Every now and then a news story comes up which reminds us that if people with bad intentions, even sensible people can fall into traps on-line. There was one such story last week where friends of the victim said she was “the sensible one” – if she wasn’t unusually gullible it could happen to anyone. I wrote about safer internet day recently and it’s worth making another call to readers who are tech savvy to explain to others who are less so just how careful we need to be trusting people on-line. I got a well constructed phishing mail last week claiming to have come from Amazon I would have fallen for if it had been sent to my home rather than work account – it’s as well to be reminded sometimes we’re not as smart as we like to think.
I’ve also been reading about a libel case. I avoid making legal commentary and won’t risk repeating a libel: the contested statement said that something had been advocated for which there was no evidence. I read a commentary which said something to the effect that in scientific disciplines, if your advocacy is not in dispute and someone says you have no evidence for it, you produce the evidence. Without evidence you have a belief, not a scientific fact. This idea came up on later in the week when I was talking to someone about VMware: you might have noticed there is a lack of virtualization Benchmarks out in the world, and the reason is in VMware’s licence agreement (under 3.3)
You may use the Software to conduct internal performance testing and benchmarking studies, the results of which you (and not unauthorized third parties) may publish or publicly disseminate; provided that VMware has reviewed and approved of the methodology, assumptions and other parameters of the study
Testing, when done scientifically, involves publishing ,methodology, assumptions and other parameters along with the test outcomes and the conclusions drawn That way others can review the work to see if is rigorous and reproducible. If someone else’s conclusions go against what you believe to be the case, you look to see if they are justified from the outcomes: then you move to the assumptions and parameters of the test and it’s methodology. You might even repeat the test to see if the outcomes are reproducible. If a test shows your product and yours is shown in a bad light then you might bring something else to the debate. “Sure the competing product is slightly better at that measure, but ours is better at this measure”. What is one to think of a company which uses legal terms to stop people conducting their own tests and putting the results in public domain for others to review ?
After that conversation I saw a link to an article IE 8 Leads in Malware Protection . NSS labs have come out with their third test of web browser protection against socially engineered malware*. The first one appeared in March of last year, and it looks set to be a regular twice yearly thing. The first one pointed out that there was a big improvement between IE7 and IE8 (IE6 has no protection at all if you are still working for one of the organizations that has it, I’d question what you’re doing there). IE 8 does much better than its rivals : the top 4 have all improved since the last run of of the tests. IE was up from 81 to 85% , Firefox from 27 to 29%, Safari from 21% to 29% and Chrome from 7% to 17%:
Being pessimistically inclined I look at the numbers the other way round : in the previous test we were letting 19 out of every 100 through, now it’s 15 – down by 21%: in the first test we were letting 31 of every 100 through so 52% of what got through a year ago gets blocked today. Letting that many through means we can’t sit back and say the battle is won, but IE8 is the only Browser which is winning against the criminals: Google,for example, have improved Chrome since last time,so it only lets through 83 out of every 100 malware URLs - that’s blocking 11% of the 93 it let through before from each 100. With every other browser the crooks are winning, which is nothing to gloat over - I hope to see a day when we’re all scoring well into the 90s.
I haven’t mentioned Opera – which has been have been consistently last, and by some margin, slipping from 5% in the first test to 1% in the second to less than 1 in the most recent. In a spirit of full scientific disclosure I’ll say I think the famous description of Real Networks fits Opera. Unable to succeed against Safari or Chrome , and blown into the weeds by Firefox, Opera said its emaciated market-share was because IE was supplied by default with Windows. Instead of producing a browser people might want, Opera followed the path trodden by Real Networks – complaining to the European Commissioner for the protection of lame ducks competition. The result was the browser election screen.
I’m not a fan of browser election screen – not least because it is easily mistaken for Malware. To see the fault let me ask you, as reader of an IT blog, which of the following would you choose ?
You might say (for example) “I want Firefox”, but which is Firefox in that list ? You are probably more IT savvy than the people the election screen is aimed at and if you can’t choose from that information, how are they supposed to ? You see, if you have done your testing and know a particular browser will meet your needs best, you’d go to it by name you don’t need the screen. People who don’t know the pros and cons of the options before seeing the screen might just as well pick at random - which favours whoever has least market share – which would be Opera.
