Of the major features to be added to Internet Explorer 7, possibly the most noteworthy is the addition of tabbed browsing. On the surface, this seems like an obvious addition, since this was the feature that more than anything else has led Firefox to its current position as a worthy competitor for IE. It also fits with Microsoft's long-held strategy of incorporating the best features of the competition into their products, making it easy for users to choose Microsoft. We'll go further into how the company's version of tabbed browsing will work later in the article.

Built-in RSS support is another feature first introduced by Internet Explorer's competitors now slated to become part of the Microsoft browser. The company's timing is just about perfect, as RSS is only going to get more popular in the next couple of years.

The last in the trifecta of 'Firefox updates' that IE 7 is slated to receive is its very own search bar, finally integrated into the Internet Explorer toolbar by default instead of requiring an add-on or extra command. We'd assume that this will (unfortunately) use MSN search by default, but this should be easy to change.

The security status bar: no phishing here

The Internet scam method known as phishing has become increasingly common over the last couple of years, almost reaching epidemic status in the United States. The most insidious form of phishing attack involves the creation of an authentic-looking version of a legitimate web page, like that of a bank or other secure institution. Users will be lured to this page through an email link or a false link placed elsewhere on the web. Any information entered into the false web page will be captured by the perpetrator for their own use.

Identifying and preventing these types of scams can be very difficult if the phishing materials (the false site and email/link) are well created. Phishing does not attempt to crack any of Internet Explorer's security procedures, so the browser is quite happy to let users enter their personal data into a phony site. The trouble is, IE has no built in method for distinguishing an 'authentic' website from a phony one without outside reference. The new Security status bar built into both versions of Internet Explorer 7 (to the immediate right of the address bar) aims help users avoid this problem.

Essentially, the Security Status Bar brings the certificate information dialog that appears when you enter a secure web page (as represented by the little padlock in the lower right hand corner of the screen in current versions of Internet Explorer) front and centre, making it harder to miss and easier to check. It also will indicate if the site's security certificate is in any way suspect (if the date is wrong, for example, or the certificate does not come from a commonly trusted authority) by using a red background to the lock which indicates a secure connection. Certificate information can now be viewed with a single click and is a fair bit more friendly to novice users who may not understand the nature of security certificates and their implications.

The second and more powerful ability of the Security Status Bar is an active website filter called the Microsoft Phishing Filter (Philter?). This feature institutes an active scan of each website the user visits, checking it against three separate lists. The first is a 'whitelist' of approved sites stored on the user's system which (we assume) will be user editable. The second check analyzes the website for attributes common to phishing sites, looking for danger signs. The third check compares the website to a Microsoft maintained list of known phishing sites, in much the same way that an anti-virus or anti-spyware application works. Presumably, Internet Explorer 7 will also include a mechanism for reporting such sites.

The Security Status bar will turn yellow if the Phishing filter detects features consistent with a phishing site, and will pop up a message informing the user of the risk they may be taking by entering personal information on the site. If the site matches one on Microsoft's 'blacklist' of known phishing websites, the Security Status Bar will turn red and the browser will automatically bring up an internal page informing the user of the nature of the site and advising them to close the connection.

Overall, the Security Status Bar seems like an excellent addition to Internet Explorer's features. By adding phishing protection to the list of nasties that every computer should be proofed against, Microsoft may have accomplished the difficult task of protecting its users from themselves. We can't help thinking that this feature could be and should have been added with the Service Pack 2 updates to Internet Explorer for Windows XP though.