Prompted update from 3.0 to 4.0?

classic Classic list List threaded Threaded
114 messages Options
1234 ... 6
Reply | Threaded
Open this post in threaded view
|

Prompted update from 3.0 to 4.0?

Henri Sivonen
Yesterday, I observed a case where a person was stating his preference
for Chrome while showing a screenshot that had the old Firefox icon. The
new icon debuted all the way back in Firefox 3.5, so he had to have
Firefox 3.0.x (or earlier).

This together with the observation that Firefox 3.0.x still has millions
of active daily users inspires me to ask:

Will Firefox 4.0.1 be offered as a prompted update to Firefox 3.0.x
users who are using a compatible OS (even if they have previously
declined 3.5 and 3.6)?

It would be sad if the remaining 3.0.x users either continued using an
unpatched browser or switched to competing browsers instead of keeping
Firefox up-to-date.

--
Henri Sivonen
[hidden email]
http://hsivonen.iki.fi/

_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Amit-58
According to https://wiki.mozilla.org/Releases, a prompted update will be pushed may 3rd (the page only mention the 3.5 and 3.6 branches though..)

Amit
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Robert Kaiser
In reply to this post by Henri Sivonen
Henri Sivonen schrieb:
> Will Firefox 4.0.1 be offered as a prompted update to Firefox 3.0.x
> users who are using a compatible OS (even if they have previously
> declined 3.5 and 3.6)?

I think the current plan is 3.5 and 3.6 only, but you might be right
that it might make sense to try 3.0 one last time again - though I'm not
sure how much work that would be, both for releng as well as QA.

Robert Kaiser

--
Note that any statements of mine - no matter how passionate - are never
meant to be offensive but very often as food for thought or possible
arguments that we as a community needs answers to. And most of the time,
I even appreciate irony and fun! :)
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Christian Legnitto
The plan is to only do 3.6 and 3.5. Users on 3.0 have ignored the 3.6 prompt many times and QA's testing for 3.0 MUs are 100% manual. We might go back and do the 3.0 prompt if we have the resources but we aren't planning to do so currently.

Christian

On Apr 20, 2011, at 8:45 AM, Robert Kaiser wrote:

> Henri Sivonen schrieb:
>> Will Firefox 4.0.1 be offered as a prompted update to Firefox 3.0.x
>> users who are using a compatible OS (even if they have previously
>> declined 3.5 and 3.6)?
>
> I think the current plan is 3.5 and 3.6 only, but you might be right that it might make sense to try 3.0 one last time again - though I'm not sure how much work that would be, both for releng as well as QA.
>
> Robert Kaiser
>
> --
> Note that any statements of mine - no matter how passionate - are never meant to be offensive but very often as food for thought or possible arguments that we as a community needs answers to. And most of the time, I even appreciate irony and fun! :)
> _______________________________________________
> dev-planning mailing list
> [hidden email]
> https://lists.mozilla.org/listinfo/dev-planning

_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

David E. Ross-3
In reply to this post by Henri Sivonen
On 4/20/11 2:28 AM, Henri Sivonen wrote:

> Yesterday, I observed a case where a person was stating his preference
> for Chrome while showing a screenshot that had the old Firefox icon. The
> new icon debuted all the way back in Firefox 3.5, so he had to have
> Firefox 3.0.x (or earlier).
>
> This together with the observation that Firefox 3.0.x still has millions
> of active daily users inspires me to ask:
>
> Will Firefox 4.0.1 be offered as a prompted update to Firefox 3.0.x
> users who are using a compatible OS (even if they have previously
> declined 3.5 and 3.6)?
>
> It would be sad if the remaining 3.0.x users either continued using an
> unpatched browser or switched to competing browsers instead of keeping
> Firefox up-to-date.
>

Earlier this month, I did a two-week survey of user agents accessing a
sample of my Web pages.  Of identified Gecko-based browsers, 4.5% of
"hits" were from Gecko rv:1.8.x (Firefox 1.x or 2.x, SeaMonkey 1.x); and
2.7% were from Gecko rv:1.9.0.x (Firefox 3.0.x).  Thus, 7.2% of the
Gecko-based browsers were from Firefox version 3.0.x or earlier and from
SeaMonkey version 1.x.

I found it interesting that almost twice as many hits were from Firefox
1.x or 2.x and SeaMonkey 1.x than from Firefox 3.0.x.

