Slashdot Mirror
Internet Users Not Updating Browser
Jackson writes "Security researchers from ETH Zurich, Google, and IBM Internet Security Systems have shown that more than 600 million Internet users don't use the latest version of their browser. The researchers' paper, shows that as of June 2008, only 59.1 percent of Internet users worldwide use the latest major version of their preferred web browser.
Suggestions have also been made to inform users that their browser is out of date."
If you're running Win9x/2000, you can't upgrade to the latest version of Internet Explorer.
body massage!
I wonder how many of those are IE6, which a lot of people use because they CAN'T upgrade to IE7.
And as an above commenter pointed out, I highly doubt they factored in that some OS's can't actually run the latest version of their browser.
+1 IDisagreeSoHeMustBeATrollOrAnAstroturferOrAShill
40 percent of internet users are not updating their browser.
And these same users are probably happily using windows 98 on their Pentium II's, and don't give a damn about having the most shiny, newest toy.
Large numbers of corporate users are at the mercy of the IT department's update/upgrade schedule. In my environment, there are a large number of applications that will break if IE7 is installed, and the schedule to update and test those dependencies is lengthy.
Furthermore, we've spent so much time training users to ignore messages that say "Your $FOO is out of date! Click here to install the latest version because it's almost always malware, and now you want to turn around and do the exact opposite?
"Tell me doctor, with all of your defenses, are there any provisions for an attack by killer bees?"
A lot of people simply don't want to change, for whatever reason. Its just the nature of stubbornness, the mentality "If it isn't broke, don't fix it.". If we all followed that mentality, we'd still be using candles/torches for our only portable light source.
Firefox already automatically updates.
If you have automatic updates turned on in Windows, they automatically update as well.
However, most people I know turn off automatic updates because it can be so obnoxious. Many folks also disable the BITS service because of the process overhead it chews up.
It's the difference between being a virtually seamless integration (like Firefox) or an overly-obtrusive integration that eats up system resources.
For instance - firefox tells you when you go to close the program that there are updates ready. Microsoft pops a little icon that #1 interrupts what you are doing #2 may very well crash the machine or lock it up if it happens while you're playing a game, etc. Remember that letter Gates sent about usability? It's the key in this case, I think.
I also wonder if this took business users into account - I can't update because my IT department won't let me. I doubt that would be different if we were using Firefox or Opera rather than IE.
Why would I use the latest and most annoying version of IE or the latest firefox that crashes my Ubuntu all the time?
Only 59.1% of users are up-to-date? I guess the submitter is the kind who sees the glass 40.9% empty.
You just got troll'd!
I can't upgrade to the latest version. It makes my tabs crash and causes me to lose m
In the case of Internet Explorer 7, there are reasons not to upgrade to it over version 6. I use IE6 only for the websites that don't work properly in Firefox and I am not interested in the additional integration that IE7 provides. A person concerned with security wouldn't use an integrated browser in the first place.
By the way, Microsoft does remind me that IE6 is out of date every chance that it gets.
I don't practice what I preach because I'm not the kind of person that I'm preaching to.
How many FF2 users just hate "AwsomeBar"?
Last I checked, FF2 security updates were still being pushed automatically, so what's the big deal about using 2.x over 3.0?
I'd rather have someone respond than be modded up.
I've not upgraded to firefox 3.0.1 on my desktop linux box yet, just haven't gotten around to recompiling it. However since I disable javascript, there's no real security threat and the proposed notifications wouldn't work either.
There are plenty of good reasons for not upgrading a browser. Suggesting an alert is okay until you consider over-zealous webmasters will whitelist browsers. We've had this problem before with sites blocking any browser other than IE, let's not go back to that stupidity!
Aside from when MS thought it was a great idea to lock you out of IE7 unless you had genuine Windows, I can't understand why people don't update. Generally speaking, browsers provide one-click updates that run automatically and restart the browser once it is done. It is quite possibly the easiest component to update that no one ever does. Although, at the same time, my father never updates his, thus I have to do it by hand. Its a problem of laziness I guess.
If this is how people treat their browser, I would hate to see what the rest of their components look like(OS, antivirus, spyware checker, etc).
Crackin' Wise - Blogging about whatever we want
What about your browsers that are provided by your IT department of your company?
I work in pretty large company and our IT dept. have disabled auto-updates from XP, Firefox and so on. Then they push updates to users when needed.
Above works fine in my company, but what about those companies with similar policies and non-existing or incompetent IT department? Browsing tubes all day long with old versions.
rdev
The IT drones at my employer rigidly demand that all company machines must run IE6. They've coded all their intranet applications solely for that version and by god they will not budge. Firefox is forbidden as a "security risk" and no where to be seen is IE7. Fortunately for me I work on Linux based projects and and run what I please.
6F 9E A9 1E 96 9F 74 27 ED B8 81 6D 0C 4E 1E 78
My other Sig is a 229.
