So, its official. Internet Explorer 8 was released over the weekend. Several sites I have worked with are already scrambling to make sure they are fully compatible (there are some changes between IE 8 RC and the final version apparently) or at least displaying properly in the new, "more standards compliant" browser.

What issues have you seen so far? Have you gotten your site working, or are you taking the easy way out and forcing IE8 to run in compatibility mode?

I have noticed that microsoft.com will only run in compatibility mode.

__________________
The best way to learn anything, is to question everything.

I'm unable to download it. How can i know how my site fares in IE8?

__________________
Download Free DVD Movies || Cold Sore Treatment ||
Best eBooks & Software Downloads ||

I just posted instructions on configuring IE 8's compatibility mode on a site-wide basis here: Configuring Servers for Internet Explorer 8

__________________
The best way to learn anything, is to question everything.

One option might be to install Microsoft Virtual PC with a virtual Windows hard drive. You should be able to install IE 8 on there and test that way. I am not sure if any of the browser comparison services support IE8 yet.

__________________
The best way to learn anything, is to question everything.

I have just bought a laptop with IE 7.0 (my favorite is still 6.0 for very special reasons - handling favorites). I think I will download it to my laptop giving it a try.

But remember, I shop on line using Opera with a master password.

1. What about security? Do MS still use the far from secure old:
   
   security zones model?
2. What about ActiveX controls?

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

What is the security risk with IE's security zones model?

Active X controls still work in IE 8, although they are now locked down much more than in IE7.

__________________
The best way to learn anything, is to question everything.

If you are on a mac - use LitmusApp.com - you'll have to pay the monthly fee to have access to IE 8 but it's really reasonable plus it'll test your page in a ton of other browsers. I've used them in the past during development and it works great.

__________________
Jennifer Gleason,
Gleames Creative Design
Website Designer in Nebraska

Dagnabit. So now we have to juggle three different versions of Internet Explorer? Just when IE7 browser usage was starting to edge ahead of IE6, in comes a new kid on the block.... (*groan*).

__________________
Free MySpace Layouts - MySpace DIV Layouts - Twitter Backgrounds

Well, it doesn't seem to support canvas, svg or anything really important (to me), so IE will continue to be banned from my site. :/

Wow. You can afford to do that? You must have some devoted following..

__________________
Free MySpace Layouts - MySpace DIV Layouts - Twitter Backgrounds

IE 6 was the worst Microsquash had to offer. Hopefully all who still cling to that piece of sausage software will at least try and progress to 7.

I don't plan on looking to test on 8 till some major corps deploy on their networks.

Drop your idea that you need to support IE 6. Most corporations and sites are following this policy.

Unfortunately, IE6 is still the predominant browser on the web. If you want to be seen, you still need to support it. If you want to cram your head into the sand crying 'standards, standards, standards' be my guest.

Newer browsers are primarily distributed through OS upgrades and new system sales. Between Vista's bad press, and the slowing economy, both have sucked, leaving IE6 the defacto standard.

I know you won't like it, but there it is!

__________________
Accept Credit Cards Anywhere!
www.merchantanywhere.com

So far, so good: My "normal" browser is Firefox 3.0.7 but I have installed the released version of IE8 to replace IE7 on WinXP Home SP3. (I've been using IE8 Beta 7000 on Windows 7 Beta 7000 for a while.)

So far, I've had no problems with IE8. Although one of my web-sites which is hosted on MS Office Live seems to switch IE8 automatically into its "IE7 Standards Mode."

I use few plugins, but IE8 is happily using my Flash 10 and Silverlight 2 plugins. During installation, IE8 also offered to import "Favourites" from IE7 and from my other browsers.

Amongst other things, IE8 provides a set of handy "Developer's Tools."

__________________
Comfortable accommodation in the Blackdown Hills, Devon, UK.
Dickwella, Southern Sri Lanka: Relaxing stays; fascinating excursions.

