Internet Explorer is Evil: The Story (2010)

Internet Explorer is Evil: The
story

People were happy with Windows 95 and Microsoft.

It was a happy time for PC users.
Microsoft had just delivered Windows 95, an incredibly vast improvement
over windows 3.1 and DOS.

Windows 95 finally brought PC users
a crisp, clean, well thought out, user interface comparable to that of
the Apple Macintosh while also providing full backwards compatibility with
previous versions of DOS and Windows. On the technical side Microsoft pulled
off a near miracle by implementing a 32-bit API compatible with their NT
operating system on top of “16-bit” Windows.

Windows 95 was also heavily about
choice. One could choose to use the Windows 3.1 Program Manager shell,
networking was optional, and all accessories were optional via the new
Add/Remove Programs control panel item.

Compared to Windows 3.1, switching
to Windows 95 was just a no-brainer. Files on the desktop, no more futzing
around with the program manager, seamless networking, and a desktop like
MacOS 1.0 or the Xerox Star of more than 10 years earlier.

Browsers were ordinary applications.

What is a web browser? A web browser
is an application that retrieves documents from a network, and renders
them on your screen.

Many people did not need a web browser.
Internet access was still new, and a great many people got along fine without
it.

Web browsers at the time were commercial
products that people paid for. Like any other big name software package,
you would go to the store, pick up a box, pay for it, bring it home, and
install the application software on your computer.

There was a twist: Netscape’s primary
consumer targets were companies and enterprises, so they made their software
downloadable, and licensed it at no cost for personal use.

Somewhere around this point, people
began spewing mindless drivel about how browsers would somehow magically
replace operating systems eventually, and how in the future all applications
would be “web based”. This, of course, got Microsoft’s attention.

Being a little late to the game,
Microsoft licensed a copy of Mosaic, named it Microsoft Internet Explorer,
and released it as an optional part of the Windows 95 “plus” pack.

The floppy disk version of Windows
95 did not include Internet Explorer. But the alarm bells should have sounded
when Microsoft added IE 1 to the CD-Rom version as a non-optional component.
Likely this went unnoticed because Windows 3.1 had no add/remove capability,
so people were still used to manually deleting programs like this.

Windows 95 OEM Service Release 2
included IE 3 also as a non-optional component, but still technically removable
despite having more componetized DLLs.

Microsoft forced people to install their browser,
and other tasteless things.

Then the browser war got really fierce.

Microsoft released Internet Explorer
4 – a very buggy, bloated browser that encouraged the use of the highly
insecure ActiveX. By itself, the release of yet another web browser would
have been no big deal, but how Microsoft pushed it on to consumers was
unacceptable.

First, Installing IE 4 was a very
invasive process. Other browsers, or indeed any normal application, would
never touch system files or alter the way an operating system worked. IE
4, when installed on Windows 95 or NT 4, would replace or update many system
files with its own special versions, which sometimes broke functionality
of other applications, and made it almost impossible to re-install these
OSes once IE 4 was installed.

IE 4 by default also replaced the
Windows 95/NT 4 desktop with its “Desktop Update” that added the following:

Used Internet Explorer to manage files
instead of the standalone file manger.

Displayed folders as “web pages”.

Added IE logos to every file browser
window, and many other places.

“Favorites” bookmark menu and location/URL
bar that always launched IE instead of the default browser.

Added the IE “Channel” bar with advertising
links, right on the destkop!

Made IE look like it launched faster
because 99% of it was already loaded in to RAM.

Slowed down other applications, and
discouraged users from using other web browsers because IE was already
loaded in to RAM.

IE 4 also began to replace Windows help
files with “HyperHelp” help files that used IE to render the content.

And to add even more insult to injury,
the IE 4 uninstaller would only “revert” to any previous version of IE
instead of cleanly uninstalling, and even then it would leave behind a
bunch of junk.

It blows my mind that anyone would
think that any of this was a good idea. But that did not matter to Microsoft,
the intent was to push Netscape off of user’s desktop and out of the marketplace.

Bundling, Bundling, Bundling! You have no choice!

Netscape was trying to get itself
bundled with third party software and ISP software, but Microsoft
had infinitely more influence and power, and chose to leverage all of it.

Microsoft began bundling or requiring
Internet Explorer as a non-optional component of their software products.
They even “convinced” many other software vendors to bundle Internet Explorer
as well.

Productivity tools, games, utilities,
and even device drivers began to require that Internet Explorer be installed
in order to operate. Sometimes they embedded the HTML renderer in to their
applications (never for any good reason), sometimes they used other IE
related libraries, sometimes they simply required DLL updates that could
have been obtained elsewhere, often they bundled IE-HyperHelp files instead
of WinHelp help files.

And Microsoft’s strategy to ram IE
down everybody’s throats pretty much covered all possible bases:

Home users: Windows 98

After the success of Windows 95,
home users were likely to run out and buy Windows 98 upgrades or new computers
with Windows 98. Windows 98 non-optionally included Internet Explorer 4
and the IE 4 desktop with all the horrors mentioned above. This meant that
every new computer shipped with Windows also had to have IE. Because a
browser was already installed, people were less likely to install another
one.

