Colorado OIT: Firefox Insecure

... or, Michael W. Locatis, State Chief Information Officer, is an idiot.

The OIT has set up a work skills website. The OIC declares that one must use Internet Explorer (version 6+) with this site and specifically warns against using Firefox, as it is insecure.

Okay ...

Aside from the obvious, this is interesting considering the following:

Appropriated from Slashdot, but I tried it out myself using IE 7 and Firefox, both showing the same problem. When you attempt to leave feedback, you get this ...



Now isn't that fun. As one Slashdotter commented, it gives up the username of the machine it's being run on without so much as a "how do you do." We got some Visual Studio stuff going on here, and even it *doesn't work*.

But Firefox is the problem ...

Oh, and the site itself is just horrendous and dump. It has a bunch of tables, a snippet of javascript, and that's it.

The portion of the site with the feedback form: http://www.coworkforce.com/Skills/myskills.aspx

All I see is Runtime Error. Server Error in '/SKILLS' Application.

Using Firefox though. My bad.

So many have hall of mirrors navigation and wantonly break federal accessibility laws. Built in WinIE monocultures with a dim awareness of the Konq and Safari barbarians beyond the mist.

And they're actually a dang sight better today than they've ever been, which is a toe-clenching horror.

Those few snippets of javascript on the CO page call another whopping 160K of javascript files, the bulk of it devoted to client side form validation and ajax calls, neither of which a gummint page has any business doing. 160K of bandwidth and server grind to process the hoariest of web technologies, form submission.

I moved back to Texas after 20 years out of state and abroad, and around September I got the heebie-jeebies about my voter registration status. My presidential vote as usual wouldn't matter for spit, but for this one election I wanted to be damn sure my vote was counted. So I visited the Texas registrar... and found their voter website kept office hours. Please visit M-F, 9-5. They actually PAID somebody to decouple it from the database and switch to the "come again" message (and I'd hardly be surprised if it wasn't done manually, on the way out the door) instead of just letting it run through the night.

We who concern ourselves with tech-related things are sometimes prone to overlook the fact that IT decisions in a government setting are often less about the technology and what's good or appropriate than what butters someone's bread. The decisions often boil down to politics, in other words.

I see this a lot in my current job. I've complained on this forum a couple times about the head of IT here. He got that job by politicking his way into it. He's a professor in a totally unrelated field, and he wanted a bigger paycheck and some status. He pulled some strings, called in some favors, etc., and voila', he's the head of IT.

A situation my mother dealt with working for the state of Oklahoma was the worst I have witnessed personally. Back in the day, some genius at the state level decided to start using OS/2 on some database servers while the machines on which work was done inputting data into the databases ran Windows 3.11 for Workgroups. (This was mid-90s, IIRC.)

Hilarity ensued.

Of course, it wasn't hilarious for people like my mother who did the work of putting all that information into these forms, after which she'd submit them to the state level servers, only to come to work the next day and discover the data had been lost and needed to be reentered. This went on for months, and very little actual work got done, people's applications for rehab assistance were delayed, etc. Complete nightmare.

Turned out in the end that two competing individuals or groups of individuals at state were being lobbied by two different companies, and the "compromise" was to use both without bothering with the details of interoperability.

I'll hoist a beer in commiseration, I've been there too. I once worked for the gov't, the DOD. Unix system administrator. Well, I was, until they pitched my network with a data connection to Washington via satellite uplink for standalone boxes and sneakernet disk exchange. The Unix server was replaced by myriad DOS licenses and the Informix database dumped for a copy of dBase on every box. Data now came from a mainframe in Korea by way of 33 baud modem across the Sea of Japan.

Of course, the new system never worked reliably. And of course, it was way more expensive. Suddenly, my workdays extended into nights and the small hours of the morning, spent fixing any of a million points of failure.

I resurrected and maintained a small version of the old Unix network on a castoff PC and two terminals I pulled out of storage -- it helped immeasurably as a reference for data reliability and for data restoration. But, a couple of visiting poobahs noticed and were aghast, it somehow polluted the shininess of their EXCITING NEW SYSTEM. So, I was made to disassemble the hardware immediately and send it off for military auction, lest I deign to do it again after they left. I packed it off and put in my notice.

Somewhere, a lobbyist got to buy that Beemer from the catalog he'd been fapping to. A congressman and general enjoyed resume-enhancing blurbs in InformationWeek about their "streamlining", "standardizing", and "cutting waste." And productivity went to below the basement in their fiefdoms, but who's gonna notice that? Not InformationWeek.

In the popular imagination, gov't moves glacially by decision by committee through a thicket of bureaucratic inertia. What people don't know is that it can also can do a 180 into a brick wall as quickly as if the order came from Donald Trump.

Here's another:

The DoD does not allow any browser to be used on their networks but IE. IE 6 in some shops. Something about security.

And don't even think of speaking the "L" word. Except for a few high-performance clusters, used in modeling work, it is verboten. Seems they feel that the Open Source model is insecure. They won't even look at Nagios.

Such is the quality of the boneheads who make the decisions on how your tax dollars are spent.

...then taxpayers' money would NOT go to a big corporation owned by the richest man on Earth.

And we couldn't have THAT. It would be Communism!

And Firefox insecure? I don't believe that; and using noscript and adblock help to increase its security. (it's up to the user to let the site through.)