Software giant Microsoft has outlined its planned security changes to Internet Explorer, which it wants to release sometime next year. IE 7 will have four classifications for Web sites: Internet, local intranet, trusted, and restricted. Users will be able to allocate security settings so that their browser will be tougher on sites it knows nothing about, but will be pretty lax with sites that you know are safe. For example, you could decide that it was perfectly safe to let you run Active X controls on a nice site like the INQ, but not on a risky site which is likely to be spoofed such as www.microsoft.com. According to the "bogs" of Microsoft engineers Vishu Gupta, Rob Franco, and Venkat Kudulur, here, when a PC is not on a managed corporate network, IE will treat apparent intranet sites as if they were on the Internet. D'oh. This will remove the attack surface of the intranet zone for home PC users, they think. If a machine is running on a domain, IE 7 will automatically detect the intranet sites and revert to the intranet zone settings. Network administrators will be able to set group policies to ensure the browser runs as desired. When IE 7 runs in Windows "Vista", the Interweb zone will run in protected mode which will stop it being taken out by most of the attacks that have turned over IE6. Of course the downside of all this is that it will require home users, who have probably just worked out how to install software using default settings, to configure the whole setup properly. We hope you've got all that. Article - The Inquirer
Their security zones didn't work out very well for IE 5.5-6.0, let's hope they do a better job with these (newly?) implemented zones. I wonder if it blocks Flash and Java like NoScript for Firefox, or only ActiveX like older versions of IE.
Well, if this is the only improvement they can make, Microsoft are in trouble and they are practically handind Firefox the prize! I don't see much use of this for regular home users, which is where the money is.
Internet Explorer 7 for XP will have a lot less going to it then IE 7 for Vista. I for one, found the internet zones useless and confusing at best. Microsoft seems adament to keep to these silly zones. I don't care how secure it is supposed to be, I guarantee that within a few months of it's release, exploits & holes will be found. After all, wasn't IE 6 suppost to be the most secure browser available at time of release! I think i'll stick to Opera or Firefox thankyou..
I totally agree. I don't care if IE allows me free access to a library of thousands of DVDs, I am holding a grudge for the hours I spent removing spyware and viruses before discovering other software.
Not only that, but IE7's new security features are so far less than impressive. It's a beta right now, so we'll see if they actually do get it locked down by the final release. Somehow I doubt it.