The IE 8 Leads in Malware Protection article linked to a post of Opera’s complaining that the results of the first test were fixed “Microsoft sponsored the report, so it must be fixed!” If we’d got NSS labs to fix the results a year ago would we stipulate that Opera should be so far behind everyone else? Did we have a strategy to show Opera going from “dire failure” to “not even trying”? Or that IE8 should start at a satisfactory score and improve over several surveys with the others static ? But to return to my original point: the only evidence which I’m aware of shows every other browser lets at least 4 times as much Malware through as IE. The only response to anyone who disputes it is let’s see your evidence to counter what NSS labs found.Google have spent a fortune advertising Chrome: if Chrome really did let fewer than 5 out of 6 malware sites through they’d get someone else to do a [reviewable] study which showed that.
And since we’re back at the question of evidence, if you want are asked for advice on the election screen and you want to advocate the one which will help people to stay safe from Phising attacks – I don’t think you have any evidence to recommend anything other than IE. But remember it’s not a problem which can be solved by technology alone. Always question the motives of something which wants to change the configuration of your computer.
Earlier this week I went to “Oxford Geek Night” and the title of one of title of one of the sessions was “The Zombie Cookie apocalypse” delivered by David Sheldon (I wish his slides were on-line so you could read more and I could give him a proper credit), it wasn’t the only informative session – there were bunch of those - but it was one which sent me away thinking “I should have known that”.
Here’s the Gist. We all know about cookies, the little bits of information which web sites send to to your browser to make applications work, or to follow you round the web. Even IE6 knew that cookies could be bad and could reject the tracking ones. Adobe Flash keeps its own cookies, which bypass the normal rules. Although it doesn’t seem to widely known (I was in a roomful of people where internet expertise was the top skill, and no one seemed to have heard of this before) – it is reasonably well documented – often using Adobe’s name of “Local stored objects. You can read more information in Wikipedia’s dispassionate style, or you can have it in they’ll suck out your brains style if you prefer (of course you do !)
This has 3 main impacts.
I thought “the handful of sites where I use In-Private Browsing aren’t flash sites.”, the flash handling the cookie is not always visible. When I did a quick search I found something from the Electronic Privacy Information Center which quotes one tracking platform vendor as saying "All advertisers, websites and networks use cookies for targeted advertising, but cookies are under attack. According to current research they are being erased by 40% of users creating serious problems.". Indeed: as EPIC puts a little later “By deleting cookies, consumers are clearly rejecting attempts to track them. Using an obscure technology to subvert these wishes is a practice that should be stopped”
So: How do you see, clear and block/allow Flash Cookies ? That announcement from Adobe suggests that in 10.1 you will be able to this by right clicking on flash in the browser and going to settings. Until you get 10.1, you have to visit a page on Adobe’s site –which isn’t espcially easy to find.
Clearing the information from my computer I made a note of some of the sites which were leaving information on my PC which I was certain I hadn’t visited and got a little PowerShell script to get the title from their home page. (Which worked for most sites, some take a little fiddling). Here are the names and descriptions.
You can see what business they are all in. I’ve added them to my list of sites blocked by InPrivate Filtering. Which reminds me, I must post part 2 of that.
Dave Heiner, one of our Vice Presidents and our Deputy General Counsel has posted an explanation of exactly what will be happening.
I would expect something in due course to explain how organizations can prevent their users being presented with the choice screen (if you are using WSUS – and you should be – you should be able to choose not distribute that update. If you are distributing images apply the update and make your browser choice before creating the image, etc.) .
Over the next few weeks I’m going to be talking about IE8 (and depending on what gets announced at Mix maybe IE9 as well). Whilst I don’t have the data to prove it I’m convinced a lot of people running Firefox are doing so as a way of getting a modern browser when their company still has something from the last century tying them to IE6. I suspect a lot of those people have seen demos which prove IE7 is much better than 6 and that IE8 is better, but the demos are always simplified, and you see pages with a single issue conveniently fixed using a click of a button. But it is definitely not that easy. You could have thousands of apps, many of them packaged, or you could be prevented from accessing the code because it is part of a product you bought.
Why is that last bit in italics ? It’s part of the session abstract for a webcasts which is being run different times of day, over the next few weeks.
The presenter is Chris Jackson, Principal Consultant and the Technical Lead of the Windows Application Experience SWAT Team, Microsoft Corporation (a widely recognized expert in the field of Windows Application Compatibility) . Although I haven’t had a chance to watch it myself, I’ve seen the scores for the first run which said the audience rated it very highly. So if you still have IE6 in place and want to do something about it, this seems like a good place to start.
I don’t often paste things from senior Microsoft folks into my blog, but I’d like to quote some things from our managing director here in the UK, Gordon Frazer
February 9th marks Safer Internet Day, a vital drive to promote a safer internet for all users, especially young people.
