IE7 and Intranets

November 16th, 2006

Question: I have installed IE7 what happened to my Intranet?

Internet Explorer 7 is a whole new ball of wax in many ways.  Some things which we took for granted before are now complex.  One of these, that I suspect is going to particularly irritate corporate users, is the change in how the browser looks at intranets. 

What is an intranet?  Well an intranet can be a lot of things, but put simply it means HTML documents that are stored on a computer that you are networked to.   This is very useful where staff members need to be able to share information and over the years a great many intranets were set up this way.   All you had to do was share a folder on your system and specify who had access to it, create a few HTML documents containing the information you wished to share (such as an internal phone number list or help files for software) and bingo you had an intranet.  This is useful in the corporate environment, the SOHO (small office/home office) environment and even in the home (for example a photo album made into a small web of linked HTML pages).

Whilst being able to access a web page in this way was very useful, it did have potential dangers in that any web document download from the internet and saved onto a shared resource was potentially virus laden and made the browser vulnerable to spoofing of the intranet zone by malicious applications.  So that’s all been changed with IE7 and the first you’ll notice of that is if you try to access your intranet you may get a warning

‘Intranet settings are now turned off by default. Intranet settings are less secure than Internet settings. Click for options …’ 

If you’re on an intranet that is part of a domain Internet Explorer 7 should detect this automatically and adjust settings accordingly. If however you’re on a simpler kind of network where resources are shared via UNC paths it won’t be detected until you try to access it, when you’ll get the warning below. 

Intranet settings are now turned off by default. Intranet settings are less secure than Internet settings. Click for options …
(click to enlarge image)

Clicking for more options doesn’t give you much clarity as to what it all means: 

Enable Intranet settings

Don’t Show Me this Again – Setting it not to remind you again is probably the simplest and easiest option – after all we’re clicking not to be reminded about stuff all day long! – especially if you’re not sure what type of intranet you have (or indeed if you have one at all!).  If you find something doesn’t work later on, you can always follow the settings below to enable intranet settings. 

What this will means is that web pages in your local intranet are regarded as if they are on the internet - with the higher level of security (and correspondingly lower level of privileges, access to your file system etc ).

Local Intranet in the Internet Zone on IE7

Enable Intranet Settings – So if I have an intranet should I enable Intranet Settings?

Intranet settings use a less secure level than the Internet.

What you do next depends, I would say, on what sort of information your intranet holds and how it works. If you use complex forms to fill in information or use plug-ins, ActiveX controls or anything that accesses the file system you’ll probably want to bring that into the Intranet Zone (because if the browser looks at it as the Internet Zone things might not work as you want them to, due to the higher level of security).  In that case you would click on the ‘Enable Intranet Settings’ button. 

You’ll also be able to get back to this setting if you choose the other option by going to ‘Tools’ > ‘Internet Options’ > ‘Security’ and choosing the ‘Intranet Zone’ there. 

Internet Options, Local Intranet zone
(click to enlarge image)

From there click the ‘Sites’ button and uncheck the ‘Automatically detect intranet network’ checkbox.

Automatically detect intranet network
(click to enlarge)

What this will means is that IE7 will take your local intranet pages and place them in the local intranet zone with a lower level of security (and a correspondingly higher level of access of what those pages can do).

Your pages are in the Local Intranet zone

It’s a lot to take in.  I feel I must draw a simple conclusion (after all you’ve read through a lot here!) the bottom line is that unless your intranet contains complex scripting, ActiveX controls etc, leave it in the Internet Zone. 

Note about Sites bypassed in Proxy Server settings
The new intranet detection system is also by default set to consider sites  that are excluded from your proxy server as being Intranets. (You’ll find these listed as ‘Exceptions’ under ‘Tools’ > ‘Internet Options’ > ‘Connections’ > ‘LAN Settings’ > ‘Advanced’.)  It’s important to realize however, that a website that is known and administered by you is still potentially dangerous to you it, for example if that site was hacked.  Seems a strange assumption to make that sites you bypass from a proxy would be automatically considered safe, but perhaps it’s a necessary assumption for corporate users on domains.  For intranet users who are not on domains it’s probably better to keep those in the Internet Zone.

Automatically detect intranet - include all sites that bypass the proxy server

Symantec Norton AntiVirus 2007

My IE7 ‘Bugged’ Day – Run once, Outlook conflict, Hide Search Box

November 16th, 2006

Everything I’ve tried to do today has been hampered by Internet Explorer 7 bugs. OK some of them are features rather than bugs, but even so if it messes up your normal workflow it’s still a bug in your day!  And [please excuse my exasperation] it’s been a bugger of a day!

