Microsoft Is Confident In Security of Edge Browser

← Back to Stories (view on slashdot.org)

Microsoft Is Confident In Security of Edge Browser

Posted by timothy on Tuesday May 12, 2015 @01:40AM from the way-out-there-man dept.

jones_supa writes: It's no secret that Internet Explorer has always been criticized for its poor security, so with the Edge web browser (previously known as Spartan), Microsoft is trying to tackle this problem more effectively and make sure that users consider it at least as good as Chrome and Firefox. In a blog post, Microsoft details the security enhancements available in Edge, pointing out that most of the changes it made to the new browser make it much more secure than Internet Explorer. There is more protection against trickery, app containers are used as the sandbox mechanism, and protection against memory corruption is better. Old, insecure plugin interfaces are not supported at all: VML, VBScript, Toolbars, BHOs, and ActiveX are all nuked from the orbit.

133 comments

Min score:

Reason:

Sort:

How hard will this break Corp Intranet apps? by disposable60 · 2015-05-12 01:44 · Score: 5, Insightful

So all those corporate intranet apps that stupidly require IE - how hard will Edge break those?

--
You're looking for quotes? See my journal.
1. Re:How hard will this break Corp Intranet apps? by Shados · 2015-05-12 01:53 · Score: 5, Insightful
  
  hard enough that IE11 will still be supported for a while in parallel.
  Thats the whole point of Edge. So that Microsoft can have a real browser without leaving the big corps legacy shit behind.
2. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 01:53 · Score: 2, Informative
  
  Which is why you wont use edge, you will use the legacy support version that they are also shipping. They are essentially splitting IE into two browsers, one for locked down, legacy, corporate use, and one for normal users.
3. Re: How hard will this break Corp Intranet apps? by Voyager529 · 2015-05-12 01:55 · Score: 2
  
  Very. It's why they're including internet explorer as a separate application. Edge isn't intended to run IE specific applications.
4. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 01:58 · Score: 3, Funny
  
  At least we won't have to retrain all the users! "Yeah, yeah, just click on the 'E' to go the the Internet. What? It looks a little different this year? Oh, that's because Al Gore changed the icon in his latest patch. Don't worry about it."
5. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 02:15 · Score: 1, Troll
  
  I really look forward to rewriting the 30-40 corporate .NET apps (That only ever worked in IE).
  Yeah...IIIIII Love it!
  You stupid Fuckers, Microsoft.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
6. Re:How hard will this break Corp Intranet apps? by peragrin · 2015-05-12 02:17 · Score: 4, Insightful
  
  Why were you stupid enough to write apps that only ever worked in IE to begin with?
  Don't blame microsoft for your stupidity. We have enough to blame Microsoft for that is legitimately their fault.
  
  --
  i thought once I was found, but it was only a dream.
7. Re:How hard will this break Corp Intranet apps? by MachineShedFred · 2015-05-12 02:26 · Score: 3, Informative
  
  Write against a vendor locked-in API, get vendor locked-in.
  
  --
  Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
8. Re:How hard will this break Corp Intranet apps? by drakaan · 2015-05-12 02:26 · Score: 4, Informative
  
  If only I had mod points. I write .net web apps all the time, and for businesses, and I test in IE *last* because first and foremost, I want it to work in the future, which means for mostly-standards-compliant browsers. Writing IE-specific code is an extremely bad plan. Not all browsers are running on windows desktops or laptops.
  
  --
  "Murphy was an optimist" - O'Toole's commentary on Murphy's Law
9. Re:How hard will this break Corp Intranet apps? by mwvdlee · 2015-05-12 02:28 · Score: 1, Flamebait
  
  Serves you right for deliberately making incompatible apps.
  The world has known about the evil of IE-only apps well before .NET existed.
  
  --
  Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
10. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 02:31 · Score: 1
  
  What in the actual hell is wrong with your dev team that they so incompetently bypassed all of the browsercaps stuff built into ASP.NET? I've been a .NET developer for close to 10 years, and I've never had to even think about which browser needed to access any web applications I've made. They've all worked OOTB with every major browser. (The only exception I can remember was that the very early versions of the AJAX extensions had some issues with Safari. But that was, at the time, an optional external library, and it was fixed within a week.)
  I've even integrated ASP.NET with "classic" ASP successfully (getting them to share a session state is a PITA), and even that didn't have any browser compatibility problems. I've built with AJAX, both server-driven (AJAX controls libraries) and client-driven (plain-old jQuery calling .NET back-end). No compatibility issues. I've used homegrown and pre-built CMS systems (never roll your own, it sucks) without compatibility issues.
  You're going with the classic "blame the tools" bullshit. Microsoft isn't the "stupid fuckers" you should be yelling at here. You and your dev team are TRWTF.
11. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 02:31 · Score: 0
  
  Don't worry, a few days after release we will find that all the old crap can be turned on with registry tweak. Microsoft never writes new programs. They are just polishing a turd as usual.
12. Re: How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 02:34 · Score: 2, Insightful
  
  Very. It's why they're including internet explorer as a separate application. Edge isn't intended to run IE specific applications.
  I'd say it's pretty clear that the only real thing Microsoft is confident in, is that users will actually USE the Edge solution.
  That's a cute assumption you've got there. Good luck with that.
13. Re:How hard will this break Corp Intranet apps? by thedonger · 2015-05-12 02:44 · Score: 2
  
  Don't worry, a few days after release we will find that all the old crap can be turned on with registry tweak. Microsoft never writes new programs. They are just polishing a turd as usual.
  Either way, I have seen so many low-power, corporate users switch to Chrome in the last couple years that I doubt Edge will get the market share typically enjoyed by IE. After all, it was the masses not willing to be early adopters of Firefox, Chrome, or Opera that kept IE in the forefront. Once legacy business apps that require IE (probably 8/9 with a smattering of 7 and 10) disappear or are converted, Edge will just be another browser. And "IE" usage stats won't prop it up because as a browser it will necessarily be a separate usage group from preceding versions.
  