--

David E. Ross
<http://www.rossde.com/>

On occasion, I might filter and ignore all newsgroup messages
posted through GoogleGroups via Google's G2/1.0 user agent
because of spam from that source.
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Asa Dotzler-2
In reply to this post by Robert Kaiser
On 4/20/2011 10:33 AM, Christian Legnitto wrote:
> The plan is to only do 3.6 and 3.5. Users on 3.0 have ignored the 3.6 prompt many times and QA's testing for 3.0 MUs are 100% manual. We might go back and do the 3.0 prompt if we have the resources but we aren't planning to do so currently.
>
> Christian

I think we should package up a 4.0.1 release as a mandatory security
update for Firefox 2.0.x and Firefox 3.0.x users. Nobody should be using
2.0.x or 3.0.x. They are horribly insecure, completely unsupported, are
almost assuredly going to be turned into spambots and are a threat to
the health of the Web and every other user of the Web.

- A
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

John O'Duinn
In reply to this post by Christian Legnitto
hi Henri;

Firefox3.0 users can still always do "help->CheckForUpdates" to get
updates. That was our 4th prompted major update to the FF3.0 users, and
remains in place since July2010.

Your friend is so far back, that depending on exactly what version of
Firefox, they may have to do "help->CheckForUpdates" a few times to
reach Firefox4.0. The important point here is that RelEng always makes
sure that users can update to the latest and greatest Firefox.

We do MUs for orphaned groups of users frequently - and as Christian
said, we can (read: will!) revisit who to re-prompt later. Even as far
back as FF2.0.0.x, we would scan back for large groups of users who are
still back on old, less-secure versions of FF1.5.0.x, and re-prompt them
to upgrade. For now, however, it makes more sense to focus scarce
resouces on getting the many more FF3.5, FF3.6 users upgraded to FF4.0.

Feel free to raise this again, if you are curious for status, but yes,
its on our recurring ToDo list.


tc
John.
=====
On 4/20/11 10:33 AM, Christian Legnitto wrote:

> The plan is to only do 3.6 and 3.5. Users on 3.0 have ignored the 3.6 prompt many times and QA's testing for 3.0 MUs are 100% manual. We might go back and do the 3.0 prompt if we have the resources but we aren't planning to do so currently.
>
> Christian
>
> On Apr 20, 2011, at 8:45 AM, Robert Kaiser wrote:
>
>> Henri Sivonen schrieb:
>>> Will Firefox 4.0.1 be offered as a prompted update to Firefox 3.0.x
>>> users who are using a compatible OS (even if they have previously
>>> declined 3.5 and 3.6)?
>>
>> I think the current plan is 3.5 and 3.6 only, but you might be right that it might make sense to try 3.0 one last time again - though I'm not sure how much work that would be, both for releng as well as QA.
>>
>> Robert Kaiser
>>
>> --
>> Note that any statements of mine - no matter how passionate - are never meant to be offensive but very often as food for thought or possible arguments that we as a community needs answers to. And most of the time, I even appreciate irony and fun! :)
>> _______________________________________________
>> dev-planning mailing list
>> [hidden email]
>> https://lists.mozilla.org/listinfo/dev-planning
>
> _______________________________________________
> dev-planning mailing list
> [hidden email]
> https://lists.mozilla.org/listinfo/dev-planning
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Kyle Huey-2
In reply to this post by David E. Ross-3
On Wed, Apr 20, 2011 at 3:04 PM, David E. Ross <[hidden email]>wrote:

> On 4/20/11 2:28 AM, Henri Sivonen wrote:
> > Yesterday, I observed a case where a person was stating his preference
> > for Chrome while showing a screenshot that had the old Firefox icon. The
> > new icon debuted all the way back in Firefox 3.5, so he had to have
> > Firefox 3.0.x (or earlier).
> >
> > This together with the observation that Firefox 3.0.x still has millions
> > of active daily users inspires me to ask:
> >
> > Will Firefox 4.0.1 be offered as a prompted update to Firefox 3.0.x
> > users who are using a compatible OS (even if they have previously
> > declined 3.5 and 3.6)?
> >
> > It would be sad if the remaining 3.0.x users either continued using an
> > unpatched browser or switched to competing browsers instead of keeping
> > Firefox up-to-date.
> >
>
> Earlier this month, I did a two-week survey of user agents accessing a
> sample of my Web pages.  Of identified Gecko-based browsers, 4.5% of
> "hits" were from Gecko rv:1.8.x (Firefox 1.x or 2.x, SeaMonkey 1.x); and
> 2.7% were from Gecko rv:1.9.0.x (Firefox 3.0.x).  Thus, 7.2% of the
> Gecko-based browsers were from Firefox version 3.0.x or earlier and from
> SeaMonkey version 1.x.
>
> I found it interesting that almost twice as many hits were from Firefox
> 1.x or 2.x and SeaMonkey 1.x than from Firefox 3.0.x.
>
> Do you have data on the operating systems those users are running?  IIRC
Gecko 1.8.x was the last version to support Windows 9x, so I would expect
the vast majority of users on Gecko 1.8.x to be running Windows 98 or
something.