For the second year in a row, Microsoft subsidiaries across Europe are organizing employee volunteering activities for Safer Internet Day 2010. Through local partnerships with NGOs, schools, customers and partners, around 650 Microsoft employees in 24 subsidiaries will train more than 50,000 people on online safety. Last year Microsoft UK educated 12,000 young people and 2000 parents in online safety
Through an accident of scheduling I’m going to be using one of the volunteering days Microsoft gives me today, but for a different cause. Volunteering days are one of the distinct pluses about working at Microsoft and its great to see colleagues supporting things like this. I’ve also maintained for a long time when a company is Microsoft’s size it brings some responsibilities with it, and the protection of children has been an area we have concentrated on since before I joined the company 10 years ago.
We are part of the UK Council for Child Internet Safety (UKCCIS) and Gordon’s mail also said This year as part of the “Click Clever Click Safe” campaign UKCCIS will be launching a new digital safety code for children– “Zip It, Block It, Flag It”. Over 100 Microsoft volunteers will be out in schools in the UK teaching young people and parents alike about child online safety and helping build public awareness for simple safety tips.
Our volunteering activities today mark our strong commitment to child online safety. Online safety is not only core to our business, as exemplified by particular features in Internet Explorer 8 (IE8) and our work in developing the Microsoft Child Exploitation Tracking System (CETS) which helps law enforcement officials collaborate and share information with other police services to manage child protection cases, but it is also an issue that our employees, many parents themselves, take very seriously. As a company we put a great deal of faith in our technology, however, we are also aware that the tools we provide have to be used responsibly.
Indeed. I said in something else I was writing that there is an old phrase describing user issues “PEBCAK Problem Exists Between Chair And Keyboard”, and technology – however good – is no substitute for user education. We have a page of advice which you might find obvious but could be helpful to share with friends and family that have children active online http://www.microsoft.com/uk/citizenship/safeandsecure/parentadvice/default.mspx
IE8 provides the best protection out there, and the Child Exploitation and On-line Protection Centre (CEOP) have launched their own branded version of it which provides ease of reporting access for young people www.ceop.gov.uk/ie8, which again may be worth installing at home if you have children or passing on to Friends and Family who are running older versions of IE.
OK cards on the table. I’m prejudiced. I don’t pretend to be anything else, and I try to open about my biases - flaunt them even. And Like most prejudiced people I can explain the logical roots that my prejudices spring from.
When it comes to browsers I think IE is pretty good .Actually let me qualify that: I thought IE 7 was when we got back to being pretty good and IE8 ups our game. Yes I know some organizations are stuck on the IE6 – I think being unable to move to current technology is a sign of badly run organization, so excuses for being stuck on 6 always sound lame to my ears. Usually it comes down to “We made a bad choice of something years ago and now we we can’t upgrade anything”. The investment to put this right which then makes people more productive, and reduces support costs etc is always a good one. When XP was still a current OS (early 2006) IE6 was looking old and tired and I tried Firefox and liked it. These days IE does what I want, so I haven’t felt the need to use the recent versions of Firefox, but to me it still embodies what is good in open source software development. I don’t hear its advocates talking open source ideology, and it strikes me that they want it to succeed on merit – the only way a competitor gets my respect. I can’t feel the same respect for Opera, since it was their complaint to the EU which nearly caused us to ship Windows 7 to Europe with no browser at all. Opera has a market share miles behind Firefox, (and well behind Chrome and Safari). If IE were to vanish it would seem a fair assumption that 3/4 of the total market would go to Firefox. Prejudiced against Opera ? Guilty as charged m’lud.
So… It came a bit of disappointment to find that my new Windows Mobile device comes with Opera installed. Oh the irony: we can’t tell HTC and/or Orange what browser(s) should be on the device , even in our position as customer. On the first day I had the device, I hooked the device up to the corporate wireless (Windows Mobile Device Center handles getting the certificate that is needed) and configured the proxy for work networks. I pointed internet explorer at Www.getCoMo.com and downloaded Communicator Mobile which is working very nicely. Next I wanted to find some IP utilities to check what the network was doing. Sadly the beautiful photos on Bing’s home page are wasted on me - I don’t go to search pages (and my home page is set to blank) – I use the browser’s search box. Except Pocket IE doesn’t have one: however there is a live search icon in the Programs folder but when I used that the result was an error in Opera. It seems Opera can’t connect through a proxy: it certainly doesn’t respect the global proxy setting which IE and Communicator used (it didn’t pick up my favourites either), and if there is somewhere to set, I can’t find it – it’s certainly not under settings.