  --
  Help fight poverty: Punch a poor person.
14. Re: How hard will this break Corp Intranet apps? by VTBlue · 2015-05-12 02:51 · Score: 3, Interesting
  
  Not true. Microsoft has thought this scenario true thoroughly. Corporations can configure Windows to only launch IE whitelisted domains or sites. This way organizations can default to Edge for general usage while whitelisting legacy apps or apps that have legacy headers.
15. Re:How hard will this break Corp Intranet apps? by Archangel+Michael · 2015-05-12 03:02 · Score: 1, Informative
  
  I would even suggest that IE is just a minority of browsers surfing the net these days. Every time I use IE, I wonder how anyone considers it useful. Just yesterday, I saw a very interesting rendering bug in IE (I have to use it for testing) on a website. Apart from being slow and clumsy, it is still that buggy.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
16. Re: How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 03:15 · Score: 2, Interesting
  
  So, all I have to do in order to break these systems is to include the legacy compatibility headers? Then users who think they're using Edge will actually use IE 11? Fantastic.
17. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 03:16 · Score: 3, Informative
  
  Some of us have to write .net in the environment provided and using the rules provided. In the case of my major defense company employer, that is VS/SQLServer/.NET/IE only.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
18. Re:How hard will this break Corp Intranet apps? by Njorthbiatr · 2015-05-12 03:17 · Score: 1
  
  Wait, you wrote stuff for .NET and you can't port it to other platforms?
  Have you ever heard of design paradigms?
19. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 03:24 · Score: 0
  
  I have passed on your comments to my several levels of managers and the several teams of software architects/DBA/Quality people in my 100 billion plus market cap company.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
20. Re:How hard will this break Corp Intranet apps? by omnichad · 2015-05-12 03:24 · Score: 0
  
  If you really know HTML/Javascript for your client side code, it will work in other browsers anyway. It's only bad coding that works in IE only. If you used ActiveX client side, that's a security problem that I would think a major defense company would have already eliminated.
21. Re:How hard will this break Corp Intranet apps? by omnichad · 2015-05-12 03:26 · Score: 1
  
  It's server-side code anyway. The client side should only ever be receiving HTML/Javascript. And if your HTML/Javascript is so bad that it only worked in one browser (worst of all IE-only), there's no hope for you.
22. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 03:29 · Score: 1, Informative
  
  Have you ever heard of a company that has specified tools, legacy tools, requirements that are given to you and that you must adhere to? I have, I work for one. They have tons of code and intranet sites written specifically for how IE works.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
23. Re:How hard will this break Corp Intranet apps? by drinkypoo · 2015-05-12 03:35 · Score: 1
  
  I have passed on your comments to my several levels of managers and the several teams of software architects/DBA/Quality people in my 100 billion plus market cap company.
  The appeal to authority and the appeal to popularity in the same comment! You could have been more fallacious, but you would have had to work at it.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
24. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 03:42 · Score: 1
  
  It's code generate by the tools I was provided and mandated to use.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
25. Re:How hard will this break Corp Intranet apps? by John.Banister · 2015-05-12 03:43 · Score: 1
  
  Sounds like management backed the wrong horse.
26. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 03:45 · Score: 0
  
  It's is an acknowledgement of the authority that pays me and provides the tools and environment I have to code in.
  Some of us actually have jobs, managers, etc.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
27. Re:How hard will this break Corp Intranet apps? by Cro+Magnon · 2015-05-12 03:53 · Score: 1
  
  Sounds like management backed the wrong donkey.
  Fixed your post.
  
  --
  Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
28. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 03:57 · Score: 1
  
  I'm beginning to think not many of you have worked in a very large defense company where code is audited and certified.
  Tools, code snippets, etc are written, tested, undergo a security audit and then certified for use. If MS changes the way something works, Single Sign on for instance, then that code has to be retested and re-certified. There are no Cowboys here and every last change is backed with paperwork and multiple signatures.
  We have an infrastructure built up over years that is tightly integrated with the SAP system that runs the entire company, supports government auditing requirements, etc. So when MS goes in and changes stuff, we have to do tons of testing.
  It's not just us either. When we we upgraded to IE11, guess what broke...the ADP site where people handle payroll issues.
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
29. Re:How hard will this break Corp Intranet apps? by omnichad · 2015-05-12 04:04 · Score: 1
  
  Going back to the parent post, it's still a bad plan. That just means it wasn't your bad plan.
30. Re:How hard will this break Corp Intranet apps? by praxis · 2015-05-12 04:09 · Score: 2
  
  In an earlier post, you blamed Microsoft, with your comment "You stupid Fuckers, Microsoft", for the headache they've caused you with their ecosystem. Your blame is misplaced, though. It is the fault of your authorities, who selected that ecosystem, and yourself, for agreeing to use that ecosystem. It's common knowledge that when you give control over your platform to another company, you accept the risk that the platform no longer suits your needs in the future.
  Your options are to accept the change and rewrite your applications with the new Microsoft system, or if you are to rewrite it anyhow, to choose an ecosystem that has a wider support network than one vendor.
31. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 04:14 · Score: 1
  
  Then they can pay you more to update them as well. So it really shouldn't fucking matter you little whiner.
32. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 04:26 · Score: 0
  
  my 100 billion plus market cap company.
  Then they will pay you to fix that shit or they will suffer the consequences. Not your problem.
33. Re: How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 04:27 · Score: 0
  
  If only there were a way to notify users of the things happening on their computers. I know! We could use small graphics that change. I name these small representational images "InfoPics".
34. Re: How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 04:35 · Score: 0
  
  So MS should never update their platforms and products because it might inconvenience the lumbering, fed from the nipple of taxpayers' money, stupid defence contractors?
  Fuck you. And fuck your employer, too.
35. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 04:47 · Score: 0
  
  So all those corporate intranet apps that stupidly require IE - how hard will Edge break those?
  Edge is (intended to be) a web browser. IE is not a web browser but an application frontend.
  Edge is in the same category as Chrome, Safari, and what Firefox used to be in the past.
  Internet Explorer is more closely related to what Firefox is today, though both are very different internally neither one are web browsers.
  A good rule of thumb to tell the difference - web browsers must render web pages and support the HTTP URI and transport protocols, something IE can't do and is being removed from Firefox as we speak.
  IE is mostly just a .net app front end, although there are other MS technologies it is/was a front end for such as ActiveX.
  So to answer your question, Edge would break .net intranet apps just as much as any real web browser would (aka near 100%), which is why corporations will have both Edge and IE installed.
36. Re:How hard will this break Corp Intranet apps? by LifesABeach · 2015-05-12 04:56 · Score: 1
  