IE7 & Outlook 2002 conflict
First up to bat in the give Kathie a tough day playoffs was the conflict between IE7 and Outlook 2002. 

IE7 Outlook 2002 links conflict - email link IE7 Outlook 2002 links conflict - save dialog  
(click to enlarge)

This little bug means that any links you click on in emails open a save dialog rather than opening the browser and displaying the page.  A lot of people are having this problem and there seems to be a fair bit of snake oil going round about how to fix it (uninstall the browser, stand on one leg, turn to the east, reinstall the browser kinda thing). I guess I’ve known about this issue for a while and really I should have dealt with it sooner, but it didn’t really get to be a problem for me until Windows Update installed IE7 on the PC I run Outlook 2002 on. (It works fine with Office 2007.)   It also affects links that you click in Desktop Sidebar too. The fix for both was quite simple and you’ll find Adrian’s written it up over on The PC Doctor's Guide.  Be forewarned fixing it will delete your history, add-ons etc, so if your only link to your long lost auntie’s website is in your history better write it down now.


Run once
Runonce error on reset IE7  (click to enlarge)The fix for that reset all my settings, which in itself takes time to fix, as well as disabling all my add-ons such as toolbars etc.  It also unfortunately reset the “runonce” page that offers you the option to customize the the browser when you first install it.  Only this time, it wouldn’t go away and I was stuck with a blue screen – not a Bue Screen Of Death fortunately, but a Blue Screen Of Mild Annoyance nonetheless!

Fixing that one took some time to track down.  Again the solution is over on The PC Doctor's Guide.

Intranet Zone
The Intranet issue is a little more complicated and it definitely isn’t a bug, except to my workflow. I’ve been trying to write an article today about the changes to the intranet zones in IE7 but without much success … in fact I’m now confused about something I understood well enough to start writing an article about this morning.  I’ll stick with it but suffice to say it’s not as clear as it would appear first hand … or maybe it is, I don’t know.  (Right now I’m seeing that if I set the opening a UNC network place it takes a looooooong time to open if I have IE7 set not to automatically detect intranet network.  I’m not 100% sure what I’m seeing yet so I’ll keep investigating that for now.)

Hide IE7 Search Box
The next IE issue came up with regard to the search box, not a bug just a new feature, that not everyone will want.  It’s a handy box that you can use to search … if you want to.  If you don’t want the ability to search to be right in front of you, it’s an annoyance that you can’t get move it or hide it to reclaim that valuable screen real estate.  Many parents are concerned that this box puts the full scope of the internet in plain view of their children. (Google??? What’s that dear?) If, like me, you prefer to keep your young one’s surfing as a more limited experience, you’ll be glad to know that you can get rid of the box.  And it’s fairly easy to do too… 

  • Click on the Start menu and choose Run. (If you’ve disabled this from your kid’s PC too, hold down the window key and hit ‘R’) 
  • Now type in ‘gpedit.msc’.  This opens the Group Policy editor. 

Remove search box in IE7- group policy 
(click to enlarge)

  • Under ‘User Configuration’ click the ‘+’ next to ‘Administrative Templates’. Drill down further by opening ‘Windows Components’  and ‘Internet Explorer’ in the same way. 
  • Once you’re there, look in the right hand pane for an entry ‘Prevent the Internet Explorer search box from displaying’
  • Double click on that to open it up.  In there click the ‘enable’ button. 

Remove search box in IE7 - Enable 
(click to enlarge)

  • Click OK and the search box should be gone.  You may need to close IE7 and reopen it before you see the change.  (And to get the search box back you would go through the same process above, but this time click Disable.)

  Remove search box in IE7 - IE7 without search box

OK, now someone remind me, what was I trying to do before I got caught up on IE7 today???

| | |

United States - Norton AntiVirus 2007 and Norton I

Virus Warning on Office 2007 Documents

November 13th, 2006

If you're running Microsoft Office 2007 beta and Norton Antivirus 2007 you'll find that you get some scary warnings whenever you open an Excel document (and some other Office documents).
"The file cannot be opened because your virus scanner has detected a problem with the file."


The reason is that Norton Antivirus doesn't yet work with new Office. The fix for this is to turn off Norton's Office document scanner.


