Why should they have to? My elderly parents don't need to know about port blocking or mac addresses or anything else to program their VCR or user their cordless phones. Why should they need to in order to use their PC?
Well of course they shouldn't have to.
Ideally the PC would be just like any other appliance. However, that "ideal" depends on your parents (and everybody else) receiving a built-in secure operating system with their PC. Therein lies the problem. Until Microsoft ships one of those, I'm suggesting the burden is on Microsoft to train their users.
Look at the instruction booklet that comes with any VCR or cordless phone, and you'll find the first several pages are full of safety warnings. Even PC hardware manuals include these warnings. Yet not a single warning comes with Windows. Not a single place does it say that your hardware could easily become (for all practical purposes) the property of any arbitrary user in the world without your knowledge.
Maybe Microsoft should be forced to place a huge warning in bold type on your license that using the product improperly will support, oh, let's see, spam, child porn, and/or terrorism, unless you follow safe computing practices. Now if this happened, your parents would suddenly want to learn about what that means, or they'd stop using the computer completely. Of course that's bad for Microsoft, so they'd be compelled to either: 1) provide training; or 2) secure their OS.
They'll always choose the latter, but until they actually succeed, I'd settle for the former.
Like it or not most end users don't know what the hell a firewall is, much less how to configure one.
Agreed. However, isn't it high time they learned? And who better to explain it to them than the "consumer-friendly" folks at Microsoft? Either that, or they sure better teach their consumers how NOT to end up with a zombie machine. It seems only fair that, one way or another, education should be part of the deal.
If people actually want that stuff, they can figure out an RSS feed.
I can't figure out whether you're a troll or just clueless about customer support. On the off-chance it's the latter, let me try to explain that you are greatly over-estimating the ability of most humans to "figure out" how to install and use an RSS feed, and you are greatly under-estimating the number of humans who call to ask to be added to email-based mailing lists.
Sounds like a perfect solution to me.
Indeed, your idea works well for you, and everybody else who happens to be just like you. Unfortunately, this little group is highly non-representative of the vast majority of retail consumers on this planet.
Free software does NOT always mean free support from the developers.
If you want quick solutions to problems consider paying for the support!
You're not comprehending. I do consider paying for service, even where it's not advertised, and in doing so I take a look at what attitude the developers (or others) have while answering in open non-paying forums such as mailing lists. If the majority of the "free" answers are poorly written disrespectful drivel about "RTFM and get lost" and the like, then that's a really good indicator to me that they're not going to treat me any differently, even if I pay. I often decline to use their product, and advise others to do the same if they ask. Money doesn't magically turn obnoxious snobs into pleasant respectful people; in fact often it's quite the opposite.
I want to point out that for many the reason they are working on a project is *NOT* to "provide positive customer experience", but to celebrate skill and experience of writing complicated software.
I agree; that's probably among the prime motivators, which ultimately result in the attitude I described. But they can't have it both ways; they can't expect wide-spread adoption if their true goal is to further the art and/or actualize themselves, rather than to satisfy customer needs.
In this case, fellow developers are welcomed most, people who want to learn about the software are welcomed second and "users" who want a canned answer as if they are trying to cheat on a multiple-choice exam are listened to last - and get really annoying if they insist it is their due.
Remember, that when you deal with most corporations you don't even get a chance to talk to the developers. So be polite by recognizing what people value and if you think that you can do a better job - please go ahead. The source is availaible.
I happen to fall into the "most welcomed" category of software developers, so I've not personally been on the receiving end of this sort of bias in these project. However, many projects fail to attract me and others like me--their prime target--specifically because the initial creators treat potential users like crap. When considering whether to contribute, many of us will first try to gauge the potential success and longevity of a project, and service weighs heavily in that equation. If it looks like a project community is ignoring their user base, then we'll choose to contribute our efforts elsewhere. For that, we're deemed "elitists" but user-focused developers do not "disgrace the profession" in any way.
Of course I get annoyed when users don't bother to read even the most basic parts of the README or FAQs, or refuse to review the mailing list archives before asking a trivial question. But to presume all non-contributers are burdensome and need to understand their place in this odd little society is counter-productive.
More to the topic of this article, we're talking here about Linux Snobs, and I say again that if we want widespread adoption, we need to consider carefully revising our priority list of who is welcome. If the inevitable handful of morons disturb you, don't deal with them; they'd probably rather have no answer than be abused by your caustic responses. However, if you start noticing lots and lots of the same "morons" asking the same questions, maybe--just possibly--you have a documentation or service gap that really should be filled.
The "art" of creating software includes much more than just making it work, it involves solving a problem in a usable way. Note that usable does not imply frilly interfaces with bells and whistles. But if your supposed target audience can't fit in the chair you're in right now, then you need to at least consider your service as well as your product.
Service and products; products and service. They should go together, hand it hand, but they don't.
The problem is that, in their arrogance, the open source developers often believe that they've toiled long and hard to create a great product. The product does what they believe it should, and they can't be bothered if you think it should work differently. Recall some of the earlier MySQL documentation that said, basically, "if you need the database to enforce referential integrity, your application is crap so you need to fix your application or use another database..."
The attitude is prevalent, and ignores completely the service aspect of providing a positive customer experience. You might have the greatest product in the world, but if nobody can install it or configure it, then it's really quite worthless. Sure, the "target audience" can figure it out, but all to often the target audience is just the myopic developer, and everybody else who is exactly like him/her. Oddly enough, this planet has a great many inhabitants who might gain benefit from the great software product, if only the creator bothered to consider even passable service to go along with it.
I'll blatantly link to my own comment thread from another story just a couple days ago, which is exactly on this same topic. There I was flamed for suggesting that having good service is just as important as having a good product, and that there is a large range between the "I'll do anything if you pay me" attitude and the "if you don't like it my way get lost" attitude.
By the way, I highly doubt it is only the Linux/FOSS community, but it does seem disproportionate; if nothing else, given that it's a smaller community, finding the odd non-snob is somewhat more difficult.
I didn't see anything in the post that indicated he was interested in projecting a "crappy service attitude". What I saw was that he was interested in projecting - and educating customers about - a quality product. Some customers ARE morons. Sure, you can give them what they want - but if any other customers - or your competitors - find out what crap you're serving, it will reflect on the company.
Product is one thing; service is another. You're conflating them. If you have a good product, and you educate your customers, they may decide they want it or they don't want it. If they fit into those categories, your service is unquestioned and irrelevant. However, how you treat those customers who would like a custom or modified solution, even if it's counter to your best advice, is what's most telling about your service attitude. Assuming they don't ask for something harmful, but simply insult your professionalism (by perhaps adding salt to your steak) if you tell them to get lost, your service is crappy despite offering what might be an otherwise tremendous product.
