IE6 to Implement W3C Privacy Standard 198
Arthur Phillip Dent writes: "News.com is running a story about IE6 being the first browser to implement the Platform for Privacy Preferences (P3P) standard. Bad news for Doubleclick et. al., that is unless it's just /.ers using the features! This will get real interesting if lusers' using it with sites that do not post P3P policies (and thereby blocking sites from setting cookies, for example) creates any kind of unrest/discussion about the exchange of marketing data for content and functionality." One thing no one writing about IE6 seems to note: Microsoft has carefully arranged their MSN cookie setting technique to avoid being blocked by their own browser - they bounce people through msn.com to log in to any Microsoft property, so it's always a "first-party" cookie being sent/placed.
Web Bugs (Score:1)
1) Slashdot uses web bugs to track your browsing habits
2) Most Slashdot users use Internet Explorer
3) Blocking Slashdot's web bugs will cause thier stock price to fall even farther.
lies, damn lies (Score:1)
in other words, this is what EVERONE will do once IE6 is released, and the whole P3P standard will be worthless. it's just a gimmick to make paranoid Tech TV-watching lusers feel safe.
Re:First Party Cookies (Score:1)
Although there may not be technical reasons to provid multiple access points to the same login database, there are absolutely privacy reasons to maintain multiple login databases. Just because i access M$ knowledgebase information doesn't mean that i want "special offers" to subscribe to MSN internet access.
Conglomerate corperations with any respect for their customers privacy should NOT be sharing personal indentifying information between divisions. There is no basis to assume that the customer would want that, period. And microsoft isn't being honest about anything by doing automatic browse redirects through a centralied data mining server. That's crap.
Re:riiiight (Score:1)
CSS is bad (Score:1)
Re:Great... some real innovation! (Score:2)
Advertisement Blockers
There are various ways you can do this already, and it will probably possible to write a Mozilla plugin to do this. However, this proposal is very badly thought out as it will reduce the revenues that web sites get from advertising, which keep the majority of the web free of charge. Hence it is unlikely this will every appear in Mozilla or Communicator.
This may eventually appear indirectly however, since things such as preventing popup windows and having preferences differ on a site-by-site basis can achieve this (these are above).
Re:All I want ina browser... Most of it you CAN (Score:2)
Re:*sigh* (Score:2)
From what I saw of the shockwave site if they did let you view it on a non-ie/win browser you'd see the page, just fine, and two empty squares where the plugin is missing. It's not even that they have their entire page in shockwave or something lame like that.
That's the sort of stuff that just pisses me right off.
Re:*sigh* (Score:2)
This probably wouldn't have stopped microsoft from pulling the carpet out from under netscape, and the suckage of NS from that point forward, but I think that the web would be very different today.
As for pdas, you have a separate page, or have the server have a way to render the page differently for different filenames. For example, if I request foo.html from the server it gives me foo.html, if I request foo.wml from the server it gives me the same page, but does the markup differently (just like CSS can do today) for that page (which is not a real page, more of a mod_perl type of thing, but not).
As for upgrading to mozilla I have, but sites out there still tell me my browser isn't supported. The problem is more to do with web designers using the "opt in" rather than "opt out" mentality. "Allow only ie5 windows" instead of "Don't allow netscape 4.x".
Re:*sigh* (Score:3)
Generally in the format of something like:
"Netscape 6/mozilla is not supported. Please go [here] to download the latest version of IE"
Or from shockwave [shockwave.com] (if you go to their site on a non-windows, non-ie browser... the only way to view anything on it is to fake the user agent string to a windows/ie code in konq).
"It appears that your operating system is not supported by shockwave.com. We support the following operating systems: Windows 95, Windows 98, Windows 2000, Windows NT 4.0 (or later), and Mac OS 8.1 (or later)."
I have to give kudoes to http://k10k.net/ [k10k.net] because they had a "we don't support netscape 6 DCOM just yet, sucks to be you" type message up a while back, but they have apparently re-designed their site.
Re:my apologies (Score:1)
You know... sending back data about privacy... ha ha... Apparently nobody got it though, oh well.
