Slashdot Mirror
IE Developer Responds to Mozilla Accusations
sriram_2001 writes "Dave Massy, a Microsoft employee who works on the Internet Explorer team has a response to the Mozilla Foundation's Mitchell Baker's comments. Specifically, he responds to the claim that IE is a part of the operating system. 'IE is part of the Windows Operating System so that parts of the OS and other applications can rely on the functionality and APIs being present. To be clear there are no Operating System APIs that IE uses that are not documented on MSDN as part of the platform SDK and available to other browsers and any other software that runs on Windows..'
IF there are no operating system API's used by the browser, then why did MSFT fight so hard not ot have to remove it from the browser. IT might not use the OS API's, but im fairly sure it works the other way round. Has he ever tried to remove IE cleanly from a windows install?
I would never use I.E. again if Firefox could do one thing (more), to be able to navigate to other (windows) boxes using my browser (like i can in I.E.)
by typing \\servername or \\ip address
my understanding was that this functionality was part of the API that is not available? this is the only thing keeping I.E. on my windows desktop.
Thats the point though the IE gives websites access to the APIs of other programs like WMP without asking the user.
It is part of the OS. That's the part of the post he made.
IE is part of the OS primarily because it is an API that is relied on by other parts of the OS, and other 3rd party apps.
It is rightly described as "middle-ware". Clearly, it's not a driver, or the kernel, or whatnot.
But also clearly, it is not a single executable strapped on top.
It's integrated, but using only methods that and API that are available to anyone to use.
To be clear there are no Operating System APIs that IE uses that are not documented on MSDN as part of the platform SDK and available to other browsers and any other software that runs on Windows.
This is always the standard Microsoft defense. Our products are written with the same API's as are available to everyone else. Everything's fair.
Except that Microsoft developers get access to the people who wrote the specifications. They can influence the specifications to change. In fact, according to a friend of mine who works at Microsoft, they have a tool which highly optimizes their code after compilation, by, among other things, moving the infrequently used code like error handling routines to the back of their DLL's, etc.
The fact that this tool hasn't been released to other developers is proof that they unfairly compete.
I'm the guy who posted the story to Slashdot. One thing I noticed and which got edited out was that - nowhere in the post, does Dave Massy criticize Firefox itself. Though it is his own personal blog (it is not the IE team blog), he never mentions anything about Firefox. On the other hand, we have various people associated with Firefox badmouthing IE every chance they get.
I'm sure Dave could have pointed out with glee Firefox recent security problems (IDN, GIF handling ) or update-rollout problems. Can you imagine a Firefox dev not jumping on similar problems with IE and making fun of them?
I'm not sure what to blame, but I just compared IE and FireFox side by side on a PC isolated to my local network. FireFox loaded many pages many times faster. Then I uninstalled all the virus protection (Norton) software on this newly aquired PC (as it will always be isolated to my local network for in-house testing) and IE performance improved dramatically.
I refuse to switch to KDE or GNOME because it's easy to use. Hell I still use FVWM without any fluff and my computer kicks ass.
You can take away the fluff of linux. You CAN'T take away the fluff of windows XP.
The fact is, there are more uninformed people out there than there are informed people (just read the crap in the original article).
Another fact is that there are more Microsoft fans than there are Open Source fans (right now).
So, the intersection of those two groups means that there are more uninformed Microsofties than there are informed Open Source fans.
And those Microsofties, for whatever reason, have decided to hang out on
Get used to it. That's the same way it will be throughout most of your life, unless you restrict yourself to very exclusive groups with very high entrance requirements (/. is not one of them).You can't argue them down. They don't know enough of the material to know how ignorant they are.
I've argued here with people who swore that SMTP did NOT have authentication. Even after I posted links to the RFC's.
I'm not your typical Slashdot-fanatic, M$-hating, L1nux d00d. I love most of the latest MS products and think they're solid (as long as you're clued).
However, I literally laughed out loud when I read the following comment by the blogger:
As we develop IE we go through very thorough and stringent security reviews to ensure that every change is secure and does not expose the user to attack.
Which version of IE is this?! Nearly every released version of IE has had laughable (keep in mind, I'm not a Linux bigot) security flaws. I'm sorry, but you can't feed the sheep their own shit. They know, they KNOW.
He goes on to say:
The security of any browser is irrelevant to if it is part of the operating system.
That seems to be Microsoft's mantra. However, any security engineer or person with common sense would disagree.
If we are to debate security of browsers then let's bring in relevant arguments and accurate details about different possible attacks rather than rely on the irrational fear that because IE is part of the operating system it must be exposing OS functionality to the web.
Are you fucking joking? There is documented exploit after exploit demonstrating this. People aren't pulling it out of their asses. It's backed by fact, something you appear to be ignoring.
I'm a somewhat-loyal MS customer, but I've got to say I don't like reading tripe like this. What I do like reading is "we're going to fix IE's security model and this is how we're going to do it, what does the community think?".
Perhaps the IE team needs to review their security procedures, because they fuckin' suck hard.
How are you monitoring the memory usage in Windows? After booting, Windows XP will agressively swap out unused resources and allocate substantial amounts of RAM for drive caching.
It's tough to figure out what Windows is really "using". I suppose I could try booting Knoppix (without a ramdisk) and WinXP side by side in VMWare to compare how small the footprint can get. I recall Knoppix won't even load KDE without 70MB or so free. I figured that out recently when booting Knoppix with 128MB of RAM.
Yeah, there's the ramdisk again.
Is The Browser Part of the Operating System?
An exercise in misdirection