  About as hard as a 14 year old getting bored, then getting curious.
37. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 05:06 · Score: 0
  
  The government still uses IE for a majority of their intranet. I'd assume many large corporations as well. Why? Because they painted themselves into a corner by only allowing "approved software" on the network that in itself takes at least 2-3 months to vet, longer for mass deployments. Windows 7 had been out for nearly 3 years before it was even in test on a handful of desktops. Hell, IE9 was used up until mid last year, then the switch was made to IE11. To use Firefox or Chrome? not likely, they do much more frequent updates.
  I expect there is going to be a lot of growing pains in the future...
38. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 05:10 · Score: 0
  
  I have passed on your comments to my several levels of incompetent mis-managers and the several teams of incompetent software architects/DBA/lack-of-Quality people in my 100 billion plus market cap company.
  FTFY.
39. Re:How hard will this break Corp Intranet apps? by SQLGuru · 2015-05-12 05:16 · Score: 1
  
  I'm more than willing to try Edge. My barebones, current version, no-plugin version of Chrome has been slowing to a crawl lately. So much so that I've considered making IE or Firefox my go-to browser again (all of them are installed --- typical dev)......and IE has a slight lead because Firefox has always been so bloated.
40. Re: How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 05:30 · Score: 0
  
  Clueless AC moron who has never had a real job.
  So you should take your own advice.
41. Re:How hard will this break Corp Intranet apps? by sycodon · 2015-05-12 05:33 · Score: 1
  
  You are right. I should have told my managers they are idiots and that the last 10 years of efforts by hundreds of employees is shit and should be abandoned.
  What world do you live in?
  
  --
  When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
42. Re: How hard will this break Corp Intranet apps? by LordLimecat · 2015-05-12 06:02 · Score: 3, Informative
  
  Im pretty sure you cant control user-side GPOs or IE settings from a HTML header.
43. Re:How hard will this break Corp Intranet apps? by praxis · 2015-05-12 06:06 · Score: 1
  
  One where you express your concerns tactfully, then when your superiors make a decision you either accept it and adapt or don't accept it and find new superiors. In both cases, you take responsibility for the choice *you* made.
  Either you agreed with them it was the right thing you do, in which case you don't blame Microsoft for changing their platform that you signed up to use, or you disagree with them and find a job that does things differently.
  I'm not saying you made the wrong choice here. I'm saying that moaning about Microsoft's change to their platform after you and your superiors signed up for the Microsoft way of doing things is trying to deflect responsibility and gets little sympathy from me.
44. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 06:11 · Score: 0
  
  I wonder if your major defense company employer is the same one who hired my security consulting company to review your apps, and we found them extremely and utterly broken. That is really nothing new for defense contractors though. Our company makes a LOT of money finding transgressions in your systems :)
45. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 06:45 · Score: 0
  
  He just likes whining about issues above his pay grade.
46. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 07:09 · Score: 0
  
  Not like, you know, no open source stuff has, during a version update, gutted and changed its interfaces.....
  You're not 'locked' to that vendor, but you can be facing just as big of a rewrite as someone someone using proprietary code when something like that happens.
  Google, for one, is certainly deprecating and changing and shutting down interfaces with some gleeful abandon....
47. Re:How hard will this break Corp Intranet apps? by KingMotley · 2015-05-12 07:26 · Score: 1
  
  There is nothing in .NET that requires you to write bad code that only works in IE. NONE AT ALL.
48. Re:How hard will this break Corp Intranet apps? by lgw · 2015-05-12 07:49 · Score: 2
  
  IE is still my favorite browser - I like it's UI. It's all subjective.
  Not sure where you'd get an overall picture of "browsers surfing", but the stats I've seen have IE at just over half (all versions combined), followed by Chrome, with FF just hanging onto a respectable share.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
49. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 07:57 · Score: 0
  
  Roots of "Edge" https://cdn.pbrd.co/images/gDD3XyA.png
50. Re:How hard will this break Corp Intranet apps? by Anonymous Coward · 2015-05-12 09:06 · Score: 0
  
  I wrote a web site in 1995, and it still works on all the browsers, even Safari and Opera. Hell, it works on mobile junk too. The web is hack, but it's not hard to make a decent web site as long as you don't confuse yourself by thinking it's a rich app development platform.
The first edition by Anonymous Coward · 2015-05-12 01:48 · Score: 1

of ANYTHING should be assumed to be insecure.
That's a whole lotta new code that nobody with a less-than-white hat on has had a crack at.
Don't get me wrong - I'm glad they're using more practices that are in line with best security practices for browsers, and are removing some obvious attack vectors by sandboxing off code execution. But you'd be foolish to assume that they've got everything right the first time.
1. Re:The first edition by Whiteox · 2015-05-12 01:57 · Score: 2
  
  Any modern browser is good enough IF their UI is usable. What makes I.E. and perhaps Edge last in line is the pathetic amount of add-ons and plug-ins. Last time I looked there was less than 10. The other unmentionable is the UI. The clean look trades off functionality. Why bury common functions? What's the point?
  
  --
  Don't be apathetic. Procrastinate!
2. Re:The first edition by Ark42 · 2015-05-12 02:09 · Score: 4, Informative
  
  Except it's really effectively Trident 8.0 / IE 12. Only, they forked it and removed all the legacy support from it, then left a copy of Trident 7.0 / IE 11 around in case you need legacy support still. So it's not really the first version of anything, and it's not like it's completely from-scratch code.
  
  --
  Morphing Software
3. Re:The first edition by MachineShedFred · 2015-05-12 02:28 · Score: 1
  
  So you're saying that they ripped out all the legacy shit that old IE-only apps (and malware) relied upon, and now they're blowing the trumpets about how secure they are?
  I guess I'd be impressed if they got to a reasonable level of security without breaking every legacy app that they convinced people to write against their leaky web APIs.
  