Re:Netscape plugin (Score:2)
Why is it that a checkbox in the prefs, that sends back demographics about wanting privacy support, seem a bit odd to me?
Re:Which Browser Performs Better At Standards Test (Score:1)
--
More at The Register (Score:3)
WinXP IE6 spells death for Doubleclick - and a boost for MSN? [theregister.co.uk] and
IE6 will not monster our cookies, says Doubleclick [theregister.co.uk]
All I want ina browser... (Score:5)
I want the ability to filter images based on the domain and/or size (no more 1x1 web bugs).
I want the ability to filter JavaScript based on the domain.
I want the ability to set up my browser so that sites cannot open new browser windows.
Most of all, I want these features built into the borwser. I should not have to download a third party application to control fundamental parts of my web browsing activities.
I normally use iCab on the Mac http://wwwicab.de/but for the past few weeks have had to use IE 5.0/Windows. iCab normally offers all of these filters (and more), and I find the features sorely lacking in IE.
Look at the lizard. (Score:1)
--
Re:"bad news" for doubleclick? nope (Score:1)
These things don't "reduce effectiveness" as you say. They make sharing Apache logs absolutely useless. 99.9% of all residential internet connections have dynamic IP addresses. Some of these are semi-static and change once a month or so (like Cable and DSL via DHCP) some change once a day or so (DSL via PPPoE), but the vast majority change all the time (dialup PPP). Therefore, you cannot track someone by just correlating the IP addresses in different web server logs.
___
javascript filter (Score:1)
Re:javascript filter (Score:1)
Re:Great... some real innovation! (Score:1)
Re:Which Browser Performs Better At Standards Test (Score:1)
It must be a completely different code base
(???)
-Kevin
Comment removed (Score:3)
Re:Here we go again. (Score:2)
Re:*sigh* (Score:1)
Re:-turbo eats 15MB of ram (Score:1)
Ask yourself 2 questions (Score:2)
How does this benefit MS directly?
Probably the only way to turn it on is to also enable Smart Tags. At least that's my theory.
Use "adsubtract" (Score:1)
It does all of this, and blocks banner ads (if you want). It works great.
Obviously it would be nice to include in a browser, but it is available, might as well use it.
Slashdot moderators suck (Score:2)
Re:Which Browser Performs Better At Standards Test (Score:1)
--
Re:*sigh* (Score:2)
Microsoft is the first to implement *A* version of P3P. It is not implementing *THE* version of P3P. It's bastardizing it, because that's how Microsoft operates: embrace, extend, extinguish.
The best thing you can do for the web is to BLOCK MSIE v6 for the time being. Send a message to Microsoft that you want them to quit screwing with standards.
There've been net-wide rallies behind common causes before (blue ribbon campaign, f'rinstance). It's time for another one.
--
Re:First Party Cookies (Score:1)
What's the "best" way to have websites across different domains (www.aaaa.com, www.bbbb.com) perform a single logon? Ideally I'd be able to enter a userID into either site, and the back end systems would do the account data sharing (but that's not the part the concerns me). What I'm curious about is how, after entering my name into one of the sites, I can go directly to the other site and have it automatically recognize me without having to re-login.
The ideal solution would be to use some sort of "global" cookie that has an encrypted userID in it, such that the constellation of cooperative websites would have a shared key to decrypt it. With this sort of global cookie, the user could log on once to any website and be able to automatically authenticate to the others. However, as best as I can tell, this sort of global cookie feature does not exist. It may be possible to write a cookie specifically intended for a single other website, but that doesn't really scale well (and it assumes that every website knows the identities of every other website that is participating in the single logon).
How would you approach and solve this problem? Thanks!
Some MSIE anagrams (Score:3)
it's for experimenter control
extort, enforce, imprint loser
extreme profits control rein
cern extortion reptile forms
export control terrifies men
cool printer, extreme font sir
Your welcome.
Re:How Does Site Inform Browser of Compliance? (Score:1)
--Dg
Am I really reading another browser war? (Score:3)
What was I thinking?
