By Scott M. Fulton, III, Betanews
One of the benefits of working in an organization whose founding premise is based on openness is that mistakes can be openly admitted, and thus more quickly rectified. An example of this principle in action comes from the blog for Mozilla's own analytics team, which earlier this week presented a very telling discovery from a survey of Firefox 2 users who continually declined making the upgrade to version 3.0 (we're not even dealing with 3.5 yet).
The most oft-cited reason users declined to make the upgrade -- from one declining user in four, or about 1,250 users, according to survey results -- was the apparent fact that a user's history of previously viewed Web sites could not be deleted from the address bar. As a result, when typing in an HTTP, any user could discover the addresses of similarly-named Web sites that any other user of that same browser (under the same logon name) had previously viewed.
"The browser is not very secure if browsing history cannot be deleted from the location bar," reads the team's citation of an actual comment from a browser user.
As a reviewers' guide to Firefox 3.5 indicates, a new feature in the Privacy panel under Options lets users limit the categories of information the "Awesome Bar" may provide, making it arguably less awesome but, in some minds, more secure. More frequent use of the Private Browsing feature, which does not record the user's history when active, may also appease these users' concerns.
The problem is, many of these users may already have been turned off of Firefox, and as result, will not have read either the reviewers' guide that points these facts out, or this article that attempts to shed extra light on them. So the analytics team openly suggested a change to Firefox itself: incorporating, in a future edition, the filtering control from the Options panel directly into the address bar itself.
What were users' thoughts on that? Not a complete solution, many said, because that doesn't resolve the issue of bringing back the users that didn't upgrade. Another user was the first to invoke the dreaded "p" word: A user who may be viewing porn may not want the opportunity to accidentally leave any trail of attempting to not leave any trail, and a switch that can be left to filter out history may provoke skepticism.
Firefox security contributor Jesse Ruderman pointed out the irony of users refusing to upgrade to a demonstrably more secure browser, for security reasons. "It sounds like users declining major updates is the main way we lose users to insecure versions, but it's not the only way," Ruderman wrote. "Should we try surveying users who uncheck 'Automatically check for updates' to find out why they do that?"
But perhaps the most enlightening comment came from a contributor who pointed out that the "freedom of expression" that characterized the original Firefox 3.0 "Awesome Bar" probably did raise some concerns during Mozilla's long beta period. Had enough attention been paid to beta testers' concerns at that time, before 3.0 went RTM in June 2008, the entire survey itself might not have been necessary.
"I think the other half of the solution is to see if there are ways to help developers predict or better gauge the response during beta releases," wrote "Lucy." "Obviously not every issue brought up during beta turns out to matter, but how to do a better job of telling them apart?"
Copyright Betanews, Inc. 2009