Microsoft's IE Team Leader Answers Slashdot Questions 530
We got lots and lots of questions for Dean Hachamovitch, whose formal title is "general manager Internet Explorer at Microsoft Corp." Picking a mere 10 of those questions was not easy, and I wish Dean could have answered twice as many -- and so does he, but his schedule has been tight this week. Anyway, here are his answers to the Chosen Ten.
1) How about this...by also-rr
Would you like to make available IE on other operating systems?
Dean Hachamovitch:
We did make versions of IE available on other operating system for a pretty long time, up through IE5 on Unix and the Mac. At the time we developed them, those offerings made sense. I don't see a good reason to make IE available on other operating systems at this time.
2) IE7 release time
by BeeBeard Why did IE7 take such a long time to release after IE6?
Dean Hachamovitch:
Basically because we were doing a lot of other things before we started work on IE7: a few releases of MSN Explorer, a lot of work on what turned out to be Windows Presentation Foundation, a lot of investment in what turned into IPv6 support in Windows Vista, and lot of security response, a pretty intense effort on Windows Server 2003 (and IE's "Enhanced Security Configuration"), and then a pretty intense effort on Windows XPSP2. You can read a more detailed answer here
3) Follow up
by LordEd
If you had more time, is there a new feature you would have liked to include in IE7?
Dean Hachamovitch:
Yes, several come to mind. None were more important than shipping. None were more important than the bug fix work we did in response to beta feedback.
The temptation to get "just one more feature in" is so strong... one more CSS fix, one more neat facility for developers, one more performance optimization, one more cool end-user feature. The thing that made it easier to resist the temptation and ship is the prototype and planning work we've started on the next release of IE.
4) Simple questions
by Billosaur
IE has a dominating command of the market, although Firefox is slowly making inroads, due to innovations such as tabbed browsing that IE has had to incorporate to maintain that command. But where are the IE innovations? Why can't the IE team get ahead of the curve on Firefox? Is there anything you consider an innovation that is unique to IE that would plausibly be something the browser market would have to incorporate to stay competitive?
Dean Hachamovitch:
I think IE7 is the first browser with integrated real-time anti-phishing functionality, with an RSS platform and support for Simple List Extensions (see below), with "QuickTabs," with support for OpenSearch, and with shrink-to-fit printing on by default. In Windows Vista with Protected Mode, IE7 is the first browser to "put itself into a sandbox" and run with low privileges.
I think that during the IE7 beta process, you've seen other browser vendors copy some of these features and/or deliver add-ons for others. (IE has also delivered some functionality - like spell-checking in forms or in-line find, as add-ons; you can read more here.
I want to call out the Phishing Filter and RSS in particular. I think there's a clear difference between the protection offered in IE7 and other places. I suggest readers look here and here and decide for themselves. I was surprised when I read this because I think IE7 delivers real-time protection that respects user privacy at the same time.
I think IE7's RSS is pretty deep. First, the support for the Simple List Extensions that we made available under a Creative Commons license is cool - check out the links below in IE7. Also, the platform enables developers to deliver on some great scenarios, like sharing subscription information between different applications and services easily (from the new version of Outlook 2007 I run at work to IE7 at home via Newsgator). You can read more about that here.
- Amazon Wish List as an RSS feed
- eBay Search Result as an RSS feed
- Yahoo Music Top 10 list as an RSS feed
In regards to tabs, according to http://en.wikipedia.org/wiki/Tabbed_browsing, NetCaptor (an IE-based browser) was first.
5) My shot
by Njovich
What do you consider the greatest weakness of Firefox?
Dean Hachamovitch:
Hey, I've met a bunch of the Firefox folks and respect them and am not about to say mean things about them or their product, period. I have started to see some things that even some Slashdotters find a little confusing, like the whole Iceweasel thing.
6) Security
by Seto89
One of IE7's revolutionary features was supposed to be security, although it took less than 24 hours for Secunia to post an advisory about a security hole. Moreover, the bug seemed to be carried over from as early as IE5.5. What approach did you take to improve browser's security, and how come the vulnerabilities have been carried over?