Have I learned nothing in my years of Slashdotting?
At least I managed to close the two windows with which I was about to start raging fires.
I should know enough by now not to even look.
sigh.
Re:*sigh* (Score:1)
But that falls apart because Netscape does such a poor job implementing the standards that almost all the other browsers support. Your solution is to cripple everybody else just because a browser company with less than a 10% market share can't code their way out of a wet paper bag. If everyone using Netscape 4.7x and below would just upgrade to Netscape6/Mozilla, the web would be a much better place for everybody.
Your solution also would also be poor for sending specific content to non-typical-but-growing-more-common devices like PDAs.
Cheers,
Re:All I want ina browser... (Score:2)
They work fine at least with Netscape 4.X.
Re:All I want ina browser... (Score:2)
That's not good enough. It removes too much functionality. What you really need is something like sites can only open a new window in response to a click, and it can only be one new window. Also, the window.close() functionality should be disablable. I don't want anything to happen when I close the window except for the window to close. Nothing ever .
BTW, Konqueror does all the things you asked for except the image filtering by size. You don't seem to run a *nix variant though, so it won't help you for now. You should consider debian on your Mac.
Which way to the topic again?
Why do't you stop using cookies then? (Score:3)
we don't do anything "bad" with the cookies we collect
Why don't you just stop using cookies then? Really, what nessicary functionality can't you implement on the server side for advertising that you need to use cookies for? You should be able to do all of the standard things. (Keep statistics, don't show people the same ad over and over. Track consumer preferences for targeted ads... The works.) Not only that, but when you store data in a cookie, your data is at the user's mercy. the cookie file can get cleared at any given time. If it's on your server, you have control over it.
If you're clever, you can even keep track of the data on the server when the user's dynamic IP address changes by keeping other information like the user agent string and what "block" of dynamic IPs the address is assigned from. If the user views more then one page from a particular site, you can seed the links with more information collected through javascript that will get sent to you when the user follows a link. Make a little (1x1) flash program that sends you some data. Really all of this cookie nonsense is just that. Nonsense. You can be so much more evil without cookies because the user can't tell you're doing it once they've left the page.
iCab (Score:2)
a) accept it, expire on quit
b) accept it, and any subsequents from the domain
c) accept it, but not allow it to be used
d) refuse it
e) refuse it, and refuse subsequent cookies from the same domain.
It also allows you to change your preferences to either "never ask again" or "always ask" with each alert box.
It doesn't take much surfing to block a LOT of domains this way. I love it, and wish more browsers would implement their cookie management in the same way. It's the best one I've used.
Re:Which Browser Performs Better At Standards Test (Score:3)
eh? (Score:2)
---
Re:Will Mozilla support P3P? (Score:2)
So yes its in the works.
First Party Cookies (Score:5)
I'm mildly amused that the poster seems to regard this as some kind of 'sneaky trick' by microsoft. As if it is 'wrong' to maintain a single login location, as if you 'should' create a separate login for every single website. I've been working on database driven websites for nearly 5 years now, and I can't recall a single technical reason why I'd want to make multiple points of entry to the same database. The only reasons that are valid are design issues... specifically, did we want to have the customer see that login page A is actually affiliated with website B. Microsoft, being such a public brand, has no need to hide the association.
The way I look at it, by having a single login location Microsoft is actually being open and honest. They COULD have multiple points of entry into the login database, one for each site, and thus hide the fact that they are pooling user information between domain names. With a single point of entry, they are revealing their practice of data sharing... something that would be obvious to anyone with technical understanding of database driven sites.
People get all up in arms about privacy with cookies, logins, and user information pages... completely forgetting that sites owned by the same company don't have to use ANY of that to create a profile of your activity on their multiple sites. People seem to have this idea that differing domain names create a magical 'wall' between sites, preventing anything from leaking from one domain to another. Anything they see as breaking that wall is somehow evil.
In all practicality, if Microsoft really wanted to, they could make all their sites as subdomains of microsoft.com... msn.microsoft.com, passport.microsoft.com, msnbc.microsoft.com, etc. Then, the actuality of data sharing would be more concrete for the less technically inclined.
