Welcome back to Part 3 of the Big Brother Browser series of posts!

If you’ve missed any of the other posts, please click the links for Part 1 and Part 2.

To briefly summarize the previous posts, I’ve shown you how Microsoft has made Internet Explorer 8 look as if it’s a comparable browser to Firefox with its accelerators and privacy. Yet, upon closer examination, we’ve seen that using any of these self-proclaimed wonder tools will create a privacy nightmare for users and benefit Microsoft’s advertisers or their research endeavors.

And further research shows that the privacy and security they are touting, isn’t all that private at all!

There’s more of a rub to this too. I started reviewing the modules that load with IE 8 and found a disturbing note in the description of the new Internet Explorer 8.

You can see where I put the red circle around the word: Longhorn. In case you are not familiar with the code name Longhorn, please see Paul Thurrott’s Blog regarding this.

This reference to Longhorn however, made me a bit suspicious since I’m using Windows XP on my test computer. So, I went off to do further research.

First of all, let me say that quite some time ago I uninstalled SP3 for Windows XP due to the pathetic slow down of my computer and the ten-minute shut down. Under no circumstances will I, at this point, install SP3 again. And after finishing my research, I’m so glad I did!

For more information on the problems with SP3 in Windows XP and the Vista difficulties please read this ComputerWorld article: Microsoft warns of IE8 lock-in with XP SP3. (The sub-heading of the article states: Also notes other problems, including crashing Windows Live Mail.)

What does concern me the most about the Longhorn mention on IE8 is that they are eventually going to stick us with it under the guises of more security and more privacy – all the while making money off our browsing habits, and feeding us suggested sites from their advertisers.

Now, let’s discuss this privacy issue in more detail. I have the information I need to do further research and it’s going to take about a week before I fully understand how and what they’re doing.

But, at first glance, if you turn on the InPrivate browsing and try to view your Temporary Internet Files, you won’t be able to. I think this is how they manipulate the folder so that your cache is not stored there.

But even though I have my setting set to delete my browsing history upon exit, after I closed the browser and reopened it – which takes the InPrivate browsing off – my temporary Internet files were still there. (And please note that they are still there even after I close the browser when NOT using InPrivate browsing.)

So, there is apparently some sort of glitch in this that doesn’t allow even the normal features from IE 7 to work properly.

Now, Microsoft has been touting this big, huge secure browsing garbage with Internet Explorer 8. But after Christian Prickaerts statement in the news, Microsoft responds:

Microsoft’s main goal with InPrivate Browsing is to prevent other users of the same computer to gain access to the browsing history, the company said in an email response. The feature isn’t designed to protect a user’s privacy from security experts and forensic researchers, the company said.

(Source: http://www.fox-it.com/en/news-and-events/news/recent-news/news-article/pc-advisor-ie8-s-privacy-mode-leaks-your-private-data/47)

Okay, makes me want to run right out and get it right?

After all, isn’t that what you REALLY want your browser to do? Don’t you need protection from your meddling wife or husband who thinks porn is evil?  Hackers be damned! I’m more worried that my mommy doesn’t catch me gambling online! I can see it now!

Microsoft’s new commercial with Jerry Seinfeld……

Jerry: Are you constantly annoyed by your wife finding your online gambling account? (Forget the fact that PartyPoker is sitting on your desktop!) Are you worried that at 16 your folks won’t understand your need to surf “girlie” sites? Are you having an online affair and want to cover your tracks? Have no fear! Internet Explorer 8 to the rescue! In exchange for covering your a** with the spouse, family, or boss, you just have to give us your entire surfing behavior patterns. We’ll still continue to allow you to download every vulnerability, exploit, and malcode known to mankind as a bonus!

I could go on but you get the image!

The short version of the rhetoric of BS from Microsoft is that they are trying to sell us another bill of goods that can’t deliver anything more than sending user data back into their already well-lined pockets.

