Microsoft unleashes Strider HoneyMonkey on Web malcontents

I poked a few fun fingers at Vista. Sure, I did. After all, I’m a pundit, and making obvious jokes at the expense of large corporate marketing departments is my job. But apparently, Microsoft is inured to name-blame jabs because just a few weeks after announcing that its new OS would be named after a line from White Men Can’t Jump, the company actually used e-mail to ensure my full awareness of the name for its new anti-malware research project: The Strider HoneyMonkey  project.

Free IT resource Open Source Business Conference (OSBC) May 22-23, 2007 Sponsored by OSBC Free IT resource Virtualization Insights from Top Experts - Learn how virtualization gets real! Sponsored by Dell

Now there are several possible explanations for this name. One: copious amounts of tequila and foreign tobacco-style substances. Two: a random-name generator built using Windows coding practices. Three: Redmond simply got tired of the name jabs and decided to send a message that it doesn’t care anymore. Or four: You can simply read Microsoft’s technical report on the project, available here as a PDF, and find out that the name does make sense as long as you’re thinking strictly along component lines.

But while the name is amusing with enough beer, the project is fairly ambitious. The idea is to put together an Automated Web Patrol, which will make use of multiple Windows XP machines with varying degrees of patchability, to build an organized and streamlined process for locating zero-day Web vulnerabilities and exploits. This team of hapless Internet kamikazes simply trolls the fringes of the Web looking for exploit sites face-first.

Each member is built as a virtual machine, presumably for quick recovery after being compromised. They run a series of monkey programs to hunt for exploits and record all activity they encounter on the malware frontier. Microsoft then uses this data to direct teenage ninja assassins-in-training at the evildoers rather than, say, making changes to its code base.

But Microsoft isn’t stopping there in its attack on Web malcontents.

Ask a Microsoftee to spout on this topic today and you’ll get a quick lecture on the benefits of Internet Explorer 7. Microsoft has actually put a little thought into browser security for this version, and the results are attractive. Mostly.

For one, IE7 now appends the original domain name to any Web script and also curtails the script’s ability so it can touch only its own domain. This should stomp hard on jokers trying to run nasty cross-domain scripts commonly used in phishing attacks.

You’ve also got the Microsoft Phishing Filter, which is similar in construction to its Outlook-based spam filter. Opt in, and every time your system encounters a new phishing site that Redmond hasn’t yet marked for death, it’s added to a database that Microsoft will regularly release as an IE upgrade. If you do encounter a site in the phishingbase, IE will warn you of its sinister tendencies before you get a chance to bite the hook.

On a geekier level, IE7 now processes Web addresses using a single data handler, which will make it much more difficult for malformed HTML links to con the browser into running baddie scripts or other malware.

Add to that a slightly prettier new look and some enhancements that people have come to like about Firefox (such as tabbed browsing and advanced RSS support including Atom), and you’ve got a decent new browser. But one that really does little to get ahead of Firefox in any clear manner. Plus, you’ve got the usual Microsoft standards issues.

The big one is that so far, Microsoft has no intention of having IE7 support CSS2 (Cascading Style Sheets Level 2). Most of us weren’t expecting this, but now that Firefox is dancing around supporting everything IE supports as well as CSS2 and the up-and-coming CSS3, the Web development community is miffed that Microsoft still won’t support the standard. Rumor has it that MS believes CSS3 to be a “problem standard” and thus won’t support even CSS2. Understanding that, however, is even more problematic than understanding the Strider HoneyMonkey naming scheme after someone’s just clocked you with a beer stein.

Then again, look at it from Microsoft’s point of view: New browser version or not, Redmond’s been caught flatfooted in the Web-browsing innovation category. The company doesn't have anything new up its sleeve, so all it can really do is play catch up. And building a total clone of Firefox doesn’t get Microsoft very much. But building a 90 percent clone that still forces Redmond's existing base of Web developers to choose between Microsoft standards and WC3 (World Wide Web Consortium) standards means the company will likely hang on to most of that base until the company has had enough time to come up with something sexy and perforated to keep the masses happy.

It’s a little evil, but it makes a certain kind of sense. Just hope that whatever Microsoft is cooking up is sexy enough to balm the wound.