Maybe it’s sarcasm? On the other hand, the new school does have it pretty good these days with the evergreen browsers, so it could be genuine lack of perspective. Webkit is stubborn and slow moving, but nothing like what we endured with IE, especially since polyfills were not a ubiquitous concept and checking for feature support at runtime was a kind of dark art. I shudder just thinking about user agent strings again. If anything, my daily dose of strange BS these days comes from imposed third-party SaaS vendors rather than browser interop even when accounting for older versions of Safari.
Most organizations with any sort of audit, insurance, or regulatory requirements do. Updating software is one of the most basic things covered by any security benchmark.
Maybe internally. If done externally, extorting your users to update their stuff, then it is clearly overstepping the boundaries. Creating awareness is good and necessary, but insisting on another entity, be it a user or another company doing something, because it is in your company's security benchmark, is inappropriate. Quickly silly things, that have no security benefit at all make it into that benchmark and are tried to be forced upon other entities. Suddenly a company will be interested in how you internally handle your SSH keys. Do you make new ones every 3 months? No sorry, every 4 months is too long for our security benchmark.
CSSer|3 years ago
ihateolives|3 years ago
acdha|3 years ago
zelphirkalt|3 years ago