Not anymore, according to W3
2009 IE7 IE6 IE5 Fx Chrome S O
January 25.7% 18.5% 0.6% 45.5% 3.9% 3.0% 2.3%
February 25.4% 17.4% 0.8% 46.4% 4.0% 3.0% 2.2%
I'm sure there are other stats that will say differently...

I downloaded I Installed it and I kicked it to the curb, screen freezes, all sorts of nonsense. All my websites are purposefully stone age in design, so I don't have to worry about cross platforming too much. But on the user side......I HATED IT!

__________________
Web Geek http://www.sjvwd.com
http://www.arthurspools.com

They are? Gee I never got the memo. W3C browser stats still peg a 17%+ usage for IE6. That's significant. I'm likely not to be dropping support for it until it drops somewhere down near 5%.

__________________
Free MySpace Layouts - MySpace DIV Layouts - Twitter Backgrounds

W3, you mean W3Schools Online Web Tutorials, the Norwegian site mainly relevant to Webmasters and not the general surfer. It is not representative IMO.

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

I design mainly in Flash.

Past, present, future and cross browser compatability.

__________________
Employment & Education - Docemus.org
Hype Energy, Red Bull, Monster at Enerealm - "Declare your energy independence"

I'm now using 8 on my main machine (Vista) & my laptop (XP) and I have to say I'm pretty impressed with its functioning. No problems so far, except getting the download to work each time.

So much so, that I'm now trialling IE as my default altho' I've been with Firefox since 0.8. FF has grown very buggy and I'll probably still use it but IE8 has surprised me.

Steve

I have to agree with Kgun. The W3 stats are for visitors that are generally web teck savvy and many are early adapters.

Checking one of my general public client websites that gets about 7000 visits per month, the browsers avg about 46% IE7, 28% IE6, 14%FF, 4% Safari, other...

__________________
Maryland Website Design Solutions

I remember specifically keeping my eye on when more visitors were using IE7 over IE6 and it was quite some time ago.
I'd like to say well over a year ago.

There are still a significant # of IE6 users.

my stats for the past week.

38.00% MSIE 7.0
23.40% MSIE 6.0
22.20% Firefox 3.0.7

__________________
Laundry Bag Store Online
Laundry Bag Lots

Yeah I'm showing similar results at my sites. IE6 & IE7 at 60% (IE7 42.6%, IE6 17.5%), FF 1.x at 27.5%, and 2.5% for IE8. What is odd is FF 2.x is only .2%, that's POINT 2%, and nothing listed for FF 3.x. I'm wondering if FF 2 and 3.x users are using a stats blocker.

__________________
God Bless,
-Clint
(Join Date: 2003)

I have tested the IE8 beta and seems like my websites are not aligned with it. So, I revert back to IE7.

Guess I will have alot to do when I go for IE8. I wonder if I redesign all my websites to suit IE8, will IE7 appears the same?

__________________
Create Wealth & Fortune | Signup Free Email | MLM Business

That's what some were afraid of. For the life of me, I can't understand why when a new browser comes out, it has to send site owners scrambling to try and find out what causes the "incompatibility issues" then trying to fix them. Why the hell can't they come out with a browser that is compatible with all sites???? That's irresponsible, but that's also nothing new for M$.

Is your site plain basic HTML, or do you use something else on it? What exactly is the problem?

Wow, this is unacceptable: You think Vista is bloated? IE8 consumes more RAM than all of XP - VISTA.BLORGE . That was back in Sept. 08, I wonder if any of that has changed?

__________________
God Bless,
-Clint
(Join Date: 2003)

Doe anyone know of an IE emulator or simulator where one can check their sites to see how they look in IE8? Thanks.

__________________
God Bless,
-Clint
(Join Date: 2003)

I have 100+ sites and have yet to ask my designers to have a look. Anyway, since it is new so I am in no hurry to jump into making changes. It will be a huge task to check each and every one of them.

__________________
Create Wealth & Fortune | Signup Free Email | MLM Business

I am wondering if anyone knows if IE8 is a simaltaneous install or if it overwrites previous version? How can we test in IE8 and verify IE7 (and IE6)? I have a utility that allows me to run IE 5.0, 5.5 and 6.0 while running 7 as my main install, but as you can see, 5.0 and 5.5 are passe.

