Linked by Thom Holwerda on Tue 28th Mar 2006 17:02 UTC, submitted by Nehemoth
Internet Explorer BusinessWeek is reporting that Microsoft's next release of Internet Explorer, version 7, will not be integrated into Windows. Breaking nearly ten years of tradition, Internet Explorer was always very tightly integrated into Windows, allowing users to do such things as launch a website directly from any Windows Explorer window, or save a live web page as the desktop wallpaper.
Thread beginning with comment 108820
To read all comments associated with this story, please click here.
IE no integrated
by CPUGuy on Tue 28th Mar 2006 17:27 UTC
CPUGuy
Member since:
2005-07-06

This just means that the OS no longer uses Trident (IE's rendering engine).

IE was never really "integrated" with Windows. It was always a separate app, it's just that Windows used Trident to render parts of the OS.

IE is still bundled with Vista. People can still use Trident in their own applications (and know that it is already shipped with the OS).

I did notice, though, that when you type a URL into Explorer, it no longer converts intself into IE, it opens up a IE in a separate window.

So many people have completely misunderstood how IE worked with the OS. IE was NEVER part of the kernel. It has always been a separate application.

This does not effect security in the slightest bit, it just allows the removal of IE without breaking parts of the OS (the help system, Windows Update, etc...), as these parts that used to rely on IE have been re-written so as to no longer require IE to be present.

Reply Score: 5

RE: IE no integrated
by KenJackson on Tue 28th Mar 2006 17:44 in reply to "IE no integrated"
KenJackson Member since:
2005-07-18

This does not effect security in the slightest bit

But from the article:
Security analysts have been telling Microsoft for a while ... Exploits that were found to exist in current versions of Internet Explorer, were used to attack the core operating system because of the tight integration.

So, unnamed "security analysts" say it does improve security, but "CPUGuy" says it does not.

I can't add anything authoratative, but I think it does.

Reply Parent Score: 4

RE[2]: IE no integrated
by Get a Life on Tue 28th Mar 2006 18:20 in reply to "RE: IE no integrated"
Get a Life Member since:
2006-01-01

The most impressive thing about IE is that it demonstrates that the most popular web client for the most popular desktop operating system can still appear to be magic. All they're really changing is shell integration. The components that make up IE are all going to be there and capable of being embedded.

Reply Parent Score: 1

RE[2]: IE no integrated
by CPUGuy on Tue 28th Mar 2006 18:32 in reply to "RE: IE no integrated"
CPUGuy Member since:
2005-07-06

The thing is, IE is still there.

Windows using IE does not all of a sudden make it more vulnerable. The reason the problem exsists (beyond IEs own security flaws) is because IE is bundled with Windows, and that bundling is still there.

Just because a "security analyst" says that it will improve security does not mean it will... and it won't.

What will improve security is how IE runs as an isolated process, in its own sandbox, in its own world. IE is not allowed to touch anything outside of IEs own folder. So when a security hole does arise, it can't actually do anything except mess up the IE directory (I think not even anything outside of the Temp Inet files dir).

Reply Parent Score: 2

RE: IE no integrated
by JPDrawneek on Tue 28th Mar 2006 17:48 in reply to "IE no integrated"
JPDrawneek Member since:
2006-01-18

This all comes from the DOJ vs MS trial where MS lawyers got so many people up to swear blind that you just could not remove IE from Windows.

Alot of this comes from all the fud MS kicked out back them.

Reply Parent Score: 2

RE[2]: IE no integrated
by sappyvcv on Wed 29th Mar 2006 00:44 in reply to "RE: IE no integrated"
sappyvcv Member since:
2005-07-06

They were mostly right actually. You can't just remove shdocvw.dll (the rendering engine) from Windows. Many things rely on it.

They also couldn't remove the integration of IE and explorer without rewriting explorer, which they have done with Vista.

It's not that they couldn't, but it would have been a support nightmare and required a rewrite of Explorer, which at the time, they were planning for a later OS (which is now Vista).

Reply Parent Score: 1

RE: IE no integrated
by Phoenix49 on Tue 28th Mar 2006 19:08 in reply to "IE no integrated"
Phoenix49 Member since:
2006-03-28

IE is integrated to core, part of IE loads with OS (?! hard to call it such) , that's why IE opens faster than any other browser, and worms are attacking your computer through vulnerabilities in IE

Reply Parent Score: 1

RE[2]: IE no integrated
by CPUGuy on Tue 28th Mar 2006 19:30 in reply to "RE: IE no integrated"
CPUGuy Member since:
2005-07-06

No. No part of IE is in the core of the OS.

You can set any app and/or service you want to load with the OS, this does not make it part of the core of the OS.

Reply Parent Score: 4

RE: IE no integrated
by edwdig on Tue 28th Mar 2006 23:19 in reply to "IE no integrated"
edwdig Member since:
2005-08-22

So many people have completely misunderstood how IE worked with the OS. IE was NEVER part of the kernel. It has always been a separate application.

OS != kernel.

IE has always run as its own process in userspace. That's not the issue either.

IE the browser is a relatively small exe file that doesn't do all that much. All it does is load the individual components that provide the functionality and provide the interface to connect them.

The problem is with the IE components. They aren't all tossed in MSHTML.DLL or other similar DLL's. The functionality is spread somewhat randomly amongst files such as COMDLG.DLL (Common Dialogs) and other core Windows DLL's that have existed forever.

Microsoft's arguments in the antitrust case came down to saying "There's IE code in COMDLG.DLL, so we can't remove IE from the system or almost every program will stop working."

In the end, the issue comes down to where do you draw the line between IE code and OS code, and how much of it can be feasibly removed.

Reply Parent Score: 1

RE[2]: IE no integrated
by Gently on Wed 29th Mar 2006 01:19 in reply to "RE: IE no integrated"
Gently Member since:
2006-03-29

> OS != kernel

What is an operating system? ;-)
Andrew Tanenbaum says: The OS is everything running in a privileged mode. For Unix-like OS it's the kernel.
I think that's true for Windows too.

But of course i'm a little bit obfuscated with IE in kernelspace ...

Reply Parent Score: 1

RE: IE no integrated
by sappyvcv on Wed 29th Mar 2006 00:39 in reply to "IE no integrated"
sappyvcv Member since:
2005-07-06

Thanks for saying it before I could.

Add on top of that, IE being "integrated" isn't what caused the security debacle in XP. All apps had admin rights, so if Firefox had the same flaws, it would have been able to do the same thing, or any browser or app for that matter.

I don't think people truly understand what Microsoft meant by integrated.

Reply Parent Score: 1