Slashdot Mirror
Microsoft Not Worried about FireFox
didde writes "It seems like our friends in Redmond are quite happy about IE. According to this article, they won't be updating it until Longhorn. My favorite quote would be [We have a very, very innovative set of capabilities that we're putting in the next version. And in the meantime it's an extensible platform, and there will be a set of extensions that Microsoft does as well as others.] Oh boy, are they actually working side by side with the virusmakers and phishers?" That just gives the MozBoys a year head start.
Microsoft said the same thing about Linux a while back. It took a while, but they finally admitted that it was infact, a big theat.
they are probably worried.
Having an IE monopoly is a lynchpin in their designs for server-side control. Unless I'm completely off-base.
Except for ending slavery, the Nazis, communism, & securing American independence, war has never solved anything.
As could be read on Joel on Software, Webapps are becoming major competition to MS. That's why a better browser is the last thing MS wants. Worse browser = better browser.
What does MS really stand to lose if Firefox gains something like 50% of the browser share? MS isn't making any money off IE, are they? I realize that back in the mid 90's there was a big concern that the Netscape browser could somehow be used to usurp the Windows monopoly, but honestly, is anybody still thinking that an entire OS can be replaced by a web browser?
-- Night Goat, a proud Firefox/Safari user
T. Rex, 30-some odd million years ago: "Mammals? Ha! I'm the biggest predator in town! Why the hell should I worry, I rule this place!"
Roman generals, c. 200 a.d.: "Barbarians, you say? We've got nothing to worry about. We're the biggest army on the planet. What could possibly go wrong?"
A Confederate general, 1861: "Those Yankees ain't nothin' to worry 'bout! We'll run 'em back across th' Potomac in a month, then we'll go back to plantin' cotton."
Adolf Hitler, 1942: "We can fight a war on two fronts! The Russians can't stop us! We're invincible!"
The Iraqi information minister, 2003: "The Americans will never set foot in Baghdad."
And the Firefox developers aren't even trying to fix the bugs people want fixed. Like the bug about needing a "FAST BACK BUTTON" like in opera (has over 100 votes at bugzilla and they wont fix it) or even a rewind.
The Netcraft toolbar type addon which tells you which country a website is from is a good idea. Another idea would be to allow you to report malicious websites and report on history of commercial websites that steal your money.
Microsoft is Install-driven - they know that however bad the product is, if they can get it installed they will always win, later. Look at how easily they got rid of Netscape !
A product like Linux is much more dangerous to them, because it fights back at install time, eg. Linspire or Linux server platforms.
Edmund
This is not a signature.
I don't see how your argument holds any water.
Take Apache for example, just because it has a "critical mass installbase" doesn't make it any less secure then it was previous to that point.
Regardless, in my opinion anyone who thinks open source software is more secure than closed source is fooling themselves. In both cases human beings are writing the code. The big advantage open source has is that a fix can be released the instant it is completed. No formal QA teams to go through, no legal department to consult, no inefficient policies to follow, no press releases required to put a positive spin on a negative event need to be written, and no investors to consider, it is just done.
For me, thats where the "cozy feeling" comes from.
Open Source Time and Attendance, Job Costing a
> Today, Firefox's security advantage lies in one
> single factor: The very little attention it is
> getting from the people who write exploits.
People keep saying that, but you can't prove it until we get equal market share with IE. I'm looking forward to that.
In fact there are lots of other reasons why Firefox is more secure than IE. For example:
-- We use a string class library for almost all strings that flat-out prevents buffer overflows associated with those strings. My impression is that the IE code mostly does not.
-- IE is designed to be lax in its interpretation of the HTML, CSS, HTTP headers etc that it receives. Gecko is designed to be strict --- well, as strict as possible while making it possible to view 99% of the Web. IE's approach leads to confusion, which leads to security bugs. A great example is the raft of security bugs where different parts of IE guess the MIME type of incoming data and the guesses are inconsistent.
-- The IE-Windows integration means IE supports a lot of magic features such as special protocols that Gecko doesn't support or just blocks. So IE has more attack surface.
SP2 has improved things for IE a lot but they started from a bad position.
I agree that is a part of it, but certainly not the only place their advantage lies. Their advantage is primarily that they are under active developement and can react much quicker than Microsoft's IE. Basically MS won their browser war and forgot to maintain the product, let alone enhance it. Now they are scrambling to restart developement and like any good 800lbs gorilla, they are quite slow to do anything.
The whole "the only reason project X seems more secure than project Y is because project Y is more popular" is quite an annoying (and false) meme. By that logic Apache should be much less secure than IIS. Sometimes project Y is just poorly designed. In the case of IE that is certainly what happened. It does not matter how many highly paid devs MS has that understand security if the final project decisions are made by clueless execs who insist on senseless integration with the OS for purposes of beating a DOJ trial and other decisions that are simply bad for security. Those highly paid devs can only do so much good.
