IE7 Separated from Windows Explorer

An anonymous reader writes "Security experts warned Microsoft 10 years ago that putting IE as a component of Windows Explorer was a bad idea, looks like Microsoft finally decided to listen to the advice. According to a short write up in Business Week, Microsoft has decided that when IE7 comes out with Vista it will no longer be a component of Windows Explorer and will be able to replace IE6 even on XP machines."

Re:Lied to the EU?

[mtenhagen]

That did not apply to windows xp but to windows 95 and me.

Maybe it could be done but this is the reason it will only be done for xp. On the other hand, having seen some of microsofts products it doesnt suprise me that a web browser which executes remote code (activex) is part of the os.

Re:Lied to the EU?

[FatRatBastard]

Technically they were correct. Think of it as if BMW rerouted the ignition circiut to make sure it passed through the car stereo. Technically, removing the stereo could render the car useless. Its a stupid design decision unless you're trying to monopolize the market in car stereos.

Re:Great! Now to get Konqueror!

[Doctor+Crumb]

You are correct in noting that Konq is entirely userspace, which is why they can make it browse whatever they want it to. If you don't like it, you can use Nautilus or firefox or midnight commander or any number of other things. This is only a big deal for IE/Explorer because it is tied to the OS, and because it is really your only choice for many things.

As for how tightly tied konqueror is to itself, that's pretty much moot. Much of Konqueror's capabilities are provided by kioslaves, which are another layer entirely, and could theoretically be used by other apps. *Shrug*

Re:Lied to the EU?

[qw0ntum]

If you listen to the full podcast (LTFP?), they say that the seperation between the browser and the OS will only come in Vista. In XP versions, IE7 will only add new restrictions to ActiveX controls.

So I guess they were not lying, at least according to BusinessWeek.

Re:Replace IE6 on XP machines?

[AKAImBatman]

With the instant scans of the checks, "check float" has been removed, and a big issue that banks had with some illegal behavior that most people thought were ok, is gone.

Check floating is not illegal. It's simply an artifact of the way banks work. You're probably thinking of check kiting, which is an illegal scheme that takes advantage of the float periods.

Re:Welcome news

[offput]

Windows 2000 is no longer in the windows labelled "mainstream support" so the less they have to deal with it the better for their support teams. On IEBlog, they also cite specifically why it can work for WinXP and not Win2K. It's because of the security upgrades done to XP in service pack 2 which they claim are not easily back-ported into 2K.

Re:Is ActiveX gone too?

[Hal_Porter]

I think so -

http://www.microsoft.com/windows/ie/ie7/featuretab le.mspx

Disables nearly all pre-installed ActiveX controls to prevent potentially vulnerable controls from being exposed to attack. You can easily enable or disable ActiveX controls as needed through the Information Bar and the Add-on Manager.

From here
http://forum.pcstats.com/showthread.php?t=35534

The beta of Internet Explorer 7 is neat to play with but it has one quirky feature where it does not allow users to install unsigned Active X controls. Unfortunately since it's still beta, virtually all Active X addons (like Shockwave, Flash) are unsigned which means they cannot be installed by default. Trying to do so causes IE 7 to spit out an error message.
Not all is lost however, if you load up the Internet Options (Tools -> Internet Options...), click the "Security" tab and in Internet security settings click the Custom Level... utton. In the "ActiveX Controls and plugins" section, find the "Download unsigned ActiveX Controls" option and change it from "Disable" to "Prompt". After that's done click the OK button and you're set!

He he, "one quirky feature". Way to miss the point. Note that you can disable Download Signed ActiveX controls too, or make at least make it prompt you.

There's a best practices document here
http://msdn.microsoft.com/library/default.asp?url= /library/en-us/IETechCol/cols/dnexpie/activex_secu rity.asp?frame=true

I think the basic problem is that they still want to avoid breaking websites that rely on ActiveX as much as possible. You can see lots of stuff in that document which means that some ActiveX controls will still automatically on a webpage. If anyone develops and exploit for them and you run it on XP as an admin, you have a problem. Of course, if the user knows what they are doing they can make it secure, but the default setting is more geared to compatibility than security.

it already has

[minus_273]

I downloaed the IE7 beta 2 for XP yesterday and you can see that explorer is no longer tied at all to the web browser. Going to slashdot.org in an explorer window starts the default browser now.

Re:Replace IE6 on XP machines?

[M.+Azerty]

Actually, you can try the Beta of IE7: http://www.microsoft.com/windows/ie/ie7/ie7betared irect.mspx And yes, you can uninstall it properly afterward.

Re:Great! Now to get Konqueror!

[prisoner-of-enigma]

The problem with MS's version was that the whole freaking system crashed if IE crashed.

This isn't entirely correct. EXPLORER.EXE, which is tied in with IE and is largely responsible for the GUI, can be crashed by IE. This mucks up the GUI to the point where the system is apparently hung. However, the NTOSKRNL.EXE almost never gets faulted by these kinds of crashes and, in reality, continues to run even though the interface is completely hosed. This is analogous to crashing XWindows in Unix in the sense that X can be completely hung but system processes underneath it continue to function normally. The difference is that a Ctrl-Alt-Bksp will kill X and give you a command prompt, whereas Windows has no such option. There has been talk in the past of Microsoft releasing a command-line version of Windows Server (i.e. the GUI is optional), but AFAIK, that's just been talk with no real action.

Note that crashes that do fully lock up a Windows box are almost always caused by faulty drivers, usually video drivers because these run in kernel space. Linux is just as susceptible to faulty drivers as Windows is. I've had a number of servers up and croak with a KERNEL PANIC because of a faulty RAID driver. Dodgy hardware, poor cooling, overclocking, etc. also locks up boxes but this isn't a Windows-only phenomenon by any means.

Re:Replace IE6 on XP machines?

[Hollyfeld]

Actually, no. Post-dating a check will have no effect on when it can be cashed, or your liability for payment. The date field on a check has no legal signifigance - a check is a demand draft against an account and is payable on presentation...

Re:Replace IE6 on XP machines?

[freeweed]

Post-dating cheques is (from what I understand) either illegal or just not useful in the US - due to exactly what we're talking about here. Your money must be present in the account when you write the cheque (barring overdraft protection, etc).

In Canada, post-dating cheques is very legal, and very common. The provincial insurance companies accept post-dated cheques for payments due in the future, so it's certainly legal at that level.

I ran into this years and years ago when I first computerized the books for a small business - the vendor didn't provide any functionality for tracking post-dated cheques (they were a US vendor, and we were their first Canadian customer). When we called to request this feature, their response was "but post-dating cheques is illegal!". Pretty funny at the time. It took them over a year to get this functionality working right, incidentally.

Oh, and the banks here WILL honour post-dates. If I cash a cheque earlier than the day it is dated for, it usually gets caught. If it goes through by accident, it will be reversed (not as an NSF) and it's up to me to collect the money from the cheque writer.