Open Norton Protection Center by double clicking on its icon near the bottom right of the screen - you'll find this in or near the system tray. Click on the Norton Antivirus tab at the top. (If you're running Norton Internet Security click on that tab instead.)


Under Settings, click on Auto Protect. (You may need to first click Open to open out this section.) Under Auto-Protect click the Configure button.


Click on the Miscellaneous link (bottom left) and uncheck the "Turn on scanning for Microsoft Office documents" box.


Now when you open Office documents it won't give the virus warnings. Hopefully Symantec will fix this one soon so that it can be switched back on.

Bitdefender 10 Review

November 12th, 2006

More Bitdefender problems - Mar 2010

Read the rest of this entry »

IE 7 tips – Drag off Shortcuts & Opening Tabs at Startup

November 10th, 2006

This is one change in Internet Explorer 7 that keeps catching me out!  I prefer to store links to pages I’m reading online as shortcuts on my desktop rather than in my favorites, because that way I can keep the link in plain sight and so remember what the heck I was doing! In Internet Explorer 6 the simplest way to quickly save a link on your desktop was by dragging off the top left corner of the browser window. 

Dragging shortcut off IE6

In IE7 this doesn’t work the same way presumably because of tabbed browsing, so instead you drag the shortcut off the browser icon in the address bar.

Dragging shortcut off IE6

Of course if I’m reading something now and want to come back to it later, one of the easiest options in IE7 is to have the same tabs open up next time the browser opens.  To do this close the browser containing the tabs you want to open again next time.  This will bring up a prompt asking you if you want to ‘Open these the next time you open Internet Explorer’.  Check the box!

IE7 open tabs at startup

You will also notice that option there never to show you this dialog again.  If you’ve inadvertently ticked that (we get so used to saying we don’t want to be reminded of things again) you’ll have to go to Tools, Internet Options.  On the General tab you’ll find the Tabs option.  Click Settings and check the box ‘Warn me when closing multiple tabs’.

IE7 doesn’t show HTTP error pages

November 8th, 2006

The new "friendly error pages" are something I really don't like about new Internet Explorer 7. My website Hacking GPS is currently down due to a catastrophic server problem (hopefully back sometime tonight) and I’ve been checking it throughout the day to see if it’s back up yet. The trouble with Internet Explorer 7 is that it is set not to show the standard HTTP error messages that we all know and love.

Internet Explorer cannot display the webpage - Friendly HTTP error pages

This makes it difficult to diagnose if a website is suffering a 504 (DNS down)  from other errors.

If this is a problem for you too, here's how to switch it off:

Go into Tools > Internet Options > Advanced.  Scroll down to the browsing section and uncheck ‘Show Friendly HTTP error messages’.  You’ll need to close all instances of the browser before this will take effect.

Switching off friendly HTTP error messages in IE7

| | | |

More Scary Halloween Vista graphics

October 31st, 2006

Taking a quick break from pumpkin carving and decorating Castle Kingsley-Hughes ready for the trick or treaters tonight, to do another rush job: creating an animated graphic for Hardware 2.0 as part of the Halloween Scary Technology series over on ZDNet. 


Windows Vista EULA – scarier than ghosties, ghoulies and zombies put together!

Happy Halloween!!

| | | |

Halloween Vista Pictures

October 27th, 2006

Here are some images I designed for Hardware 2.0 over on ZDNet today, with the remit of combining a halloween theme with the current licensing issues for the next version of Microsoft Windows, Vista. 

It wasn’t a hard remit and as I’m one of what they rather quaintly call ‘enthusiasts’ – people who build their own PC and/or upgrade it regularly – I am particularly incensed that, where as I could move my copy of Windows XP Professional onto as many PCs as I’ve wanted  (I think I’ve had three PCs during the lifetime of XP) as things are shaping up with the new Vista licensing agreement, I would now have needed a new license before I could move onto the third PC.  

There is also some question as to whether the numerous graphics, network and sound cards as well as changing hard disks multiple times would most likely have triggered the need for a new license had I been using Vista over the last five years.  At the moment under XP when I’ve changed something a new activation is required and this generally happens via the web. Occasionally, I’ve had to phone the activation line to be reinstated by some very bored sounding – but pleasant – lady in India.  Given the new license agreements, I wonder if she’ll be quite so pleasant!! 

