Internet Users Not Updating Browser 409
Jackson writes "Security researchers from ETH Zurich, Google, and IBM Internet Security Systems have shown that more than 600 million Internet users don't use the latest version of their browser. The researchers' paper, shows that as of June 2008, only 59.1 percent of Internet users worldwide use the latest major version of their preferred web browser.
Suggestions have also been made to inform users that their browser is out of date."
How many of those users CAN upgrade? (Score:5, Interesting)
If you're running Win9x/2000, you can't upgrade to the latest version of Internet Explorer.
Re:How many of those users CAN upgrade? (Score:5, Informative)
Windows 9x users cannot use the latest version of Firefox either [slashdot.org].
Re:How many of those users CAN upgrade? (Score:5, Informative)
They can still upgrade to Opera, which supports down to Windows 95.
Re:How many of those users CAN upgrade? (Score:5, Funny)
Re:How many of those users CAN upgrade? (Score:4, Informative)
Neither can Vista users.
Both Firefox and Thunderbird refuse to update automatically under certain conditions (not running under Admin all the time as one of those conditions). Fixing it is more or less a PITA, too. I haven't done it yet, so I can hardly expect, for instance, my grandmother to do it.
Re: (Score:3, Interesting)
Re:How many of those users CAN upgrade? (Score:5, Informative)
While Firefox 3 chose to abandon Windows 95 compatibility, Firefox 2 is still being patched and maintained.
Unlike the IE6 users of Windows 95, who no longer get MS patches.
Re: (Score:3, Interesting)
... not that I think this is at all the reason people don't update.
http://www.w3counter.com/globalstats.php [w3counter.com]
Windows 98 is listed as less than 1%.
And I'm pretty sure FF3 still works on Windows 2000 which just barely beats out Linux in popularity.
Re:How many of those users CAN upgrade? (Score:4, Informative)
And I'm pretty sure FF3 still works on Windows 2000 which just barely beats out Linux in popularity.
FF3 works in Windows 2000. I installed it last month on an older computer, and it is used daily as the default browser.
Re:How many of those users CAN upgrade? (Score:4, Insightful)
While Firefox 3 chose to abandon Windows 95 compatibility, Firefox 2 is still being patched and maintained. Unlike the IE6 users of Windows 95, who no longer get MS patches.
If you're running an OS thats 13 years old, you have much bigger issues than running the latest web browser.
Re:How many of those users CAN upgrade? (Score:5, Informative)
Re: (Score:2)
That still leaves Windows 9x/ME S.O.L. [mozilla.com]
np: Nine Inch Nails - The Beginning Of The End (Year Zero)
Re: (Score:3, Informative)
I would have assumed that Windows ME users were pretty much screwed from the beginning.
As I recall, current versions of Firefox 2 will still run on anything newer than Windows 95. It's just the 3.0 branch which dropped support for 98 and ME.
Re: (Score:2)
And... Wouldnt you consider Firefox 3.x to be the newest/latest version of Firefox?
Just asking, since, you know... the article is about people not upgrading to the newest. Sure 2.0.xx [mozilla.com] is still being maintained, but its not adding anything new, and stops being supported in December of this year.
Re: (Score:2, Informative)
Re:How many of those users CAN upgrade? (Score:4, Interesting)
There are other reasons not to upgrade to Firefox 3 - in particular, my company has production code that uses something like div_element.offsetParent.offsetTop (variable name changed intentionally to protect the guilty) without checking first to see if offsetTop is null (this is used to get the height in a browser) and Firefox 3 javascript crashes and burns but no other browser has a problem with it (of the four we support).
Our official policy is that Firefox 3 is not supported, meaning every single one of our customers needs to either use Firefox 2 or a different browser until we do certification on it (which I believe isn't even planned for this year due to other scheduling needs). I have notified the people in charge of that javascript, so it potentially could be fixed/patched beforehand, or if it's a FF3 bug, the Mozilla team will get notified - I'm not the author or maintainer and have no power to change that code.
Re:How many of those users CAN upgrade? (Score:5, Insightful)
Firefox 2.0 is just as current as 3.0, and will be until the end of this year. Anyone who says differently is selling something.
Re: (Score:3, Interesting)
Same month Opera 9.5 was released, same month Safari 4.0 was released.
Which, maybe it means that they waited exactly for that month, or maybe its entirely the wrong moment since no one was really upgrading anything if it was just before those releases.
