The study is being done only using people who are into social networking. There are several categories of isolating factors that doesn't control for properly.
You also need to include in your study, in proportional quantities to the whole world's population, people who think Facebook is stupid, not to mention people who don't have access to the internet, people who live in remote rural areas and have never traveled more than a few miles from home, and people who speak only one language and it's *not* a major lingua franca like English.
Selecting your sample population in a way that inherently excludes these groups of people guarantees that your results will be a severe misrepresentation of the average case.
Just because something is theoretically obsolete (_depending_ on your usage pattern) doesn't mean users no longer expect it to be in a certain place and get confused and annoyed when, for no apparent reason, it appears in a completely different place. I'm not complaining about the home button moving on my own behalf. (Personally I just use the bookmarks toolbar, or bookmark keywords.) As a network administrator I deploy Firefox on all the computers in my workplace, and the list of things I have to do on _each_ of those computers to get new versions into a state where users don't freak out and panic and demand the old version back has tripled in length over the last year or so. Putting the buttons back in their traditional arrangement is one of those things. For some reason, users don't complain much about the back and forward button being connected to each other. Go figure. But they do complain, bitterly, when UI elements move to different places.
> I would rather prefer they finish HTML5, CSS3 and SVG > support and other standards implementations.
Actually, I've been pleased with the work the Gecko team has been doing, especially with regard to supporting previously-unimplemented CSS features (text-shadow, box-shadow, @font-face, media queries, I don't even know what all). If I thought I had anything approaching the C/C++ chops required, I'd be awfully tempted to try to merge a recent Gecko with the user interface from Firefox 2. But I'm mostly a network administrator with very limited programming experience, none of it in traditional application development.
It loses tabs, and any information they contain, under two distinct sets of circumstances. One of the bugs causes the surreptitious loss of just one tab at a time, but it occurs _frequently_, so that over the course of a day's browsing you lose several; the way it happens, you generally don't realize they're missing until later. The other bug occurs less often but wipes out all of your tabs in one fell swoop, and they are unrecoverable. I kept trying to put up with it, hoping that the bugs would be fixed in the next update, but eventually I found out (by chance, when I was looking for something else on Bugzilla) that one of the bugs (the sneaky one, the one I mentioned first) was actually introduced *deliberately*. That was the exact moment when I lost all interest in continuing to attempt to make myself like the new versions. I downgraded to 2.0.0.20, and it felt so _good_ to finally have a browser that actually _worked_ again. It's easily the most satisfying software downgrade I've ever performed.
On the contrary, Google only controls a few web services, none of which have more than about 60% market share worldwide (though the search engine has a higher market share than that in the English-speaking world, which is a very important market). Microsoft, on the other hand, controls the operating systems on more than 85% of the world's computers.
A browser can visit another site if one site stops working with it. Even if Firefox stops working on Google, users could still use Firefox on their computers, for browsing other sites, and just break out Chrome for using Google services. Let the same company control the search engine that controls the operating system, though, and the browser would be caught in the middle, unable to do Jack Diddley Squat without Microsoft's permission.
Also, Microsoft has consistently shown itself to be willing (indeed, eager) to promote exactly the sort of proprietary black-box file formats and protocols that are fundamentally incompatible not just with open-source software but with *alternative* software in general -- incompatible with competition of any kind. Google, whatever their sins against privacy, have never been so much as *accused* of that kind of lock-in scheme. Microsoft has been convicted of it in court and is widely believed to be guilty of MUCH more than was proven.
Google is powerful and perhaps not entirely trustworthy, but Microsoft is more powerful and WAY more unscrupulous and hostile.
Microsoft? Are you out of your everliving mind? We *just* got the web (mostly) wrested free from their proprietary grip. It was a rather near thing.
I admit, having almost every browser *except* IE default to the same search engine does seem less than ideal, and a couple more major players in the search space would be good for competition.
But I'd rather dump the default search traffic straight to the name resolver (and overburden the whole world's DNS infrastructure, not to mention giving the user rather inferior results) than send it to Microsoft.
> Google only supports the last 3 versions of a browser.
There's an extension called User Agent Switcher. Setting it to mimic a recent version of Firefox causes problems for some reason, but if you set it to mimic a recent version of Opera, suddenly everything works just fine. (Disclaimer: I haven't tested this with every single feature of every single Google service in existence; but it works with everything that I *have* tried.)
Twitter no longer works with Firefox 2 as of about a week ago (ever since they made the Big Stupid Change that puts acres of whitespace between adjascent tweets), but I haven't managed to find a browser that the new version *does* work with (and, being a web developer, I have like fifteen different browsers installed for testing; you'd think they could manage to support at least of them, but no), so phooey on Twitter.
> And when will Mozilla stop screwing around with the UI?
When pigs fly, I think. As near as I can tell, user expectations got changed over from something that Firefox wanted to meet to something that Firefox specifically wants to break, sometime around version 1.5. The gratuitous UI changes were minor at first (little things like the first round of changes to how bookmarks work), but the growth rate of their significance appears to be geometric: if rearranging the order of the standard buttons (back, forward, reload, stop -- not that the stop button in Firefox has EVER worked correctly) wasn't new and interesting enough for you, hold on to your seat, because in version three we're completely altering how the location bar works, and then version four changes the whole top of the browser window around so much you won't even recognize it.