Has anyone else found a good approach to this issue other than accumulating multiple machines?

Thanks,

Dawn

I'm wondering that as well, also if it's easy to uninstall without typical M$ issues.

__________________
God Bless,
-Clint
(Join Date: 2003)

Google it.

One litterture reference:

"AJAX and PHP" ISBN 1-904811-82-5,

especially chapter 3. A long discussion there.

I have aslo read about it elswere without remembering the sources:

IE's Security zones are not secure. It is false security. What makes worse is that the word "Security" is used.

If that model is still used in IE 8.0 it is not secure. And it may be very difficult to change because:
1. So many work on IE's code. Few if none have the overview?
2. The code is so big. Other browser companies may say unnecessary big. Minimalism has never been Microsofts principle is my impression. That may be much more important for a Web browser than for other software.

FF's permission based security model is more secure according to what I have read.

Very few know Opera's security model. I will be very surprised if encapsulated classes is not used. That is of course only one aspect of their security model, but it is important to deny public access to some state variables or properties if you prefer that word.

As I have written repeatedly here at WPW, I soon urged my children to use Opera. Finally my oldest daughter and her family installed and started to use Opera. Since then, they have had no problematic virus attack. Before that I had to constantly fix their computer for infections.



With my information in march 2009, I would only recommend Opera to

• buy online.
• log into your bank account or other sensitive sites

with a master password. I woul only reccommedn Opera for a surfer.

We may still disagree on this point. Nobody has convinced me so long to change

my priority

For God's sake no. Problems with a site may indicate serious concerns.

Example: Opera may give you a warning on SSL where other browsers are silent.

The new trend in security exploits is the silent hackers that infect what was believed to be a secure and reliable site.

Opera's overall seucrity principle regarding their browser: "Don't rely on any internet page."

Extremely important thread: Cisco 2008 annual security report::: The invisible hacker.

Read it. It may open your eyes.

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

Well, I am not looking to start a browser comparison here, I am curious about this aspect of IE. From what I have read, most analysts see security zones as a good thing. So good, many other browsers use the same method - Firefox 3 even uses the exact same method. And to the point that to change security zones for Firefox 3, you have to open Internet Explorer to edit the settings. The benefit of this is that a company can lock down all but very specific list of trusted sites, and push that setting out to every computer on the network, and have it honored by IE and Firefox.

Yes, there was a bug about three years ago, which affected IE 6 only, which caused some sites to be able to force themselves into a lower security zone. However, beyond this issue I haven't seen any reference to any vulnerabilities or problems arising from the use of this feature.

__________________
The best way to learn anything, is to question everything.

I think you misunderstood my post. It's ridiculous for M$ to come out with IE5, 6, 7, 8, etc., then each time site owners "scrambling to try and find out what causes the 'incompatibility issues' then trying to fix them." I'm talking about the way a webpage looks; layout, aligned, fonts, etc. Just like Edhan mentioned: "I have tested the IE8 beta and seems like my websites are not aligned with it." So he, and everyone else with that or similar issues, has to spend X hours trying to fix it, all because IE8 doesn't display like IE6 (or 7).

__________________
God Bless,
-Clint
(Join Date: 2003)

That is the concern that Microsoft was trying to address in IE8 - webmasters complained that IE did not follow the standards and display pages the way they display in Firefox, Opera and Chrome. IE 8 now uses a rendering engine that is more standards compliant, and which should display sites the way they would be displayed in other browsers.

The problem is, in order to correct for the quirkiness of previous versions of IE, sites were designed with certain CSS hacks and other workarounds that would cater to IE to get the page to display. These methods detect the browser as being IE, and give different style rules. Now that IE does not need these tweaks, the fixes break the site in the new version of IE.

Basically, because Microsoft did what webmasters demanded, and made a browser that actually tries to follow the standards and work like all the other browsers, they broke those same webmasters' sites.

