see here is theory adn assumption without any real fact. When we have evidence we can look into it. I've never denied shdocvw is an IE component and the functionality that it uses in the OS is documented. If it is not then that will be corrected. I see no evidence to support your claim. If you don't feel I have credibility then I guess we will have to agree to disagree but I'm tired of claims being made in comments here without any supporting evidence.
Thanks
-Dave

Dave Massy

# re: More secure @ Wednesday, March 30, 2005 6:53 AM

Dave, theory and assumption without any real fact?

OK, it's not real fact, as much as anything ever is real fact, until enough independent analysts check what's presented, but what is presented is certainly more than theory and assumption.

You have been given a list of functions that match the conditions of the claim. This list wasn't invented from thin air. Each function implemented in any of three important Windows DLLs is presented with a list of the Microsoft executables that are known to import the function. The method by which this is known is described, so that you (and others) can check, assess and dispute. Of all the functions implemented in these three Windows DLLs, I extract the ones that are imported by BROWSEUI, SHDOCVW and a handful of others, and which Microsoft does not yet document. The list runs to hundreds.

And you say this is not evidence to look into?

Dave, dispute the methods, dispute the relevance, dispute what I claim as deductions or inferences, dispute the application I suggest to the terms of the settlement, etc, etc. But while all you say is that you see no evidence, it's not that I feel you have no credibility: it's that hardly anyone would feel you have any credibility.

By the way, I do not say you ever denied that SHDOCVW is an IE component, just that for anyone to do so would be one tack for disputing the relevance of my list. It is I who have allowed all along that SHDOCVW might not count as an IE component in the sense of the settlement.

Geoff.

Geoff Chappell

# re: More secure @ Wednesday, March 30, 2005 6:58 AM

Geoff,
There are plenty of funcitons internal to IE that the different components use. I stand by the statement that we document any API of the OS that IE uses so that they are available to any 3rd party software. When we find OS APIs that IE uses that are not documented then we go out of our way to document them.
Thanks
-Dave

Dave Massy

# re: More secure @ Wednesday, March 30, 2005 3:51 PM

Well, since you stopped making IE for other platforms, much of this is irrelevant to me. I use FreeBSD and do not have security problems, and I run Firefox, Opera, w3m and some others, but mostly Firefox. However, I make 95% of my income from Windows users who have serious security problems. It's true that most of them could protect themselves better (I help each one of them with this, as I don't want followup calls from those same users about the same problems), but MS has not defaulted to a high security setting, nor do they do a very good job of educating their users on basic security. Although I can run Windows securely, I became weary trying to keep up with its maintenance, so it only gets run when I want to play a game now. That's one thing Windows does well: games. Browsing? No, sorry, but it's my bread and butter that you don't do that well. Although my income would drop considerably if you were to implement a comprehensive security model for your browser, from defaults to APIs to ActiveX (stop supporting it and kill it off), it would be the best thing for everyone, and I, for one, would be relieved.

Lazlo Toth

# re: More secure @ Wednesday, March 30, 2005 4:30 PM

Lazlo,
The calls to kill ActiveX are getting a little tiresome along with the matter of fact statemetn that it is totally insecure with no supporting evidence being given. We have no plans to kill off ActiveX. We believe ActiveX is a very powerful extension mechanism for IE.
Now before you fly off the handle please take a moment to actually understand what ActiveX is, how it works and why I say that. ActiveX is a binary extension mechanism. It works using COM/OLE to allow code to be extended, these are the same types of interface and in some cases the same interfaces used by the Java VM and the scripting engines. If we did not support ActiveX then Macromedia Flash would not work. If we did not support ActiveX then the SVG plugin from Adobe would not work. If we did not support ActiveX then the excellent support for MathML from Design Science http://www.mathtype.com/en/products/mathplayer/ would not work.
Other browsers have their own binary extension mechanisms to achieve exactly the same thing and allow extensions to the browser. I haven't even started to discuss how this is used extensively within corporations to build powerful intranet based solutions. With Windows XP SP2 we introduced enhancements to security to ensure that users could not inadvertently install ActiveX Controls and unwanted software.

If you want to ensure you are secure when using Internet Explorer it really is quite simple. Make sure you have automatic updates enabled http://www.microsoft.com/athome/security/protect/default.mspx
This is so much easier than the recent security updates from that other browser that required an uninstall and then a new installation of the updated version to make sure you are secure.
Thanks
-Dave

Dave Massy

# re: More secure @ Wednesday, March 30, 2005 5:13 PM

Dave:

Just because ActiveX has come under attack doesn't mean that it's the best way to solve the problem of the binary extension. M$ invented ActiveX, and instead of using a common binary extension, you invented your own. People like choice, and you deny that with ActiveX.

And as far as updating browsers, I *like* uninstalling and reinstalling. I have gotten viruses and worms from going to the windows update site, too.