Soon we'll be doing away with the tired old "back button" concept, ranking the pages in your history by their *popularity* (as determined by other users), and presenting them visually as part of Panorama. Also, "scrolling down" will be replaced with "zooming in", which you can do with multi-touch trackpad gestures, and manually-created bookmarks will be phased out in favor of assigning ratings (one, two, three, four, or five stars) to the items in your history, which informs your search results when you use the Awesomeness Bar. The bookmarks toolbar will obviously be going away, and also bookmark keywords, and the tab bar will be merged into the Awesomeness bar as well, so instead of having a bar of tabs that you can switch to, you can just use the Awesomeness Bar to search through your open tabs just like you would search through your history.
(Am I just being stupidly absurd? If you'd told me in 2000 about all the changes in Firefox 3, 4, and 5, I'd have said you were being stupidly absurd. I mean, really, getting rid of the menu bar? Putting the home button clear over to the right of the search box? Integrating bookmarks with history? No browser maker could EVER think those would be good ideas. Oh, wait. They did.)
4? I'd consider upgrading if they just fixed the two distinct data-loss bugs they introduced in Firefox 3 that have been there ever since. (Currently I'm using 2.0.0.20, because it doesn't lose data. I know people complain about FF2's performance, but that's always been less of a concern for me.)
The most important thing that needs to be done is to fix things so that the client can know if the cert has unexpectedly changed.
In its current state, https seems to be mostly concerned with fighting cheap MITM attacks against sites that the user has never visited before. This is stupid. It's FAR more important to prevent moderately-difficult MITM attacks against sites that the user visits on a regular basis. SSH handles this well, but it only works as well as it does because the user can be expected to know when the server's cert is legitimately expected to change -- a practical impossibility with HTTPS. HTTPS doesn't even try: anyone on the (very long and rapidly growing) list of people who can sign certs (that the browser will recognize) can provide a valid new cert at any time, for any site, and the user will never even know that the site's cert has changed. This is very bad.
The solution is for the site, whenever it is visited, to supply the user with information about when the cert is expected to change next, and for the browser to REMEMBER this (with the cert). If the cert changes unexpectedly, alarms go off.
Currently, scary alarms go off mostly when the client computer's date is incorrect -- which happens frequently on older computers, because the coin cell on the motherboard dies. (Current browsers make no attempt whatsoever to verify that it really is 2185 or whatever before presenting the user with the big scary warning about the site's cert being invalid, and the warning doesn't say "either your computer's date, 25 January 2185, is WAY OFF and it's really only 2010 or so, OR ELSE the server's cert is expired.") Even if the date could be verified independently, the current approach assumes that a cert that WAS valid but has been allowed to expire is a great deal riskier than a cert that wasn't expected to change for another eight months and has suddenly been altered for no reason. This is wrong and backward. A cert that changes (more than a few days) before it was to expire is in principle WAY more likely to be nefarious than a cert that was allowed to expire before being replaced, especially if the new cert is signed by a different CA than the one that signed the previous cert.
Close. From Google's perspective this is the easiest way (both technically and from a legal perspective) to be certain they are in compliance with the court's order. It's probably more than the court order strictly required, but doing a little more than the court actually requires is a completely acceptable way to make sure you've complied. Doing the bare minimum, in a situation like this, would actually be substantially more bother, requiring more time from both the lawyers (interpreting the exact extent of the court's requirements) and the engineers (implementing it). Google already has a delisting mechanism, so throwing the site in question completely into the bit bucket was very easy. The lawyers only need about four seconds to be pretty sure that it's enough to satisfy the court, and the engineers need even less time to implement it. Sorted. And it hurts Google not at all, because sites with this poor an understanding of the web aren't really worth listing anyway.
Now, I suspect what the paper thought they *wanted* is more like exactly one single result, pointing to their main page, preferably at the top of the results. People who never bothered to read a basic introductory "What is the world wide web?" article back in 1994 (or are simply too mentally incompetent to understand the concept of hypertext) sometimes make the mistake of thinking this is what they want: only one result pointing to the main page, and no linking to or indexing of any other pages. Anyone who *knows* anything about the web can of course explain to you why this is in fact severely disadvantageous to the site, but that doesn't stop idiots from thinking it's what they want.
*Most* of the people who make this mistake can be convinced to use robots.txt to achieve what they (mistakenly) think they want, and the world goes on. Their site languishes in obscurity because nobody can find anything except their main page (which typically doesn't have a lot of meaningful content), but when they go looking for their site in the search engines they type in the actual name of their organization, which brings it right up, so they're happy. Foolish, but happy.
But every now and again a particularly thick-headed site comes along, run by people who keep extra lawyers on retainer in lieu of competent web developers, and they decide to take everyone to court instead of bothering to write a robots.txt file. One of these cases makes the news every few weeks, if you're paying attention.