I'm trying to pwn 40.9% of the visitors to my site!
If they say "IE 6.latest" or "Foxpro 2.latest" doesn't count as "latest" and those versions have no known unpatched vulnerabilities not shared by IE 7.latest or Foxpro 3.latest then they aren't counting properly.
There are good reasons not to do a major version upgrade the first few months it is out, but a prerequisite is that your existing browser continue to get security patches.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Reader's Digest version: Firefox rules, IE users are silly old grandmothers, blah, blah, blah.
"If it ain't broke, don't fix it". It's amazing that as many people upgrade as they do. The average user doesn't know his browser is broken. The average user doesn't care that his browser is broken. It displays web pages and that's all he cares about. He doesn't worry about botnets, and why should he?
Fellow nerds, a better job must be done! There are reasons for bugs and security holes, but no excuses. When I see slashdot posts saying "their going to loose all they're money" and "Its broken it's back" I see why software is so godawful - you guys are writing software like you write slashdot comments.
Someone's sig here says (not an exect quote) "If architects were like programmers, a woodpecker would destroy civilization." Please take that to heart!
I can take the downmodding this comment will certainly bring, but if it makes one programmer think about his software it will be worth it. Come on, guys, take a little pride in your work.
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
How many websites are still testing for things like Netscape 4.77?
For any given browser that is still in "production", you should be testing for what is the current major revision, the previous major revision, and optionally the current beta. Anything that falls outside of that range should probably raise a too old flag.
And while you are at it, quit telling me that my Firefox 3.x browser (actually Swiftfox 3.0.2pre-1) needs to be upgraded to Netscape 4.77 or IE 6.
I tend not to update my browser, or anything else that isn't broken, on my stable machine. No matter how many beta tests or how reliable or how improved a new version is touted to be I am always finding things that used to work and now don't. At some point you just want things to work and do not want to have to spend time reconfiguring or working around something that worked. Unless there is a new feature that I am excited about, or a huge security hole plugged, I stick with what works and it is no surprise to me that others do the same.
how I use web browsers is:
Firefox-2.0.0.16 with NoScript and without any plugins - for general purpose web browsing...
Seamonkey-1.1.11 with all the plugins, flash, java & mplayerplug-in - used only at trusted websites and only when there is media I want to see (used rarely) and Seamonkey for email too (I dont like thunderbird enough to use it)...
I don't really like Firefox-3.x because of the way it is being developed which is starting to look like feature creep is going to bloat it up, I would like to see it forked and have the fat trimmed off of it more, make it like dillo only better, if I was a clever code monkey genius I would grab the source for Firefox-3.x and fork it myself and trim it down to something like Firefox-1.x or 2.x (or a little leaner)...
Politics is Treachery, Religion is Brainwashing
yay ETH Zurich. Anyone else from ETH Zurich? No? Not a big deal really... Yaaaay ETH
Computer security includes things like
- encryption
- steganography
- signatures
- passwords and
- access control lists.
That is cool maths and tech. Stuff that matters. How disappointed I get when the "security researchers" write about, not interesting security measures, but just how the security is implemented. Boring, that's sociology! Making sure your users use secure software is important and all, but it's not something I want to read about on Slashdot. I want my old geeky Slashdot back!
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
At home, I have no reason to jump to FF3. FF2 works fine for me. And it's still getting security fixes, so I'm not worried about malware.
At work, it's not my choice. I have to use IE6, but frankly I like IE6 better than IE7 anyway.
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Water is wet
War is peace
Freedom is Slavery
Ignorance is Strength
Burma Shave
For most "grandmothers" and other non-technically inclined users, why upgrade? Heck, I'd wager most don't even know there is an update, or that you should be updating. Only those that know the technology and the potential risks will care to keep things up to date. And even then, I rarely update, but then again, I routinely format my windows boxes due to all the other issues that come up.
"I don't really like Firefox-3.x .. which is starting to look like feature creep"
..
Try Gran Paradiso, supposed to be at the bleeding edge of development
davecb5620@gmail.com
There's a reason people stick to IE6.
It's called IE7.
No, I'm not making a joke. IE7 brings with it all the dubious "improvements" to the user interface that Microsoft came up with for Vista.
And that's the low-hanging fruit. That's the browser that most needs to be updated. The rest are almost lost in the noise, because thanks to ActiveX and browser integration and "(in)security zones" you're better off with a three year old version of any other browser than even the latest version of Internet Explorer.
The best thing that Microsoft could do to get people to update would be to roll back the "Vista Theme", or make it optional. In Vista, too, for that matter.
i'm still using netscape 7.2 w/ no flash/activeX/java/etc under vista. today i learned slashdot.org crashes this browser. what changed? i'm having to use IE to type the message.
So people don't really care so much about all those new features that make the new generation browser deliver the best internet browsing experience ever. Does this tell us something about product management? Software development?