Raven
And my soul from out that shadow that lies floating on the floor
Re:All I want ina browser... (Score:2)
That's the point, the first person wanted to be able to block these images, the second complained that then as a web page writer they wouldn't be able to force the layout that they wanted. Whining about the dificulties of writing commercial pages is simply irrelevant to someone looking for the features they want in their browser.
Re:All I want ina browser... (Score:2)
You will find NS6.1 to be very privacy friendly (though two of your features are missing: JavaScript per domain and images by size).
It's based on the Mozilla 0.9.1 [mozilla.org] release which is very nice, and usable on it's own, but adds a number of plug-ins that are worth having.
--
Aaron Sherman (ajs@ajs.com)
Re:Slashdot moderators suck (Score:2)
Re:*sigh* (Score:2)
Re:How Does Site Inform Browser of Compliance? (Score:4)
Server: Microsoft-IIS
(or maybe that's IE6.1...)
Re:Completely baseless statistics (Score:2)
Re:*sigh* (Score:2)
Hmm...what part of the standard does IE not implement? I printed out the HTML 4.01 and CSS 2 specs and kept them next to me as I redid this site [thejewelers.com]. IE (back to at least 4.01) renders it properly, as do Mozilla (last I checked was M16), Opera, and Lynx. The browser that choked was Nutscrape 4, so if you want to complain about a browser not meeting standards, I'd suggest that you go after AOHell and not Microsoft. I checked the site with W3C's validators, and everything came up OK.
Slashdot didn't like P3P the first time around (Score:5)
Re: (Score:2)
Re:Atrocious (Score:2)
What I wanna know: Is there an msid.msn.com cookie set on boot/install these days?
Next time you install W98, boot to raw DOS. Poke around the filesystem with a hex editor and examine the cookies. You'll find one set for whatever username and workgroup you entered at install time, pointing to our old friend http://msid.msn.com.
Under W98/IE4, deleting these files, rebooting, and re-entering Windows, the cookie data was restored automatically, even though this box had never been connected to any network.
Disclaimer: I wasn't able to reproduce this today on a W98SE/IE5 box. I know I did it under 98, because I ranted about it [slashdot.org] on Slashdot last year when the GUID-leak stories came out.
Can anyone confirm/deny this type of behavior on XP?
They've been doing this shit for a long time [pc-help.org].
A DejaGoogle search revealed tracking through msid.msn.com as far back as 1997.
I think my "cookie kept coming back" had something to do with RegWiz [attrition.org], which created such a cookie before you even registered? (And in my case, even though I hadn't registered :)
So today they generate and use an MSID instead of the HWID. It's still all about tracking.
Speaking for myself, I firewalled msid.msn.com a few years ago and never missed it.
The really sad thing is... (Score:2)
A server has to collect "doubleclick-like" information if it is to, for example, learn how it can sort out which, of a gazillion possible pages that "sort of match" a nonexpert user's request, are really the important ones for that user. Or other users that could use the automatic rating info, donating theirs in return.
I can just imagine the FUD that would be spread if a WWW client sent info back to a server like "Mouse was moved over and things selected on this page such and such an amount, page was in focus X seconds, the screen is at so big a size and Y percent full" et cetra, to help a user get what they are looking for. Again even though this reveals less than what the URL does in the first place - and yet would be invaluable to sift the gems of content from the mass of data out on the internet.
It just can't all be done effectively on the client, or without aggregating the metadata about internet use by many users - the FUD speculation about what mysterious info can somehow be inferred by DoubleClick, and others, goes beyond the stupidity of saying a heart attack victim shouldn't be driven to the hospital because of the danger of an auto accident on the way - to something closer to using as an excuse the fear that the cellphone in a momentarily passing car might risk giving the dying victim brain cancer many yearslater.