> --
>
> David E. Ross
> <http://www.rossde.com/>
>
> On occasion, I might filter and ignore all newsgroup messages
> posted through GoogleGroups via Google's G2/1.0 user agent
> because of spam from that source.
> _______________________________________________
> dev-planning mailing list
> [hidden email]
> https://lists.mozilla.org/listinfo/dev-planning
>

- Kyle
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

timeless-3
In reply to this post by Asa Dotzler-2
On Wed, Apr 20, 2011 at 3:47 PM, Asa Dotzler <[hidden email]> wrote:
> I think we should package up a 4.0.1 release as a mandatory security update
> for Firefox 2.0.x and Firefox 3.0.x users. Nobody should be using 2.0.x or
> 3.0.x. They are horribly insecure, completely unsupported, are almost
> assuredly going to be turned into spambots and are a threat to the health of
> the Web and every other user of the Web.

Sounds great. My sister has a G4 and is waiting for an update to her Firefox 2.
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Robert Kaiser
In reply to this post by Christian Legnitto
John O'Duinn schrieb:
> We do MUs for orphaned groups of users frequently - and as Christian
> said, we can (read: will!) revisit who to re-prompt later. Even as far
> back as FF2.0.0.x, we would scan back for large groups of users who are
> still back on old, less-secure versions of FF1.5.0.x, and re-prompt them
> to upgrade. For now, however, it makes more sense to focus scarce
> resouces on getting the many more FF3.5, FF3.6 users upgraded to FF4.0.

I actually wonder, in concert with Asa, if we actually should go and
give those on unsupported versions a non-prompted "minor" update (as
long as their hardware/OS is supported with FF4) instead of a prompted
"major" update offer. We should try to do everything we can to "force"
all those users to a supported version that can run it.
People running 3.0 or even older versions are not only risking their
security and privacy every time they use such a build, but threaten
other people due to the significant risk to become part of a botnet that
is used for all kinds of attacks. We should try to actively avoid that,
even if it means changing their Internet experience without asking.

Robert Kaiser


--
Note that any statements of mine - no matter how passionate - are never
meant to be offensive but very often as food for thought or possible
arguments that we as a community needs answers to. And most of the time,
I even appreciate irony and fun! :)
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Robert Kaiser
In reply to this post by David E. Ross-3
Kyle Huey schrieb:
> On Wed, Apr 20, 2011 at 3:04 PM, David E. Ross<[hidden email]>wrote:
>> I found it interesting that almost twice as many hits were from Firefox
>> 1.x or 2.x and SeaMonkey 1.x than from Firefox 3.0.x.
>>
>> Do you have data on the operating systems those users are running?  IIRC
> Gecko 1.8.x was the last version to support Windows 9x, so I would expect
> the vast majority of users on Gecko 1.8.x to be running Windows 98 or
> something.

In addition to that, SeaMonkey 1.x didn't ship an update mechanism, so
no way to "help" those users at all - better just forget about them (and
yes, they should get a weekly notification that something newer is
available - we turned that on as soon as SeaMonkey 2.0 was available,
i.e. in late 2009).

We should concentrate on those people we can bring over to something
supported in some way, people on Win9x, PPC Macs or SeaMonkey 1.x
unfortunately are nobody we can help actively.

