Does IE 8 Equal Safer Surfing?March 24, 2008 – 6:17 PM
Microsoft is promising that the upcoming IE (Internet Explorer) 8 will be the safest and most secure version of its Web browser yet. Of course, everyone has heard this song before. Still, with the addition of two significant new security features, it’s hard to argue that the new release won’t represent at least a modest step forward in Microsoft’s quest for rock-solid browser security.
Despite improvements, IE 8 won’t offer the same degree of security improvement as IE 7 did. That version boasted a slew of new security features and signified a major advancement over its frequently attacked predecessor, IE 6.
IE 8’s security environment benefits from the addition of two major enhancements: the Safety Filter tool and the Domain Highlighting feature. Here’s a closer look at both of these new enhancements.
Because phishing attacks have become more frequent, more damaging and more sophisticated, Microsoft has equipped IE 8 with improved technology that clearly identifies dodgy Web sites. IE 7 took a big step forward in this direction with its Phishing Filter. Now, IE 8 ups the ante with a new Safety Filter that analyzes the entire URL string to search for carefully hidden signs that a Web site may be something other than it claims to be.
In Microsoft’s words, the Safety Filter provides “a more granular detection” capability, allowing the browser to protect users from more targeted and sophisticated attacks. IT administrators also have access to new Group Policy options that enable them to remove the user-override option and completely block access to known unsafe sites.
IE 8’s Safety Filter may not be the most powerful anti-phishing tool ever developed, but it marks a definite incremental advance in the battle against email frauds, at least those that target IT users.
IE 8’s other major new security feature is a technology that highlights the top-level domain in the browser’s address bar. This enhancement might not sound like much, but it is designed to provide a hard-to-miss visual clue that will function like a traffic light. The idea is to enable users to quickly confirm that the Web site they are visiting is the site that they intended to visit.
With Domain Highlighting, the site’s name is presented in a bold, black font, distinct from other characters in the URL, which are colored gray. Many malicious Web sites have intentionally complex URLs that are designed to confuse and mislead users. Domain Highlighting will make it easier for users to know exactly what site they’re visiting.
So should you upgrade to IE 8? Most users won’t upgrade solely to take advantage of the aforementioned new security features. Other browser enhancements, such as WebSlices (a feature that allows users to subscribe to and receive regular updates from different parts of a Web page), Activities (contextual menus on Web pages that can supply additional information via Web services) and possibly even a new user interface are the main focus of attention in IE 8.
Still, the two major security improvements are useful, and they serve to reinforce a product that is much more secure than the one that was offered a mere two versions ago.
Source: IT Security