Alexander’s Blog

The following information is useful to understand some of the issues related to IE 8 User-Agent String.

Affected Platforms

Clients – Windows XP | Windows Vista | Windows 7

Servers – Windows Server 2003 | Windows Server 2008 | Windows Server 2008 R2

Feature Impact

Severity – Medium

Frequency – High

Description

The User Agent String is the Internet Explorer identifier that provides data about its version and other attributes to Web servers. Many Web applications rely on, and piggyback on, the IE User Agent String. Those that do so and depend on an earlier version number will be impacted. The User Agent string now includes the string ‘Trident/4.0′ in order to allow differentiation between the Internet Explorer 7 User Agent String and the Internet Explorer 8 User Agent string when running in Internet Explorer 7 Compatibility View. See Understanding User Agent Strings link below for details.

Manifestation of Impact

There are two impacted areas:

• Web pages that explicitly check the User Agent String and do not support the Internet Explorer 8 User Agent String may not run properly. In the majority of cases, this means the pages will be block users from the content they are attempting to access or display incorrect or malformed content.
• Applications that host Trident (see Hosting and Reuse) will default to Internet Explorer 7 using the Web Optional Component, but will not have access to Internet Explorer 8 features.

Solution

Ensure that your applications properly handle the new ‘MSIE 8.0′ version in the User Agent String. You may also opt in to the Internet Explorer 7 Compatibility View for those applications based on Internet Explorer 7. This can be done with meta tags. See the discussion in Understanding User Agent Strings for details.

Compatibility, Performance, Reliability, and Usability Testing

• Run your applications and Web pages in an Internet Explorer 8 environment on Windows Vista or Windows XP to ensure that they behave in the desired manner.
• Alternatively, you can run the Internet Explorer Compatibility Test Tool (IECTT) provided with the Application Compatibility Toolkit (ACT) to locate any potential issues due to security feature updates.

Links to Other Resources

• Understanding User Agent Strings: http://msdn.microsoft.com/en-us/library/ms537503(VS.85).aspx
• The Internet Explorer 8 User-Agent String: http://blogs.msdn.com/ie/archive/2008/02/21/the-internet-explorer-8-user-agent-string.aspx
• User-Agent String and Version Vector: http://code.msdn.microsoft.com/ie8whitepapers/Release/ProjectReleases.aspx?ReleaseId=531
• Hosting and Reuse: http://msdn.microsoft.com/en-us/library/aa752038(VS.85).aspx
• Application Compatibility Toolkit Download: http://www.microsoft.com/downloads/details.aspx?FamilyId=24DA89E9-B581-47B0-B45E-492DD6DA2971
• Known Internet Explorer Security Feature Issues: http://technet.microsoft.com/en-us/library/cc722079.aspx

How to View the User-Agent String

To view your browser’s user-agent string, type the following case-sensitive command into the address bar.

javascript:alert(navigator.userAgent)

Internet Explorer User-Agent Tokens

The following tokens are used by recent versions of Internet Explorer, which places three tokens in the user-agent string by default.

1. Version tokens
2. Platform tokens
3. Feature tokens

The following information pertains to the version and the platform tokens. In general, version tokens begin with MSIE and are followed by the version number of the browser. Many pre-release versions append the letter “b” to the version number. The following table lists the version tokens used in recent versions of Internet Explorer.

Platform tokens describe your operating system. The following table lists Internet Explorer platform tokens for the last several versions of Windows.

(Source: Microsoft TechNet)

I work with Remote Desktop a lot. When I am writing an article or a blog post, I often need to take screen shots. The shortcuts that I use on my desktop, such as ALT+PRINT SCREEN to capture the active window, do not work inside a Remote Desktop session. I have to use CTRL+ALT+Minus sign (-) key combination. Here are some common keyboard shortcuts that you can use while working in a Remote Desktop session.