If the court has its brain turned on, they have a good laugh at the plaintiff's expense and life goes on. But going to court is always a bit of a gamble, because courts don't always have their brains turned on and cannot be relied upon to be entirely consistent in their rulings. So every few months a court somewhere in the world orders a search engine to stop listing or linking to various things on some site or another.
Gasoline is flammable in a significantly more vigorous fashion than alcohol or turpentine and consequently is rather more dangerous than either.
Like I said, it depends what you compare it to. You keep it in your garage because of its usefulness, but other than pharmaceuticals it's probably the next most dangerous chemical you have on your property in any significant quantity. It's almost certainly the most flammable (unless you're one of those people who keeps gunpowder around). (Medical quantities of nitroglycerine, in pill form, are not a significant fire hazard.) It's probably one of the more corrosive things you have around too, after the toilet bowl cleaner, and anything more toxic will generally have poison warnings on the label. Anything more toxic that absorbs through the skin as readily will definitely have warnings on the label.
So yeah, it's safer than liquid hydrogen, but it's not exactly butterscotch pudding, either.
(I mention turpentine because it's a common paint thinner other than alcohol. I was originally going to just _say_ paint thinner, but then I realized that gasoline itself could be a paint thinner, and would probably be used as such much more commonly if not for its inconveniently high vapor pressure and annoyingly high flammability.)
I'll grant you that it's safer than liquid hydrogen. It's also safer than compressed fluorine, nitroglycerin, or potassium cyanide. But I kind of don't want large containers of any of those things sitting around in my house, you know?
> There's just no good way to get hydrogen to consumers.
Sure there is. We pipe it into every building in North America -- conveniently packaged together with oxygen, which is also nice to have around. (Of course, you need quite a bit of energy to separate them... That's what we have a power grid for, right? You do have a makeshift electrolysis rig set up in your bedroom, right? Doesn't everyone?)
> Would you buy a bicycle to commute?... millions of other people do.
I don't even want to think about how long it would take to commute on a bicycle. How fast can you go on a bicycle (for protracted periods of time), 15mph? You'd spend more time on the road than you spend at work.
Anyone who says millions of people commute to work by bicycle is either just plain wrong, or using some oddball definition of "commute" that includes any daily trip to work even if it's only a few miles.
Quite a bit of the waste heat is wasted heating the air outside the vehicle, as well. Internal combustion engines are inefficient.
The problem with electric cars is that currently available rechargeable battery technologies all suck rocks. They're getting better all the time, but they're going to have to keep getting better for a good while longer if they want to seriously compete with the energy density and "recharge" speed of a gas tank. Sure, the electric motors are way more efficient than the internal combustion engine. But you pretty much need a flatbed truck to haul around the batteries it would take to hold a medium-sized gas-tank's worth of power. Most of the problems with the current generation of electric vehicles stem from this.
Make the batteries better, and the electric cars will be better.
> But I loathe rotaries when there's a lot of traffic.
That's when they always use them, in the US. I've seen them in half a dozen places, and every single one of them had severely heavy traffic. The ones in Washington D.C. are absolutely *insane*. (Among other things, you're virtually guaranteed to be dizzy by the time you exit the circle, because you can only enter via an inner lane, and you can only exit via the outermost lane, and you end up going around at least once for every lane you need to change in between, more when traffic is even heavier than its usual insane urban levels, and there are more lanes than it should be legal for any street to ever have.) Baltimore has some nasty ones too. The ones in upstate NY (e.g., Syracuse) aren't as badly designed, but they do carry quite heavy traffic.
Small towns sometimes have a "square" with a monument in the middle, which a lot of people dislike, but they're really not quite the same as a traffic circle. For one thing, you can usually go any direction (right, left, or straight) once you get past the monument, and it's *not* normal to do a 360. The lighter traffic and small number of lanes doesn't hurt anything, either. On the other hand, there are often parking spaces accessible from the square, so you do have to watch for cars backing out.
Heaven help us if they start designing true roundabout-style traffic circles with parking spaces as an added bonus feature. Heck, why not go for all the gusto: put perpendicular parking on the inside of the circle, diagonal parking on the outside, plus parallel parking on both the left and right sides of the entrance and exit ramps. Hooray. Make the lanes as narrow as you can get them, throw in some crosswalks, and while we're at it let's put in some strategically placed tall bushes and let the painted lines and arrows on the pavement fade until you can barely make them out. Woohoo. Oh, yeah, and let's put a big fountain in the middle that generates mist, which the wind can blow all around, so there can be a nice layer of ice all over everything all winter long. Yay. Clearly, every city needs one or two of these.
I think the reverse: Firefox has gone off the deep end with constant stupid undesirable pointless wacky UI changes that needlessly introduce incompatibilities and bugs.
The only recent changes in Firefox that have actually been *improvements* have been in Gecko, mostly in the form of support for additional CSS features (@font-face, text-shadow, box-shadow, inline-block, etc.) or other under-the-hood components (e.g., the Javascript performance improvements in 3.x). The UI changes have all, absolutely without exception, been for the worse, at *least* since 2.0, if not since 1.5.
