This leaves a goodly number of Windows XP machines at one of my K-12 educational Customers unable to use Google Apps effectively. I suspect many other public schools will be in the same boat.
Chrome has design eccentricities that make it interact w/ some Windows management functionality (redirected "Application Data" folders, specifically) in a very suboptimal manner (maintaining 10MB+ of files in each user's redirected AppData folder is a problem on a server hosting 3,000 users' folders). Installing Chrome on the Windows XP machines isn't a slam-dunk.
I suspect we'll just have to bite the bullet and use Chrome while, simultaneously, giving up functionality in Windows to do it.
We also have full support for global policies and pretty much any administration features you could need. I'd be happy to point you in the right direction if you have specific questions or difficulties.
We're using that installer, and Group Policy. We're redirecting the user's "User Data" folder into their roaming "Application Data". We're finding that Chrome is storing 10MB of DLL files there (gcswf32.dll being the big offender). We're also seeing the same behavior as described in this posting: http://productforums.google.com/forum/#!topic/chrome/xvd0gSJ...
Chrome installs a gcswf32.dll file into "Program Files" but it appears to be downloading a new one for each user, stashing it in their user data folder, then failing to load it properly on subsequent sessions because it's stored on a network path.
The DLL you're asking about is a component update. In this case, we used it to push an emergency Flash security update. These are stored in the user's profile because the component updater is built on top of the extensions subsystem. However, I expect the enterprise team can investigate segregating some of this from UserDataDir.
The thread you referenced should actually be resolved in Chrome 21. That said, it refers to a scenario where parts of the profile are remapped to a network share. It's important to understand that this is not a supported configuration for Windows profiles in general, and is known to break applications other than Chrome. Whereas standard roaming profiles should work fine in all applications, and are the configuration supported by Windows.
I've been down this road with other application development firms before. "Application Data" folder redirection is necessary for us because the roaming user profile grows an inordinate number of files in the AppData folder, which in turn causes logons to be _exceedingly_ slow when users logon to a computer that doesn't have a cached copy of their profile (such as computer labs where machines are frequently re-imaged, which is our pain point).
I don't know where you're getting the phrase "... this is not a supported configuration for Windows profiles in general". Unsupported by whom? Microsoft has been shipping Application Data Folder Redirection as feature of Windows Group Policy since Windows 2000. ) and not some kind of "registry hack" or unsupported (by Microsoft) tweak. I've yet to find any Microsoft developer documentation advising that this feature is "unsupported". I _have_ seen multiple applications broken by using this feature (including Microsoft applications) but I don't think that makes the feature "unsupported" by Microsoft. It seems like this feature is "unsupported" by applications because they make assumptions about how Windows behaves and don't engage systems administrators in their development process.
In the case of Chrome I _really_ want to use it in enterprise situations-- it's my favorite browser, personally. The attitude of installing into folders writable by individual users seems to pervade even the enterprise distribution of Chrome, however. I would argue that, in an enterprise environment, updates should only be applied to the computer's copy of Chrome and not into individual user folders. This creates pain and frustration for sysadmins. It sounds, to me, like the "component updater" doesn't take into account installs where there is a computer-wide copy of Chrome and needs some re-architecting.
Alternatively, we would be able to completely circumvent this problem and just leave the user's Chrome "User Data" folder in their local profile if we could use "Chrome Sync" with our SAML SSO that we use for Google Apps for Education. I haven't looked at it for 6 months, but the last time we looked Chrome Sync did not support authenticating via our SSO, so we had to scrap that idea and go with using a redirected user data folder to allow users to have their Chrome data "follow" them between computers.
Yeah. 30GB of rather expensive SAS-based storage on a SAN. After having operating levies fail and seeing state funds radically cut we're pinching every penny we can. Every little bit helps.
I'd love to use something like ZFS to handle this storage, at which point this wouldn't be an issue, but I have to work under the constraint that various teachers acting as Windows admins need to be able to manage the servers. More money would solve this problem for me.
Money aside, it's galling that the developers aren't building for the enterprise deployment case. I WANT to run Chrome _badly_ in corporate environments but it's not engineered for my use-case.
I don't know if that's directed at me for not knowing to search for an "Enterprise" version of Chrome or what.
We're using the "Enterprise" MSI-based installer. We are seeing difficulties with it. It's storing large DLL files in each user's user data folder, which we're putting on a server so that user settings will "follow" them from computer-to-computer.
