Thursday, February 10, 2011

Microsoft's IE9 browser goes live

Microsoft has said the latest version of its internet explorer web browser puts it ahead of competitors like Google and Firefox.

The software giant, which is losing market share, made the bold claim as it unveiled what is known as the release candidate of IE9.

This is the final test drive for the new browser - a chance to catch any last-minute bugs before its debut.

IE9 has been downloaded 25 million times during beta testing.

Privacy and speed are being highlighted as two of the features that set IE9 apart.

"This release is one that is playing catch up [on past releases], but it leapfrogs everything and now you see the other folks on the back foot trying to catch up with us," Dean Hachamovitch, corporate vice president of Internet Explorer, told BBC News.

"With this release you are seeing innovation after innovation that other folks are catching up to. Hardware acceleration was something no one was talking about until we did it. No one else was talking about privacy and tracking until we did it."

According to Web analytics company Net Applications, IE lost more than six percentage points of user share in the past 12 months. At the end of January, the browser hit an historic low with 56% of users using IE.

"This is a real race again in terms of browsers," said Lance Ulanoff, editor-in-chief of PCMag.com.

"To some extent, Microsoft had ceded that race, but when I first heard about IE9, my initial reaction was 'oh the game is on'. Now it is a question of how people will perceive it when they look at it against Google Chrome and Firefox, but Chrome is where you have the most interesting battle and this is a true battle in the browser space."

Privacy features

One feature being put front and centre of IE9 is tracking protection that gives users better control over how their information is shared across the web.

Some content on websites can be used to track activity as people hop from one site to another. IE9's tracking protection means users can limit the browser's communication with certain websites to help keep information private.

This feature relies on tracking protection lists the user can create, or on lists created by the four main online privacy and tracking companies to allow or block a site or ad network from tracking users.

Microsoft has said it will not generate such lists.

The feature is seen as a response to a call by the Federal Trade Commission for a web equivalent to the Do Not Call list aimed at telemarketers calling and harassing people at home.

Firefox also offers a 'do not track' option.

"The most exciting thing is this is a technology that is ready to use today and can provide a meaningful level of protection as you browse around the web," said Andy Zeigler, privacy programme manager with Microsoft's IE team.

"For example, the lists can block companies that collect data about you without your consent, which could be information like your browsing history, the sites you visit, the things you buy online and the videos you watch."

Need for speed

With speed becoming an increasingly seductive selling point for users, Microsoft said that this latest version of IE9 is faster than the beta by 35%, making it faster than any browser currently available.

Also new is expanded support for HTML5 and what is known as other "future-web" technologies. These include support for a geolocation feature and HTML5 semantic tags. These features are largely present in other browsers.

The company said it received over 17,000 comments from early users. As a result of some of that feedback, the software will let people add a new row of tabs to the bar at the top of the browser window. It will also pop up fewer notifications.

The company is now focused on encouraging developers to build new websites and user experiences on IE9.

IE9 is a free download that works Windows Vista and Windows 7 computers. It's not compatible with Windows XP.



Powered By WizardRSS

Oil and gas firms hit by hackers

Hackers have run rampant through the networks of at least five oil and gas firms for years, reveals a report.

Compiled by security firm McAfee, it details the methods and techniques the hackers used to gain access.

Via a combination of con tricks, computer vulnerabilities and weak security controls, the attackers gained access and stole secrets, it says.

The hacker group behind the attack targeted documents detailing oil and gas exploration and bidding contracts.

Cashing in

Greg Day, director of security strategy at McAfee, said that the attacks used to break into all the networks were built around code and tools widely available on the net's underground.

As such, he said, they were not very sophisticated but that did not dent their effectiveness.

In its report detailing what it dubbed the Night Dragon attacks, McAfee said the series of co-ordinated attempts to penetrate at least a dozen multinational oil, gas and energy companies began in November 2009. Five firms had confirmed the attacks, said McAfee.

In a long-running campaign, the attacks continued and the hackers methodically worked to penetrate the computer networks of these firms.

The first stage of the attack was to compromise the external server running a company's website. Hacker tools were then loaded on the compromised machine and used to lever open access to internal networks. Then, cracking tools were used to gather usernames and passwords and get deeper access.

Once embedded, the hackers disabled internal network settings so they could get remote access to machines on the corporate networks. Via this route, sensitive documents, proprietary production data and other files were found and pilfered.

McAfee said the information stolen was "tremendously sensitive and would be worth a huge amount of money to competitors".

Mr Day said that although corporates were under attack all the time, the Night Dragon attack was no run of the mill incident.

"What makes this different is the very specific ongoing targeting of specific organisations with a very distinct purpose to what they were trying to achieve," he said.

In that sense, he added, the attacks seemed to have a motive in common with that behind the Operation Aurora attacks on Google in China and the Stuxnet virus, which targeted industrial plant and machinery, and is thought to have been designed to attack Iran's nuclear programme.

It was not clear if the Night Dragon attacks were state-sponsored, said Mr Day. Circumstantial evidence, such as the fact that all the attack activity took place during the Chinese business day, suggested China was involved but it was by no means conclusive.

Equally, the fact that during its investigation McAfee uncovered the identity of one individual based in China who provided invaluable aid and computer resources to those behind the attacks did not mean everything was backed by China.

The clues could be misdirection, said Mr Day.

"The attackers did not seem to be at all careful in covering their trail," he said. "Was that just they were not that skilled or were they trying to leave a bread crumb trail to paint a false picture?"

Corporates were going to have to get much better at analysing the attacks hitting them, said Mr Day, if they were to avoid falling victim in a similar way.

"We have had a decade of cyber crime all about 'write it, randomly spray it and see who falls foul'," he said. "In the next decade many attacks will have a more specific purpose and they will keep going until they are successful."



Powered By WizardRSS