Internet Explorer 8

Microsoft has stepped up the battle to win back users with the latest release of its Internet Explorer browser.

The US software giant says IE 8 is faster, easier to use and more secure than its competitors.

“We have made IE 8 the best browser for the way people really do use the web,” said Microsoft’s Amy Barzdukas.

“Microsoft needs to say these things because it continues to lose market share to Firefox, Chrome and Safari,” said Gartner analyst Neil MacDonald.

Recent figures have shown that Microsoft’s dominance in this space has been chipped away by competitors.

At the end of last year, data from Net Applications showed the software giant’s market share dropped below 70% for the first time in eight years to 68%.

Meanwhile Mozilla broke the 20% barrier for the first time in its history with 21% of users using its browser Firefox.

Focus

The beta version of IE 8 was released last March and today the company has put out its first release candidate for the public. This is the last stage for the browser before it is finalised, although very few changes are expected.

Ms Barzdukas told the BBC: “What we are seeing for many consumers in particular is that their computing experience is a browsing experience.

Web publishers and online advertisers have in the past expressed concern over this feature because it could “frustrate the business model”.

“InPrivate Browsing” is also being touted as a major improvement which allows a user to start a browsing session during which the history of sites viewed will not be recorded.

Some bloggers have nicknamed the feature “porn mode” because it keeps online activity a secret and prevents those with access to a PC from seeing where other users of the same PC have been.

Online privacy advocates like the Centre for Democracy and Technology have called the features “a great step forward in terms of giving users more control”.

Defectors

So will this be enough to persuade defectors to return to the IE fold?

“Microsoft does have the advantage of its browser being shipped with its operating system so people that want to shift have to do a lot of work to shift,” said Mr MacDonald, a vice-president of analyst firm Gartner

“It’s an area the European Union is looking at and I will let the lawyers figure that out but I don’t think this will bring back the defectors. However it shows that competition in the browser space is good for innovation and good for the industry,” said Mr MacDonald.

The EU last week accused Microsoft of harming competition by bundling its IE browser with its Windows operating system.The Redmond-based company has said it is examining the preliminary finding and has not ruled out requesting a formal hearing.

Greg Sterling of Search Engine Land said if the product delivers, users will stick with it and others may well return.

“If this is a truly significant improvement, it will gain users’ loyalty and lure others back.

“At the end of the day if it has the functionality and features people want, they will respond to it. For those who have an emotional stake in this, and who like the idea of the underdog like Firefox, it’s unlikely to sway them,” said Mr Sterling.

Microsoft’s Ms Barzdukas refused to get drawn into the numbers game but said she is positive IE 8 will hold its own against competitors.

“We have long advocated providing choice to customers and respect people’s ability to choose.

“You can accuse me of bias, but I believe with IE 8 we will deliver the browser people will want to choose,” said Ms Barzdukas.

“The role of the browser has become more and more important. Our focus is on delivering the best experience possible and one that is faster, easier and more secure.”

To that end IE 8 offers performance upgrades to speed up page loading, new navigation features and tab isolation so that if you hit a bad site only that tab closes and not the whole browser.

WebSlices will give users a way to keep updated about a particular item on a web page like stock prices, the weather or an eBay auction.

Accelerators let users access Web services like maps or translations in a small window without having to leave the page.

“We believe with IE 8 much of the performance discussion is off the table,” said Ms Barzdukas.

Security

Microsoft is making much of its security enhancements, which Ms Barzdukas said makes IE 8 “hands down the most secure browser on the market.”

These include “InPrivate Filtering” which means users can see and block when a third-party content provider might be tracking their activities on the Web in an effort to target advertisements.

We’re going to be hearing a lot about Windows 7 over the next two weeks as Microsoft convenes its Professional Developers Conference (PDC) and the Windows Hardware Engineering Conference (WinHEC) — both in Los Angeles.

I recently discussed the five reasons why Windows Vista failed, and although Microsoft may continue to defend Vista as Steve Ballmer did at the Gartner Symposium on October 16, make no mistake that the company has already moved past Vista — psychologically and strategically.

Ballmer and company know that Vista has been rejected by businesses and that it has dreadful reputation among the general public. They know they screwed up. And Microsoft is nothing if not responsive to customers and public opinion. In fact, I’ve argued before that the company is actually hyper-responsive and that’s why they’ve crammed way too many features and way too much code into both Windows and Microsoft Office.

So how can Microsoft recover from the Vista debacle and breath life back into Windows? If nothing else, here are five things the company needs to do to start.

