Even if it's a smooth migration to a current release, it doesn't have 15 years of perfect history behind it.
And that's when you can migrate. There are plenty of control systems for devices that cost $millions that were bought decades ago that just need to keep working. You don't have source. The vendor went out of business with the dot-com bubble.
Yeah, we probably could replace all the things, but at what cost? Will it beat the last 15 years of perfect uptime? Are you the buy willing to stake your job on it? Or shall we just paper over the cracks and keep shovelling coal into that server in the corner?
Edit: I'm describing worst-case scenarios in specific use-cases but even if there isn't a good reason to stay behind, the feeling of "why fix what ain't broke?" is pervasive in management, especially IT management. Maybe it's a generational thing and we'll see waves on waves of upgrades in the next decade or two but I'm fairly sure that'll just lead to another generation of "make do"ers.
Because it will break eventually. That decrepit PC full of metal dust running XP that controls this here multimillion CNC mill will, given enough time, fail. Some part or other will fail, and eventually you won't be able to find new parts anymore that work with it. Granted, for an XP PC it's far in the future but still.
Besides, a Win 3.11 or XP PC won't have a 15 year uptime, it will probably have a sticker on it reminding users to reboot it daily.
The same argument that corporate world doesn't allow Python 3 or has a hard time to migrate to Python 3 because machines are running on some ancient RHEL servers or because of some security requirement. I get it and I don't get it. First, let's ditch RHLE. Fuck that. I really don't see reason to use RHLE; fine, YMMV. But it is people's job to do work. Some pieces can die, and some pieces will have to evolve, either from scratch, or slowly. No one said software development and operation support are easy, see https://pbs.twimg.com/media/CWC74tOVAAAsls0.jpg:large.
Our entire ethos is that software is never finished.
Why should I as a user be forced to upgrade from a system which does it's job just fine only because the system's manufacturer decides that they don't want to spend any more resources on patching up errors in this system? Having bought the system, shouldn't I have gotten a product that is reasonably secure in the first place? How do I know that the new shiny replacement system doesn't introduce new problems which take years until they are discovered and could be much worse than the old system where already a lot of work has gone into fixing bugs?
I bet the real reasons are much more mundane. I've seen several times where updating a single tool in game production teams takes years, because the 'time is never right', the update can't be done incrementally, and the production can't afford to switch the whole team over and risk weeks of instability and bug-hunting because unexpected bugs crop up that didn't manifest in small-scale tests.
Basically: never change a running system :)
You aren't forced. But you will be exploited for it, any security vulnerability will destroy your entire operation, and your customers should distrust you for being so stupid.
Its not that you made a mistake trying to keep the system running. Your mistake was using a proprietary foundation with no commitment from the provider it will be supported forever. So of course you have no option when the rug is pulled out from under you - but that was your mistake. If you were built on top of Linux 2.4 like the superposter said, you could just pay the developer costs to maintain it yourself.
Because by choosing that system in the first place you implicitly chose to tie yourself closely to their support. Both the buyer and the seller have a responsibility to plan for following these support decisions. Scenarios like this should inform future purchase decisions, including whether or not to buy again from the company who failed to keep up.
For example look at speedtest.com in a windows browser, when you really meant speedtest.net ... This is only a single example, it happens and bad people are out there.
Plenty of hardware components that can probably keep running for a long time without maintenance, but you wouldn't do that would you?
Can you understand the concept of people being too poor to ever upgrade? Can you understand the concept of people who live in places where up-to-date technology is hard to get? (see Cloudflare's recent SHA1 deprecation post: https://blog.cloudflare.com/sha-1-deprecation-no-browser-lef... )
And before you say "there's Linux that's free", the idea of Linux being free if you don't value your time is absolutely applicable to these people. They perceive their time as having more important uses than acquiring and learning different software.
