Linked by Thom Holwerda on Sun 15th Jun 2008 22:40 UTC
"Internet Explorer 8 is set to be Microsoft's most standards compliant browser ever. After originally stating that IE8 would default to the same non-compliant behavior exhibited by IE7, Microsoft relented and plumped for standard-by-default. The first beta of IE8 was released in March and it did indeed default to standards compliance. Web developers have been clamouring for standards compliance for a long time; IE is a long way behind the competition, requiring considerable hacks and workarounds to get pages working properly. IE8 should make things a lot better - but it will still fall far short of the standards set by Firefox, Safari, and Opera. Some of these problems are technical, but others are cultural. Where the other browser developers are open and communicative, Microsoft is still leaving web developers in the dark."
Thread beginning with comment 318555
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-11-10
Compare the security records of Firefox, Safari, and IE7. Unless you're one of those people whose ideology prevents him from objectively evaluating cold, hard facts, you'll discover (oh, the shock, the horror) that Firefox/Safari have had, in fact, far more vulnerabilities than IE7.
And if you examine those facts without your blinding ideology, you'll see that the mean time between a security issue being raised, and the patch being issued is a factor smaller than with IE; for whom Microsoft not only does not fully disclose many vulnerabilities, and tries to mask them as Windows bugs, they leave people in a state of complete insecurity for weeks, months and even years before finally patching that zero-day exploit.
In 2006, IE was insecure for 284 days waiting for patches, where Firefox experienced just one 9-day period for that year. http://blog.washingtonpost.com/securityfix/2007/01/internet_explore...
As a computer doctor fixing messed up, virus-ridden machines every day, I *know* Firefox is more secure than IE, and the facts back it up.
---
Secondly, IE is not standards based. It has standards tacked on. Try developing something serious for it, and then get back to me on how good it dealt with the standards. There's no native SVG, the Javascript implementation is a complete disaster, the DOM is still full of proprietary junk. The CSS engine still fails at the basics.
Member since:2006-01-06
And if you examine those facts without your blinding ideology, you'll see that the mean time between a security issue being raised, and the patch being issued is a factor smaller than with IE
I just love the lame justifications: "Buh-buh... we fix our greater number of vulnerabilities FASSSSSSSSSSSTER". As if that's supposed to make me feel better about using a less secure product, in the first place.
for whom Microsoft not only does not fully disclose many vulnerabilities, and tries to mask them as Windows bugs
Example?
... they leave people in a state of complete insecurity for weeks, months and even years before finally patching that zero-day exploit.
Clue phone: ALL browsers have unpatched security bugs. It's just the nature of the beast.
http://blogs.zdnet.com/security/?p=37&tag=nl.e589
In 2006, IE was insecure for 284 days waiting for patches, where Firefox experienced just one 9-day period for that year.
Hilarious. And ancient history. You'd rather not talk about IE7 compared to Firefox, so you've scraped the bottom of the barrel to come up more than 2-year old IE6 data. Hilarious. Try talking about the latest browsers. It's a very different conversation.
As a computer doctor fixing messed up, virus-ridden machines every day, I *know* Firefox is more secure than IE, and the facts back it up.
Ooooooh. If you SAYYYYYYY so.... LMAO...
http://en.wikipedia.org/wiki/Appeal_to_authority
Secondly, IE is not standards based. It has standards tacked on.
Reference?
Try developing something serious for it, and then get back to me on how good it dealt with the standards.
I have. It handles HTML, Javascript, and other core technologies more or less the same as Firefox etc.
There's no native SVG
It doesn't come with a ham sandwich, a flat tire repair kit, or the Season 5 Seinfeld DVD, either. So, what's your point? SVG isn't part of HTML, Javascript, or CSS. It's an optional add-on technology.
... the Javascript implementation is a complete disaster...
Explain. Try to keep the foam in your mouth while doing so ...
... the DOM is still full of proprietary junk...
It's a superset of the DOM that you find on all other browsers, so it doesn't impede you at all.
The CSS engine still fails at the basics.
Example?
Member since:2005-07-13
As a computer doctor fixing messed up, virus-ridden machines every day, I *know* Firefox is more secure than IE, and the facts back it up.
Not that I'm an IE-proponent or anything, but let's step back for a second, just because you opened the door.
How do you *know* Firefox is more secure? What facts are you referring to? Have you scrubbed the code? Have you run it through pen tests? Can you cite the last major virus-inflicting vulnerability that involved either Firefox or IE that didn't involve a plugin, such as flash, or a site-based XSS exploit?
Like I said, IE isn't exactly my cup of tea, but let's not fall into cliches when dissecting it. There's much to not like about it, but frankly, Adobe scares me more than Microsoft does when it comes to browser vulnerabilities, or Google with the frequent cross-domain hacks that they seem to be constantly addressing. Because, let's face it, that's the direction the black hats are moving in. The browsers are fairly secure nowadays, regardless of who makes them.
Except maybe for Apple.
Uh-oh, did I say that out loud?
Member since:2005-07-06
IE8 is standards-based. You can embed content in your pages to provide compatibility with previous browser versions, but that isn't the default. So, really, what is your point, other than venting?