I'm using Kubuntu Gutsy Gibbon and it apparently does not have anything past 3.0 alphaB in the repository and FF own auto update feature is grayed out (2.0.0.14) - Haven't got around to downloading the tarbell... wait a minute, auto update will give me 2.0.0.16.
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
Seems like when a new Fire Fox browser gets "released" there are still some rather annoying bugs. I usually wait about six months for the main bugs to be worked out before I upgrade.
Users with broadband connections are under the misimpression that upgrades are free and that everyone should do them. Some of us are still stuck in dialup hell, and downloading an upgrade costs a lot of time. And besides, the old software is perfectly adequate.
I rejoice that there are owls.
Anyone else friggin hate it when products and publications use the words "internet" and "web" interchangeably? It's a web browser, not an internet browser. The internet is more than a presentation layer.
Not upgrading to IE7 because you don't "use" it is dangerous. Because, as you mentioned, IE is closely integrated into the operating system, its components can be used by other applications regardless of whether you click the blue 'E' icon or not. Any Windows application that has the ability to handle HTML content is likely to use some IE components. So if IE is not fully up to date, these other applications can put you at risk.
So, for example, vulnerabilities that only affect IE6 may affect other applications that use the relevant IE components for HTML rendering (think email, IM, etc.). Such as:
http://www.kb.cert.org/vuls/id/923508
Or, even better... A recent Safari for Windows vulnerability:
http://www.kb.cert.org/vuls/id/127185
Safari, a "stand-alone" web browser, is actually at a higher risk on systems with IE6 as opposed to IE7.
As with any software on your computer, you should upgrade it whether you *think* you use it or not.
Opera 9.51 (and the 9.52 beta) just does not work well enough for every day use. If you read the Opera news groups, you will see that Opera users are reverting to 9.27.
[rant][scarcasm:low]
From the IT Drone perspective my response to those championing the need to download the latest IE or have FFox or some other browser that is different to the established standard, would be that in IT Support, keeping everyone on the same platform is the most effective method of reducing faults.
We know that you're all on IE6 SP2 (in our case). We know that you're on XPPro-SP2 with a defined set of patches due to patch propagation. We know you're on Office 2003-SP3. WE know you're on a verion of Adobe Reader, and Sun-Java Runtime.
So when you say "I've got error 'xyz'" on your machine we can eliminate 90% of the problems and fix down on single issues.
It means that when a new intranet patch is released by the development team they don't have to test and do UAT on several dozen combinations.
Yes its totally inconvenient that you are not permitted to download the latest IE7 or FFox or whatever.
Do you want a quick and efficient response to your support call, do you want us to turn around and respond quickly with a quick, "you're right, that is broken .. I'll log it with the intra-dev team", then allow us to stick to a standard. If you don't mind waiting 3 or more days while we find out what configuration of patches, versions and programs you have and elimitate the different configurations then feel free and champion an environment that permits the user population to install whatever they want.
I applaud your ability to run on Linux, nice system, does exactly what it says no the tin. For the 99% of average everyday Win/Office users in the known universe... its us poor schmucks in IT Support who have to cope with the problems.
[/rant][/scarcasm:low]
--- This meme is memory intensive
Trying to recall the last straw for Microsoft for me, was it the abortive ME? Or the proprietary hardware that REQUIRED the latest drivers from an OS I hadn't yet invested in? Oh, I know what it was! It was that $189 price tag for an UPGRADE version of an OS that effectively surrendered my usability rights to hardware I BOUGHT, I ASSEMBLED, and I MAINTAINED, when my wallet had only $100 in it. That was the day I gave a serious look to Linux adoption. Been a Linux user since. Granted, some distros aren't much better with rights issues, but at least the price tag is a bit more realistic.
Aside from when MS thought it was a great idea to lock you out of IE7 unless you had genuine Windows, I can't understand why people don't update.
Two big reasons that have nothing to do with laziness:
1. Because updates carry a bigger perceived risk than not updating.
2. Because updates are used to force changes they don't want on them.
There are good arguments you can use to convince people they're mistaken about #1, but there's not much you can do about #2 if you're not Microsoft. And I guess Microsoft sees the risk from people not updating is less than the risk that people won't get won over to Vista by hook or by crook. And for them it probably is.
Gran Paradiso is the codename for Firefox 3, just like Bon Echo was the codename for Firefox 2, so Gran Paradiso is no longer bleeding edge, "Shiretoko" appears to be the codename for Firefox 3.1 if you want to keep up with the latest builds.
unlike the rest of the world, I LIKE typing in
"my computer" and not having a new window pop open.
I understand the differences about where I am navigating to when I type in //google.com
\\servername\ or \\localpc\ or \\remotepc\ I'm vpn connected to or
'control panel' or 'network connections'
or whatever, and still be working in the same damn window..
the whole 'new window based on name' thing drives me up the fraking wall..
every day http://en.wikipedia.org/wiki/Special:Random
This more than likely equates to 59% of the population not upgraded being IE users and .1% everything else. Especially since other browsers tell you when an update is available.
