Free PC performance & security scan Take a few minutes to find out why your PC is so slow. Run the free PC Pitstop Optimize 2.0 scan and receive a free custom report detailing common issues that might be keeping your PC from running at full speed. Over 100 million scans run. Scan now! PC Pitstop

Fast POP3 downloader for Exchange Server IGetMail downloads, sorts, and delivers remote POP3 e-mail to your Exchange Server every 20 seconds. Supports individual and catch-all POP3 accounts; flexible scheduler; SSL support; leaves e-mail at server, replays messages. Try the 30-day trial. IGetMail

Download a free PC-performance scan RegCure repairs your Registry and automatically makes your PC's performance like new. Remove Windows errors instantly and clean up your Registry. RegCure is an award-winning product — download a free scan now! RegCure

See your ad here

By Mark Joseph Edwards

Microsoft touts Internet Explorer 8 as a big improvement over previous versions of the browser in terms of security, speed, and compatibility.

While that's basically true, the inevitable new-release glitches — which are already appearing — suggest you should wait at least a month before upgrading.

When you choose a browser, your first consideration should be security. There's no doubt that Internet Explorer is the target of more malware than any other piece of software. In fact, using IE is like painting a bull's-eye on your forehead and walking into a war zone.

Even though IE 8 adds some useful security features, its continued reliance on ActiveX makes the browser vulnerable in its very foundation. This lack of security is a primary reason many people have stopped using IE.

Security isn't the only factor causing Web denizens to flock to alternative browsers. For years, Internet Explorer's page rendering has caused major headaches for Web developers and users alike. Some pages that look and function as designers intended in Firefox, Opera, and other third-party browsers have their layouts broken when rendered by Internet Explorer.

IE 8 makes an effort to improve compatibility but ultimately falls short.

Performance is another area where IE has trailed the competition. Just as IE 7 runs faster than IE 6, the new version 8 is quicker than its predecessor. However, early tests indicate that IE 8 is still much slower than other browsers.

Compatibility improvements aid users and coders

IE 7 often jumbles the layout of sites that open and operate just fine in Firefox, Google Chrome, and other browsers. Web designers will be heartened to hear that IE 8 addresses many of these page-rendering deficiencies — and it's about time!

Constructing sites that work well in all browsers is definitely going to be much easier. Likewise, people who surf the Web will be less likely to encounter sites whose layouts are broken in IE 8. Without getting into the nitty-gritty, let me just say that IE 8 passes the Web Standards Project's Acid2 compliance test, as explained by the IEBlog.

Taking compatibility a step further, IE 8 includes a "compatibility view mode" that reverts to IE 7's rendering engine. You can toggle this mode on or off using a button near the search bar at the top of the browser. (The button icon looks like a broken document, as shown in Figure 1.)


Figure 1. Internet Explorer 8 features a new compatibility button near the reload and close buttons.

But there's a catch: IE 8 decides when to display the compatibility button. Obviously, if the button isn't showing, you can't click it. However, you can manually configure sites you want to view for compatibility by engaging the Compatibility View Settings option on the Tools menu. (See Figure 2.)


Figure 2. You can access IE 8's compatibility settings via the Tools menu.

If your organization uses custom intranet applications designed specifically for IE, you may need to adjust those applications to support version 8.

Reader Jim Johnson reports that his intranet woes were not alleviated by using the new browser's compatibility mode. Jim had to force IE 8 into IE 7 mode by pressing F12 to open the Developer Tools and then selecting Internet Explorer 7 as the browser mode. These steps allowed him to sign in and use his company's intranet applications.

Microsoft provides a way for Web developers to handle browser incompatibilities on a page-by-page or site-wide basis. To force a page to render using IE 7 styles, end users can click View, Source and then change the header's meta http-equiv= setting to read as follows (be sure to retain the open and closed angle brackets at both ends of the tag):

meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /

For site-wide rendering control, site owners can configure their servers to send the following HTTP header:

X-UA-Compatible: IE=EmulateIE7

Phishing filter upgraded to fight malware

Among the noteworthy security enhancements in IE 8 is the SmartScreen filter. This feature upgrades IE 7's Phishing Filter by adding a malware defense. (The Phishing Filter in IE 7 protects users against accidentally landing on spoofed sites and also detects other attacks that might try to steal your personal information.)

