On 2012-11-12 11:45 AM, Johnathan Nightingale wrote:
On Nov 12, 2012, at 9:46 AM, Zack Weinberg wrote:
Obviously, refusing to upgrade Firefox opens up these users to
serious security risks. I would like to suggest that we put that
toggle back in, and commit to preserving tabs-on-bottom mode for
the foreseeable future, *just because* it will encourage this upset
minority of users to continue upgrading.
....
It's true that sometimes non-security changes have major security
impacts (c.f. session restore making people more willing to apply
updates). I also agree that each poster in our newsgroups represents
a constituency (100x may or may not be right, let's say it is).
Nevertheless, I disagree. We've got a decade of experience with UI
changes having vocal critics that turn out, in hindsight, to be
minorities (e.g. tab close button position militancy around FF2).
....
I don't believe that the discussion around tabs
on bottom will result in any significant portion of our user base
turning off updates. I do believe that our tab strip code is in
desperate need of clean up, and full of edge cases that hurt
performance, maintainability, and quality.
I am the last person in the world to stand in the way of code cleanup.
I find it difficult to believe that allowing two possible relative
orders of toolbars within the chrome is more than a couple lines of CSS,
but I am not remotely an XUL person and am happy to be shown wrong.
And I think this particular change represents the last straw for a
*large* minority of users who really, really liked Firefox 3.0 and have
been getting progressively more fed up with UI changes since, but I have
no numbers to back that up.
But with my security hat on, even a small minority of our users is still
tens or hundreds of thousands of people, and if their computers are
0wned because they refused security updates because they didn't like our
UI changes, that potentially has cascading fallout upon a much larger
population (as the 0wned machines become malware sources themselves).
That's not something I think is justifiable by code cleanliness concerns
on our end.
zw
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