Re:How many of those users CAN upgrade? (Score:5, Informative)
Who in their right mind have a computer online with Windows 95/98 or ME on it?
Someone whose business applications only run on Windows 95/98 or ME, and either there is no upgraded version of it (maybe the vendor went out of business) or the upgrade doesn't convert the old data, or doesn't have a feature being used, or otherwise isn't workable.
Re: (Score:2)
Fine. But you'd still be crazy to browse the web from an OS that hasn't had any security updates in years.
I still keep around a machine with a Win98 partition. It stays strictly local.
Re: (Score:3, Interesting)
Dare I ask why? Unless you know of some security vulnerability in Win 9x's TCP/IP stack, I'm not sure what would be the problem in running Opera 9.51 on Windows 9x. Should you use outdated flash plugins, java plugins, etc? No. But you don't *need* those to browse the web (and odds are good that if you're running Win 9x, you're using a machine that wouldn't work well with the latest flash/java apps anyways
That's what emulators are for. (Score:4, Insightful)
Someone whose business applications only run on Windows 95/98 or ME
...can run existing Windows 95/98 or ME licenses in a virtual machine.
Re: (Score:3, Interesting)
Depends. Many proprietary systems and software will use things like hardware dongles and such that don't always behave inside a VM. A few years back I actually had to setup a machine using DOS 6.0. A professor at school was performing a psychology experiment using some special software that worked only in older versions of DOS. It too used a hardware dongle or it wouldn't function.
Re: (Score:3, Insightful)
How many are IE6? (Score:5, Informative)
I wonder how many of those are IE6, which a lot of people use because they CAN'T upgrade to IE7.
And as an above commenter pointed out, I highly doubt they factored in that some OS's can't actually run the latest version of their browser.
Re:How many are IE6? (Score:4, Interesting)
I wonder how many of those are IE6, which a lot of people use because they CAN'T upgrade to IE7.
Can't? More like won't for me.
I really don't know what it was. May its the fact that IE7 always ran sluggish for me or the fact that Firefox and Opera run so much quicker and with fewer crashes.
IE7 was my last straw when it came to Microsoft applications.
Re:How many are IE6? (Score:5, Informative)
Even if you do not explicitly use Internet Explorer for browsing, you should upgrade it as it is a core part of the Windows Kernel.
Internet Explorer it is used behind the scenes in many places; the eye-candy interfaces of most Norton products, for example, runs on the IE engine.
Not that I recommend Norton products, still...
Re:How many are IE6? (Score:5, Insightful)
Even if you do not explicitly use Internet Explorer for browsing, you should upgrade it as it is a core part of the Windows Kernel.
That is another part about IE that I have issues with. Why make a web browser part of the OS? It makes very little sense. It should, at most, be a bloated application that I could uninstall at whim. But no! It has to totally screw with everything else. As it is now, I specify Firefox as the default browser and disable access to IE. It doesn't matter which version of IE, I'm still not using it.
Not that I recommend Norton products, still...
Thanks to a run-in with their overly-aggressive virus scanning process (that can't be turned off) I no longer use Norton home products. Their corporate/enterprise software that I use at work is waaaaaay better.
Re: (Score:2)
Re: (Score:3, Informative)
Why yes, who could possibly have any use for a high-quality HTML renderer anywhere but in the browser.
This is the problem, though. Internet Explorer has never been - and still isn't - a high quality HTML renderer. It's sub-standard on performance, and still woefully sub-standard on the actual rendering.
Re: (Score:3, Informative)
Every version of Internet Explorer in recent history has exported a COM interface. This makes it trivial for a Win32 developer to add web rendering support to an application - you just hook the interfaces Internet Explorer provides, and *bam!* HTML rendering!
This is why it's difficult (and why you're not "supposed" to) remove Internet Explorer - a lot of applications use it, even if it's just one function call to process a blue hyperlink in their help-about.
That's also why it's a good idea to upgrade it.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
So a better title would be.. (Score:5, Insightful)
And these same users are probably happily using windows 98 on their Pentium II's, and don't give a damn about having the most shiny, newest toy.
Re: (Score:2)
If you mean that happily is the same as insecurely, then yes, they are happily using MS legacy.
Re: (Score:2)
Happily participating as the slowest machine on the Botnet!
Maybe they *can't* upgrade (Score:5, Insightful)
Large numbers of corporate users are at the mercy of the IT department's update/upgrade schedule. In my environment, there are a large number of applications that will break if IE7 is installed, and the schedule to update and test those dependencies is lengthy.