I say this as someone who uses Firefox as my primary browser, because no other browser is currently as good. Seamonkey is too crashy, and Chrome is even further off the stupid UI experimentation deep end than Firefox, and Opera and Chrome both (to say nothing of IE) can't seem to figure out how to put control of the user experience into the hands of the user. Konqueror is neither stable nor feature-complete and can't be upgraded independently of a huge tree of other applications and a full desktop environment. Links is alright if you only want to use linearly text-driven sites (mostly unscripted single-column-layout websites where the graphics don't matter) and don't need to be able to queue links in tabs for reading later when you finish the current page, so I guess it would work great for browsing the web in 1994, provided you and every server you visit have good bandwidth and low latency. Firefox is the best.
Firefox is the best, but it's been actively getting worse for the last half decade or so. I guess that's good for symmetry, because the one that was by far the worst five years ago (IE) has been getting better and better lately and, if this trend continues, may actually be usable soon.
Version 13? Meh. The current Emacs version is 23.3. Anybody know of software with a higher major version number than 23? (There's gotta be one out there somewhere with like six digits or something...)
Yeah, but see, the thing is, Firefox 2.0 is actually *better* than any of the more recent versions. Firefox is still the best browser out there, but the newer versions are actively getting worse. If they keep going the direction they're currently aimed, it won't *stay* the best for much longer. Opera or somebody will catch up.
Which, incidentally, is a key reason I refuse to deploy Chrome (apart from the fact that its UI is horribly non-standard, although Firefox is trying to catch up with it in that regard lately): it installs executable code into a user-writable location. That's malware behavior, and even though Chrome isn't malware as such, it's a security nightmare waiting to happen because of this issue.
(Heck, a properly secured OS would prompt for an administrative password if an ordinary end user tries to execute anything stored in a user-writable location. It's not safe to allow an ordinary user account to do that, or at least not by default. That's how you end up with "MicroAnti VirusSoft 2010" running on login and taking over and hiding all your files and preventing you from using your applications or the task manager or connecting to the internet and telling you that it has found eleventy-three viruses and demanding that you give it a credit card number to unlock the "registered version". It's somewhat less insane if the user has to specifically go out of their way to mark the file as executable before the system will execute it, although trojans can still use step-by-step instructions to get the most naive users to install their junk.)
> The biggest problem that I can see is that Firefox isn't automatically upgraded > the way Windows is through the automatic update process.
That's because Windows does not provide a mechanism for applications to be automatically updated along with the operating system. (Except for Microsoft's *own* applications, of course, if you get Microsoft Update. That's, umm, special. But non-MS applications are not handled.)
I can tell you what the API for this should look like. When an application is installed, it should supply the following information to the OS:
1. URL for the feed of available security-critical updates.
2. URL for the feed of available non-security-critical bugfix updates.
3. URL for the feed of available feature updates.
4. Public key that can be used to verify the authenticity of the updates.
5. Suggested frequency to check for security updates.
If certain of the URLs don't apply, then they are not supplied. For example, if a commercial vendor does not issue free feature updates because you have to buy those, then the third URL would be blank. If a vendor does not supply separate bugfix updates because non-security bugs are just fixed in the next release, then the second URL would be blank.
When the system administrator installs any application, the OS asks him which kinds of available updates to automatically download for this application going forward, whether to also automatically apply them, and how often to check (with the supplied suggestion being only the default; the sysadmin can easily pick a different value, or just check "when checking for OS updates" option).
The update feeds would have to have a designated format, which would have to include provision for the signature mechanism, but that's the least part of the thing.
If the OS had such an API, any application that implemented it could get automatically updated by the update mechanism built into the OS. It could happen in the background, automatically, even if the user isn't logged in. Then we wouldn't need eleventeen different applications and browser plugins and whatnot each running their own system-tray updater. jusched and Adobe updater and the OpenOffice updater and the Firefox updater and... they could all just go away, rendered unnecessary, and *one* process, built into the OS, could handle it all.
(This design, BTW, would work for any OS, not just Windows. The major Linux distributions sort of don't need it as bad, because most of the installed applications are installed through the OS package management system anyway. Actually, for applications that are free-to-download, like Opera, apt basically does this already. If the vendor supports your distro, all the sysadmin has to do is add the proprietary repository to sources.list and voila, Robert becomes avuncular in your general direction. One supposes something very similar could be done for RPM-based distros, and any other package system that supports custom repositories for that matter.)
I'm pretty sure I'll be sticking with the Firefox release I've been using: http://mistersanity.blogspot.com/2011/06/firefox-why-i-refuse-to-upgrade.html
Slashdot Mirror
The study is being done only using people who are into social networking. There are several categories of isolating factors that doesn't control for properly.
You also need to include in your study, in proportional quantities to the whole world's population, people who think Facebook is stupid, not to mention people who don't have access to the internet, people who live in remote rural areas and have never traveled more than a few miles from home, and people who speak only one language and it's *not* a major lingua franca like English.
