InPrivate browsing
One of the new IE8 features that is garnering a lot of interest is InPrivate. Even before IE8 Beta 2 was released to the public, there was much speculation about the possibility of a new "porn mode" making its debut (thanks, in some part, to some sharp eyed people spotting that Microsoft had lodged a couple of new patents).
An InPrivate browsing session is started via the Safety Button 
, or by using the keystroke combination of Ctrl/Shift/P.
Ctrl/Shift/P is the default keystroke combination used by the popular SnagIt program to trigger captures. If SnagIt is running, and you are using the default key combination to trigger a capture, then you will only be able to start an InPrivate IE setting using the Safety button.
You can create a program shortcut that will open Internet Explorer in InPrivate mode by adding "-private" to the program's target path, eg on an x64 Vista system the path would be:
"C:\Program Files (x86)\Internet Explorer\iexplore.exe" -private
When you surf using InPrivate mode, any cookies are automatically set as "session cookies" (and deleted when the InPrivate window is closed). No History is saved, and any temporary internet files are also deleted when you close the browser window. Autocomplete data such as form data and passwords are not saved, nor are typed addresses or search terms.
If you open the History Pane when surfing using InPrivate mode, and select the setting "View By Order Visited Today", you will see that no entries are being added to your History as you go from page to page. Any pages that you have already visited during a "normal" browsing mode can still be seen in the History pane.
It is important to note that the InPrivate session can read *existing* cookies, and that those existing cookies are not deleted once you close the InPrivate session. You can also access pre-existing history when using InPrivate mode - it is new data that is created during an InPrivate session that is protected by InPrivate Browsing.
InPrivate browsing includes two features in addition to the automatic deletion of local data - InPrivate Blocking, and InPrivate Subscriptions.
InPrivate Blocking stops web sites from potentially gathering data about your web movements via javascript, tracking gifs and whatnot. The IE team blog uses the example of a tracking javascript to explain how InPrivate Blocking works. Blocking is not triggered until a particular javascript, tracking gif or whatnot is detected on at least 10 web sites.
InPrivate Subscriptions are XML (commonly known as RSS) feeds that contain a list of sites to block and allow. It allows you to use "Manually block" without having to make a site by site decision about what status to assign each site.
InPrivate's impact on advertising
Some people have expressed concerns that InPrivate might block advertising - concerns that are proving to be justified. The first domains to be blocked on my primary work machine were Google AdSense and Google Analytics. Quantserv.com was the third site to be blocked. The fourth site was 2mdn.net (owned by Doubleclick).
Let's take a closer look at the way that InPrivate works. We have three choices - Automatic, Manual and Off.
Automatically block
InPrivate will automatically block a data sharing URL once it has been detected on 10 or more sites.
Manually block
You choose which URLs are allowed to share data, and which are not - a data-sharing URL will not appear in the list until it has been detected on 10 or more sites.
If you use the "Automatically block" option, all sites that you see listed in the "Manually block" list will be blocked from sharing details even if you have set the website as "allowed" via the "Manually block" option. For example, see the screenshot below - you can see that I have set two sites as Allow in the Manually block list, but these sites will still be blocked when I use the "Automatically block" setting. Setting a site to "Allow" via "Manually block" will not over-ride blocking when using the "Automatically block" setting.
I admit that it worries me that advertising is being impacted by InPrivate Blocking. I have always said that every (wo)man deserves their wage, and it worries me that web sites risk losing what may be, for them, an important income stream. I also worry that web sites may stop using popular services like Google AdSense text adverts and move to a more risky advertising model. For example, I chose the Google text ads and Microsoft Affiliates advertising campaigns because I know that visitors to my web sites will not have their web browsers hijacked by a malvertizement and dumped at a fraudware site. I could not be sure that visitors to my sites would always be safe from such activity if I used dynamic advertising such as banner advertisements or pop-ups. BTW, even Google's infrastructure has been used to display malvertizements, which is just one more reason to stick to text advertisements (here is the original report, and the follow-up report).
The big players in the online advertising world will not be very happy if InPrivate Blocking begins to have a noticeable effect on their businesses, especially if other advertising services are not being impacted as quickly. For example, InPrivate Blocking is blocking the Google advertisements on my web site, but it is not blocking the Microsoft advertisements:
IE-VISTA IN IE8 IE-VISTA IN IE8 (INPRIVATE MODE)
A special note for the conspiracy theorists amongst us:
I must stress here that there is nothing nefarious in the fact that Google is being impacted upon by InPrivate Blocking while the Microsoft advertisement is not - I have no reason to believe, or suspect, that there is a secret plot to give Microsoft advertising preferential treatment, or to exclude Microsoft domains from InPrivate Blocking. The reality is that Microsoft advertising campaigns like the ones on my sites are simply not as widespread as Google advertising, so you can put your tinfoil hats away now.
