IE Standardization Fading Fast

alphadogg writes "Just as Internet users in general have defected in huge numbers from Microsoft Internet Explorer over the past several years, the business world, as well, is becoming less dependent on the venerable browser. Companies that used to mandate the use of IE for access to web resources are beginning to embrace a far more heterodox attitude toward web browsers. While it hasn't gone away, the experience of having to use IE 6 to access some legacy in-house web app is becoming less common. 'A lot of it has to do with the emergence of the modern web and the popularity of mobile. They have made it very different for companies to truly standardize on a browser,' says Gartner Research analyst David Mitchell Smith."

shit

Without Microsoft nobody will be left to defend us from the Ubuntu £inux monopoly.

Re:shit

[hairyfish]

Isn't it funny how all the hate and anger and lawsuits thrown at MS had pretty much zero affect on their market position, and what really made the most impact was innovation (ie the Mobile (r)evolution).

Re:shit

[Lotana]

Whatever the cause this trend is great news indeed. After all these years of painfully adding exceptions to our websites to deal with Microsoft's stubborn refusal to follow standards, there are finally signs of improvement. We are not out of this mess yet and things may get worse, but for now let us just be happy with the news.

I propose all of us raise a glass of your favorite beverage to toast the beginning of the end of web's dominance by Microsoft!

Re:shit

[bidule]

Yeah. Micro$oft, £inux, Appl€. The Unholy Trinity.

Now, if Son¥ was in there, we'd have the Four Horsemen of the Apocalypse.

Re:shit

[hairyfeet]

Isn't it funny how we are replacing one asshole company with one that is an even bigger asshole? I hates the way MSFT pushed IE onto everybody and frankly what we are seeing now is even worse, as at least before you could just lie with the UserAgent and get around a bunch of the bullshit, but now instead of Redmond dictating we got Cupertino and Apple makes MSFT look like big sweaty care bears by comparison.

I mean we went from having an open format be the baseline in HTML V5 to patent troll MPEG-LA getting to stick a tollbooth with H.264, thanks to Apple making it clear "We don't give a fuck what YOU choose, its not running on iPhone/iPad PERIOD" and then to add insult to injury they also pretty much single handedly killed mobile flash where Adobe was at least nice enough to pay the license fees and let any browser or distro run H.264. Now try to bundle H.264 in a free product and see how quick you get a cease and desist, just ask Mozilla.

So if you wanna cheer MSFT losing power? Right there with ya, in fact I championed breaking up the company when they lost the antitrust. But what we are seeing is we are kicking the old lame dog while ignoring the two fucking lions that are saying "kick the dog" while they get ready to take a bite out of our collective asses. say what you want about MSFT but I could take any laptop or desktop and have their shit gone and well on my way to installing any damned thing I wanted in minutes, try that with a Chromebook and see how far you get. The web won't fare any better thanks to Cupertino dictating everything, If Apple has their way the only browser will be Webkit and only Apple approved formats will be on the web and sadly? Its seriously looking like they are gonna get their wish, Flash gone, Opera dropping their engine so they can get on iToys (and I wouldn't be surprised if moz goes to as they won't get on the iPhone/iPad if they don't bow to Cupertino's wishes) and video controlled by a patent troll...where is things getting better again? This is like saying "Instead of the guy on the corner kicking us in the face the guy across the street just hits us with a brick!"...uhhh, how about neither guy hitting us at all? How about being able to choose none of the above? wouldn't that be better?

If there is one thing we need to protect its an open web but all we are doing is replacing one master for another and that's just not the way we should be going, we should be trying for no masters at all.

Re:shit

[drcagn]

Microsoft: Develops proprietary non-standard browser set to default on their dominating operating system, takes over the web
Apple: forks an open source browser project, develops Webkit out of it, gives it back to the community and works with the community, refuses to support proprietary buggy exploit-ridden browser plug-ins and helps kill it off from the web

i'm not happy about the whole h.264 thing either, but at least we know they have a reason--their idevices are only capable of decoding h.264 in hardware. it doesn't really make it any better but what they have done isn't anything near what MSFT did 10+ years ago.

Re:shit

[Daniel+Dvorkin]

When Apple gets a 90% share of the browser market, and you routinely see sites telling users "You must be running Safari to access this site," let us know.

Re:shit

Hardware h.264 decoding is just code running on a DSP, it is quite possible for Apple to add support for HW decoding other codecs if they really wanted to.