Selecting your sample population in a way that inherently excludes these groups of people guarantees that your results will be a severe misrepresentation of the average case.
Just because something is theoretically obsolete (_depending_ on your usage pattern) doesn't mean users no longer expect it to be in a certain place and get confused and annoyed when, for no apparent reason, it appears in a completely different place. I'm not complaining about the home button moving on my own behalf. (Personally I just use the bookmarks toolbar, or bookmark keywords.) As a network administrator I deploy Firefox on all the computers in my workplace, and the list of things I have to do on _each_ of those computers to get new versions into a state where users don't freak out and panic and demand the old version back has tripled in length over the last year or so. Putting the buttons back in their traditional arrangement is one of those things. For some reason, users don't complain much about the back and forward button being connected to each other. Go figure. But they do complain, bitterly, when UI elements move to different places.
> I would rather prefer they finish HTML5, CSS3 and SVG
> support and other standards implementations.
Actually, I've been pleased with the work the Gecko team has been doing, especially with regard to supporting previously-unimplemented CSS features (text-shadow, box-shadow, @font-face, media queries, I don't even know what all). If I thought I had anything approaching the C/C++ chops required, I'd be awfully tempted to try to merge a recent Gecko with the user interface from Firefox 2. But I'm mostly a network administrator with very limited programming experience, none of it in traditional application development.
It loses tabs, and any information they contain, under two distinct sets of circumstances. One of the bugs causes the surreptitious loss of just one tab at a time, but it occurs _frequently_, so that over the course of a day's browsing you lose several; the way it happens, you generally don't realize they're missing until later. The other bug occurs less often but wipes out all of your tabs in one fell swoop, and they are unrecoverable. I kept trying to put up with it, hoping that the bugs would be fixed in the next update, but eventually I found out (by chance, when I was looking for something else on Bugzilla) that one of the bugs (the sneaky one, the one I mentioned first) was actually introduced *deliberately*. That was the exact moment when I lost all interest in continuing to attempt to make myself like the new versions. I downgraded to 2.0.0.20, and it felt so _good_ to finally have a browser that actually _worked_ again. It's easily the most satisfying software downgrade I've ever performed.
On the contrary, Google only controls a few web services, none of which have more than about 60% market share worldwide (though the search engine has a higher market share than that in the English-speaking world, which is a very important market). Microsoft, on the other hand, controls the operating systems on more than 85% of the world's computers.
A browser can visit another site if one site stops working with it. Even if Firefox stops working on Google, users could still use Firefox on their computers, for browsing other sites, and just break out Chrome for using Google services. Let the same company control the search engine that controls the operating system, though, and the browser would be caught in the middle, unable to do Jack Diddley Squat without Microsoft's permission.
Also, Microsoft has consistently shown itself to be willing (indeed, eager) to promote exactly the sort of proprietary black-box file formats and protocols that are fundamentally incompatible not just with open-source software but with *alternative* software in general -- incompatible with competition of any kind. Google, whatever their sins against privacy, have never been so much as *accused* of that kind of lock-in scheme. Microsoft has been convicted of it in court and is widely believed to be guilty of MUCH more than was proven.
Google is powerful and perhaps not entirely trustworthy, but Microsoft is more powerful and WAY more unscrupulous and hostile.
Microsoft? Are you out of your everliving mind? We *just* got the web (mostly) wrested free from their proprietary grip. It was a rather near thing.
I admit, having almost every browser *except* IE default to the same search engine does seem less than ideal, and a couple more major players in the search space would be good for competition.
But I'd rather dump the default search traffic straight to the name resolver (and overburden the whole world's DNS infrastructure, not to mention giving the user rather inferior results) than send it to Microsoft.
Oh, I have an idea! We'll make each new version number the _factorial_ of the previous one. Yay!
(Actually, I think they should just use the build date: yyyy.mm.dd.)
> Google only supports the last 3 versions of a browser.
There's an extension called User Agent Switcher. Setting it to mimic a recent version of Firefox causes problems for some reason, but if you set it to mimic a recent version of Opera, suddenly everything works just fine. (Disclaimer: I haven't tested this with every single feature of every single Google service in existence; but it works with everything that I *have* tried.)
Twitter no longer works with Firefox 2 as of about a week ago (ever since they made the Big Stupid Change that puts acres of whitespace between adjascent tweets), but I haven't managed to find a browser that the new version *does* work with (and, being a web developer, I have like fifteen different browsers installed for testing; you'd think they could manage to support at least of them, but no), so phooey on Twitter.
> And when will Mozilla stop screwing around with the UI?
When pigs fly, I think. As near as I can tell, user expectations got changed over from something that Firefox wanted to meet to something that Firefox specifically wants to break, sometime around version 1.5. The gratuitous UI changes were minor at first (little things like the first round of changes to how bookmarks work), but the growth rate of their significance appears to be geometric: if rearranging the order of the standard buttons (back, forward, reload, stop -- not that the stop button in Firefox has EVER worked correctly) wasn't new and interesting enough for you, hold on to your seat, because in version three we're completely altering how the location bar works, and then version four changes the whole top of the browser window around so much you won't even recognize it.