  --
  Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
4. Re:The first edition by Ark42 · 2015-05-12 12:02 · Score: 1
  
  If you write to HTML5/CSS3 standards, any web app written in the last few years can easily target IE9+ and work on Firefox/Chrome/Edge with no issues. It's only people who rely on huge bloated frameworks to provide backwards compatibility with IE6 that have issues with their stuff suddenly not working on IE10 or IE11.
  Basically, right now, everybody needs to drop IE8 support, and you can pretty much stop using jQuery and modernizer and all that other cruft. If you drop IE9 support (which is really only Vista users), you'll quickly find that Chrome is the lowest common denominator to support.
  
  --
  Morphing Software
Talk the talk, but doesn't walk the walk... by QuietLagoon · 2015-05-12 01:51 · Score: 4, Interesting

Microsoft always talks big about security, but time shows that it is just talk.
.
Remember when Microsoft declared the buffer overflow bugs were eliminated from Windows XP?
1. Re:Talk the talk, but doesn't walk the walk... by gstoddart · 2015-05-12 02:14 · Score: 4, Insightful
  
  The problem is that new code is just that ... new and untested.
  So you build something new from scratch and say "wow, we did awesome at teh security". Well, OK, now you release it into the wild and wait for people to abuse it -- that's when you find out how well you've done.
  Any new code is going to have the problem, because it hasn't been field tested or through several iterations.
  It's all well and good for Microsoft to say "nailed it". That doesn't make it true. So I think it's probably safe to assume that unless Microsoft has done something remarkable, there's probably a bunch of places where they haven't fully locked it down.
  
  --
  Lost at C:>. Found at C.
2. Re:Talk the talk, but doesn't walk the walk... by HerculesMO · 2015-05-12 03:04 · Score: 1
  
  So you reference an article that's ten years old?
  Not for nothing, and while there are plenty of ways to have insecurity in an OS... I think Microsoft's history especially as of late has been pretty good on that front. IE11 is a bastardized product and while I like the rendering engine because of how smooth it is and low memory, the browser is useless for me. If Edge can maintain that memory footprint, the smoothness, and add better HTML5 compatibility + extensions... I will give it a shot.
  
  --
  The price is always right if someone else is paying.
3. Re:Talk the talk, but doesn't walk the walk... by QuietLagoon · 2015-05-12 03:42 · Score: 1
  
  So you reference an article that's ten years old?...
  Yes. The article's true. An oldie but a goodie.
  .
  Given all the recent problems with Windows Update, and that Microsoft wants to use home users as beta test sites for future Windows Updates, I would think the 10 year old article is pretty close to reality nowadays.
4. Re:Talk the talk, but doesn't walk the walk... by QuietLagoon · 2015-05-12 03:43 · Score: 1
  
  ...It's all well and good for Microsoft to say "nailed it". That doesn't make it true....
  Bingo!
  .
  And that's why I provided substantiation to show that Microsoft is often over-confident when it comes to such pronouncements.
5. Re:Talk the talk, but doesn't walk the walk... by SQLGuru · 2015-05-12 05:31 · Score: 1
  
  Linux and Apple also used to talk about how secure they were......until they weren't. The only secure computer is one that's never been turned on.
6. Re:Talk the talk, but doesn't walk the walk... by Anonymous Coward · 2015-05-12 08:10 · Score: 0
  
  I've heard Microsoft say EVERY version of IE was the most secure ever, and that IE was the most secure browser.
  Now Edge, when it's no longer vaporware, er, beta software, will be the most secure browser. I'll believe it when it is released IF it gets infected less than Firefox and Chrome.
Well.. yeah... by Anonymous Coward · 2015-05-12 01:52 · Score: 0

I bet they were confident in the security of all versions of IE as well. Their track record doesn't inspire a lot of confidence in their confidence.
Secure? by afidel · 2015-05-12 01:52 · Score: 4, Informative

They support WebGL which is going to be the next attack vector as well as continuing to support flash with sandboxing that the hackers will tear to shreds in short order.

--
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
1. Re:Secure? by Anonymous Coward · 2015-05-12 03:25 · Score: 0
  
  They support WebGL which is going to be the next attack vector
  Is it? I must have missed that meeting.
This is project proposal V 1.0. by 140Mandak262Jamuna · 2015-05-12 01:58 · Score: 3, Insightful

A great news to many is that old unsecure plugin interfaces are not supported at all: VML, VBScript, Toolbars, BHOs, and ActiveX are all nuked from the orbit
This looks like what the dev team presented to the upper management about what it wants to do. It will undergo several iterations. Some powerful customer will demand some interface to be supported or else... Some managers will insist on some form of backward compatibility mode. Some bing! advertisement people would ask for "special" interfaces to their team to let them "leverage" & "synergy" and other buzzword bingo stuff. There will be compromises. Some managers will insist with straight face, "yes, yes, this scripting interface is supported, but we say very clearly in the documentation it is not to be used for fresh code and it is to be used only for backward compatibility reasons, so it is not a security threat".
Finally they will be wondering why security was compromised, and blame it on the open source zealots and prejudice among the uninformed and marketing by competitors and assure themselves "it is not our fault, we did not do anything wrong".

--
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
1. Re:This is project proposal V 1.0. by afidel · 2015-05-12 02:15 · Score: 4, Informative
  
  Some powerful customer will demand some interface to be supported or else
  No, they're shipping IE11 with enterprise compatibility mode to support back to IE8 quirks which will be fine for 99+% of their customers for legacy apps. Trust me, most of their customers are going to be happy to have a standards compliant browser as the default, the only trick will be in the mechanism to kick user over when they try to go to a corporate site that needs classic IE within Edge and keeping that mechanism from being abused by the bad guys.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
2. Re:This is project proposal V 1.0. by Anonymous Coward · 2015-05-12 02:42 · Score: 0
  
  because the evil bit is a thing
3. Re:This is project proposal V 1.0. by Anonymous Coward · 2015-05-12 07:17 · Score: 0
  
  >Trust me, most of their customers are going to be happy to have a standards compliant browser as the default They already do have at least 2 standard compliant browsers, Firefox and Chrome. Another one is just another one. With unproven bugs.
Possibilities by Ol+Olsoc · 2015-05-12 01:59 · Score: 4, Interesting

Microsoft is always confident.
But as a long time hater of Redmond products, am I sensing some sort of sea change?
It's just within the realm of possibilities that the Ballmer days of "When I want your opinion, I'll tell you what it is," are over? In more than just name?
I intend to give them a chance here, maybe its the same old Microsoft. Maybe not.