Those who have telepathy have no need to RTFA.
latest major version of their preferred web browser
This is not always bad. If they had said latest minor version, I'd be more concerned. Example: FF2 and FF3: both keep getting security patches (at least until this December).
I run a rather busy Mozilla related server (~200k hits per day).
:-)
Within days after the release of Firefox 3, over 40% of my visitors
had switched to it. Another ~50% use the newest 2.0.x version.
Conclusion:
It makes a huge difference if the user is aware of existing choices and has
actively chosen a certain browser (i.e. installed something other than the default).
Also, Firefox' autoupdate mechanism works very well.
I cannot say anything about IE users - they make for less than 0,2% of my hits
Also, I don't claim to have representative numbers for the "general Mozilla crowd",
as my target audience are the more tech-savvy.
I don't have the absolute latest browser version, but all of mine are pretty close...
www.purevolume.com/martyd
I've been setting up a traffic statistics server (AWStats, if you're interested), and I'm seeing traffic from Netscape 4, Firefox 0.10.0 (zero ten zero, not a typo), IE 3.02.
Web 2.0 == Giant Blogspam Circle Jerk
How is it bad to stick with the latest Firefox 2, which is still maintained, instead of upgrading to Firefox 3, the latest version, which still has quite a few issues on top of being quite inefficient?
What matters is not whether users update to the latest major versions, but whether they use the latest version of a maintained branch.
Lynx 2.8.6... yep, I'm up-to-date...
in a manner of speaking.
Well, back to rejecting software patent applications.
I can't believe this is "breaking news". A site I manage (bidtopia.com) while not getting a statistically hige sample of traffic (in the 500,000 - 1,000,000 hits per day range), still gets just under 20% of all users visiting with IE6. So, while my MS rep is often checking up to ask when will we be adding IE8 specific functionality, we have to be sensitive to folks who (seem to) never upgrade. Some days we even have more Netscape visits than Safari visits. I also can't help but wonder what kind of experience the folks who I see hit our site with WebTV and the PSP browser are having...
www.joking.net
Doing ANYTHING with Vista is a PITA and not something for your grandmother. If people would use BSD, GNU/Linux or Mac instead, we would not be having this conversation because all of them are easy enough to update that it actually happens.
There's some magic key for about:config...
In addition the content of said upgrades is often different.
Almost always, a firefox automatic upgrade will only be, well a newer version with several bug fixed.
Whereas, Microsoft is known to use the upgrades service ... ... to push half-baked upgrades which completely break legitimate and even critical application (ZoneAlarm firewall was broken by an upgrade 1 or 2 weeks ago). ... to push new system to authenticate legitimate copies of windows. Usually very annoying and sometimes even disables some of the updates (WGA ?) ... to push more cumbersome DRM.
-
-
-
All of which is usually flagged as "critical" updates and forced on the user.
windows users have become paranoid about anything coming automatically through the MS-Upgrade service.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Suggestions have also been made to inform users that their browser is out of date.
Why? I know I run an out-of-date browser (FF1.5), and just don't care. For that matter, it annoyed me when FF tried to update itself (and refused to take "no" for an answer), to the point that I blocked its update site in my hosts file.
The computer industry (and I say this as part of it) has a disease - We insist on always having the latest-and-greatest version of everything, despite already having something "good enough". Now, I'll lead the pack in bitching about stupid or stubborn users, but in this case, I can certainly sympathize with them... Stop forcing updates on us that have no (apparent) use except making a higher number appear in the "about" dialog.
Of course, if a really impressive new feature appears, I'll gladly upgrade to get it; But in the browser world, we haven't seen any really useful new features in a looooooong time.
The majority of people don't upgrade their browser because they want to, they do it because they have to.
The sooner support is dropped for browsers, the sooner people upgrade em-mass.
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
"Yes, but the couple dozen megabytes they saved by using all that shared code is totally worth the hassles it caused..."
Or...
"Yes, but the 1 or 2 seconds it saves on IE's startup will help ensure that nobody ever uses anything other than good old IE, updating problems be damned..."
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Their numbers are based on MAJOR version number, e.g. running IE6 and not IE7.
This is NOT the same as understanding whether users are using the MOST PATCHED version of their chosen browser.
For example, I'm running Firefox 2 right now, because there are extensions I need that aren't FF3 compatible. I'm running 2.0.0.16, which is the most updated FF2. I feel that I'm in a good place security-wise. Someone running FF 2.0.0.0 is the one who needs to worry. Or, for that matter, 3.0.0.0 now that more updated FF3's are available.
The right security questions are:
* Are recent security patches available for your browser version? (some very old browsers don't get support anymore)
* Do you run those patches?
The most recent major version tells you NOTHING. It's probably more a proxy for "when did you buy the computer?" than anything else.
