MIX 09: Microsoft Talks Up Security In IE8
In a keynote speech at Microsoft's MIX 09 conference in Las Vegas, Dean Hachamovitch, general manager of the Internet Explorer team, walked attendees through the advancements Microsoft has made in IE8, noting wryly that Web browsers are not only important to Web users and developers, but also to those who attack the Web.
Microsoft has engineered IE8 to withstand the multifaceted and constantly evolving attack methods employed by today's online miscreants, Hachamovitch said. While IE7 included an antiphishing filter to protect users from social engineering attacks, IE8 adds a 'Smart Screen' filter that also protects users from Web sites that distribute malware.
"On the Web today, bad things happen to real people in many ways," Hachamovitch said. "It's not just about fighting phishing and malware -- IE8 is the only browser with built-in protection from cross-site scripting and out-of-the-box protection against clickjacking."
In clickjacking, attackers sneak malicious code invisibly into the background of legitimate Web sites to harvest confidential data to gain control over users' PCs.
Microsoft has greatly improved performance in IE8, but it's hard to tell yet what impact the new security features will have in the real world, said Eric Anderson, CTO of Netanium Network Security, based in North Chelmsford, Mass. Netanium's testers have been kicking the tires on IE8 test builds for several months.
"The bloated and proprietary nature of IE makes it inherently difficult to secure, and IE8 will be sure to introduce vulnerabilities," Anderson said. "It'll be interesting to see what IE8-specific exploits and attacks come out in the next few weeks."
IE8 also comes with several new privacy features, the most talked about of which is InPrivate Browsing. Known in some circles as "porn mode," InPrivate Browsing lets users mask their browsing history, temporary Internet files, form data, cookies, and usernames and passwords.
The InPrivate feature of IE8, and the comfort and trust level many users have developed with Microsoft, should have a re-energizing effect on IE's browser market share, said Darrel Bowman, CEO of Tacoma, Wash.-based security solution provider Mynetworkcompany.com.
"If this is a really rock-solid IE8 rollout without the bugs and installation features and problems of past product rollouts, then there will surely be an uptick [in adoption]," Bowman said.