IE7 Separated from Windows Explorer

An anonymous reader writes "Security experts warned Microsoft 10 years ago that putting IE as a component of Windows Explorer was a bad idea, looks like Microsoft finally decided to listen to the advice. According to a short write up in Business Week, Microsoft has decided that when IE7 comes out with Vista it will no longer be a component of Windows Explorer and will be able to replace IE6 even on XP machines."

Re:Lied to the EU?

[mtenhagen]

That did not apply to windows xp but to windows 95 and me.

Maybe it could be done but this is the reason it will only be done for xp. On the other hand, having seen some of microsofts products it doesnt suprise me that a web browser which executes remote code (activex) is part of the os.

Re:Lied to the EU?

[FatRatBastard]

Technically they were correct. Think of it as if BMW rerouted the ignition circiut to make sure it passed through the car stereo. Technically, removing the stereo could render the car useless. Its a stupid design decision unless you're trying to monopolize the market in car stereos.

Re:Great! Now to get Konqueror!

[Doctor Crumb]

You are correct in noting that Konq is entirely userspace, which is why they can make it browse whatever they want it to. If you don't like it, you can use Nautilus or firefox or midnight commander or any number of other things. This is only a big deal for IE/Explorer because it is tied to the OS, and because it is really your only choice for many things.

As for how tightly tied konqueror is to itself, that's pretty much moot. Much of Konqueror's capabilities are provided by kioslaves, which are another layer entirely, and could theoretically be used by other apps. *Shrug*

Re:Lied to the EU?

[qw0ntum]

If you listen to the full podcast (LTFP?), they say that the seperation between the browser and the OS will only come in Vista. In XP versions, IE7 will only add new restrictions to ActiveX controls.

So I guess they were not lying, at least according to BusinessWeek.

Re:Okay, but...

[wrfelts]

Will Windows Explorer still be able to function as a web browser once IE7 has been installed separately on XP?

it's a VERY simple programming trick.

if (web-type url typed into location bar) {
CallRegisteredBrowserEngine(typedURL,windowSize,Wi ndowPosition);
}

As long as the registered default browser has the same interface calls published in the registry, it should work fine, and would allow for alternative browsers to cleanly interact with the OS.

On the other hand, this is Microsoft we're talking about. It will probably be more like:

if (web-type url typed into location bar) {
CallMostCurrentMSBrowserEngine(typedURL,windowSize ,WindowPosition);
}

Re:Replace IE6 on XP machines?

[AKAImBatman]

With the instant scans of the checks, "check float" has been removed, and a big issue that banks had with some illegal behavior that most people thought were ok, is gone.

Check floating is not illegal. It's simply an artifact of the way banks work. You're probably thinking of check kiting [wikipedia.org], which is an illegal scheme that takes advantage of the float periods.

Re:Welcome news

[offput]

Windows 2000 is no longer in the windows labelled "mainstream support" so the less they have to deal with it the better for their support teams. On IEBlog [msdn.com], they also cite specifically why it can work for WinXP and not Win2K. It's because of the security upgrades done to XP in service pack 2 which they claim are not easily back-ported into 2K.

Well, don't know....

[sgant]

But considering that I'm actually using the Beta for IE7 on XP now, it seems to be working.

Or are you talking more that it will be tested on XP and all, but the final version won't be available?

By the way, you can download and run the beta now. It's open. Even has an uninstall on it.

Re:Great! Now to get Konqueror!

[GweeDo]

Actually if I recall correctly Konquerer isn't either of those. In fact, it is just a holder for Kparts. In turn, there happens to a be a Kpart for file management and one for HTML rendering (KHTML in this case). So...konquerer can also be a music player (there is a Kpart for that), an RSS reader (again...another Kpart)...

So, konquerer really can be anything you want. So this isn't the best example.

Re:Is ActiveX gone too?

[Hal_Porter]

I think so -

http://www.microsoft.com/windows/ie/ie7/featuretab le.mspx [microsoft.com]

Disables nearly all pre-installed ActiveX controls to prevent potentially vulnerable controls from being exposed to attack. You can easily enable or disable ActiveX controls as needed through the Information Bar and the Add-on Manager.

