Slashdot Mirror
IE8 May Be End of the Line For Internet Explorer
snydeq writes "InfoWorld's Randall Kennedy reports on rumors that IE8 may be Internet Explorer's swan song: 'IE8 is the last version of the Internet Explorer Web browser,' Kennedy writes. 'It seems that Microsoft is preparing to throw in the towel on its Internet Explorer engine once and for all.' And what will replace it? Some are still claiming that Microsoft will go with WebKit, which is used by Safari and Chrome. The WebKit story, Kennedy contends, could be a feint and that Microsoft will instead adopt Gazelle, Microsoft Research's brand-new engine that thinks like an OS. 'This new engine will supposedly be more secure than Firefox or even Chrome, making copious use of sandboxing to keep its myriad plug-ins isolated and the overall browser process model protected.'" The sticking point will be what Microsoft does about compatibility for ActiveX apps.
...they're going to buy Mozilla. Mark my words. :P
It is by my will alone my thoughts acquire motion; it is by the juice of the coffee bean that the thoughts acquire speed
Given their history, this could be pretty funny.
given how beefy computers are going to be by the time IE9 comes out
Moore's Law be damned. People have been using this excuse for years to write bloated, crappy software. How about for once we don't try to predict the future. Instead, lets write the code for todays hardware. People seem to forget that we have sold way more computers than people in the world... no reason to replace them all to run IE9.
It is clear you do not understand why ActiveX must be married to the operating system.
Really? Because it's not clear that you do. Seriously, would it kill people to bring the issue to the surface in an intelligent manner that might benefit those of us who are outside the loop on this? I'm not asking for a thesis but rather a simple dialog that can be researched by people who are interested in learning more about the issue at hand.
Dedicated Cthulhu Cultist since 4523 BC.
Because Balmer frowns on extramarital sex between software components
The rendering engine. The browser itself will probably still be called Internet Explorer 9, no reason to throw away a strong brand. It will use a new layout engine with deep Silverlight integration.
``Funny how the vendor of one of the world's most insecure operating systems now considers that they're going to one-up the competition with the most secure browser / operating system?''
I wonder if Windows is still one of the world's most insecure operating systems. Microsoft have certainly been working hard to improve things, which is more than I can say for many other operating system vendors. Meanwhile, Linux user seem to be content pointing and laughing at Microsoft's efforts and pointing out that Linux is so much more secure.
I won't make any claims about which operating system is more secure than another operating system (because I think it is fundamentally impossible to measure, let alone to know), but if I see that Microsoft is introducing things like address space layout randomization and non-executable stacks, I have to wonder why those features aren't in other mainstream operating systems yet. OpenBSD has done a lot of pioneering work already, but when will we see the day that all of Debian is compiled with -fstack-protector and ships with PaX enabled?
Please correct me if I got my facts wrong.
I seriously doubt IE will have the majority of the market share by the time IE9 comes out. Many of the web usage reports out there are showing that Firefox is at 20% or higher and that Safari is around 5% or so.
I would also argue that a lot more 'dumb consumers' (people like my parents) are buying Macs now to be trendy which will help IEs market share drop.
Also has anyone used IE8 yet and tested sites out on it? I've used it and it rendering engine is pretty terrible, even when set in emulate IE7 mode which then introduces a complete new set of rendering bugs.
"During My Service In The United States Congress, I Took The Initiative In Creating The Internet." -Al Gore
You can do the same thing with a signed Java Applet. OMG! Java is tightly integrated to the OS!
The author states: At least, that's what I'm hearing through the grapevine ... but the fantasy woven by the author).
The author is effectively saying his story is not credible! Slashdot is supposed to run with a hypothetical situation about IE8 demise instead of commenting on real news? It should be fun scanning through these comments to find out who bites (not the big one
A lot of people seem to have little-to-no understanding as to what ActiveX is. It is a plug-in infrastructure based on COM, nothing more, nothing less. It allows for a library to provide a visual component that can be loaded by another application to display content. That plug-in infrastructure was used in Internet Explorer to load browser plug-ins. Those plug-ins run within the browser process under the current user security context. There is absolutely no functional difference between ActiveX in Internet Explorer on Windows or an XPCOM plug-in for Firefox on Linux.
The problem is that in both cases those plug-ins have to have a fairly wide amount of functionality. If that plug-in is intended to display video then it has to be able to work with the video API of the platform in question. As such these plug-ins generally cannot be sandboxed too tightly otherwise they would no longer be able to function and their usefulness of being able to extend the functionality of the browser is lost.
https://addons.mozilla.org/en-US/firefox/browse/type:7
This website lists the XPCOM plug-ins available for Firefox. There are quite a few more if you follow the link to the bottom. If a vulnerability is identified in ANY of those plug-ins a successful exploit will be fully capable of trashing the profile of the current user and there is nothing that Firefox can do to stop it, even on Linux.
Yes, especially since the emancipation proclamation was nearly 130 years ago.
ActiveX applications have no more "connections" than any other Win32 app.
But I was looking at ActiveX's facebook page and it had like a million friends in common with Windows - isn't that a deep connection?
You've clearly never tried to kill a zombie process.
Intel giveth, Microsoft taketh away.
Help stamp out iliturcy.
There is no alternative namespace, there are merely alternate streams in a file - named locations for storing meta data. The file is right there in the filesystem, obvious to all. The file data may be a bit hidden, requiring normal Windows system calls to read (just like one uses normal Windows system calls to create alernate data streams), instead of Notepad. Oh, wait, you can read them with Notepad too. What a bunch of FUD.
This... is actually not the whole story.
NTFS is actually a case-sensitive file system. You can illustrate this by installing Services for Unix. This is an alternative subsystem that doesn't go through the normal Windows API (or the DLLs implementing it) and collection of Unix programs that have been "ported" to it. Once you install this, programs that are part of SFU are able to create files with the same case-sensitive name but different case.
Instead, the reason you normally can't do this is because the DLLs that are part of the Windows subsystem (the one providing the normal Windows API) hides this case-sensitivity in concert with the file system driver. (IIRC, open commands in the driver get a flag saying whether to be case-sensitive or not.) Instead of making calls through the Windows API, you can either use another subsystem like SFU or make native system calls directly (though that interface isn't supported).
Finally, the implementation of the Windows API is such that if you create two files with different case but the same name, only one will be visible through the Windows API, at least with NTFS's implementation of all of this.
This means that if you want to write security software for Windows, to catch malware written by people who know about this hole, you need to make API calls to an undocumented interface if you don't want to require people to install SFU. (Of course, security software does so much other stuff that's even worse that's hardly a drop in the bucket.)
DEPRECATED, motherfucker. DEPRECATED.