If you are interested in getting the data files I’m working with, (the first one will be the processes list), please sign up to the auto-responder I’ve set up for this purpose. As soon as they are available, I will send you the link or the file itself – if it’s not too big.

But, your best bet is to move to Ubuntu. That’s one of the projects I’m working on now! And yes, we will be teaching others how to do the same thing!

MORE RESOURCES:

For further information about Microsoft’s take on the IE 8 security, see:
http://blogs.msdn.com/ie/archive/2008/08/29/trustworthy-browsing-with-ie8-summary.aspx

For upgrade information regarding the Windows XP and Vista problems mentioned in the post, see:
http://blogs.msdn.com/ie/archive/2008/08/27/upgrading-to-internet-explorer-8-beta-2.aspx
http://blogs.msdn.com/ie/archive/2008/05/05/ie-and-xpsp3.aspx

And a special PS to Erkki (who is not upgrading): Thanks for the correction in the math!

Welcome back faithful readers!

Remember I said yesterday that part 1 was only the beginning of the Big Brother Browser? Well, let’s continue….

After the first two initial set-up screens, I received the next in the series of setup options. This one requesting that I choose my default options.

(Click to view larger image)

Simple enough right? Accept the Microsoft default (express) settings for accelerators or customize my own.

If you were to click through this screen without reading, you would ultimately end up with everything Microsoft!

Okay, in fairness, yes, it is their browser. Yes, they should be allowed to steer you to their own applications. And yes, they did remember that my default search provider was Google and they didn’t try to change that. One point for Microsoft.

However, does it say at all on that screen what the heck an accelerator is? NO.

Do you know what any of these things do? NO.

So, let’s delve a bit deeper, shall we?

(Click the image for larger view)

Upon closer examination, accelerators bear a striking resemblance to Firefox’s extensions. Little programs or widgets that make your browsing experience your own.

For those not familiar with Firefox extensions, these are third party additions you install to your browser that make Firefox your own. Around here, they call me the extension queen because I have so many. Some make my work as a webmaster for our clients easier, some help me with my security research, and yet others are just plain fun.

They are the ones I chose. They are trusted. I know these open source folks wouldn’t try to pull one over on me – so I believe until proven otherwise.

But why should I trust Microsoft’s accelerators? What reason has Microsoft given me to want to trust them?

Okay, so let’s just assume for another brief, fleeting moment that Microsoft might be willing to provide me with some great stuff and there is no ulterior motive. Once again, that fleeting moment is just that – fleeting. Within a nano-second, my cynicism returns!

Look closely at the settings image again.

(Click to view larger image)

Do you see the last line in the express settings that says: Turn on SmartScreen Filter (recommended)?

I read that and thought to myself, did they change the name of the ClearType function?

You may not even know you were using it, but it is a setting within IE 7 that cleans up the fonts and makes them more readable. But upon closer examination, ClearType is still there!

So what the heck is a smart screen filter then? If it’s not clearing up my screen? (Note the misleading verbiage here with the name SmartScreen Filter!)

(Click to view larger image)

So Microsoft, isn’t this really an anti-phishing filter????

Oh, I’m sorry! I’m wrong! An anti-phishing filter just tells you a website is bad, your SmartScreen Filter is going to gather data on all my visits to phishing sites! I see!

Microsoft, isn’t the name of this RECOMMENDED tool a bit misleading though?

Oh, I see! None of us would actually use it if we knew what it really was! I get it!

Folks, look carefully at the image above that explains what this is REALLY doing! Do you see the circled portion where it says, “the IP” address? It should in fact say, YOUR IP address!

So, by now you should have a pretty clear picture of the Big Brother Browser by Microsoft. And you may say to yourself, “Ok, so what’s wrong with the data gathering? Seems harmless enough.” Right? WRONG!