5. Speed it up significantly

One of the worst qualities of Windows Vista is that it is almost always slower than its predecessor Windows XP when running on the same hardware. And most of that performance drag is not simply due to the fancy graphics. Even if you turn off the Aero interface, Vista is still usually slower.

The problem is that the underlying Windows code is way too bloated — over 50 million lines of code in Vista — and even today’s ultra-fast multi-core processors can’t overcome that. The Windows development team has to find a way to streamline Windows 7 so that it’s faster and more stable than both XP and Vista, whether it’s running on netbooks and nettops with the Atom processor and only 1 GB of RAM or tomorrow’s 8-core machines with 10 GB of RAM.

That’s an extremely difficult task, but no one said this was going to be simple or easy. One way to start is by turning Windows into just the core OS and further modulizing it by making a lot of the other software such as the Media Center, Tablet PC, and Admin Tools available as downloadable add-ons.

4. Avoid compatibility problems

In the process of streamlining Windows 7, the developers can’t sacrifice software compatibility. One of the things that has killed Vista is that Microsoft spent so much effort trying making it more secure with User Access Control (UAC) that it broke a lot of software in the process.

You can argue that a lot of the stuff that broke in Windows Vista was poorly programmed to begin with and deserved to break so that it could be rewritten more securely. The problem is that not much of the software has been rewritten and the UAC approach has not worked because users get so many dialog boxes that they just blindly click OK until all of them go away. A better approach is needed — one that balances security and compatibility.

The other compatibility issue that Windows 7 has to juggle is the 32-bit vs. 64-bit split. While most modern processors are 64-bit, most of the software and device drivers are still written in 32-bit code. I’ve seen a number of PCs with 64-bit CPUs that have 32-bit Windows installed simply because it has better compatibility. I’ve also seen and heard about a number of business systems that have 64-bit Windows Vista installed, but are running into significant software and/or driver incompatibility problems.

Microsoft, Intel, and AMD need to lead the charge to get software vendors on-board with 64-bit before Windows 7 is officially released.

3. Undercut OS X on price

Mac sales have been growing much faster than the overall PC market and Mac OS X has continued to nibble away at Windows’ massive market share over the past two years. However, Apple showed the same chink in its armor that has long plagued it when it recently announced its new line of laptops and the cheapest one was priced at $999. The message being sent is that Apple wants to be a premium computer brand with high margins and has very little interest in selling low-margin, high-volume machines.

Over the next two to three years the lion’s share of the growth in computer sales is very likely going to be in the sub-$500 netbook and nettop market. These machines are essentially just glorified Web browsers in a diminuitive hardware package. The OS doesn’t matter much. As a result, Linux is a major threat to become the OS powering a lot of these machines, because of its minimal price.

However, with Apple relegating itself to the high end of the market and most users still not very comfortable with Linux, Microsoft has the opportunity to swoop in and deliver a Windows 7 that is fast and cheap and can run very well on these little machines, while also scaling all the way up to the fastest workstations. A lot of users and businesses would probably gravitate toward the idea of a common OS experience (and one that most users already know) in Windows, especially if the price is comparable between Linux and Windows machines.

The key here is making Windows very inexpensive and very scalable while preparing to sell it in larger volumes than ever before on the cheap machines that are going to flood the market over the next couple years.

2. Sell only one version

There were primarily two editions of Windows XP: Home and Professional. With Windows Vista, that doubled to four primary editions: Home Basic, Home Premium, Business, and Ultimate. It’s time to simplify and go back to just one version of Windows with one price.

This is a case of Microsoft just getting out of the way and letting Windows be Windows. Having just one edition of the client OS will make Windows 7 easier to understand, easier to purchase, and easier to support (for both Microsoft and IT departments).

Of course, the one version of Windows 7 needs to be cheaper than Mac OS X ($99), easier to use than Linux, and easier to set up and get started than any of the recent versions of Windows.

1.  Make it the last shrink-wrapped OS

The old way of building and packaging operating systems in shrink-wrapped boxes that are released every few years is just not fast enough or nimble enough to meet the demands to today’s Internet-driven computing environment. It’s also counterproductive for an OS maker because you end up competing against yourself the way XP and Vista are now competing against each other.

There’s only one Windows, and it has merely evolved over time. That’s the message Microsoft needs to drive home by making Windows 7 the last shrink-wrapped version of the OS. From here on out, Microsoft should simply make Windows a constantly evolving platform with new features and functionality enhancements added several times a year through Windows Update.