Soon we'll be doing away with the tired old "back button" concept, ranking the pages in your history by their *popularity* (as determined by other users), and presenting them visually as part of Panorama. Also, "scrolling down" will be replaced with "zooming in", which you can do with multi-touch trackpad gestures, and manually-created bookmarks will be phased out in favor of assigning ratings (one, two, three, four, or five stars) to the items in your history, which informs your search results when you use the Awesomeness Bar. The bookmarks toolbar will obviously be going away, and also bookmark keywords, and the tab bar will be merged into the Awesomeness bar as well, so instead of having a bar of tabs that you can switch to, you can just use the Awesomeness Bar to search through your open tabs just like you would search through your history.
(Am I just being stupidly absurd? If you'd told me in 2000 about all the changes in Firefox 3, 4, and 5, I'd have said you were being stupidly absurd. I mean, really, getting rid of the menu bar? Putting the home button clear over to the right of the search box? Integrating bookmarks with history? No browser maker could EVER think those would be good ideas. Oh, wait. They did.)
4? I'd consider upgrading if they just fixed the two distinct data-loss bugs they introduced in Firefox 3 that have been there ever since. (Currently I'm using 2.0.0.20, because it doesn't lose data. I know people complain about FF2's performance, but that's always been less of a concern for me.)
The most important thing that needs to be done is to fix things so that the client can know if the cert has unexpectedly changed.
In its current state, https seems to be mostly concerned with fighting cheap MITM attacks against sites that the user has never visited before. This is stupid. It's FAR more important to prevent moderately-difficult MITM attacks against sites that the user visits on a regular basis. SSH handles this well, but it only works as well as it does because the user can be expected to know when the server's cert is legitimately expected to change -- a practical impossibility with HTTPS. HTTPS doesn't even try: anyone on the (very long and rapidly growing) list of people who can sign certs (that the browser will recognize) can provide a valid new cert at any time, for any site, and the user will never even know that the site's cert has changed. This is very bad.
The solution is for the site, whenever it is visited, to supply the user with information about when the cert is expected to change next, and for the browser to REMEMBER this (with the cert). If the cert changes unexpectedly, alarms go off.
Currently, scary alarms go off mostly when the client computer's date is incorrect -- which happens frequently on older computers, because the coin cell on the motherboard dies. (Current browsers make no attempt whatsoever to verify that it really is 2185 or whatever before presenting the user with the big scary warning about the site's cert being invalid, and the warning doesn't say "either your computer's date, 25 January 2185, is WAY OFF and it's really only 2010 or so, OR ELSE the server's cert is expired.") Even if the date could be verified independently, the current approach assumes that a cert that WAS valid but has been allowed to expire is a great deal riskier than a cert that wasn't expected to change for another eight months and has suddenly been altered for no reason. This is wrong and backward. A cert that changes (more than a few days) before it was to expire is in principle WAY more likely to be nefarious than a cert that was allowed to expire before being replaced, especially if the new cert is signed by a different CA than the one that signed the previous cert.
Close. From Google's perspective this is the easiest way (both technically and from a legal perspective) to be certain they are in compliance with the court's order. It's probably more than the court order strictly required, but doing a little more than the court actually requires is a completely acceptable way to make sure you've complied. Doing the bare minimum, in a situation like this, would actually be substantially more bother, requiring more time from both the lawyers (interpreting the exact extent of the court's requirements) and the engineers (implementing it). Google already has a delisting mechanism, so throwing the site in question completely into the bit bucket was very easy. The lawyers only need about four seconds to be pretty sure that it's enough to satisfy the court, and the engineers need even less time to implement it. Sorted. And it hurts Google not at all, because sites with this poor an understanding of the web aren't really worth listing anyway.
Now, I suspect what the paper thought they *wanted* is more like exactly one single result, pointing to their main page, preferably at the top of the results. People who never bothered to read a basic introductory "What is the world wide web?" article back in 1994 (or are simply too mentally incompetent to understand the concept of hypertext) sometimes make the mistake of thinking this is what they want: only one result pointing to the main page, and no linking to or indexing of any other pages. Anyone who *knows* anything about the web can of course explain to you why this is in fact severely disadvantageous to the site, but that doesn't stop idiots from thinking it's what they want.
*Most* of the people who make this mistake can be convinced to use robots.txt to achieve what they (mistakenly) think they want, and the world goes on. Their site languishes in obscurity because nobody can find anything except their main page (which typically doesn't have a lot of meaningful content), but when they go looking for their site in the search engines they type in the actual name of their organization, which brings it right up, so they're happy. Foolish, but happy.
But every now and again a particularly thick-headed site comes along, run by people who keep extra lawyers on retainer in lieu of competent web developers, and they decide to take everyone to court instead of bothering to write a robots.txt file. One of these cases makes the news every few weeks, if you're paying attention.