Finkployd
Let me add to this.
:: Apps:WebSites) if you catch the drift.
In the open source world, DOCUMENTATION IS EVERYTHING.
Think of it this way... in order for an OSS project to be successful it either needs corporate funding OR good documentation in order for the non-academic types to use it and learn to hack it.
In this regard, I consider most of the official GNU projects, perl, and many others to be failures.
PHP has amazingly good documentation. I was able to easily learn PHP only having a basic knowledge of C++ beforehand using only the docs on php.net. They're easy to navigate, pleasant to look at, and readable by NORMAL HUMANS. Now, from what I understand, PHP didn't start out as being much of a superior language to perl, python, asp, and many others... The fact is that php got good because it got popular. Php gor popular because it was easy to use and the docs were top-notch.
Now move on to Gentoo (no. I'm not a gentoo fanboy and do not have any systems currently running it). By all means, the installation process for gentoo is ASTONISHINGLY complicated and difficult --- without proper documentation. The official installation documentation is excellent. It's no wordier than it needs to be, and should be understandable by anyone with a decent amount of experience with windows or mac os. Gentoo's large userbase can easily be credited to its excellent (centralized) documentation and community. In my experience, when I ran into a problem with gentoo, I could find a solution easier than I could with RedHat because the documentation was all in one place, easy to understand, and logically organized. By all means, if gentoo's docs sucked, the project wouldn't exist anymore. Everyone would be scared off. My only gripe was that when I installed it, they gave no warning that it would take about a week on my ancient celron-466. live and learn.
OS X got tons of little freeware/shareware/oss apps once apple got its act together and started offering decent documentation on cocoa. the number of small independent software companies developing for apple has exploded over the past few years thanks to this.
As annoying as it is, the M$ office assistant is actually a nice thing to have. It gives short, concise answers to everyday questions with word and excel. Great for people who don't have much computer knowledge. Although most people like them, I don't like microsoft's developer docs...
now all mozilla needs is decent XUL / devloper documentation. Last time i checked a few months ago, it was virtually non-existant which is a pity, because I think XUL could really take off as an entirely separate entity from mozilla. XUL + Javascript could finally fufill Sun's original dreams for Java to create applications which were small, lightweight, and portable. XUL is to HTML as Applications are to Web Pages (XUL:HTML
To get an idea of the power of XUL, check out the Mozilla Amazon Browser which is in all ways a faster and easier method for browsing amazon.
Also think of the bandwidth savings! Web applications would no longer have to serve entire pages for each request processed.
-- If you try to fail and succeed, which have you done? - Uli's moose
Microsoft wants Windows users to have plenty of reason to switch. They just want them to switch to Longhorn.
That's actually the biggest problem with Microsoft's current business model. With each new generation of their software they have to convince a substantial portion of their install base that to upgrade. If Microsoft releases Longhorn and customers decide that they would rather stick with Windows XP then Microsoft is just as screwed as if Linux had achieved Total World Domination. Microsoft's biggest competitor is old versions of its own software, and the competition gets harder to beat with each new iteration.
That's why Microsoft isn't interested in coming out with another version of IE for XP. Instead Microsoft would much rather bundle the new version with Longhorn in the hopes that it might persuade some XP users that now is the time to upgrade. After all, without WinFS, and with XAML being backported to XP there is going to be precious little that would persuade customers to upgrade. A new version of IE might very well be the biggest reason to upgrade to Longhorn from XP.
1. Because you need to have a browser installed with a new OS, otherwise it would be like getting a new car without a radio.
2. With that many users, you can't simply back out of IE support; it would be terrible business.
3. It would be giving open source a foothold and showing an incredible amount of users what open source can do... sort of like how iPods are converting folks over to Macs.
4. They lose control over things like internet integration in their applications.
5. They lose control over a lot of potential APIs/protocols since they wouldn't have their browers' users to use as a user base.
6. It admits a crushing defeat to open source. Shareholders probably wouldn't be too cool with that.
What you said makes total sense, but you have to look at it from a business perspective... Ditching IE would only confuse users, point them towards open source, and lock Microsoft out of potential future revenues related to internet browsers.
It's also important to keep in mind that from a non-techy's perspective, IE is not bug-ridden filth and that any viruses or nastiness that are caught at this point are just functions of the internets and not Microsoft's fault. Microsoft knows this.
That's it in a nutshell. Despite all the other endeavors Microsoft engages in, without the monopoly rents they receive from Windows and Office, Microsoft is dead in the water. They know this, and are doing everything possible to extend the Windows monopoly to the Internet. Once the majority of their customers realize that the OS has become of secondary importance, they're screwed.