Dean Hachamovitch:
The overall approach we took is called the secure development lifecycle. You can read more about it in general at http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnsecure/html/sdl.asp and http://www.microsoft.com/MSPress/books/8753.asp. The very short version is that we stepped back to analyze all the ways to attack a browser and then figured out the best ways to defend in depth against attacks. We reduced attack surface area, for example, turning off several feature and protocols by default and with ActiveX opt-in. We re-wrote a lot of the URL handling code in our networking layer. We ran a lot of tools against the source code to look for vulnerabilities. We listened to feedback from lots of smart people who are skilled in the art of attack.
As anyone who reads SecurityFocus or FullDisclosure will tell you, security is an industry problem and innovation in attacks is ongoing.
The MHTML issue is pretty interesting. IE calls another Windows component to handle some MTHML functionality. That component has a vulnerability. The important things here are (1) a malicious site can steal user data and (2) of course Microsoft cares about privacy and will fix this issue promptly. Some of the blogs over at zdnet - in particular George Ou's and Ed Bott's, have had some balanced opinion pieces on this issue.
While I was writing this, someone disclosed another issue irresponsibly. On the one hand, it's minor (a malicious site can make the address bar, when it's selected and in a pop-up window, deceiving... clicking in the pop-up window addresses the issue) and our anti-phishing technology helps a lot. The MSRC blog has more detail. At the same time, an attacker could draw a fake or misleading address bar in a pop-up window in a browser that doesn't automatically show the address bar in every window. Again, I think all this shows is that innovation in attacks is ongoing.
7) How about this....
by Toreo asesino
Let's pretend for a moment that Internet Explorer isn't the default web-browser built into Windows and instead, users are presented with a choice on first login (e.g. a message asking 'How would you like to browse the internet? MSIE, Firefox, Opera').
Would you expect IE to become as dominant as it is now if users had to specifically choose it over another?
Ignoring the slight impracticalities, if so (I'm guessing you do), on what basis would this be?
Dean Hachamovitch:
OK, I'll pretend. My first question is when we ask users this question... if it's in 1995, then Opera isn't on the list (Wikipedia just told me that its first public release was in 1996) and neither is Firefox. If it's today, then, candidly, we have 10+ years of people seeing the IE icon and all that that means to them.
The funny thing about your question is that in some ways, users are about two clicks from this scenario every time they run Windows XP: from the Start menu, select Set Program Access and Defaults. And it's not limited to the browsers you list, but any browser that they can download.
To answer your core question: I don't know how people would answer that question. I think we've asked users far simpler ones (like setup programs that ask "Do you want a typical or custom software installation?") that have proven frustrating to them. I do blog searches just about every day to read what people are saying about their browser choice, the browser I work on, and the other browsers you list. While it may surprise you, for many users, the differences between today's browsers aren't as clear and obvious as they may seem to many in the Slashdot crowd. I've read a lot of posts that say, "I tried IE7, I'm pleasantly surprised, and I'm switching back." (I read a lot of others for sure.) For some folks, having professional technical support to contact makes all the difference in their browser choice. During a press interview with a technical trade journal recently I asked the reporter "So what do you browse with" and he said "Mostly IE6, sometimes Firefox 1.5." That might surprise some of you.
8) Allowing Developers to Test for Compatibility
by miyako
IE7, like IE6, renders a lot of pages significantly differently than the other main HTML rendering engines available (Geko, KHTML, and Opera). At the same time, IE7 requires WGA to run - so that applications like Wine are unable to run it. This means that web developers who are using Linux and Mac OS X will have an extremely difficult time testing their sites with IE7. Was this intentional? If so what was the reason behind it (do you want to force developers to move to Windows for web development, or simply set IE aside as something different that isn't a regular browser and must be specifically developed for), and if not how do you plan to rectify the situation?
Dean Hachamovitch:
I think the core of your question is about giving away Windows licenses for free. We love developers, period. We're also not about to give away Windows client licenses. Because we want end-users to have a great experience on the web, of course we want web developers to have an easy experience working with IE and testing their sites with IE. That's why we published tools like the web developer toolbar and the Application Compatibility Toolkit and so much documentation during the course of IE7 development. I also respect that - as hard as everyone at Microsoft works to make Windows the best operating system for developers run - some developers will choose to run others. Mac developers have a fine solution - I've talked with hardcore Mac people who bought a copy of Windows that they run on their Mac with Parallels to test their work in IE. For other developers, I've seen some very clever solutions like BrowserCam that should help.
