Lets just hope they learned from Netscape's "hidden" security fixes.
Come clean when one is found and post a security patch, don't create a minor version. Believe it or not, most normal users DON'T come to SecurityFocus to get the latest buzz on problems.
At least Microsoft will, after getting to it, say they have a security flaw and the browser requires a patch. Netscape just called it a version upgrade.
Tell a user there is a minor version upgrade and more than likely you'll hear "Why should I upgrade? What I'm using is just fine. I don't want to go through all that again." I know folks who are STILL using Netscape 4.0 because they don't need all that "new stuff" (patches included).
Tell a normal user there is a hole the size of the Grand Canyon in your browser's security and they will more than likely install (not everyone though, heh heh).
That was, for me, one of the big things that turned me off of Netscape -- Their inability to admit to the general world they had security flaws in fear they would become no better than...shiver...Microsoft.
Come clean when one is found and post a security patch, don't create a minor version. Believe it or not, most normal users DON'T come to SecurityFocus to get the latest buzz on problems.
At least Microsoft will, after getting to it, say they have a security flaw and the browser requires a patch. Netscape just called it a version upgrade.
Tell a user there is a minor version upgrade and more than likely you'll hear "Why should I upgrade? What I'm using is just fine. I don't want to go through all that again." I know folks who are STILL using Netscape 4.0 because they don't need all that "new stuff" (patches included).
Tell a normal user there is a hole the size of the Grand Canyon in your browser's security and they will more than likely install (not everyone though, heh heh).
That was, for me, one of the big things that turned me off of Netscape -- Their inability to admit to the general world they had security flaws in fear they would become no better than...shiver...Microsoft.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/769/2534#2534