Netscape has launched its next generation Web browser. Version 8.0 promises better security and the ability to switch between browsers. Netscape 8.0 is a hybrid browser based on the Firefox 1.0.3 open-source platform, which implements competing technologies as a security function. A spokesman for American Online and Netscape likened the new Netscape browser to "...a hybrid car that combines the usability of Internet Explorer with the security of Firefox". Netscape 8.0 checks sites for security and automatically switches security settings, and the browser it uses, based on whether a site is a known and trusted site or an unknown site. Black listed sites (dangerous and scam sites) will initiate a warning screen. Potentially dangerous functionability on those sites will be disabled. The user may then decide whether to open the site. If the site appears on the 'white list', web sites certified as legitimate by TRUSTe and VeriSign Inc., all the functionality of the site will work. Netscape 8.0 uses Firefox to handle less secure 'black listed' sites and Microsoft's Internet Explorer to open trusted 'white listed' ones. Sites which appear on neither list will be opened in Firefox for safety purposes. The new Netscape streamlines browsing tasks, integrates web search and AOL's instant messaging platform. It also offers advanced features like RSS feeds for newsbuffs. Other feature updates are expected throughout the year. From NewsFeed : Inquirer Firefox-based Netscape 8 tastes good First Look AOL, MSIE, and Firefox put into a blender By Fernando Cassia: Friday 20 May 2005, 09:56 THE FOLKS at the Netscape.com portal, owned by America Online, released their long-awaited Netscape 8.0 browser yesterday. I used this opportunity to put my prejudices aside and take it for a spin. There is a problem, however, version 8 is available on 32-bit Windows and english language only. Since it's based on Firefox, creating a build that runs on Linux (sans the MSIE engine functionality) should certainly be possible, as well as offering translations in other languages. Despite that, those of you in America or even Blighty would have no problems. Once you click "download" what is delivered is a 297KB "active installer" that fetches several dozen bitmaps from the net, shows the Licence agreement, and waits for the user to click OK, only then the whole full installer is downloaded in the background and run. But if you want to go straight to the "full installer" the http://browsers.netscape.com web page doesn't make things easy for you, and the ftp and http sites block the directory view, so you can't see the name of the file. Luckily for you and unfortunately for Netscape.com marketing robots, I used a packet sniffer to find the elusive URL where the whole thing is stored, which is a 13MB file that you can get here. This "full installer" can be burned to a cd or placed in a shared folder and installed over a LAN without the need of an active internet connection Of course if you want to save time, the company is willing to sell you an official cd, a printed guidebook, and, for the first time since around the Netscape 6.0 launch, assorted Netscape memorabilia including coffee mug, hat, mouse pad, and the like, on the Netscape Store web page mentioned above. Installing Netscape 8.0 on WinXP SP2 was flawless, and I couldn't avoid noticing that the company used the Nullsoft Installer to create the setup executable. For once, a company using their own technology. Too bad there's few guys left at Nullsoft, the company of Winamp fame. The program lets you import your bookmarks, favourites, and configuration from any of the installed browsers. Since I tested it on my "playground" system, it showed all the possible options: import settings from MSIE 6.0 SP1, from Mozilla Firefox, from Netscape 7.2, from the Mozilla Suite, or from the old Netscape 8.0 beta. Very impressive. I selected "Netscape 7.2", and it did its magic without hiccup Perhaps the most interesting function is the ability to fine tune, from the same screen (in the "advanced" tab) the rendering engine used. So you can tell Netscape 8 to load a certain page with the MSIE engine, but with ActiveX disabled, for instance, while all other sites use by default the Firefox engine. This pre-loaded "white list" (which the browser can update from the Net automagically) has some surprises... if you configure a Netscape Webmail account for instance - to be accessed from a button in the toolbar- that button then leads to the new flash infested Netscape Webmail interface, and the Netscape 8 browser's white list switches to the MSIE engine to display that page. I guess old habits die hard and AOL webmasters are in love with the MSIE engine, no matter what. Compatibility with Firefox extensions faces some hurdles. The Amazon.com A9 toolbar for Firefox installed flawlessly. There was one problem, however, because of the Netscape 8 team's weird decision to move the Netscape logo from the right side of the program window to the left. With the A9 toolbar installed, the round Netscape logo shows up above the A9 text entry field. Which just goes to prove that user interface