As reported in Slashdot there’s a flaw in the password managers of Firefox and to a certain extent IE. It’s reported to Mozilla as bug 360493, the severity of the bug depends on your usage of passwords and the password manager.
Windows Vista (previously codenamed Longhorn) has been released to manufacturing. It will be made available to business customers by the end of the month and to personal users by the end of January 2007.
I assume that the version available from the end of January 2007 will be patched upto date with any patches released between now and then. If that’s not the case then why not just release it to the public now? (more…)
Now IE7 is available as an automatic high-priority update via Windows Update I wonder how many people will wonder what has happened to their browser.
Posing such a drastic UI change on the user in the form of an automatic update is a bad idea.
Slashdot has published an article saying that IE7’s phishing detection incorrectly flags up Googles image search as a web forgery. Then we get hundreds of posts saying that this is not the case.
In reality they both could be right, the site mat have incorrectly been flagged but as the protection is real time it’s possible that the mistake was noticed before slashdot ran the article.
Whatever people think of Microsoft they’re not going to open themselves up to lawsuits saying that competitors sites are scams.
For those who are interested the IEblog lists how the phishing filter works.
Yahoo have released a version of IE7 ‘optimized for Yahoo!‘. The download is a full IE7 install at around 17MB, this just seems pointless to me. First of all, those people using a platform that supports IE7 will have it offered as an automatic update soon and those that want to get their hands on it sooner will more likely head to microsoft.com than yahoo.com, so what advantage to they have making this rather than have it as just a toolbar.
Then of course you have the trust issue, Microsoft is not a reliable partner. Although at the moment they’re more concerned with beating Google so they’re playing nice with Yahoo, it’s important to not expect it to always be the case. If Google slip up and Yahoo takes first place then Microsoft will have Yahoo in their sights.
Google had the right idea, but the implementation could be improved in the 1.5 series. They offered referral fees of $1 for a successful download of Firefox with the Google toolbar, this encouraged site owners with adsense to add Firefox buttons to their site. On the downside I don’t think a toolbar is a very elegant integration.
Firefox 2.0 has built into the browser most of the useful features of the Google toolbar including spell checking, search suggestions and phishing detection. So is the Google toolbar still necessary? The only useful item there now is the page rank indicator which most people won’t use.
Anyway, back to Yahoo, they could easily distribute a Yahoo branded Firefox with themselves set as the default search engine, and provider of the phishing blacklists. Firefox has both Google and Yahoo as options in the search engine dropdown. The search engine listed by default is the most popular in the country that Firefox is localised for (Google in most of the western world but Yahoo is more popular in some asian countries). A benefit for the user is they’d also have a smaller download.
In an interview on Slashdot IE team leader Dean Hachamovitch answers 10 questions put forward by Slashdot readers.
He chose the 10 himself, some of his replies are interesting, others just marketing. Question 5 was just pointless, he could have chosen to answer one of the questions submitted to him asking why they chose a non-standard user interface instead.
Secuna has discovered a weakness in one of IE7’s anti-phishing features that makes it possible for a site to spoof the URL in the address bar. In order to reduce the potential for phishing attacks IE7 displays the address bar in all popups (smaller than the regular address bar so it’s less obtrusive), however this vulnerability means that it’s possible to display a spoofed URL meaning that what’s contained in the address bar cannot currently be trusted. Unfortuantely, this could have the potential to give the user a false sense of security.
At the moment there is no comment on this issue on the IE Blog but I expect that they will react to this issue in a timely manner.
If you’re running IE7 you can run the test to see if it’s vulnerable. Firefox and Opera are not vulnerable to this, although both IE and Firefox have suffered similar flaws in the past. In Firefox it’s still possible to hide the address bar in popup windows but it shows the correct domain in the titlebar.
A bit of promotion is never a bad thing and the IE team have been advertising IE7. I don’t recall ever seeing any IE ads before so it’ll be interesting if they continue to advertise or was this some one off special to celebrate the launch? They advertised on portable billboards around the US and on radio slots. Do they have a huge marketing budget for IE7? I wonder what’s next if they have.
But don’t forget about the UK. I don’t think we’ve ever had saturation coverage for a Microsoft product in the UK, the closest we’ve got was those annoying dinosaur ads for Microsoft Office but they weren’t quite up to saturation level. The most recent examples of saturation advertising I can think of in London was back in August where Sky had adverts for their new free broadband package on the side of almost every bus (at least the ones that weren’t already advertising “Snakes on a Plane”), billboards, ads on the tube, in newspapers, on the radio. So will Microsoft give us an overdose of blue ‘e’ 
The Mozilla community have came up with some excellent community marketing ideas in the past so I look forward to what’s in store for 2.0. With less money Mozilla has to be more inventive, the community have risen to the challenge before so let them impress us.
Does anyone remember any ads at all (not online ads but ones in the real world) for Netscape or IE during the ‘browser war’ period? I can’t remember any ads for any browser, but perhaps they just overlook the UK.
Firefox 2.0 is here and I’m sure the Firefox team are happy with the cake they got from the IE team!
I’ve been using Firefox 2.0 since the alpha (Bon Echo) releases (except for my week with IE7) so writing a review will be more difficult as 1.5 is a distant memory for me. But overall I do prefer 2.0 or I’d have gone back to 1.5 months ago.
A week with IE7 review has been slashdotted. I will comment on some of the points raised on slashdot in a future post. Currently time restraints mean I have no time to comment directly. Got an amazing 50724 visits in the space of 4 hours after that was published. That shows that a lot of people do read the linked articles on slashdot even if many of those that comment don’t. Good thing is there’s no reports of the site running slow despite this higher load, so my current hosts, Siteground, are doing quite well for less than a fiver a month.
The first browserden review “A Week With IE7” is now online. Last week I decided to use IE7 rather than Firefox for a whole week to see how it compared. Although it’s a big improvement on IE6 I’m happy to be returning to Firefox as my regular browser.