Can you PLEASE build an uninstall feature into IE? You can say what you like about mozilla and security, but I can always uninstall mozilla, which is why I love it, and will always suggest people use it over IE.

--thanks

Anonymous Penguin

# re: More secure @ Wednesday, March 30, 2005 7:28 PM

<snip>..Evidence shows that work around security such as that undertaken in Windows XP SP2 has helped users remain safe.</snip> they why wait for windows xp sp2 to be released when you can altogether make the intial release version more secure? buggy coding? less secure programs?

teodz

# re: More secure @ Thursday, March 31, 2005 7:05 AM

Dave,

I realize that the subject of undocumented functions may seem like a side issue from the main theme here of security, but I am puzzled by your exchange with my friend Geoff Chappell.

At his web site, Geoff has shown that, among the functions exported by SHLWAPI.DLL (for example) and imported by SHDOCVW.DLL, there are some functions that Microsoft has not documented, even under the settlement. Now, someone could, I suppose, assert that SHWALPI.DLL and SHDOCVW.DLL are BOTH IE components, or they could assert that NEITHER is an IE component, but without making one of those two assertions, I don't think you can dispute what Geoff is saying, or claim that he doesn't offer evidence.

If a is part of X and b is part of Y, and if b uses something from a, then that something MUST be an interface (an API), unless X and Y are on the same side of the fence.

Dave, I think Geoff and you may be talking past each other because you are overly committed to a distinction between "API" on the one hand, and "internal function" on the other. He points to all these functions, and you say "Nope, those aren't APIs, those are internal functions."

But internal to WHAT? If a function is exported from (to use the same example) SHLWAPI.DLL, and it's imported by SHDOCVW.DLL, then in order to deny that the function is objectively an API, then you must claim that SHLWAPI.DLL and SHDOCVW.DLL are on the same side of the Windows/IE fence (a fence MSFT erected as part of the settlement).

The choices are: (a) shlwapi and shdocvw are both IE; (b) shlwapi and shdocvw are neither IE; (c) Geoff is right, there are shlwapi APIs used by shdocvw that MS hasn't documented; (d) MSFT has somehow taken parts of shdocvw and "commingled" them into shlwapi; or (e) "by golly, there's no objective test for an API; APIs are always de jure and never de facto; an API is solely what MSFT says it is".

-- Andrew (a consultant to plaintiffs in several antitrust cases involving Microsoft)

Andrew Schulman

# re: More secure @ Thursday, March 31, 2005 7:19 AM

Thanks Andrew,
I agree that Geoff adn I are probably talking past each other. I follow the argument I think. As I have said the website url has been passed to the group responsible adn they will examine for any evidence anythign that is not documented. I repeat that we take it extremely serious to document anything in the OS that IE uses. I am not a lawyer and I am not going to discuss legal issues here as to what constitutes what.

teodz,
Windows XP SP2 is available for download and is highly recommended. We worked hard on all the versions of IE around security. Over the years we have learned a great deal from being attacked and continue to apply learnings to every piece of software built at Microsoft. Recent security upgrades to other browsers show that they are also learning and applying those learnings to new versions.

Anonymous Penguin,
Did you actually read what I wrote in the post? IE cannot be uninstalled because parts of the OS and third party applications rely on it being present.

Thanks
-Dave

Dave Massy

# re: More secure @ Thursday, March 31, 2005 2:21 PM

I just went through your original post and seeing so many comments skipped right to the end. In case my point has been covered before please bear with me.

I have only one issue here. Because IE is used in many other applications i have noticed many problems. If IE gets stuck some of the applications using some components of IE also freeze. Not sure why that happens but it does happen.

Also consider the situation where I put off images or videos etc. from being displayed or played in IE. Some applications whihc then have their own version of the browser component built in pick up the same settings which really ticks me off.

I have no other points just the above 2 complaints.

robustengine

# re: More secure @ Friday, April 01, 2005 3:18 PM

Dave,

>>> IE cannot be uninstalled because parts of the OS and third party applications rely on it being present.

Wait a minute, what part of the OS _relies on_ IE being present? An "essential part of the operating system," as in, the OS "won't boot" without IE?

I think you mean that the Windows _shell_ relies on IE. The shell is an application, Explorer.exe. It happens to be the default application that starts up when you run Windows, and it provides the appearance (facade, I almost want to say) that most users think of when they think "Windows," but I don't see how this makes it part of the OS.

I mean, what happens if, heaven forbid, IE can't run, maybe because some BHO has screwed things up, or whatever? You mean to tell me that I then can't start Windows?

But of course I can. Microsoft has even documented how to start Windows without Explorer, and with some alternate shell. (I think you can even make Solitaire the shell, which would nicely correspond with how many people to this day use Windows.) Last time I checked, if you do this, IE and its associated DLLs are not loaded in memory.

By claiming that IE is integrated into the OS, I think Microsoft has left itself open to these "less secure" criticisms. MS says that IE is "integrated into the OS," and MS's critics take the company at its word for this. But it would be better to simply acknowledge that IE is integrated into the Windows _shell_, and that the shell ain't Windows itself.