New option - show the Stop and Refresh Buttons before the Address Bar
Personally, I don't like having the Stop and Refresh buttons to the left of the Address Bar, but to each his own :o) Right click on Command Bar and turn on the relevant option... (note that the Links Bar is gone, replaced by a Favorites Bar.
Compatibility button
I see that Opera, or more precisely, Opera's CTO, is complaining about the new Compatibility button, and the fact that *Intranet* sites are, by default, displayed in Compatibility View. Hakon Lie doesn't like the fact that the graphic on the Compatibility button looks like a broken page (or, as some users I speak to describe it, a torn piece of paper), but let's look at this from the end user's perspective, shall we? I've been watching people use IE8 Beta 2 over the past few days, and the only time that they pay any attention to the Compatibility button is... wait for it... when a web page doesn't display properly (that is, when it is "broken"). They then click on the "broken web page button" and voila, the web page displays correctly. If it happens to appear for a page that displays ok, then they invariably don't notice that it has appeared.
To be honest, Hakon's suggestion to use the Acid Test Smiley Face simply does not make sense when you think of things from the perspective of the end user - after all, the average user is not going to think that a "broken" web page warrants a smiley face - if anything they would expect to see a frown - and you can bet that, more often than not, they will have no idea what the Acid Test is!
Why does IE8 "break the Web"?
The original plan was for Standards Mode to be "opt in" for IE8, a plan that coincided well with Chris Wilson's oft-stated desire to "not break the Web", but then a vocal developer community complained, and complained, and complained, about the decision until the IE team deferred to their desires and made Standards mode "opt out" (effectively breaking many pre-existing web pages). Back when the decision was announced I wrote:
"Thinking back to when IE7 was in beta, I remember all of the pain that the changes to IE7 caused for web surfers etc, when we saw things like this:
and this
My primary concern now is how the Mums and Dads out there are going to react to these changes. They are not developers. They do not understand page rendering, and CSS, and the developers' desire for "standards compliance". All they know is that the web site that they are viewing is broken and they will not understand why."
Source: http://msmvps.com/blogs/spywaresucks/archive/2008/03/05/1533456.aspx
Microsoft is trying to make it easier for the end user to cope with the who-knows-how-many web pages around the world that will not display properly in Standards Mode. It would be, dare I say it, a death knell for IE if end users are not given an easy way to view broken web pages that they encounter. The end user needs to know that they do not have a faulty installation of Internet Explorer and that they need not waste time trying to "fix" things by uninstalling and reinstalling, and whatnot. If MS does not show the end user that their installation of IE is not broken per se, then the end user just might uninstall IE8 because they think that it doesn't work, and that is NOT something that I want to see... in the end I don't give a damn about the IE versus Firefox versus Opera fisticuffs, or who has the highest user count, or who is winning or losing the browser war - what I *do* care about is the safety of end users - safety that could be compromised by not having the latest version of Microsoft's web browser installed.
Delete Browsing History
Note the new options to delete "InPrivate Blocking data" and "Preserve favorite website data".
Tabbed browsing settings
Note the options available for new tabs, and the option to enable Tab Groups.
What are tab groups? These are tab groups - note the different colors.
Tab group controls:
Accessed by right clicking on any tab:
Close This Tab Group: will close the tab that is currently open, and all others of the same color.
Ungroup This Tab: ungroups the tab and changes it to the default color.
Duplicate Tab: opens a new tab at the same URL.
Browsing History
Manage Add-Ons
This is much improved - note that you will be able to manage your "InPrivate Blocking List" and "InPrivate Subscriptions", as well as Accelerators, Search Providers and Toolbars/Extensions (as you can see, I work with a lot of different search engines). Also, note that you can "Prevent programs from suggesting changes to [your] default search provider".
Security Settings
A new ActiveX Security Setting - ActiveX changes are explained in detail here:
http://blogs.msdn.com/ie/archive/2008/05/07/ie8-security-part-ii-activex-improvements.aspx
Phishing Filter is now SmartScreen
More info about SmartScreen here:
http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-iii-smartscreen-filter.aspx
New XSS filter enabled by default (XSS = "cross site scripting") - more info here:
http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx
Disable InPrivate Blocking data
New Feed and WebSlice settings
Advanced Settings
New option: Enable Caret Browsing for new windows and tabs
Note: "Enable personalized favorites" menu option is gone.
New options: Display Accelerator button on selection, Enable automatic crash recovery, Enable Suggested Sites.
Note the blue Accelerator button...
Inline Auto Complete - stipulates "outside of Internet Explorer"
New options: "Enable DOM Storage" and "Enable SmartScreen filter".