While I respect the budget pressures of K-12, I'm not buying that an extra 10 MBytes/user on student-grade SAN/NAS storage is even measurable, let alone significant. Storage/Bandwidth cost curves have been remarkably consistent on their shifts over the last 20 years.
You might want to re-evaluate where you are focussing your energy on optimization.
Not exactly. It would if we redirected the user's data. Since Chrome Frame isn't a freestanding browser, though, it's really not necessary to redirect the user's data. That's likely what we're going to end up doing, once we fully test it.
If Google got SSO to our SAML server working for Chrome Sync this would be a non-issue but, apparently, we're also the only people in the world that want that functionality, too.
My wifes school district just moved everyone to Windows 7. It takes 20 minutes for her computer to start in the morning and about five minutes to shut down in the evening. The computer just barely meets the minimum specifications of Windows 7 and so the district isn't going to upgrade the hardware due to budget constraints. Given tight budgets in schools I would be surprised if Windows 7 upgrades are actually feasible for some of them when Windows XP does everything they need on the hardware they already have.
How much of that 20 minutes consists of booting Windows, and how much of it consists of running the myriad policies, scripts, and startup software that "enterprise" environments push out to all their systems and run on every boot? Not exactly a fan of Windows, and newer versions often do boot slower due to added bloat, but you can't chalk 20 minutes up to Windows alone.
It shouldn't be that bad. I've seen university machines running windows 7 with less than current hardware and a whole bunch of scripts, antivirus, etc, and they still boot and shutdown in a very reasonable amount of times. Definitely sounds like the hardware rather than the myriad of scripts to me. Shrug.
But conversely, there's nothing wrong with a computer of that spec, if you're doing web browsing, word processing and the like. It's just not being used efficiently.
And it was just yesterday when I stopped being a hardcore gamer and knowing about computer specs, and that spec wasn't half bad. Am I locked forever thinking that would be a decent computer?
I'm having the hardest time believing you said that with a straight face.
Something is very, very wrong with their environment, then. I've seen Win7 come up faster on HD netbooks with worse system specs than what you posted downthread.
I've not seen Windows 7 perform well on anything with less than about 2GB of RAM. I certainly don't doubt that district configuration has compounded what are mostly hardware issues. The point was more about what type of hardware some organizations are still using. In this case the machine handled Windows XP combined with the district configuration, slowly, but tolerably and after the upgrade has lost a significant amount of its utility.
Windows 7 makes most hardware run better then XP unless it's really old. Really old means older then 2003. For example I have a horrible 2006 Compaq laptop that runs better with Windows 7 then it did with XP. I would have someone look at her setup because it could just be a faulty disk causing the problems.
The school I worked at also upgraded to Windows 7, and it was completely fine. Things are quick and great. Remember that a school is meant to be teaching kids things that have at least some hope of relevance, so teaching children how to use XP is not exactly useful.
Google Apps has been around for a while now. Its use is no longer all that 'progressive,' at least in my mind. I've worked with plenty of companies with FoxPro databases and ball mice that are using Google Apps.
Imagine that you're in charge of a small/medium sized business , stuck on Windows XP and some old email system. You've just persuaded the managers that "The Cloud" isn't so bad, and they've migrated everything over to Google Apps.
Now Google have just given you 8 weeks notice about support for IE8. Unlike traditional software, after this date you're screwed - you can't just not upgrade, you're actually cut off from the software you were planning on using.
Now, you can probably install Chrome or Firefox. If you're lucky, that won't cause any problems elsewhere.
But what happens next time? If Google decide that they don't want to support any client on XP, or perhaps the iPhone? What do you do then?
When this starts happening over the next couple of years we'll start seeing a backlash against the current trend towards the cloud.
This isn't 8 weeks notice. It's a reminder about a policy that was announced fifteen months ago. Administrators have had plenty of time to migrate away from Google Apps or figure out how to deploy newer browsers on time.
Users of unsupported browsers aren't locked out; they just see a message telling them to upgrade, and some functionality might eventually degrade. Degraded functionality is documented at:
My understanding is that the old policy included support for IE8. This new update removes that.
This is important because IE8 is, in practice, the latest version of IE for many corporate users. It's also fully supported by Microsoft. We're not taking about Windows 2000 or IE6 here.
Sure, back then it included IE8, but the announcement specifically stated "Beginning August 1st, we’ll support the current and prior major release...", and with IE10 coming out, IE8 is no longer included in that category. When IE11 comes out you can expect Google will also drop support for IE9 and so on.