In other words, your analysis is the typical/. smug, elitist bullshit. Shove it.
Elitist? That flame takes a lot of guts coming from somebody who believes the experts should not bother to serve the "morons" who dare to disagree. Of course there are high-maintenance customers, and some of them want things that are harmful. But some of them are actually worth serving, and I'm advocating that it's worth learning from (rather than just providing education to) these customers, in order to find out who they are and what they want. In response you tell me to shove my smug elitist attitude. Wow. I'd further explain the irony, but you're right about one thing: some tasks are futile.
As a chef your goal is to prepare good food. A well done steak isn't good food,...
These may well be your only points where I agree.
...it's what people order who don't really like steak.
You don't know that. They may have various health issues, or simply enjoy well-done steak. Remember, though, that this whole food thing was only a (very bad) analogy, introduced not by me but a GP posting.
A chef who serves a well done steak has disgraced his profession.
Well, that's where you seem to have take great liberties with this analogy. Perhaps inadvertantly over-cooking a steak that was ordered to be medium rare would qualify here, but it's hardly disgracing your profession to intentionally serve what your customers requested, even if it is not your recommended approach. For crying out loud, why bother cooking food for others at all, if it's going to be your way or no way. If it's only going the way you like it, and the customer be damned, then you should really get another job. Remember, we're talking in a metaphor about IT here. I hope you're not really so smug to think you're the know-it-all chef and the customer's request should be ignored. A consultant's viewpoint for sure, but it seems you're implying that anything short of "my way or else" is disgracing the profession and greedily ripping off customers left and right. I most strongly urge you to consider there is a vast spectrum between this two extremes.
Why do that, when he can throw the customer out and instead cook for someone who actually has working tastebuds?
Again, you're making a presumption that the customer doesn't know what he's talking about, and that there is only one "right" solution, and that anything less is a worthless waste of time. To be clear, we're not talking about mistakenly over-cooking an order, we're talking about a customer who actually wants something definite, but against your better professional judgment. I suppose you think there's absolutely nothing ever to be learned; you've reached the pinnacle, and any other viewpoint is wrong. Similarly, if other chefs do actually bother to care about customers and serve what they ask, they're dishonoring the craft. Again, I call bullshit. There's a wide gap, and you're only looking at the two extremes (from the viewpoint on one of them, no less).
I think only you could consider cooking decent food to be 'crappy service'.
This may be a fundamental reason you don't even understand what I'm saying. There are two aspects here, the product and the service. Well-done steak is a crappy product; throwing out customers, calling them morons, and telling them they no nothing about what they like is indeed crappy service. I suspect you think I'm alone because you never bother to listen to others with opinions different from your own.
You'll find that top restaurants have waiting lists measured in months or years, and people who want their steak well done have no business eating there as they won't be able to taste anything anyway.
Again, you're ready to summarily refuse service to people who actually may know what they want better than you. The hubris is overwhelming, but I actually admitted that this has its appeal to a certain subset of the world (and yes, I'm guessing you would be one of those who would feel honored to be allowed the privilege of eating at such an establishment, despite that you could not ask for your meal without something you might be allergic to, for example, because the chef would feel you have no business eating there otherwise, but I digress).
If you want a well done steak, why are you going to a good restaurant anyway?
Perhaps because the ingredients are top notch, and you like the service and the desserts. Remember, this is just a metaphor. So maybe you realize the disadvantages of the well-done steak, but it's still what you want, because y
Again that sounds great in theory, but I can't see it working in at all in practice.
I'd personally prefer no "governing body" be involved at all in deciding any standards for any region. If for no other reason, I would object because for it to be anywhere close to useful it would take a monumental (and ultimately wasted) effort, funded by some taxpayers somewhere. Countries are far too big; these standards vary from state to state in the US, and even city to citu within any given state. It could even be specific to a small community, which is why this quickly falls apart (or, more accurately, it fails to scale) globally.
Yet there's still the problem of either needing to rely on self-ratings (which certainly would lead to misleading if not maliciously-incorrect tags to be policed) or a standards board, aka censors (who would have the daunting task of grading all the world's online content against hundred, thousands, or perhaps millions of different community standards).
I scanned through the trust.salesforce.com issues, and they had an "informational" note about a "service disruption" on April 3, with the root cause as: "The technical team identified a software issue as the primary cause."
Ah, the dreaded "software issue" problem. Maybe they should contact AOL; it might be related to their recent software glitch incident.
I'm sorry, but it just can't work this way. Pornography (and indeed obscenity in general) is in the eye of the beholder. That's not just some philsophical standpoint, it's the way the laws are designed in most places. That's why "community standards" are used to judge indecency; it takes into consideration that obscenity is an inherently local, not global concept.
These self-tagging schemes can't work for this very reason. What is "artistic" to the person generating the content may be shocking to some and perfectly fine to others. The net is global, so what they consider artistic in some parts of the world would be highly objectionable elsewhere. It's really not so simple as to allow your teenage child to see any "artistic" nudes--don't you think some site in some locality will display something highly objectionable in this category?
Further, I fear you're being quite naive to think that the person generating the content would be honest and objective. Consider all the battles films executives wage in order to get a coveted PG-13 rather than R rating, so that they can expand the potential audience. The same thing would hold for ad- or subscription-driven "artistic" content.
And as for legislation, no thanks. The best thing our elected representatives can do in this respect is keep their noses out of our business. Would you propose that every image, sound, text, or other content be subject to mandatory review? That's what the film-makers do, but it just doesn't scale to this vast medium called the Internet. Even if it did, there's no universal agreement, so again, these ratings are nearly worthless except at a very granular level.
Even if you start from the other end, and tag kid-friendly content (consider the ".kids" TLD) you can bet that some communities around the world will think nearly any nudity is fine whereas even cartoon-like violence would be objectionable (and, of course vice versa in other parts of the world)
I don't have any good solution to this problem, and I would suggest that, unfortunately, neither do you.
The trouble with bandwidth shaping or bandwidth limiting is users having no idea it happens.
That's exactly right, and I agree they should disclose what they're doing, so that we can allow market forces to correct this.
Even if the ISP tells you in the fine-print contract about bandwidth shaping in general, you'll never know whether it is causing your application failure. Instead, high-speed applications will simply not be adopted because the ISP cannot provide the quality of service required. Users will be reluctant to adopt other high-speed applications, as well.
Well, I agree with you there; this is a very likely long-term result. However, because it's in the fine print, you'll probably never succeed in getting the FCC or FTC to help. Currently, all telecommunications tariffs are required to be made publicly accessible; I'll dare you to find the plain-language rate structure of your local carrier, as filed with the FCC, and make any sense of it. If you think fine print in a DSL agreement is bad, you really should take a few minutes to see what you're up against.
