Five cures for Microsoft's Internet Explorer 6 ills
Microsoft shouldn't let Google set the Internet Explorer 6-ending agenda. Google services will stop supporting the browser, starting on March 1. It's Microsoft 's browser and responsibility for putting this antiquated technology -- and all Internet users subsequently affected by malicious and criminal activity -- out of misery. Save the Web! Stop Internet Explorer 6 now!
If security really is Microsoft's top priority -- and I say that it's not -- IE6 shouldn't be used by anyone anywhere. Microsoft bears the blame for the IE6 scourge. High IE6 usage is more than a situation of users clinging to older technology. Microsoft created this problem by:
1) Integrating Internet Explorer into Windows.
2) Pushing a closed and arguably flawed plug-in architecture (e.g., ActiveX).
3) After releasing IE6, essentially ending new browser development until Mozilla released Firefox in late 2004.
4) Blocking so-called non-genuine copies of Windows from receiving new updates, including IE version upgrades.
Microsoft should seek out and destroy IE6 wherever it's used. The browser is too much of a security risk. Since Microsoft isn't doing enough, I suggest five ways by which the company can decisively and quite aggressively take charge of this situation. A combination of the five, but necessarily all, would be necessary to eradicate IE6.
1. Take the lead away from Google, by disabling IE6 across Microsoft Websites -- and encourage other Web properties to do the same. According to Net Applications, IE6 usage share was just over 20 percent in January, making this antiquated browser second-most used. It's not rocket science to identify a browser version, block site access and to provide notice that IE6 is no longer supported. The notice could provide links to download IE8, and, if Microsoft is PR savvy enough, links to competing browsers, too.
Microsoft worries too much about breaking existing applications or Websites. The majority of safe sites should already support modern Web standards. Businesses that must have legacy support can run IE6 behind the firewall. Presumably, the majority of remaining IE6-supporting Websites would be the dangerous ones hosting malware. These are exactly the sites Microsoft should want to keep its customers away from.
2. Use a bot to identify all Websites supporting IE6, then request that site operators simply stop support. Microsoft could even offer incentives, like free software or support services, to Websites that quickly respond. For years, IE6 peculiarities compelled Website designers to put in special tags supporting Microsoft's browser. Surely they can be easily enough removed and replaced with redirects to pages explaining IE6 isn't supported and offering links to download more modern browsers.
3. For business that simply must have IE6, aggressively promote a virtualized alternative. The idea would be to quarantine IE6. If it must run -- say, to support legacy ActiveX controls -- do so in a sandbox separate from the operating system and other applications.
4. Forcibly upgrade non-genuine Windows users to Internet Explorer 7 or 8. This one is politically and logistically difficult, which are problems of Microsoft's creation. Microsoft long ago prohibited pirated, or presumed pirated, Windows versions from receiving critical applications and operating systems updates, such as Service Packs. Years ago, when working as analyst, I strongly and repeatedly discouraged Microsoft product managers from withholding updates. I expressed mixed feelings about withholding IE upgrades.
From a Microsoft political perspective, the withholding approach was about getting more people to pay for Windows. Product managers would never admit this, with the party line being something about rewarding so-called genuine users. Instead, Microsoft punished non-genuine users and tangentially genuine users assaulted by malware infesting non-genuine Windows copies. I argued that from a security perspective, it made more sense to update everyone with everything important. Anything bundled with Windows is important enough. By withholding critical system updates, including bundled IE, Microsoft puts every non-genuine Windows version at risk of being infected with malware.
Logistically, the solution is difficult because:
- Non-genuine Windows copies wouldn't have the supporting system updates or Service Packs necessary to upgrade the browser to IE7 or IE8.
- Malware might be in place that has disabled Windows Update or otherwise would prevent downloading Service Packs or newer IE version.
- Even if possible, end users might not have the bandwidth or the patience to accept the updates necessary to replace IE6 with a newer browser version.
An alternative option would be political suicide within Microsoft's corporate culture: Disable non-genuine Windows copies that can't be upgraded to IE6 or IE7 after three attempts. I contend that Microsoft should disable non-genuine Windows copies without warning. Why should it have to, if the software is pirated? Yes, a small number of legitimate customers will be affected. But the greater security good would be served, and Microsoft could individually resolve problems with customers whose legitimate Windows copy was disabled by the action.
5. Immediately offer a mobile Internet Explorer alternative, even if it's a competing browser. IE6 isn't just a scourge of the past, it's ready to corrupt another platform's future. IE6 is the basis for Microsoft's mobile browser. That has got to stop now. Yes, some Betanews commenters will rightly argue that based on IE6 isn't the same as IE6. My retort: Why should the mobile browser be based on IE6, when newer, presumably safer versions are available? Microsoft owes it to mobile customers -- the majority of them business users -- to provide the safest browser possible. If IE8 is so much better, which Microsoft claims, shouldn't it be the foundation for mobile Internet Explorer?
Do you have a better or different suggestion about how Microsoft can purge the IE6 plague? Please pipe up in comments.