Category: Web Browsers

Posted on
by

Well, it’s official. After months of rumors and vague announcements, Netscape 7.2 has been released!

It’s been just over a year since AOL closed down Netscape and spun off the independent Mozilla Foundation. Despite the uncertainty of that transition, no one can deny that Mozilla has flourished. People everywhere are switching to Firefox and recommending it on security, usability, and capability grounds.

It’s really quite surprising, particularly since Netscape the company no longer exists. But Mozilla has been marching ahead, and all that stood between AOL and an updated Netscape was updating their proprietary features, like the AIM sidebar and access to AOL email, to work with the new Mozilla code.

For the past year, I’ve been advocating that people switch from Netscape to Mozilla, since it seemed the best upgrade path. (Someone on Mozillazine pointed out that AOL is actually promoting the Mozilla connection — an interesting switch.) I’ve been skeptical about the new version actually materializing, but here it is.

I’m going to stick with Firefox myself, but for Netscape fans and those looking for the full browser suite (complete with AIM/ICQ)…

  • Download Netscape 7.2

Posted on
by

Great. Just great. Now there are ad networks using banners to install malware.

The article from Netcraft goes on to say that some phishing attacks are using banners to install keystroke loggers and other spyware. So now, just by using an insecure browser* to click on the link in a message claiming to be from your bank can make it possible for hackers to steal your passwords, credit card numbers, etc., even if you realize the site’s a scam and don’t fill in the form. Fun, fun, fun!

Time to look into those alternative browsers again…

* Yes, security holes have been found in Mozilla, Opera, etc. With the rise in popularity of Firefox, some attackers are starting to target Mozilla. But aside from looking at the sheer number of holes in IE compared to other browsers, just about everyone seems to have a better track record at fixing vulnerabilities than Microsoft does.

Posted on
by

Some people browse collections. I collect browsers. Mostly I just want to see what they’ll do to my web site, but I have a positively ridiculous number of web browsers installed on my Linux and Windows computers at work and at home, and I’ve installed a half-dozen extra browsers on our PowerBook.

One project I’ve worked on since my days at UCI was a script to identify a web browser. In theory this should be simple, since every browser sends its name along when it requests a page. In practice, it’s not, because there’s no standard way to describe that identity.

Actually, that’s not quite true. There is a standard (described in the specs for HTTP 1.0 and 1.1: RFC 1945 and RFC 2068), but for reasons I’ll get into later, it’s not adequate for more than the basics, and even those have been subverted. That standard says a browser (or, in the broader sense, a “user agent,” since search robots, downloaders, news readers, proxies, and other programs might access a site) should identify itself in the following format:

  • Name/version more-details

Additional details often include the operating system or platform the browser is running on, and sometimes the language.

Now here are some examples of what browsers call themselves: Continue reading

Posted on
by

CNET posted an article today, Concern grows over browser security, about the rise in browser-based attacks (mostly spoofed sites for phishing, but also attempts to install viruses and other malware through web browser security holes).

What’s interesting about the article is that nowhere does it mention Mozilla, Opera or Safari.

Could it be that attacks through these browsers are less common than attacks through Internet Explorer, even adjusted for market share? (Sure, IE has more than 90%, but there are a lot of people using the others.)

Or could it be that the author has succumbed to the “Web Browser = MSIE” belief?

If nothing else, you’d think that their statistics would have a bit more information, but it’s a single number for “browser” attacks. Nothing more detailed than that.

To be fair, the press release doesn’t provide any better numbers. In fact, it mentions no browser by name at all. (One can hope their data is a bit more detailed, but the purpose of the study appears to have been to identify trends in types of attacks, not in the software targeted.) And yet IE is the only browser CNET mentions, despite the alternatives’ better security records.

Posted on
by

OK, that may be a bit melodramatic, but there are two interesting and complementary bits of news:

The Mozilla Foundation was announced as a non-profit that will be the new home for Mozilla. AOL has donated $2 million for start-up funding, and various other companies have announced plans to support it.

AOL is dismantling Netscape. Some people are being laid off, others are being reassigned. Many of them intend to keep working on Mozilla, either for the Mozilla Foundation or on a volunteer basis. Heck, Dave Hyatt has kept contributing despite working on Safari for Apple, and I’m fairly certain I’ve seen Ian “Hixie” Hickson on Bugzilla since he started at Opera.

Pros: Mozilla will be fully independent. No more choosing the lesser of two evils (Microsoft vs. AOL)! The last few versions of Netscape have been pretty redundant anyway, and Mozilla has been making a name for itself over the past year.

Cons: Certain drop in funding, possible drop in confidence, likely drop in visibility (or at least name recognition). Mozilla’s already going through a transition period in terms of the project architecture (from monolithic suite to separate components using a common base). And news sources that don’t understand the implications of open source, or don’t connect the first announcement with the second, are going to assume Mozilla is disappearing as well.

Other projects (Apache, Gnome, KDE, and of course Linux) have shown that you can keep a resource-intensive open-source project going. I don’t know how rough the transition will be, but I have no doubts that Mozilla can keep going.

Posted on
by

The new beta of OmniWeb uses Apple’s WebCore, the Konqueror-based code used to display pages in Safari.

What makes this so interesting is that OmniWeb was the first web browser designed to really work with OS X. IIRC MS really didn’t do much to IE except add the compatibility code and change the icons.

A lot has been going on in the web browser world over the last year and a half. Sure, the Browser War has been declared over, sure, Netscape has been declared dead time and time again, but IE has been stagnating ever since it “won.” Except for bug fixes, Microsoft hasn’t released a new version of IE for the Mac in over three years, or for Windows in almost two. They’ve declared they won’t be continuing IE on the Mac at all, and there’s talk of tying future Windows versions directly to the operating system, so that you can’t upgrade IE without upgrading Windows.

With the free availability of Gecko, the rendering engine that Mozilla and Netscape use to display pages, projects to develop web browers were springing up everywhere. People were trying out crazy new ideas like tabbed browsing (not the same thing as MDI), which proved popular enough it ended up back in Mozilla, where it became the most popular feature. Now every major browser but IE has it.

Now, the same thing looks to be happening with KHTML. What started out as a way for the KDE file manager to display web pages has become a very nice web browser, and since (like Gecko) it is available under an open source license, anyone is free to develop their own browser around it. Apple built Safari on top of it, making improvements where necessary, and made it easier for other Mac applications to use the same code. OmniWeb brings the number of KHTML browsers to at least three, and I suspect more will follow.

IE will probably continue to rule the statistics as long as Microsoft controls both it and Windows, and as long as Windows remains dominant on the desktop. But the innovation has moved elsewhere, and there are at least three other major browser types out there (Gecko-based, KHTML-based, and Opera) that can display pages very well, thank you.

With luck, this may begin moving us back to a platform-neutral Web, as it was originally intended.