Bonum Certa Men Certa

Internet Explorer 9 Seems Less Secure Than Predecessors; Microsoft Plays the Vapourware Game Against Rival Web Browsers



Summary: Internet Explorer 9 removes security features and lies about its standards compliance using improper benchmarks

MICROSOFT made some Internet Explorer patches available last week, only to discover that Internet Explorer is under a new wave of attacks (due to flaws which cannot be patched until next month). What did Microsoft do? To the gurus out there it advised that they apply some registry hacking. Windows is easy, eh? SJVN writes about this issue which we covered before:



A Quick IE Fix



[...]

The first one disables the peer factory class in the Windows registry. 'Peer factory' is used by the iepeers.dll binary program in IE 6 and 7 on Windows XP and Windows Server 2003 to call some kinds of Windows functionality from within IE. The most common way it's used is to print from IE. The downside of this fix, as you might guess, is that it will stop IE's print functionality from working.


Try explaining this security measure to people who are fearful of computing.

According to another new article from SJVN, Internet Explorer 9 will fix almost nothing when it comes to security. Just like when Vista 7 was planned and released, Microsoft said nearly nothing about improved security; it's the same when it comes to Internet Explorer.

While Microsoft seems focused on some good things, like improving IE's speed and finally making it more compatible with the forthcoming HTML 5 standard, I didn't see a lot about improving the program's own built-in security. Indeed, this early test-drive model [of IE 9] doesn't even include IE 8's SmartScreen anti-malware filter and private-browsing function.


This sounds familiar because according to two separate sources, Vista 7 is also less secure than Vista [1, 2]. They go backwards.

But now comes the interesting part. A reader who wishes to remain anonymous has told us that, regarding Microsoft's "test browser compliance", it will "test browsers, except for their current version, Internet Explorer 8". To quote the message:

"Download the latest Windows web browser". Is it fair testing a future release against the current versions of the rest? Also the original stand alone SVG files appear to be missing.

"This website contains several collections of test pages that were developed in conjunction with the World Wide Web Consortium (W3C) working groups. These tests make it possible to validate a browser's compliance with specific web standards"

http://samples.msdn.microsoft.com/ietestcenter/#svg11e2


Microsoft never likes to compare the comparable. It pits vapourware against real products, as usual. It must mean that Microsoft is behind, not ahead.

"In the face of strong competition, Evangelism's focus may shift immediately to the next version of the same technology, however. Indeed, Phase 1 (Evangelism Starts) for version x+1 may start as soon as this Final Release of version X."

--Microsoft, internal document [PDF]



Recent Techrights' Posts

EPO Staff Explains Why It Cannot Issue EPC-Compliant European Patents (in Other Words, Why Many Fake Patents Get Issued)
chaos inside
 
Chris Rutter, Winchester College, Clare College choir, Arm Ltd, underage workers & Debian accidental deaths
Reprinted with permission from Daniel Pocock
Gemini Links 25/02/2024: Blocking Crawlers and Moving to gemserv
Links for the day
IRC Proceedings: Saturday, February 24, 2024
IRC logs for Saturday, February 24, 2024
Over at Tux Machines...
GNU/Linux news for the past day
[Meme] Objective Objection at the EPO
No more quality control
Links 24/02/2024: More Sanctions Against BRICS, Software Patents Squashed
Links for the day
Microsoft's Demise on the Server Side Continues Unabated This Month
Netcraft says so
Bonnie B. Dalzell Explains Her Experience With Richard Stallman
new essay
Gemini Links 24/02/2024: OpenBSD Advocacy and Nonfree Firmware Debated
Links for the day
Mark Shuttleworth & Debian Day Volunteer Suicide cover-up
Reprinted with permission from Daniel Pocock
IRC Proceedings: Friday, February 23, 2024
IRC logs for Friday, February 23, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Links 24/02/2024: EA Planning Layoffs and 'Liquor Regulators Are Seeking Revenge on Bars That Broke Pandemic Rules'
Links for the day
Gemini Links 24/02/2024: In Defense of Boilerplate and TinyWM Broke
Links for the day
Microsoft's Pearls of Wisdom: Layoffs Are Growth
Microsoft boss: layoffs are "long-term growth."
[Meme] Hide the Bodies
hiding EPO's role in funding Lukashenko
Josef Kratochvíl and All the European Patent Organisation's Chiefs (at the Administrative Council Too) Notified That Over 1,000 Members of Staff Demand Action on Patent Quality and Compliance (Industry Too is Alarmed That Many Invalid Patents Get Granted)
Huge corruption
Microsoft Lacks a Solid Strategic Plan Other Than Buying Its Own Stock (and Paying Staff in Shares)
Beware and be cautious of bubbles
Debian trademark canceled
Debian trademark canceled
Links 23/02/2024: Feed Aggregator and 2 Years of Invasion, Alexei Navalny’s Mother Blackmailed
Links for the day
Gemini Links 23/02/2024: Getting 'Sick' of Modern Tech and Deletion of One's Reddit Account
Links for the day
Links 23/02/2024: 227 Microsoft Layoffs Noted in Santa Clara and Disaster in Rivian
Links for the day
IRC Proceedings: Thursday, February 22, 2024
IRC logs for Thursday, February 22, 2024
Over at Tux Machines...
GNU/Linux news for the past day