1. CTRL+ALT+END (Opens the Logon screen dialog box)
2. ALT+PAGE UP (Switch between programs from left to right)
3. ALT+PAGE DOWN (Switch between programs from right to left)
4. ALT+INSERT (Cycle through the programs in most recently used order)
5. ALT+HOME (Display the Start menu)
6. CTRL+ALT+BREAK (Switch the client computer between a window and a full screen)
7. ALT+DELETE (Display the Windows menu)
8. CTRL+ALT+Minus sign (-) (Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.)
9. CTRL+ALT+Plus sign (+) (Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.)

Here’s something in the news lately that is rather interesting. According to this blog on ZDNet, Microsoft is turning over all Windows 7 and server source code to Russia’s new KGB.

“Microsoft has always carefully protected the source code to its operating systems. In fact, a key distinction between the various Windows variants and open source OSs like Linux and BSD is that Linux and BSD are open source.”

“That’s why a little piece of news covered by ZDNet UK’s Tom Espiner is so astonishing.

According to Espiner, Microsoft has turned over all its source code for Windows 7, along with its source for Microsoft Windows Server 2008 R2, Microsoft Office 2010 and Microsoft SQL Server to Russia’s Federal’naya sluzhba bezopasnosti Rossiyskoy Federatsii. The FSB is present-day Russia’s successor to the infamous Soviet-era KGB.”

“From a security perspective, this is an astonishing act. The agency that took over from the KGB and which has been just recently proven to be conducting long-term spying operations against the United States now has access to Windows source code — while at the same time, most American IT operations don’t.

Not only does this give the Russians the opportunity to find gaps in Windows security — it gives them the opportunity to do so while most American companies and organizations don’t have the same opportunity to find the same gaps and plug them.”

“If Microsoft’s going to give source code to Russia, it should release it to the public. Open source certainly hasn’t harmed Linux’ success and doing so would at least put American IT operators on a level playing field with the Russian secret service.”

I haven’t seen Microsoft’s response to this so far and will let Microsoft explain what exactly is and isn’t shared but I do know that Microsoft has a Product Source Program for the benefit of governments, enterprises, OEMs, developers, faculty & students, system integrators, and Microsoft MVPs like me.

The MVP Source Licensing Program (MVPSLP) is a no-cost program that licenses Microsoft Windows source code to qualified Microsoft MVPs. The program gives MVPs the opportunity to differentiate themselves professionally as Windows platform experts through access to Windows source code. Similarly, there are free programs for enterprises and governments. The Government Security Program (GSP) provides national governments with information to help them evaluate the security of Microsoft products.

I don’t think we should panic over this because Microsoft is run by Americans who love this country. It’s hard for me to believe that they would pass on any information to the Russians, or to any other government for that matter, that could impact our security. Not to mention the fact that all export of such information is subject to the U.S. export approval and over 90% of Shared Source offerings are available for download by anyone. According to Microsoft:

“The Product Source Programs, licenses selected Microsoft product source code to qualifying customers, partners, and governments. Access to source is granted only to those who are eligible and who qualifying under the terms of each program.”

Again, I haven’t seen Microsoft’s response to this but I seriously doubt that Microsoft will release every single bit of Windows code to anyone outside Microsoft…..and definitely not to the new Russian KGB (called FSB). If Microsoft does, they would join the Open Source community and as far as I know Microsoft has no intention of doing that.

Apple has been on the hot seat lately with the iPhone 4 fiasco. I have written about iPhone several times lately and explained how Apple has publicly admitted that their signal bars on all iPhones are fake. They insist that there is no flaw in the design, instead they claim that the problem is with the software because Apple is shocked to find out that their engineers used an inaccurate formula to calculate the signal strength.

“…we were stunned to find that the formula we use to calculate how many bars of signal strength to display is totally wrong. Our formula, in many instances, mistakenly displays 2 more bars than it should for a given signal strength.”

As I mentioned in my blog Apple Publicly Admits that iPhone Signal Bars are Fake, Apple claims that the problem is with the software but then also claims that a hardware can fix the problem. Well, not too many people, including the most ardent Apple supporters, are not buying Apple’s explanations. Of course, Steve Jobs comments (“just avoid holding it that way”) didn’t help much. There are talks about class action lawsuits, and iPhone 4 recalls. Instead of admitting their design flaws, Apple insists that iPhone 4′s “wireless performance is the best we’ve ever shipped”.