The reason some people are not upgrading their browsers may be the insufficiently robust upgrade mechanism that leads to data and productivity losses. Several months ago I installed the pre-release version of Firefox 3 alongside my existing v. 2 installation. During installation Firefox 3 created a copy of my settings and bookmarks. I only used this version briefly, since it had a few annoying bugs eventually corrected in the final release.
A few weeks ago I upgraded to the newly-released production version of Firefox 3. The installation replaced my existing Firefox 2, which was what I wanted, but for whatever reason it copied all the settings and bookmarks from the v.3 beta installation. Of course by then those settings and bookmarks were several months out of date. So I lost my current bookmarks file - not a terrible tragedy, but it did cause me to disable automatic checking for updates in Firefox.
This was an obvious oversight on the part of the developers of Firefox. Issues like these cause users to think twice before upgrading their applications.
I worked for a company that provided e-learning environments (small company, not large). Their environment didn't work in Firefox or Opera at all (and they weren't coding for it) partially worked in Safari, and IE7 still doesn't work. Since they support numerous agencies across the country for a particular type of e-learning that is required to keep licensing, at least 200,000 people across the country couldn't upgrade to IE7, or use any other browser.
In America today you can murder land for private profit. You can leave the corpse for all to see, and nobody calls the c
Usually, it is recommended that one does NOT navigate the net while logged as administrator (also known as "root" or "superuser").
Logged as a non-privileged user one usually cannot install updates, 'cause browsers almost always are installed with an administrator/root account.
But the real problem is the update notification. The way Firefox is built, I don't even get to know there is an update at all!
I suggest making the update verification non-privileged... I may even file a bug, but not at the moment.
DISCLAIMER: All this is unrelated to my employer.
Perhaps they're just waiting for a stable version of the browser to come along?
BSD and GNU/Linux probably isn't for your grandmother either.
Pancakes. Oh I blew it.
I use Firefox 1.5 and I'll upgrade to 3.0 just as soon as all my extensions -- the things that actually make Firefox, you know, useful -- are working again with the new version.
It works (for what they want, not what you want)
Every time one has to upgrade its more bloatware, usually a lot of junk you don't want. A lot of new stuff which prevents you from doing what you have to do, and now have to spent time to see if you can switch of. It's usually slower in spite of what marketing promises you.
Upgrading is a bother, something most people would rather avoid.
If Google really cared they would fix Android Chrome to reflow text, instead of discriminating
I am already upgraded to IE 8 What? Why are you laughing?
Eclipse PDE and Me
If Ubuntu isn't suitable for my grandmother, then nothing is. Its 100x easier to install and maintain and 100x harder to screw up.
Most of those 40.9% are probably people that can't upgrade, cause IT people won't let them.
And they won't let them, cause they use some piece of shit apps that depend on software thats exactly the same piece of shit as them.
Usually you don't really need to care about those people browsing experience on your website, unless its meant to be browsed by those people.
So yeah - forget about quirks for IE6, and shift your suicidal thoughts to IE7.
As for the people who don't want to upgrade their Opera 9.27 or Firefox 2 to the new ones - just tell them to upgrade/install one of them.
People usually have either FF or Opera as a 'backup', so upgrading your 'backup' won't break any preferences/habits that setting up took you ages - cause there aren't any.
I can only hope for brighter future, where IE supports most of the stuff thats used by latest FF/Opera, and people are actually upgrading to it.
Most people simply don't care.
I am quite sick of having $FOO need updated, upgraded, renewed and/or replaced because it is no longer supported.
The "browser" should not *have* to be replaced for relatively _long_ periods. Security and Critical (and I mean this in the tightest of interpretations) should be invisible, seamless, and automatic by default, something like some browsers have already. Further, a feature upgrade channel should be defined and configurable that would again be user configurable.
Bottom line, browsers are being pushed out too often. Most people just want it to work, period, and any upgrades updates features plug-ins etc etc etc are more a hassle than anything else.
One more thing; resources.
The browser (when using less than an average multi-task load of 4-6 windows or 4-6 tabs) should not use excessive system resources. Excessive is more than 10-14%, based again on 4-6 items running and not exceeding this limitation.
We would also be living in a parallel universe where I have a puppy.
When the media player DOM and the will be in most browsers and once main video web sites support all that media boiler plate, people may think its a good incentive to upgrade.
don't shoot the messenger! A lot of times the people in charge of software deployment and management are not the developers, and behind the scenes, they may roll their eyes at the developers' insistence on IE6 as much as you do. Whether or not they have the skills to solve the problem, they don't have the authority or free time to do it; that's the developers' turf.
I'm sick and tired of CS "professionals" like yourself who think they know all about security without realizing that the end-user is PART of the security. I may be on the softer side of CS, but even I know that eventually you reach a point where the computer can be as complex and secure as cool, complex security can be, but if you can still "social engineer" the schmuck running it into giving you his password, you've still beaten the system.
Sooner or later, the user becomes the weakest link instead of the computer.