Re:shit

[drakaan]

Can't take it...

<grammarnazi>'affects' is a verb (not in this sentence, but in normal use). 'effects' is a noun.</grammarnazi>

Danger! Danger Will Robinson!

I've seen a lot of people start making this mistake again, but now it's the KHTML/Safari/Chrome/Opera engine, especially on mobile.

Re:Danger! Danger Will Robinson!

[UnknowingFool]

Yes but the important distinction is that WebKit is open source. While Apple has a lot of influence on it, if Google doesn't like Apple's changes, they can fork it as can anyone else.

Re:Danger! Danger Will Robinson!

Um, they all use Webkit, and Opera is no longer entirely different. There are now three major rendering engines: Webkit, Gecko and Trident/IE.

Re:Danger! Danger Will Robinson!

[ozmanjusri]

Opera's entirely different.

Not for long: http://my.opera.com/ODIN/blog/300-million-users-and-move-to-webkit

Re:Danger! Danger Will Robinson!

It should be noted that Google has recently overtaken Apple as the largest contributor to Webkit.

Re:Danger! Danger Will Robinson!

[aztracker1]

Spoke too soon.. damn.

Re:Danger! Danger Will Robinson!

[Dupple]

Here's some info showing the share of contributions

http://blog.bitergia.com/2013/02/06/report-on-the-activity-of-companies-in-the-webkit-project/

It's a good start, but...

[Ichijo]

Let's hope companies also stop mandating the use of Shockwave and JavaScript, or at least let me use the web site without having to completely disable NoScript.

Re:It's a good start, but...

[Urd.Yggdrasil]

Shockwave hasn't been used much for a quite a while, unless you are referring to flash (but hopefully html video will kill that eventuall). Javascript on the other hand is going to be around for quite a while, what we are more likely to see will be things like signed javascript or some other security mechanism like that added to it.

Re:It's a good start, but...

[steelfood]

I rather they do use Flash and Shockwave than put everything in HTML5. Then I would have even more trouble disabling everything.

Re:It's a good start, but...

[93+Escort+Wagon]

And it was probably the only good Shockwave app ever - Snowcraft.

Re:It's a good start, but...

[kcmastrpc]

no thanks. as a professional web developer I often have to let my clients know that to "do that fancy ajax stuff" I need to use JavaScript, and if they want to retain compatibility with non-JavaScript browsers then it will cost them significantly more for their project. i then show them how their favorite sites like amazon, ebay, etc. will simply refuse to work without JavaScript enabled and they opt to still use JavaScript but refuse to support non-JS browsers.

If you did any sort of serious web development you'd also know how time consuming it is to include support for no-script crap.

Re:It's a good start, but...

[casab1anca]

Web forms ultimately need to be validated on the server side, so client-side validation isn't 100% necessary.

Server-side and client-side validation serve different purposes. Server-side validation is important for security reasons, but client-side validation provides for a better user experience by identifying errors right away instead of waiting to submit and refresh the page.

Re:It's a good start, but...

[corychristison]

I'm a web developer and I agree with you sort of. Developers have become way too fucking dependant on JS and frameworks like jQuery, Mootools and YUI.

What I don't agree with you on is your Privacy arguement. I don't see how it causes privacy issues. You can track people without javascript.

As for security that is unfortunately an implementation issue and/or convenience tradeoff. JavaScript itself is not insecure.

Re:It's a good start, but...

[kcmastrpc]

The majority of developers have moved to CSS3 for eye candy - but you can't shuffle jquery, ajax, etc. to CSS - it's not going anywhere.

Also, why shouldn't we do validation in JavaScript? You know those nifty info boxes that slide open while you're filling in a form? That happened because JavaScript did validation on it, and it probably did it before firing off an AJAX request to see if that user name was actually taken (you know, instead of sending every single character you typed to the server). Ultimately all data should be validated by the server, because that's the sane thing to do - but there is no reason give that task to the server when JavaScript (your browser) can determine if it's valid or not.

Re:It's a good start, but...

[UltraZelda64]

Same here, it's been a while. I admit, I actually used to like those Radiskull & Devil Doll cartoons, and a lot of the stuff on Joe Cartoon. There were also some fun games on Newgrounds like Pico's School. Flash has since engulfed Shockwave (now including Shockwave functionality) and is now mostly used for web videos... the sooner Flash is gone, the better. It's always been a pain in the ass and its Linux support sucks. And does the damn thing even run on BSD? Also, I don't even think my phone has a "real" native Flash plug-in, relying on the YouTube "app" or a standard video player to play flash video around the web.

