The news that IE 7 won't be released for Windows 2000 is good news for Firefox, prolonging the browser's window of opportunity, Valdes says. Microsoft says it is leaving its options open where Windows 2000 is concerned, but industry observers say a release is unlikely, leaving an application switch as the best option for improving browser security. "In some sense, they have ceded the security war -- a war of perceptions -- for system releases prior to SP2," Valdes says. "They are seeking to win the war of perceptions by building on the substantial security-related advances in SP2."
The neglect of pre-SP2 systems has already encouraged some companies to look at browser alternatives. Voltrex Options, a London-based brokerage house, migrated fully to Firefox after its 1.0 release, mainly to lower the risk to its workstations. "As the majority of desktop machines run on Windows 2000, none of the extra security features in XP SP2 or any future versions of IE are available to us," said Voltrex network manager David Hallowell, who has done some volunteer work for the Mozilla Foundation. "If Firefox had not been around we'd have evaluated Opera or the Mozilla Suite for deployment. [Firefox] has an interface so similar to IE that no one here has had a problem being able to use it."
Limitations in Firefox
But Firefox is hampered by some of its own current limitations. The Mozilla Foundation admits the current version is aimed at end-users, rather than organisations, and at the moment it lacks enterprise tools for deployment, management and patching. Many companies say they wouldn't even consider deploying Firefox as their principal browser without these features. There's no commercial support infrastructure, although the project is planning to announce partnerships to provide this.
As for security, observers say attackers will start to turn up the heat on Firefox once it passes the 20 percent mark, and it remains to be seen how the open source organisation will cope. What's more, as serious flaws and exploits inevitably turn up, they are likely to erode the browser's reputation for better security. Then there is the inescapable fact that many companies are tied to IE by their own applications and those of major ISVs. For this reason alone a complete switch simply isn't an option for many companies, at least not in the near future.
But progress is being made even on this front. Once upon a time, many companies would only test their Web applications for IE compatibility as a matter of course, but this attitude has evaporated, says David McGuinness, an independent consultant who has worked with the Mozilla Foundation. "With the increasing popularity of Firefox companies are more willing to ensure that their site is tested completely in that browser," he says. "It is now very unusual to find a company that only wants their site tested in IE."
Companies switching from a single browser to multiple browsers should expect an extra cost, but this should only be incremental, and is offset by benefits such as flexibility, the ability to reach more users and user satisfaction, says Gartner's Valdes. "One of the benefits to be gained, albeit hard to quantify, is a reduction in vulnerability for the organization," such as avoiding large costs when a security breach happens, he says.
An increasing number of companies are likely to end up with various combinations of IE and non-IE usage, industry observers say. Votrex, for example, came across the inevitable Web applications that only worked with Internet Explorer -- including the firm's corporate bankers. "To get around this we can just create shortcut icons on the desktop to those few sites that still [require] IE," Hallowell says. For companies tied to IE-only internal applications, one option is to limit IE usage to the intranet and specify Firefox for the Internet.
6%
1%
As an IT network sysadmin, I have watched the development of Firefox with interest. I have been using it since the 0.7 release and have had very few problems. Some sites don't display correctly, and when checked with the W3.org HTML validator, usually reveal that they are not HTML standards compliant. If the site if programmed exclusively for IE then you must use IE. If it is standards compliant then Firefox will work.
I like Firefox as it makes my job easier. I load up 6 websites in the morning to see what is happening, so when clients call up I am informed. I can do this in three clicks in Firefox (including loading the program itself), and uncountably more in IE - which do you think I use?
The integrated Google search gets used uncountable times per day. This and tabbed browsing are the killer features for me in my job as sysadmin and
tech support.
I use Firefox for Internet Banking as my bank uses a Java Console. As long as that is up to date, I am protected.
I like Firefox and have it installed on all the PC's I use - work and various home machines. My work is a Microsoft house, so I will never get it installed on anything else, but it saves me time and we know time is money, so my boss does not mind too much!