Making sure users are using the most up-to-date browsers and software is a big part of computer security, and some of that is obsolesence, some of that is stubbornness ("I'll lose my favorite plugin if I update!"), and some of that is plain ignorance.
Being aware that two fifths of the internet is still running exploitable software IS a big deal to those trying to prevent the spread of big viruses, and the only way that's going to get fixed in the long run is if you educate users to know better and to realize that they need to take an active role in the defense of their own computers and not just trust that the "nice big software companies" will do it for them.
Perfect Security will not come when you build the ultimate foolproof software. It'll come when you can convince your grandmother "Okay, here's how you use the software to keep yourself safe, but you still need to do your part to make sure that it stays healthy and updated so it can do all that, okay?"
General Electric (at least in Europe, can't speak for other territories) only supports IE6 on their client pc's. IE7 breaks many internal web pages and if found on a user's computer, is uninstalled immediately. Stupid policy? Horrible web page design? Sure. But with 300,000+ worldwide employees, all stuck on an older version of Internet Explorer with no upgrade path or timeline in sight, I don't see this changing anytime soon. And GE (particularly under Jack Welch) has always struck me as a fairly nimble company compared to others it's size. I wonder how many other mega-corporations are similarly locked into older versions of web browsers and how much they contribute to the overall percentage of non-updated persons.
Due to circumstances beyond my control, I am master of my fate and captain of my soul.
Curiously, I just happened to be looking at my company's analytics when I came across this story. Here's what our analytics say...
;-p
Out of 7330 unique visitors...
48.7% use IE7
19.0% use IE6
18.6% use Firefox 2
6.64% use Firefox 3
4.78% use Safari 3
0.96% use Firefox 1
0.66% use Safari
0.33% use Mozilla
0.12% use Opera
0.06% use IE5
At least that's what our analytics say...
Firefox 3 without my Firefox 2 plugins is useless to me. If I can't run NoSquint, most pages will be too small for me to see. There are other examples but I'm just providing that one.
-Clio
Karma: Bad (mostly from not giving a fuck)
Blog: http://clintjcl.wordpress.com
Obviously my mind is buggy.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Is it me, or is this directly contradictory to this article?
From that one: "Firefox users were far and away the most likely to use the latest version, with an overwhelming 83.3 percent running an updated browser on any given day. " Did someone really lump IE with the rest of the world?
Do they treat these as distinct browsers? I still use FF2 because, quite frankly, I don't like FF3... I am, however, using the latest version of FF2.
Someone whose business applications only run on Windows 95/98 or ME
...can run existing Windows 95/98 or ME licenses in a virtual machine.
So I think to display stats like this you need to ask "Who is on BROADBAND who hasn't upgraded?"
I've tried every release candidate for Firefox3 till today and they all need libraries that are only available to user of distros that came out in the last eighteen months. That's absurd. XP came out seven years ago and yet the Firefox Foundation has no problem supporting XP for Firefox3, and yet when it comes to Linux they come off with this flippant attitude of --well, you Linux lusers are all using free software so why don't you just get a free upgrade and stop whining.
That's pretty fucked up and from what I've seen on message boards including the ones at Mozilla, there is a huge number of users facing this same problem.
--because she's had too many bad experiences with things breaking, after updates;
--because updates are unwanted interruptions, there are too many of them, they take too long, they interfere with her work, and she's sick of them;
--because vendors are too dishonest about giving the reasons for any particular update. The reasons given are vague and almost always the same ("improve application stability") ("correct a security problem.") Many of them are self-serving (e.g. ratcheting up DRM being billed as "security").
--because it is virtually impossible for my wife to figure out which updates she actually needs, and she simply refuses to install all of them blindly.
For example, recently she's been bombarded with updates that are billed as "improving Vista compatibility." She's running XP. Does she need them or not? Her attitude is, "I'm not running Vista, forget it."
"How to Do Nothing," kids activities, back in print!
So if they have to use all these fucking snazzy ass libraries, why can't they do a statically compiled version? Who cares if it's 200megs, I'll take it. It's not even an option.
to allow for the latest browsers to work with them.
some browser based utilities like web bases ssl/vpn don't work wit Firefox, etc, etc... It takes a little time.
Vista can be configured to look pretty much like XP.
Superficially, yes. But in practice not even as much as XP can be made to work like 2000 (and there you can't get rid of some of the wizards and go back to control panel preference sheets for everything). Note that even in your image of the "classic theme", two of the windows do not have menu bars but instead have ribbons.
I used the "classic theme" in Vista, and set the task bar and start menu to classic mode, and spent about half an hour googling for ways to remove the ribbon and get menus back everywhere, and it just can't be done.
So, Mister Bones, tell me... how do you do the rest of the job?
According to my apt.sources, firefox 3 isn't yet in debian stable. I know stable tends to only add something 5 years after the maintainer dies, but it'd be nice to have a few things current without them saying it's my fault if the install hoses the system...