9) I asked Hakon about CSS and now I ask you:
by Chabil Ha'
This past summer Håkon Wium Lie was interviewed on /. and my question was selected concerning IE7's glaring lack of full CSS support. Why is it that MS has avoided meeting at least the ACID2 spec for CSS in order to bring some semblance of comformity for developers?
Håkon Wium Lie's response to these questions is boiled down to the fact that you do have the talent and resources to fix these issues and he says that "the fundamental reason, I believe, is that standards don't benefit monopolists" like MS.
How do you respond to his comments (the author of the CSS spec) and does MS have any near future plans to adhere to the existing CSS standard? If not, what would it take for MS to take a more proactive role in supporting it?
Dean Hachamovitch:
During IE7's development, we prioritized the work we did based on the web development community's real-world feedback. The engineering exercise here was choosing the best work for a finite number of developers to do during a finite period of time, especially given the compatibility impact of changing how IE behaves. The work that we delivered in IE7 simply has more positive impact and makes web developers' jobs easier than making an arbitrary (if terribly clever) web page render the way its author intended.
The Acid 2 test explicitly states that it isn't part of a formal compliance suite and it is not a "spec for CSS." It's a suite of tests of HTML, CSS, PNG, and data URL features that Mr. Lie thought were important. I'm glad that Mr. Lie - who is one of the authors of the CSS specifications - acknowledges that Microsoft's developers have the talent to address these issues.
The question here isn't whether we want to support those features or if we understand that web developers want them (we do), but simply prioritization. We focused on web developers' real world problems.
The real goal here is interoperability - something that Microsoft product teams believe in (remember, Microsoft has more than one product that works with HTML, CSS, and other web standards, and they have to interoperate too) and something that benefits customers (end-users, developers, IT Pros, et al.) across the board. The work in Windows Vista around IPv6 as well as the work we've done in IE7 with OpenSearch, RSS and with Certificate Authorities and other browser vendors on Extended Validation certificates are good examples of following through on that belief in interoperability.
Your question also asks about Microsoft's plans to comply with the existing CSS standard; there are actually several CSS standards, some still under construction (CSS level 3) and some made obsolete over time (e.g. CSS 2.1 fixing errors, removing ambiguities and changing required behavior from CSS 2). Just as we did in IE7, we're going to listen to the web development community and prioritize the remaining CSS work and deliver the parts we hear are most important first. We do intend to comply with the standard; no other browser I'm aware of has complete support of every feature in CSS 2.1, so it's clear that we all have to use prioritization to know where best to place our resources.
10) Why develop IE at all
by CmdrGravy
Given that you are not planning on selling IE 7 and the fact that there are already other browsers on the market which can allow Windows users to experience the web fully why is Microsoft investing so much time and effort in continuing the development of IE?
Dean Hachamovitch:
Windows customers expect the best, safest experience with their PCs out of the box, especially around the web browser. We're investing so much time and effort in IE in order to give Windows customers a great, secure, default experience. I'm glad that users can choose other browsers as they see fit - Windows is a platform. We're working this hard on IE because so many end-users rely on it and so many developers have built on the APIs that IE exposes as a part of the Windows platform.
-------
Editor's note: Next week's Slashdot interview guest will be a FireFox person. Only fair, right? :)
too late to ask a question? (Score:5, Insightful)
he writes these long answers to some of the questions, but just turns it all around twists it up and inside out, by the time you read the entire answer you realize he didn't say anything at all.
But sometimes you apparently *need* IE on Windows. (Score:5, Insightful)
Thing is, that's not good enough for some web designers. I used to a bunch of online surveys to make a bit of cash, on Windows. These apparently required IE for some reason, and would complain with any other browser. Now, I recently got a Mac Mini and tried using the bundled IE 5 to do the surveys. No joy. No, it didn't complain I was using an old version of IE. It complained that I wasn't use IE on Windows. I ditched the surveys because I was getting crappy money anyway, so it was no great loss, but this was the first time I'd seen a web site differentiate between IE on different operating systems. So in this case, having the latest version of IE on a Mac wouldn't have made a blind bit of difference.
Oops, wrong question... (Score:5, Insightful)
A: (summarized) Yes.
I guess what he should have asked was:
Q: If you had more time, what are some new features you would have liked to include in IE7?