IE 8's new anti-malware component is a reputation-based filtering system. In this respect, it's like McAfee's SiteAdvisor and Symantec's Norton Safe Web. Unlike SiteAdvisor, however, SmartScreen also works with signature-based technologies such as Microsoft's Malicious Software Removal Tool, Windows Defender, and others.

You can enable the browser's new InPrivate mode, which prevents IE from saving cookies, your browsing history, cache data, and other personal information.

IE 8 also offers better protections against cross-site scripting attacks and clickjacking, a hacker technique that tricks you into clicking on hidden page elements. Finally, Microsoft includes Data Execution Prevention (DEP/NX) memory protection in IE 8 to help prevent exploits that use memory tricks to launch malicious code.

However, none of these security features is foolproof. A prime example presented in early March at the CanSecWest conference is described in a Computerworld article. A researcher identified only as Nils compromised IE 8 running on Windows 7 by taking advantage of a shortcoming in the DEP/NX protection system.

More speed in IE 8, but not nearly enough

Microsoft would have us believe that speed isn't very important when it comes to page surfing. (Considering the miserable performance of previous versions of IE, that's understandable.) In fact, the company's IE 8 documentation states: "Ease and speed in the real world are measured in minutes, not milliseconds." I guess that's Microsoft's pre-emptive defense against browser-speed test results.

Computerworld's JavaScript-performance tests show that Google Chrome is four times faster at JavaScript rendering than IE 8. In the same tests, Firefox 3.0.7 was 59% faster than IE 8 when rendering JavaScript on pages, Safari 47% faster, and Opera 38% faster.

So, does JavaScript rendering speed really matter? If you visit 50 such pages, and if they take an average of 2 seconds each to load, you'll spend an extra 60 seconds waiting in IE 8 than you would in Firefox. Over the course of a year, that's 6 hours of wasted time.

Of course, if you surf more than 50 pages a day, you could be wasting even more time with IE 8. In the business world, time is money, but time's even more precious in your private life. A browser's speed definitely matters — a lot!

There's no doubt that IE 8 is a much better browser than IE 7. Nevertheless, it's still inferior to Firefox and other alternatives. As to whether you should upgrade to IE 8 now or later, my advice is to use Firefox instead of either version.

If you must use Internet Explorer, I suggest you wait at least a month — two months would be better — before upgrading to IE 8. (If you're still using IE 6, however, install version 7 right away, for the sake of your security as well as for the added performance.)

Why do I think you should wait? At present, only a fraction of Windows users worldwide participated in the IE 8 beta. Now that the browser has been released to the public, it will be put through the wringer even more strenuously. When that happens, problems are bound to surface. For example, we've already received a few reports of odd page-load behavior in IE 8 on Vista systems. And, bizarrely, some IE 8 installations revert to IE 7 after loading Windows hotfixes.

Furthermore, the bad guys are bound to start banging on the new browser even harder to unleash new exploits. Let some of that play out before you jump into IE 8 with both feet. Unless you have a compelling reason to upgrade to IE 8, just relax, wait, and watch what unfolds. (Popcorn is optional.)

Table of contents

Save up to 76% on quality inkjet ink We offer the sharpest prices on the Web for quality ink and laser toner. Bonus: save an extra 10% by using coupon code DAS926M. Free shipping to contiguous U.S. locations for all orders over $50. Offer expires 5/31/2009 and excludes OEM items. 4InkJets

Are your computer's drivers up-to-date? Driver Detective provides the most up-to-date drivers specific to your computer! With more than 1 million drivers, Driver Detective saves you endless hours of work and aggravation normally associated with updating drivers. Drivers HeadQuarters

See your ad here

• "I just saw your post, 'Run a Conficker removal tool before April 1,' and wanted to clarify a few things I think you may have been confused about.
  
  "In the first section, you say:
  
  Microsoft doesn't provide all its patches to unlicensed copies of Windows, leaving the vulnerable machines free to attack us — a self-defeating policy recently described by security expert Bruce Schneier.
  