And for those that thought it should
be optional, Microsoft was dancing around proclaiming that IE was now an
“integrated” part of the operating system, and could never, ever, ever
be removed. At least until Shane Brooks came along with 98lite that could
pretty well exorcise IE from Windows 98.

Corporate users: Outlook 98

For corporate workstations, that
were less likely to upgrade to Windows 98, Microsoft released Outlook 98.
Many businesses and organizations were and still are hooked on Exchange
Server for their e-mail, and Outlook is pretty much the only application
that can access the full functionality from an Exchange Server. Outlook
97 was actually a very fine product and did not require any web browser.
To correct this oversight, Microsoft released a “Free” update to Outlook
98.

Outlook 98 used IE 4 to compose and
render HTML e-mail messages (rather than just translating to RTF) as well
as a summary page of messages, tasks, and calendar events called “Outlook
Today”. Everybody was perfectly happy to ignore the fact that this opened
up Outlook to all of the bugs and exploits present in IE 4.

Those in charge of corporate networks
typically have a kind of “allergy” to multiple installed applications that
do the same thing. They may have been using Netscape, but now their new
software requires IE to be installed as well. One of these browsers must
go… guess which one?

NT Option Pack

NT 4 servers were the least likely
to be upgraded because system administrators usually don’t care about bells
and whistles or new features as long as the existing system works. For
these folks, Microsoft created the aptly named “Option” pack that installed
IE4 as a mandatory part of an update to Internet Information Server. If
you wanted or needed the latest version of IIS, you had to install IE 4!

Apple Macintosh

And as if forcing IE on all Windows
users wasn’t bad enough, Microsoft forced Apple to bundle IE for Mac as
their default browser instead of Netscape. If Apple refused, Microsoft
would discontinue MS-Office for Mac. Steve Jobs was loudly BOOED
as he announced that IE would be the default browser.

Come on people! If a software product
gets you booed at in front of thousands of your users, shouldn’t that tell
you there is something horribly, horribly, wrong with that product?

Internet / Intranet web sites

And dare I mention web sites that
popped up all over the place that required IE, or gave other browsers an
inferior experience?

Initially Microsoft gave incentives
to many sites to use IE-only technology. Their web content generation tools,
such as FrontPage, Microsoft Word, and PowerPoint were all designed to
use IE-specific features. After IE became “standard” in businesses, intranet
developers became lazy and only developed for IE.

Thankfully most public internet sites
that were IE only have gone the way of the dodo bird, however there are
still too many crufty old corporate intranet ones out there.

Sadly, Microsoft continues to crank
out web based products that only work fully in IE.

OEMs (Original Equipment Manufacturers)

Just in case OEMs like Dell, or Compaq
got any wise ideas about shipping their computers with a browser users
actually wanted, Microsoft FORBADE them from removing/disabling IE or even
just removing the IE desktop icon. It was either keep the icon, or Microsoft
would stop selling Windows to them – and then see what happens.

Also, OEMs have a similar allergy
to shipping multiple applications that do the same thing, because they
must spend money providing “support” for both.

Networks

Why just go after the desktop when
you can go after the networking infrastructure?

At the time, a common way to protect
computers, filter, and optimize web traffic in a corporate network was
to place users on an isolated network with all web access going through
a “proxy” server. Microsoft produced their own product like this called
“Microsoft Proxy Server” (later renamed to ISA Server), and many businesses
were happy to use this.

Unlike a standard web proxy, Microsoft’s
web proxy defaulted to requiring a special secret “handshake” with the
client, called NTLM authentication. Only Microsoft Internet Explorer knew
how to perform this “handshake”. The alternative was to send a standard
unencrypted plain-text password over the network, which was a big no-go
in this setup as the password used was typically the same as the user’s
Windows network login.

Once a company or organization implemented
a Microsoft Proxy server, any non Internet Explorer browsers or Internet
tools on that network would instantly stop working.

It wasn’t until Mozilla Suite 1.4
(Netscape 7.1) that NTLM became natively available in any other browser.
(and even then, only on Windows initially) But by that time the damage
was long since done, and IE completely controlled corporate intranets.

The dust settles, the clouds clear.

All of this was more than enough
to successfully squash Netscape like a bug. By the time IE 5 rolled out,
Netscape was pretty much history in most people’s minds.

Funny thing, once Netscape was out
of the picture, MS pretty much let IE rot. IE 5.5, and 6.0 were minor updates.
IE 6 went so long without any updates it became a cesspool for spyware,
malware, and abusive advertisements. IE 5 for Mac was never significantly
updated and eventually discontinued.

As luck would have it, some determined
hackers kept working on the old Netscape code to create Mozilla and then
Firefox, ultimately restoring some level of competition. We came dangerously
close to being stuck with nothing but IE 6 for the rest of eternity!

In conclusion, people are finally
beginning to understand the hard way:

Web Browsers really make poor client
application runtimes for all but the most basic of things.

ActiveX is a security nightmare and
counter to making cross-platform applications.

The web is a constantly changing and
evolving standard separate from Microsoft or any specific operating system,
as such implementing an application for just one specific browser and version
with no intent to keep it updated is just asking for disaster.

Tying local help files or other local
content to a “live” web browser that may change in functionality is a bad
idea.

But, nobody ever listened to anything
I have to say.

Back to Internet Explorer is Evil