Slight ego, perchance? (Score:2, Insightful)
OK, I'll pretend. My first question is when we ask users this question... if it's in 1995, then Opera isn't on the list (Wikipedia just told me that its first public release was in 1996) and neither is Firefox. If it's today, then, candidly, we have 10+ years of people seeing the IE icon and all that that means to them. "
Ok, and why is it that those people have 10+ years of seeing the IE icon? Oh yeah, I remember, because you COULDNT REMOVE IT.
Going back in time... (Score:5, Insightful)
Re:too late to ask a question? (Score:5, Insightful)
wtf? (Score:5, Insightful)
What? Who is asking for Windows licenses? That has nothing at all to do with the question.
Re:But sometimes you apparently *need* IE on Windo (Score:5, Insightful)
Operating System vendors have no incentive, no matter who they are, to make their products available on other platforms. Open Source apps have the advantage that those with a little more objectivity can take the code and release it for a competitor, but that's not exactly the same thing.
Comment removed (Score:4, Insightful)
Excuses, excuses (Score:5, Insightful)
How about this: Instead of using corner cases in Gecko and Opera as excuses, why don't you complete the implementation of major features of CSS 2? When an entire chapter (*cough*TABLE LAYOUT*cough*) of the Salmon Book has to be excluded to remain compatible your browser, your browser is broken.
Re:Oops, wrong question... (Score:5, Insightful)
First question:
Q. "Would you like to make available IE on other operating systems?"
A. "No." [abbrev]
But it was so hard picking just ten questions! Plus, Dean was really busy !
Re:Huh? (Score:5, Insightful)
Re:Err... (Score:2, Insightful)
If you make a firefox shortct and switch the icon you'd be surprised how many people don't even notice.
I wish there were a virus that just went around and dit that.
1995 (Score:5, Insightful)
And what about Netscape?
Re:Err... (Score:3, Insightful)
Re:wtf? (Score:3, Insightful)
acid... (Score:1, Insightful)
I'd fire someone for writing something like that.
Nobody really really writes like that. I don't think that it's all that important for any browser to pass that particular test.
I think a very large suite of test cases using sampes from many real websites that have no IE hacks would be a much more useful test.
Also I remember reading somewhere that the acid test also tests how a browser reacts to some sort of invalid code like a broken comment. If there were a version of the acid test that tests only perfectly valid code and dropped the src=data: stuff most browsers would be much closer to passing it.
atm nobody really uses data: sources and I for one VALIDATE EVERYTHING. If the browser work perfect with totally valid code, it works for me.
Re:Err... (Score:4, Insightful)
Re:Err... (Score:3, Insightful)
Re:Browser choice (Score:1, Insightful)
For me, I would need some criteria to differentiate the products:
1. Security: FF and Opera will win on this front
2. Stability: I don't know all of stats on this, but would be nice to know
3. Speed: I think this depends on the version of each browser
4. Compatibility: given that at this point I have already chosen my OS, I'm talking about compatibility with various web sites. Despite the CSS issues, IE is clearly the winner here, but this could also be a "chicken or egg" argument.
A bit soft... (Score:3, Insightful)
* If you had more time, is there a new feature you would have liked to include in IE7?
* ...But where are the IE innovations? Why can't the IE team get ahead of the curve on Firefox? ...
* Let's pretend for a moment that Internet Explorer isn't the default web-browser built into Windows and instead, users are presented with a choice on first login
* IE7, like IE6, renders a lot of pages significantly differently than the other main HTML rendering engines available
Seem either very vague or appear to be dodging the question (or the very obvious intent) that is being asked. Moreover I think that the questions were actually quite a good selection, and not too aggressive (nor too fluffy). I would like to know how much input or oversight Microsofts marketing / other departments had in the answers.
I've been looking at (and commenting on) some of the Microsoft related blogs that are out there, such as MSTechToday [mstechtoday.com] and I am intrigued at how defensive Microsoft advocates are (I know that Mac, GNU/Linux and BSD advocates are fairly Zealous too...), but they appear defensive even when they don't need to be. Love it or loath it, Microsoft software is now in general, stable, usable and allows you to be productive, and Microsoft are focusing on security too.