__________________
The best way to learn anything, is to question everything.

1. Did you search for: Internet Explorer security model?
2. Did you search for: Internet Explorer security zones?
3. What is a trusted internet site?
4. Once more I refer to that report by Cisco.
5. What about Opera's overall security principle. Don't trust any site on the internet?
6. Can that be reflected in the browser software?
7. That you introduce security zones does not make a browser secure. It is false security.

Does that mean that the HTML canvas element is implemented?

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

1. Yes. It gives the same list of reported bugs that you get when searching "Firefox security model" and "Opera security model", including this report on why Opera's cross-domain script protection has a flaw in its design: Opera's Security Model is Highly Vulnerable

2. Yup. All that I could find was a bug from a few years ago, instructions on using and configuring zones, and questions on why Opera is the only browser that doesn't allow sites to be further locked down or trusted.

3. A trusted site is one that is allowed to run unsigned applets. Less secure than the default, it is intended for LAN sites, or download sites that the user expressly trusts. It is rarely used. More often, I see users putting sites in the Untrusted group, where script execution is disabled, and a variety of other external content is blocked.

4. Related to that report, a recent study found IE 8 to be the most hardened browser against malicious web sites (Web Browser Security - Socially Engineered Malware*-*nsslabs.com), with Firefox coming in second. Opera was dead last, and Chrome was... confusing.

5. Opera may not trust any site on the Internet, but it lets them do anything they want on my computer. And why does it trust it's widgets so much they can connect to sites on their own, download files in the background?

6. Not sure what you are asking here.

7. The introduction of no feature will make a browser secure. The proper implementation of a feature such as security zones can make a browser more secure however.

How can security zones improve security? Lets say for a company intranet, employees need to use a particular plugin. Rather than enabling these plugins for every site on the entire Internet (Opera, Chrome, Safari), you can enable that plugin only for the trusted Intranet site(s) (Internet Explorer, Firefox) without exposing your browser on other sites.

In addition, when accessing potentially risky sites, you can quickly and easily mark them as untrusted, disabling many client-side scripting features without disabling them when browsing the web in general.

As far as the HTML canvas element, there do not seem to be plans to support it at this time. In fact, IE 8 breaks most of the hacks, as they moved away from the VML support that had been included since version 5. There are a few messy hacks to re-enable it, but they can be inconsistent.

__________________
The best way to learn anything, is to question everything.

That version of Opera is most probably on the museum. The article was written in 2003 and the flaw observed in november 2002. I could have draw your attention to n flaws in IE after that date? You have even mentioned some here in your own posts.

I have not looked for that functionality in Opera, since I don't use it.

1. Are you sure?
2. Have you tried opera:config in the address field?
3. Have you asked on their forum / support?

So a socalled "trusted" hacker infected site is no problem? For the n-th time, Operas overall principle as far as I have understood it is:

"Don't trust any site on the internet."

• Would you recommend that the US intelligence or military relied on manual observation by eye?
• Would you say, that we have categorized all potential threats and put them in a separte zone, so there are no problems with our security?

"Don't trust any site on the internet." That is nothing more than other words for Cisco's conclusion in the above cited report (See link). The Browser shall warn you about a non secure SSL Certificat etc. How the browser renders the code on the specific URL / site is the key. I don't know the code of the different browsers, but have experienced that Opera gives a warning where other browsers are silent. You have to take the decision. Don't say that we did not warn you if you buy on this site.

Can you give a summary of the conclusion. If not I have to and should read the report when I have time. But as you are aware of there are n such reports, some more objective and professional than other reports.

That is the problem with all software you install on your computer. I have my own opinion on who are hardest on ads and forcing software on new computers. My last computer came with pre-installed software from (in alphabetical order):

• Google.
• McAfee.
• Microsoft.

According to my Norwegian dealer, I had no option to choose some of them away. I have to delete the software myself. Personally, I would prefer to:

1. Choose away some of the software and only keep the OS.
2. Download my preferred browser.
3. Hopefully that would be cheaper.