I mourn those stuck on XP, destined to be exploited for eternity by the thousands of malware payloads targeting them now, but you are right in nothing can be done about them really. But the real injustice is every person without the time to learn new systems (and that is a barrier on Windows and Linux - try switching someone from XP to 10 and it as massive a leap, or even more massive, than going from XP to Lubuntu).
This strikes me more as management and economic policy issues within the organization of why waste money for something they might not appreciate or see the necessity of.
It is entirely possible to implement a "working" system that will require Herculean efforts to make the slightest change: a system that will collapse in on itself entirely if anything is touched anywhere else. And if you already spent a lot of money to get this far, you may assume a lot more is required to patch it.
Sadly, although we as an industry do know how to build hardened systems that are a lot more likely to adapt with the times and provide stable operation, people outside of the software industry really don't seem to know the difference. And if better software comes at a premium up front, cheap organizations may always pick the lower bid because they're thinking of software like an office chair and not a bridge that's holding up a road.
Well beside its actual expiry (which seems to be 2020), people STILL use XP with an ancient versions of IE6 and IE7. Many Vista users stick on IE7.
So calm yourself and put flexbox back down. You've got a few years before that's supported enough.
If they are corporate users, I would be about now announcing that as Micirosft are EOL'img these IE versions only IE 11 and upwards will be supported. I'd probably give a grace period of 3 months officially, and depending on which can clients are affected I'd possibly give them 4-5 months to upgrade.
The reason why is that the fixed cost of a business are that: fixed. The profit is usually over-represented in the last few percentage points of the people using the service or buying the products so if you lop off some arbitrary percentage at the top that 15% of your users might be 80% of your profits. That's a very quick way to die.
It's pretty clear you're not a developer (or wouldn't be for long).
There are two really bad decisions here:
1) You are driving away up to 15% of people who actually use your product. How much would you spend to acquire that many active users? It's easier to keep existing users than acquire new users.
2) Sending users through a ticket system for errors you could have prevented with a simple warning is a bad experience for them and far more work for you. And most users will silently disappear instead.
Are you really willing to take a 10% hit on sales?
You can announce EOLs until the cows come home (Microsoft has and look how well it has done them). If your product stops working, they'll complain at you and then cancel their contract and find another provider who will support them.
I'm speaking from a gruelling 15 years experience developing enterprise SaaS. We've only just dropped IE6. It'll be years before IE8 goes away.
> I would NOT warn the end users about needing to upgrade
People using your product are discussing it on review sites, on social media, with friends/family, etc.. If you silently give some of them a broken product, a few will contact support; but I imagine most will assume your product is just low quality. So that's the word they'll spread.
For corporate users: well, you'd need to talk with your customers. They might be facing a seriously expensive upgrade process, and could be extremely unhappy to hear you're setting an arbitrary deadline for them.
So, you'd succeed in angering a lot of customers. Much better to try and inform all of your customers (not just corporate) of the upcoming changes, and provide support materials for them to follow while giving them a reasonable timeframe to do so.
There are lots of intermediate steps like warning about an inferior experience, but at this point it's necessary to test most websites on at least a few versions of IE9.
I've found that using react I've had very easy compatibility with older IE, etc. The only thing I've had to do is install a polyfill or two.
It's your computer, you should be able to to run whatever software you like.
A reminder to upgrade, OK, that's fine. But actually disabling? You go too far.
I don't want to be overly negative, though. I foresee a future in which there is a split between completely walled gardens and completely open systems, so those who really want the latter will still be catered for.
If you want this kind of choice, the only way is free and open source software. That's the reality, and it's been that way for a very long time, just read the EULA. It isn't yours. They're not doing things "to you" by preventing it from working, they're protecting themselves. Free software could decline to work by default, with something like an about:config opt out feature. That's because free software belongs to everyone.
