Internet Explorer
| Internet Explorer | |
|---|---|
| Internet Explorer 6 under Windows XP
| |
| Developer | Microsoft, Spyglass |
| Latest release | 6.0 / October 2001 |
| OS | Windows |
| Genre | Web browser, File browser |
| License | Proprietary |
| Website | www.microsoft.com/windows/ie/ |
Internet Explorer, abbreviated IE or MSIE, is a web browser made by Microsoft and currently available as part of Microsoft Windows. Internet Explorer is by far the most widely used web browser, although since 2004 it began losing usage share to other browsers such as Mozilla Firefox, Safari, and Opera. As of April 2005, IE's usage share is about 85% (see the market adoption section).
Internet Explorer is an integrated component of newer versions of Microsoft Windows. It is available as a separate, free-of-charge product for many older versions of the operating system. It has been shipped as the default browser in all versions of Microsoft Windows since Windows 95 OSR2. The last major upgrade to Internet Explorer however was only offered for Windows XP Service Pack 2. Despite initial plans of delaying the release of Internet Explorer 7 until the next major version of Windows (codenamed Longhorn), Microsoft has recently announced a testing version of Internet Explorer 7 will be available for Windows XP SP2 users by the summer of 2005.
For a time, Microsoft also produced Internet Explorer for Mac and versions for use through the X Window System on Solaris and HP-UX. All of these versions have ceased active development.
Table of contents |
History
- Main article: History of Internet Explorer
Internet Explorer is derived from Spyglass Mosaic. Originally, Spyglass licensed the technology and trademarks from NCSA for producing their own web browser but never used any of the NCSA Mosaic source code. In 1995 Spyglass Mosaic was licensed by Microsoft, in an arrangement under which Spyglass would receive a quarterly fee plus a percentage of Microsoft's revenues for the software.
The browser was not widely used until version 4 (released in October 1997), which offered better standard support, and a richer feature set than its main competitor: Netscape Navigator. However, the integration of the browser with the operating system (Windows 98) was subject to numerous criticisms. See United States v. Microsoft for details.
Version 5 released in September 1998 was another significant release, which supports bi-directional text, ruby character, XML and XSL.
Version 6 was released in October 2001 together with Windows XP. This included DHTML enhancements, content restricted inline frames, and better support of CSS level 1, DOM level 1 and SMIL 2.0. The MSXML engine was also updated to version 3.0. Other new features include the Internet Explorer Administration Kit, Explorer bars, Media bar, MSN Messenger integration, fault collection, automatic image resizing, P3P, and a new look-and-feel which is inline with the style of Windows XP.
In a May 7, 2003 Microsoft online chat, Brian Countryman, Internet Explorer Program Manager, declared that on Microsoft Windows, Internet Explorer will cease to be distributed separately from the operating system (version 6 being the last standalone version), It will, however, be continued as a part of the evolution of the operating system, with IE updates coming bundled in OS upgrades.
However, after 2 years, there was a sudden change in direction. On February 15, 2005, Microsoft Chairman Bill Gates announced the new browser version at the RSA Conference 2005 in San Francisco. The new beta version is expected to be released in the summer of 2005. It will be available to Windows XP and later only, including Windows XP Professional x64 Edition and Windows Server 2003 SP1. The new version of Internet Explorer is intended to defend users from phishing as well as deceptive or malicious software, and will include major enhancements to standards support. Interesting, 2004 was the year when the usage share of Internet Explorer started to decline significantly (see the market adoption section).
Features
- Main article: Features of Internet Explorer
Internet Explorer has been designed to view the broadest range of web pages and to provide certain features within the operating system, including Windows Update. During the heydays of the historic browser wars, Internet Explorer superceded Netscape by supporting many of the progressive features of the time. It was the first browser to support Cascading Style Sheets (CSS), now commonplace on the Web.
Component architecture
The Component Object Model (COM) technology is used extensively in Internet Explorer. It allows third parties to add functionalities via Browser Helper Objects (BHO); and allows websites to offer rich contents via ActiveX. As these objects have the same privileges as the browser itself, this creates security concerns. This issue was addressed in Internet Explorer 6.0 Service Pack 2, which provides an Add-on Manager for controlling ActiveX controls and Browser Helper Objects.
Security framework
Internet Explorer uses a zone-based security framework, which means that sites are grouped based upon certain conditions. It allows the restriction of broad areas of functionality, and also allows specific functions to be restricted.
Patches and updates to the browser are released periodically and made available through Windows Update web site. Although security patches continue to be released for a range of platforms, most recent feature additions and security improvements were released for Windows XP only.