--
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
1. Re:Possibilities by afidel · 2015-05-12 02:18 · Score: 1
  
  It's just within the realm of possibilities that the Ballmer days of "When I want your opinion, I'll tell you what it is," are over? In more than just name?
  I'm not sure about that, they had a good start menu implementation early in the windows 10 tech preview and managed to mess it up and haven't listened to anyone who has told them that the new shrunken start screen alternative in the newer builds is crap so I don't think that part has changed that much. There are other positive changes happening at MS, but that particular cultural wart still seems to be in place.
  
  --
  There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
2. Re:Possibilities by phantomfive · 2015-05-12 02:19 · Score: 1, Insightful
  
  I intend to give them a chance here, maybe its the same old Microsoft. Maybe not.
  At best, Microsoft is a corporation, whose entire purpose is to make money. What sort of chance is worth giving them?
  
  --
  "First they came for the slanderers and i said nothing."
3. Re:Possibilities by Anonymous Coward · 2015-05-12 02:32 · Score: 1
  
  A corporation is a corporation is a corporation. The CEO is just the face of it. Yeah, it's kinda nice not having SB in our faces, but other than that, MS still wants to lock in as many customer and developer bases as it can. So do all of its major competitors, including the open source ones.
4. Re:Possibilities by drinkypoo · 2015-05-12 03:37 · Score: 1
  
  At best, Microsoft is a corporation, whose entire purpose is to make money. What sort of chance is worth giving them?
  There's always the chance that they will, to the same extent as other software companies, deliver what they promise.
  I know, I know, I can't stop laughing either.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
5. Re:Possibilities by Anonymous Coward · 2015-05-12 03:49 · Score: 0
  
  Please remember that Google, Apple, and thousands of other corporations also exist for the sole purpose of maximizing their share prices by making lots of money. Don't bother hating Microsoft for non-existant reasons like this when there are legitimate and really good reasons to hate them. Most notably, Microsoft is responsible for criminal violations of the Sherman Anti-Trust Act. After Microsoft was found liable and the trial had moved into the penalty phase, George W. stepped in and shut off the lawsuit, effectively letting Microsoft off the hook after they were found guilty.
  There are plenty of reasons to hate Microsoft. Please pick one of the legitimate ones.
  As for myself, I'm probably one of the most emotional, passionate, and irrational Microsoft haters. Although I've been forced to buy a couple versions of Windows over the years, one for school work and another because my broker's crummy software only worked on IE7 running on WinXP, and I've made a couple of exceptions for games, my policy is to never ever buy anything from Microsoft. Therefore, it doesn't matter what their Edge browser offers. I'm not going to use it.
  After developing for iOS for the last few years and making less than half the average salary for software developers in Western Washington due to my age and my lifelong avoidance of Microsoft IDEs and SDKs, it turns out I now hate Apple as well and have the same policy regarding Apple products. I'm looking forward to securing an entrepreneurial income stream so I can quit this job and get away from Apple's BS forever. See how you can take the moral high ground if you choose a good, legitimate reason to hate a company?
  The bottom line for me is that it doesn't matter which company we're talking about, be it Microsoft, Apple, Google, Comcast, Costco, Best Buy, U-Haul, or just my local supermarkets. I'm far beyond just being sick and tired of receiving such poor treatment all the time; I'm really pissed off about it. It's a free country, so you guys go on with your young selves and spend as much money as you like on these companies. I'll be over here running Linux and FreeBSD, working on my side projects, hosting my websites, and flying the FlightGear flight simulator. I love FlightGear.
  Now get the hell off my lawn.
6. Re:Possibilities by avandesande · 2015-05-12 04:14 · Score: 1
  
  I would say that 'good business' is when you make a transaction and both parties walk away satisfied. It's not easy but I think it is possible for a corporation to be run that way.
  
  --
  love is just extroverted narcissism
7. Re:Possibilities by phantomfive · 2015-05-12 04:19 · Score: 1
  
  Good point.
  
  --
  "First they came for the slanderers and i said nothing."
8. Re:Possibilities by Dunbal · 2015-05-12 04:20 · Score: 1
  
  Yeah now it's Satya Nadella saying "if something goes wrong with your system it's just your bad karma". A cute way of saying that if your Windows box gets pwned, well what exactly where you doing/clicking on/browsing, you naughty little scamp?
  
  --
  Seven puppies were harmed during the making of this post.
Key term: "make sure that users consider it" by Anonymous Coward · 2015-05-12 02:07 · Score: 1

So, are they admitting that their interest is not in making a secure browser, but one that the users consider to be secure? With that attitude, failure is not an option, it is a certainty.
Everybody says that. by Anonymous Coward · 2015-05-12 02:09 · Score: 1

Big deal. When was the last time you heard a company say they *didn't* have confidence in the security of their product? It's like parents saying their kids are beautiful, even if said offspring has a face like a stepped-on cowpatty.
BHO? by Anonymous Coward · 2015-05-12 02:10 · Score: 0

I'm afraid to ask, but what the hell is a BHO?
1. Re: BHO? by jo7hs2 · 2015-05-12 02:21 · Score: 2
  
  Browser helper object. http://en.wikipedia.org/wiki/B...
2. Re:BHO? by Anonymous Coward · 2015-05-12 02:32 · Score: 1
  
  Barack Hussein Obama
3. Re:BHO? by Anonymous Coward · 2015-05-12 02:34 · Score: 1
  
  browser helper object, basically a COM extention of the browser
4. Re:BHO? by Anonymous Coward · 2015-05-12 02:38 · Score: 1
  
  In context, it's a Browser Helper Object. (Bullshit toolbars, generally.)
  If you google it, you'll most likely going to find a republican ranting about Barack Hussein Obama.
  Either way, "BHO" is never a good term to read about. You're either going to hate the world for spam or for politics.
the obvious solution by slashmydots · 2015-05-12 02:12 · Score: 1