Things like the "get the facts" campaign against GNU/Linux appear to be no better than negative political ads (Oh and check how many of the companies featured pointing out why OSS isn't an option for them in production are using OSS web servers, Firewalls and other technologies).
The one thing that stands out is that whilst the GNU/Linux groups are very keen to point out how great and how secure and stable the OS is, they don't tend to have to justify the direction they are going, even to pro-Microsoft posters. The Microsoft advocates on the other hand seem to have to point out that everything is being done to address a customer need that they have identified, and that anyone claiming a feature in the OS, or one being introduced into the OS may not benefit windows users (or in the case of DRM and Driver signing) may damage interests is working against some sort of ideal.
I guess the answer to that is that people use MS software because it fills a need of some sort, or because in a given situation there is no alternative (or because they are locked in to it for a given cycle), whilst GNU/Linux, BSD and Mac users use their respective products because they think that they are the best solution out there, and because they feel that the organisation / group also have a philosophy that they can either agree with or actively support.
I guess what I am saying rather badly is that those people making the software that is and runs on Mac OS, GNU/Linux, BSD etc.. stand for something, whilst Microsoft doesn't seem to anymore (and the whole Microsoft is evil and stand for evil doesn't count as its fairly invalid and is voiced by people who detest MS not its user base - although I guess there may be a certain attraction to some people :) ).
Just a thought, In modern markets is a philosophy that you aspire to something that adds something to your product? Google seem to think so, Banks seem to be keen to promote their reputations and ideals, even auto manufacturers try.
Anyway, thanks
I should declare that I use GNU/Linux and Solaris rather than MS products these days; but was quite fond of Active Directory and 2000 server, before any of the above is seen as either entireley pro or anti Microsoft
Giving away windows licenses? (Score:5, Insightful)
I beg to differ. I think it's about tying IE so close to the OS (with WGA and limited version support) as to require someone to buy the latest version of Windows and a machine to run it on in order to continue to support Microsoft's broken browser. I'm sorry, but this is a bad answer. THe profit and market share motives were completely ignored, and shouldn't be.
If Microsoft was really concerned about the browsing experience, they'd bend over backwards to attain parity with the other browsers on the market WRT standards support. Acid2 is a nice test suite to show it. As a part time developer, I can say with certainty that the stuff they've fixed is nice, but it still doesn't come close to what's required for true partiy, and by that I mean the ability of a developer (me) to write a single document for the web that's rendered the same way by the 3 browsers I see in the top of my logs (IE, Firefox and Safari).
When they get there, I'll start listening. Until then...I trust IE as far as I can throw it's program manager.
Re:But sometimes you apparently *need* IE on Windo (Score:3, Insightful)
There's nothing magic about the standards that makes them better than any other browser target. The only reason developers are constantly clamoring for standards compliance is that is presents a single target to code to. We don't care which target we code to, we just don't want to have to support multiple targets. And that's why Microsoft's refusal to comply with standards is so frustrating. Every new IE release creates a new target to code for (though hopefully the release of IE7 will mean we can finally stop testing for IE 5.5).
This is why Hachamovitch's mention of needing to maintain compatability with other products at Microsoft is somewhat disingenuous. That compatability is only a problem because they've chosen to deviate from web standards both in IE and in the other products. Standards compliance can become a mechanism for allowing projects to work independently from each other without fear that they will need anything more than a couple of tweaks before launching to ensure that the two products work well together. But since they've chosen to deviate from standards (I won't go so far as to say that they've intentionally deviated, but it does seem that way at times), all those project teams need to work closely together to ensure that changes to IE don't break everyone else's code.
Re:What Wikipedia article did HE read? (Score:1, Insightful)
Why not just let it go and realise that people have been influenced by eachoer for eternity. There is nothing wrong with that.
The major invention here is the www, which was influenced by gopher and others. Who cares about some tabs in in the long run.
Re:wtf? (Score:1, Insightful)
Re:wtf? (Score:2, Insightful)
Windows==IE
Nevermind that whole sandbox thing. MS still wants IE and Windows to be inseperable and even indistinguishable. If the average customer can comprehend what an alternative web browser is, MS has failed, because that user can probably also comprehend what an alternative OS is.
Re:But sometimes you apparently *need* IE on Windo (Score:2, Insightful)
Would you care to explain, then, why Microsoft produces Office for Mac?