On a little different note - why, now, can't you simply select not just one of Microsoft's new "smart tags", but any word or content on a page and with a mouse button selection be able to say "search for stuff like this"? Is it just because it would cause asinine complaints from web page authors (fearing their own page's relative uselessness) that this this violated their copyright by letting someone use the page for what the author rather than the user wanted it used for (and who wanted to pretend this is different than letting someone copy those words and manually enter them into a search engine)?
sorry charlie... (Score:2)
I'd have to disagree with you. Whether or not I used IE I know enough about privacy, and there are many tools one can use such as JunkBuster to maintain an efficient level of privacy via way of cookies. Some things you should take into consideration are, aside from technology, marketing companies do psychological research on all types of people in order to perform target marketing of products. You see it on television when you watch commercials, e.g. ever see any commercials for black hair care products when Sally Jess Raphael is on? No you're going to see it on BET or when Oprah is on.
This is still a form of privacy violation in a way since someone seems to assume only a selective class of people would watch television. When you go the local stores in urban neighborhoods you can see it via ads as well in which you'd be surprised how many companies perform these tasks via polls, questionaires, etc.
When it comes to the Internet you have to keep in mind no one can see you, and you have every option to decline such things as cookies, or install programs which can act as a bodyguard to protect some site from gaining information on you.
Check out some of my privacy links [antioffline.com] should these things disturb you, but don't assume any technology can fully impose on someone without their consent whether they consent to it or not.
Re:Which Browser Performs Better At Standards Test (Score:2)
Maybe you need your glasses checked
--
What? (Score:2)
What welcome?
--
Link to Criticism of P3P (Score:2)
Here is a
Here is a direct link to the EPIC criticism: http://www.epic.org/reports/prettypoorprivacy.htm
Re:All I want ina browser... (Score:2)
Mark Duell
Re:How Does Site Inform Browser of Compliance? (Score:2)
More technical information can be found here:
http://support.microsoft.com/support/kb/article
http://www.w3.org/TR/P3P/
"bad news" for doubleclick? nope (Score:4)
No, the bad news is for IE users who think this will block DoubleClick.
The article states DoubleClick expects to be compliant with P3P before IE6 is released, which means IE6's defaults will allow DoubleClick cookies. Doncha think DoubleClick and Microsoft are gonna be talking about such business-model show-stoppers and finding ways to make each other happy? Users will still have to take individual opt-out actions to stop being tracked.
Even so, cookies are not the only way that people can be tracked. Any group of companies could just share apache logs and do some simple Perl analysis to correlate a huge number of visitors. Some factors like NAT and PPP reduce the effectiveness, but the majority of useful data can still be data-mined. Cookies are just the lazy way of doing the same thing, as well as providing stateful visits to the sites themselves.
Netscape plugin (Score:2)
my apologies (Score:2)
Anything Mozilla doesn't support is planned (Score:3)
Re:OmniWeb rules! (Score:2)
> and discard when shutting down the browser.)
That's exactly what I want to see in a browser. Many shopping sites need cookies to keep track of the shopping cart, which is fine with me. And I don't want to keep turning cookies on and off or manually accepting/rejecting them just to be able to use a shopping cart. My current solution is starting netscape/mozilla via a script that deletes all stored cookies except the ones I want to keep (/. etc). That way, cookie-dependent web apps will work, but cookies will disappear the next browsing session.
*sigh* (Score:5)
You know...basic browser stuff.
Re:All I want ina browser... (Score:3)
If you want complete control over layout, don't use HTML - use TeX.
Re:All I want ina browser... (Score:2)
Konqueror [konqueror.org] does 3 out of 4 of these features. You can choose to accept or reject cookies for none, some or all domains. Same goes for JavaScript and java too.
There's no built in filter for images though. If you wanted that you would have to use an external proxy like Muffin [doit.org].
Don't suppose this helps much on Windows or MacOS however, unless they've got KDE running on those already.
