Mark's Musings

A miscellany of thoughts and opinions from an unimportant small town politician and bit-part web developer

Fighting Yesterday’s Battles

| 0 comments

Duty Calls

I recently got involved in an argument on the Internet with a small group of people who think that the web design standards of the 1990s are still valid today. In support of this, one of them pointed me at anybrowser.com – a site which, not unconcidentally, dates from the late 90s.

My antagonists’ argument was, basically, that if it works it’s good enough, and the use of tables for layout, font tags, etc are perfectly acceptable provided you follow the guidelines on that site (and others) not to target your site at a particular subset of browser users. As a corollary of that, they also argued that if a website doesn’t work perfectly with IE6, it’s the fault of the web designers who aren’t doing their job properly. One even went so far as to accuse me of “Nazi tendencies” for insisting on web design standards rather than pragmatically using what works.

I don’t think I need to tell anyone who works in the web design industry that that’s wrong. But it’s worth exploring a little bit why it’s wrong.

Firstly, of course, the Any Browser campaigns didn’t always agree with each other. Anybrowser.com is happy with tables for layout. Anybrowser.org cautions against them. Anybrowser.com doesn’t use CSS. Anybrowser.org recommends it, albeit with caveats. So even historically, there’s no consistency.

However, there are two main themes running through all the Any Browser campaigns of the 90s:

1. Websites should not be targetted at users of any specific browser.

2. All websites must be backwards compatible with all older browsers, and it’s unrealistic to expect users to upgrade.

As far as the first point is concerned, it’s worth noting that that argument has been won. Back in the late 90s, shortly after the introduction of Internet Explorer, there was a real danger that the web would become siloed into sites compatible with Netscape (remember that?) and sites compatible with IE, each using different proprietary extensions. The Any Browser campaigns argued fiercely against that, and rightly so.

These days, though, that simply isn’t an issue. I use all five of the major browsers – Chrome, Firefox, IE, Safari and Opera – and I can’t remember the time I last encountered a website which worked better in one of them than the others.

What matters these days isn’t browsers, it’s devices. “Any Browser” is no longer an issue. “Any Device” is very much so. Sites which work well on a desktop can fail miserably on a tablet or smartphone. And, of course, vice versa. The challenge for web designers these days isn’t to make sure that their sites work on two or more browsers, it’s to make them work on a multiplicity of desk based and mobile devices.

I have to admit that not all of my own websites meet that requirement. I’ve been working towards it, of course, and one by one I’ve been updating them to use responsive frameworks that will work on phones and desktops alike. But I’m not completely there yet. In my day job, cross-device compatibility is utterly crucial, and on my desk I have not only the PC that I do my work in but also a tablet and smartphone that I need to test any visual change in before signing it off to go live.

Making that work, though, means sticking to standards. And it means sticking to standards designed for modern technology, not the technology of 20 years ago. For example, using tables for layout breaks horribly on smartphones – it makes sites unreadable without horizontal scrolling, which is one of the bigger no-nos. These days, we have to be standards complaint, and we have to be both cross-browser and cross-device compatible. In short, we have to write websites, not just for any browser, but for any device.

Which leads on to the second major theme of the Any Browser campaigns: It’s unacceptable to expect users to upgrade their browsers.

Unlike the first theme, of cross-browser compatibility, this theme has been proven wrong. And there are two main reasons why it is wrong.

The first is that, like a lot of statements made about the Internet at the time, it was based on an entirely false assumption about the rate of technological change. When installing an updated browser meant, at the very least, a lengthy download over a dial-up connection, an often complex user-initiated installation routine and (in the case of Netscape), even paying for the upgrade, there were very many good reasons not to do it unless you really wanted to. And, equally, website operators needed to be aware that users had many good reasons not to upgrade. Backwards compatibility was, therefore, an essential part of the Any Browser principle.

These days, none of those apply. All modern operating systems have an auto-update function for software, and all modern browsers either take advantage of it or use their own auto-update system. In some cases (Chrome being one), the auto-update takes place in the background and the user won’t necessarily even notice that it has happened. And people don’t connect to the Internet over dial-up any more. Even a slow ADSL connection is easly fast enough to download a browser update with no problems. With the exception of some PCs on locked-down corporate networks (which are an entirely different scenario, and one that isn’t really relevant here), the argument that upgrading a browser is difficult, complex or inconvenient simply no longer exists.

The second reason why it’s wrong to insist on backwards compatibility is, though, even more powerful. And it was competely unforeseen by the Any Browser campaigners back in the 90s. That reason is security.

The growth of the Internet has facilitated a lot of things, many of them entirely beneficial. But it has also facilitated a lot of bad things. When I started out in the IT industry, back in the 80s, hacking into a computer generally meant having physical access to it, or at least being part of the local network it was connected to. The Internet made it possible to hack into a computer anywhere in the world without going anywhere near it. And malicious software authors rapidly created programs to do just that. Viruses, trojans and other forms of malware are an everyday part of the 21st century Internet. And so is the need to defend against them.

But defending against the efforts of malware creators means keeping up to date with the necessary defensive measures. Which in turn means keeping Internet-connected software up to date and patched against any newly discovered vulnerability.

This might not be so bad if the only thing at risk was the user’s own PC. I used to have a friend who always left his car doors unlocked, because, as he put it, “there’s nothing in the car worth stealing, and I’d rather they didn’t smash the windows to discover that”. A lot of people have the same approach to their computers.

The problem with that approach is that it isn’t just the user’s own PC which is at risk. Once malware gets onto a PC, it can become part of a botnet which in turn is used to attack other computers, maybe sending spam, or acting as part of DDoS attack, or simply spreading the infection. Most spam comes from botnets these days.

If you have unpatched older software connected to the Internet, therefore, you are not merely a danger to yourself, but to other Internet users as well. If you are using a centrally managed computer at work then it isn’t your problem, it’s your IT department’s, and they can answer to their own management if they allow company PCs to become infected. But if you are a home user, or a small business running your own equipment, then not only is it basic common sense to keep up to date with software upgrades but there’s a very strong argument that it is a moral imperative. People who refuse to upgrade are contributing to the problems of spam and malware experienced by everyone else.

As far as website operators are concerned, that means they also have a moral obligation to encourage their users to keep their software up to date. And if that means deliberately refusing to cater for the small minority using broswers several generations behind, then, overall, that is a positive move.

The best way to encourage users to keep up to date is to stick with modern web standards. That doesn’t necessarily mean using all the bleeding-edge features of HTML5 and CSS3, but it does mean writing websites that comply with HTML5 standards rather than using outdated feature sets of older implementations. And, as a bonus, using HTML5 will also make it much easier to create websites that are truly cross-browser and cross-device compatible, which is the ultimate aim of the Any Browser campaigns.

The Any Browser campaigns of the late 20th century had two fronts. History shows that they’ve won one, and lost the other. There is no point now in revisiting either of them. What matters now is ensuring that the web remains an open, interoperable platform accessible to any user and any website developer on an equal basis. That outcome is still far from assured. Let’s not waste time fighting yesterday’s battles when we still have today’s to win.