Telecommunications is a regulated market. The telephone companies especially are expected to be up-front about their service and billing. This bandwidth shaping (or "denial of service", let's call it what it really is) would not be allowed if it was a more well known technology like telephone calls, television, or electricity. I say, get the FCC involved and let them decide whether this is illegal or just unfair.
Yes it is. But once we stop thinking of IP bandwidth at home being the same as a dialtone, I think we'll all be happier. I think the last thing we need right now is more government intervention and/or regulation. Contact any DSL provider and ask about getting a T1 to your home. They'll certainly do it, and it should come as no surprise that it costs roughly 10-20 times what their standard (but often faster) residential DSL lines cost. They are, however, unlimited in every sense. No bandwidth caps, no port/protocol blocking, no disallowed server hosting; you can use this full throttle 24/7 for any purposes you want, and you can get guaranteed (non-oversold) bandwidth.
In fact, these T1 prices are extremely well regulated. So well, in fact, that their price hasn't come down substantially in at least decade. Now, you propose to get the government involved in the residential game as well, and I suggest that you're unknowingly asking for significantly higher prices and significantly lower customer service (as if it's not already as bad as it could be).
Residential IP bandwidth service is not guaranteed the same as your dialtone. Consider for a moment that IP is fundamentally a "best effort" delivery service in the first place. Whether the ISPs happen to be selective about the kind of packets they drop is totally market driven, no matter how much we wish it was "fair" (or even better "unlimited" as they claim). But you can't have it both ways; you can't have cheap and unlimited bandwidth, and the reason is the very regulation of the telecommunication industry you mentioned. Eventually, upstream, you're going to need to pay for the bandwidth you use, and you're going to pay a lot.
I really don't mean to pick on you in particular, but this is as good a place as any to respond. I've got nothing to do with any ISP, but I do pay a load of money to one to ensure I have the dedicated bandwidth I need. It shocks me to hear how much the collective crowd here seems to think it's downright wrong not to get something for nothing (perhaps it's the free-as-in-beer mentality part of FOSS).
Lowering user speeds based on usage is clearly unfair, if not illegal.
What in the world could possibly be illeagal? At best this is the free market economy at work. It's not false advertising; take a look at the fine print, the terms of service, and/or acceptable usage policies. I can assure you they've bothered to disclose this behavior.
Someone who knows how the regulatory system works should pursue a complaint with the FCC when they encounter the bandwidth throttling on a specific application. This would bring light to the unscrupulous practice.
Most likely it would be the FTC, not the FCC, since this seems to be an issue more with your naive belief in the glitzy advertising without bothering to read the remainder of the offer.
Did you ever stop to consider how redidential broadband can possibly be so inexpensive? Have you ever tried to purchase bulk amounts of bandwidth directly from a Tier 1 provider, or even provisioning a T1 line to an arbitrary location? This stuff is not cheap, even in bulk, forgetting any other expenses that go into providing the service.
Basically, the ISP is a consolidator; their entire business is based on buying bandwidth in bulk, and overselling. Wake up to this reality and things will become much more clear. Sure it would be great to pay $30/month and get 5Mbps dedicated symmetrical bandwidth, but that's just not going to happen.
Of course there are ISPs who push the limits of advertising and treat customers with zero respect. But the whole residential broadband industry is based on usage statistics. Think of it much like insurance companies and their actuarial tables. It's always unfair, as some portion of customers who pay more, and get less (or nothing) than those who pay the same amount and get significantly more.
You might not like that thought, but you need to get it out of your head that you're in the correct marketplace at all. If you need full-time dedicated bandwidth, you need to investigate "business-class" service, not residential (and you need to be prepared to put your money where your bit requirements are; it's nowhere near as inexpensive).
Yes, I was actually trying to agree and expand upon your comment (it seems like it's been longer than normal since I've haven't had any mod points, so it's the best I could do). My apologies if it came across as any kind of disagreement.
Good grief; I must have fallen for a troll. Sorry, I really thought we were have a nice healthy discourse, but it seems you aren't listening except to yourself. I'm not attacking your precious browser, for crying out loud I use it myself. I'm just trying to get you to open your eyes just a bit wider.
I'm simply trying to point out the difference between a vulnerability that could, theoretically, be used for arbitrary code execution, and one that IS being used daily for arbitrary code execution, drive-by installations, etc.
Yes, I know; I understood that from the beginning. I never disputed this.
Mozilla is the one being honest, but if you look at the sheer numbers and not the descriptions of the vulnerabilities, it often appears that FF has 3 times as many "critical" vulnerabilities as IE, when just the opposite may be true.
Well, this is where I realized you weren't paying attention. I explained in three different postings that I was not just counting the damn vulnerabilities. This is all about the *severity* of the issues. Yes, it's all self-reported, and yes, Mozilla is over-reacting relative to Microsoft.
So, I get your point, but I think you're still missing mine. These are bad flaws. No matter how much you want to spin it, or to discount it due to Mozilla's over-reaction tendencies, these are *still* really serious problems.
My point is that we're wearing this cool shiny Firefox armor and feeling relatively invincible, but it's possible--just maybe--that we've got a false sense of security here.
A false sense of security is often far worse than no security at all. Yes it will probably get better, and yes it will probably get better far faster than Microsoft could ever imagine, but we're definitely not there yet.
I think you missed several key parts of my comment, where I agreed (almost) completely with your first points.
If he's that good at cooking steaks, he may have the luxury of turning away customers who don't like their steaks the way he thinks they should be made.
Right, I wrote about this exactly, including your "Soup Nazi" example. It can undeniably work, at least for the short term, but ultimately I believe it fails. We'll probably have to agree to disagree on the long-term viability of the model, but otherwise we're on the same page here.
Your IT customer says they want X. You know that X will not do what they need and will cost more than they should be paying for Y. Do you insist on Y or do you accept your pay for X and walk away when "what they asked for is not what they needed"? I say it's a sleazeball who actually takes the customer's money for useless services.
Ok, here's where we really disagree. I wrote, "Yes, some customers are morons, who don't know any better, and they would actually appreciate you letting them know that this is really not what you recommend. But others (non-morons) might make the same well-done request for non culinary reasons. Very few of these non-morons would be insulted if you gave an unsolicited recommendation that rarer is better, so that part is fine; and yet they may still decline to accept your recommendation and request it well-done anyway."
And further, "Use your vast talents to create the best damn well-done steak you can. Be proud of your ability to improvise under adverse conditions. You are there to serve your customers, not to showboat as a whining elitist."