Read their Privacy Policy in full and if you don’t have the time, look at this portion:

(Click the image for larger view)

Let me spell it out for you just in case you can’t read it (my emphasis added):

Microsoft may access and/or disclose information if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with the legal process served on Microsoft; ….

Who’s the law? BIG BROTHER! You cannot give, even under the legal process, what you don’t have!

Am I saying that Microsoft is in with the government for some kind of conspiracy? No! What I’m telling you is wake up and look at what is happening here! Little by little you are surrendering your rights to privacy all in the name of having a great browsing experience!

This is NOT what net neutrality is about! This is NOT what the FREE INTERNET was designed for!

Now, perhaps Microsoft has not done this with the sole purpose of spying on you for the sake of giving your information to the government. Maybe there’s another motive? Ya think?

I had one of those gut feelings that they were up to something when I wrote the first post yesterday. I just didn’t know how or what they were up to. But this morning the light bulb went off for me!

Microsoft has agreed to purchase Greenfield Research, the parent company of Ciao – a shopping comparison site.

While the NetworkWorld article is relating this to Microsoft’s need to add this (Ciao) to their Live Search (which would never even begin to compare with Google anyway), Microsoft is expected to sell off Greenfield to an unnamed buyer immediately after purchase.

Market Watch reports the same but specifies that:

Microsoft said it will sell off Greenfield’s main business — Internet survey solutions — to an unnamed financial buyer. The unit sells consumer opinions in the form of surveys to marketing research companies. (Source: MarketWatch)

Are you connecting the dots yet? Maybe they will sell off Greenfield, maybe they won’t but isn’t there a HUGE amount of money to be made in having millions of statistical data about the way users surf the Internet for advertisers?

Wikipedia references research done showing that in the second quarter of 2008, Microsoft still held 78.3% of the browser market share.

Now, take that 78.3% of the market share and look at the big picture of Internet users:
http://www.internetworldstats.com/stats.htm

If you don’t want to click the link, let me summarize for you.

1,463,632,361 total Internet users across the globe estimated at the end of the second quarter of 2008. That’s 1 BILLION, 463 MILLION, 632 THOUSAND, 361 Users! Now, if my basic math serves me correctly, approximately 78% of that figure would be: 114,163,324 users of Internet Explorer. (+ or – a few)

And even if I’m wrong on my math, you’re still talking about a h*** of a lot of user statistics! What’s that value on the open market? To be able to sell the browsing habits of THAT MANY users to advertisers? What’s it worth Microsoft? Inquiring minds want to know!

I don’t know about any of you folks, but I usually get paid for my opinions by doing online surveys where I earn sweepstakes entries and Amazon gift certificates to supplement my fun money. Sorry Microsoft, but I’m NOT going to give it away for NOTHNG! Not even to you!

And, while doing the research for this post, the following was just issued by ITWorld not less than 3 hours ago (depending upon where you are in the world) - with my emphasis added:

August 29, 2008, 09:29 AM — WebWereld Netherlands —
A privacy feature built into the second beta version of Microsoft’s Internet Explorer 8 browser aren’t as private as advertised.

The InPrivate Browsing feature in Microsoft’s latest browser is designed to delete a user’s browsing history and other personal data that is gathered and stored during regular browsing sessions. The feature is commonly referred to as ‘porn mode’ for its ability to hide which websites have been visited from nosy spouses or employers.

Forensic experts however found it trivial to retrieve the history, according to a test by Webwereld, an IDG affiliate in the Netherlands, and Fox IT, a Dutch firm specializing in IT security and forensic research.

“The privacy option in this beta is mainly cosmetic. For a forensic investigator, retrieving the browsing history should be regarded as peanuts,” said Christian Prickaerts, forensic IT expert with Fox IT.

To prevent login details, online orders and other sensitive information from leaking out, the privacy feature prevents Internet Explorer 8 beta 2 from storing any cookies. The browser furthermore refrains from storing the browsing history in the Windows registry.

