Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE7 Leaked

Posted by CmdrTaco on from the hate-when-that-happens dept.

lju writes "IE7 has been leaked according to pcpro. From the article: '...last Friday it was revealed that a build of the new browser - version 5299 - along with numerous screenshots, was available online.' "

27 of 408 comments (clear)

  1. Obligatory Troll... by TheRealMindChild · · Score: 2, Insightful

    I know it's trolling, but considering the security of IE6 WHICH HAS BEEN OUT FOR YEARS, I don't think I will be standing in line to try this "beta".

    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
    1. Re:Obligatory Troll... by Anonymous Coward · · Score: 2, Insightful

      Of course most of those security problems (with IE or Moz) required the user to do something stupid such as allow a malicious ActiveX install or go to a malicious website. That's still the case today.

      Do you really not trust yourself that much?

    2. Re:Obligatory Troll... by undeadly · · Score: 4, Insightful
      Of course most of those security problems (with IE or Moz) required the user to do something stupid such as allow a malicious ActiveX install or go to a malicious website. That's still the case today.

      The whole point of using a web browser is to browse the web, and that seems to be forgotten when someone is talking about how stupid it is to browse malicious sites. How are you to determine that a site is malicious? Use Google and click on more links to unknown sites? However, a browser that you only can use to browse "safe" sites is basically non-functional.

    3. Re:Obligatory Troll... by drinkypoo · · Score: 5, Insightful

      And of course when running as non-admin, all the security exploits are irrelavent.

      This is such an ignorant statement. I hate seeing it, and I see it over and over again on slashdot.

      First, it assumes that there are no local privilege escalation exploits. This is a poor assumption, especially on Windows, but really on any OS with privilege levels.

      Second, it assumes that your personal data is not worth anything. Yours might not be, but mine is.

      Third, it assumes that there isn't some way to muck with the system to get Administrator to run something when they log in. This is not a safe assumption either. Hell, there's still people running FAT32 on Windows XP. They have no protection.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    4. Re:Obligatory Troll... by Crazyscottie · · Score: 5, Insightful

      If look at the security hole listings for IE, there are exactly 3 buffer overflow problems found in the entire history of the browser.

      Three documented buffer overflow problems. Keep in mind that Microsoft is well known for its lack of documentation in both bugs and operating system "features." Also remember that buffer overflows aren't the only kind of "non-stupid-user" vulnerability in any application (e.g. heap overflows).

      And of course when running as non-admin, all the security exploits are irrelavent.

      Disregarding the fact that "irrelavent" is not an English word, how many Windows users do you know who actually run as a non-admin? I don't; I know I should, but it's a pain in the ass, and I consider myself knowledgeable enough to know how to prevent most issues and to fix any that should happen to come up as a result of vulnerabilities.

      --
      Just because it can't be explained doesn't mean it isn't true. Science fits into reality... not the other way around.
  2. Leaks? I'll show you LEAKS! by Saeed+al-Sahaf · · Score: 5, Insightful

    IE7 can't possibly leak as much as Firefox. That browser is a memory pig! But I guess that's the price for security and "standards compliance"

    --
    "Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
    1. Re:Leaks? I'll show you LEAKS! by Dan+Ost · · Score: 4, Insightful

      That's not how I understand it. A memory leak is when a program doesn't release memory after it is done with it. This is especially bad if the program keeps allocating new memory without releasing/reusing old memory. This results in a program that gobbles up all your system memory.

      --

      *sigh* back to work...
    2. Re:Leaks? I'll show you LEAKS! by carlislematthew · · Score: 2, Insightful
      IE7 can't possibly leak as much as Firefox. That browser is a memory pig! But I guess that's the price for security and "standards compliance"

      Right now on my system Firefox is using 77MB of RAM, which is a pretty huge amount of memory! However, I'm not sure that's it's "leaking" as I am guessing that it is happily using all of it.

  3. big f-ing deal by crimethinker · · Score: 2, Insightful
    I'm trying to imagine why anyone in their right mind would want this. First off, it's IE, and therefore an excellent tool for spreading worms and viruses. Then consider that it is not a release version, and so will have many more bugs than a regular release of IE, many of them probably very exploitable.

    I suppose you could say I'm trolling or trying to start a flamewar, but really, do you want MS's latest bit of bugware on your desktop? And who knows what some L337 HAX0R might have managed to graft into the code prior to making it available? Kind of like downloading warez - too risky for any but the most foolish ...