The point being made here is that someone shouldn't need to write any code to make their sites compatible with IE8 because it should have been done right in IE from day one.
Thanks for admitting that IE has been a clusterf*** for compatibility from the very first minute.
you'll discover (oh, the shock, the horror) that Firefox/Safari have had, in fact, far more vulnerabilities than IE7.
I love the way security problems are categorised in the Windows world ;-).
Further, for all those "advances" that Firefox has made, it's had remarkable difficulty getting plug-ins to work from one update to the next.
Has it? Hmmmm.
Opera is closed. Does that make it "crap", too? Nope, didn't think so.
The answer is no because it actually works properly, and doesn't make life difficult for web developers because they want to write code that locks you into their browser.
And what, exactly, is "proprietary" about IE8? Like Opera, it's built on prevailing Web standards.
I don't think you understand what proprietary means. Have you not picked up anything since you've been around here? You can't just pull the term 'web standards' off an MSDN blog and start shouting it from the rooftops.
Member since:2005-07-05
"Except that you really don't have any point to make. IE8 is standards-based."
As I said in a previous post, "We'll see". When I don't have to pull my bottom lip up over the top of my head and staple it to the back of my neck to get some Javascript or CSS to work right in IE, I'll stop calling IE a complete waste of time to program for.
"Compare the security records of Firefox, Safari, and IE7."
I'm not talking about using IE. I don't run Windows, so I don't use it. I have wasted many hours trying to get code that works fine in Opera, Firefox, and Safari to work right in IE though. As long as that is the case, IE is and always will be the town idiot.
"Opera is closed. Does that make it "crap", too? Nope, didn't think so."
Actually, that's debatable. I don't particularly like Opera from a usability standpoint. It is a good browser though. However, I am not talking about closed source. I am talking about closed, Microsoft-only ways that I have to interact with the browser as a developer. I don't give two hoots in poop what browsers other people use. I only care when a browser wastes my time as I'm programming and IE has definitely done that.
"And what, exactly, is "proprietary" about IE8? Like Opera, it's built on prevailing Web standards."
When, like Opera, I can write a web app without having to waste a bunch of time writing workarounds, I will stop calling IE a heap of poo.
Edited 2008-06-17 05:48 UTC
Member since:2006-01-06
I'm not talking about using IE. I don't run Windows, so I don't use it. I have wasted many hours trying to get code that works fine in Opera, Firefox, and Safari to work right in IE though. As long as that is the case, IE is and always will be the town idiot.
We're talking about IE8 here. Not IE7. Using IE6 or IE7 as the baseline for future releases is simply stupid.
When, like Opera, I can write a web app without having to waste a bunch of time writing workarounds, I will stop calling IE a heap of poo.
Again, you're using your experience with older browsers to formulate opinions about IE8. Not applicable.
Member since:2005-07-05
@tomcat
Oh, I forgot to comment on your statement regarding Firefox plugins.
I would MUCH rather uninstall old code and replace it with new that have the Firefox guys build in support for every previous version ever made. That is another one of the big reasons IE sucks. ActiveX support, for instance, should be dropped and dropped hard. It should have never been included in the browser in the first place. It was a bad, poorly implemented idea from the start.
In my opinion, it is always best to force people to migrate away from outdated technologies and "standards" like ActiveX.
Member since:2006-01-06
I would MUCH rather uninstall old code and replace it with new that have the Firefox guys build in support for every previous version ever made. That is another one of the big reasons IE sucks.
As soon as Firefox plug-ins start falling into disrepair -- and they already have -- this problem is going to get worse, not better.
ActiveX support, for instance, should be dropped and dropped hard. It should have never been included in the browser in the first place. It was a bad, poorly implemented idea from the start.
So is using Firefox plug-ins. It's binary code running in the browser. It's not that fundamentally different from Active-X. And, quite frankly, Active-X hasn't been an issue since IE6, because IE7 disables Active-X plug-ins by default. So, do try to catch up.
In my opinion, it is always best to force people to migrate away from outdated technologies and "standards" like ActiveX.
Rrrrrrright. Migrate to new outdated technologies like Firefox plug-ins. Nicccccccccccce....
Member since:
2006-01-06
Except that you really don't have any point to make. IE8 is standards-based. You can embed content in your pages to provide compatibility with previous browser versions, but that isn't the default. So, really, what is your point, other than venting?
Compare the security records of Firefox, Safari, and IE7. Unless you're one of those people whose ideology prevents him from objectively evaluating cold, hard facts, you'll discover (oh, the shock, the horror) that Firefox/Safari have had, in fact, far more vulnerabilities than IE7. Yeah, all of that bunk about browsing "safer" was just that: bunk. Further, for all those "advances" that Firefox has made, it's had remarkable difficulty getting plug-ins to work from one update to the next. I've lost count of the number of times that it's crashed; meanwhile, I'm told to get rid of my existing plug-ins before installing new updates, and then reinstall the plug-ins, afterward. Wow... remind me about all this newfound efficiency that I'm supposed to be seeing...
Opera is closed. Does that make it "crap", too? Nope, didn't think so. And what, exactly, is "proprietary" about IE8? Like Opera, it's built on prevailing Web standards.
Edited 2008-06-16 07:30 UTC