Part of the problem here is Microsoft's limit of IE9+ not running on XP. This is either a sensible technical requirement or a deliberate push away from XP, depending on your perspective.
Yea, in general, MS do not release new versions of IE for a Windows version in extended support, which for XP happened just after IE8 release in April 2009.
That's an awfully convenient excuse for shafting a very significant number of customers (or potential customers) running platforms that are far from ancient or unreasonable.
The current version of Windows is Windows 7, and as yet there seems to be no indication from Microsoft that IE10 will be supported on Win7. Does that mean if they release IE11 next year, my brand new computer that I buy tomorrow won't be able to run Google's web apps any more?
Even now, IE9 is not supported on WinXP, which was effectively the most recent acceptable version of Windows until around 3 years ago and is still within its official support period from Microsoft. More importantly, it's still in extremely widespread use.
I can't imagine a more compelling argument that Google could make to show that we shouldn't trust them or their cloud infrastructure as a reliable, future-proof service. Apparently they believe that grown-ups running professional IT departments with real support requirements should stick with centrally administered desktop software for anything critical. Not exactly the message you'd expect them to be sending if they want to encourage more customers, particularly the lucrative big business market, to migrate to their cloud services...
More recently (within the last month or so), there's been a lot of IT media interest in whether IE10 will be available on Windows 7, but recent platform previews seem to have supported Windows 8 only and Microsoft have been conspicuously quiet on the matter. Just google "IE10 Windows 7".
This isn't to say that IE10 won't support Windows 7 in the end, but right now the picture isn't looking good.
As a recovering web dev, I am absolutely thrilled to see older browsers aggressively cut off from support :)
But for the hypothetical company stuck on XP, it seems (to me) contradictory that they would migrate to the cloud but not to a modern browser/OS. Still, I'm sure there are some out there.
Tough nails, IMO. Google probably ran these numbers and feels they can afford to lose the few customers they have in this situation. That someone can come up with a sob story that MIGHT happen because of some deprecation doesn't mean there's a case for supporting old browsers.
Suffering from hypothermia?
Many are enterprise users, and this can mean a strike against Google Apps. Many of them stick with XP because it works great for their purpose and many applications only work with IE.
Like it or not, Microsoft wins a lot of points for supporting older versions for a decade plus. They might lose a few bucks on a new Windows license but make it back on reputation and other enterprise tools.
A company still using an operating system released 10 years ago probably sees little merit in migrating to hosted email, calendars, etc. They most likely have an old Exchange system that they are maintaining alongside those XP workstations. I doubt this affects many organizations.
Windows XP might have been available for a decade, but you have to consider that Vista flopped and Windows 7 only arrived around 3 years ago.
That means large numbers of organisations were still installing Windows XP as their standard desktop around 3 years ago, and possibly even more recently than that since they wouldn't necessarily have evaluated Windows 7 and set up to migrate to it from day 1.
Moreover, the days of upgrading hardware every 2-3 years are gone, at least in typical office environments that aren't really pushing the performance limits of a typical office PC any more.
In other words, for large organisations that keep relatively up-to-date, it's still entirely possible that they have a lot of WinXP machines still around today, even if their newer machines are on Windows 7 now.
It doesn't matter that they are enterprise users. Enterprises have held back the state of the art for decades. The fact that google has to drag them into the recent past and hear this much screaming is only an indication of how backwards they are.
The world is changeing and the enterprises will have to adapt.
Several of my users have business-critical websites that only work in Internet Explorer. I can set up shortcuts so that Firefox is used for some sites and IE for others, but that can get confusing.
Also, both Firefox and Chrome are extremely lacking in options for managing user settings. Things that can be set with a group policy for IE require manual scripting for Firefox.
Google isn't ending support for IE, just IE 8. If you're on XP and can't get a newer IE you can certainly use another browser. The number of people locked in IE and XP and are completely cloud based is probably very small.
I didn't mean that to sound like FUD. I work with a number of insurance companies that are on XP/IE7; with a Firefox install requiring approval from a large IT department.
I don't mean to jump the gun with the profanity here, but this is fucking ridiculous. Anyone who still uses XP but cannot install a third party browser (hint: most of the corporate world) will be 'unsupported' by Google Apps.
At risk of starting a flamewar, I'm starting to like Microsoft more and more these days. They have a 100% predictable support lifecycle and don't pull the rug out from under people with virtually no notice.