This produced an outburst which must have startled anyone who heard it. “Congenitally stupid” was one of the more repeatable phrases and I’ll draw a veil over the rest. Seriously. This phone is an evolved pocket PC, and I beta trialled the 802.1x drivers for the wireless LAN card which went in a jacket with my iPAQ 3600 series when Microsoft first started to use wireless LANs in 2001, and could use a proxy. It’s such a basic function I couldn’t believe it was missing. IE at least will me set it as the default browser, so any attempt to jump to a URL at least goes there now. But, can I re-assign the short cut key on they keyboard to it ? That is beyond me. I can remove IE from a PC supplied with it (and presumably if the supplier replaces IE with something else , I can remove that, and go to whatever I want) but there isn’t the same freedom of choice when you move away from the PC. [Unless there are hacks which the average phone user can’t find]
I was chatting with a couple of colleagues yesterday about internet explorer. Someone grumbled “When people think of browser add-ons they automatically think of firefox, but there are some really good ones for IE”. I have talked in the past about IE7 pro (which despite the name works with IE8). I use it for four things – first it has a flash blocker. This gets round my issue of not being able to use a page when there is some animation going on, without needing to turn the flash add-on off [yes, flash is an IE add-on, so is Silverlight.] Secondly it will block content being pulled in from selected external sites. This helps defeat flash but also stops those firms which want to track my visits to sites. Finally for things which get through the first two it has the ability to cut out some of the really annoying bit of a page – those which would circumvent the flash blocker. Although this is mostly targeted at adverts I used it to make the Independent newspaper’s web site usable. The last trick it has contributes to my habit of having dozens of tabs open – click/drag opens a link in a new tab – it has other mouse gestures but that’s the only one I use. [Some people like the download manager , but I’m not one of them]
I added an accelerator for twitter but after that I’m not really using any add-ons. In yesterdays conversation my other colleague said – roughly “I have no plug-ins at all and I don’t think many people use them, a lot a buggy and they all slow the browser down to different degrees”. So … if you have added anything to IE7 or 8 that you really wouldn’t be without (or for that matter if you use firefox because of an add-on) , please post a comment.
I write my blog posts using Windows live writer and I’ve talked before before about one which adds tweetmeme support to each post. This morning I’ve been trying to help someone get the onefor Bit.ly – I had to add &history=1 onto the end of the password to get it to log my links to a history on bit.ly – which is much more useful as I can see which links people are following. It won’t work for him. I guess the same criticisms can be made for Live writer plug-ins as IE ones, but the same question interests me – if you blog with live writer and have a favourite plug in, please post a comment.
Finally, I was talking James Brundage – the guy behind the PowerShellPack which is in the Windows 7 resource kit and also available for download, part of that is an add-in for the PowerShell interactive scripting environment. It adds a menu and a set of short-cut keys – among other things to copy the text with syntax colouring. If you ever need the code to “un-bitly-fy” a URL here it is , in colour. Of course it works for more than bit-ly – it gives back the canonical URL for anything which is redirected from another URL.
Function Get-trueURL { Param ([parameter(ValueFromPipeLine= $true, mandatory=$true)]$URL ) $req = [System.Net.WebRequest]::Create($url) $req.AllowAutoRedirect=$false $req.Method="GET" $resp=$req.GetResponse() If ($resp.StatusCode -eq 301 ) {$resp.GetResponseHeader("Location")} else {$resp.responseURI} }
I wanted to talk about the privacy enhancements in IE8, and to save you from reading something of epic length this is only part 1. First, I do know there are some poor souls out there who work for benighted organizations which can’t get off IE6 - so the idea of working efficiently with a multi-tabbed browser like IE7 or IE8 is denied to them unless they get creative and install a second browser [Given a choice between the 8 year old IE 6 and the current Firefox, I would take the current product] but that is another story for another day. If you’re on IE7, then moving up to 8 is nothing like the step of getting off 6 so there really is no reason not to move from 7 to 8. Even if you’re on 8 already you may have missed the enhancements
I guess there is a decent chance that you know about “in private browsing.” which people laughingly call “porn mode”: the idea is it leaves no trace behind. In one of my more memorably titled posts “Pigs and Drugs and Naked Dwarves” I mentioned that “for the last five years or so a prescription drug has helped me lead a bit more normal life than would otherwise be the case.”. Two years on and I’m still taking it, and last time I saw the doctor he said he preferred on-line requests for repeat prescriptions. It’s easier for me too, but I don’t want my request lurking in IE’s history. It’s a model use for in private browsing. I was telling someone recently that the specialist who first suggested this drug told me “I won’t tell you about it because I know you’ll read about it on the internet anyway” which is what I did. Today I would have turned on in private browsing for that too.