As for 3rd party apps that rely on IE, you know, I could write an app right now that relies on Solitaire. That wouldn't make sol.exe part of the OS.

Thought experiment: what would it look like, if IE really were integrated into the OS? Wouldn't the low-level file system have intimate knowledge of HTTP, for example, so that if I passed a URL to the CreateFile API, it would know what to do with it? Does this happen now?

Andrew

Andrew Schulman

# re: More secure @ Friday, April 01, 2005 5:11 PM

I have to say that no matter what you say, Firefox will always be better than IE unless Microsoft decides to quit screwing up. Until then, I'm going to stick with my Mac and Mozilla.

A real computer geek.

C. Cupples

# re: More secure @ Friday, April 01, 2005 7:18 PM

Andrew Schulman,
If you believe that the shell is an application then we fundamentally disagree.

I guess it is April 1st so I should not be surprised by the two comments received today. I was going to spend time explaining yet again how this all works but I've said it all before in the comments on this blog. So instead I'm enjoying a day's vacation and will spend my time in more fruitful activities.

Thanks
-Dave

Dave Massy

# Welcome Stranger &raquo; M??ty Firefoxu @ Saturday, June 24, 2006 9:37 AM

PingBack from http://teso.iglu.cz/wordpress/?p=18

Welcome Stranger » M??ty Firefoxu

# Firefox Myths | Foxfire Facts @ Saturday, December 15, 2007 5:22 AM

PingBack from http://mozillafirefox3.net/firefox-myths/

Firefox Myths | Foxfire Facts

# how to get past a password secured websight @ Saturday, May 03, 2008 4:34 PM

PingBack from http://mariyah.infomediaguide.com/howtogetpastapasswordsecuredwebsight.html

how to get past a password secured websight

# mitchell system @ Friday, June 06, 2008 5:33 AM

PingBack from http://logannewsblog.977mb.com/mitchellsystem.html

mitchell system

# Dave Massy s Blog More secure | Paid Surveys @ Saturday, May 30, 2009 5:59 AM

PingBack from http://paidsurveyshub.info/story.php?title=dave-massy-s-blog-more-secure

Dave Massy s Blog More secure | Paid Surveys

# Dave Massy s Blog More secure | Outdoor Ceiling Fans @ Sunday, May 31, 2009 9:53 AM

PingBack from http://outdoorceilingfansite.info/story.php?id=1666

Dave Massy s Blog More secure | Outdoor Ceiling Fans

# Dave Massy s Blog More secure | Outdoor Ceiling Fans @ Sunday, May 31, 2009 12:47 PM

PingBack from http://outdoorceilingfansite.info/story.php?id=19302

Dave Massy s Blog More secure | Outdoor Ceiling Fans

# Dave Massy s Blog More secure | Wood TV Stand @ Sunday, May 31, 2009 8:00 PM

PingBack from http://woodtvstand.info/story.php?id=10581

Dave Massy s Blog More secure | Wood TV Stand

# Dave Massy s Blog More secure | Outdoor Ceiling Fans @ Tuesday, June 02, 2009 1:38 PM

PingBack from http://outdoorceilingfansite.info/story.php?id=36939

Dave Massy s Blog More secure | Outdoor Ceiling Fans

# Dave Massy s Blog More secure | Insomnia Cure @ Monday, June 08, 2009 6:30 PM

PingBack from http://insomniacuresite.info/story.php?id=1830

Dave Massy s Blog More secure | Insomnia Cure

# Dave Massy s Blog More secure | Cellulite Creams @ Tuesday, June 09, 2009 9:32 PM

PingBack from http://cellulitecreamsite.info/story.php?id=1533

Dave Massy s Blog More secure | Cellulite Creams

# Dave Massy s Blog More secure | Best Eye Cream @ Friday, June 12, 2009 11:41 PM

PingBack from http://besteyecreamsite.info/story.php?id=1301

Dave Massy s Blog More secure | Best Eye Cream

# Dave Massy s Blog More secure | fire pit @ Saturday, June 13, 2009 11:19 PM

PingBack from http://firepitidea.info/story.php?id=434

Dave Massy s Blog More secure | fire pit

# Dave Massy s Blog More secure | unemployment office @ Tuesday, June 16, 2009 3:53 AM

PingBack from http://unemploymentofficeresource.info/story.php?id=6165

Dave Massy s Blog More secure | unemployment office

# Dave Massy s Blog More secure | storage bench @ Friday, June 19, 2009 4:28 AM

PingBack from http://thestoragebench.info/story.php?id=2553

Dave Massy s Blog More secure | storage bench

# Dave Massy s Blog More secure | debt solutions @ Friday, June 19, 2009 12:46 PM

PingBack from http://debtsolutionsnow.info/story.php?id=2029

Dave Massy s Blog More secure | debt solutions