This is getting so pathetic... are you really so starved for attention that you've taken to uncovering your own shilling?
When were these statistics taken, and how soon after browser releases? For example, if they were taken 1 day after Firefox 3 came out, I bet a lot of people wouldn't be up to date with the latest version of their browser.
Yeah, I guess I'm a bit behind.
Have gnu, will travel.
For instance, I develop a lot of web pages, mostly by writing code that generates the pages, but also by typing HTML myself. Big deal, you say; that puts me in the same class as N million other people.
Yeah, but I'm one of those that want their web sites to work for as many people as possible. So I have lots of browsers installed for testing. And, since 40% of my visitors are going to have "obsolete" browsers, if I have any sense at all, I'm going to test against some of the more common of them.
I'm typing this on my Mac, which Apple probably considers not up to date. It's a 5-year old Powerbook running OSX 10.4.11. Not only have I not upgraded to Tiger; the dozen or so browsers installed here include some that are intentionally old releases. This includes the IE5 that came with the machine, and also a late Netscape (RIP) release. I also have lynx installed on several machines, which is important if among other things you're working on sites that are accessible to the blind.
I wonder what fraction of the browser traffic is from conscientious web developers who test against a lot of browsers? I wonder if anyone has tackled the problem of distinguishing such visits from others?
Then, of course, there's the growing body of software that pretends to be a browser so that web sites won't just blow them off. "Web scraping" is a growing business, and most of the people doing it know quite well why their software has to impersonate a browser. But this usually just entails finding a UserID string that web sites accept; there's no real reason to keep your UserID string up to date. Is there any data on how much web traffic is of this type?
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
If you update files in a package managed by the package manager, but don't tell the package manager about it, you most likely will have problems down the road, with versioning or with a file no longer being there that the package manager expects, or a file having incorrect permissions.
Hail Eris, full of mischief...
E pluribus sanguinem
The main article makes it sound like it is only the luddites that are refusing to upgrade, but this isn't the full story. As the parent post suggests, there are lots of people in Operaland that are unhappy with 9.5.
Sure, there may be new functionality, but if your favorite website or favorite Opera behavior has subtlety changed for the worse, then downgrading is your only option.
For the record, Opera 9.5 was the first official release of Opera that seemed worse in its core browsing functionality than the version that preceeded it for a lot of people. And yes, the Opera website's newsgroups are full of complaints.
Well, most of those people must be using Internet Explorer and maybe a version of windows unsupported by new IE.
Firefox? It mostly updates automatically, there has been many times I start it only to be greeted by a page saying I'm on latest version, it just updates, not questions no bothering me. Thats Joe sixpack security updates for you.
The study takes a very nieve view of updates. They assume any update can have no new problems. They do not even mention the possibility that the update might be worse than the user's current version.
Software sometimes does have bugs. In fact, many of the updates include security patched to fix bugs.
Grabbing the latest new thing is often just as bad as waiting too long.
Within days after the release of Firefox 3, over 40% of my visitors had switched to it. Another ~50% use the newest 2.0.x version.
Would a large portion of those 40.9% not current, would they be FF 2.x users? Purposely not upgrading?
That is the case with me: I lagged to up from 1x to 2x, and now from 2x to 3x. Let them work the bugs out, up their plugins, etc., man. And maybe downgrade some of the 3x features I read are driving some batty around here. Don't assume the worst is what am saying: poll takers, survey makers, mouth off shooters. ^.^
Does something look just a bit wrong with this headline?
Yes: 's/Internet/Intarweb/'
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
hey, guys, give me a couple thousand to upgrade all my apps, and then I will upgrade mah zilla. otherwise, ain't happening. retrofit the features, don't use 'em, or push down the level of OS you are writing to.
if this is supposed to be a new economy, how come they still want my old fashioned money?
The problem is we're expected to develop a site that looks decent in all these old crummy browsers that shouldn't even be around for numerous reasons.
People shouldn't have to upgrade the second something new comes out but rather than putting work into making something work in IE, those people should get a "print version" style for websites. That way they don't miss out on the important stuff (the information) but it's very basic and means they're more likely to move on from their outdated browser.
.
That 40% is quite obviously content with the MS-DOS, Win 3 and Win 9x apps they have been around for damn near thirty years. They will not be switching to Linux at this late date.
I thought it was ironic that IBM Security Systems put out the report, since IBM doesn't support use of IE 7 internally--everyone is told to stay on IE 6 until various applications can be updated.
Firefox is supported, however.
[Opinions mine, not IBM's.]
GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
Do you hate twitter? Do you loath Slashdot? Are you a total fuckwad? Then join the Twitter Negation Association of America (TNAA) and help ruin Slashdot. How does it work? Easy:
The point is to increase noise to signal ratios. Join today!