I’m a lot less worried by what’s in my browser history than I am by the behaviour of those who sell internet advertising, who want to gather the maximum amount of information about what you and your interests. I don’t want to target Google but as the biggest they select themselves and their CEO Eric Schmidt* famously said he wanted Google to know everything about people - which produced some interesting press. There are things I don’t want Google et al to know about me (like which drugs I’ve shown an interest in) and I can’t really say where those things stop and the things I don’t care about begin. Google’s users are not its customers - its customers are its advertisers, so when advertisers’ desire to target ads comes into conflict with users desire for privacy, I’ve no idea how Google (or any of the others) would go about resolving the conflict. Even on this blog there is potential for someone to see what you’re interested in because links out of the site go via bit.ly so we can see what links people follow. My view (for what it’s worth) is if you can see before you click the link it goes via a central service and if you don’t like bit.ly having that information you can choose not to click the link. I like the fact that my projects on codeplex.com display in large friendly letters whose analytics are used by the site. I’m not so happy about organizations quietly siphoning up personal information, but that can be stopped by IE8. Since this paragraph is peppered with “My view” , “I like”, “I’m not so happy with”, this might be a good point to remind you that this the personal view of one Microsoft employee (see the in Private feature section of the IE8 Readiness kit for a more rounded view of the issues) but the important point is that we do like to give people choices. For me exercising choice meant using IE7 pro for the last couple of years, it works nicely on IE8; there are other dedicated blockers though the ones for Firefox seem to be better known. IE 8 has “In private filtering” lurking quietly on the status bar: this removes undesirable embedded content – so it can also filter out servers of Ads, which is where the blockers focus their attention, and something I will come back to. In Private filtering identifies those bits of content which come from one provider but are embedded in pages of multiple others, as you can see from the screen shot below.
I went through the sites which IE had picked up: here are what some of them say about themselves:
What is STATCOUNTER? A free yet reliable invisible web tracker Quantcast says. “We show you who is clicking your ads, browsing your website, and purchasing your products... Once you know, it's easy to buy an audience of millions -- even tens of millions -- who look like them” Media6°claims it ‘provides major brand marketers with targeted audiences using the power of social graph data.’ Site meter says with their “detailed reporting you'll have a clear picture of who is visiting your site, how they found you, where they came from, what interests them and much more” Kontera says “patented technology performs real-time semantic analysis of content and other information to dynamically hyper-link the terms that most accurately represent and predict user-intent and engagement” ScorecardResearch is a domain used by Full Circle Studies, Inc. to help with the collection of Internet web browsing data on specific websites that have enrolled in a broad market research effort to create reports on Internet behavior and trends. YieldManager turns out to be part of the “Right Media Exchange” which calls itself the first largest market place for all buyers and sellers [of ads]
Underneath the list of sites there is a link to find out more about the organizations sending you content – only two of follow the standard (Google Analytics, and Audience Sciences [RevSci.net] ) . The others needed me to go digging to find out who they were, and what they wanted my information for; reason enough in my mind NOT to trust them. What was interesting was that Audience Sciences is a member of the Network Advertising Initiative who have an Opt out page . I recommend you visit that page it shows you how many NAI members have got their cookies onto your computer (a staggering number in my case), and allows you to say that you don’t want those organizations to put the information they have about you to use. To me that’s solving the wrong problem. Blocking with In-private browsing stops them getting the information in the first place.
I said I would come back to the question of blocking adverts. Some people will tell you that visitors to a web site somehow have a duty to look at the ads it serves up. Did anyone ever argue that you should must stay in the room when ads appear on TV ? And whilst such arguments might have merit if talking about universal blocking, they look staggeringly weak when its a personal, one-off decision. Remember that ads are usually paid by click-through, not by views. I am never going going to click through any of the ads in question, so I am not costing the sites any revenue. Secondly I’ve written here and here about my “aspergers-like” reactions to distracting (Flash) content on web sites – the impetus for this piece was using a machine with out IE7 pro and hitting a one site where an ad for Windows Server bounces up and down in the margin as you scroll the site, oh the shame of it. I am less likely to buy the product of an advertiser who shows me an ad like that, so I am doing them a favour by not filtering out the ad, as well as saving everyone’s bandwidth.
Next up – how to configure it:
*Two thoughts on Eric Schmidt (1) He ran Novell for a time so I think of him as “The man who turned Novell into the company it is today.” (2) He famously talked about Microsoft having an evil room. In all the real-estate Microsoft owns it is comforting to know he thinks our evil is confined to one room. Actually I’m sorely tempted to propose that we rename one of rooms from, say, “Great Ouse” to “Evil”, and hang a picture of Eric and some of his sayings on the wall.