Here's the solution that nobody apparently has the balls to implement. Have a blacklist of common malicious adware plugins then block them all. That'd put Perion out of business really quickly. It's soooo obvious and common even a human can compile the list. Here, I'll start. Maps Galaxy. Babylon. Various youtube auto HD fake plugins. Anything with the word "coupon" on it. Shop at home toolbar. We Care. There, I just eliminated practically half the browser malware in the world with my 60 second blacklist.
Too bad MS (and mozilla and Google) are too scared to get sued by these asshole malware companies.
1. Re:the obvious solution by Anonymous Coward · 2015-05-12 02:36 · Score: 0
  
  I had this in IE for years. activeX whitelist, heavier security in it, and locked down practically everything IE was capable of that wasn't used by the majority of websites.
  I literally had zero problems with IE for years and I will admit I went to pretty dodgy sites with it before Firefox wasn't shit and became useful.
  It was also ran sandboxed, and no changes were made to anything within it besides the usual cache crap, settings and whatever.
  Microsoft are the reason IE was broken and insecure, not IE itself.
  Likewise with all their "broken" APIs. They were trivial to secure.
  They have no reason not to support them, as well as keep a legacy IE6 around for business, and even more so, an Office-orientated OS version like they used to do, instead of an OS literally more than 75% of businesses never EVER want to go near due to high system requirements. (let's not forget the bastardized new versions of Office, now with Ribbon, the thing everybody-that-likes-to-get-work-done hates! AWE!)
2. Re:the obvious solution by Anonymous Coward · 2015-05-12 02:43 · Score: 0
  
  well toolbars and plugins and shit are somehow something all the browser support. none of them have a blacklist - probably because that wont work, since you might just rename your plugin to avoid it ? or modify a file to change a checksum ?
  if you can install plugins from whatever source you want, there will be no working blacklist method.
  best way is probably something the "apple-app-store" way, in that there can be only one trusted source of plugins. and still you will have malicious stuff there, just look at apples track record of malicous apps in the app store.
  problem is the not-so-educated user that believes in all the crap people are telling you about the awesomeness of the plugin, even if there is a simple solution already shipped with your browser or system. those users wont go away and most of them wont educate themselves about the matter. look at the new generation that grows with the tech. they dont even know what privacy is anymore and dont care how some of the things they use - like email - work at all. because they just use it and forget it. having the attention span of a squirrel on cocaine may play into that as well.
3. Re:the obvious solution by Anonymous Coward · 2015-05-12 02:45 · Score: 0
  
  before Firefox wasn't shit and became useful
  So... over a decade ago? Ancient history. Bring me something relevant to IE > 6.
  
  orientated
  DIAF.
  
  an OS literally more than 75% of businesses never EVER want to go near due to high system requirements
  Windows 7? Because that's probably the version of Windows with the highest requirements. Incidentally, it's also considered the "best" version of Windows by many. Windows 8, which "everyone" hates, uses fewer system resources by far.
  
  bastardized new versions of Office, now with Ribbon, the thing everybody-that-likes-to-get-work-done hates
  I like to get work done. I also like the ribbon. Therefore, you are wrong. Also, 2007 wants its clickbait back.
  You sound like a raving lunatic that is living in the past.
4. Re:the obvious solution by Anonymous Coward · 2015-05-12 03:03 · Score: 0
  
  Don't forget 'search conduit....'
You just got my attention.... by Anonymous Coward · 2015-05-12 02:23 · Score: 0

"...VBScript, Toolbars, BHOs, and ActiveX are all nuked from the orbit."
o really! Why did it take them so long,
and why are the rest of us poor saps
putting up with all this crap.
Its not that it is about time,
of course, its WAY past time.
and why this news is largely irrelevant.
Show me something innovative please...
1. Re:You just got my attention.... by jones_supa · 2015-05-12 05:25 · Score: 1
  
  Are those lyrics for a Steely Dan song?
Only as an App by Anonymous Coward · 2015-05-12 02:25 · Score: 0

The largest change in Microsoft Edge security is that the new browser is a Universal Windows app. This fundamentally changes the process model, so that both the outer manager process, and the assorted content processes, all live within app container sandboxes. This provides the user and the platform with the confidence provided by other Windows store apps.
How nice. I wonder, if a usable windowed mode is accessible and if it can be made to look like a regular Windows-Application.
What Does Edge Have to Offer? by organgtool · 2015-05-12 02:42 · Score: 1

So Chrome offers great speed, stability, and separate processes per tab and Firefox has a huge selection of add-ons. But Microsoft has done very little to divulge what Edge has to offer to differentiate itself from the other browsers and become more than just the best browser to download Chrome or Firefox.
Google Chrome Frame by tepples · 2015-05-12 02:48 · Score: 1

In context, it's a Browser Helper Object. (Bullshit toolbars, generally.)
#NotAllToolbars are bullcrap. For a while, Google was making Chrome Frame, a BHO for Internet Explorer. If a copy of IE had Chrome Frame installed, a page could opt in to being rendered with Chrome instead of Trident. This was helpful when most IE users were stuck on IE pre-9.
1. Re:Google Chrome Frame by omnichad · 2015-05-12 03:39 · Score: 1
  
  Except if you had enough rights to install Chrome Frame, you could just use Chrome as your main browser and use the IE Tab extension in Chrome for those few pages that need IE.
2. Re:Google Chrome Frame by tepples · 2015-05-12 04:05 · Score: 1
  
  I'm guessing that Google Chrome Frame was designed for Group Policy deployment with the converse of the behavior you describe: use IE by default, including for intranet sites, and use Chrome for sites that request it.
"nuked from the orbit" by Anonymous Coward · 2015-05-12 02:49 · Score: 0

Yeah you've totally misunderstood what it means to nuke something from orbit.
Lame name by Tyrannosaur · 2015-05-12 02:51 · Score: 1

It was cooler when it was project Spartan
1. Re:Lame name by Cro+Magnon · 2015-05-12 03:48 · Score: 1
  
  They did better than I expected. I thought they'd repeat what they did with their word processor and call it "Browser".
  