Comment removed based on user account deletion
OK, so I'm a lazy Linux user. I wait for my distro (Fedora) to release a new version of Firefox. To be quite honest, I'm gettting tired of waiting much like waiting for a stable Adobe Flash Plugin that is also stable. (Sometime I think those guys at Adobe intentional screw with Linux users. You shouldn't have to rewrite all of your code to create a damn plugin! I'm glad that is over, but their starting to slack off again.) So here I am still using Firefox 2 when I would really like to use Firefox 3. Sure, I could just download the source files, do a make;make install, but I feel if I do that using Fedora, I would upset the stability. Plus, I wouldn't know where to put the source file when I downloaded it or what I needed to do if I wanted to upgrade from source. (Help me out, gurus, if you know what to do. I feel like such a n00b sometimes.)
The Rapture is NOT an exit strategy.
For several weeks hotmail has given me a nag screen to update my browser.. I have the Iceweasel equivalent of Firefox 3.. I have written them to try and get rid of the nag.. so far my emails have been a waste of bits.
waiting for ad.doubleclick.net
I found Opera 9.50 to be a bit buggy, but 9.51 seemed to clear that up. There are some annoyances, like the new location for the "New Tab" button, but overall I find Opera 9.5 to be faster and less of a CPU hog than the 9.2x versions.
Oh, I know my version of Opera is outdated on my desktop PC. And I know that it's causing problems with some websites as well as creating a security risk. And I've got upgrade notifications turned on, too. So why haven't I upgraded?
Simple. I installed Linux a few months ago.
How can that have anything to do with it? Also simple. When a Linux user is notified that an upgrade is available, they can simply install it, close Opera, re-open Opera and go about their business with the same customized toolbars, bookmarks, RSS feeds, etc. A Windows user? Hell, I'll lose all of that. The bookmarks and feeds are easy to restore, but I still have to go through the process of downloading and placing buttons back the way I like them. I can't preserve the config file, because anything new in the config file would end up missing.
So, I don't upgrade because it's a pain in my ass.
And a note to the Linux advocates flocking to this comment before it's even posted: "He's using Windows!" Yes he is. You show me a Linux distro that doesn't cough up hairballs over my hardware configuration and I'll show you a copy of Linux that's finally the equal to Windows. Yes, your operating system is free, relatively stable (until you try to do something and break it, leading to crashes JUST LIKE WINDOWS,) and open source. But compatibility and ease of use are still lacking, no matter how much you try to sweep that under the rug. The four hours of free time I have after work are meant for something besides searching Google for two hours, trying the recommended "sure fire" fix and having my GUI so absolutely broken that I have to fall back to lynx at the bash prompt. I say this not from stereotyping but from experience with Ubuntu 7 and 8, which no longer detects my mouse at all instead of 7's generic driver.
The malware authors have been doing this for years now. Does anyone else remember the "website x is trying to install an active-x control from your browser is out of date and needs to be updated. click yes to continue do you wish wish to proceed?" pop-ups. This is the same thing as saying that banks should warn their users via e-mail about phishing. The bad guys have already poisoned the well in both cases. This will only make matters worse as malware exploits user confusion over official and non-official "updates" to their browsers.
it's that the FF extensions I find most useful are still not 3.0 friendly. Soon, hopefully.
damaged by dogma
I wonder what number I am of the 600 million. Maybe the 600 millionth. Are they sure it isn't like 100 million weirdos doing 600 repeats, or maybe just 1 million doing 6000, or perhaps, 60 million doing the same thing ten times. Just to trick it into 600 million wrong. Or maybe its...
good for you. here's a cookie.
.
That hits the nail on the head. For me, 9.50, 9.51 and 9.52 versions of Opera are all significant back steps from 9.27.
I have to wonder why Opera released such half-baked software? Was there a race with FireFox 3.x? Was it the ACID results? I have trouble believing that a company which is trying to gain marketshare would intentionally release such problematic software.
I "hate" to skew their stats, but I sometimes use older mac notebooks and desktops which can only run up to Mac OS 9 at best, which means the very latest browser available for it is a fairly ancient 3rd party build of Mozilla. In fact I am posting this reply with one of those notebooks, and that Mozilla build (wamcom). I don't use them for anything security sensitive, mainly they're just convenient to use at times to browse news, however many sites no longer properly render properly under wamcom and recent (last 2-3d) changes in slashdot javascript code(a guess, or a rogue ad with javascript) causes wamcom to crash upon loading /. with javascript enabled. (Actually I'm using one of the old mac notebooks more ATM as my other mac notebooks require a new fluorescent tube in both, and a new keyboard on a second which I don't feel like messing around with ATM, as I also have various desktops with the latest and greatest FF installed (never use IE on windows machines as I never liked it).)
On top of that, I've got several other handheld devices whose only web browsers are very old as well, however I'd doubt that they even show up in their stats.
Weirdly, I have recently run into the inverse of this problem: out-of-date server-side code at my bank demanding that I that my FF 3.0.1 browser to the latest version with a "Get Firefox Now!" button. Funny!