Microsoft gets hacker feedback on IE7 Beta 2

Microsoft Corp. showed off the preliminary work it has done on the second beta version of its popular Internet Explorer, version 7, at the Hack in the Box Security Conference in Kuala Lumpur, Malaysia, and came away with some good feedback, managers at the company said Thursday.

“It’s the first time we’ve ever come out ahead of a product release to present and get feedback,” said Tony Chor, group program manager at Microsoft’s Internet Explorer team, referring to the company’s presentation to a hacker-specific group.

Chor, and colleague Andrew Cushman, director of Microsoft’s security engineering and communication group, spoke highly of the feedback they heard at the presentation, and preferred the term “security research community” for attendees, instead of “hacker.”

“Hacker has a negative connotation, like a criminal,” said Cushman. People such as attendees of the Hack in the Box conference approach security from a very different, very valuable perspective, he added.

“This community is a good source of information and we haven’t availed ourselves of that source,” said Cushman.

Chor went a step further, saying Microsoft has maintained an “adversarial” relationship with the hacking community in the past, but “that wasn’t working. It just made them mad and we didn’t benefit from their passion and expertise.”

But the Redmond, Washington company is putting that past behind it, and its goal is to engage the “security research community” more in the future, presenting at more hacker conventions and giving them a chance to critique some of Microsoft’s work ahead of releases.

Chor and Cushman also handed out their business cards liberally, and hope to get more e-mail responses from people, as well as notes on their blog, they said.

“People had a lot of good suggestions, and asked a lot of good questions,” said Chor.

Some hackers at the show gave Microsoft high marks for showing off some new security features on the Web browser and seeking their views, adding they would have liked to hear more technical detail on new features in IE7 Beta 2. But their impression was the presenters appeared almost apologetic, and the hackers don’t plan to switch to any Microsoft products near term, at the expense of, say, Mozilla Corp.’s Firefox browser.

Chor said he planned to increase the amount of technical detail in future presentations. The Beta 2 version of IE7, currently under construction at Microsoft, will likely be ready by the end of the year, said Chor.

One new feature on the Web browser is it runs in higher security “Protected Mode” by default, set at a lower user privilege. In protected mode, all downloads and other packages are automatically dropped in the “temporary Internet files” folder, so malware can’t be deposited on the hard disk. In the temporary folder, IE and Windows treat the files as dangerous and they’re given no privileges to move about.

With add-ons like a Google Inc. toolbar or ActiveX, IE7 Beta 2 will offer more permission prompts, since downloads such as ActiveX opt-ins can be an avenue for attack, Chor said.

Microsoft will license its “Protected Mode” innovation to other developers for free to help spread its use, and increase security, said Chor.

For businesses, Microsoft added a “Compatibility Mode” that works when a person is using the company’s intranet and allows them to drop files wherever they want to on their PCs.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now