Re:It's a good start, but...

[aztracker1]

Agreed here... why should I burden my server with a full page refresh just to display an error on one single field? For that matter a lot of things are more effective having rendered templates client-side... you can definitely use a mix. JS is very fast and capable.. why not use a little of the client browser's resources and save the server a bit.. it leads to better scaling.

As a bonus, with the rise of tools like NodeJS and MongoDB, you can leverage JS much more broadly, and not have to completely switch contexts going from client side code to server-side. Regularly working in 3-5 languages on a project is cumbersome... JS is necessary on the browser... anything else is constrictive, I feel that way about CoffeeScript to some extent as well. Other cross-compilers to JS are too difficult to debug.

Re:It's a good start, but...

[HaZardman27]

Developers have become way too fucking dependant on JS and frameworks like jQuery, Mootools and YUI

There is no better way for making interactive web applications than using Javascript. The only real alternatives are using proprietary platforms like Flash or Silverlight. The level of interactivity on the web that people demand these days has gone past the level you can get from reloading an HTML document every time the user clicks something or enters some text. Add in the development of WebGL for hardware accelerated 3D graphics in web browsers and some of the other fancy features of HTML5 and it's easy to see that Javascript isn't going anywhere for a while. jQuery, on the other hand, is pretty slow and should be used sparingly.

Re:It's a good start, but...

[HaZardman27]

JavaScript is insecure and violates privacy

Javascript is a language; it cannot violate your privacy. Security and privacy issues related to Javascript can only be application-specific issues which are introduced by the developers of said application. Javascript as a language is in no more violation of your privacy than C.

Re:It's a good start, but...

[HaZardman27]

This. The percentage of web users who are running non-JS browsers or have JS disabled is small enough not to matter for the people funding web development. As a developer, the best you can do, particularly in a project involving AJAX, is to have RESTful web services that allow a clever enough user to get the information they need without Javascript running, even if the site is as ugly as hell. They may have to parse some JSON or XML on their own, but that's their problem if they don't feel comfortable with their browsing executing JS.

Re:It's a good start, but...

[reasterling]

I do not know if the grandparent post was refering to insecurity from the clients point of view or the servers. However, if the website depends on js for input validation then the website is fundamentaly insecure. If we are looking at security from the users perspective then I am mindfull of cross site scripting, an attack method that is #2 on the OWASP top 10 list. JS can be done correctly but the user has to trust not only the site they are visiting, but also every advertizement or other object that the page has requested from some outside source. As a web developer I know, as I think you do, that js can be made safe. You are technicaly correct that js is just a language. But, I suspect that even you realize that simply trusting all js that is loaded into your browser is inherently insecure.

Re:It's a good start, but...

[Ash+Vince]

no thanks. as a professional web developer I often have to let my clients know that to "do that fancy ajax stuff" I need to use JavaScript, and if they want to retain compatibility with non-JavaScript browsers then it will cost them significantly more for their project. i then show them how their favorite sites like amazon, ebay, etc. will simply refuse to work without JavaScript enabled and they opt to still use JavaScript but refuse to support non-JS browsers.

If you did any sort of serious web development you'd also know how time consuming it is to include support for no-script crap.

As someone who has been a professional web developer for a decade or so I mostly agree with you, but you are neglecting accessibility.

Where I work we do a lot of work for government type organisations and they are not allowed to discriminate against people with disabilities. That means that they have to have sites that are usable by blind people using a screen reader (mostly jaws I believe). That means we waste thousands of pounds of taxpayers money on making amazing ajax websites that also degrade to a usable solution if you have JS disabled. Of that money wasted keeps me in beer tokens so I don't complain too loudly :)

There is one site we have where the core offering is selling e-learning courses reliant on a standard (called SCORM 1.2) that requires JS in order to launch the courses. Since the site is owned by a government body though (even though it makes a profit for that body) the site has to work in a screen reader. You just get all the way down to the product pages and find that almost every single product will not let you add it to your basket without JS. Of course the entire basket process works fine with no JS, as does the entire rest of the site as it all had to as part of the tender despite us mentioning what and utter waste of cash this was in the various meetings.

