IE's hidden buttons

Even having used Internet Explorer 7 for about 18 months, I just discovered something new. IE has a hidden status bar, with four security-related buttons on it:

Right next to where the zone is shown are a series of six boxes. I always figured it was some UI anomaly caused by the fact that the would occasionally display some status in one of them: the phishing filter status while the page is loading. However, it turns out that four of the six are actually buttons. If you click the right-most one you get the Phishing Filter settings.

Double-click the next one and you get the Certificate Status dialog for the site you are viewing.

The next one does not do anything, but if you double-click the fourth one from the right you will get the IE Add-on Manager.

Finally, click once in the second left-most box and you get a menu to configure the pop-up blocker.

These buttons are still shrouded in mystery for me. I do not understand why they are active, but not there are no icons to show the user that. I do not understand why the user experience is different for them and some require double-click and others single click. Finally, the two that do not appear to be linked to anything seem superfluous. It almost smells like an easter egg, or like functionality that was not completely implemented and tested and therefore was "hidden" from the end user. Neither is actually particularly re-assuring from a security perspective. If anyone knows more, I'd like to hear about it.

Published 27 January 2008 09:50 AM by jesper
Filed under:

Comments

# MikeB said on 27 January, 2008 12:55 PM

The third box from the right is the Privacy Report box that reports when cookies are blocked due to your settings.  I have no idea what that other box is for.  

# Steve said on 27 January, 2008 01:35 PM

I knew they were there because I right clicked one by accident.

# Ed Bott said on 27 January, 2008 03:58 PM

Some of those boxes show status icons under particular circumstances. The phishing filter shows an icon as it works, the pop-up blocker icon is visible if a pop-up is blocked when High settings are on, and the add-on manager shows if a page tries to load an add-on that has been blocked or disabled.

I think the certificate display (padlock icon) is now permanently in the status bar.

# Jon Schneider said on 28 January, 2008 07:53 AM

Jesper, after seeing your post, I just checked my own local copy of IE.  I'm still running IE6 on this machine, and I've found that IE6 has the same hidden buttons (except for the Phishing Filter)!

# dean said on 28 January, 2008 04:15 PM

The left-most box (to the left of the pop-up blocker) is for the printer icon (visible only while printing is in progress).

# Blarg said on 29 January, 2008 12:13 PM

I've been using these for quite a while.  I thought everyone knew about them!  I can't remember when it was, but when the icons would show up in IE6 I'd click on 'em for more information or to open add-ons.  I tried it when the icons weren't there and remember remarking how thoughtful the programmers were to allow the use of these even when the icon wasn't lit (to say that it was active, as Ed Bott says above)

# Craig Herberg said on 29 January, 2008 01:43 PM

This is the sort of thing that drives less-sophisticated computer users crazy.  They accidentally click an unlabeled part of the browser, and suddenly a setting is changed!  Whatever happened to usability testing by ordinary people -- before software goes into production?  

# Jimbo said on 29 January, 2008 02:44 PM

I just received an email from someone who said that I had instant messaged him with either my password(s) or credit card information. If this can happen due to IE's hidden buttons and someone now has access to that information. What steps can I take (or should I take) to block, investigate or protect myself from this person ... or is this the lowest way to alert a customer to a problem from msninfluentials.com

# jesper said on 29 January, 2008 04:05 PM

No Jimbo. That can't happen due to the hidden buttons. Malware could do it, but not the hidden buttons. Please ensure your computer is up to date on malware protection.

# Steve said on 29 January, 2008 09:37 PM

Jimbo: It's called phishing. If you reply, you have verified your e-mail address is a valid one.

Then the followup e-mails begin OR *MASSIVE* SPAM.

Craig: If you don't like it, watch where you click!

# Perry said on 29 January, 2008 11:36 PM

Most of this quandry is because techs are time poor and can't show everyone everything ( or remember ).  I try to educate my clients on all the tricks etc and most of them go to sleep  :-(.  So, I nag them over the net :-) .  No OS is so far user friendly enough for the people that are not "into IT" and until programers et al let go we will be in the dark !.  ( OH I could go on n on n on .........

# howiem said on 30 January, 2008 01:04 AM

I always thought that they were not hidden, rather that it was just another glitch in IE that prevented the icons from showing :)

# Alex said on 30 January, 2008 10:04 AM

As a programmer, I tend to think that it was probably either functionality that could not be fully implemented on schedule or was later canned, but the programmer forgot to disable the code.  It seems more of an accident to me than an actual feature of the browser.

# LonerVamp said on 01 February, 2008 10:00 AM

These existed/exist in IE 6 as well. Just double-click any empty box and you'll get those settings.

a- unknown

b- pop-up blocked

c- add-ons

d- privacy report

e- cert status

# Jeff said on 01 February, 2008 10:09 AM

Wow. I actually can't believe this. What's the big deal? These are NOT 'buttons', these are UI FRAMES (i.e. windows) that are used to display status icons AS APPROPRIATE based on the web site status and/or activity (i.e. SSL, Phishing Filter, Privacy Report, etc.).

They are there purely for the purpose of indicating to the user what's going on with the site they are browsing. For ease of use, the programmers have decided to allow direct (easy) access to the options or more information relative to each specific function.

Like all large programming teams, there appears to be some inconsistency in how the UI was actually implemented. This is not necessarily unusual and is a common occurrance with any Microsoft program (not to single them out) if you pay attention.

These are user interface design decisions, not secret hidden buttons so the all-knowing, all-powerful evil entity can exert control over the user without their knowledge.

Get a life, people!