But researchers were able to retrieve data displaying general information about the browser’s behavior. Although URLs (Uniform Resource Locators) aren’t stored, Prickaerts was still able to restore the browsing history. “The remaining records in the history file still enable me to deduce which websites have been visited,” said Prickaerts.

Even more data is stored in the browser’s cache, a feature designed to speed up performance of websites by storing a copy of recently accessed information on a user’s hard disk. InPrivate Browsing failed to disable this feature. Users seeking a higher level of privacy could manually delete the cache, but it can later easily be retrieved through commonly available forensic tools.
(Source: http://www.itworld.com/internet/54575/privacy-feature-internet-explorer-8-leaks-private-data)

And believe me, I’ve got more on THIS additional subject too! So look for Part 3 here tomorrow!

Yesterdays Microsoft Partner e-mail grabbed my attention as soon as it appeared in my inbox. There it was. A gleam of hope sparkled in my eyes and soul.

Had Microsoft finally, “GOT IT?”

The description looked tantalizing. Anonymous browsing – not even Firefox could do that without the aid of a plug-in or extension! Accelerators teasingly resembled those Firefox additions that enhance the users browsing experience. Dare I hope? Was this finally a serious Microsoft contender to Firefox? I had to have it!

Rest easy Open Source junkies. The new Microsoft Internet Explorer 8 Beta 2 is a wolf dressed in sheep’s clothing! And over the next several posts I’ll show you why!

The 15.9 MB file downloaded quickly but my hopes were soon dashed as the installation started. It was still the same old Microsoft! Still up to its old tricks trying to slip in it’s usual control by wanting me to combine all my updates along with their USELESS Malicious Software Removal Tool, thus rendering me under their total control. (Click the picture below to see a full view.)

Had I not stopped and read each screen carefully, I would have been surrendering my control of choosing which downloads to install.

They know we do that, you know. That’s why they keep trying to sneak in their software to allow their total control over your updates and downloads. They don’t want us to know what they are REALLY installing.

It didn’t take long for my hopes to continue their downward spiral into the Microsoft abyss of empty words, empty promises, and propaganda.

One of the next screens asked me if I’d like to turn on Suggested Sites. The screen states,

Do you want to discover websites you might like based on websites that you’ve visited?

(Click the picture above to see a full view.)

Hmmmm. How do you suppose they would know what websites I visited?

Oh yes! You guessed it! They will be so kind in helping suggest sites that they will keep a history of my web visits for me! Isn’t that nice of them?

First, I want you to notice that during this setup process all you see is their BS marketing descriptions of what these items are. You have no clue how this is going to affect your privacy and security. You would have to click their Privacy Statement link to view that.

So, let’s see what they say about that! The emphasis and footnote references have been added by me to help you follow along with the rest of my comments after reading this.

Suggested Sites is an online experience designed to show you which websites you visit most¹, and to provide you with suggestions of other websites you might be interested in visiting. When you turn on Suggested Sites, your web browsing history is sent to Microsoft, where it is saved ² and compared to a frequently updated list of websites that are similar to ones you visit often. You can choose to pause or stop this feature from sending your web browsing history to Microsoft at any time. You can also delete individual entries from your history at any time. Deleted entries will not be used to provide you suggestions for other websites, although they will be retained by Microsoft³ for a period of time to help improve our products and services, including this feature. Any websites you visit while InPrivate Browsing is active will not be sent to Microsoft.

When Suggested Sites is turned on, the addresses of websites you visit are sent to Microsoft, together with some standard information from your computer such as IP address, browser type, regional and language settings. To help protect your privacy, the information is encrypted⁴ when sent to Microsoft. Information associated with the web address, such as search terms or data you entered in forms might be included. For example, if you visited the Microsoft.com search website at http://search.microsoft.com and entered “Seattle” as the search term, the full address http://search.microsoft.com/results.aspx?q=Seattle&qsc0=0&FORM=QBMH1&mkt=en-US will be sent. Address strings might unintentionally contain personal information⁵, but this information is not used to identify, contact or target advertising to you.