IE 8 just locked up on me. This in and of itself is a Bad Thing. I’ve got into the habit of having lots of tabs open in IE - I checked it’s currently 70 (why … ? because I can, it’s a pile off stuff I’m thinking about, going back to or what ever). IE 8 will recover from being killed off in task manager. But 70 pages to re-open ? I’d rather not. Then this box popped up
Ooh. Now that’s rather clever. I’ve popped the offending site into compatibility mode and it’s behaving. Chalk another one up for IE
I’ve been pretty enthused about IE8 since it got to Beta 2. Yes there are some sites which need to be put into “Compatibility view”, which would be better called “IE 7 view” as it renders sites correctly which rely on IE7’s departure from standards. There is an argument for saying “Stuff what the standards bodies do, we’re the biggest browser, that makes us the the standard”, but it’s not really a sustainable one, and very “old Microsoft”. Falling into line with the standards will cause pain whenever you do it, so the sooner it’s done the sooner it’s over. I like the accelerators (see this post from February about customizing them)
“Web slices” are something else which looked interesting, and e-bay had a trial of this going before release, but I was looking for an adapter to attach something to a new lens for my camera and hit this
Notice the little green icon on the right click it and this box pops up
and a pull down appears list on the main tool bar for all the items on the page.
And then it a “slice” shows up on my favorites menu, not quite a gadget, not quite a preview it’s a little bit of the page which lets me check on what’s happening with an item, without the need to sign into ebay.
There is a web slice gallery and I can see some great uses being fount for this
A few days back I wrote about acceleators in IE 8 and talked about how search box had been streamlined as well. I knew we’d re-worked how tabs worked but my first reaction was “yeah … but so what”. I’m a big fan of tabs: IE 7 changed my experience of the internet. I guess other tabbed browsers did the same for other people – but tabbed browsing is such a huge jump forward I just can’t remember how I managed without it. IE gets opened up within a few minutes of my machine booting, and quickly gets to twenty open tabs. The beta of IE8 in Windows 7 beta isn’t perfectly stable, but I’m running it for days on end and saved a block a 57 tabs when I had to shut down . Following links from twitter means I’m getting more tabs open especially since I still make use of IE7 pro , which has a feature named “super drag/drop” - if you drag a link and drop it on the same page it opens in a new tab. In practice this means a flick or a “smudge” of the mouse opens in a new tab. IE7 pro also trap pages trying to open in a separate window and open them in a new tab instead.
I’ve taken to colour coded tab groups in 8 in a big way: it sounds so trivial that I sat here and wondered if I dared call it out, but I will:
Open a page as new tab and it forms a tab group with the original page. You can see on the left the tabs are green, they’re the things I’ve jumped to from Twitter, then there are a couple which aren’t grouped, followed by a couple in a fetching shade of peach which were on Geo-coding, then some purple ones which where the results of a couple of searches, next come some green ones on Aviation accidents and finally some in blue from MSDN for something I’ve been working on in PowerShell. It’s just easier to get around; when you have dozens of tabs open you can lose track of where you are.
IE 7 pro remembers recently closed pages and lets you re-open them – with a short cut for the most recently closed one.. The problem is it just remembers the last URL: the tab doesn’t open in a group (you can drag it into one) and if you want to go back through the history on the tab, no joy. In IE8 if you click on the tab strip you get the option to reopen the last closed tab in the right place with its history. The menu can also close a whole group in one go – done with the MSDN group? Right-click, click, 4 tabs gone! There are some bits missing: there’s no option to refresh or save a tab group and grouping tabs which aren’t yet in a group is a bit long winded. Something for the IE 7 pro folks to add for IE 8 pro
Internet Explorer 8 seems to be guided by the same “many little improvements” philosophy that has driven Windows 7 – or put another way it’s not packed with radical new features , and in some cases I find it hard to be sure if something really wasn’t there before: I think the “Privacy Policy” is new and it lets find out where pages are including something which violates my privacy or which produces a hyper-active advert (where these are scripts they go into IE’s distrusted sites list ! )
Here’s the kind of incremental improvement I’m talking about, look at the search box.
Image 1 on the left shows how things worked in IE 7, you needed to pull down the list on the right to select a different search provider.
Image 2 in the middle shows how things have changed with IE 8, the icons for the different providers show up under the search box, click the one you want to select and click off the search (3 clicks become one).