So, yes, I would indeed urge my customers to take a better path. And, assuming they're paying me for my opinion (not just for a steak) I'd do everything I could to ensure they understood my reasoning and made an informed decision. I've often suggested to my customers that they get a second opinion to validate what I'm saying. But once they've made their decision, I honor it. And I do so in the best manner possible, given their constraints (think about the "gourmet" well-done steak). I would not give them something that wasn't on the menu in the first place, as I'm not qualified to provide such services, and I would definitely turn down certain requests that were illegal or otherwise inappropriate. But I think there's a huge spectrum of difference between this approach and the "sleazeball" you seem to think I described.
Also, we're all on the consumer side of this equation at some point. Don't forget that; everybody is also a service consumer as well. In this case, when I want advice, I make it abundantly clear that I want advice. But every now and again, I really do know precisely what I want, without your damn meddling. And once you've given me your unsolicited advice to do something else, I'll thank you to continue doing exactly as I requested. If you don't, then I humbly submit that you're the sleazeball in this equation, trying to impose your ideals upon me. You personally may know your field better than I, but the guy around the corner does not, and maybe, just maybe, you don't know as much as your customer knows, every single time. If you thing you're that infallible, I'll gladly take my business elsewhere. And I would expect you to take your business elsewhere if I were to refuse to do as you requested because I somehow believed that I infallibly knew everything about your situation (the unfortunate mindset of many consultants).
I'll use the well done steak analogy - if I were a great chef I'd never cook a fine steak to well done - the customer is a moron for asking for it and it would be a waste of my talent to cook it.
What you probably fail to realize if that the chef (and the waiter you later mention) are in what's known as a "service organization" and as such their entire goal should be to "serve" their customers. Unfortunately your attitude is not at all uncommon; it's really leading to the decline of society in a number of subtle but important ways, but I digress.
Yes, some customers are morons, who don't know any better, and they would actually appreciate you letting them know that this is really not what you recommend. But others (non-morons) might make the same well-done request for non culinary reasons. Very few of these non-morons would be insulted if you gave an unsolicited recommendation that rarer is better, so that part is fine; and yet they may still decline to accept your recommendation and request it well-done anyway.
Now, your precious talents are not being wasted, and you as the chef have no place taking out your pent-up frustrations on your customers. Use your vast talents to create the best damn well-done steak you can. Be proud of your ability to improvise under adverse conditions. You are there to serve your customers, not to showboat as a whining elitist.
Yes, there are pretentious snobs who think this crappy service attitude adds a degree of class to the establishment. And the customers who prefer the same may even be willing to pay a premium for it. But ultimately this is a self-defeating attitude, as you will eventually lose sight of the fact that customers are occasionally (not always) right, and if you can't respectfully disagree, you're not going to be in business very long.
There are many "great chefs" in the IT industry (and elsewhere) ready to take your place, many of whom can actually be bothered to care about their customers more than themselves.
What I take issue with is saying that FF has just as many and just as bad bugs or vulnerabilites as IE, and that they just haven't been found yet because FF is too small of a target.
Well, I never said the part about the quantity, but I did say that the bugs are just as bad. You may not have reviewed the Firefox advisory, but exactly how much worse does it get than "arbitrary code execution" anyway? And if such problems exist, exactly how many of them are needed before it should be considered fundamentally insecure?
Take issue if you must, but I stand firmly by my assertion that for all practical purposes these flaws are indeed "just as bad" as those in IE.
That one point was the source of my original disagreement with an ancestor posting; otherwise I completely agree with the rest of your statements.
Anecdotal as it may be, I have lots of evidence that FF is safer, and no evidence that IE is safer.
Perhaps you think I disagree with you on this point, but let me assure you I don't. I totally agree with that particular statement. I never said Firefox was not safer than IE in the current environment (such as market share, education of users, and many other market forces at work).
But I would hasten to add that this is on a relative basis only, and I don't think it's necessarily a causal relationship. Further, my concern is only that Firefox apologists seem to be downplaying the criticality of these flaws, saying that Firefox is now and will always be safe (not safer than anything else, just plain safe) and that's a very dangerous position, which is often self-defeating over time. Consider whether the attacks on Firefox may simply be more sophisticated and less prone to detection than the attacks against IE.
Again, I'm not claiming IE is safe, nor that it's safer than Firefox. But I'm not so sure Firefox is safe either. And, unless you've convinced literally tens of thousands of users to switch, and have closely and expertly monitored their systems for significant periods of time thereafter, you can't be so sure either.
FF has at least 10% market penetration, which is a HUGE number of computers, more than enough for some hacker to make money on.
That's 10% of what market--all Internet-connected computers on the planet? I think not. It's only 10% of some arguably small subset of all possible users. I've seen many logs of consumer retail sites showing Firefox represents more like 3% of the market (8% if you include Mozilla/SeaMonkey plus Netscape). And I'd further hypothesize that the Firefox users are biased, due to self-selection, to be more security aware and more likely to run other defensive utilities. Even it it were 10%, it's not even close to IE. Recall the days long ago when all the trade rags were saying Macs would never become dominant because software developers would always prefer to target 90% of users (on Windows), not the 10% on Macs. Well, advances in cross-platform development have helped, but indeed Macs are still (a dozen years later) nowhere near being dominant.
I don't know anyone whose computer is full of spyware because they use FF, but almost everyone I know who regularly uses IE complains how slow their computer is, and I look at their browser and there are 3 search bars that they have no idea where they came from or how to uninstall them.
Your anecdote, weak as it might be, actually supports my arguments, both above and in my GP post. You are jumping to the conclusion that a causal relationship exists, whereas I disagree. I'm much more inclined to say this is true only because the Firefox users represent a significantly different subset of all users, who are more aware of the security risks/benefits.
The reality is, FF discloses a vulnerability that ~could~ be exploited, then promptly fixes it, while IE doesn't disclose serious vulnerabilities that ~ARE~ being exploited and ~doesn't~ fix them. There are still ultra-critical IE exploits that have been in the wild for over a year, still resulting in drive-by installations, for which there still isn't a patch.
I agreed with this point already in my GP posting.
I feel and ~am~ much safer using FF and will continue to do so. All you have to look at is the reality, I've NEVER had a single piece of spyware installed since using FF (3 or 4 years). The same could not be said when I used IE, and cannot be said of friends that insist on still using IE.
Once again, beware of drawing such conclusions from the somewhat limited set of data you have. By all means continue to use Firefox and feel (and indeed become and stay in general) safer. But please note that this still does not mitigate the security implications of the existence of such a large number of critical bugs.
With only 1% of users on Firefox, they can hardly be considered critical. Any vulnerability in Internet Explorer is automatically 99 times as bad, due to its user base.
