IE7 Officially Released

Here it is:
http://www.microsoft.com/windows/ie/downloads/default.mspx

Downloading and installing now. I don’t expect much difference to what we saw in RC1. We’ll see.

Update

Well it’s installed. The software uninstalled IE7 RC1, then rebooted. Then downloaded and installed the new IE7. Then rebooted.

When I finally got my desktop back some of my desktop settings had been changed. My quick launch toolbar was gone and the resolution on my secondary monitor (I have a dual-monitor setup) had been changed to what it’d be pre-IE7 beta install.

Some of my IE7 RC1 settings stayed. Others, like anything relating to the really annoying phishing filter were reset.

I still can’t move the FILE menu bar above the navigation/address bar. That really annoys me.

All the bugs in IE7 I’ve been talking about in past blog posts are all still there, as you can see by checking the IE7 bug demo. It’s a bit dissapointing.

Essentially IE7 is IE6 with some cosmetic changes and some minor updates to it’s CSS parser and rendering engine. It’s still the same old buggy hasLayout-based engine it’s been since IE5. You’d have thought they’d of done more with the core of the browser given the time and resources the IE dev team had. Instead they just bloated it up with new privacy/security bits that are just annoying.

Tabs are nice. The zoom feature, which doesn’t just increase text size but increases the size of everything is nice. The “delete browsing history” feature is nice in that you can select what bits are deleted (cookies, history, form data, passwords, etc..) similar to FireFox.

But it’s all been done before, with the exception of the built-in phishing filter you won’t find anything groundbreaking in IE7. And to be honest I don’t think the phishing filter is groundbreaking, I think it’s going to prove ineffective in time. It’s annoying when you use it so users will eventually turn it off and then it’ll do nothing at all. It probably won’t catch “0-day” phishing sites, and I think it’ll provide a false sense of security for those who do have it enabled. Grandma might be more willing to provide information over a web form on a site that IE7 doesn’t explicitly state is a phishing site. I don’t want grandma to get lazy and let her guard down when she’s surfing the web. She needs to remain suspicious of every site that asks her for any information at all. Will she let her guard down because of IE7’s phishing filter?

If Microsoft were really interested in preventing such things I’d much rather see some sort of education program. Maybe once-a-month have IE pop-up with a message that brings the user to a site or page that talks about some small section of safe browsing, like phishing, or spyware, or whatever. With the kind of userbase IE has I think such an approach would reach a large number of people. And by educating users on what “phishing” means rather than just throwing on some tool called a “phishing filter” when half their user base probably doesn’t even know what that means, could really make a difference in keeping users safe, really safe, from malicious websites.

It’s the one thing everyone seems to skip. Education. I’m part of a security team where I work and every month we meet and go over what we’re doing to help increase and/or maintain a high level of security. The one thing I have to keep bringing up at each meeting, the one thing everyone very quickly forgets, is education. Everyone wants to install new programs that will protect users from themselves. The problem with that is as attacks (social and computer) evolve, these programs will not (or at least lag-behind the evolution). An educated user would be more ready and more easily adapt to the evolution of these attacks than a program.

But nobody seems to really care about educating users on safe computing practices. Nobody wants to try. And that, more than the this release of IE7, is depressing.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s