Standards support
Internet Explorer almost fully supports HTML 4.01, CSS Level 1, XML 1.0 and DOM Level 1, with minor implementation gaps. It partially supports CSS Level 2 and DOM Level 2, with some implementation gaps and conformance issues. It supports XHTML 1.0 to the extent that HTML 4.01 compatibility guidelines are followed. Internet Explorer uses DOCTYPE sniffing to choose between "quirks mode" (renders similarly to older versions of MSIE) and standards mode (renders strictly according to W3C's specifications) for HTML and CSS rendering. It fully supports XSLT 1.0 or the December 1998 Working Draft of XSL, depending on the version of MSXML (a dynamic link library) avilable. It also provides its own dialect of ECMAScript called JScript.
Internet Explorer supports a variety of graphics file formats, including GIF, JPEG and PNG. Support for alpha channel, is to be included in version 7.
Proprietary extensions
Internet Explorer has introduced an array of proprietary extensions to many of the standards, including HTML, CSS and the DOM. This has resulted in a number of web pages that can only be viewed properly using Internet Explorer. Whilst Netscape Navigator (not the modern versions of Netscape) was also responsible for massive proprietary extension of the core web standards, Microsoft cynics view this as an example of what is called "embrace, extend and extinguish" (EEE), a way to drive competitors out of business by forcing them to use proprietary technology that Microsoft controls, resulting in vendor lock-in.
Criticisms
- Main article: Criticisms of Internet Explorer (see also common criticisms of Microsoft)
Since version 6, there has been no major development on the browser. Critics consider it to be technically inferior in some ways to its competition. Some would even go so far as to say it hinders further standard-based development of websites. Most of the criticisms are related to the support of open standards; and also security-related issues. Internet Explorer is subject to massive media scrutiny, mainly due to its ubiquity.
Criticisms regarding support of open standards
During the browser wars, modifications of Internet Explorer and Netscape Navigator were focused on the addition of non-standard features. In contrast, more recent browsers have been designed with open standards in mind. Since version 5, there have been no significant changes in IE's Trident layout engine. While Internet Explorer implemented many of the open standards, critics found that they were implemented in an incomplete or incorrect fashion. The browser fails to offer support for the latest revision of the standards, especially those finalized after 2001 (since no major development was done after version 5.0). CSS, PNG, and XHTML are some well-known examples of standards that Internet Explorer does not implement fully.
Because of its market dominance, some casual web developers only test their websites with Internet Explorer. Some developers also use non-standard extensions offered by Internet Explorer. This can cause pages to be rendered incorrectly in other browser. In the worst case, it could blocks the users of other browsers from using parts of the sites. Critics feel that this is the execution of the final step of EEE: the extinguish stage.
Sometimes pages that are designed to be compliant with certain W3C standards are not rendered correctly in Internet Explorer. This is often encountered when using complex CSS models. Conversely, many other web designers build websites compliant to W3C standards, test with multiple browsers that are more compliant to W3C standards, and then implement workarounds or hacks to account for Internet Explorer's rendering model, or to hide certain advanced website features from IE. The CSS hacks are often very complicated, as they need to deal with different versions of IE on different platforms (mostly Windows and Mac). They utilize not just Internet Explorer-specific features, but also some layout engine bugs that are well known.
Criticisms regarding security
Internet Explorer comes under heavy scrutiny from the computer security research community, in part due to its sheer ubiquity.
As of April 9, 2005, security advisory site Secunia counts 19 unpatched security flaws for Internet Explorer 6, although some of these flaws only affect Internet Explorer when running on certain versions of Windows or when running in conjunction with certain other applications. See computer security for more details about the importance of unpatched known flaws.
Exploitation via COM
Over the years, numerous attacks were targeted toward Internet Explorer. The embedding of COM into the Internet Explorer created a combination of functions that provides a gateway for explosion of computer virus, trojan and spyware infections. These malware attacks mostly depend on ActiveX for their activation and propagation to other computers. Microsoft has recognized the problem with ActiveX since 1996 when Charles Fitzgerald, program manager of Microsoft's Java team said, "If you want security on the 'Net', unplug your computer. … We never made the claim up front that ActiveX is intrinsically secure.".
One of the main problems in Internet Explorer's security measure is the total reliance on human judgment. Also, ActiveX security relies solely on security zones and digital signing, which was utilized by malware multiple times. One of the common techniques is to mark malicious pages incorrectly under trusted zone, either through human judgment or exploiting the browser's bugs without user interaction. In the sandbox security model used by other browsers, there are no trusted zones as every pages that come from websites (and even local file system) are run with very limited privileges. Human judgment is not involved as pages are only semi-trusted. On another hand, digital signing is rarely used in practice as the signing process is technical and expensive.