    ... which is exactly the demographic that IE still has tightly locked up.

    -paul

    --
    Pistol caliber is like religion: everyone has their favourite, and theirs is the only right choice.
  4. How can something publicly available be "leaked" by kimvette · · Score: 5, Insightful

    Last I checked, MSIE 7 is available via MSDN subscriptions, Action Pack subscriptions, and even Microsoft's own web site . It's not like anyone outside of M$ has not seen MSIE 7.0 already. So a single build got leaked a little early -- this is a) nothing unusual and b) not anything significantly different from what was previously made available through legitimate. This strikes me as: "Oh boy, screenshots of a beta everyone has been able to download for months. Oh wait, this is DIFFERENT because the build number in help-> about is different."

    Now if the SOURCE were leaked, that would actually be something newsworthy.

    --
    The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
  5. Re:Cool, does it run under KDE? by dysk · · Score: 4, Insightful
    Sorry, I know I'll get flamed for that, but I've been hit with a barrage of "IE 7 is/will be better than Firefox" emails lately here at my Microsoft co-dependent workplace.


    Maybe it will be. Microsoft isn't incapable of writing bad software, they just usually have no competition so there's no incentive for them to do so.
  6. Re:Has been available for some time. by maxwell+demon · · Score: 1, Insightful

    Maybe it is "leaked" intentionally by MS in order to keep the news on it going?

    --
    The Tao of math: The numbers you can count are not the real numbers.
  7. Yay, Slashdot! by BarryNorton · · Score: 4, Insightful

    Where there's no irony to berating Microsoft for copying Firefox features in Internet Explorer, nor talking about security flaws in Internet Explorer while praising Firefox.

    Grow up!

    Yes, Firefox is my default browser too... but I try not to let that make me a hypocrite!

    1. Re:Yay, Slashdot! by Salsaman · · Score: 2, Insightful

      Why would it be ironic ? Microsoft with all it's billions SHOULD be leading the pack, not playing catch up to other browsers.

      And as regards security, IE is widely know to be the most insecure browser. It should be the most secure, considering all the resources Microsoft has available to throw at it, and considering the relative length of time it's been in development.

      I don't get your point.

    2. Re:Yay, Slashdot! by BarryNorton · · Score: 2, Insightful
      Microsoft with all it's billions SHOULD be leading the pack, not playing catch up to other browsers
      Yes, just like you go to McDonald's for varied and experimental cuisine, and to small independent restaurants for a bog standard burger...
  8. This browser is important by alnya · · Score: 4, Insightful

    Everyone seems to be making "isn't this firefox" jokes, and yes, some of the features are rather familiar, but this browser is important.

    In a year or so, this browser will have > 70% of the online browser market share. This browser will be the majority's portal onto the web.
    Web developers should care about this browser - how your pages look on it, what CSS version (or subset) it supports. Security experts should care about this browser - what security issues does it throw up, what 'helpful' workarounds does it impliment for Phishing and the like.

    I'm sorry, and you may not like, but this browser will be the standard.

    1. Re:This browser is important by tbmcmullen · · Score: 2, Insightful

      This could possibly be because "normal" users don't go to W3Schools. Only people who have some kind of interest in learning web development go there. People who have interest in web development are much more likely to be using Firefox/Safari/Konqueror/Opera because they read sites like Slashdot where they are constantly bombarded by anti-IE rhetoric.

  9. Problems by Feneric · · Score: 4, Insightful

    Not fully standards compliant. Doesn't run on Mac OS X, Linux, or Solaris. Lame.

  10. IE tied into the OS by mindaktiviti · · Score: 5, Insightful

    I wonder how big and clunky Internet Explorer would be if it wasn't tied into the Operating System.

  11. {Witty Generic FireFox is Better Comment} by OverDrive33 · · Score: 2, Insightful

    Sadly, I don't think Firefox is any more secure than IE - there are just more published exploits for IE because it's the largest user base. I'd bet we'll start seeing more and more of Firefox's security issues as it becomes more popular. I shouldn't need to post this, it should be common knowledge.
    In fact because there will be even less users using IE7 than Firefox, one could stand to reason that IE7 is more secure than Firefox because there sure aren't any published bug exploits for IE7 yet.