  "This is actually not accurate — Microsoft issues security fixes via Windows Update to all Windows systems, regardless of whether or not that system is genuine.
  
  "Also, the information you reference from Schneier is from 2005 and is no longer accurate. Here is a TechNet article that addresses Conficker and gives details on how PC users can protect themselves."
  

• "It's ridiculous to say that Microsoft provides all security updates to Windows users, whether or not they pass Windows Genuine Advantage (WGA) validation. No, Microsoft doesn't.
  
  "First of all, a system that fails WGA is restricted in using Microsoft's update and download sites, as described in the Genuine Microsoft Software FAQ:
  
  Q: How does WGA validation work?
  
  A: ... Upon their first visit to the Microsoft Download Center, Windows Update, or Microsoft Update, users will receive a message requiring them to validate their Windows.
  
  "WGA has a reputation for rating some PCs as unlicensed when in fact they're completely legitimate. For this reason, many people exit Windows Update at this point and turn off Automatic Updates (if it was enabled) rather than risk disabling their expensive computers.
  
  "WGA's bad rep comes from Microsoft's own policies. The original version of Windows Vista includes a 'kill switch' (officially called 'reduced functionality mode'), which is triggered in certain conditions.
  
  "Under some conditions — such as if WGA validation fails — the Start menu and desktop icons are hidden, and nothing works except the default browser (so users can buy another license). After 60 minutes, the machine is completely logged off, as explained in a Computerworld article and its continuation. This punitive policy was not changed until Vista Service Pack 1 appeared.
  
  "According to an Ars Technica analysis in January 2007, a minimum of five million users worldwide, and probably millions more, have received false 'nongenuine' ratings from WGA. As a result, Microsoft has lost many consumers' faith in the auto-update process, because people hear tales that using Windows Update can cripple a PC.
  
  "If a user doesn't pass WGA validation or doesn't wish to risk testing for it, Microsoft does not permit all security updates to be installed. Only those updates that Microsoft rates as "Critical" are presented. This is explained by Microsoft in its Description of Windows Genuine Advantage (emphasis added):
  
  If you have a genuine copy of Windows but decide not to complete the validation process, you can still obtain CRITICAL software updates by using the Automatic Updates feature.
  
  "The trick is that many security updates are rated by Microsoft as only 'Important' or 'Moderate.' But these updates can be just as essential to users as ones rated 'Critical,' because the ratings are often questionable.
  
  "For example, the WGA download itself, titled KB905474, was described as a 'critical security update' from the first day it appeared in 2006, despite the fact that WGA is a marketing effort, not a security update at all.
  
  "In addition, users who fail or never attempt WGA validation are restricted by Microsoft from receiving security software other than patches. For example, validation is required to use the download page for Windows Defender, a free security program. Microsoft says this app protects PCs against 'security threats caused by spyware and other potentially unwanted software.' The download page clearly states:
  
  This download is available to customers running genuine Microsoft Windows ... Windows Vista users must pass Microsoft Genuine validation requirements ...
  
  "Regarding Bruce Schneier, I searched his site and didn't find any sign that he's changed his view of Windows Genuine Advantage since his last post on the subject.
  
  "Finally, linking to Microsoft's TechNet article, which recommends running the Malicious Software Removal Tool (MSRT) to eliminate Conficker, is pointless. As I reported, Microsoft's own Malware Protection Center stated on March 27 only that MSRT removes Conficker versions A and B. There's nothing about MSRT removing the latest Conficker builds (variously described as C or D).
  
  "After I wrote that, a Microsoft source, whom I can't identify, has said variants later than B could be detected if MSRT's mrt.exe file is first renamed. Otherwise, Conficker kills the process. Most end users would never think of this, so MSRT for now should not be considered an up-to-date solution.
  
  "I didn't say Microsoft doesn't permit non-WGA users to get any security patches. I wrote, 'Microsoft doesn't provide all its patches to unlicensed copies of Windows.' It's certainly true that the company doesn't provide all its security patches, much less all its various patches, to people who don't run WGA validation. I stand by this statement.
  