From here
http://forum.pcstats.com/showthread.php?t=35534 [pcstats.com]

The beta of Internet Explorer 7 is neat to play with but it has one quirky feature where it does not allow users to install unsigned Active X controls. Unfortunately since it's still beta, virtually all Active X addons (like Shockwave, Flash) are unsigned which means they cannot be installed by default. Trying to do so causes IE 7 to spit out an error message.
Not all is lost however, if you load up the Internet Options (Tools -> Internet Options...), click the "Security" tab and in Internet security settings click the Custom Level... utton. In the "ActiveX Controls and plugins" section, find the "Download unsigned ActiveX Controls" option and change it from "Disable" to "Prompt". After that's done click the OK button and you're set!

He he, "one quirky feature". Way to miss the point. Note that you can disable Download Signed ActiveX controls too, or make at least make it prompt you.

There's a best practices document here
http://msdn.microsoft.com/library/default.asp?url= /library/en-us/IETechCol/cols/dnexpie/activex_secu rity.asp?frame=true [microsoft.com]

I think the basic problem is that they still want to avoid breaking websites that rely on ActiveX as much as possible. You can see lots of stuff in that document which means that some ActiveX controls will still automatically on a webpage. If anyone develops and exploit for them and you run it on XP as an admin, you have a problem. Of course, if the user knows what they are doing they can make it secure, but the default setting is more geared to compatibility than security.

it already has

[minus_273]

I downloaed the IE7 beta 2 for XP yesterday and you can see that explorer is no longer tied at all to the web browser. Going to slashdot.org in an explorer window starts the default browser now.

Re:Replace IE6 on XP machines?

[M. Azerty]

Actually, you can try the Beta of IE7: http://www.microsoft.com/windows/ie/ie7/ie7betared irect.mspx [microsoft.com] And yes, you can uninstall it properly afterward.

Re:That explains it..

[Nef]

Check Program Access and Defaults(under Add/Remove software I believe) in Win2k/XP and you'll easily be able to set IE back to being your default. AFAIK, Firefox does EXACTLY what MS recommends as best practice for setting itself as your default browser. FYI, file associations have NOTHING to do with Program Access and Defaults.

In addition, I just verified in IE 5.5 and 6.0 that there's a checkbox under 'Tools\Internet Options\Programs' that will tell IE to check at startup whether or not it's the default and prompt you for the appropriate actions.

HTH

Re:Good news

[Tim C]

It's possible to share code without making an application part of the operating system. They're called DLLs.

Yes, and the one under discussion currently is called mshtml.dll. IE/Windows Explorer is essentially just a wrapper around that. You can use either interchangeably, the only real difference is the set of default buttons, views, menu options, etc. For example, you can open Windows Explorer, type "slashdot.org" in the address bar, hit enter, and surf slashdot. Or you can open up IE, type C:\ in the address bar, hit enter, and browse your C drive. If you do one after the other, you can use the back and forward buttons to navigate between the two.

It really isn't that different (for the user at least) to the way that Konqi works; there's nothing really special about it. One big difference is that a lot of third party apps use mshtml.dll to render HTML, as it's a standard system component (but then, that's the entire point of standard components).

Re:Lied to the EU?

[CTho9305]

They should make the API details public, so that you can replace the mshtml code with an html rendering engine of your choice, such as gecko or khtml

It is, and you can [www.iol.ie] (with Gecko, at least).

Re:Replace IE6 on XP machines?

[pkulak]

I've installed IE7 and since removed it. It's a rollback-able update.

Re:Summary is misleading

[SydShamino]

If I recall correctly, previous announcements had indicated that IE7 would only be available for Windows Vista. In other words, users of Windows XP, Windows 2000, Windows NT, Windows ME, etc., who use IE6 and wish to upgrade would be SOL.

Today, Microsoft's announcement indicated that Windows XP users would be able to upgrade to IE7. Thus, this is a "new feature" for IE7 that IE7 did not have before today - backward compatibility with older operating systems.

Re:Great! Now to get Konqueror!

[prisoner-of-enigma]

The problem with MS's version was that the whole freaking system crashed if IE crashed.

This isn't entirely correct. EXPLORER.EXE, which is tied in with IE and is largely responsible for the GUI, can be crashed by IE. This mucks up the GUI to the point where the system is apparently hung. However, the NTOSKRNL.EXE almost never gets faulted by these kinds of crashes and, in reality, continues to run even though the interface is completely hosed. This is analogous to crashing XWindows in Unix in the sense that X can be completely hung but system processes underneath it continue to function normally. The difference is that a Ctrl-Alt-Bksp will kill X and give you a command prompt, whereas Windows has no such option. There has been talk in the past of Microsoft releasing a command-line version of Windows Server (i.e. the GUI is optional), but AFAIK, that's just been talk with no real action.