    I had IE7 installed a few months back, and it just felt like IE6 with tabs... I might give this version a try ...

    --
    Find Escorts, Strippers, Massage Parlours, Swingers
  12. Re:Leaked? by sockonafish · · Score: 4, Insightful
    The build I'm using doesn't add "http://" for you, which is a bit annoying but might not be a bad security precaution.


    How could that be a good thing? It's entirely redundant to have to type in http:/// in a web browser. That's like being required to write MAIL: on every envelope you send out.
  13. Re:Is it GPLed? by Anonymous Coward · · Score: 1, Insightful

    Don't forget where Firefox copied many of its features from.. ahem.

  14. Re:terrific ..... not by Dr.+Sp0ng · · Score: 4, Insightful

    Except that food doesn't have to be distributed with a recipe telling you when to mix what and how long to bake it for, clothes don't generally come with the patterns and instructions you need to recreate them from whole cloth, beer doesn't tell you how long it's been fermenting, and aside from tar and nicotine, god only knows what's in these Camel Lights I smoke.

    My point is, (almost) no product comes with detailed instructions on how to recreate it yourself, modifying it how you please to suit your likes and dislikes. Why should software be any different?

    Yes, I agree that in many situations it is beneficial for software to have publicly-availably source code (look at my uid - I've been here a long time, and I've heard all the arguments). But as for the government mandating that I release my source code publicly? Even if it's not practical to do so, as in the case of a multiplayer game, whereby releasing the networking code for all to see is a free pass to all the script-kiddie cheaters? No thanks. Heavy-handed, one-size-fits-all government policy, especially on topics that they don't understand, never benefits anybody.

  15. Re:terrific ..... not by carlislematthew · · Score: 4, Insightful
    every computer owner has the right to view the source code of any program running on a computer that they own

    Wow - extreme viewpoint, although shared by many. I agree that there is a place for opensource software, but I would also say that there is a place for proprietary software. Companies (the things that supply most software in the world) simply would not bother to spend so much time and money making software if someone could just come along and copy it. You may not like that, but that's the way it is.

    Food has to be labelled with its ingredients list

    But they don't need to list the procedure for making the food.

    Clothing has to be labelled with its fibre composition.

    What has roughage got to do with this? ;)

    Cosmetics have to be labelled with their ingredients. Beer has to be labelled with its alcohol content

    Again, the value of the products here is not in the contents, but in the procedure for making them. The secret part of a beer is not in the alcohol content, but in the preparation: the water, the hops, the fermentation - there are hundreds of variables. Beer makers keep these variables and procedures a big secret because otherwise people could steal their secrets they spent time and money developing.

  16. Translation by beforewisdom · · Score: 2, Insightful
    "IE7 has been leaked according to pcpro. From the article: '...last Friday it was revealed that a build of the new browser - version 5299 - along with numerous screenshots, was available online.' "

    Translation:

    Companies pretend to have details about a new or upgraded product "leaked" to generate anticipation/excitement for the release of the aforementioned product. Somebody in Microsoft's marketing department is not aware that most people have caught on this.

  17. I guess it has been... by zogger · · Score: 2, Insightful

    ...blown out of proportion a lot...well.. except for the TENS OF MILLIONS of machines that have gotten infected and owned over the years because of it. And let's look at the BILLIONS of dollars in basically lost productivity and resources wasted on "fixing" malwarez once folks get nailed. It doesn't matter if theoretically 1% (whatever, a small number) of the computer using population can keep a windows box secure, what matters is, for whatever reasons exist today, 99% (again, whatever, a very large number) CAN'T. That's an example of "broken" in any practical true sense, as opposed to academic theory.

  18. Re:Leaked? by TuringTest · · Score: 4, Insightful

    If typing http:/// [http] is too much to ask of idiotic users, perhaps we should just have a big green button users press and it takes them to a random site on the internet where they can just "shuffle" to where they need to go

    You could even label it "I'm feeling lucky"...

    In a browser session, the protocol is an implementation detail, and implementation details should not be exposed to end users (unless you're browsing with lynx). Even if you want them exposed, they should be mapped to some kind of "channel" metaphor - and definitely the name of the protocol should NOT be typed every time, that's a waste of time.

    --
    Singularity: a belief in the "God" idea with the "demiurge" relation inverted.