Be careful with this line of reasoning. All along there's been this mantra of "Firefox is inherently more secure, and would be even if it were the dominant browser" spouted continuously. Well, I happen think the GP makes a great point about this, and your reasoning seems to fly in the face of the mantra. Don't get me wrong--I'm one of these said spouters--but I'm honestly feeling more than a bit hypocritical at this moment. These are some damn serious issues, and it's not just a handful.
Now, I suspect the reason for this is that the Firefox community as a whole (users and developers) are far more pre-disposed to actually finding and publicly disclosing such bugs. My guess is that we really only see the tip of the IE iceberg in terms of security.
However, we still can't have it both ways; these are indeed very critical bugs, and to dismiss them otherwise may seem beneficial, but it's actually a great disservice.
Pretty much every ecommerce package calculates tax. It is not difficult to find state sales tax rates.
That's unfortunately a very naive view of the situation. Sales taxes can apply at local levels in addition to state levels. Recall this story from a few months ago. This stuff is not trivial, and you have to pay ongoing big bucks just to stay current (much like the mandatory Quickbooks subscription fees). No, I'm afraid it's far more complex than you're suggesting.
So what I want is a new device: the MagicalPhoneWizard. This device would hook to the one phone line, and then all my home phones would hook to it.
The MagicalPhoneWizard lets me program in a bunch of different code numbers of a few digits each.
What it does is this:
I give out code numbers to people who I want to be able to call me. When somebody calls my house, the MagicalPhoneWizard answers the line "silently", and then asks the caller for their "security code number"
Ask and ye shall receive: Call Intercept. Mostly, at least; this only works for unidentified calls, meaning where caller ID is unavailable or blocked, but otherwise it does exactly as you suggest.
Slashdot Mirror
Well of course they shouldn't have to.
Ideally the PC would be just like any other appliance. However, that "ideal" depends on your parents (and everybody else) receiving a built-in secure operating system with their PC. Therein lies the problem. Until Microsoft ships one of those, I'm suggesting the burden is on Microsoft to train their users.
Look at the instruction booklet that comes with any VCR or cordless phone, and you'll find the first several pages are full of safety warnings. Even PC hardware manuals include these warnings. Yet not a single warning comes with Windows. Not a single place does it say that your hardware could easily become (for all practical purposes) the property of any arbitrary user in the world without your knowledge.
Maybe Microsoft should be forced to place a huge warning in bold type on your license that using the product improperly will support, oh, let's see, spam, child porn, and/or terrorism, unless you follow safe computing practices. Now if this happened, your parents would suddenly want to learn about what that means, or they'd stop using the computer completely. Of course that's bad for Microsoft, so they'd be compelled to either: 1) provide training; or 2) secure their OS.
They'll always choose the latter, but until they actually succeed, I'd settle for the former.
Agreed. However, isn't it high time they learned? And who better to explain it to them than the "consumer-friendly" folks at Microsoft? Either that, or they sure better teach their consumers how NOT to end up with a zombie machine. It seems only fair that, one way or another, education should be part of the deal.
I can't figure out whether you're a troll or just clueless about customer support. On the off-chance it's the latter, let me try to explain that you are greatly over-estimating the ability of most humans to "figure out" how to install and use an RSS feed, and you are greatly under-estimating the number of humans who call to ask to be added to email-based mailing lists.
Sounds like a perfect solution to me.
Indeed, your idea works well for you, and everybody else who happens to be just like you. Unfortunately, this little group is highly non-representative of the vast majority of retail consumers on this planet.
And even that won't work either. It's inherently flawed.
It seems I just posted about this very topic, and it's still entirely relevant. Rather than copy-and-paste, here's the link.
You're not comprehending. I do consider paying for service, even where it's not advertised, and in doing so I take a look at what attitude the developers (or others) have while answering in open non-paying forums such as mailing lists. If the majority of the "free" answers are poorly written disrespectful drivel about "RTFM and get lost" and the like, then that's a really good indicator to me that they're not going to treat me any differently, even if I pay. I often decline to use their product, and advise others to do the same if they ask. Money doesn't magically turn obnoxious snobs into pleasant respectful people; in fact often it's quite the opposite.
I agree; that's probably among the prime motivators, which ultimately result in the attitude I described. But they can't have it both ways; they can't expect wide-spread adoption if their true goal is to further the art and/or actualize themselves, rather than to satisfy customer needs.
In this case, fellow developers are welcomed most, people who want to learn about the software are welcomed second and "users" who want a canned answer as if they are trying to cheat on a multiple-choice exam are listened to last - and get really annoying if they insist it is their due.
Remember, that when you deal with most corporations you don't even get a chance to talk to the developers. So be polite by recognizing what people value and if you think that you can do a better job - please go ahead. The source is availaible.
I happen to fall into the "most welcomed" category of software developers, so I've not personally been on the receiving end of this sort of bias in these project. However, many projects fail to attract me and others like me--their prime target--specifically because the initial creators treat potential users like crap. When considering whether to contribute, many of us will first try to gauge the potential success and longevity of a project, and service weighs heavily in that equation. If it looks like a project community is ignoring their user base, then we'll choose to contribute our efforts elsewhere. For that, we're deemed "elitists" but user-focused developers do not "disgrace the profession" in any way.
Of course I get annoyed when users don't bother to read even the most basic parts of the README or FAQs, or refuse to review the mailing list archives before asking a trivial question. But to presume all non-contributers are burdensome and need to understand their place in this odd little society is counter-productive.
More to the topic of this article, we're talking here about Linux Snobs, and I say again that if we want widespread adoption, we need to consider carefully revising our priority list of who is welcome. If the inevitable handful of morons disturb you, don't deal with them; they'd probably rather have no answer than be abused by your caustic responses. However, if you start noticing lots and lots of the same "morons" asking the same questions, maybe--just possibly--you have a documentation or service gap that really should be filled.
The "art" of creating software includes much more than just making it work, it involves solving a problem in a usable way. Note that usable does not imply frilly interfaces with bells and whistles. But if your supposed target audience can't fit in the chair you're in right now, then you need to at least consider your service as well as your product.
The attitude is prevalent, and ignores completely the service aspect of providing a positive customer experience. You might have the greatest product in the world, but if nobody can install it or configure it, then it's really quite worthless. Sure, the "target audience" can figure it out, but all to often the target audience is just the myopic developer, and everybody else who is exactly like him/her. Oddly enough, this planet has a great many inhabitants who might gain benefit from the great software product, if only the creator bothered to consider even passable service to go along with it.
I'll blatantly link to my own comment thread from another story just a couple days ago, which is exactly on this same topic. There I was flamed for suggesting that having good service is just as important as having a good product, and that there is a large range between the "I'll do anything if you pay me" attitude and the "if you don't like it my way get lost" attitude.