Re:Which Browser Performs Better At Standards Test (Score:2)
Which Browser Performs Better At Standards Tests ? (Score:4)
As far as I know, Internet Explorer performs better at Standards Conformance tests such as
- Todd Fahrner's Box Acid Test [rydia.net]
- Inoshiro's browser test [thock.com] with a screenshot from IE 5 on the Mac [mac.com] courtesy of The Answer is 42 [kuro5hin.org]
than most other browsers out there. Mozilla and Konquerer are up there as well but they aren't close especially with regards to the newer XML related standards.--
Microsoft to implement Slashcode (Score:4)
In a startling press release from Redmond, Microsoft has announced that it's corporate web site will incorporate the use of Slashcode.
However, the popular "geek" web site "Slashdot.com" was less than impressed.
In an article authored by Slashdot editor "michael", he writes "Microsoft has no business running Slashcode. We, um, don't like Slashcode anymore." When questioned about this sudden change in position, "michael" responded "If those bastards run it, it must really suck." "michael" then forked the sign of the devil, and foamed at the mouth.
Slashdot editor "Hemos", when asked for further comment, replied "Yawn".
So, it seems that, although Microsoft may make grand steps toward securing their browser software and optimizing their web presence, Slashdot nerds will never, ever, be satisfied.
--SC
Re:Actually, you're 100% wrong - here's the truth (Score:2)
question: is control controlled by its need to control?
answer: yes
Actually, you're 100% wrong - here's the truth (Score:4)
Namely, even on the "High" security setting, IE6 will accept 3rd-party cookies that have an "acceptable" P3P policy ("acceptable" is defined). If you'd read that document, it looks like they're implementing this rather well. They've made intelligent exceptions (e.g. "Special Provision for Legacy Opt-Out Cookies"), and they're very clear about IE6's behavior.
Now, I don't particularly like P3P, nor do I like feeling that M$ is shoving it down my throat. Is it the best possible solution? Perhaps not, but what else is there?
An earlier linked article [epic.org] at EPIC complains about how difficult most users find changing their cookie preferences and how confusing privacy is. Their solution? A "tools" page [epic.org] with 62 bloody links on it, to proxies, cookie managers, filters, PGP, SSH, anonymizers - most Windows users would have a heart attack just trying to understand the acronyms. That's supposed to be easier?? This is precisely the problem Microsoft is trying to address.
I hate to be an IE apologist, but IE6 kicks the shit out of Mozilla at cookie-handling. This is classic Microsoft strategy: move into a market space that has no standards and leverage their monopoly to say, "From now on, you're doing it our way." I don't like their monopoly powers, but no one else was even doing a half-assed job at this. What's the leading contender to P3P? There isn't one. You can install the something from EPIC's page (as far beyond the reach of most Windows users as recompiling a kernel), but I bet none of these have even 2% market penetration.
The only reason Microsoft could adopt P3P and take over this privacy space so easily is that the rest of the 'net has done such a piss-poor job of it for the last 10 years.
question: is control controlled by its need to control?
answer: yes
Before you go nuts... (Score:2)
As soon as someone mentions Microsoft implementing a standard, everyone cries out "M$ has never implemented standards! Thats why I use Netscape!"
Yeah, well Netscape did the same thing to Mosaic. They made their own tags (BLINK!), and only their browser supported it. And yet somehow MS is the only bad guy here. MS is implementing a standard, and IE6 is getting a lot closer to the w3c's standards for HTML & CSS. Which is much more than can be said for Netscape, Mozilla, etc. (Hell, netscape doesn't support ANYTHING anymore!) You don't have to go apeshit on an anti-MS rant just because they are doing something right...
Doubleclick and P3P (Score:4)
Re:use Webwasher (Score:2)
So, how do you think Slashdot, as a free site even for cowards as anonymous as you, earns the money to keep itself running?
By selling VA Linux hardware. Banner ads are so 2001.
Have client say what it wants, not what it is (Score:2)
A better solution is to have the client send what types of data it prefers, perhaps a "Content-class: simple" as an example. You should send what a client says it wants, not keep a list of clients and what to send them (which leaves you stuck if a new client comes out until you update the database).
Standards are GOOD, here's why (Score:2)
Not having standards [w3.org] hurts interoperability. What if you asked me for directions and I used my own proprietary [microsoft.com] version of English, in which North and South and left and right are switched? Wouldn't that cause confusion?
