Email in the draft folder of every IT person in the country
“Dear IRS/HP/DOJ/GM/etc employee,
As of April 23, 2014, it is this institution’s policy that employees are prohibited from using Internet Explorer (IE) while at work. You can still use IE at home for personal browsing, although we would have to reevaluate your basic intelligence if we discover you are doing so.
You may use alternative browsers, such as Firefox, Chrome, Opera, or Safari. Heck, you can even use carrier pigeons or shout messages out the window, JUST DON’T USE INTERNET EXPLORER!
Thank you.
Sincerely,
The IT Guy
(the person that everyone is always yelling at)
If this email had gone out, it could have heralded major changes in the way that people use computers. Not only would Internet Explorer have been dealt a potentially mortal blow, but enterprises and end-users everywhere would have seriously reevaluated their relationship with Windows OS.
Why something that didn’t happen is big news
As you may know by now, vulnerability was discovered in Internet Explorer (IE). Contrary to its past behavior, Microsoft publicly announced its existence, found a fix quicker than anyone expected, and even more astonishing, will send patches to XP users. Let’s look at each of these actions.
For once, Microsoft revealed a security threat in a timely fashion, sort of
You can read thousands of articles describing Microsoft, and never find the sentence, “Microsoft announces security flaws to the public in a prompt manner.” So, security professionals greeted the unveiling of “Microsoft Security Advisory ” with surprise and delight.
Still, this wasn’t a complete reversal of Microsoft’s traditional reticence; the announcement was clearly not written for the average end-user. The mitigating measures were described in relatively opaque technical jargon.
It was the US and English Computer Emergency Readiness Teams (CERT) that publicized the security flaw. They were the ones who issued an advisory warning people not to use IE. Wikipedia has a nice summary describing this DARPA-created division of the Department of Homeland Security.
How big a problem was this security flaw?
The problem is worse than you think
John Stewart quipped that the Internet Explorer is a problem for people “in the 1990s.” Really, who uses Internet Explorer anymore?
Only about 58% of all desktop users (48% of all worldwide users). I am sure that Stewart’s snide comment made him seem like he was in tune with his hip, young, tech-savvy demographic, but he ignored the persistence of legacy technology.
Two quotes come to mind here. Appropriate is William Gibson’s “The future is already here — it’s just not very evenly distributed.” I actually prefer William Faulkner’s “The past is never dead. It’s not even past.”
It’s not only worse than you think, it’s even worse than that
However, the continued widespread use of IE is only part of the story. Remember the fanfare awhile back that greeted Microsoft’s announcement for cessation of support for Window’s XP? Peter Bright, technology editor of Arstechnica, predicted problems for users of Internet Explorer.
Microsoft’s policy was that if you’re not getting security support for your Windows XP OS, you’re not getting security support for your Internet Explorer browser. That means no security patch for an estimated 29% of the OS market that still uses XP. As Peter Bright wrote, “Exploitation of these people is inevitable, and it’s hard to see this ending well.”
Now that you know that it’s worse than you thought it was, guess what? it’s even worse than that
As you go through your day, smugly using Firefox or Chrome, you can from you lofty technologically sophisticated perch, feel nothing but pity for those poor fools still using the outdated, vulnerable IE. After all, it’s not going to affect you, right? Wrong.
Institutions such as the National Security Agency and Google hire hoards of bright, shiny Phds, who would no more use IE than they would a modem. However, other organizations, such as IRS, Department of Justice, and many multinationals are inhabited by ordinary folks, whose computer interaction is primarily at work. They are powerfully motivated not to change anything. They use XP and IE, because they always have. As recently as 2011, IE accounted for 53.3% of enterprise web use.
Try being smug when you discover your IRS refund went to an unknown, untraceable off-shore bank account.
What do we want? The future! When do we want it? Not now!
Presumably the above scenario will never happen. Microsoft’s stunning reversal to support IE for XP apparently means that its venerable browser is safe to use.
What would have happened if Microsoft had stuck to their guns and refused to support XP? End-users and enterprises across the land would have decided that IE is simply too risky to use. Even if you are not an XP user, why take chances on a browser that may not be supported in the future, when there are secure, free alternatives?
IT personnel would have written some version of the email that appeared at the beginning this article. IE would have been forbidden on any platform. Microsoft’s lack of dedication in providing security support would hurt all of its products.
Microsoft’s failed gambit to refuse support for XP reflects a desperate attempt to hold on to a failing business model. New products are the most profitable, so Microsoft and every high-tech company in the world are pushing innovations as often as possible.
While constant innovation represents a great revenue stream for the product producers, it generates stress for everyone else. Solutions are rendered obsolete by the time they reach end-users. Parts from relatively new products are impossible to get. Probably, the best example of this is the Department of Defense, whose notoriously inefficient procurement process is severely hindered by the furious rate of change.
People are sick of buying new computers when the old one works perfectly fine. This is especially true, now that software and OS are often updated without major hardware changes.
The popularity of tablets contributed to the decline of laptop and desktop sales, but the desire to avoid unnecessary change may actually be dominant cause. In my article, Why the future may not be a big deal in 2013, I term this kind of future shock as “innovation exhaustion.”
Indeed, we here at AMREL, are very conscious of this problem. While we are always updating our technology, we emphasize our lengthy support for past platforms (at least 5 years after End of Life, if not longer).
By not supporting XP, Microsoft tried to force the future on us. In the last few days, it dawned on its executives that this tactic could have injured them seriously, maybe even mortally, in the enterprise desktop market, which now constitutes one of their strongest market shares. If even Microsoft gets the message, maybe the future will not be so fast after all.
