
Chrome Dev: we'd rather you use another browser than an old version of Chrome - rlv-dan
https://www.reddit.com/r/chrome/comments/a3xj2q/is_there_still_a_way_to_bring_back_the_old_design/ebch4xm/
======
Wowfunhappy
Meanwhile, Google saw fit to break[1] countless games, basically erasing
pieces of culture / shared history.

I don't necessarily have an issue with dropping legacy compatibility, but you
can't both drop legacy compatibility _and_ disallow downgrades. There needs to
be a way to access old experiences.

[1]
[https://bugs.chromium.org/p/chromium/issues/detail?id=840866...](https://bugs.chromium.org/p/chromium/issues/detail?id=840866#c104)

~~~
floatingatoll
Old experiences were served using dangerous and harmful mechanisms that, in
2019 and beyond, can be exploited remotely to takeover your computer.

Technical experts have demonstrated that they’re able to locate and run older
releases of browsers, endangering themselves and others by running them
unprotected, directly on their primary devices, without protection. Chrome
speaks out against that practice here, and I would expect Firefox did the same
during the old-to-new extensions transition.

The only safe way to access old experiences will likely end up being: install
and use old browsers in sandboxed virtual machines that discard all changes at
shutdown.

While infinite resources would permit browsers to implement virtual machine
support for their own older selves, no browser has infinite resources to work
with. Happily, since those who desire this most are often technically skilled,
my described “set up a safe virtual machine” is easy and realistic.

TLDR: Please don’t run old versions of any browser on your primary computers.
Use sandboxed virtual machines if you must so at all. The web is far too
dangerous and those reading this comment are far too likely to have
exploitable commit access to the world somehow.

------
lithos
Pretty sure the dev learned the lesson of why you don't bother to speak up.

~~~
weberc2
That was terribly frustrating to read. The dev gave reasoned, metered answers,
and the others responded with Cathy-Newman-esque “So what you’re really saying
is...” questions.

------
Traster
It’s not really much of a statement. Anyone with any sense knows that the
browser is the attack vector of most threats and security is probably the
single most important feature of a browser today. The conversation in the
thread demonstrates why devs shouldn’t talk publicly. He clearly didn’t
convince the people he was addressing, and by engaging he opened himself up to
the risk of Misspeaking and causing a shitstorm. We’ll see far fewer of these
interactions as more repurcussions happen.

------
charrondev
And here I was thinking the chrome UI refresh was a breath of fresh air.

The car analogy was apt. If Ford updated the design of one their cars, most
people would find it absurd to, in a conversation with an assembly line worker
from one of the factories, demand they keep producing the older design with
all of the latest safety features. I find this similarly absurd.

~~~
gizmo686
But if Ford found a major safty defect in the airbags of old models, people
would expect a fix. Even under normal conditions, people expect Ford to
continue supporting the old models, which don't become significantly less safe
then they were originally.

What is going on with browsers (and other software) is weird. There is no
support window on the product beyond "until we get you the next versions.
Upgrades are free, and you normally don't even notice when we upgrade. Also
the old version is significantly less secure then it was a month ago, even
though it hasn't changed at all."

Nothing about this situation is intuitive to a non expert.

Even as a proffesional, I find it supprising that we do not see any LTS
browsers given that they are essentially self contained operating systems.

~~~
charrondev
My understanding is that Firefox offers LTS (the ESR versions). I don’t think
the chrome team offers anything similar. In my mind the evergreen nature of
browsers for the average person is a great thing, but I understand the desire
of businesses in particular to have things be consistent.

In this case my understanding though is that nothing has functionally changed
in the UI. The browser UI got a paint job, not a redesign. To the average
person chrome upgrades don’t actually change much visually.

To keep up the car analogy, the security race is like if the Ford was aware of
safety defects so in the middle of the night every month the came and silently
fixed them. Occasionally they’d also replace the bumper or the speedometer.
It’s still a speedometer and still behaves like one, but it appears slightly
different.

~~~
wlesieutre
And once in a while they’ll replace the whole body of your car with the new
version that you hate.

The more apt car analogy might be that you lease it, and the dealer sneaks in
and replaces your 2016 with a 2017, then your 2017 with a 2018, and you don’t
mind, that’s the terms of your lease agreement with them.

And then one day they replace the 2018 with a 2019 and you’re not happy
anymore because the 2019 looks like ass.

But there’s no option corresponding to “buy a car instead of leasing it” so
this is what we’re all stuck with.

------
panda888888
This seems like good advice. There are lots of reasons not to use an old
version.

Imagine if you were still using IE 6 even though your computer was perfectly
capable of running a modern browser.

------
nailer
And? Threats and standards are constantly evolving. You should use a current
browser. If you don't want to use Chrome, use another current browser.

Flagged as the only reason this seems to be submitted to HN is to start an
unnecessary flamewar.