Next, hardware. Apple, the most among all the companies making hardware, explicitly reserves the right to modify the hardware after sale. There is in effect a hardware EULA. Your rights are fairly limited to turning it off or disposing of the phone. You don't have a right to modify it, you don't have a right to jail break it, you don't have a right to run software that Apple doesn't, through its license that you've agreed to, approve of. Not only is the software not yours, there is tacit residual hardware right reserved by Apple. I don't like it, you don't have to like it, that's how the agreement effectively works though. So if you really don't like it, then you shouldn't buy those kinds of products.
Android, it's fairly similar license wise, but there is at least in most implementations the option to enable 3rd party software installation. So you could install some ancient unpatched web browser if that's what you wanted to do. And of course Cyanogenmod and other free OS's you have a lot more control because the software is yours by virtue of you having possession of it. You have a legal right to modify it if you don't like how it behaves.
"Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical supports and security updates."
The latest Internet Explorer version that runs on Windows Vista is Internet Explorer 9. So there will still be users using that... Windows Vista will have security updates till 2020.
https://support.microsoft.com/en-us/lifecycle#gp/Microsoft-I...
This isn't true. Windows Vista EOL is April 11, 2017. See http://windows.microsoft.com/en-us/windows/lifecycle What makes you think it is 2020?
They seem to be the only one that actually has versions, and [security] updates within a version.
Instead just have a single browser (instead of 5 or more counting from IE6) and any update increments the version. Both Firefox and Chrome work this way.
They would have to allow installing the latest version of IE on any machine all the way back to XP, but there is no reason they can't do that. They just don't want to.
I know they hope people will upgrade the Windows version - but has that ever happened? Has someone ever upgraded Windows just to get a new browser? I highly doubt it, that's not why people upgrade the OS.
So just give it up, let any version of IE run on any version of Windows and stop making developers (and users) crazy.
I do some work with various embedded extension APIs in different office and collaboration tools, and it's quite a mess trying to figure out what those web browsers actually are
This is a strategy tax, for a strategy that stopped being reasonable a decade ago. Numerous alternate browsers have had no problems competing with an "integrated" IE, for many years now. The DOJ case was settled by a completely different set of executives, so the current bunch don't have to pretend that OS integration is somehow vital to the function of a browser. Someone should draft a memo to the browser department: that stupid shit you were supposed to do 15 years ago? stop doing that. An organization that continues with such a farce for so many years is puzzling.
They could do the equivalent of static linking and include the necessary components in the browser instead of the OS.
That's more or less what the Utilu IE Collection does I think.
I work for a major European corporation and I am also stuck on XP. We don't exactly have the best in class IT dept (despite claims by a senior IT guy that we have more developpers than google and facebook together... we don't really have much to show for it).
I never understood why users stuck on XP don't just install a different browser (Chrome or Firefox). You don't have to use IE, especially not in the version is so old it barely works with modern sites.
That's probably why you can't get anything done (Mythical Man-Month passim)
Chrome should spawns less processes (hold some more tabs in one process). IE spawns less processes than Chrome and therefor is less of a memory hog.
Firefox finally needs a proper multi-process implementation. Even the latest Developer edition just uses two processes (firefox.exe and plugin-container.exe) - I just tried it again with a new profile. Good luck keeping 100 tabs open (with "open" I mean "in memory"). If one tab crashes... you switch back to IE/Chrome. In the current state Firefox is great for development, but not for my daily web usage.
I only wrote about it would be great if you could configure Chrome's process spawning logic. IE does it in an more intelligent way to consume less memory by spawning a bit less processes (a trade off, as if one tab crashes more tabs have to be reloaded). But giving a power user (who have 100+ tabs open) a choice would be great.
This seems to be a common refrain here. It's missing an important caveat: "unless supporting those browsers costs more than the customers are worth". Supporting ancient IEs means things like: avoiding features that can't be polyfilled, providing XP images for CI, debugging IE issues, etc. None of these happen for free.
Even the most conservative CIO will have a hard time justifying not upgrading at this point.
- 1% of traffic is still significant for most businesses.