We've literally just got rid of our IE6 support a couple of months back and have IE8 as minimum spec (IE7 is irrelevant as any platform that can run it can take IE8). I doubt we'll see the end of IE8 for a few years which is not a problem for us.
And yet you can't install IE9 on Windows XP. You have to wonder why Google should go through the trouble to support users that even Microsoft won't support.
Finally, this is not an example of Google pulling "the rug out from under people with virtually no notice." This policy has been in place for over 18 months. I know some of you love to find things to hate on Google for, but this is not one of those times.
A quick Google search shows there are still some methods by which an admin can prevent users from installing Chrome. Chrome Frame on the other hand, at first glance, appears much more difficult to detect/block from an admin perspective.
In this day and age this is like sending out a memo saying people can only use Bic pens in the office and anyone bringing a Parker in will be fired.
It is, frankly, ridiculous. This is doubly true as the people who want to install these browsers are obviously more computer literate than those without it.
You talk about a corporate network as if the people who have these draconian policies are competent, in my experience the very opposite is true, the more incompetent the IT department is, the stricter the policies will be.
I love your incredibly naive and arrogant attitude. Everyone has personality flaws and that is what the policies are there to insure against i.e. people like yourself.
I used to work in the defence and health sectors in the UK and now work in the financial sector. Everything is locked down for a reason.
It's about controlling and partitioning data, not bic vs parker. The tools are entirely irrelevant.
If someone sticks a copy of SkyDrive or Dropbox on a PC (both of which do their best to work around your firewall) and uploads some financial or classified documents, then you are simply fucked. Here in the UK, it carries a £30,000 GPB fine at average in the financial sector or 25 years in prison in the defence sector.
This is serious stuff and the policies are there for a reason.
Most of these places don't even have Internet access on site other than a couple of dedicated machines in the IT department.
Enthusiasts are so detached from corporate reality.
Firstly, I meant FF and Chrome, not sharing apps. Regardless, I would understand, vaguely understand, that limitation in the DoD, well not really actually, but 99.99% of us aren't working in the DoD or health are we? 99.99% of us are working in situations where the data is highly specific and only useful in an incredibly targeted intrusion that fairly trivial social engineering could access and a much greater attack vector is being exposed in poorly written web apps exposing entire DBs to the world if only anyone could be bothered to hack your local estate agent. But they can't be bothered.
Stopping people installing Chrome's not going to change that and you're utterly delusional to think otherwise.
Pretending otherwise is pandering to the security theatre that is gripping our country at the moment. If someone wanted into your DB, they will get in. Deep down you know that. And Chrome's not going to be how they do it. No, an employee, someone, somewhere, will give them access. People are you weak point, not the systems. Couple that with massively weak internal controls usually exposing your data to everyone in your company. They might have to sleep with them, they might have to hire a prostitute or something crazy like that, but they'll get in. Sneakers style! China's recent spate of 0-day's has also proven that a determined attacker will get in.
Or maybe you'll 'lose' another laptop.
Secondly, I am a professional programmer. Not an enthusiast. Grow up with your childish name calling.
Thirdly, I have also worked for a wide variety of companies as a drone, a lot, as I temped my way through Uni. At the time in 2000-2003 I didn't realise that being able to program was special. If only I could go back and tell me I would be far richer. Almost in their entirety the IT departments have been incompetent. This was before they even thought of blocking websites. I could regale you with tales of negative gas readings due to estimated bills not resulting in credits to customers at one of the largest energy suppliers in the UK. I could tell you of being given the entire delivery DB of schedules of one of the three collection cash delivery agencies in the UK 3 months before they were hit by a series of robberies just after those deliveries and never, ever getting an interview by the police.
Fourth, I have been in contact with hundreds of client IT departments the majority of which couldn't tell their ass from their elbow IT-wise, who didn't know that their servers had become zombies mailers or that something as simple as installing SQL server on a DC was a big no-no. One company I worked had the bright idea of making their programmers first-line support. Eye-opening.
Fifth, I have met hundreds of programmers in my time, there are only about 5 I would actually trust to program my toaster, let alone my heart monitor. Most programmers will only have a vague clue who Linus Torvals is. And the sysadmins I've met are often people not good enough to become programmers. Those rare other kind are like finding a diamond! I was chatting to a programmer friend I occasionally go for a pint and a curry with yesterday who works for a 100 person IT department in the NHS and no-one there knows what Github is. Or who Scott Hansleman or Scott Gu were, even though they work entirely in .Net, mainly with web apps.
