Upgrade, Upgrade, Upgrade

Be more secure! Upgrade today.

Want better functionality? Upgrade today.

Save a developer! Upgrade today.

The save a developer thing is the impetus for this post.

The upgrade today mantra annoys me.

  1. Software rarely spends enough time in alpha and beta cycles to to identify all the issues.
  2. People have been so burned by using software in alpha and beta cycles, they are hesitant to try upgrades and help determine the issues.
  3. This lack of attention to the problems ensure, versions 1.0, 2.0, n.0 typically have a ton of unknown problems or are even less secure at times.

Unfortunately, the vendor who makes the application platform we run, Blackboard, has a philosophy to look at new web browsers while they are in beta but not actually work towards fixes for the new browsers until after the products are released. With most releases of Java or supported web browsers (Internet Explorer or Mozilla Firefox), Blackboard heard the complaints by the early adopters and released within a couple months an update which resolved the reported issues.

The students and faculty members fail to understand the issue. I think I do. Blackboard (like WebCT prior) understands there are differences between beta and final. Some of us argue these differences are usually minor. However, this is all asking someone to predict the future which we know is haphazard at best.

Long alpha and beta cycles allow more users to get involved, give those back to the developers, have them fixed before the version release. Burning users with buggy software ensures their lack of faith.

Firefox Weirdness

Our Systems folks upgraded the code running Stats web site they let us use. This morning, was the first time I looked at it since the upgrade.

Naturally, it was not working for me. Figuring it was my Mozilla Firefox’s fault, I tried the same web page in Flock. (Firefox with some other apps but none of Add-Ons, formerly the Extensions really plug-ins, I use in Firefox.) Flock showed it fine, so I “knew” one of three Add-Ons Extensions had to be the culprit: Greasemonkey, NoScript, or FasterFox. I disabled all three and found the site worked as it should. So I enabled each in turn. The site still works.

Enabling one of the three should have rebroken the web site. That this failed to happen could mean:

  1. Add-Ons Extensions did not break it. Something out of my control did.
  2. Add-Ons Extensions did not break it. Something I don’t remember changing did.
  3. Disabling and enabling Add-Ons Extensions changes their configuration and their impact on pages.

Annoying.

Mozilla Prism Self-Signed SSL Issue

I have been looking to use Prism. A gotcha I hit was it balked at any site using a self-signed SSL certificate. A recommendation was to copy the cert8.db file from a Firefox  profile to a Prism profile. This actually worked.

Locating it is a bit of a pain in the ass on Windows. It is in what would be a hidden folder, so some layers have to be opened up just to get to it. Copy from <user>/Application Data/Mozilla/profiles/default  to <user>/Application Data/Prism/default.

Excellent. Now it is a fair evaluation.

Netscape to Die… Finally!

Just posted an internal email about what we ought to do about the End-of-Service announcement for Netscape. Usage of Netscape browsers has plummet even as Firefox as increased. Its finally hit the floor such that even AOL has given up on it. Why did they make NN 9? A snapshot of its use relative to total hits for the past ~30.5 days at two of the sites we run:

                   CVIEW             OVIEW
  Browser       Hits     %        Hits    %
  Netscape 7  108,739  0.18%    186,105  0.22%
   -- Mac       6,319  0.01%     33,249  0.04%
  Netscape 8   56,655  0.09%     85,817  0.10%
  Netscape 9        0  0.00%          0  0.00%

My first web browser was Netscape 1. Every version up to Netscape 7.0 was at one time my primary web browser until I switched finally to Mozilla Firefox in 2004. Browser crashes are not unknown in testing, so to loose my place with other stuff (wikis, notes, documentation) frustrates even myself, so I still use NN7.2 for testing.

There hasn’t been an update to NN 7.2 in 3 years, so EOS doesn’t really mean anything to those using it still. So, I don’t expect anyone to do anything. I haven’t heard demands that we provide support for NN8, so I doubt NN7 will be much different.

Too bad, it came in with a whimper and will go out with a whimper.

Live HTTP Headers Equivalent for IE

UPDATED: The below content is outdated due to being ancient. This post will stick around to help people get to the new version: Live HTTP Headers Equivalent for IE or Edge 2016



I looove the Live HTTP Headers extension for Firefox. (Yes, I will marry it some day.) It works beautifully and always gives me what I want.