Re:Atrocious (Score:4)
All they are doing is passing people through msn.com first before sending them to any other MS web site. If I had a big organization with 20 different sites, I would do the same thing. It makes sense - you track total usage of your web properties in one place.
Besides, if you don't want cookies, just turn off cookies. If you want to be warned each and every time someone tries to set a cookie on your machine you can do that to and refuse each cookie individually.
This is not that big of a deal. I personally welcome the added security features.
Re:All I want ina browser... (Score:2)
Mozilla can do this
"I want the ability to filter images based on the domain and/or size (no more 1x1 web bugs)"
Mozilla can filter based on domain or site.
Mozilla makes it really easy to turn JavaScript off can not do it based on domain that would be a cool wishlist bug I think. And of course 90% of the time turning off Javascript will make popup adds etc go away. Mozilla on a Windows machine can give you much of what you want. In particular if you are like me and don't want the Javascript stuff on most of the time. With the -turbo switch it is every bit as fast as IE 5. Have fun.
Earlier Reports (Score:3)
There was an interesting follow up the following day, see here [theregister.co.uk], under the Title "IE6 will not monster our cookies, says Doubleclick"
The gist of the second story:
And there is this tidbitLovely, simply lovely.To get off on arguing about Double click misses the main point entirely. MS is there first with the most money in the next generation of privacy control, via IE6.
Time to play connect the dots.
Check out the Vinny the Vampire [eplugz.com] comic strip
Mozilla vs IE 5.x - a test (Score:2)
My Win32 test included a end-to-end test against the hyped IE 5.X browsers.
The test was performed on a standard 700Mhz Duron with 128MB of RAM running Windows 98SE.My conclusive results are as follows:
LoadingMozilla 0.9.1 loaded 17% faster than IE 5.01 and 21% faster than IE 5.5 using the -turbo option (C:\mozilla\mozilla - turbo)
IE 5.01 and 5.5 loaded 31% faster than Mozilla 0.9.1 when Mozilla was loaded without the -turbo option. This is not a good measure of true performance though - IE loads itself into memory. A better test would be to use Mozilla -turbo vs IE (see above).
Sites90% of sites viewed with Mozilla loaded 100% correctly the first time they were loaded. 5% of the sites test with Mozilla loaded 80% or better when loaded for the first time with Mozilla. 96.2% of sites loaded 100% correctly when refreshed multiple times under Mozilla.
96% of sites viewed with IE 5.5 loaded correctly the first time. 98% of the sites loaded correctly after multiple refreshes.
89% of sites viewed with IE 5.01 loaded correctly the first time. 7% of sites tested did not load properly due to a 128-bit encryption SSL bug in IE 5.01
ReliabilityIE 5.01 crashed the system a total of 2 times. 50% of the time, IE 5.01 took down the system with it, claiming something to the effect of: "Illegal operation: Iexplore.exe", followed promptly by: "There was an internal error in Explorer.exe". The Task manager and Start Bar dissappeared and the system froze.
IE 5.5 crashed a total of 1 time, claiming: "Illegal operation: Iexplore.exe". The system stayed up and IE 5.5 was able to restart.
Mozilla did not crash during this test.
ConclusionsIE seems slightly more compatible with most sites, but Mozilla seems faster and more stable at most tasks. Undoubtedly future versions of IE and Mozilla will improve and re-testing will be neccessary.
Re:3rd party ad serving and IE6 (Score:2)
I, for one, consistently refuse third party cookies using either IE4.5 on Mac OS or Konqueror under Linux. But this is because I get a little message each time a cookie is sent and I have to choose. The public has only been web browsing seriously for about four years and is generally uneducated about the kinds of databases that are being built from the collected data. But as they become more aware, I think you'll find that no one will want to accept 3rd party cookies-- even those that pass whatever minimum standards MS implements here.
IE 6.0's P3P implementation is unenforceable (Score:3)
The simplest is for someone like DoubleClick or AdForce, or Mediaplex (here on slashdot), to just redirect the cookie data being sent back to their servers, to their clients' sites and have the first party site re-set the cookie so now it is simply first party, but is still globally available.