By the way, I highly doubt it is only the Linux/FOSS community, but it does seem disproportionate; if nothing else, given that it's a smaller community, finding the odd non-snob is somewhat more difficult.
Product is one thing; service is another. You're conflating them. If you have a good product, and you educate your customers, they may decide they want it or they don't want it. If they fit into those categories, your service is unquestioned and irrelevant. However, how you treat those customers who would like a custom or modified solution, even if it's counter to your best advice, is what's most telling about your service attitude. Assuming they don't ask for something harmful, but simply insult your professionalism (by perhaps adding salt to your steak) if you tell them to get lost, your service is crappy despite offering what might be an otherwise tremendous product.
In other words, your analysis is the typical /. smug, elitist bullshit. Shove it.
Elitist? That flame takes a lot of guts coming from somebody who believes the experts should not bother to serve the "morons" who dare to disagree. Of course there are high-maintenance customers, and some of them want things that are harmful. But some of them are actually worth serving, and I'm advocating that it's worth learning from (rather than just providing education to) these customers, in order to find out who they are and what they want. In response you tell me to shove my smug elitist attitude. Wow. I'd further explain the irony, but you're right about one thing: some tasks are futile.
As a chef your goal is to prepare good food. A well done steak isn't good food, ...
These may well be your only points where I agree.
You don't know that. They may have various health issues, or simply enjoy well-done steak. Remember, though, that this whole food thing was only a (very bad) analogy, introduced not by me but a GP posting.
A chef who serves a well done steak has disgraced his profession.
Well, that's where you seem to have take great liberties with this analogy. Perhaps inadvertantly over-cooking a steak that was ordered to be medium rare would qualify here, but it's hardly disgracing your profession to intentionally serve what your customers requested, even if it is not your recommended approach. For crying out loud, why bother cooking food for others at all, if it's going to be your way or no way. If it's only going the way you like it, and the customer be damned, then you should really get another job. Remember, we're talking in a metaphor about IT here. I hope you're not really so smug to think you're the know-it-all chef and the customer's request should be ignored. A consultant's viewpoint for sure, but it seems you're implying that anything short of "my way or else" is disgracing the profession and greedily ripping off customers left and right. I most strongly urge you to consider there is a vast spectrum between this two extremes.
Why do that, when he can throw the customer out and instead cook for someone who actually has working tastebuds?
Again, you're making a presumption that the customer doesn't know what he's talking about, and that there is only one "right" solution, and that anything less is a worthless waste of time. To be clear, we're not talking about mistakenly over-cooking an order, we're talking about a customer who actually wants something definite, but against your better professional judgment. I suppose you think there's absolutely nothing ever to be learned; you've reached the pinnacle, and any other viewpoint is wrong. Similarly, if other chefs do actually bother to care about customers and serve what they ask, they're dishonoring the craft. Again, I call bullshit. There's a wide gap, and you're only looking at the two extremes (from the viewpoint on one of them, no less).
I think only you could consider cooking decent food to be 'crappy service'.
This may be a fundamental reason you don't even understand what I'm saying. There are two aspects here, the product and the service. Well-done steak is a crappy product; throwing out customers, calling them morons, and telling them they no nothing about what they like is indeed crappy service. I suspect you think I'm alone because you never bother to listen to others with opinions different from your own.
You'll find that top restaurants have waiting lists measured in months or years, and people who want their steak well done have no business eating there as they won't be able to taste anything anyway.
Again, you're ready to summarily refuse service to people who actually may know what they want better than you. The hubris is overwhelming, but I actually admitted that this has its appeal to a certain subset of the world (and yes, I'm guessing you would be one of those who would feel honored to be allowed the privilege of eating at such an establishment, despite that you could not ask for your meal without something you might be allergic to, for example, because the chef would feel you have no business eating there otherwise, but I digress).
If you want a well done steak, why are you going to a good restaurant anyway?
Perhaps because the ingredients are top notch, and you like the service and the desserts. Remember, this is just a metaphor. So maybe you realize the disadvantages of the well-done steak, but it's still what you want, because y
I'd personally prefer no "governing body" be involved at all in deciding any standards for any region. If for no other reason, I would object because for it to be anywhere close to useful it would take a monumental (and ultimately wasted) effort, funded by some taxpayers somewhere. Countries are far too big; these standards vary from state to state in the US, and even city to citu within any given state. It could even be specific to a small community, which is why this quickly falls apart (or, more accurately, it fails to scale) globally.
Yet there's still the problem of either needing to rely on self-ratings (which certainly would lead to misleading if not maliciously-incorrect tags to be policed) or a standards board, aka censors (who would have the daunting task of grading all the world's online content against hundred, thousands, or perhaps millions of different community standards).
Ah, the dreaded "software issue" problem. Maybe they should contact AOL; it might be related to their recent software glitch incident.
These self-tagging schemes can't work for this very reason. What is "artistic" to the person generating the content may be shocking to some and perfectly fine to others. The net is global, so what they consider artistic in some parts of the world would be highly objectionable elsewhere. It's really not so simple as to allow your teenage child to see any "artistic" nudes--don't you think some site in some locality will display something highly objectionable in this category?
Further, I fear you're being quite naive to think that the person generating the content would be honest and objective. Consider all the battles films executives wage in order to get a coveted PG-13 rather than R rating, so that they can expand the potential audience. The same thing would hold for ad- or subscription-driven "artistic" content.
And as for legislation, no thanks. The best thing our elected representatives can do in this respect is keep their noses out of our business. Would you propose that every image, sound, text, or other content be subject to mandatory review? That's what the film-makers do, but it just doesn't scale to this vast medium called the Internet. Even if it did, there's no universal agreement, so again, these ratings are nearly worthless except at a very granular level.
Even if you start from the other end, and tag kid-friendly content (consider the ".kids" TLD) you can bet that some communities around the world will think nearly any nudity is fine whereas even cartoon-like violence would be objectionable (and, of course vice versa in other parts of the world)
I don't have any good solution to this problem, and I would suggest that, unfortunately, neither do you.
That's exactly right, and I agree they should disclose what they're doing, so that we can allow market forces to correct this.
Even if the ISP tells you in the fine-print contract about bandwidth shaping in general, you'll never know whether it is causing your application failure. Instead, high-speed applications will simply not be adopted because the ISP cannot provide the quality of service required. Users will be reluctant to adopt other high-speed applications, as well.
Well, I agree with you there; this is a very likely long-term result. However, because it's in the fine print, you'll probably never succeed in getting the FCC or FTC to help. Currently, all telecommunications tariffs are required to be made publicly accessible; I'll dare you to find the plain-language rate structure of your local carrier, as filed with the FCC, and make any sense of it. If you think fine print in a DSL agreement is bad, you really should take a few minutes to see what you're up against.
