Microsoft Should Not Be In The Browser Business

I presume by now that you have seen the news about the latest (as of this writing) serious security hole in Microsoft Internet Explorer (aka IE). Arguably the greatest security flaw in IE to date, it allows a hacker to take control of your machine and feed it new malware and spy bots to steal passwords, financial data and more. And it took weeks for Microsoft to produce a patch, exposing umpteen millions of users.

This issue makes me ask yet again: "Why is Microsoft even in the browser business?" As a web developer, I find it maddening.

It is a well known fact, and relatively undisputed, that IE is the red-headed step-child of the browser family. Nothing causes more headaches for a developer than making their sites compatible with IE. And not just IE -- but which version? Any time we receive a weird support call about malfunctioning behavior, 9 times out if 10 it's related to IE. And we spend more time regression testing and applying hacks and fixes for IE than all other browsers combined. It's always IE that doesn't support certain web standards that everyone else does.

The four main (most popular) browsers account for about 95% of most web traffic. They include Firefox, Chrome (Google), Safari (Apple) and IE.

Chrome and Safari are based upon the open source "WebKit" rendering engine (technically Chrome switched recently to a fork of the WebKit engine, but for the sake of this opinion piece that is irrelevant), and Firefox is based on Mozilla's open source Gecko engine. As noted, both WebKit and Gecko are open source - developers are able to see what each other are doing, and share techniques, behavior and functionality. Chrome and Safari are both based on Apple's WebKit engine (which Apple developed and then gave to the open source community) so sites that work well in one generally automatically work in the other as well.

IE, on the other hand, is closed source and the exclusive domain of Microsoft. They're off on their own, developing their own proprietary engine in secrecy. And it shows. Sites that render properly in every other browser will exhibit issues in IE. And every version of IE renders differently, with variable results.

In fact, after slowly improving compatibility with web industry standards with each subsequent release from IE 8 to 9 to 10, Microsoft dealt a backwards blow with IE 11 that introduced a whole series of new compatibility issues and rendering bugs. In fact, many of Microsoft's own web-based products wouldn't work with IE11 upon release, which raised serious questions about Microsoft's own internal QA processes, and angered many customers. We found critical interoperability flaws with sites running on Microsoft's own IIS web servers!

The other maddening issue is updates. Chrome and Firefox have their own update cycles and refresh themselves automatically and frequently. Microsoft has frequently gone several years between browser updates (versus months on average for the others), leaving it lagging in web standards support and vulnerable to security flaws. This is all further exacerbated by the fact that updates occur through the Windows automatic updates services, which huge numbers of users turn off! Thus millions of computers have old, outdated versions of IE kicking around for years on end.

My real question is: why?

This situation is entirely unnecessary. I understand that back in the early days (think back to Windows 95) Microsoft believed in a philosophy of "embrace and extend" in which they would enhance their browser with Microsoft-specific features to try to differentiate themselves and make their browser better or at least more unique. But the reality is that Microsoft has lost the browser wars. Just as no one company owns the Internet, neither does Microsoft control the web browser. And there's absolutely no reason to.

I'm not a Microsoft hater here by any means - I spent the first 20 years of my career as a Windows developer. Look, they can still provide their own branded browser (like Google does with Chrome - it uses the standard WebKit engine to render pages, but they wrap it in their own Google/Chrome branded UI with Google's own flair.)

In my opinion, Microsoft should use an open source, standard rendering engine such as WebKit or Gecko and wrap it in a Microsoft branded UI and call it IE. They can make it use Bing by default for search or whatever else they prefer (and are legally allowed) to do. But the boring task of rendering pages does NOT need it be performed by proprietary Microsoft code.

In additional to using an open-source rendering engine (WebKit, Gecko, etc.) Microsoft should make the browser update itself independently of OS updates (ie Windows updates) and refresh more frequently. This would increase compatibility, increase security, make end users happier with their web surfing experiences, and save developers many grey hairs, while still allowing Microsoft to brand and customize the experience for its users. Microsoft can still produce it's own browser if they want, they just don't need to reinvent the wheel and code their own rendering engine.

Regardless of whether you agree with my opinion or not, please do make sure you upgrade your IE browser before your computer and/or financial data become compromised. Or better yet - switch to Safari, Firefox or Chrome, and watch your web surfing experience improve dramatically as well!