I live in Norway, my preferred browser is made here, but I am forced to choose another as the default browser, deinstall that myself and download my preferred browser. I can promise that you Americans would never accept that. Is it fair trade? The installation of Opera by my family have saved time and much frustration. Time is money. No single infection after Opera were installed. Children use that computer.

I have written about it above. To repeat. In 2009, you don't rely on a security model "where you have categorize sites yourself". Why is it called security zones? I don't buy that ad. Why is it not called blocked / allowed sites?

Security zones is false security. Security zones give a wrong impression. It should be called blocked / allowed sites. See above regarding what I write about opera:config. Have you an overview of every aspect in Opera:config?

You have not convinced me about IE's / FF's ability to block / allow sites. You have not convinced me that IE / FF are better to render code / markup and warn me about potential threats. And since you mention FF, their security model is privileges based.

I look forward to version 10 of Opera.

P.S.
The ease of blocking pop up's was the main reason why my son installed Opera. It is still his favorite browser. Which browser would you recommend for disabled persons?

I doubt that many surfers know how to configure any browser. I think even fewer know how to put sites in a separate zone. The default configuration of a browser should be secure. A browser should warn you about potential threats like non secure SSL certificates on an eCommerce site. In addition, I have a master password set on SSL certificates on my bank account. I have not seen that option so far in any other browser than Opera.

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

Can anyone answer these please?
Internet Explorer 8 Released
Internet Explorer 8 Released

__________________
God Bless,
-Clint
(Join Date: 2003)

Finally I had time to read that report.

1. What is IE 8 SmartScreen? Ad like security zones or a really smart option that is used by default and easy to use for the average surfer?
2. There is a saying in finance: Lift your eye brows when new fancy concepts are introduced and the format and the colors of the report is the foccus rather than the text. IE SmartScreen and a security report with big headings and fancy colors and logos for other companies at the bottom. I am sceptical to say the least.
3. Who has security sertificated that company?
4. IE 7.0 has the old setting of security level to medium by default. I assume IE 8.0 has the same.
5. Not a single word about the configuration of the various browsers.
6. It is very difficult to control the report, since no data are reported.
7. As explained in my posts. There are a lot of such reports, some give a more professional look than others.
8. It did not impress me? Did it impress you as a WPW moderator that many listen to?
9. I have my own rank for Pc's:
10. 
    Opera.
    FireFox.
    IE
    Chrome. (It is too new to know so much and the source code is open - you
    don't publish your security model to the whole world).

Generally, when a big company like Microsoft launches a new browser, it is not surprising if it is intensely tested for the latest malware. Personally, I don't see that as the most important security aspect of a browser. Security related to my bankaccount and my online shopping is most important. Other browsers are silent where Opera warns you. Microsoft have a policy of not updating their browsers so often, IMO for natural reasons. It is a monster / dinosaur code, that is very inefficent and difficult to upgrade on a regular basis. So the above test is a least biased towards this fact, the time of testing. What about a similar test, some months, a half or a year from now? Opera continually updates their browser by live updates. FireFox is also updated relatively frequently. FireFox is a good browser for WebMasters, because of the many plugins. That fact also makes it more vulnerable, since you export your security model to a third party. For that reason, I never reccommend FireFox to a surfer or one who buys online. I reccomend Opera to the surfer and that has been an exellent strategy so long.

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

I notice you didn't mention the fact that the study was completely paid for by Microsoft.

I take the study with a few grains of salt. However, it does bring up some interesting points. One of which is that all of the browsers (Firefox, Opera, Chrome, Internet Explorer) use the same list of malware sites, which is maintained by Google. However, each browser then does something different with that information when deciding how to handle content on the site.

__________________
The best way to learn anything, is to question everything.

I thought: "Who have paid for that report?" but did not write it.

Garbage in garbage out, research for the trash can.

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

Well, I definitely do not feel that IE is by any means a secure browser. I am just not willing to say "Opera is a secure browser" just because it has less reported vulnerabilities than Firefox. It also has a small market share, making it less of a target. It is largely untested, and until it becomes a target, no one can vouch for it's security.