Telecommunications is a regulated market. The telephone companies especially are expected to be up-front about their service and billing. This bandwidth shaping (or "denial of service", let's call it what it really is) would not be allowed if it was a more well known technology like telephone calls, television, or electricity. I say, get the FCC involved and let them decide whether this is illegal or just unfair.
Yes it is. But once we stop thinking of IP bandwidth at home being the same as a dialtone, I think we'll all be happier. I think the last thing we need right now is more government intervention and/or regulation. Contact any DSL provider and ask about getting a T1 to your home. They'll certainly do it, and it should come as no surprise that it costs roughly 10-20 times what their standard (but often faster) residential DSL lines cost. They are, however, unlimited in every sense. No bandwidth caps, no port/protocol blocking, no disallowed server hosting; you can use this full throttle 24/7 for any purposes you want, and you can get guaranteed (non-oversold) bandwidth.
In fact, these T1 prices are extremely well regulated. So well, in fact, that their price hasn't come down substantially in at least decade. Now, you propose to get the government involved in the residential game as well, and I suggest that you're unknowingly asking for significantly higher prices and significantly lower customer service (as if it's not already as bad as it could be).
Residential IP bandwidth service is not guaranteed the same as your dialtone. Consider for a moment that IP is fundamentally a "best effort" delivery service in the first place. Whether the ISPs happen to be selective about the kind of packets they drop is totally market driven, no matter how much we wish it was "fair" (or even better "unlimited" as they claim). But you can't have it both ways; you can't have cheap and unlimited bandwidth, and the reason is the very regulation of the telecommunication industry you mentioned. Eventually, upstream, you're going to need to pay for the bandwidth you use, and you're going to pay a lot.
Lowering user speeds based on usage is clearly unfair, if not illegal.
What in the world could possibly be illeagal? At best this is the free market economy at work. It's not false advertising; take a look at the fine print, the terms of service, and/or acceptable usage policies. I can assure you they've bothered to disclose this behavior.
Someone who knows how the regulatory system works should pursue a complaint with the FCC when they encounter the bandwidth throttling on a specific application. This would bring light to the unscrupulous practice.
Most likely it would be the FTC, not the FCC, since this seems to be an issue more with your naive belief in the glitzy advertising without bothering to read the remainder of the offer.
Did you ever stop to consider how redidential broadband can possibly be so inexpensive? Have you ever tried to purchase bulk amounts of bandwidth directly from a Tier 1 provider, or even provisioning a T1 line to an arbitrary location? This stuff is not cheap, even in bulk, forgetting any other expenses that go into providing the service.
Basically, the ISP is a consolidator; their entire business is based on buying bandwidth in bulk, and overselling. Wake up to this reality and things will become much more clear. Sure it would be great to pay $30/month and get 5Mbps dedicated symmetrical bandwidth, but that's just not going to happen.
Of course there are ISPs who push the limits of advertising and treat customers with zero respect. But the whole residential broadband industry is based on usage statistics. Think of it much like insurance companies and their actuarial tables. It's always unfair, as some portion of customers who pay more, and get less (or nothing) than those who pay the same amount and get significantly more.
You might not like that thought, but you need to get it out of your head that you're in the correct marketplace at all. If you need full-time dedicated bandwidth, you need to investigate "business-class" service, not residential (and you need to be prepared to put your money where your bit requirements are; it's nowhere near as inexpensive).
Yes, I was actually trying to agree and expand upon your comment (it seems like it's been longer than normal since I've haven't had any mod points, so it's the best I could do). My apologies if it came across as any kind of disagreement.
It looks like a bad jpeg because that's exactly what it is; the 1024x768 "wallpaper" is only 161kB.
I'm simply trying to point out the difference between a vulnerability that could, theoretically, be used for arbitrary code execution, and one that IS being used daily for arbitrary code execution, drive-by installations, etc.
Yes, I know; I understood that from the beginning. I never disputed this.
Mozilla is the one being honest, but if you look at the sheer numbers and not the descriptions of the vulnerabilities, it often appears that FF has 3 times as many "critical" vulnerabilities as IE, when just the opposite may be true.
Well, this is where I realized you weren't paying attention. I explained in three different postings that I was not just counting the damn vulnerabilities. This is all about the *severity* of the issues. Yes, it's all self-reported, and yes, Mozilla is over-reacting relative to Microsoft.
So, I get your point, but I think you're still missing mine. These are bad flaws. No matter how much you want to spin it, or to discount it due to Mozilla's over-reaction tendencies, these are *still* really serious problems.
My point is that we're wearing this cool shiny Firefox armor and feeling relatively invincible, but it's possible--just maybe--that we've got a false sense of security here.
A false sense of security is often far worse than no security at all. Yes it will probably get better, and yes it will probably get better far faster than Microsoft could ever imagine, but we're definitely not there yet.
If he's that good at cooking steaks, he may have the luxury of turning away customers who don't like their steaks the way he thinks they should be made.
Right, I wrote about this exactly, including your "Soup Nazi" example. It can undeniably work, at least for the short term, but ultimately I believe it fails. We'll probably have to agree to disagree on the long-term viability of the model, but otherwise we're on the same page here.
Your IT customer says they want X. You know that X will not do what they need and will cost more than they should be paying for Y. Do you insist on Y or do you accept your pay for X and walk away when "what they asked for is not what they needed"? I say it's a sleazeball who actually takes the customer's money for useless services.
Ok, here's where we really disagree. I wrote, "Yes, some customers are morons, who don't know any better, and they would actually appreciate you letting them know that this is really not what you recommend. But others (non-morons) might make the same well-done request for non culinary reasons. Very few of these non-morons would be insulted if you gave an unsolicited recommendation that rarer is better, so that part is fine; and yet they may still decline to accept your recommendation and request it well-done anyway."
And further, "Use your vast talents to create the best damn well-done steak you can. Be proud of your ability to improvise under adverse conditions. You are there to serve your customers, not to showboat as a whining elitist."
So, yes, I would indeed urge my customers to take a better path. And, assuming they're paying me for my opinion (not just for a steak) I'd do everything I could to ensure they understood my reasoning and made an informed decision. I've often suggested to my customers that they get a second opinion to validate what I'm saying. But once they've made their decision, I honor it. And I do so in the best manner possible, given their constraints (think about the "gourmet" well-done steak). I would not give them something that wasn't on the menu in the first place, as I'm not qualified to provide such services, and I would definitely turn down certain requests that were illegal or otherwise inappropriate. But I think there's a huge spectrum of difference between this approach and the "sleazeball" you seem to think I described.