  --
  Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
A blacklist of sites distributing this crap exists by tepples · 2015-05-12 02:55 · Score: 1

Here's the solution that nobody apparently has the balls to implement. Have a blacklist of common malicious adware plugins then block them all.
I know someone who makes a blacklist of the sites from which these "common malicious adware plugins" are served. He distributes this blacklist as a configuration file that your computer administrator can place in the etc folder. Once the file is installed, your machine will try to access 0.0.0.0 instead of the malware distribution site, which causes the malware to not get downloaded.
Learn more about blacklisting malware sites
I'm taking bets. by Rhinobird · 2015-05-12 02:55 · Score: 2

I'm taking bets that the first exploit of the Edge browser will be call "Bleeding Edge"

--
If Mr. Edison had thought smarter he wouldn't sweat as much. --Nikola Tesla
Schneier's Law by netsavior · 2015-05-12 02:59 · Score: 1

"any person can invent a security system so clever that she or he can't think of how to break it."

Here is the problem... If you only allow a few thousand people to look at your source code, and fully test your product, then you only have to design security clever enough to evade the efforts of a thousand people.

In order for something to be secure, it needs to be widely published, and universally assaulted.
Re: call me a hater, but its got to be said. by Anonymous Coward · 2015-05-12 03:05 · Score: 0

Go on...
All this dirty talk is making me randy!
Re:A blacklist of sites distributing this crap exi by Whiteox · 2015-05-12 03:11 · Score: 1

Looky here. Hosts file mods are ok, but when it becomes too unwieldy it slows the crap out of any browser and blocks sites you really want to see. Blocking 3rd party sites sometimes makes the parent page not work.
So far add block is the only solution and setting that up on IE is a pain and quite flaky so unless Edge has something familiar, I can't and won't use it.
The other recommendation is to get all flash requests to ask before running. Saves bandwidth and autorun video and other stuff and makes pages load a lot faster.

--
Don't be apathetic. Procrastinate!
Re:A blacklist of sites distributing this crap exi by slashmydots · 2015-05-12 03:20 · Score: 1

That doesn't really work since these days you get that junk as coinstallers from download.com, filehippo, softpedia, softonic, etc. You might legitimately want to go to those sites. Although the installer itself typically accesses a web server that returns the paid deal of the day type malware options so if they were really clever, that's the address they'd block.
Mixed signals by TraumaFox · 2015-05-12 03:32 · Score: 1

If Microsoft wants me to stop using IE and start using Edge, why does Skype continue to serve ads using IE? This doesn't leave me with much faith in Microsoft's "confidence" about their security.
Ad blockers? by 0123456789 · 2015-05-12 03:45 · Score: 1

A great news to many is that old unsecure plugin interfaces are not supported at all: VML, VBScript, Toolbars, BHOs, and ActiveX are all nuked from the orbit.
I take it this also eliminates any existing ad blockers? Is there an alternative plugin mechanism that would allow for new ad blockers?
Re: A blacklist of sites distributing this crap ex by Anonymous Coward · 2015-05-12 03:51 · Score: 0

Beetleju- er, APK, APK, APK!
Get over here and show this man the error of his ways!
We know we got it wrong before, but... by dark.nebulae · 2015-05-12 03:51 · Score: 1

We know we got security all wrong before, but trust us, we're much better now. We've learned from our mistakes and have closed all possible security holes.
Oh, and we're also going to be standards-compliant so developers can drop all of the old Microsoft-specific CSS and JS coding.
Unfortunately by s.petry · 2015-05-12 04:22 · Score: 1

I know many places that only wrote IE code because it was simple to plug in other MS data. I have never agreed with this mentality, but it's not always a question of developers choosing to do so. Upper management forced it to increase profits.
The simple fact is that MS sold itself to the devil attempting to monopolize the market. The whole point of IE has been to make it so easy to access other MS data that nobody could compete, no matter the security implications (anyone else remember active installer?). Thankfully other Browsers didn't give up, and people did eventually get fed up with the pathetic security in IE. Just not before a hell of a lot of damage was done.

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
7 Days by g0bshiTe · 2015-05-12 07:29 · Score: 1

Within 7 days of this browser getting released we will hear of wild exploits circulating for it.

--
I am Bennett Haselton! I am Bennett Haselton!
Nuked from *THE* orbit? by cant_get_a_good_nick · 2015-05-12 07:33 · Score: 1

Doesn't anyone watch classic movies anymore? And they said that line TWICE.
Awww, c'mon guys - I know that we hate MS here... by MikeTheGreat · 2015-05-12 07:52 · Score: 1

...but isn't this the equivalent of going over to a bunch of kids on the playground and saying "That new kid over there said he could beat up each and every one of you! With one hand tied behind his back!"
What I'm wondering is: who paid to have this on /.'s front page so that armies of geekdom are mobilized to find all the new, Edgy exploits?
Is it really IE 12 or not? by bussdriver · 2015-05-12 08:24 · Score: 1

Did rebranding IE12 into "Edge" include the browser identification string? Are there any signs of the app is still essentially a new version of IE.
I doubt they started completely from scratch and with different staff than IE 11...
A new app name doesn't make this any different than 11 was from 10... so is it really more significant? or is this just merely a rebranding from the trusted MS marketing department.

--
Democracy Now! - uncensored, anti-establishment news
1. Re:Is it really IE 12 or not? by Ark42 · 2015-05-12 12:14 · Score: 1
  
  As far as I know, it is IE 12 (Trident 8.0), but they consider it a fork, which means technically you can have different features and support in Edge 1.0 and a future hypothetical actual IE 12. Mostly what they did was *remove* all kinds of backwards compatibility stuff from Edge, so that you can't trigger IE10/9/8/7/5 (yes, 6 was not a choice) rendering modes anymore. You can't use VBScript, ActiveX, and all kinds of other non-standard stuff. IE10+ is already a pretty decent modern browser, very much on par with Firefox and Chrome, so you should expect Edge to be just as good, as long as you're writing standard HTML5 code.
  I tend to include in the headers of sites I write recently, because it removes the button in IE that lets users toggle backwards compatibility mode, but lazy people could previously use that tag with IE=8 or IE=5 to force IE into backwards compatibility rendering modes instead of updating their sites with standards compliant code. I guess that will no longer work with Edge. It will only render in HTML5 standards mode and nothing else now.
  