There are a lot of people in IT at the moment who just do not belong here. We're still in the crazy "quack" phrase of our profession where it's hard to tell someone good from someone espousing nonsense.
In here, in HN, there's a solace, so many people actually know what they're talking about. It was refreshing when I first found it 4 years ago, and sometimes I forget.
Don't forget. Never forget that at the moment most IT people suck. If there's someone detached from reality, it's you.
tl;dr Letting your users install Chrome or FF is froody. You're talking to a battle hardened veteran, n00b.
My conclusions are unchanged. Some replies to confirm my position on the matter:
1. People are the weak point. Yes. Anticipating their actions and protecting against them is the task at hand. This is not security theatre - it's simply sensible considering human nature. People will not get at our production database if they try (we get regular attempts but our properly designed tiered security architecture and mandatory access control system prevent it every time and will as we adapt and re-evaluate regularly).
2. Losing laptops. Not a problem. We've lost a couple. We plan for that. They are fully encrypted TPM equipped laptops and there is no data on them anyway as our methods from (1) are applied. If someone got one, cracked the encryption or decapped the TPM chip and got in, they'd get nothing of value. We actually paid a rather well known ex-black hat a lot of money to steal one from one of our staff and try and get in and they couldn't.
3. I'm a professional programmer (red brick MEng, EE for 6 years embedded and VLSI, 15 years programming and architecure). So are my colleagues. We don't employ run of the mill guys. We start at the high end and have qualification requirements that would scare the shit out of a Google candidate. We don't employ the sort of people who can't tell arse from elbow. We know they exist but the agents don't dare send us their CVs. We're not interested in rock stars or ninjas or any of that crap - just people who know what they are doing.
4. I've worked for asshats too. In the corporate world, these aren't actually that common these days. I deal with a lot of large corporate financial customers for our product (FTSE100 types) and they know what they are doing.
5. I worked for the NHS for 3 years. No-one in the NHS needs to know what or who the hell Github or Hanselman or Gu are. It has precisely no bearing on the NHS. Does celebrity tech culture really matter there? No. That just undermines your entire argument.
6. As for quackery: it's easy to separate wheat from chaff, unless you are chaff.
There are very few people on HN who live in the "real world" i.e. outside startup culture. There is a consensus of opinion, but it's not all right. In fact a lot of it is plain wrong and driven purely by irrational worship rather than realistic well-thought-out and tested arguments (37signals, Elon Musk, JGC, Atwood, Spolsky to name a few)
As for the froodyness of FF or Chrome, froodyness is IE and Group Policy for the foreseeable future (not Chrome's piss poor implementation and unpredictable support lifecycle).
The fact you mention n00b implies that you still suffer from a childish mentality as well, therefore backing up my points again.
As for the time here - I've lurked in HN through many fads, phases etc for about 4 years. I decided recently to exercise my opinion a bit as there are some seriously bad ideas being promoted and I do not want the next generation of people to be terribly influenced by them.
Some people who have these policies are just lazy and incompetent.
But some of us work hard to ensure that we can support all the software our company needs, and this means limiting access to other software that might break things.
In this day and age this is like sending out a memo saying people can only use Bic pens in the office and anyone bringing a Parker in will be fired.
Well, no, for a few reasons.
Firstly, bringing in a different pen doesn't cause someone in IT to spend half a day finding you a Bic when your fancy Parker runs out of ink. However, since IT are usually responsible for keeping everyone's systems running properly, if you install unsupported software and something breaks, you probably will be wasting some unfortunate IT guy's time cleaning up your mess.
Secondly, it doesn't cost $100,000 of downtime while everyone in the department has their pens collected and destroyed and new pens issued just because your ink spilled. On the other hand, if you install software that actively circumvents the usual security measures (like Chrome, for example) and wind up with malware as a result, it's entirely possible that your machine and any other machines close enough to it to be infected will need to be nuked and reinstalled from scratch.
Finally, it doesn't cost millions in fines for breaches of regulatory compliance and/or put the executives responsible for your organisation personally on the hook if you bring in the wrong kind of pen. If you install something unsupported and wind up tripping someone's data leakage protection in an organisation that deals with things like healthcare, financial records, or military/law enforcement/security matters, an administrative nightmare the likes of which you have probably never seen is likely to descend on you and everyone around you.