Furthermore, we've spent so much time training users to ignore messages that say "Your $FOO is out of date! Click here to install the latest version because it's almost always malware, and now you want to turn around and do the exact opposite?
Re: (Score:2)
Re: (Score:2)
Sure. Because if they don't update, then the malware gets in anyway, because they are undoubtedly using a browser with known vulnerabilities. The worst case scenario is the same in both cases, so we might as well pick the one where they at least have a chance at
IBM doesn't support IE 7 (Score:3, Interesting)
I thought it was ironic that IBM Security Systems put out the report, since IBM doesn't support use of IE 7 internally--everyone is told to stay on IE 6 until various applications can be updated.
Firefox is supported, however.
[Opinions mine, not IBM's.]
Re:Maybe they *can't* upgrade (Score:5, Informative)
If using a different Web browser to access a server causes it to crash, you have more serious things to worry about, like finding another vendor that doesn't write software that takes down your server when it's accessed in a perfectly reasonable manner.
Re:Maybe they *can't* upgrade (Score:4, Insightful)
Wait, your server is so bad that is crashes when it's accessed by Firefox?! And you're blaming FIREFOX for that?!!
Re: (Score:3, Insightful)
No thats the failing of an admin too. A lot of this stuff can be traced with filemon and other tools. Then just update GPO to give them whatever rights they need. Then bug your vendor so they sell you software that fits your security model.
Firefox vs. IE (Score:5, Insightful)
If you have automatic updates turned on in Windows, they automatically update as well.
However, most people I know turn off automatic updates because it can be so obnoxious. Many folks also disable the BITS service because of the process overhead it chews up.
It's the difference between being a virtually seamless integration (like Firefox) or an overly-obtrusive integration that eats up system resources.
For instance - firefox tells you when you go to close the program that there are updates ready. Microsoft pops a little icon that #1 interrupts what you are doing #2 may very well crash the machine or lock it up if it happens while you're playing a game, etc. Remember that letter Gates sent about usability? It's the key in this case, I think.
I also wonder if this took business users into account - I can't update because my IT department won't let me. I doubt that would be different if we were using Firefox or Opera rather than IE.
Re: (Score:2)
Firefox already automatically updates.
Well now, that's kind of news to me. The copy I use on one machine did in fact recently update itself, about five days ago ... to version 2.0.0.16. Certainly the extensions get updated very frequently (NoScript updates seem to come every five minutes). But nothing more. When I try "Help - Check for updates" manually, the message I get back is
There are no new updates available. Firefox may check periodically for new updates.
I don't particularly care -- not to the extent of installing Ff 3 manually, anyway -- but it does make me wonder in a mildly bemused fashion what the hell the Mozilla p
Re:Firefox vs. IE (Score:5, Interesting)
Noscript is ridiculous... I mean, it's not like ad-block where advertisers find new ways to annoy you and ad-block has to find a way to counter it; nocscript simply disallows running scripts... is it that bad that there's three new versions a week?
The answer is no... from what I read elsewhere, noscript updates take advantage of a flaw in computing the popularity of plug-ins by continuously updating so that they always get ranked at or near the top.
Re: (Score:2)
Re: (Score:2)
I also wonder if this took business users into account - I can't update because my IT department won't let me. I doubt that would be different if we were using Firefox or Opera rather than IE.
I've seen this come up a few times, and the code involved is usually something really horrible. (We have a leave booking system that doesn't really work with anything other than a specific sub-version of IE6 - the software we use was updated to support later versions, but we were too cheap to buy those updates. But our security people won out over our app support people, and IE6 got dropped. Lucky I guess. But I digress.) A nasty webapp is usually at heart of the problem, and yet chances are that some AJAX,
Re: (Score:2)
Firefox already automatically updates.
Really? I run Firefox as a non-root user. It is installed on the /usr filesystem. Are you saying Firefox has figured out how to get around the permissions issue? Oh, and BTW, my /usr is mounted read-only.
Re: (Score:3, Informative)
Actually, I'm trying to figure this out on my mac. Last night I got the update popup. I clicked yes and realized I was not an admin. I waited for it to prompt me for my admin user/pass or just error out, but it said it completed successfully.
I'm really confused.
Re: (Score:2)
Only 59.1%? (Score:5, Insightful)
Re: (Score:2)
I find it odd that "59.1% of users are running the most up-to-date browser available to them, and that a decent number of people were not running fully-patched versions."
