On Internet Explorer

I've recently come across several malware-infected PCs. Though different in detail, all these PCs were infected via weaknesses in the same program: Internet Explorer 6. The outcry of web developers, many of whom detest IE6, is obviously not enough to get people off an inferior product. So, I thought I'd contribute my voice to the debate, along with reasons that don't sound like, "I'm lazy," to the average person.

For everyone:
Security
Give yourself a few open wounds, then go swimming in a sewer. This is essentially what you're doing with IE6. This browser has so many holes in its security that as many as 46 have gone unpatched in Microsoft's monthly cycle. It doesn't matter why this is; perhaps Redmond can't keep up, or maybe they just don't care. And even if you ignore that, the methods by which this browser keeps you "secure" just don't cut it any more. Let's face it, this thing was designed for an environment where dial-up was still the dominant method of connecting to the internet; the term "drive-by download" isn't even in it's lexicon. Also, lest we forget, those versions of Windows that ship with or can upgrade to IE6 also use it for Windows Update. Why is this bad? Because you have a product with numerous security flaws with what amounts to DIRECT ACCESS to the most basic part of your computing experience - the OS. This idea isn't even half-baked.

Support for standards
I know, everyone is probably tired of hearing about HTML5 and CSS3. So let's forget about them for now, even though those are the standards that the web will eventually be based upon. Instead, let's talk about good ol' CSS2. This standard was finalized in 1998. Internet Explorer 6 came out in 2001. Microsoft had almost 3 YEARS to get this done... but they didn't. Instead, you now have websites that look and work fine in IE, but not in any other browser; or maybe you have the reverse. It depends on how much work a person was willing to do as a web designer. Now, I'm not averse to a little extra work; I bill by the hour, after all. However, it seems to me (and anyone with an iota of common sense) that a page designed on standards should work the same way no matter what.

For home/individual users:
Familiarity
Okay, I'll admit. I rather like the way IE6 is laid out. It's charmingly simple and easy to navigate. So is a Model T. If you're using IE7 or IE8 and you're really determined to keep doing things the old way, you can get back the menu bar and get rid of the favorites bar. Simply right-click in the area below the address bar (but not on a tab). Make sure the menu bar is selected, and the favorites bar is not. As for the rest, feel free to ignore the tabs. I assure you, except for a minor update in graphics, the other buttons still work exactly the same.

Inability to upgrade
Running Windows 2000? Or an even earlier (shudder) version of Windows? Then you can't upgrade to IE8. You can, however, switch to Mozilla Firefox. Aside from the memory footprint, which they're working on, this is one of the best browsers in existence today, and you can get an add-on for it which makes it, in my opinion, the best browser ever: Adblock Plus. As for corporate users, whose PCs are usually locked down, you may be able to use Firefox Portable, as it requires no installation. It is up to you, however, to make sure your use of this application is within company guidelines.

For corporations:
Money - part 1
I'm sure there's some must-have (perhaps custom) web application that would cost hundreds or even thousands of dollars to update for newer versions of IE or even another browser. By keeping your computers on IE6, you're saving money, right? Except, since the employees are not allowed to use any other browser, you fall afoul of those security holes. I'm also certain you block common time-wasting and potentially infested sites like Facebook. However, no site is hacker-proof. Even the most well-maintained, benign destinations may have suffered a code injection attack or some other mishap that they might not even notice. If your company must use that site, you're more vulnerable than than someone using, well, pretty much anything else. Why is this important, you ask? Well, let me ask a question or two in return. How many security incidents (information breaches, malware infections, etc.) could have been avoided if you were NOT using IE6? How much time is your IT staff spending fixing these issues? This is time they could be using to do other things, like doing projects or finding ways to automate your processes and enhance productivity. In essence, how much is IE6 actually COSTING you to keep? Now, some will look harder at their balance sheets and see that it's not too bad. Probably even less than upgrading your software, and that's fine. Except, of course, that upgrading is a one-time cost, while supporting software is continuous. So, you'll be fine for a year. How about two? Or three? 10? Bet that number's not so small now. There will still be maintenance overhead for your upgraded software, of course, but not as much. And hey, I can understand if an upgrade is not something you can afford to do right away, but it's still worth thinking about, just for this.

Management via local/group policy
This can be a big one. And it can be solved in seconds. Take a look at this: WetDog 0.9. This allows you to manage many aspects of Firefox with policies.

Money - part 2
How much are you spending to make your website works with IE6? Developers estimate that ensuring that a website works with IE6 can increase your development time by 20% to even 100%! Whether you're paying by the hour or as a flat rate, it's quite likely that you're paying a premium for this. In fact, you might be able to get a reduced rate if you ask for a website without support for IE6. Of course, you can't simply afford to ignore what is unfortunately a large percentage of the internet population, especially if they make up a large portion of your traffic. Fortunately, there is a way to bring these people into your fold without spending much extra time on web development. A Mr. Dean Edwards has come up with several small bits of Javascript that can force IE6 (or IE7 or IE8) to act as if it were more standards-compliant than it is. You can find this code at http://code.google.com/p/ie7-js/ along with an explanation of how to use it. Then your developers can concentrate on common, standards-compliant code, and leave this in for those behind the times. It's not perfect, of course, but it's close enough that your website will work fine in any browser.

(Disclaimer: I am not in any way associated with the above projects, nor do I take any credit for their contents)