  "I urge Microsoft to immediately start delivering all updates — of every kind — to users who are running any copy of Windows, whether or not it validates. Pirate profiteers should be thrown in jail, and Microsoft has a right to prosecute them. But our legitimate computers are the ones that unpatched users' computers attack. Microsoft has no excuse for not updating every system."
  

• "Ryan, as a victim of a nasty Win32:Vitro infection, I read your latest article with great interest. This virus has wreaked havoc on my home PC, and there seems to be very little information [about it].
  
  "This nasty piece of code not only evaded AVG's free edition, but wrecked it completely. I had installed Windows XP SP2 on a freshly formatted system partition, installed AVG immediately after SP2, and within a few days the virus had come back in full force. Now, following a second system partition format and Windows install, Avast Antivirus Free has been able to prevent reinfection.
  
  "I rarely see Avast mentioned, but I've had great experience with it. In researching Win32:Vitro, it appears that the major players — Symantec and McAfee — are either behind in detection or don't detect this at all. As I noted, AVG also didn't.
  
  "I would be very interested in hearing other readers' or your own perspective on Avast's software. I've found it to be extremely light on system resources and also extremely effective."
  
  

Table of contents

By Katy Abby With today's busy schedules, who has time to keep current on the latest films? And once you've finally seen that talked-about flick, there's hardly enough spare hours lying around in your schedule to re-watch it, no matter how much you enjoyed your first viewing. If only there were a way to review the best parts of the movie without wasting too much of your all-too-precious time .... The solution? One-minute films! Take a look at this clever rendition of Kill Bill 1 and 2. After all, it's not the length that counts; it's what you do with it! (Warning: spoiler alert!) Play the video

Table of contents

Free download — update all your drivers DriverCure automatically and instantly updates all of your out-of-date drivers and software. This will result in a fully secured PC that has the latest driver and software patches. Download DriverCure now and update your entire PC in under 2 minutes! DriverCure

Who else wants a faster PC in only 9 min The exact system thousands have used to boost Internet speed, reduce startup time, cut shutdown time, and make random errors and crashes history ... you're just one click away from getting "The Internet's Best Kept Secret" free! PC Secret Formula

See your ad here

TOP STORY By Mark Joseph Edwards No reason to rush your upgrade to IE 8 Compatibility improvements aid users and coders Phishing filter upgraded to fight malware More speed in IE 8, but not nearly enough KNOWN ISSUES By Dennis O'Reilly Microsoft responds on patches to Windows users Reader reports Avast fixed something AVG didn't WACKY WEB WEEK By Katy Abby No more sitting through long-winded epics!

	LANGALIST PLUS By Fred Langa Sync your e-mail among different systems Wanted: an easy way to sync e-mail between PCs Windows Media Player files repeat endlessly Where, oh where can that downloaded program be? Easy way to resize many photos at once
	BEST SOFTWARE By Ian "Gizmo" Richards Using valid characters in your e-mail address E-mail address standards ignored by some ISPs Real-world standards: Gmail, Yahoo, and Hotmail Only three characters are universally accepted How to craft a well-formed e-mail address
	WOODY'S WINDOWS By Woody Leonhard Windows 7 developers heed beta-tester feedback Beta testing ain't what it used to be Win7 User Account Control gets a big boost More accurate hard-drive performance scores Turn off IE, Media Player, other Win7 pieces Plenty of significant problems remain

There's no fixed fee! Contribute whatever it's worth to you Readers who make a financial contribution of any amount by April 8, 2009, will immediately receive the latest issue of our full, paid newsletter and 12 months of new paid content. Pay as much or as little as you like — we want as many people as possible to have this information.

A portion of your support helps children in developing countries Each month, we send a full year of sponsorship to a different child. Your contributions in April are helping us to sponsor Heidy Joseline, a 3-year-old girl who lives with her family in Guatemala. Children International channels development aid from donors to Heidy Joseline and her community. We also sponsor kids through Plan USA and other respected agencies. More info

More info on how to upgrade

Table of contents

• Visit our Unsubscribe page.
  

Table of contents