Then by changing the code which performs cookie operations on the clients' sites, it will then be a first party cookie, and the first party will then generate the call for the banner ad, etc, but with data popluated by the first party instead of cookies set by the third party. Just a tip.
- SuberBug
Re:Which Browser Performs Better At Standards Test (Score:2)
--
Matthijs
IE6 wishlist... (Score:2)
Quite frankly I'm amazed that these advertising companies haven't been able to buy that functionality out of the IE6.
-S
Re:Well, now, that's a first! (Score:3)
To be honest though, the business advantage for Microsoft, of implementing this standard atthis point is still a bit sketchy in my mind...
What do they hope to gain? User trust? Most users blindly trust them anyway, and those who don't (ie:
--CTH
---
Re:How Does Site Inform Browser of Compliance? (Score:2)
On your site, you put headers like this:
P3P: {url to xml describing your p3p policy}, CP="xxx xxx xxx xxx xxx xxx"
The "CP" part is the compact version, but that is optional.
HTH
3rd party ad serving and IE6 (Score:5)
I know what some will say, that finially these advertisers are getting what they deserve, and I don't totally disagree, but keep in mind, that (I don't know about other comanines, well, yes I do, but that is totaly someone else) we don't do anything "bad" with the cookies we collect. We don't sell personally identifiable data, etc. We have one of (I don't know of a better one) the best privacy policies in the industry. If everyone just decided that they didn't want 3rd party cookies, that would be one thing, but they haven't, because most people don't mind, as it doesn't hurt anyone. We don't deserve for our business to get impacted this much because of some arbitrary decision made by those people.
Oh, well, enough of this ranting.
Re:Great... some real innovation! (Score:3)
The founding father in this case is,
Netscape Corporation
good idea (Score:2)
And, by a local cookie do they mean from the same domain as one up in the location bar? My website has several domains, and uses a cgi program that spits our a semi-random image and also sets a cookie. The cgi is always called from one of the domains, so if someone finds the site by typing in another of my domains and the cookie gets set, is that not a local cookie?
-
Re:"bad news" for doubleclick? nope (Score:2)
This mean that if I visit forbar.com and there is a DB ad there, the browser *wouldn't* transmit cookies to DB.
--
Two witches watch two watches.
Re:First Party Cookies (Score:2)
That is done for security reasons.
I can't think of a good way to do it that isn't exploitable.
--
Two witches watch two watches.
Re:SMoke and Mirrors (Score:2)
--
Two witches watch two watches.
Re:good idea (Score:2)
But there are more illegitimate uses of 3rd-side cookies than there are legitimate uses.
--
Two witches watch two watches.
Re:*sigh* (Score:3)
It appears that your operating system is not supported by shockwave.com. We support the following operating systems: Windows 95, Windows 98, Windows 2000, Windows NT 4.0 (or later), and Mac OS 8.1 (or later)."
I just saw this, from Solaris (on which, BTW, I run Netscape 4 with a Shockwave plug-in that works just fine). My response: what kind of BS is this?
So now Shockwave.com doesn't like my fsck'ing operating system? WHY? Why should it care about my OS, if my browser is up to the task?
Next I suppose they'll shut me out for having a monitor that's too small, or one which doesn't display 16M colors, or that was manufactured by Sony.
Finally, I suppose, I'll see something like this:
Sheesh.
Re:All I want ina browser... (Score:2)
just checking. . .
How Does Site Inform Browser of Compliance? (Score:2)
Re:All I want ina browser... (Score:2)
Beleive it or not, IE 5 beta for OS X can also handle some cookie filtering on a site-by-site basis.
SMoke and Mirrors (Score:3)
P3P will allow a company to *describe* it's privacy policies versus every element/form/ or page on their site. It's a start, and will be the glue to enable a privacy "UI"'s. What it won't do is provide any means of enforcement. That is, just becasue site "x" says we don't divulge your purchase habits doesn't mean you can trust them.