If the court has its brain turned on, they have a good laugh at the plaintiff's expense and life goes on. But going to court is always a bit of a gamble, because courts don't always have their brains turned on and cannot be relied upon to be entirely consistent in their rulings. So every few months a court somewhere in the world orders a search engine to stop listing or linking to various things on some site or another.
Gasoline is flammable in a significantly more vigorous fashion than alcohol or turpentine and consequently is rather more dangerous than either.
Like I said, it depends what you compare it to. You keep it in your garage because of its usefulness, but other than pharmaceuticals it's probably the next most dangerous chemical you have on your property in any significant quantity. It's almost certainly the most flammable (unless you're one of those people who keeps gunpowder around). (Medical quantities of nitroglycerine, in pill form, are not a significant fire hazard.) It's probably one of the more corrosive things you have around too, after the toilet bowl cleaner, and anything more toxic will generally have poison warnings on the label. Anything more toxic that absorbs through the skin as readily will definitely have warnings on the label.
So yeah, it's safer than liquid hydrogen, but it's not exactly butterscotch pudding, either.
(I mention turpentine because it's a common paint thinner other than alcohol. I was originally going to just _say_ paint thinner, but then I realized that gasoline itself could be a paint thinner, and would probably be used as such much more commonly if not for its inconveniently high vapor pressure and annoyingly high flammability.)
> Once you've liquified it and put it under pressure, you don't need to keep it cold.
Yikes. Apparently you need to read up on your ideal gas laws.
The short version is, what you propose would result in copious amounts of shrapnel.
> [Gasoline] is actually pretty safe.
That depends on what you compare it to.
I'll grant you that it's safer than liquid hydrogen. It's also safer than compressed fluorine, nitroglycerin, or potassium cyanide. But I kind of don't want large containers of any of those things sitting around in my house, you know?
> There's just no good way to get hydrogen to consumers.
Sure there is. We pipe it into every building in North America -- conveniently packaged together with oxygen, which is also nice to have around. (Of course, you need quite a bit of energy to separate them... That's what we have a power grid for, right? You do have a makeshift electrolysis rig set up in your bedroom, right? Doesn't everyone?)
> Would you buy a bicycle to commute? ... millions of other people do.
I don't even want to think about how long it would take to commute on a bicycle. How fast can you go on a bicycle (for protracted periods of time), 15mph? You'd spend more time on the road than you spend at work.
Anyone who says millions of people commute to work by bicycle is either just plain wrong, or using some oddball definition of "commute" that includes any daily trip to work even if it's only a few miles.
Quite a bit of the waste heat is wasted heating the air outside the vehicle, as well. Internal combustion engines are inefficient.
The problem with electric cars is that currently available rechargeable battery technologies all suck rocks. They're getting better all the time, but they're going to have to keep getting better for a good while longer if they want to seriously compete with the energy density and "recharge" speed of a gas tank. Sure, the electric motors are way more efficient than the internal combustion engine. But you pretty much need a flatbed truck to haul around the batteries it would take to hold a medium-sized gas-tank's worth of power. Most of the problems with the current generation of electric vehicles stem from this.
Make the batteries better, and the electric cars will be better.
> But I loathe rotaries when there's a lot of traffic.
That's when they always use them, in the US. I've seen them in half a dozen places, and every single one of them had severely heavy traffic. The ones in Washington D.C. are absolutely *insane*. (Among other things, you're virtually guaranteed to be dizzy by the time you exit the circle, because you can only enter via an inner lane, and you can only exit via the outermost lane, and you end up going around at least once for every lane you need to change in between, more when traffic is even heavier than its usual insane urban levels, and there are more lanes than it should be legal for any street to ever have.) Baltimore has some nasty ones too. The ones in upstate NY (e.g., Syracuse) aren't as badly designed, but they do carry quite heavy traffic.
Small towns sometimes have a "square" with a monument in the middle, which a lot of people dislike, but they're really not quite the same as a traffic circle. For one thing, you can usually go any direction (right, left, or straight) once you get past the monument, and it's *not* normal to do a 360. The lighter traffic and small number of lanes doesn't hurt anything, either. On the other hand, there are often parking spaces accessible from the square, so you do have to watch for cars backing out.
Heaven help us if they start designing true roundabout-style traffic circles with parking spaces as an added bonus feature. Heck, why not go for all the gusto: put perpendicular parking on the inside of the circle, diagonal parking on the outside, plus parallel parking on both the left and right sides of the entrance and exit ramps. Hooray. Make the lanes as narrow as you can get them, throw in some crosswalks, and while we're at it let's put in some strategically placed tall bushes and let the painted lines and arrows on the pavement fade until you can barely make them out. Woohoo. Oh, yeah, and let's put a big fountain in the middle that generates mist, which the wind can blow all around, so there can be a nice layer of ice all over everything all winter long. Yay. Clearly, every city needs one or two of these.
> no one thinks Firefox has stagnated
I think the reverse: Firefox has gone off the deep end with constant stupid undesirable pointless wacky UI changes that needlessly introduce incompatibilities and bugs.