But what’s that on the right ? in image 3. Previously to search your history you needed to go to favorites tab, go to history, choose Search history, enter my search term and then click search. In 8, just type into the search box and the history gets searched as you type
One thing that is brand new in 7 is the idea of accelerators: when you highlight some text on the page you can take some actions with it. Highlight an address and you can go to a map, highlight a word and you can look it up in a dictionary. Use an a browser based tool for composing your blog entries (and I don’t) then jump to your blogging tool . The specification for the XMLfiles which describe accelerators is on MSDN. There were plenty of things I could have tried, but I decided to one one for Twitter… then found that David Sim has done that already, and here’s what the XML looks like
<?xml version="1.0" encoding="UTF-8" ?><os:openServiceDescription xmlns:os="http://www.microsoft.com/schemas/openservicedescription/1.0"> <os:homepageUrl>http://www.twitter.com</os:homepageUrl> <os:display> <os:name>Send to Twitter</os:name> <os:icon>http://www.twitter.com/favicon.ico</os:icon> <os:description>Send text to Twitter</os:description> </os:display> <os:activity category="Send"> <os:activityAction context="selection"> <os:execute action="http://twitter.com/home?status={selection} {documentUrl}" /> </os:activityAction> </os:activity> </os:openServiceDescription>
<os:openServiceDescription xmlns:os="http://www.microsoft.com/schemas/openservicedescription/1.0">
<os:homepageUrl>http://www.twitter.com</os:homepageUrl>
<os:display>
<os:name>Send to Twitter</os:name>
<os:icon>http://www.twitter.com/favicon.ico</os:icon>
<os:description>Send text to Twitter</os:description>
</os:display>
<os:activity category="Send">
<os:activityAction context="selection">
<os:execute action="http://twitter.com/home?status={selection} {documentUrl}" />
</os:activityAction>
</os:activity>
</os:openServiceDescription>
So once this is installed if I run my mouse over some text I get this ….
All very fine and good … except why do I have to go to a submenu ? and Why is the top menu filled with stuff from Windows Live – some of which I’ll use but some I won’t ? The answer is it has to default to something, but you can change it by going to Manage Add-ons from IE’s tools menu and clicking accelerators (and there is a short cut on the “All Accelerators” Menu)
I’ve removed the Email with Live mail and Blog with live spaces (I don’t use them) and just to show the search isn’t fixed I changed the default search to “My blog”, which changes the “Search with” entry. Each accelerator has a category – this one is “Send”, and one item in each category can be flagged as “Default” to appear on the top menu, which is what I’ve done for the twitter entry. Now that’s more like the “few clicks for common tasks” ethos of 7.
I was a little surprised to find it was nearly 3 years ago that I first wrote about Open Search… So first off…
Open search provides a specification for XML to describe search services. It’s easy to build this XML, and there’s a Microsoft Page which builds it for you, so here’s an example for IMDB, which I need to add to my Windows 7 installation:
<?xml version="1.0" encoding="UTF-8" ?> <OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/"> <ShortName>IMDB</ShortName> <Description>IMDB provider</Description> <InputEncoding>UTF-8</InputEncoding> <Url type="text/html" template="http://www.imdb.com/find?s=all&q={searchTerms}" /> </OpenSearchDescription>
<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
<ShortName>IMDB</ShortName>
<Description>IMDB provider</Description>
<InputEncoding>UTF-8</InputEncoding>
<Url type="text/html" template="http://www.imdb.com/find?s=all&q={searchTerms}" />
</OpenSearchDescription>
The XML tells something like IE 7 and 8 that there is a search, with a name and a description, and the URL to search it and return data as Text/html. IE can use a Link tag on a page that you are viewing to enable a context sensitive search here’s an example from OpenSearch’s own site.
<link rel="search" type="application/opensearchdescription+xml" href="http://blogs.technet.com/opensearch_desc.php" title="OpenSearch (English)" />
That was as far as my interest went when I first heard of Open Search, but there is a use for these descriptions in Federated Search. Federated simply means taking the results of more than one search and merging them together. But if every site comes back with an HTML page that is no good for merging, so Open Search defines an XML schema, or to be more accurate it defines extensions to RSS and Atom. Now the Description file can contain another URL line which specifies a type of "application/rss+xml", or "application/atom+xml". Each item in the RSS feed becomes a search result, and any search services which can return RSS format can be included in a federated search.
We already use that in our Enterprise Search products. What’s new for Windows 7 is that we use an OSDx (Open Search Description XML file) to add Federated Search parts to Windows Explorer. As far as I can tell, plain Open Search files can be used for this, but there is extra information which can go in, and the best place to start is this post by Brandon. So a OSDx file for twitter looks like this.