Also, we're all on the consumer side of this equation at some point. Don't forget that; everybody is also a service consumer as well. In this case, when I want advice, I make it abundantly clear that I want advice. But every now and again, I really do know precisely what I want, without your damn meddling. And once you've given me your unsolicited advice to do something else, I'll thank you to continue doing exactly as I requested. If you don't, then I humbly submit that you're the sleazeball in this equation, trying to impose your ideals upon me. You personally may know your field better than I, but the guy around the corner does not, and maybe, just maybe, you don't know as much as your customer knows, every single time. If you thing you're that infallible, I'll gladly take my business elsewhere. And I would expect you to take your business elsewhere if I were to refuse to do as you requested because I somehow believed that I infallibly knew everything about your situation (the unfortunate mindset of many consultants).
What you probably fail to realize if that the chef (and the waiter you later mention) are in what's known as a "service organization" and as such their entire goal should be to "serve" their customers. Unfortunately your attitude is not at all uncommon; it's really leading to the decline of society in a number of subtle but important ways, but I digress.
Yes, some customers are morons, who don't know any better, and they would actually appreciate you letting them know that this is really not what you recommend. But others (non-morons) might make the same well-done request for non culinary reasons. Very few of these non-morons would be insulted if you gave an unsolicited recommendation that rarer is better, so that part is fine; and yet they may still decline to accept your recommendation and request it well-done anyway.
Now, your precious talents are not being wasted, and you as the chef have no place taking out your pent-up frustrations on your customers. Use your vast talents to create the best damn well-done steak you can. Be proud of your ability to improvise under adverse conditions. You are there to serve your customers, not to showboat as a whining elitist.
Yes, there are pretentious snobs who think this crappy service attitude adds a degree of class to the establishment. And the customers who prefer the same may even be willing to pay a premium for it. But ultimately this is a self-defeating attitude, as you will eventually lose sight of the fact that customers are occasionally (not always) right, and if you can't respectfully disagree, you're not going to be in business very long.
There are many "great chefs" in the IT industry (and elsewhere) ready to take your place, many of whom can actually be bothered to care about their customers more than themselves.
Well, I never said the part about the quantity, but I did say that the bugs are just as bad. You may not have reviewed the Firefox advisory, but exactly how much worse does it get than "arbitrary code execution" anyway? And if such problems exist, exactly how many of them are needed before it should be considered fundamentally insecure?
Take issue if you must, but I stand firmly by my assertion that for all practical purposes these flaws are indeed "just as bad" as those in IE. That one point was the source of my original disagreement with an ancestor posting; otherwise I completely agree with the rest of your statements.
Perhaps you think I disagree with you on this point, but let me assure you I don't. I totally agree with that particular statement. I never said Firefox was not safer than IE in the current environment (such as market share, education of users, and many other market forces at work).
But I would hasten to add that this is on a relative basis only, and I don't think it's necessarily a causal relationship. Further, my concern is only that Firefox apologists seem to be downplaying the criticality of these flaws, saying that Firefox is now and will always be safe (not safer than anything else, just plain safe) and that's a very dangerous position, which is often self-defeating over time. Consider whether the attacks on Firefox may simply be more sophisticated and less prone to detection than the attacks against IE.
Again, I'm not claiming IE is safe, nor that it's safer than Firefox. But I'm not so sure Firefox is safe either. And, unless you've convinced literally tens of thousands of users to switch, and have closely and expertly monitored their systems for significant periods of time thereafter, you can't be so sure either.
That's 10% of what market--all Internet-connected computers on the planet? I think not. It's only 10% of some arguably small subset of all possible users. I've seen many logs of consumer retail sites showing Firefox represents more like 3% of the market (8% if you include Mozilla/SeaMonkey plus Netscape). And I'd further hypothesize that the Firefox users are biased, due to self-selection, to be more security aware and more likely to run other defensive utilities. Even it it were 10%, it's not even close to IE. Recall the days long ago when all the trade rags were saying Macs would never become dominant because software developers would always prefer to target 90% of users (on Windows), not the 10% on Macs. Well, advances in cross-platform development have helped, but indeed Macs are still (a dozen years later) nowhere near being dominant.
I don't know anyone whose computer is full of spyware because they use FF, but almost everyone I know who regularly uses IE complains how slow their computer is, and I look at their browser and there are 3 search bars that they have no idea where they came from or how to uninstall them.
Your anecdote, weak as it might be, actually supports my arguments, both above and in my GP post. You are jumping to the conclusion that a causal relationship exists, whereas I disagree. I'm much more inclined to say this is true only because the Firefox users represent a significantly different subset of all users, who are more aware of the security risks/benefits.
The reality is, FF discloses a vulnerability that ~could~ be exploited, then promptly fixes it, while IE doesn't disclose serious vulnerabilities that ~ARE~ being exploited and ~doesn't~ fix them. There are still ultra-critical IE exploits that have been in the wild for over a year, still resulting in drive-by installations, for which there still isn't a patch.
I agreed with this point already in my GP posting.
I feel and ~am~ much safer using FF and will continue to do so. All you have to look at is the reality, I've NEVER had a single piece of spyware installed since using FF (3 or 4 years). The same could not be said when I used IE, and cannot be said of friends that insist on still using IE.
Once again, beware of drawing such conclusions from the somewhat limited set of data you have. By all means continue to use Firefox and feel (and indeed become and stay in general) safer. But please note that this still does not mitigate the security implications of the existence of such a large number of critical bugs.
Be careful with this line of reasoning. All along there's been this mantra of "Firefox is inherently more secure, and would be even if it were the dominant browser" spouted continuously. Well, I happen think the GP makes a great point about this, and your reasoning seems to fly in the face of the mantra. Don't get me wrong--I'm one of these said spouters--but I'm honestly feeling more than a bit hypocritical at this moment. These are some damn serious issues, and it's not just a handful.
Now, I suspect the reason for this is that the Firefox community as a whole (users and developers) are far more pre-disposed to actually finding and publicly disclosing such bugs. My guess is that we really only see the tip of the IE iceberg in terms of security.
However, we still can't have it both ways; these are indeed very critical bugs, and to dismiss them otherwise may seem beneficial, but it's actually a great disservice.
That's unfortunately a very naive view of the situation. Sales taxes can apply at local levels in addition to state levels. Recall this story from a few months ago. This stuff is not trivial, and you have to pay ongoing big bucks just to stay current (much like the mandatory Quickbooks subscription fees). No, I'm afraid it's far more complex than you're suggesting.
Ask and ye shall receive: Call Intercept. Mostly, at least; this only works for unidentified calls, meaning where caller ID is unavailable or blocked, but otherwise it does exactly as you suggest.