  --
  Morphing Software
2. Re:Is it really IE 12 or not? by Anonymous Coward · 2015-05-12 12:17 · Score: 0
  
  ***include <meta http-equiv="X-UA-Compatible" content="IE=edge"> in the headers
Security in the Browser? by nickweller · 2015-05-12 08:49 · Score: 1

The browser can only be as secure as the underlying Operating System. Unless you mix browser and OS code so well that a) the OS relies on the browser for 'security' and b) it's impossible to totally remove the browser without breaking OS functionality or as in the case of Windows msOffice won't work without the presence of iExplorer.
Of course it's secure! by Tony+Isaac · 2015-05-12 09:29 · Score: 1

Nobody is using it yet!
Always confident. by Anonymous Coward · 2015-05-12 11:56 · Score: 0

Microsoft is confident about everything, always. When was the last time you heard "Microsoft is not confident in their new product"?
I laugh hard by Anonymous Coward · 2015-05-12 12:02 · Score: 0

If you don't install ff, chrome or some other browser then you will get pwnd very quickly. Running noscript in ff is a godsend, as is ghostery and adblock. Will M$ nuke those extensions that exist for ie as well to try and negate the EXTREMELY poor OOB browsing experience one gets. It takes less than 5mins of googling before you hit a site that pops up an ok/cancel box that is nigh on impossible to close without clicking on a button (Try alt/f4'ing it I dare). Leaving a task manager IE end task death, followed by a quick ff+ab+ns+ghostery = problems solved.
When I go to a customers site for malware removal, I promptly fix their IE issue as well...
Don't get me started on M$ windows live family safety either. HAHAHA, what an absolute joke. It completely ignores the website ratings and LETS PORN THROUGH when set for 'G' ffs.
M$ SUCK!
Browser stats: IE performs mostly poorly in 2015 by Phil+Urich · 2015-05-12 14:35 · Score: 1

There's a good Wikipedia page that breaks down the usage shares of web browsers, along with addressing the difficulties and complications of getting accurate data on this. https://en.wikipedia.org/wiki/... is the page. From there you can see that the best IE can get is in some of the stats and only when counting purely desktop browsing. Net Applications has IE at nearly 58%. Yet, almost every other measure finds them woefully behind. For example, visits to Wikipedia in March 2015 have IE at less than 11%. StatsCounter has them at less than 20% of desktop browser share from April 2015 to now, with Chrome at nearly 53% and Firefox nipping at IE's heels at 18%.
For my own part, I look after a company website that's oriented towards industrial computer applications, and the industry in question is very Microsoft centric. And yet, looking at the last 30 days, Chrome has 58% of sessions, IE only 25%, Firefox 6% and Safari 5% (all others are

--
I remember sigs. Oh, a simpler time!
Why didn't they do this with IE? by kmoser · 2015-05-13 09:04 · Score: 1

Microsoft isn't new to the software business. Why weren't these features built into IE from day one?
It doesn't eliminate hosts files... apk by Anonymous Coward · 2015-05-13 09:59 · Score: 0

APK Hosts File Engine 9.0++ SR-2 32/64-bit:
http://start64.com/index.php?o...
FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. addons + fixes DNS' redirect security issues:
---
A.) Hosts do more than:
1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...
B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).
C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity
D.) Hosts files yield more:
1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed, Kaminsky redirected (99% ISP DNS' = unpatched vs. it), DGA, Fastflux, & dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).
---
* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.
* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)
(Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))
APK
P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"
...apk
Hosts do *NOT* slow browsers ... apk by Anonymous Coward · 2015-05-13 10:07 · Score: 0

Turn off the faulty w/ large hosts usermode slow dnscache service in Windows using services.msc (set it to disabled) & once hosts caches into the local KERNELMODE fast diskcache, it communicates directly with the kernelmode IP stack (no context-switch overheads either).
That simple move ALONE guarantees that (for sure on Windows 2000, XP, Server 2003, & 7).
Want it to go even FASTER?
Alter the priority in the registry for lookups in hosts (especially once you disable the usermode slower & faulty dnscache service, saving RAM, cpu cycles, + other forms of I/O it needlessly consumed too, bonus) thus:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\ServiceProvider]
"DnsPriority"=dword:00000006
"HostsPriority"=dword:00000005
"LocalPriority"=dword:00000007
"Name"="TCP/IP"
What you save in adblocking alone (with security other browser addons do *NOT* offer in blocking known malicious sites + botnet C&C servers etc., PLUS more reliability AND SPEED for your favorite sites @ the TOP of a custom hosts file to avoid DNS redirect security issues & being downed even, resolving FASTER, locally too mind you) guarantees my subject above!
(The rest of what I've written does the rest & hosts are FAR MORE EFFICIENT on RAM + CPU vs. say, "Almost ALL Ads Blocked" + hosts do NOT TAKE BRIBES like that does (not even doing the 1 job it had fully anymore by default) - period...)
APK
P.S.=> For the BEST hosts file?
APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...
... apk
Ask yourself these questions... apk by Anonymous Coward · 2015-05-13 20:11 · Score: 0

Can adblock do 16 things hosts do for speed, security, & reliability:
1.) Protect vs. malicious sites/servers (beyond malicious ads: See 2-10 next)
2.) Protect vs. fastflux botnets + stop communication to C&C servers
3.) Protect vs. dynamic dns botnets + stop communication to C&C servers
4.) Protect vs. DGA botnets + stop communication to C&C servers
5.) Protect vs. downed DNS (adds reliability)
6.) Protect vs. DNS redirect poisoned dns
7.) Protect vs. trackers
8.) Protect vs. spam
9.) Protect vs. phishing
10.) Protect vs. bandwidth caps
11.) Get you past a dnsbl
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocks & hardcoded fav. sites
14.) Work on ANY webbound app (think stand-alone email programs) multiplatform.
15.) Give you easily texteditor controlled data for the above
16.) Do all that & block ads (better than addons) more efficiently in cpu cycles + memory usage
* ANSWER ="NO" to each above on AdBlock doing it as well or at all!
APK
P.S.=> AdBlock does FAR less than hosts do & FAR less efficiently - hosts by way of comparison, do MORE w/ less + Hosts start w/ the IP stack before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried):
AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/... & ABP too http://finance.yahoo.com/news/...
AdBlock adds complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).
For the BEST hosts file?
APK Hosts File Engine 9.0++ SR-2 32/64-bit -> http://start64.com/index.php?o...
MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus http://www.av-test.org/en/news...
... apk