- Consistency/Training/Hiring. Everyone that has ever written JavaScript has learnt jQuery. Some people don't even "know" JavaScript, they "know" jQuery (I say this as a testament to jQuery, not as a detriment to these developers. jQuery is all they have needed, why know anything else?)
- jQuery has so many plugins/frameworks that depend on it. Bootstrap alone gives it a ton of utility. Backbone/Ember are extremely tied to jQuery (or "clones").
- While ofcourse plugins/frameworks can be rewritten to exclude the jQuery dependency. jQuery is provenly stable. You would need significant counter inertia to rock the boat. At that point, why rock the boat? No one ever got fired for using jQuery: huge utility.
- Ergonomics. AJAX, Animations, Custom Events would all need custom wrappers / util libraries
- Forward compatibility. If you use jQuery today, all you'll have to do is upgrade the version of jQuery and you're using the latest and greatest browser internals (when appropriate) but no change to your API (mostly)
And I'm sure I'm missing a couple.
P.S. Before anyone starts, there are tons of good reasons to not use jQuery. Are the reasons to drop jQuery greater than the reasons to keep it? I don't really care. That is for individuals/teams to decide. I am just answering the parent's implicit question: "Is there utility to jQuery beyond legacy browser support?"
There have been attack vectors since, but that is true of every platform, and since Windows 7 in particular, most of them have been from third party software.
It's not the new sites which are already fancy webapps, the ones doing new things that would be nearly impossible in older browsers and require the very latest browser versions that I'm concerned about; it's the sites that cater to a mass audience like news, webmail, search engines ( https://news.ycombinator.com/item?id=8254743 ), and other valuable repositories of information which are most at risk of being "appified" and making the Internet less accessible overall.
Related article: http://www.quirksmode.org/blog/archives/2015/07/stop_pushing...
...and discussion: https://news.ycombinator.com/item?id=9961613
IE10 and below have two modes. "Browser" mode, which means the IE10, IE9, IE8, IE7 rendering engines. "Document" mode which means the engine treating the page like it was meant for IE9, IE8, IE7 etc. Or so it says.
Confused? Take a look at this chart:
https://i-msdn.sec.s-msft.com/dynimg/IC780294.jpg
More confused? So was and am I. I don't fully understand document mode and I suspect Microsoft doesn't either. Likely the reason they deprecated the moment Windows 10 came out[1]
So what's the problem? Well, even though a web page would render fine in IE9, IE9 could look at it, take issue with your markup, and then, surprise! Your user sees it like it's IE7... using the IE9 rendering engine.
For most web developers that needed to support IE, you basically always needed to insert a <meta> tag with a value of X-UA-Compatible in the <head> of your page. It forces the latest document mode, i.e., "treat this page like a modern page and render it without being stupid." 99% of the time this is what you want. 1% of the time (the need for document mode) is when a page was so reliant on older browser quirks that it needs to be treated as an IE7 page.
Cool, that's all we need right?
Enter oracle.com. In all versions of IE9, there is a hidden, built in compatibility mapping which will always force a certain document mode[2]. So even if your little page brings with it a valid meta tag and uses completely valid markup, IE9 will take look at its name on its blacklist, smile, pat your page on the head, and then shove it the trash compactor.
Smash. So IE9 forces a terrible document mode upon all pages on oracle.com and several other domains mode and Microsoft, to this days, says just about nothing about the hidden blacklist in their documentation. The only way I found this out was by searching "oracle.com" in all of IE9's source code, whereupon I found the responsible XML file, the blacklist.
So what's the solution?
Well, after some hair loss, I discovered the solution is to bring the X-UA-Compatible OUTSIDE of the <head> tag and put it right above the HTML one. In complete contrivance to everything Microsoft said in its documentation, and also normal browser logic.
... That, kids, is why IE9 and below needs to die.
[1]https://msdn.microsoft.com/en-us/library/dn384051(v=vs.85).a...