Robert Kaiser


--
Note that any statements of mine - no matter how passionate - are never
meant to be offensive but very often as food for thought or possible
arguments that we as a community needs answers to. And most of the time,
I even appreciate irony and fun! :)
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Christian Legnitto
In reply to this post by Robert Kaiser

On Apr 20, 2011, at 2:03 PM, Robert Kaiser wrote:

> John O'Duinn schrieb:
>> We do MUs for orphaned groups of users frequently - and as Christian
>> said, we can (read: will!) revisit who to re-prompt later. Even as far
>> back as FF2.0.0.x, we would scan back for large groups of users who are
>> still back on old, less-secure versions of FF1.5.0.x, and re-prompt them
>> to upgrade. For now, however, it makes more sense to focus scarce
>> resouces on getting the many more FF3.5, FF3.6 users upgraded to FF4.0.
>
> I actually wonder, in concert with Asa, if we actually should go and give those on unsupported versions a non-prompted "minor" update (as long as their hardware/OS is supported with FF4) instead of a prompted "major" update offer. We should try to do everything we can to "force" all those users to a supported version that can run it.
> People running 3.0 or even older versions are not only risking their security and privacy every time they use such a build, but threaten other people due to the significant risk to become part of a botnet that is used for all kinds of attacks. We should try to actively avoid that, even if it means changing their Internet experience without asking.

This is the plan for when we kill 3.5 (polishing up the doc now). We currently no plan to do it for older releases but we can debate it once the dust has settled around FF4 and FF5.

Christian
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Robert Strong
On 4/20/2011 2:29 PM, Christian Legnitto wrote:

> On Apr 20, 2011, at 2:03 PM, Robert Kaiser wrote:
>
>> John O'Duinn schrieb:
>>> We do MUs for orphaned groups of users frequently - and as Christian
>>> said, we can (read: will!) revisit who to re-prompt later. Even as far
>>> back as FF2.0.0.x, we would scan back for large groups of users who are
>>> still back on old, less-secure versions of FF1.5.0.x, and re-prompt them
>>> to upgrade. For now, however, it makes more sense to focus scarce
>>> resouces on getting the many more FF3.5, FF3.6 users upgraded to FF4.0.
>> I actually wonder, in concert with Asa, if we actually should go and give those on unsupported versions a non-prompted "minor" update (as long as their hardware/OS is supported with FF4) instead of a prompted "major" update offer. We should try to do everything we can to "force" all those users to a supported version that can run it.
>> People running 3.0 or even older versions are not only risking their security and privacy every time they use such a build, but threaten other people due to the significant risk to become part of a botnet that is used for all kinds of attacks. We should try to actively avoid that, even if it means changing their Internet experience without asking.
> This is the plan for when we kill 3.5 (polishing up the doc now). We currently no plan to do it for older releases but we can debate it once the dust has settled around FF4 and FF5.
btw: the extension compatibility check performed by app update is very
broken prior to 3.5 which is something I fixed after taking over app
update (https://bugzilla.mozilla.org/show_bug.cgi?id=324121 for the gory
details). The update behavior when not prompting / ignoring extension
compatibility (e.g. the update snippet is a minor update and the
extension compatiblity check is disabled by setting the update's
extension app compatibility version to the user's current app version)
should be heavily tested when you do this. iirc there were cases where
it checked extension compatibility anyway and would show the prompt.

Robert

_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Asa Dotzler-2
In reply to this post by Asa Dotzler-2
On 4/20/2011 1:22 PM, timeless wrote:
> On Wed, Apr 20, 2011 at 3:47 PM, Asa Dotzler<[hidden email]>  wrote:
>> I think we should package up a 4.0.1 release as a mandatory security update
>> for Firefox 2.0.x and Firefox 3.0.x users. Nobody should be using 2.0.x or
>> 3.0.x. They are horribly insecure, completely unsupported, are almost
>> assuredly going to be turned into spambots and are a threat to the health of
>> the Web and every other user of the Web.
>
> Sounds great. My sister has a G4 and is waiting for an update to her Firefox 2.

Your sister's PC vendor has abandoned her and so have the vendors of her
most security-sensitive software. She really shouldn't be connecting to
the internet at all. She's a danger to herself and to others.

On a more topical note, I should have said "a mandatory security update
for all supported platforms"

For unsupported platforms, I think we should have a "We cannot secure
this version of Firefox and recommend you uninstall" followed by
instructions or a button to launch the uninstaller.

For the overwhelming majority of users (those on Windows) the default
system browser is more secure and better for the user and the Web. IE 6
is still getting critical security updates (see
http://www.microsoft.com/technet/security/Bulletin/MS11-018.mspx for
example which was just released for IE 6 a week ago.

If we cannot secure a user, that user and the Web are better off if we
either a) force them forward to a current, supported version or b)
uninstall Firefox and push them back to the system browser which is
being secured by its vendor.)