And if you were half as computer literate as you seem to think you are, that would all have been blindingly obvious to you. Since it apparently wasn't, you might like to consider that you are exactly the reason that the IT departments responsible for keeping organisations' systems running tend to have these "draconian" rules.
to be fair, this would only really be an issue for companies that use google apps /and/ XP. Therefore, it would behove the company to do what @MatthewPhillips was suggesting.
And if this is Google's attitude to supporting organisations who adopt their cloud services, most of the corporate world is going to continue using Office and Outlook. I don't see how this is anything but a huge own goal for Google.
Presumably converting them them to cloud services would be a financial win, and it would also lend more credibility to those services when marketing them to other types of organisation.
If you've ever been a system administrator for any length of time, the volume of random (non approved) stuff that endusers manage to install on their machines is frankly staggering.
No. If you can't install the apps you need to do your work, then the system admin needs to be replaced. If you can't figure out what software is safe to install, you need to be replaced.
For the majority of the world it's actually: If you won't use the tools which were prescribed in your contract, there are plenty of people who are willing to replace you.
You can't stop supporting IE8, but Google can? Everyone would like to not support IE8, but most people still find it benificial to do so. I can't help but think of this as a political move against Microsoft.
I'm jealous that google can so easily drop support for old IE.
Meanwhile I had to go on-site to troubleshoot an issue in a pre-sp2 IE6 environment just last week. They didn't install security updates because "they break some of our in-house apps". For security reasons the system was isolated from the internet, hence the on-site debugging. The bug they had was fixed in sp2, which is why it didn't appear in our test environment. They did have an upgrade planned ... to IE8. So, yes, jealous is the sentiment for me.
On the other hand, I've not come across anything that's in modern browsers that I couldn't get to work on IE6, with appropriate (sometimes flash-based) fallbacks. It just requires more work.
I sure hope so but i'm not entirely convinced that this effort wasn't at least partially driven by developers without all the facts behind the business side of the equation (which seems to have been overlooked or ignored for whatever reason, unless their IE8 usage statistics are much lower than elsewhere), I doubt it, IE8 is still important enough to worry about for most things, especially when your selling productivity related tools to businesses who are less likely to have upgraded beyond IE8 (statistically speaking).
I like the idea of putting product before business, but I can't see Google being the kind of company to do that intentionally.
I would really like to know more about their internal reasoning that led to this decision.
I'm finding it a little worry recently with the number of companies all focused upon making Microsofts latest version of windows overly appealing via indirect means.
What with intel and AMD both releasing chipsets that will only support windows 8 and now a direct blow to winXP users then the preasure for not overly IT aware users to upgrade to windows 8 becomes more and more a forced upgrade down the line.
Yes there are alternatives but for many users then they will be very limited in those options and with new hardware limiting there choices even further they will be of the mindset of having no alternative choice. What with microsoft pushing out windows 8 in a vain to avoid the backlash they got from Vista (still prefer that over 7 personaly) becasue they never adopted it internaly when they expected others too.
But I'm wondering how many of these limited choice impacts (IE versions, new hardware chipsets) are induced via microsofts influence.
That said I can appreciete how versions of IE have there quirks and changes making catering for various versions a utter nightmare, but when users of XP have little choice then to upgrade there OS or install a non microsoft browser then for many users they will end up replacing there entire computer instead of installing chrome, and thats becasue they don't fully know what there doing. Anybody reading here will be a install chrome or firefox brigade but not all users are at our level, some don't even understand binary and it is those that will feel the presure.
Once you drop IE8, from an app dev perspective, you're in "modern browser" territory across the board.
It's amazing how limiting IE6-8 have been, and continue to be, to the growth of apps on the web.
That said, we're building a brand new app and even we support IE6-8! We just do it with a completely separate, basic UI, that we also use for accessibility requirements.
Hats off to Google for pulling it off. Windows XP and IE6/7/8/9 must die.
Though the way Chrome or latest Firefox automatically update themselves may cause IT support staff lots of sleepless nights. The old-school two/three year updating cycle in Windows sysadmin may face unprecedented challenges. I envision the devops sysadmin style and chef-like configuration management and automated environment testing may come to rescue in the Microsoft shops in the near future.
It won't matter (as much) for Firefox, as Mozilla have an 'extended support' version for Enterprises. It used to be 3.6, but recently it moved to 10. As the 'enterprise' version uses a different update stream, the only updates will be security updates. They stick with the major version for a year, and provide a twelve-week 'migration' window where both ESRs are supported [0]
That said, if you're using Google Apps, you're probably not so averse to installing Chrome for your users.