IE6 Is Dead

Via the Exploring IE (listen to this in the background to set the mood):

Time to pop open the champagne because, based on the latest data from Net Applications, IE6 usage in the US has now officially dropped below 1%!

I’ve officially updated my last IE6 install to IE7. This is great news for the Internet. Everyone on the web benefits by this old browser going away. Developers can iterate faster and do more.

IE7… I’m looking at you now.

Protecting Photo Privacy Via Browsers

Browsers can do more to protect users from inadvertently violating their own privacy. The NY Times today had an article about a topic that has been discussed in various circles several times now. The existence of geotagging data in photos. Many cameras, in particular smart phones like the iPhone can tag photos with GPS data. This is pretty handy for various purposes including organizing photos at a later date, iPhoto for example does a pretty nice job of it. Most photo applications however don’t make this information very visible, as a result many users don’t even know it exists, others simply forget.

What the problem looks like

The data, embedded in a photo looks something like this:

GPSLatitude                    : 57.64911
GPSLongitude                   : 10.40744
GPSPosition                    : 57.64911 10.40744

Which I could map.

Proposal

I propose that browsers need to have a content policy for when users upload images that can better protect them from uploading information they may not even realize. Here’s what I’m imagining:

The first time a user attempts to upload a photo that has EXIF or XMP data containing location they are prompted if they want it stripped from the image they are uploading. The original file remains unharmed, just the uploaded version won’t have the data. They can also choose to have the browser remember their preference to prevent being prompted in the future. They can revise their choice in the preferences window later if they want. This isn’t to different from how popups are handled. I thnk that per-site policy might be too confusing and not warranted, but perhaps I’m wrong.

Warning users about hidden information they may be revealing is a worthwhile effort. It’s only a matter of time before someone uses a “contest” or some other form of social engineering to solicit pictures that may reveal location data for users. Evildoers always find creative ways to exploit people.

Caveat

There are a notable caveat to this approach. The most notable is that flash uploaders would bypass this security measure though individual uploaders could do it themselves, or Adobe could do it, but I don’t think that’s enough of a turnoff to this approach. The same caveat applied to “private browsing” in browsers.

Prior Work

As far as I know no browser actually implements a security feature like this yet. There are a few Firefox Add-ons like Exif Viewer and FxIF (both written in pure JavaScript) that look at EXIF data but nothing that intercepts uploads.

Who Can Do It First?

I’m curious who can do it first. By add-on (seems like it should be possible at least in Firefox), and dare I say include in a browser itself? If this were earlier in the year I would have added this to the Summer of Code ideas list. Instead I’m just throwing it into the wind until 2011 rolls around.

Is IE8 Trident’s Last Stand?

Randall C. Kennedy at InfoWorld wrote:

IE8 is the last version of the Internet Explorer Web browser. At least, that’s what I’m hearing through the grapevine. It seems that Microsoft is preparing to throw in the towel on its Internet Explorer engine once and for all.

There were rumors earlier this year that the IE team was looking at WebKit a few months ago. I said then and I still think that’s a real perilous approach considering the legacy they need to somehow support. The other approach is to start over, something that’s possibly on the works.

Any truth to these claims? I don’t know. Though I’d be curious to see how Microsoft handles it’s customers who expect old applications to keep working and others who want Microsoft to catch up with progress. I doubt they can go either way 100%. Which way will they lean? I think that’s anyone’s guess.

Google Gears For Safari And Other Browser Addons

Google today released a beta of Google Gears for Safari. Still no iPhone support, but that’s not likely due to Apple’s rather restrictive licensing rather than technical reasons. It’s good to see them keeping true to their original efforts to support all platforms equally. That’s been a gripe of mine recently.

With Google creating Gears for all browsers, Apple creating QuickTime on all browsers, Mozilla creating <canvas /> support for IE, Microsoft creating Silverlight and Windows Media Player for all browsers (though Mac users are through Flip4Mac) it creates an interesting web of technologies. Everyone is starting to fill holes on other platforms. The downside to this is that users need to download multiple components for a good web experience. That is still a major concern for the future of the web. It’s not all about licensing.