- A
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

David E. Ross-3
In reply to this post by David E. Ross-3
On 4/20/11 12:53 PM, Kyle Huey wrote:

> On Wed, Apr 20, 2011 at 3:04 PM, David E. Ross <[hidden email]>wrote:
>
>> On 4/20/11 2:28 AM, Henri Sivonen wrote:
>>> Yesterday, I observed a case where a person was stating his preference
>>> for Chrome while showing a screenshot that had the old Firefox icon. The
>>> new icon debuted all the way back in Firefox 3.5, so he had to have
>>> Firefox 3.0.x (or earlier).
>>>
>>> This together with the observation that Firefox 3.0.x still has millions
>>> of active daily users inspires me to ask:
>>>
>>> Will Firefox 4.0.1 be offered as a prompted update to Firefox 3.0.x
>>> users who are using a compatible OS (even if they have previously
>>> declined 3.5 and 3.6)?
>>>
>>> It would be sad if the remaining 3.0.x users either continued using an
>>> unpatched browser or switched to competing browsers instead of keeping
>>> Firefox up-to-date.
>>>
>>
>> Earlier this month, I did a two-week survey of user agents accessing a
>> sample of my Web pages.  Of identified Gecko-based browsers, 4.5% of
>> "hits" were from Gecko rv:1.8.x (Firefox 1.x or 2.x, SeaMonkey 1.x); and
>> 2.7% were from Gecko rv:1.9.0.x (Firefox 3.0.x).  Thus, 7.2% of the
>> Gecko-based browsers were from Firefox version 3.0.x or earlier and from
>> SeaMonkey version 1.x.
>>
>> I found it interesting that almost twice as many hits were from Firefox
>> 1.x or 2.x and SeaMonkey 1.x than from Firefox 3.0.x.
>>
>> Do you have data on the operating systems those users are running?  IIRC
> Gecko 1.8.x was the last version to support Windows 9x, so I would expect
> the vast majority of users on Gecko 1.8.x to be running Windows 98 or
> something.
>

Reviewing my raw data, I see that it appears only six distinct users
accessed my Web pages during those two weeks.  The UA strings were:

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.7)
        Gecko/20060909 Firefox/1.5.0.7

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.9)
        Gecko/20071025 Firefox/2.0.0.9

Mozilla/5.0 (Windows; U; Win98; en-GB; rv:1.8.1.22) Gecko/20090605
        SeaMonkey/1.1.17

Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.23) Gecko/20090823
        SeaMonkey/1.1.18

Mozilla/5.0 (Windows; U; Windows NT 5.1; en; rv:1.8.1) Gecko/20061010
        Firefox/2.0

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6)
        Gecko/20070725 Firefox/2.0.0.6

Only one of these is clearly Windows 98.  Four could be Windows XP.  I'm
not sure about the Linux user since I don't use Linux and thus don't
know what is the current version.  Of course, all this could be confused
by spoofing.

--

David E. Ross
<http://www.rossde.com/>

On occasion, I might filter and ignore all newsgroup messages
posted through GoogleGroups via Google's G2/1.0 user agent
because of spam from that source.
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Henri Sivonen
In reply to this post by Asa Dotzler-2
On Wed, 2011-04-20 at 12:50 -0700, John O'Duinn wrote:
> We do MUs for orphaned groups of users frequently - and as Christian
> said, we can (read: will!) revisit who to re-prompt later.
...
> but yes, its on our recurring ToDo list.

Cool. Thanks!

On Wed, 2011-04-20 at 15:25 -0700, Asa Dotzler wrote:

> On 4/20/2011 1:22 PM, timeless wrote:
> > On Wed, Apr 20, 2011 at 3:47 PM, Asa Dotzler<[hidden email]>  wrote:
> >> I think we should package up a 4.0.1 release as a mandatory security update
> >> for Firefox 2.0.x and Firefox 3.0.x users. Nobody should be using 2.0.x or
> >> 3.0.x. They are horribly insecure, completely unsupported, are almost
> >> assuredly going to be turned into spambots and are a threat to the health of
> >> the Web and every other user of the Web.
> >
> > Sounds great. My sister has a G4 and is waiting for an update to her Firefox 2.
>
> Your sister's PC vendor has abandoned her

Has Apple really abandoned Leopard users as far as security patches go?
It's annoying that Apple is never clear on product EOL. Note that
Mozilla supports Firefox 4 for Intel Leopard. (Mozilla also ships
Firefox to non-latest Android releases and those are also
Internet-connected *nix systems without the latest patches.)

