|
|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
The Auto Beat
Byte of the Apple
Europe Insight
Eye on Asia
Getting In
Investing Insights
The New Entrepreneur
NEXT: Innovation Tools & Trends
On Media
Technology at Work
The Tech Beat
Traveler's Check
TECHNOLOGY
Product Reviews
Tech Stats
Hands On
AUTOS
Home Page
Auto Reviews
Car Care & Safety
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip FINANCE Investing: Europe Annual Reports Bloomberg BW50 SCOREBOARDS Hot Growth Companies: 2008 Mutual Funds Info Tech 100 B-SCHOOLS Undergrad Programs Rankings & Profiles |  |
MARCH 20, 2006
Finally, A Safer Explorer The downside: Splitting the Web browser from Windows means less convenience
I have been using an early, and still buggy, test version of Internet Explorer 7, which will be released both as part of Vista (the next release of Windows) and in a separate version for Windows XP. It goes a long way toward separating the browser from the operating system. That makes browsing safer but less convenient since a number of things that used to happen automatically will now require your intervention. The great weakness of IE has been the way Microsoft empowered the browser to download and run programs automatically. It didn't take long for the bad guys to figure out that this was an open door for attacks. Microsoft imposed restrictions on these "drive-by downloads" a couple of years ago as part of a major update to Windows XP, but IE 7 makes the rules much stricter. You have to give explicit permission even to run programs already stored on your computer, with the exception of a handful of well-known tools such as Macromedia (ADBE ) Flash player or Real Networks' (RNWK ) RealPlayer. As long as people don't mindlessly give permission to everything, this should make it tougher for hackers to exploit flaws in existing programs. IN EFFECT, MICROSOFT IS TAKING AWAY the browser's special, trusting relationship with Windows. And with Vista the divorce comes with a restraining order. Even when you let IE run a program, it won't be able to create or change files or system settings unless you give it additional permission. This makes it far harder for a malicious Web site to hijack your home page or install a program that monitors your keystrokes. These changes will cause many of the "scripts" that automate Web sites, as well custom programs written for corporations' internal Web sites, to fail. That's why Microsoft is urging Web masters to start experimenting with the software months before its release. Based on my experience, most sites will be fixed with time to spare, but many corporations will drag their feet in fixing internal software. A more visible security change is designed to help prevent fraud. The new IE will warn people when a link they click on is likely to take them to a "phishing" site, the sort of place that steals passwords or other personal information. On known phishing sites the address bar at the top of the window turns red, and a warning appears, while on suspect sites the bar turns yellow. And in an effort to keep Web sites from whisking you off to places you may not want to go, any new windows opened automatically must show their true identity in an address bar. There are also some nice, if badly overdue, usability improvements. You will be able to open multiple pages within a single window and save the group as a single bookmark; rival browsers such as Firefox and Opera have long offered this "tabbed browsing" feature. And Microsoft has finally provided a reliable way to enlarge or shrink text, though in the version I've been testing the bigger text isn't always reformatted, so it sometimes sprawls off the right edge of the window. I hope this feature will be fixed before release. The convenience IE offered over other browsers, such as Netscape, helped fuel the explosive growth of the Web. But that ease of use came at far too high a price. Partly because of the resistance of corporate customers that had built applications taking advantage of dangerous features, Microsoft was far too slow to fix them. But the software giant is finally biting the bullet, and late is a lot better than never. For past columns and online-only reviews, go to Tech Maven at www.businessweek.com/technology/wildstrom.htm  By Stephen H. Wildstrom Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | |
 Copyright 2006, Bloomberg L.P.Terms of Use | Privacy Notice |
Printer-Friendly Version