Statistics about your usage of Suggested Sites will also be sent to Microsoft such as the time that websites were visited, which website referred you, and how you got there (e.g., by clicking a link or one of your Favorites)⁶. This information, along with the website addresses and past history, will be used to personalize your experience, as well as improve the quality of our products and services. Microsoft will not use any information collected to identify, contact or target advertising to you.

Footnote 1: Thanks Microsoft! I’m really a moron and I can’t seem to remember that myself! What kind of lame a** excuse is that for justifying your reasons for gathering information?

Footnote 2: Well the fact that Microsoft saves my information is a great disclosure. Thanks Microsoft for covering you assets there! But you know what? I’ve read the online privacy page and here’s my issue with you saving my information….

Information that is collected by or sent to Microsoft may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or agents maintain facilities. Microsoft may disclose this information if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Microsoft or the site; (b) protect and defend the rights or property of Microsoft and its family of Web sites, or (c) act in urgent circumstances to protect the personal safety of Microsoft employees, users of Microsoft software or services, or members of the public. Microsoft occasionally hires other companies to provide limited services on its behalf, such as providing customer support, processing transactions, or performing statistical analysis of reports. Microsoft will provide those companies only the information they need to deliver the service. They are required to maintain the confidentiality of this information and are prohibited from using it for any other purpose.

For those of you who have been numb and dumb as companies continue to take away your personal rights and privacy, the United States Privacy Laws DO NOT APPLY outside this country! Once Microsoft transfers your data outside the US or to one of their “third party” companies, you’re no longer secure and your PERSONAL DATA is no longer protected!

And what is Microsoft going to do if the company does use the data? How are they even going to know? How are you going to know that the company got your name from Microsoft?

Footnote 3: Isn’t that wonderful that Microsoft tells us that we can pause, stop, or delete our browsing history participation but they are still going to store it for us. Maybe we might want it back some day? Ya think?

Oh, I’m bad! They say they are going to use it to enhance my browsing experience! Funny but Firefox enhances my browsing experience every day and I NEVER have to give away any information to them nor their third party add-ons! Imagine that!

Give me a break Microsoft! I see where you’re going with this and I’m going to share it with the world and anyone who will listen!

Footnote 4: How generous of you to send my information encrypted! Is that because YOU don’t want me seeing what you’re sending yourself? Like I trust you? Like you’ve given me reason to trust you? NOT!

Oh yes, you’re going to protect my privacy from anyone else (aside from you) who might want to CAPITALIZE on the spying data you’re gathering in. I get it!

But let’s assume for a brief, fleeting second, that Microsoft really does care. They really are concerned about your privacy. Well, that might be believable for that fleeting second until you read Footnote 5!

Footnote 5: How can you tell me in this age of precision programming that some identifying information MIGHT be sent?

I know programming Balmer! Either you are or you aren’t. Personally identifying information doesn’t accidentally get trapped inside a string of specific data. If it is, then your programmers need how to write better code!

This is a blatant cover you’re a** statement because you know da** well you’re gathering it!

Footnote 6: Is there anyone else out there besides me that remembers the huge fight against adware and scumware? The fight against the advertising and tracking cookies?

The fight was about how unscrupulous companies were using specially formed cookies or small programming code to track where you went. What page referred you to where you got next and what you did so that they targeted advertising based on where you visited. Do you remember that?

The only difference between then and now is that Microsoft is openly telling you they are scumware and banking on YOU NOT READING the privacy statement!

If I had a dime, a lousy dime for every single person I know who clicks through these installation screens without reading and investigating what Microsoft is peddling, I’d be a very RICH person!

And wait my friends, there’s more to this whole story and tomorrow, I’m going to show you even a bigger picture everyone is missing! This does get worse!

Tune in for part 2 tomorrow…….