I call BS

[jeromio]

Try finding a merchant account with a bank (not a new fangled Web 3.0 deal like Square) that doesn't specifically write their "web" app to specifically *only* work with IE on Windows. There are lots of other examples of extranet "applications" that are written w/ MS libraries that depend on IE .It's frustrating and depressing.

Re:I call BS

Try finding a merchant account with a bank (not a new fangled Web 3.0 deal like Square) that doesn't specifically write their "web" app to specifically *only* work with IE on Windows.

Done.

In fact, none of the (Australian) banks I've used in the past few years has had that requirement. Does the US work differently?

Re:I call BS

[denmarkw00t]

No, and I'm not sure where he's from - I live in the US and none of the banks I've used in the last maybe 5 years have mandated IE 6 - at least not to the public. I worked for Big Ol' Bank for a spat and, up until recently, IE6 was the "must be compatible with" browser of choice, although not the only that we could use. So, our internal sites worked great on modern browsers, and maintained functionality in IE6 thanks to some good JS libraries and sacrificing some data-intensive tasks for people who couldn't get clearance to download a new browser. They've since done a push to install Windows 7 across the enterprise, but who knows when that will be done.

Re:I call BS

[Zontar+The+Mindless]

Although some ANZ accounts apparently need IE

I've always been able to use FF/Linux with my ANZ account since I opened it (2004).

Not "venerable"

[DoofusOfDeath]

I don't believe IE ever deserved to be called venerable.

Re:Not "venerable"

[sdnoob]

one of the definitions is.....

impressive by reason of age

how many other single versions of a web browser have had as long a supported lifespan as ie6?

12 years 7 months and 15 days between rtm (24 aug 2001) and xp eol (8 apr 2014).

as much as you and i, and pretty much everybody else, may dislike ie6, that IS impressive.

Re:Not "venerable"

[prasadsurve]

I don't believe IE ever deserved to be called venerable.

venerable: No

venereal: Maybe

5 Browser Compatibility Projects in 3 years

[DontLickJesus]

All of them specifically to convert IE only sites to support at least Firefox, Chrome, & IE. A few of them even specifically listed Safari. We may not have seen the cusp of the wave, but companies have definitely heard the message loud and clear, and are responding appropriately.

Venerable?

[multimediavt]

I can't say when there was a time when "venerable" would describe Internet Explorer. It's pretty much been despised its whole existence.

Re:Venerable?

It was a typo. They meant to write 'vulnerable'.

Re:Venerable?

[grcumb]

It was a typo. They meant to write 'vulnerable'.

I thought it was an autocorrect of 'venerial'.

Nowadays IE is annoying

[lucm]

Today a client of mine bought a subscription to a web application (SaaS) and because they have Windows 8 workstations (IE10 built-in) they had to install Firefox, otherwise the web application would not work.

In the last two versions or so of IE, Microsoft has taken a path of enforcing things prematurely. IE is the only browser where jQuery post is not working, and they also force CORS down the throat while many applications are built on jsonp solutions.

I remember a long time ago where workarounds in CSS were mostly for Netscape. Now it's almost always for IE.

Re:Nowadays IE is annoying

[ahabswhale]

Query post works in IE, it's just that IE was written by retards and will actually do something no browser written by intelligent humans would ever do: cache Ajax POST calls. Yes, they actually treat POSTs like they are fucking idempotent calls. I shit you not. I assume this was in some misguided attempt to make up for the shitty performance of their browser. This caused a problem in a web app we wrote and it took a while to figure out because it never occurred to us that any browser could be this fucking stupid, but IE managed to exceed our expectations. jQuery has built in cache busting for ajax calls but it only works for GET calls, so we had to add in our own to resolve it.

I have not checked to see if this is something that has been resolved in recent iterations of IE (9 or 10).

Gartner Doesn't See Internal Apps

[guttentag]

For every business that Gartner "knows" is dropping IE standardization, there are 100 it doesn't know about who are continuing to mandate IE use because they bought some legacy Web-based app that is only used internally, and the people who wrote that app were too lazy or incompetent to write it in actual HTML (as opposed to "we played with it until it worked in this browser, so this is what your users must use").