The forth-coming Microsoft AntiSpyware, which is currently in beta, monitors BHOs in Internet Explorer on Windows 2000, XP and Server 2003, and will warn the user before a new BHO is installed.
Time for patch creation
Critics have claimed that security fixes take too long to be released after discovery of the problems, and that the problems are not always completely fixed. After Microsoft released patches to close holes in its general operating system in February 2003, 200 days after their initial report (instead of 30–60 days), Marc Maifrett, Chief Hacking Officer of eEye Digital Security, stated that "If it really took them that long technically to make (and test) the fix, then they have other problems. That's not a way to run a software company." Maifrett was criticized by The Register for publicizing a security hole leading to the creation of the Code Red worm and stated that "had they not made such a grand public fuss over their .ida hole discovery and their SecureIIS product's ability to defeat it, it's a safe bet that Code Red would not have infected thousands of systems".
Microsoft attributes the perceived delays to rigorous testing. The testing matrix for Internet Explorer demonstrates the complexity and thoroughness of corporate testing procedures. The browser is released in 26 different languages on many different Windows platforms. Therefore, it is estimated that each patch is tested on at least 237 installations.
Criticisms regarding download size
Over the versions, the download size of Internet Explorer has increased significantly. As of Internet Explorer 6 Service Pack 1 (including Outlook Express), the total download size for a typical installation was approximately 25 megabytes. The size varied between 11 (minimal install) and 75 MB (full install). This was much larger than that of other internet suites, for example (based on Windows installer): 3.6MB for Opera 8.0 and 11MB for Mozilla 1.7.8.
Market adoption
- Statistics reference: Usage share of web browsers
The adoption rate of Internet Explorer seems to be closely related to that of Microsoft Windows, as it is the default web browser that comes with Windows. Since the integration of Internet Explorer 4.0 with Windows 98 in 1998, the adoption was greatly accelerated: from 57.6% in 1998 to 86.08% in 2000. It was often credited for bringing the World Wide Web to newbies. This effect, however, has recently been dubbed the "Microsoft monoculture", by analogy to the problems associated with lack of biodiversity in an ecosystem. By 2002, the user base of its main rival Netscape had almost evaporated.
After having fought and won the browser wars of the late 1990s, Internet Explorer began to see its usage share shrink. Having attained a peak of about 95.4% in 2002, it has been in a steady decline. The decline rate was accelerated in 2004, highly attributed to the emergence of viable free of charge/free as in beer alternatives.
Nevertheless, Internet Explorer remains the dominant web browser. Different organizations report different usage share figures, depending on their approaches and samples: web analysis company WebSideStory reports that IE has a 88.86% USA usage share (as of April 29, 2005); OneStat reports that IE has a 86.63% global usage share (as of April 27, 2005); and Janco Associates, Inc. reports that IE has an 83.07% usage share (as of April 19, 2005).
With the current decline rate (approximately -0.5% per month), the usage share is expected to fall below 85% by the end of 2005. With the release of 7.0 beta in the summer of 2005, this trend could be altered however.
Removal
- Main article: Removal of Internet Explorer
The idea of removing Internet Explorer from a Windows system was first proposed during the antitrust case. Critics felt that user should have the right to uninstall Internet Explorer freely just like any other application software.
One of Microsoft's arguments during the trial was that removing Internet Explorer from Windows may result in system instability. At least one commentator supports this argument, and notes that removing Internet Explorer will also disable Windows Update, leaving the user without vital security updates to the operating system. However, an Australian computer scientist Shane Brooks later demonstrated that Windows 98 could in fact run with IE files removed. Brooks went on to develop software designed to customize Windows by removing "undesired components", which now known as 98lite/XPLite. Microsoft has claimed that the software did not remove all components of Internet Explorer, leaving many DLL files behind.
See also
External links
- Internet Explorer Home
- IEBlog — The weblog of the Internet Explorer team
- Channel9 Wiki: InternetExplorer — The wiki for Internet Explorer
- Internet Explorer Community — The official Microsoft Internet Explorer Community
- Changes in Internet Explorer for Windows Server 2003 — A chat transcript with Brian Countryman (Internet Explorer Program Manager) and Rob Franco (Internet Explorer Program Manager) for Microsoft TechNet
- How to Uninstall Internet Explorer 6 — A Microsoft support article for pre-XP versions of Windows
- Better Browsing with Service Pack 2 — Some benefits of SP2 with Internet Explorer
- Secunia Vulnerability Report for Microsoft Internet Explorer 6.x
Categories: Internet Explorer | Windows web browsers