Surely if 59.1% of people are running the most up-to-date browser, then 40.9% will not be running fully-patched versions. Why bother with the "a decent number" hand-waving when you've got a hard number you could put in there?
Yeah, but (Score:5, Funny)
No point in updating IE6 (Score:2, Insightful)
In the case of Internet Explorer 7, there are reasons not to upgrade to it over version 6. I use IE6 only for the websites that don't work properly in Firefox and I am not interested in the additional integration that IE7 provides. A person concerned with security wouldn't use an integrated browser in the first place.
By the way, Microsoft does remind me that IE6 is out of date every chance that it gets.
Re:No point in updating IE6 (Score:5, Insightful)
Please, for the love of all that's holy, upgrade to IE7.
Once IE6 installations get down below a certain point, we won't have to spend crazy amounts of time rewriting web pages so they *also* work in IE6.
Re: (Score:2)
This doesn't cause problems for you, because if you read what Blindman wrote, they only use it for sites that don't work with Firefox. If you're creating web pages that are anywhere close to being modern, then you won't see hits from any version of IE from people like us.
It's not installations that matter, it's what people actually use.
Yes there is a point (Score:5, Informative)
Not upgrading to IE7 because you don't "use" it is dangerous. Because, as you mentioned, IE is closely integrated into the operating system, its components can be used by other applications regardless of whether you click the blue 'E' icon or not. Any Windows application that has the ability to handle HTML content is likely to use some IE components. So if IE is not fully up to date, these other applications can put you at risk.
So, for example, vulnerabilities that only affect IE6 may affect other applications that use the relevant IE components for HTML rendering (think email, IM, etc.). Such as:
http://www.kb.cert.org/vuls/id/923508 [cert.org]
Or, even better... A recent Safari for Windows vulnerability:
http://www.kb.cert.org/vuls/id/127185 [cert.org]
Safari, a "stand-alone" web browser, is actually at a higher risk on systems with IE6 as opposed to IE7.
As with any software on your computer, you should upgrade it whether you *think* you use it or not.
Re: (Score:2)
What websites do you still visit that have Firefox compatibility? I don't think that's been a major concern for me in the last half-decade (since pre-1.0), and the only sites I've stumbled across recently where it had been a problem were so woefully out-of-date that it didn't matter anyways.
Quite frankly, I barely test in IE6 anymore, and often don't bother with conditional stylesheets (partly because my page layouts are pretty safe to start, partly because FUCK YOU IE6 YOUR MOM IS A DIRTY WHORE!!). I rea
Any idea... (Score:3, Insightful)
How many FF2 users just hate "AwsomeBar"?
Last I checked, FF2 security updates were still being pushed automatically, so what's the big deal about using 2.x over 3.0?
Re: (Score:2)
I don't know how many hate it. Initially, I did, but I've come to like it. However, I can understand why some folks don't.
But hey, this is Firefox, an open source project, so why don't all the folks who don't like it get organized and contact Mozilla en masse and demand that they include the option to use it or return to the old bar--and I mean the original old bar, not just an imitation that looks like the old bar but uses the new algorithm--in the next incremental update?
I'm not being flippant here. Le
Re: (Score:2)
I don't want a vocal minority of whiny assholes taking away the new bar.
Re: (Score:2)
Count me among that group. Hate is a very appropriate description. Yes, I am fully aware I can go get an extension to remove this "feature" but really, was it too difficult to have a checkbox to turn it off?
Re:Any idea... (Score:5, Insightful)
Awesome Bar was a feature I wasn't even aware of until FF3 went gold, but it was as appreciated and innovative as it was unexpected. Words are for people, DNS names are for computers.
Browsers at work (Score:3, Insightful)
What about your browsers that are provided by your IT department of your company?
I work in pretty large company and our IT dept. have disabled auto-updates from XP, Firefox and so on. Then they push updates to users when needed.
Above works fine in my company, but what about those companies with similar policies and non-existing or incompetent IT department? Browsing tubes all day long with old versions.
A good chuck of that 52% is corporate policy. (Score:5, Interesting)
The IT drones at my employer rigidly demand that all company machines must run IE6. They've coded all their intranet applications solely for that version and by god they will not budge. Firefox is forbidden as a "security risk" and no where to be seen is IE7. Fortunately for me I work on Linux based projects and and run what I please.