The business model would be to turn this into a subscription product, albeit a very inexpensive one. As long as you have a current Windows subscription then you can continue to download new features, patches, and updates. If your subscription lapses then Windows still works but you can no longer download the new stuff, or any add-ons, and you can only download highly critical security patches.

For enterprises that are currently using Software Assurance, they are already buying Windows as part of a subscription so there would be no change in the business model for them.  For consumers and small businesses who aren’t part of Software Assurance and typically buy Windows from OEMs such as Dell, Toshiba,  and Hewlett-Packard, the Windows license that comes with their PC could last for three years and then it’s up to the buyer to pay something like $30-$40/year to renew. For those who want to build their own system, a full version of the OS could cost something like $50-$75 for the first year.

Bottom line

Windows 7 needs to be fast, inexpensive, and widely compatible. Microsoft also needs to change the development and business models to make Windows one continually evolving OS.

Let’s face it, the OS is not as flashy as it once was. It’s also not nearly as relevant as it was a decade ago. The Web browser is gradually usurping its position as the most important application platform, as has long been predicted.

Because of that, Windows is at a crossroads where it could begin losing large chunks of market share to competitors that are better prepared to operate in this new reality, or it can greatly simplify its OS while turning into more of a background utility that makes good money off of a low-margin, high-volume business.

If it can pull that off and clearly communicate to businesses and consumers that Windows 7 is the start of a new approach to Windows then Windows 7 could be a watershed release. If Microsoft simply releases a mild revision to Vista and maintains the same development and business models, then Windows could become more vulnerable to its competitors than it’s been in almost two decades.

If there’s anything that Microsoft is telling its users, it’s to patch their systems, and fast.

After Microsoft released an out-of-band update for a critical Windows vulnerability that allows hackers to execute a malicious Internet worm on users’ computers, security experts are strongly recommending that users apply patches immediately. Specifically, the remote execution vulnerability allows hackers to write worm code—malicious self-propagating code that doesn’t require any user interaction—by crafting a special RPC request. A successful attack would enable the hacker to take complete control of a victim’s computer, and ultimately steal sensitive financial information from their victims. In addition, once a user’s system is affected, the malicious code has the ability to rapidly self-propagate and infect every other unpatched computer in the network.

The flaw, which affects almost every Windows operating system, is rated “critical” for many of the earlier versions of Windows, including Windows 2000, XP and Server 2003. However, the bug was given the less severe rating of “important” for Windows Vista and Server 2008.

Security experts maintain that the exploit code has actively been used in the wild, with exploits stemming from hackers who have already reverse-engineered the patch.

“The frightening thing to me is just how quickly the bad guys were able to turn out an exploit,” said Paul Henry, security and forensic analyst at Lumension Security, Scottsdale, Ariz. “I really think that speaks volumes about the necessity to deploy your patches very quickly, and very widely.”

Henry said that researchers detected malicious code designed to grab user credentials before encrypting them and sending them to a New Jersey-based server. Henry said that the malware has so far affected at least 3,600 users, but said that the number would likely increase significantly over the weekend.

Meanwhile, an advisory by San Diego-based Websense also alerted users that hackers have unleashed attacks by installing the Trojan Gimmiv. The alert noted that only 25 percent to 36 percent of antivirus vendors could detect the malicious exploit code.

In a blog posting, Microsoft security researcher Michael Howard contended that that the bug, which stems from a stack-based buffer overflow vulnerability, was difficult to detect due to its complexity.

“I’ll be blunt; our fuzz tests did not catch this and they should have. So we are going back to our fuzzing algorithms and libraries to update them accordingly,” he wrote. “In my opinion, hand reviewing this code and successfully finding this bug would require a great deal of skill and luck.”

Howard said that in the last year he had noticed that many Windows bugs, like the recently detected Internet worm, fell into the category of “onesey-twosies”—that is, complex derivatives of existing vulnerabilities.

“First the good news; I think perhaps we have removed a good number of the low-hanging security vulnerabilities from many of our products, especially the newer code,” he said. “The bad news is we’ll continue to have vulnerabilities because you cannot train a developer to hunt for unique bugs, and creating tools to find such bugs is also hard to do without incurring an incredible volume of false positives.”

Henry added that the severity of the flaw, emphasized by the out-of-band patch, underscores the need for enterprises to consider automated patch management technologies.

“The big gotcha is, unless you have automated methodology enterprise wide, you could be caught up in this because you’re not going to have enough time to patch your systems.”