Major news publication, including New York Times and San Francisco Chronicles have been very critical of Apple and have expressed their opinion on how Apple can recover from the iPhone disaster.

Consumer Report Gives iPhone 4 a Thumbs-down

With images and videos on the Web of how you can put a tape to workaround iPhone’s reception problem, Apple’s shares are down and just when you thought things were going to calm down, the consumer report comes out saying iPhones are flawed and they can’t recommend iPhone 4.

“It’s official. Consumer Reports’ engineers have just completed testing the iPhone 4, and have confirmed that there is a problem with its reception………….Due to this problem, we can’t recommend the iPhone 4.”

“Our findings call into question the recent claim by Apple that the iPhone 4′s signal-strength issues were largely an optical illusion caused by faulty software that “mistakenly displays 2 more bars than it should for a given signal strength.”

Apple’s Katrina

If you recall, the hurricane Katrina disaster and the fallout from the way things were handled created such a huge outcry that Katrina has now become a part of American vocabulary. Whenever there is a case of incompetency and cover up, people associate it with Katrina. While some people may call this Apple’s Karina, the fact is that Apple is caught between a rock and a hard place. If it admits that they knew all along that the iPhone design was a flaw then they are admitting to lying and possible lawsuits. If they don’t admit, they are still in trouble with the public because not many people are buying what Apple is saying about the iPhone 4 problems and now the Consumer Report has confirmed in independent testing that Apple was not telling the truth.

I don’t know if the iPhone fiasco will end up being Apple’s Katrina or not but I do know that Apple’s image has been significantly tarnished because of the way they’ve handled the situation. In my opinion, Apple has not handled the iPhone disaster very well but I don’t think I am going to stop using my Mac because of this, or discount all the wonderful products that Apple has produced over the years. Everyone makes mistakes and Apple has made a big one.

My students are always asking me where to get the evaluation copies of various Microsoft products. I’ve put together a list of some of the latest software evaluation downloads. My goal is to try and keep this list updated but frankly it is going to be challenging because Microsoft is known for changing the URLs without any redirection. Here is a list of either free or trial editions of some of the popular Microsoft products. A typical Microsoft evaluation software includes a 180-day trial but some are limited to 60 or 90 days.

1. Exchange Server 2010 (120-Day Trial)
2. Forefront Threat Management Gateway (TMG) 2010 (180-day Trial)
3. Internet Security and Acceleration (ISA) Server 2006 (180-day Trial)
4. Office Communications Server 2007 R2 (180-Day Trial)
5. Office Professional Plus 2010 (60-day Trial)
6. Project Professional 2010 (60-day Trial)
7. SharePoint Foundation 2010 (Free)
8. SharePoint Server 2010 (180-day Trail)
9. Small Business Server 2008 (60-day Trial)
10. SQL Server 2008 Enterprise (180-day Trial)
11. SQL Server 2008 R2 (180-day Trial)
12. System Center Data Protection Manager 2010 (180-day Trial)
13. System Center Essentials 2010 (180-day Trial)
14. System Center Virtual Machine Manager 2008 R2 (180-day Trial)
15. Visio Premium 2010 (60-day Trial)
16. Windows 7 Enterprise (90-day Trial)
17. Windows Server 2008 R2 (180-day Trial)

WARNING! I should warn you that sometimes when you download a trial software you may think that you are opting out of receiving phone calls and e-mails from Microsoft but you are not. For more information read my blog post: When Microsoft Says No, It May Mean Yes.

Microsoft offers more free products to consumers than any software manufacturer I know. And I am not talking about free evaluation software, I am talking about free tools, utilities and various products and services. Besides software, Microsoft offers these free TechNet and MSDN labs. These are a series of guided, hands-on labs which can be completed in 90 minutes or less. SharePoint Foundation 2010, which I included in the above list for convenience, is a free product from Microsoft. In the past, it was known as Windows SharePoint Services (WSS).

Last Updated: May 27, 2011