For them it's about leveraging their browser dominance until the browser is fully integrated into the OS with Longhorn. They're relying on the ol' FUD train to keep things going in the interim. All declarations of confidence aside, they know that there is more pressure on them than ever before. With a year or more before Longhorn's arrival, I expect to see Microsoft talking more and more about how wonderful the browsing experience will be in Longhorn, while painting Firefox et. al. as relics of a bygone era.
Before long I expect to hear Ballmer say something like, "People just don't understand that the rich browsing experience built into Longhorn is going to make the tired old standalone browsers look pathetic!"
Read the EFF's Fair Use FAQ
What you say? Mod me down as a troll, but even if people jump ship en masse to Firefox, that is not a problem for Microsoft. There are several reasons for this - times today are very different from the good ol' days of their browser war with Netscape.
.NET apps.
.NET web applications, from MSFT's perspective it is fine if people use Firefox 90% of the time and use IE for the 10% of .NET mission critical apps. As long as those apps exist, people are still tied into their platform.
During the browser war between Microsoft and Netscape, Microsoft's primary worry was not people using Netscape Navigator as much as the Windows platform losing importance. Remember Andressen's quote saying that when Netscape was done, Windows would be reduced to a set of poorly debugged device drivers? Its easy to say that was foolery in retrospect, but Microsoft was sincerely worried about that. As far as Microsoft knew at the time, Windows could have lost importance in the same way that minicomputers declined after the rise of the personal computer.
Fast forward to the twenty first century. Microsoft is having a crapload of problems with spyware and this product called Firefox is getting rave reviews. But the worries of the mid nineties are gone. The reason that Microsoft stopped IE development is because they do not want to see web apps get more powerful; they hope that when Longhorn comes around, people will write distributed
Firefox does nothing to stop this future. While Firefox is a nice app and IMHO better than IE, it is not pushing the frontiers of web application capabilities, the way that Netscape did in the nineties. As nice as it is to not worry about slimeware, Firefox is just enabling the same ol' web.
As nice as Firefox is, it is not enabling people to switch away from Microsoft technologies other than IE itself. People are not switching to Linux because of Firefox. When Longhorn comes out and Microsoft starts hyping
Perhaps at some level, Microsoft risks losing mindshare from Firefox. But even if this is the case, they risk to lose much more mindshare by acknowledging Firefox as an issue so their response is expected.
You need to hear the whole reason for IE being produced in the first place.
Back when the web was new and exciting, Netscape was making waves with its browser. They predicted that web based apps would be the future, and all apps would therefore be client system agnostic. The head dude of Netscape said something along the lines of 'In 10 years, windows will be reduced to nothing but a buggy set of device drivers'. This pissed Microsoft off.
So they pumped huge amounts of money into IE to try and make it a better browser. Of course the idea of something being system agnostic really scares Microsoft. So to stop customers being able to just switch away from using IE and more importantly windows (the thing you give them money for) on the clients, they added a bunch of crazy features that would make webapp code that used said features not work with other browsers. Bingo. Clients have to stay running win/IE. One of these features was ActiveX which was touted as improving application interactivity.
So you see, this is/was not really about the web at all, but webapps.
Malike Bamiyi wanted my assistance.
MS makes most of it's money from Windows and Office. If they lose Windows and Office they can shut down shop. So they must do whatever they can to protect the income from those 2 areas, and specifically Office because Windows is nothing without Office for the average user.
Now the problem with the web is that browser-based apps (think gmail) threatens Office and by extention Windows. We live in a time where bandwith is cheap and fast enough to run a high-quality spreadsheet or word processor as a web application. The ONLY thing stopping this from happening is the pitiful state of IE. If they made IE as good as it can be, they'll be opening the floodgates for web-apps that can replace Office.
If IE matures enough for this to happen, all applications can be web-based and run off ANY COMPATIBLE BROWSER on ANY PLATFORM. Thus I can move my grandma to Linux with Firefox 3.0 and she won't even know that something has changed, because she was already accessing all her apps via a browser. This can also happen if Firefox becomes the de-facto standard browser, and they start implementing all these new and great standards that's waiting to unleash the power of the web-app.
So that's why IE has changed almost nothing since the monopoly. MS realises that improving it is digging their own grave.
My company develops software for a specific vertical market. All web-based. It's great for our clients because they can access their data from anywhere, any time. It's great for us because we can upgrade and improve the system whenever we feel like it without sending out upgrade disks. 90% of all support calls we take right now is because of IE (spyware / 'special' toolbars). Lately we've been installing Firefox for all clients when training them, and that's helped a lot.
So all we can hope for right now is for Firefox to improve their browser as much as possible to try to become the standard (60% of the market would do it I think) before Longhorn. I don't know what MS plans for a browser in Longhorn, but I know it will be bad for all other browsers.
I would say *not* to set the maxrequests to a number like 30. 3-6 should be good enough. You don't want to hammer a site with 30 simultaneous requests.
Vote for global prefs bug