> and so have the vendors of her most security-sensitive software.

Adobe stopping Flash updates is indeed scary.

> She really shouldn't be connecting to
> the internet at all. She's a danger to herself and to others.

I think you haven't really substantiated the danger here. If a person is
running PPC Leopard with the latest point release of Firefox 3.6 or
TenFourFox with FlashBlock enabled (and random old plug-ins disabled),
is there any evidence of her being a danger to herself or to others?

Also, http://www.mozilla.org/projects/ lists Camino, which is still
running the engine that was in Firefox 3.0.

After Firefox 4 was released, I migrated my parents off Camino (to
Firefox 4 on their Intel Macs and to TenFourFox on their PPC Macs). I
think the right and nice thing to do would be making PPC Firefox users
aware of the existence of TenFourFox even if Mozilla Corporation doesn't
have an autoupdate target for PPC users.

--
Henri Sivonen
[hidden email]
http://hsivonen.iki.fi/

_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Boris Zbarsky
In reply to this post by Asa Dotzler-2
On 4/21/11 4:22 AM, Henri Sivonen wrote:
> On Wed, 2011-04-20 at 15:25 -0700, Asa Dotzler wrote:
>> On 4/20/2011 1:22 PM, timeless wrote:
>>> Sounds great. My sister has a G4 and is waiting for an update to her Firefox 2.
>>
>> Your sister's PC vendor has abandoned her
>
> Has Apple really abandoned Leopard users as far as security patches go?

Leopard, no.

Note that Leopard doesn't run on all G4s, though....

-Boris
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Robert Kaiser
In reply to this post by David E. Ross-3
David E. Ross schrieb:
> Reviewing my raw data, I see that it appears only six distinct users
> accessed my Web pages during those two weeks.

So - sorry to say that - not a really interesting or representative
sample. And all of those have at least some updates available to them
and ignored that. Those are users we should force to upgrade or make
hard to even use those versions of our software any more, IMHO, given
the security risk.

We need to allow running any old version for testing purposes (hopefully
in reasonably sandboxed environments) but we should make it really hard
if not impossible to use them for production.

Robert Kaiser

--
Note that any statements of mine - no matter how passionate - are never
meant to be offensive but very often as food for thought or possible
arguments that we as a community needs answers to. And most of the time,
I even appreciate irony and fun! :)
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

David E. Ross-3
On 4/21/11 6:53 AM, Robert Kaiser wrote:

> David E. Ross schrieb:
>> Reviewing my raw data, I see that it appears only six distinct users
>> accessed my Web pages during those two weeks.
>
> So - sorry to say that - not a really interesting or representative
> sample. And all of those have at least some updates available to them
> and ignored that. Those are users we should force to upgrade or make
> hard to even use those versions of our software any more, IMHO, given
> the security risk.
>
> We need to allow running any old version for testing purposes (hopefully
> in reasonably sandboxed environments) but we should make it really hard
> if not impossible to use them for production.
>
> Robert Kaiser
>

What I meant to write was that only six distinct USERS OF GECKO 1.8.x
accessed my Web pages during those two weeks.  I had over 1,600 "hits"
from Gecko, IE (5, 6, 7, 8, and 9), Safari, Chrome, Opera, various
mobiles, Wget, and 19 different bots.  I also had 2-3 "hits" that
presented blank UA strings.

--

David E. Ross
<http://www.rossde.com/>

On occasion, I might filter and ignore all newsgroup messages
posted through GoogleGroups via Google's G2/1.0 user agent
because of spam from that source.
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
Reply | Threaded
Open this post in threaded view
|

Re: Prompted update from 3.0 to 4.0?

Wes Garland
In reply to this post by timeless-3
On 20 April 2011 16:22, timeless <[hidden email]> wrote:

>
> Sounds great. My sister has a G4 and is waiting for an update to her
> Firefox 2.
>

:P

Has your sister seen ten-four fox?  One of my developers runs it on his
ancient PPC MacBook and is happy with it.

http://www.floodgap.com/software/tenfourfox/

Wes

--
Wesley W. Garland
Director, Product Development
PageMail, Inc.
+1 613 542 2787 x 102
_______________________________________________
dev-planning mailing list
[hidden email]
https://lists.mozilla.org/listinfo/dev-planning
1234 ... 6