The only recent changes in Firefox that have actually been *improvements* have been in Gecko, mostly in the form of support for additional CSS features (@font-face, text-shadow, box-shadow, inline-block, etc.) or other under-the-hood components (e.g., the Javascript performance improvements in 3.x). The UI changes have all, absolutely without exception, been for the worse, at *least* since 2.0, if not since 1.5.
I say this as someone who uses Firefox as my primary browser, because no other browser is currently as good. Seamonkey is too crashy, and Chrome is even further off the stupid UI experimentation deep end than Firefox, and Opera and Chrome both (to say nothing of IE) can't seem to figure out how to put control of the user experience into the hands of the user. Konqueror is neither stable nor feature-complete and can't be upgraded independently of a huge tree of other applications and a full desktop environment. Links is alright if you only want to use linearly text-driven sites (mostly unscripted single-column-layout websites where the graphics don't matter) and don't need to be able to queue links in tabs for reading later when you finish the current page, so I guess it would work great for browsing the web in 1994, provided you and every server you visit have good bandwidth and low latency. Firefox is the best.
Firefox is the best, but it's been actively getting worse for the last half decade or so. I guess that's good for symmetry, because the one that was by far the worst five years ago (IE) has been getting better and better lately and, if this trend continues, may actually be usable soon.
Version 13? Meh. The current Emacs version is 23.3. Anybody know of software with a higher major version number than 23? (There's gotta be one out there somewhere with like six digits or something...)
Yeah, but see, the thing is, Firefox 2.0 is actually *better* than any of the more recent versions. Firefox is still the best browser out there, but the newer versions are actively getting worse. If they keep going the direction they're currently aimed, it won't *stay* the best for much longer. Opera or somebody will catch up.
Which, incidentally, is a key reason I refuse to deploy Chrome (apart from the fact that its UI is horribly non-standard, although Firefox is trying to catch up with it in that regard lately): it installs executable code into a user-writable location. That's malware behavior, and even though Chrome isn't malware as such, it's a security nightmare waiting to happen because of this issue.
(Heck, a properly secured OS would prompt for an administrative password if an ordinary end user tries to execute anything stored in a user-writable location. It's not safe to allow an ordinary user account to do that, or at least not by default. That's how you end up with "MicroAnti VirusSoft 2010" running on login and taking over and hiding all your files and preventing you from using your applications or the task manager or connecting to the internet and telling you that it has found eleventy-three viruses and demanding that you give it a credit card number to unlock the "registered version". It's somewhat less insane if the user has to specifically go out of their way to mark the file as executable before the system will execute it, although trojans can still use step-by-step instructions to get the most naive users to install their junk.)
> The biggest problem that I can see is that Firefox isn't automatically upgraded
> the way Windows is through the automatic update process.
That's because Windows does not provide a mechanism for applications to be automatically updated along with the operating system. (Except for Microsoft's *own* applications, of course, if you get Microsoft Update. That's, umm, special. But non-MS applications are not handled.)
I can tell you what the API for this should look like. When an application is installed, it should supply the following information to the OS:
1. URL for the feed of available security-critical updates.
2. URL for the feed of available non-security-critical bugfix updates.
3. URL for the feed of available feature updates.
4. Public key that can be used to verify the authenticity of the updates.
5. Suggested frequency to check for security updates.
If certain of the URLs don't apply, then they are not supplied. For example, if a commercial vendor does not issue free feature updates because you have to buy those, then the third URL would be blank. If a vendor does not supply separate bugfix updates because non-security bugs are just fixed in the next release, then the second URL would be blank.
When the system administrator installs any application, the OS asks him which kinds of available updates to automatically download for this application going forward, whether to also automatically apply them, and how often to check (with the supplied suggestion being only the default; the sysadmin can easily pick a different value, or just check "when checking for OS updates" option).
The update feeds would have to have a designated format, which would have to include provision for the signature mechanism, but that's the least part of the thing.
If the OS had such an API, any application that implemented it could get automatically updated by the update mechanism built into the OS. It could happen in the background, automatically, even if the user isn't logged in. Then we wouldn't need eleventeen different applications and browser plugins and whatnot each running their own system-tray updater. jusched and Adobe updater and the OpenOffice updater and the Firefox updater and... they could all just go away, rendered unnecessary, and *one* process, built into the OS, could handle it all.
(This design, BTW, would work for any OS, not just Windows. The major Linux distributions sort of don't need it as bad, because most of the installed applications are installed through the OS package management system anyway. Actually, for applications that are free-to-download, like Opera, apt basically does this already. If the vendor supports your distro, all the sysadmin has to do is add the proprietary repository to sources.list and voila, Robert becomes avuncular in your general direction. One supposes something very similar could be done for RPM-based distros, and any other package system that supports custom repositories for that matter.)
I could be wrong, but I was under the impression that most journals currently don't publish the reviewer comments at all.
I'm pretty sure I'll be sticking with the Firefox release I've been using:
http://mistersanity.blogspot.com/2011/06/firefox-why-i-refuse-to-upgrade.html