Note that crashes that do fully lock up a Windows box are almost always caused by faulty drivers, usually video drivers because these run in kernel space. Linux is just as susceptible to faulty drivers as Windows is. I've had a number of servers up and croak with a KERNEL PANIC because of a faulty RAID driver. Dodgy hardware, poor cooling, overclocking, etc. also locks up boxes but this isn't a Windows-only phenomenon by any means.

Re:Lied to the EU?

[QuestorTapes]

> If combining a file manager with a web browser was stupid, then why
> did the Konqueror folks rip off the idea and do exactly the same thing?

If it were merely that IE was the file system browser, it wouldn't be the problem it is. IE is a critical component of the help rendering engine, and the source of a lot of the APIs underneath that -any- file system browser in Windows is normally going to depend on.

In addition, critical DLLs (COMCTL32, and SHLWAPI for two) have been updated, APIs added, and code and behavior modified for the entire operating system, at the direction of the IE development team, for new versions of IE.

IE updates broke a -lot- of applications by changing the way that common windows controls display and behave, adding and modifying new shell APIs, and changing all sorts of things that aren't relating to web or file system browsing.

Re:Replace IE6 on XP machines?

[Hollyfeld]

Actually, no. Post-dating a check will have no effect on when it can be cashed, or your liability for payment. The date field on a check has no legal signifigance - a check is a demand draft against an account and is payable on presentation...

Re:Welcome news

[From A Far Away Land]

"More to the point, why would anyone upgrade to vista now?!?"

Because it has a [Spyware or Linux-esq in appearance or feature] detachable sidebar with network/financial/whatever monitor, detachable clock, and transparent window titlebars, as well as no START word on the Start button.

In other words, window dressing. The demonstration I saw of it had Outlook open faster when the system was under heavy load than when it was started from scratch, and it still took many seconds. The presenter didn't know why the start times were mixed up. It's still a RC he said.

There's also a Firefox-esq search bar in the corner of nearly everything where it starts to search and display as soon as you type, and looks within files too. I don't know what cost the indexing for that has on the system performance, but I bet it doesn't work so well under 128MB of RAM ;-)

Re:Replace IE6 on XP machines?

[freeweed]

Post-dating cheques is (from what I understand) either illegal or just not useful in the US - due to exactly what we're talking about here. Your money must be present in the account when you write the cheque (barring overdraft protection, etc).

In Canada, post-dating cheques is very legal, and very common. The provincial insurance companies accept post-dated cheques for payments due in the future, so it's certainly legal at that level.

I ran into this years and years ago when I first computerized the books for a small business - the vendor didn't provide any functionality for tracking post-dated cheques (they were a US vendor, and we were their first Canadian customer). When we called to request this feature, their response was "but post-dating cheques is illegal!". Pretty funny at the time. It took them over a year to get this functionality working right, incidentally.

Oh, and the banks here WILL honour post-dates. If I cash a cheque earlier than the day it is dated for, it usually gets caught. If it goes through by accident, it will be reversed (not as an NSF) and it's up to me to collect the money from the cheque writer.

that's what sftp is for, konqueror helps.

[twitter]

If you have a file at home that you want to FTP while you are at work, you may not want it to be visible to anyone sniffing the network.

That's why you should be running sftp instead of ftp. Konqueror works with sftp:// [ftp] very well.

If you edit a file with Emacs and save it, you create a file with a '~' at the end of the filename. If it is a remote file, where do you create that? Locally, or remotely?

That's not an issue specific to the browser. If the user has permission to look at the file, they have the ability to create a local copy. The only real solution to the problem you raise is to keep untrusted users off your local machine.

everyone makes mistakes. Did you select the wrong tab and accidentaly send something in the clear, or to the wrong location? What if you can't undo your mistake? (Permission to create a file, but not delete it.) This is one of the dangers of integration - if it is handled the same, and looks the same, how do you avoid mistakes?

Once again, this is not a browser problem but a browser can help. Konqueror is an excellent tool for moving files across machines. Split screens avoid the need to ever drag to tabs. The easiest way to move files around is to split your screen with the localhost and the targethost on the same tab. When things are done this way, it's harder to make mistakes. That's all a good tool can do.

Once you start doing things this way, it's hard to go back. I still use find and tar for archiving and will often sftp by hand, but one day I'll figure out how to do that graphically with konqueror. If I ever figure out how to use konqueror's built in scripting for routine updating, well, things will be much easier. My life is not that routine yet.