Do they count IE 6.latest or FoxPro 2.latest? (Score:2, Insightful)
If they say "IE 6.latest" or "Foxpro 2.latest" doesn't count as "latest" and those versions have no known unpatched vulnerabilities not shared by IE 7.latest or Foxpro 3.latest then they aren't counting properly.
There are good reasons not to do a major version upgrade the first few months it is out, but a prerequisite is that your existing browser continue to get security patches.
Re: (Score:2)
Re:Do they count IE 6.latest or FoxPro 2.latest? (Score:5, Insightful)
If they say "IE 6.latest" or "Foxpro 2.latest" doesn't count as "latest" and those versions have no known unpatched vulnerabilities not shared by IE 7.latest or Foxpro 3.latest then they aren't counting properly.
I agree. dBASE III works just fine for me, and I see no reason to update to dBASE IV when Ashton Tate currently provides the same level of support for both.
Of course they're not! (Score:2)
"If it ain't broke, don't fix it". It's amazing that as many people upgrade as they do. The average user doesn't know his browser is broken. The average user doesn't care that his browser is broken. It displays web pages and that's all he cares about. He doesn't worry about botnets, and why should he?
Fellow nerds, a better job must be done! There are reasons for bugs and security holes, but no excuses. When I see slashdot posts saying "their going to loose all they're money" and "Its broken it's back" I see
Murphy Was an Optimist (Score:3, Interesting)
no Firefox-3.x (Score:3, Insightful)
Firefox-2.0.0.16 with NoScript and without any plugins - for general purpose web browsing...
Seamonkey-1.1.11 with all the plugins, flash, java & mplayerplug-in - used only at trusted websites and only when there is media I want to see (used rarely) and Seamonkey for email too (I dont like thunderbird enough to use it)...
I don't really like Firefox-3.x because of the way it is being developed which is starting to look like feature creep is going to bloat it up, I would like to see it forked and have the fat trimmed off of it more, make it like dillo only better, if I was a clever code monkey genius I would grab the source for Firefox-3.x and fork it myself and trim it down to something like Firefox-1.x or 2.x (or a little leaner)...
re: feature creep .. (Score:2)
Try Gran Paradiso [mozilla.org], supposed to be at the bleeding edge of development
Re: (Score:2)
I don't really like Firefox-3.x because of the way it is being developed which is starting to look like feature creep is going to bloat it up
What is it you see as the bloat problem in Firefox? Is it memory usage? Keeping the graphical interface clean is all that really matters, as I see it. I use Firefox 3 and I'm not shying away from add-ons (as long as they don't clutter the interface) and yet my browser window contains almost nothing but this Slashdot page we are at.
Top: Menu bar, back and forward buttons, address field, throbber. All on a single row. (No need for a search box when you can use keywords in the address field.)
Right: Scroll ba
Boring "security" (Score:4, Interesting)
- encryption
- steganography
- signatures
- passwords and
- access control lists.
That is cool maths and tech. Stuff that matters. How disappointed I get when the "security researchers" write about, not interesting security measures, but just how the security is implemented. Boring, that's sociology! Making sure your users use secure software is important and all, but it's not something I want to read about on Slashdot. I want my old geeky Slashdot back!
Re: (Score:2)
How disappointed I get when the "security researchers" write about, not interesting security measures, but just how the security is implemented.
Even geeks need a day job--and many of us work in the industry, where we work with users on a daily basis. Users who don't, won't, or can't upgrade. Users who, more often than not, wouldn't know 'security" if it bit them on the ass.
All the geeky toys, cool maths, and security algorithms in the works don't make a damn bit of difference if users don't, won't, or can't use them.
Tired of "latest and greatest" (Score:2)
At home, I have no reason to jump to FF3. FF2 works fine for me. And it's still getting security fixes, so I'm not worried about malware.
At work, it's not my choice. I have to use IE6, but frankly I like IE6 better than IE7 anyway.
If it works? (Score:2, Insightful)
Conclusions? The (not actually) hidden message? (Score:2, Insightful)
I tried (Score:2)
I'm using Kubuntu Gutsy Gibbon and it apparently does not have anything past 3.0 alphaB in the repository and FF own auto update feature is grayed out (2.0.0.14) - Haven't got around to downloading the tarbell... wait a minute, auto update will give me 2.0.0.16.
I am not going to upgrade to Fire Fox 3 (Score:3, Insightful)
Upgrades are not free (Score:2, Insightful)
"Internet" is my pet peeve (Score:2)
Opera users have upgraded, then reverted to 9.27 (Score:3, Insightful)
Why do I still run IE6? (Score:2)
unlike the rest of the world, I LIKE typing in
"my computer" and not having a new window pop open.