My favorite example of a web-app developer who knew virtually nothing about HTML but shipped what "worked" had every single element on the page absolute-positioned with CSS. What looked like a simple table of 30 rows of data on the screen was actually hundreds of DIVs that had been rendered on the fly by the server with absolute position coordinates for each one. Even INPUT elements that were invisible had absolute positions calculated for them. Every time someone loaded a page, the server would calculate the offset for each "cell" in the table so it would look like a table, and for dozens of invisible form elements so they wouldn't collide with the table. The billion-dollar non-tech company that bought this couldn't figure out why the server frequently became unresponsive... They actually bought a second server from the developer and a load balancer to get around the fact that the developer didn't understand basic HTML, and have been using the app for 7 years. When I explained the problem to them, they reasoned that it would cost them more to ask the developer to do it properly that to just add additional servers as needed. They will probably be using it for the next 20 years. And the login page states that it requires IE.

Often this type of app lives on an internal server that will never be updated because the company doesn't want to pay for something that works well enough, but serves some essential purpose that hundreds or thousands of employees are required to use daily. IE standardization will die out in consumer applications long before it goes away in businesses. Microsoft knew this is how most businesses approach computers, and it's the reason the Windows/Office/IE monopoly was so successful. It's the reason Microsoft is still successful despite the Ballmer decade.

Re:Gartner Doesn't See Internal Apps

[Zontar+The+Mindless]

Hello, you seem to have missed the bit where the page was made up of hundreds of absolutely-positioned DIV tags, the co-ordinates for which were calculated at runtime on the server.

Now, take a deep breath, count to 10, then try again.

Looks like good news

[Alex+Vulpes]

Mass Defections from IE? Steam for Linux? This will be the year of... no wait someone says that every year.

So instead: this is hopefully a sign that, in the world of computing, monopolistic practices will give way to healthy competition.

There we are, tentative but hopeful!

Gratifying

[DNS-and-BIND]

Nice to see that typical snide attitude of "but our site is certified for IE 6, so use it" that was so common among web developers getting its comeuppance by the CEO's latest smartphone. I would have given a dollar to be there every time one of them was told to his face that his site needed to become cross-platform, and pronto. I can only imagine the weeping and gnashing of teeth as the web developer fearfully installed Firefox and Opera and began to learn that awful vocabulary "cross-platform".

Re:Gratifying

[symbolset]

"But it is cross platform. It works in IE8 AND IE9."

Sad, isn't it?

[inode_buddha]

Sad, isn't it? People are *still* talking about standardizing on browsers instead of enforcing adherence to standardized markup languages.

All the newer IBM training courses...

[funwithBSD]

Require Firefox or Chrome, but will not run on IE.

Of course, they are really pushing the Linux Desktop as well, they had a program recently where if you had an older laptop you could get a newer one if you went with a Linux based system.

Mod parent up

[tlambert]

There is in fact legislation in Korea requiring the use of an ActiveX control as an anti-Phishing measure, and there has been since the 1990's, in order to implement the SEED encryption algorithm in a captive frame; here is a report on it: http://www.techdirt.com/articles/20120507/12295718818/south-korea-still-paying-price-embracing-internet-explorer-decade-ago.shtml

Similarly, Chinese banks implement an alternate ("software clipper chip") asymmetric key encryption, also in a captive browser frame.

The software that initially implemented this was developed in Germany, and there are a number of major banks all over the world which require ActiveX controls to implement secure banking. This is why if you search for "banking activex firefox" or "banking activex safari" or "banking activex opera", you will see lively discussioms with people bitching about not being able to do banking.

Now, there have been several researchers who have published exploits, which indicate, that it's possible to attck through the ActiveX control, and therefore this type of thing in reality provides no security any longer. But moving a bank or a government is like trying to move a mountain.

Before you fault them, realize that when you are logging into your Google account, you are also doing so in a captive browser frame -- which is why there aren't programmatic ways to log into Google accounts.

Re:popularity of mobile

[happymellon]

I seriously doubt it. WinRT is a horrible mobile OS, maybe with WinRT +1, but it's current incarnation has enough loose ends to make Gnome 3 look polished.

the big one

[smash]

.... is safari. the corp types are wanting to use apps on their i-devices, and IE doesn't run on them. iPad and other mobile device compatibility is essential.

"We need to spend money to get rid of IE" doesn't fly with management.

"You can't run that on your iPad because it needs IE" however, does.

Re:Almost dead enough

[jellomizer]

In technology a product can be dead and still widely used. When we say it is dead it means there are little to none development for it, and anything that does work that is new is by chance and not by design.