I really hope Microsoft change their mind about this.  Their excuse seems to be that there aren’t many of us folks who buy a copy of their Operating System separate from buying their PC.  Well I haven’t bought a PC for many years, preferring to build my own (trust me folks, it ain’t that hard!) so buying Windows separately has always been a necessity for me.  But just because I’m not in the majority, shouldn’t mean that I don’t count!  And having always been very loyal to Windows and to Microsoft, especially having spent a great deal of my time on beta testing Vista,  I’m more than a little bit hurt to be discounted in this way.


This one wasn't good enough to go up but I thought I'd share it here...

Happy Halloween!

Updated to add: The problems with the EULA seemed to have been resolved now. Yey!

| | |

Deceptive Web Ads

October 26th, 2006

I don’t like deceptive web ads.  The web of course has had a well-deserved bad reputation for dodgy advertising over the years, so much so that many people have popup blockers and ad stoppers to prevent seeing the ads at all.  In recent years however advertisers and site owners have cleaned up their act a lot, so that most mainstream sites avoid pop-up ads altogether and any swish ads (that open as you mouse over them) do not steal the focus of the page.  I was particularly dishearted then to see this pop-over ad from a reputable charity on a reputable newspaper website.


Looking just like the Microsoft Outlook reminder window it is designed to make the reader think they’ve just got a mega-list of things to do.  The buttons are active so, just like Outlook, they move when you hover over them and clicking the buttons brings up more information about the charity’s aims. 

Perhaps it’s considered OK because clicking the buttons doesn’t take you to another website or install spyware or do anything nasty to your computer.  Yes it is a good cause.  Yes it’s for charity.  But that doesn’t make it OK. 

If an ad appeared on TV pretending to be a news bulletin, it would need to display the word ‘Advertisement’ clearly at the top.  If an ad appeared in a – dead tree format – newspaper purporting to be an article, again it would need to display the word ‘Advertisement’ at the top.  Why then should web advertising be considered any different?  Why is it considered permissable to mess with our heads?

By doing this, they are crossing the line between the internet and web page that you’re viewing and your computer and the applications that are on it.  Whether it’s a legitimate ad or not isn’t the point, they’re using a deceptive technique to get your attention. Shame on you Barnardos!

| |

Adventures in security software: BlackICE

October 23rd, 2006

I’m still on the search for security tools since my Bitdefender 10 problems.  For anti-virus I’m back on my old Norton AV subscription at least for the few weeks remaining while my search for the best AV continues. 

For firewall, I really don’t want to go back to Zone Alarm as my firewall because it’s too heavy on my system resources and won’t let me log on to Windows Live Messenger. I want a lightweight firewall with application control because I like to know what’s connecting. So, returning to my roots, I decided to go back to BlackICE which I used before I became a Zone Alarm fan a few years back. 

Sadly BlackICE seems to have taken a turn for the worst since I last used their product.  Within a few minutes of downloading and installing I experienced two of those – near-forgotten beasts – the BSOD (or ‘Blue Screen of Death’ for those of you who are lucky enough never to have used Windows before XP). It’s been a while since I saw one and here was two in quick succession.  This was while it was completing its installation by calculating the ‘baseline’ for my PC. [Causing it to flatline, more like!]

The fun continued.  Eventually, after rebooting I managed to kill the BlackICE process (blackd.exe) before it could resume its calculations and go BSOD again.  Apparently it doesn’t like Windows XP SP2 or DEP (Data Execution Prevention) which I really wish I’d know about before I downloaded the software!  So I then set about switching DEP off, not permanently of course, just long enough to uninstall.  [Stay calmgirl,  no need to panic, we can deal with this . It’s no biggie after all Norton Antivirus Live Update has to be excluded from DEP too, so BlackIce are not alone in this kind of shoddy programming.]

Next step to uninstall.  Trouble is the uninstaller doesn’t work giving me the error ‘Failed to get product version’ and the uninstaller stops. Dead!  


Cue frantic screams for Adrian!  OK so sometimes it’s handy being married to the PC Doctor despite the long hours and ceaseless blogging… 

A few minutes research later and he tells me it’s because of my CPU. Apparently BlackICE not only refuses to play nicely with both XP SP2 and DEP, I’m now hearing that  it doesn't work with 64-bit CPUs running in 32-bit mode[It doesn’t even wanna work with my processor?? Ah crap!]

Luckily, he found me an uninstall tool to get rid of BlackICE which worked, thankfully both very quickly and easily. Panic over! For a while there I thought I was going to be stuck seeing a lot of BSODs! 

Now I’m off to ceremonially burn my BlackICE license key…

| |

%d bloggers like this: