Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Getting rid of legacy stuff is hard

Getting rid of legacy stuff is hard

  • Comments 2

Microsoft recently released it latest version of Internet Explorer, IE9.  I’ve been running the Release Candidate for a while and I like it.  This may be heresy, but while I like IE9 I think I still prefer Firefox.  Sorry Microsoft folks, that’s just my preference.  But you can take solace in the fact that I don’t really care for Chrome.  I’m kind of indifferent to Opera and Safari is alright, although I only use both on my Mac.

Where was I going with this?  Oh, yeah.  Microsoft released IE9 and is embarking on another campaign to convince users to get rid of their old IE6 browsers.  Its old (released in 2001 which is 10 years ago and a lifetime on the Internet), Microsoft really doesn’t want to maintain it anymore (I assume), and has the most security vulnerabilities.  Yet organizations insist on retaining it because they built a lot of applications around it and they are worried that if they migrate over to a newer browser, a ton of stuff will break and they don’t have the bandwidth to deal with it.

The reality is that it’s hard to convince everyone to get rid of their legacy stuff that is not up to date but serves its purpose.  My own brother only recently ditched his old laptop (which was my old laptop) that I got in the year 2000.  His excuse was that it did its job (editing pictures) and didn’t go online, and that’s all he needed it for (this is the same laptop that over a year ago I discovered had 1200 pieces of malware on it).  The funny thing is that software vendors are always giving their users more bells and whistles but it seems to me like once you hit a critical mass you start getting major diminishing returns for all of those bells and whistles.  I don’t think that surprises anyone in the software field but what probably would surprise us is that critical mass occurs much earlier than we think it does.  For example, mobile devices have seriously taken off in the past 3 years, especially since the introduction of the iPhone.  The apps on the iPhone are all limited, screen browsing is tiny… but it is still incredibly popular.  People are more than willing to sacrifice richness of the user experience for convenience and portability.  In other words, the “good enough” factor arrives pretty early.

I came across the following chart of Microsoft’s financial history.  Note how much more successful Windows XP was than Windows 98 or Windows 95.  Windows Vista and Windows 7 combined are about the same amount of sales, but I’d be willing to be that most people who bought Windows 7 were upgrading from Windows Vista.  This means that there are a whole lot of people out there running Windows XP, an OS that Microsoft released a decade ago.  This chart says that Microsoft sold 400 million copies.  Of course, Microsoft was only paid for half of the copies that are out there so there are really something like 800 million copies of XP floating around:

image

(Click here for larger image)

Microsoft has been trying forever to get people to upgrade their OS (isn’t it weird how the stock price peaked before their best selling Windows XP even came out?) and it still hasn’t happened yet.  And if the second largest software company in the world can’t get everyone to upgrade despites millions of dollars of pushing it, then I think we in the industry need to figure out a sustainability model – how do we deal with a world where the reality is that not everyone will follow best practices when it comes to software?  Are companies who are extraordinarily successful early on forever doomed to live in a world where they have to support legacy software forever?

Leave a Comment
  • Please add 3 and 5 and type the answer here:
  • Post
  • Easy. Don't give them one. Cloud, baby, cloud. Windows Azure is always at the latest version - when people just plug into the stream, they'll be at the latest OS. We just need some very lightweight PXE boot and we're off.

    My 2 cents anyway. Hey, where's the cents key?

  • duty_press@aprf.gov.ru MY NAME IS DENNIS JAY HUGHES FROM THE STATES I AM A VICTIM OF CYBERBULLING GOING ON 4 YEARS NOW AS NO ONE SEEMS TO CARE AS I AM BEING VIOLATED OF MY RIGHTS OF COMMON USE OF THE INTERNET.. I  DO HAVE A PICTURE OF WHO MAY BE DOING THIS AS SHE IS USING A TECHNICAL PROSPECT OF FIBER OPTICS IDENTITY UNKNOWN THIS HAS BECAME IT SERIOUS PROBLEM FOR ME AS I'VE TRIED EVERY ATTEMPT OF ICU TO THE FBI TO THE SAINT PAUL POLICE DEPARTMENT AS NO ONE IS OF ANY INTEREST TO THIS HIGHLY ILLEGAL PROCEEDURES  OF FAKE WEB PAGES DEMANDING MONEY I FEEL YOU MAY BE OF HELP FINDING THIS WOMAN AND CONVICTING HER OF THE PRISON TERM SHE DESERVES  AS I KNOW YOU &  I TAKE THIS  AS A SERIOUS MATTER.. MY PAGE JUMPS & HOPS MAKING IT UNCOMFORTABLE FOR ME TO USE THE WEB FREELY. HERE IS MY NUMBER 6512249261 THIS HAS BECAME FROM MYSPACE AND FACEBOOK RELATIONS CAN YOU HELP ME  CITIZEN FROM  USA..

Page 1 of 1 (2 items)