rules and conventions -even if not written anywhere- are meant to be honoured, not broken. We the Netscape 8.0 beta testers complained vehemently about the stupid placement of the Netscape "throbber" logo in the left side, but our comments were largely ignored. The unofficial but Google-endorsed GoogleBar failed with a message "This toolbar does not support Netscape". The Good, the Bad, and the Ugly The good: Security settings per-site is handy Ability to switch specific sites to use the MSIE engine is very useful when you stumble upon sites coded by brain dead webmasters. It's firefox, with a nice set of additions. The bad English only It takes a while to get used to it, specially if coming from the Mozilla Suite or Netscape 7.2 Not all themes support NS8. It would have made sense to ship NS8 with a "Modern" like theme that followed the Netscape 7.x tradition. There is one available from a user in Japan, dubbed "Modoki Modern" and available here, sadly it still hasn't been updated to install on the non-beta Netscape 8. Just two themes available for NS8 on the official "theme park" It's still Firefox (see "Top Ten Firefox annoyances"). The official page only promotes the download of the small "active installer". Not many toolbars and extensions currently install on top of NS8 The ugly No Linux version Not all themes support NS8. The two official ones are not enough diversity, imho. AOL could code some of their web sites for standards-compliance so NS8 would use the Firefox gecko engine, NOT IE. This is specially true considering that the new Netscape Webmail web page is in the whitelist configured to use the IE engine. It should be easy to configure the browser to gather weather data for locations outside the USA, and with weather data displayed in Celsius, not Fahrenheit degrees. It rather still shows a US-centric "zip code" approach to weather data gathering. The Verdict I give the Netscape 8.0 browser... no, I'm still too biased towards Netscape 7.2 and the Mozilla Suite, so I can give a proper rating. I will let you be the judge. It's a good, tasty mix of what you get after putting MSIE 6.0, Firefox and half-Netscape 7.2 in the blender and add sugar and some pepper. I personally still prefer Netscape 7.2 and the Mozilla Suite, but that's only me. More secure Netscape has security holes What were they thinking of By Nick Farrell: Friday 20 May 2005, 08:43 THE LATEST version of Netscape, which is being peddled as more secure than IE, was shipped with serious and known security bugs. The latest version of Netscape 8, which was released late yesterday, is being marketed by Netscape as having the security advantages of Firefox, with the ease of use of IE. However the new Netscape is built on an earlier version of Mozzarella’s Firefox browser that was changed after the security outfit Secunia found two "extremely critical" bugs in it. Several big cheeses in the La La land of Mozzarella have slammed Netscape over the ****-up. Firefox lead engineer Ben Goodger has posted on his bog a live exploit here, which shows how vulnerable Netscape is. Goodger said: "If security is important to you, this demonstration should show that browsers that are redistributions of the official Mozilla releases are never going to give you security updates as quickly as Mozilla will itself for its supported products." Developer Gervase Markham in his ‘Hacking for Christ Blog’ And this bog was miffed that Netscape is saying that the latest version of Firefox is outdated, when it has these key flaws that had been long fixed in Firebadger. The bogster added that Netscape was only available on Windows so he will not try it out. And there's more bogging, here on Spliffnet. Netscape Needs Patch Hours After Debut By Gregg Keizer, TechWeb News America Online's new Netscape 8 went from 0 to 3 bugs in less than 12 hours Thursday as it posted an update, tagged as 8.0.1, late the same day that saw it debut the hybrid browser. Netscape 8.0 was built using the code from Firefox 1.0.3, but Mozilla recently upgraded its browser to fix several vulnerabilities. With the update released Thursday, Netscape is now a clone, security-wise, with the current Firefox 1.0.4. One of Netscape's most intriguing features is that it includes both the Gecko (used in Firefox) and Microsoft Internet Explorer rendering engines, and automatically switches from one to the other, depending on user preference or the perceived security of the site. Without the update, users visiting sites rendered with the Gecko engine could be at risk. Attackers could use the now-patched vulnerabilities to take control of a PC simply by getting a user to visit a malicious Web site. Details on the fixes in Netscape 8.0.1 have been posted on Netscape's support section, and the new version can be downloaded from the home page of AOL's Netscape site. Unlike Microsoft's IE, Firefox and now Netscape 8 don't patch bugs by installing a small update file, but instead require users to download and run the entire installation file. Firefox is working on an improved patch and update mechanism that may appear as early as version 1.1, which is expected this summer.