I understand the differences about where I am navigating to when I type in //google.com
\\servername\ or \\localpc\ or \\remotepc\ I'm vpn connected to or
'control panel' or 'network connections'
or whatever, and still be working in the same damn window..
the whole 'new window based on name' thing drives me up the fraking wall..
latest major version of their preferred web browse (Score:2)
latest major version of their preferred web browser
This is not always bad. If they had said latest minor version, I'd be more concerned. Example: FF2 and FF3: both keep getting security patches (at least until this December).
It depends on the browser. (Score:5, Interesting)
Within days after the release of Firefox 3, over 40% of my visitors
had switched to it. Another ~50% use the newest 2.0.x version.
Conclusion:
It makes a huge difference if the user is aware of existing choices and has
actively chosen a certain browser (i.e. installed something other than the default).
Also, Firefox' autoupdate mechanism works very well.
I cannot say anything about IE users - they make for less than 0,2% of my hits
Also, I don't claim to have representative numbers for the "general Mozilla crowd",
as my target audience are the more tech-savvy.
No kidding? (Score:2)
I've been setting up a traffic statistics server (AWStats, if you're interested), and I'm seeing traffic from Netscape 4, Firefox 0.10.0 (zero ten zero, not a typo), IE 3.02.
hmm, let's see... (Score:5, Funny)
in a manner of speaking.
Wait for native video/audio support... (Score:3, Interesting)
Corporate users (Score:4, Informative)
Re:What do you expect? (Score:4, Insightful)
Re: (Score:2)
"I can't understand why people don't update."
Maybe they see no reason to. I upgraded to Firefox 3 because of the smaller memory footprint. If it wasn't for that, I wouldn't have bothered. I upgraded to IE7 for tabbed browsing. I'm not going to update a stable system just for the heck of it. I've been burned too many times before from "updates" to just update everything for the sake of updating. I can see why someone who is not at all interested in the obvious things IE7 brings to the table might still
Re: (Score:2)
MS has done some incredibly stupid things besides that, like pulling Windows Defender from Win2000 after the beta expired. It's a security tool, for God's sake! Why the hell would you yank something like that from an OS after you've already made it available? If you don't want to update it for that OS anymore, fine, but don't throw an expiring beta out there, then, when the final version is released, pull support for a major OS just to force people to upgrade to XP. Greedy idiotic bastards!
But back to u
Dubious upgrades. (Score:2)
Aside from when MS thought it was a great idea to lock you out of IE7 unless you had genuine Windows, I can't understand why people don't update.
Two big reasons that have nothing to do with laziness:
1. Because updates carry a bigger perceived risk than not updating.
2. Because updates are used to force changes they don't want on them.
There are good arguments you can use to convince people they're mistaken about #1, but there's not much you can do about #2 if you're not Microsoft. And I guess Microsoft sees t
Re: (Score:2)
Re: (Score:3, Informative)
Suggestions have also been made to inform users that their browser is out of date.
Why? I know I run an out-of-date browser (FF1.5), and just don't care.
Well, you should [mozilla.org].
Most of those issues are present in earlier versions as well, as stated on the vulnerabilities page for 1.5
Have a look at http://www.mozilla.org/security/known-vulnerabilities/ [mozilla.org] - and have fun browsing on with your sieve.
Re: (Score:3, Insightful)
...and when Firefox 5 is out, people will say the same about Firefox 3 users. "OMG security vulnerabilities have fun browsing on your sieve."
People said the same thing about 1 vs 1.5 as well. You HAVE to upgrade to 1.5 because it's the secure version and it doesn't have all those security holes.
What's the difference?
Is that a serious question?
Did you look at the links I gave?
Time is the difference. Those lists list known vulnerabilities. They are in those versions of Firefox, and some are actively exploited by malicious websites, right now.
Those lists get longer with time due to exposure of the software to a curious public. I can guarantee you that a lot of the unknown vulnerabilities in Firefox 3 will have become
very well known ones by the time Firefox 5 will be out.
Join the TNAA!!! (Score:3, Insightful)
Do you hate twitter? Do you loath Slashdot? Are you a total fuckwad? Then join the Twitter Negation Association of America (TNAA) and help ruin Slashdot. How does it work? Easy:
The point is to increase noise to signal ratios. Join toda