Wednesday, April 22, 2009

IE8 and why I am going back to being a late adopter

When I was growing up, I planned on being an early adopter before the term had been invented. But the reality hasn't panned out that way. Maybe it's because they never came out with the watch phones and jet packs I wanted. Or maybe it's because I'm frugal. In any case, I carry no cell phone, my Windows XP machine is running Microsoft Office 2000 and nothing I own has a GPS in it.

So it was a little odd that last month that I decided to upgrade from Internet Explorer 7 to Internet Explorer 8 without waiting for experts to tell me that the bugs had been worked out.

IE8 has a bunch of new features I like. But...

Until today, for me, and based on my internet searches over the past month, for quite a number of other people, IE8 did not have a "find on this page" feature. You know, the basic crtl-f "find". Like if you're on a complicated page and want to find the link for "contact us", you couldn't do a search for "contact".

I found the answer at The Winhelponline Blog, not at a Microsoft site. Microsoft had me doing a bunch of things that accomplished nothing but waste hours of my time.

So now IE8 is working, but there is still something that bugs me.

I use the security setting that causes IE to tell you when you are on a page that has a mixture of secure and insecure content.

Probably I should find a way to have it not tell me this, because it never tells me that either "nothing on this page is secure" or "everything on this page is secure", only when it's a mixture. If I don't need to know in the all or nothing cases, why do I need to know in the mixed case?

But this is not what's bugging me about IE8. In IE7 and earlier versions, when this situation occurred they said "This page contains both secure and nonsecure items" and and asked "Do you want to display the nonsecure items".

To see everything, you clicked "yes".

In IE8, they ask "Do you want to view only the webpage content that was delivered securely?" And then give an explanation about some content not being delivered by a secure HTTPS connection.

To see everything you click "No".

Now every time the message comes up, I read the question, then the explanation, and then go back to read the question because the explanation made me forget that "No" is the answer I want to give. Maybe this is good exercise for my neural pathways and it's preventing Alzheimers but it makes me cranky.

Eber Irigoyen blogged about this on What do you want to program today? and one of his commenters provided the method for eliminating the message. I'm going to implement it. Then I'm going to submit his post and mine to Seth Godin, the This is Broken guru. And I'm going to go back to waiting until Lifehacker or Windows Secrets tell me it's time to download the new upgrades.

(By the way, I don't care if someone out there likes another browser like Firefox or Chrome more. This is not what this post is about and I may just delete any comments endorsing other browsers.)


Anonymous said...

I regret the day I upgraded to IE8. It takes much longer to start, and even open new tabs. Also, like any upgrades, it is not stable.

Milan said...

"Probably I should find a way to have it not tell me this, because it never tells me that either "nothing on this page is secure" or "everything on this page is secure", only when it's a mixture. If I don't need to know in the all or nothing cases, why do I need to know in the mixed case?"

It should give some indication of when everything on a page is going through HTTPS (like a lock icon somewhere, though spammers know how to fake some of them).

If there is no indication at all, you can assume nothing on the page is encrypted.

Incidentally, there is a big difference between an encrypted communication channel and a secure transaction. If either your computer or the server is compromised by malicious software, the fact that they are communicating in an encrypted way doesn't really matter.

Milan said...

There are also some clever man-in-the-middle attacks against HTTPS, such as SSLstrip.

RealGrouchy said...

Yeah, at work I had to upgrade to IE8, but on my lappy I still use IE6 (well, when I have to view IE-only content; I use SeaMonkey as my main browser suite)

- RG>

David Scrimshaw said...

Real Grouchy: You're pushing it, but because I didn't specifically mention SeaMonkey, I will let your comment stay in.

Milan: I am not even going to try to figure out what your comments mean. But I think they are saying I should continue to trust nothing on the internet.

Anonymous said...

david scrimshaw - you are letting ie8 make you crankier than is your nature. do not take your upset out on those who endorse other browsers. if you do that, microsoft wins. and if you know me at all, you know that i like nothing less than letting the monopolies win. you should consider spending your time coming up with constructive ways of making them pay for the annoyance.
best of luck to you, sir!