Re:Lil Vague (Score:3, Insightful)
Whatever (Score:5, Insightful)
Exactly the bullshit answers I expected. Especially on the question of CSS support. News flash: IE's whacked CSS support IS a REAL WORLD PROBLEM FOR DEVELOPERS.
Re:protected mode browsers .. (Score:2, Insightful)
The real-world protection of this is significant. IE running in protected mode has significantly less rights than a non-admin user on the box. This protects from situations like future holes that let a website write arbitrary files to the user profile. This is often used as one step in an attack sequence.
This provides an additonal layer of protection even for someone running as a non-admin user. Its called defense-in-depth. If a future information-leakage vulnerability is found, this will also help prevent pulling information from your user profile. This also helps prevent cross-domain vulnerabilities from being significant.
Re:Concise translation (Score:3, Insightful)
Nope, and there are reasons, but I'm not telling you what they are."
I thought he was quite clear about this, and I dont even think you have to ask. They dont make IE available on other systems because that provides no competitive advantage to their business.
"9) Why is it that MS has avoided meeting at least the ACID2 spec for CSS in order to bring some semblance of comformity for developers?
We don't care about standards. We care about the real world!"
ACID2 is not a standard nor a spec. It's an arbitrary test using one person's (albeit a fairly relevant person) interpretation of a tricky subset of CSS implementations.
"10) why is Microsoft investing so much time and effort in continuing the development of IE?
The security holes and lack of features in IE were starting to reflect badly on our claims of having the most secure and innovative products."
I think this can be simplified even more. The problems with IE were starting to hurt their business, so they moved resources onto it. It's important to customers, those people who buy their products.
Re:protected mode browsers .. (Score:3, Insightful)
Re:protected mode browsers .. (Score:2, Insightful)
The "hooks" started with Windows 98 and consisted of Windows detecting when you typed a URL into the address bar in explorer and automatically loading IE in that process. That, and the fact that IE's controls and HTML parsing libraries shipped with Windows and were eventually used by lots of Microsoft and 3rd party applications, making them difficult to remove without breaking lots of stuff.
IE still always ran in user mode. It never did any funky kernel tricks. It never had any more access to the machine than any other browser.
Furthermore, its security problems had very little to do with these "hooks" aside from the fact that since it was used by 95% of the browsing public it became a great attack vector for Windows.
IE7 is no longer loaded into Windows Explorer when a user types a URL into the address bar. In fact, in XP, when a user does this the default browser is spawned by default. In other words, IE 7 has no more of a "hook" than Firefox does.
The fact is that Linux would benefit just as much from a service-broker type security model for high risk applications. The fact that Linux people seem unwilling to admit that this is a good idea seems to ensure that Linux will never benefit from it. Too bad for you.
Re:wtf? (Score:4, Insightful)
1. IE on other systems again? It made sense then, but doesn't now. (Why?)
2. Why did IE7 take so long? We were busy. (OK.)
3. Is there another feature you would have liked? Yes. (Which?)
4. What's unique to IE7? Anti-phishing, tabs, RSS,
5. What's the greatest weakness of Firefox? I'm not going to say mean things. (You can't criticize without being mean?)
6. Why are security bugs from IE5 still around in IE7? Security is hard. (It does seem to be really hard for you guys.)
7. What if you, hypothetically, offered a choice of browsers? I don't know / in XP it's 2 clicks. (No, it's not, unless your XP has hypothetical features, too.)
8. Why is IE7 tied down to only run on Vista on raw hardware, making it unavailable to Linux/Mac web developers? We're not going to give away Vista. (That's not at all what he asked.)
9. Why is your CSS still so bad? We have only finite resources! (Though we're still the biggest software company in the world, by a fair margin -- please ignore that upstart Apple who is shipping an ACID2-passing browser.)
10. Why does IE have to exist? It's part of the Windows platform. (OK.)
I guess this points out the difference between ask-slashdot and a real interview: in a real interview, if somebody tried to weasel out of a question, you could ask a more pointed question. With ask-slashdot, if they don't like a question, they can just put down a bunch of words that don't answer the question and move on. (Kind of makes me wonder if that's how they write code, too. "I don't like coding security, so here's another annoying dialog box instead...")