<?xml version="1.0" encoding="UTF-8"?><OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/"> <ShortName>Twitter</ShortName> <Description>Search for a person @name, tag, #tag or anything else</Description> <Language></Language> <Url type="application/rss+xml" template="http://search.twitter.com/search.rss?q={searchTerms}"/></OpenSearchDescription>
and the results look like this (click for a bigger version).
The key thing is that this could be any site (internet, intranet you name it) which can return search results as RSS or Atom, and once the search is defined you put a shortcut to it anywhere you’d have a shortcut to a folder.
One of the things about a new browser is that various web sites expect particular ID strings to identify browsers they know and get awkward if they don't recognize the browser ID. So one of the nice things in IE 8 beta 2 is that you can select compatibility mode for particular sites and send the string which says "I am IE 7."
I've mentioned a few times that Microsoft has quite a sophisticated set of benefits; employees get to check their payslip on line, and wouldn't you know it... the payroll system is outsourced and is one of those sites which keels over if confronted with a new browser (actually that makes sense - you don't want to assume a previously unknown browser will render all your columns correctly when it's showing people what's been added to or removed from parts of their pay).
So a quick tip-of-the-hat is due to our finance people.Within a couple of days of beta 2 going live they warned there was a problem. And in some companies that would be it. Want to see your payslip, don't run beta software. Not here: they went and tested it and came back with the conclusion that, yes IE8 works just fine in IE7 mode, and with instructions on how to configure it. And after my notes on people's bad mail habits they even sent it out with an opening sentence which lets you triage it correctly: bin it (I don't use on-line payroll or IE 8) , Act on it now (I've just installed IE8 and I use the on-line payroll) or file it for the future (I use on-line payroll, and I'm going to try IE8 sometime)
I said before that letting users put the latest versions of software on their machines before IT have tested everything is the Microsoft way, but it wont' work for many companies. Notice also that by empowering people in this way, finance deal with issues involving a finance application; I've been to companies where this would get stuck between finance and IT for weeks. Getting the testing done up front, involving internal customers (pilot users) and recording the problems and fixes, IS something that everyone can and should do, starting with the sites where you either don't control the client (that's outward facing sites where your customers go) or the server (that's partner/extranet sites where your people go). This is also one of those cases where using sharepoint to create a Wiki works, because the same people -pilot users - have both questions and have answers to share. (See Raymond for why Wikis and the like fail )
.
IE8 has features to please users, which makes me expect a pretty rapid uptake (Read Eileen for a user's eye view of accelerators) .
We've also tried to remove the standards issues which annoy developers. Here's the problem though. If you have diverged from official standards in the past, then what do you ? (a) preserve that difference for ever - so the product is always broken in the eyes of some, or (b) insist that "we have the biggest share of the market. What we do is the standard or (c) Fix it and know that it will break some things. Path (b) is very "old Microsoft" behaviour, so let's cross that one off the list straight away. We can have a compatibility mode to deal with the old stuff, but here's another problem: HTML is HTML - how does a the browser know if it needs to be in compatibility mode ? The browser could tell which code would render differently in "standards" mode and "IE7 and prior" mode but which did the author intend ?
There are two solutions to this, one is that the user can toggle compatibility mode at will, and the other is that if you know pages rely on one of IE7's "divergences" instead of correcting them, you can add a header to tell IE8 to go into IE7 emulation mode.
If you have externally facing web sites, and you're not testing already with IE8, you need to start. Seriously. How many of your users do you want to annoy ? 1 in 50 ? 1 in 20 ? 1 in 10 ? How quickly do you think IE8 will get to 2% , 5%, 10% share ? If people see your pages breaking because you didn't flag them, some won't go into compatibility mode. They'll just see the site is broken and wonder "for how long did they know a new browser was coming, and not fix this ? What does that tell me about their responsiveness ?"
What abut internal sites, ? Apart from the handy collection of links here that is ? I had a mail this morning about what we're doing internally
IT is actively testing all applications with the goal of providing timely and accurate information regarding compatibility. To find more information about which Line of Business (LOB) applications are supported and which are currently being tested, please go to {URL} for up-to-date information. The site will be updated continually by IT as additional applications complete testing
That's very Microsoft IT. "Yes you can deploy it but be warned the apps still are catching up". So if you're responsible for IT, what is your plan for IE8 ? Are you doing compatibility tests ? If you're a theory Y company which lets users have some control over their software are you being pro-active in your role as trusted advisor and telling them what you're doing and how long to wait before they can feel safe about using IE8 ? Or, if you're a foot-dragging theory-X IT department which just tells people to be grateful for IE 6, then are you preparing your excuses for when a company bigwig demands to know why his children have better tools to get information from the web at home than he has at work ? (I always assumed those kind of people don't read blogs. )