I meant to expand on that link a bit, but forgot to go back to it. That is the latest information I have been able to find about Opera's XSS prevention model. I haven't been able to find any newer information on their site or through any other sources. Do you have any later information on that component?

I haven't asked, but I have seen it asked. The answer appears to be that enabling and disabling different types of scripts is done browser wide as a global setting. There is no way to disable these scripts on a per-site basis.

Let me try to address the security zones issue with a few examples. Suppose that as a typical user, I browse the Internet with the default browser settings. Now, I come across one or two web sites that have a very annoying Javascript that plays a horrible, horrible animation when I visit. With IE, I can mark those sites as untrusted, and javscript gets disabled on those sites. With Opera, my choices are live with it, or disable Javascript on every web site on the entire Internet.

Or to look at it another way, lets say I find out there is a vulnerability in Flash. Any time I load a Flash applet, I might be opening a vulnerable app and exposing my system to compromise, and there is no patch available yet. So, of course, I disable Flash in my browsers. But, there is one signed Flash app I need to access, so I add that site as trusted, and enable the download of signed Flash apps to the trusted sites zones. This way I don't need to change my settings every time I go to that site. (Of course, I'd be more likely to just delete Flash entirely until a new version was released, but this is just an example.) Of course, this is kind of moot since Opera doesn't allow for disabling Flash anyway.

I haven't seen any browser not warn about SSL problems. Well, ok, I have had users make me disable the warnings about mixed content for a specific site (another use for trusted sites - add the one site that gives a problem warning that is erroneous, then disable the warning for sites in that zone, and put all other settings back to default).


Yeah, I'm really going to trust someone else's blacklist implicitly... Anyway, you are not blocking or allowing sites. That is done in the blocked/allowed sites section. You are simply disabling more features on sites you don't trust but have to visit.

I agree. The default configuration of a browser should be secure. However, the defaults for enabling javascript, enabling active content, and enabling plugins are similar across the three majors. It is just Opera that limits your ability to increase the defaults. You can't just turn of javascript for some sites, you have to turn it off for all sites. When you turn it off for all sites, you can't then turn it back on for some sites.

As far as the master password, two questions actually. How does that make you more secure? And if the login page changes for a certain site, and you forget your credentials for that site, how do you get your password back?

__________________
The best way to learn anything, is to question everything.

Fast answer, I have to leave. I may come back with more comments later.

1. Of course there is no secure browser.
2. A master password is not security by obscurity. It is as I have understood it, an extra security layer.
3. I can not answer your last qustion since it has never happened to me personally.

__________________
Mini Network:: Financial information at your fingertips
Learn object oriented programming where it started

Sorry, friend we don't like internet explorer.

Obviously millions do, and this thread is primarily intended for those.

__________________
God Bless,
-Clint
(Join Date: 2003)

Yeah!I think that guy certainly at the wrong place! This thread is not for discussion like or dislike His sound like spammer more then comment.



Thanks WIGE for the reply.

At times I find it "amusing" how Linux & Mac users totally despise Windows, and how FF or Safari, Opera, etc., users totally despise IE. But I do get tired of the bashing, not if but when, it turns into that.

Personally, I'm not crazy about either one (IE or FF), both are flawed. But I use IE(6) most of the time because I find it so much faster than FF, and it's compatible with more websites. But sometimes some sites won't work in IE and I have to go to FF.

I don't understand why someone can't come out with a browser with the speed and general compatibility of IE, but with all the plug-in options of FF and (so far) greater security if FF. But that security benefit of FF is waining.

__________________
God Bless,
-Clint
(Join Date: 2003)

IE8 has been released but i am still using firefox because for me it is simply the best browser

That of course is a matter of opinion. FF has loads of problems for me, that IE has never had.

__________________
God Bless,
-Clint
(Join Date: 2003)

What happened to this post?

I'm curious to know as well. And I doubt you'll find a webpage with a side-by-side comparison.

__________________
God Bless,
-Clint
(Join Date: 2003)

IE8 has alot of improved features, but alot of pc's don't switch over well to the new browser, and end up having to go back to whatever browser they were using before.