Re:Excuses, excuses (Score:3, Insightful)
It's a difficult situation of their own making. The entire DOJ unpleasantness was about the implementation and integration of Internet Explorer, not its mere existence. If the IE team was looking for something to do, cleaning up the "co-mingling" issue would have filled their schedules quite nicely.
The fact is, Microsoft settled into the sort of complacency that only monopoly power will indulge. When pressed by repeated exploits, they reinforced security in Windows XP SP2 and, only by extension, IE 6. If it wasn't for the rise of Firefox, they'd still be settling for the bare minimum effort necessary to keep IE 6 patched, features and standards compliance be damned.
I'm a developer myself, so I understand the tension of requirements, resources, and deadlines. And if it really came down to a decision between %SECURITY_FEATURE% and %IMPLEMENTATION_OF_STANDARD%, I don't blame them for their priorities.
I guess what really rubs me the wrong way is the IE 7 team's equivocation about standards compliance. I would love to hear somebody say, "Yeah, we didn't get everything up to spec in IE 7, but we'll cover that in IE 7.1." Instead, we get vague marketing-speak about "customer" demands (without saying who the customer is), and weasely references to compliance in Gecko and Opera.
Clearly, the only way to get Microsoft to implement something in Internet Explorer is to be one of a million squeaky wheels, so I'm squeaking.
Though Dean denies it, you have a point. (Score:2, Insightful)
Re:Browser choice (Score:2, Insightful)
The part of this that I disagreed with most is: What average user even opens Set Program Access and Defaults? That's not even terminology the average user fully understands. That says absolutely nothing, from a layman's point of view, of what they can find in there.
If that utility plays a vital role in the decisions to be made, then it should be running on the first boot of the system.
Re:Going back in time... (Score:3, Insightful)
The problem is that at that time, performance issues dogged it. Honestly, MSIE was a better browser then - shame about it being evil, though.
Re:Concise translation (Score:2, Insightful)
Thats right in the same way as an exam has nothing to do with the subject its based on, wtf. The acid test is based on the standards as a test for them it may not pass them itself thats irrelevant
This is what they get (Score:2, Insightful)
The funny thing is, they're still breaking pages just by updating smaller parts their of CSS implementation, but only those pages that are in the standards compliant mode (CSS1Compat [microsoft.com]). It's effectively impossible for them to change the rendering engine without breaking a lot of things for a lot of people, because many pages use user-agent sniffing and not CSS hacks (those don't apply to IE7 outside of quirks mode), or use conditional comments that include IE7 to feed different versions of CSS. This means that even if they achieved CSS support parity with the modern browsers, and fixed all the CSS hacks (as they already did), IE7 would still sometimes get the old CSS meant for earlier versions, and break pages.
This is what they get for taking so many years with fixing CSS in IE! Not that they've improved it much if you look at this chart [webdevout.net]. The IE 6 and 7 columns look practically the same. So, IE7 is still not a modern browser in this regard. And this is why IE7 just means another bug-ridden rendering engine to support if you develop in standards compatible mode, until IE6 is dead. And looking at how even fifth generation IEs are still around in significant numbers, I wouldn't hold my breath on IE6 going away in the next few years, Windows Update or not.
Re:Missing from the answers (Score:4, Insightful)
People above you in the hierarchy are the ones who decide what resources you get, no? You've said that resource constraints are the reason you didn't implement all of the CSS fixes you would have liked.
When people at Microsoft (of all places) complain about being resource constrained, then it's clear that someone in the hierarchy doesn't consider what they're doing to be terribly important.
Re:Oops, wrong question... (Score:3, Insightful)
So if you want better question, ask better questions. If you want better questions moderated higher, do more and better moderation on interview questions.
I don't "fix" the questions because they're not my words. Now and then I may correct a typo, but beyond that, the whole point of a Slashdot interview is that the questions are written by readers and moderated by readers.
If you want me to come up with my own questions and do interviews by phone or in person, and publish both audio files of the conversation and written transcripts, fine. I'd ask "who, what, where, why, and how" questions, and I'd have lots of follow-ups. I have over 20 years of reporting experience, so I know how to draw people out during interviews (and how to keep them from ducking hard questions, too).
But that wouldn't be a *Slashdot* reader-generated interview.
- Robin
Spin-free (Score:5, Insightful)
Sorry for the rude idiots here. They're loud but they're not everybody.