Comment by abanana

Just thinking more about how we're told it's "insecure". It's unfortunate that so many tech people are so gullible when it comes to the industry's marketing around this.

Many of us know a huge proportion of news stories come from PR firms that just want to sell us something (it comes up on HN every now and then). In the mid-2000s or so, Microsoft had a particular problem selling Office - there was no reason to upgrade to the current version, because the older one already did everything you wanted. Until that time, established practice was to buy new software only if you wanted its new features; the vendor had to give you a good reason to pay for it. To some of us, the PR that immediately followed the stories of struggles to sell their newer versions - PR that suddenly exploded everywhere - was obvious and transparent. "You must upgrade because old software is insecure!" But it grew into the monster we have today. Some people literally panic if they discover an older piece of software.

Think of young people growing up with that being blasted at them constantly. It must have contributed to the has-to-be-new-and-shiny mindset of Javascript developers, where they're terrified to touch anything that hasn't been updated for a few months.

That long, sustained, and paradigm-shifting PR campaign has been a huge win for many software vendors, and for Microsoft in particular. (Of course, after that, and after a few failed attempts, they managed to get the subscription-based model to work for Office, which in that particular case, bypasses the mess left by their earlier selling strategy anyway.)