So we have this issue of people experiencing an issue of downloading office files from Vista. From the conversation we know the problem occurs with:

  1. Microsoft Windows XP and Vista
  2. Microsoft Internet Explorer 6 and 7
  3. Microsoft Office 2007 and maybe 2003

So Firefox is unaffected and behaves as expected (a Microsoft Engineer told us because Firefox is less secure?). The Live HTTP Headers will not help diagnose because Firefox works. Oh… And the solution of “Use Firefox” has been rejected by the affected parties. So, we need an equivalent for MS IE to get our users to install.

There are a couple equivalents for Live HTTP Headers for Internet Explorer:

  1. iehttpheaders has major issues with anti-virus software. I’ve never gotten iehttpheaders to install and or run with McAfee installed (even disabled). I don’t know market share of anti-virus vendors, but I’d bet McAfee is pretty common.
  2. IEWatch is more for web designers and gives way more info than just the headers because it has a broader purpose. Plus its not free. I don’t feel comfortable telling people to install something they are going to have to eventually buy even if they only need it for a couple days.

I don’t think either will meet my needs. 🙁

One of the reasons I want the headers is because I am biased. I trust what the browsers say more than I trust end user recollections. Probably its because I read web logs too much.

WebRunner

Linux.com :: Mozilla begets WebRunner, a site-specific browser:

Nowadays, people are turning to Web-based applications as replacements for desktop applications. Web-based office suites, mail clients, multimedia apps, and general productivity tools are all extremely useful now, but standard Web browsers aren’t always the best option for running applications. To provide a more suitable tool for Web-based apps, Mozilla Platform Evangelist Mark Finkle has been working on WebRunner, a site-specific browser (SSB) that’s designed to work exclusively with one application at a time. It’s not finished yet, but it’s already showing promise.

Blackboard, Inc. Are you reading? 😀 This could be the magic bullet you need for a fully functional section archive outside of the true Vista application!

Ready to Switch?

I was disappointed the only IE competitor mentioned was Firefox. Opera, Safari, and Netscape are well known enough that it would behoove a more balanced view to mention them as well.

My only use of IE lately is replicating a user problem I can’t replicate in Firefox and the very, very infrequent case a web site site doesn’t work in Firefox or Netscape. 🙁 Quite frankly, it scares me to surf with IE. Of course, I am the person my friends call about cleaning up their computer when it runs slow because it is a computer virus, spyware, and adware infested mess. So my fears are based on the horror of cleaning up the after effects of using IE.

Internet Explorer Unsafe for 284 Days in 2006 – Security Fix

For a total 284 days in 2006 (or more than nine months out of the year), exploit code for known, unpatched critical flaws in pre-IE7 versions of the browser was publicly available on the Internet. Likewise, there were at least 98 days last year in which no software fixes from Microsoft were available to fix IE flaws that criminals were actively using to steal personal and financial data from users.

In a total of ten cases last year, instructions detailing how to leverage “critical” vulnerabilities in IE were published online before Microsoft had a patch to fix them.

Microsoft labels software vulnerabilities “critical” — its most severe rating — if the flaws could be exploited to criminal advantage
without any action on the part of the user, or by merely convincing an IE user to click on a link, visit a malicious Web site, or open a
specially crafted e-mail or e-mail attachment.

The small mention of competitors:

In contrast, Internet Explorer’s closest competitor in terms of market share — Mozilla’s Firefox browser — experienced a single period lasting just nine days last year in which exploit code for a serious security hole was posted online before Mozilla shipped a patch to remedy the problem.

Technorati Tags: , , , , , , , ,

I Accept!

AOL Founder Says He is ‘Sorry’ for Time Warner Merger:

Steve Case, co-founder of the one-time biggest online service AOL, apologized for the company’s merger with media conglomerate Time Warner Inc. in an interview with journalist Charlie Rose.

You killed Netscape and WinAmp! Though, I must admit, the downward trajectory of Netscape made it so bad that I find Mozilla (the current one) 10x better.

Moz Outside Looking In

Yeah, this one is a royal pain. Mozilla removes support for older versions of their browser six months after the new one went into production. Open source is nimble. Proprietary companies are inflexible. Sounds like its time to go after nimble applications?

Why Mozilla still hasn’t cracked the enterprise | May 24, 2006 07:12 PM | By Matt Asay

[A] hurdle Firefox must overcome is the “heartbreakingly slow” process many enterprises go through to certify the use of a tool as critical as a Web browser, according to Baker.