Slashdot Log In
A Few Firefox 3 Followups
Posted by
timothy
on Wed Jun 18, 2008 04:58 PM
from the that's-f3-buddy dept.
from the that's-f3-buddy dept.
An anonymous reader writes "Using data generated by the Mozilla Firefox download pledge page, the map on this blog post ranks countries, not by absolute number of pledges made, but rather on a per capita basis. This analysis yields some interesting conclusions about where open source is strongest and weakest."
Anonymous Warthog writes "That didn't take long. In a blog posting from the TippingPoint DVLabs security team (of Kraken and CanSecWest hacking contest fame), they confirmed that they reported a vulnerability in Firefox 3.0 to Mozilla a mere five hours after it was released. Additionally, there was a posting on the Full Disclosure security mailing list from someone that purports to have another vulnerability in the works as well. In the grand scheme of things, this probably means nothing to the general security of Firefox, but you can be sure the browser zealots on all sides will be watching carefully."
Finally, from reader Toreo asesino: "Microsoft have congratulated the Mozilla team by sending them their second cake (minus recipe) to Mozilla's Mountain View headquarters to congratulate them on shipping FireFox 3, which went live right on time last night." Congratulations are indeed due on both the browser and the release process — looks like the Firefox fever (despite some seriously taxed servers) resulted in more than 8 million downloads in 24 hours.
Related Stories
[+]
IT: Last Year's CanSecWest Winner Repeats on Vista, Ubuntu Wins 337 comments
DimitryGH followed up on the earlier news that the MacBook Air lost CanSecWest by noting that "Last year's winner of the CanSecWest hacking contest has won the Vista laptop in this year's competition. According to the sponsor TippingPoint's blog, Shane Macaulay used a new 0day exploit against Adobe Flash in order to secure his win. At the end of the day, the only laptop (of OS X, Vista, and Ubuntu) that remained unharmed was the one running Ubuntu. How's that for fueling religious platform wars?"
[+]
IT: Kraken Infiltration Revives "Friendly Worm" Debate 240 comments
Anonymous Stallion writes "Two security researchers from TippingPoint (sponsor of the recent CanSecWest hacking contest) were able to infiltrate the Kraken botnet, which surpasses its predecessors in size. The researchers have published a pair of blog entries: Owning Kraken Zombies and Kraken Botnet Infiltration. They dissect the botnet and go so far as to suggest that they could cleanse it by sending an update to infected hosts. However, they stopped short of doing so. This raises the old moral dilemma about a hypothetical 'friendly worm' that issues software fixes (except that the researchers' vector is a server that can be turned off, not an autonomous worm that can't be recalled once released). What do you think — is it better to allow the botnet to continue unabated, or perhaps to risk crashing a computer controlling a heart monitor somewhere?"
[+]
Let Older Add-Ons Work With Firefox 3.0 164 comments
mask.of.sanity informs us of a hack that allows old add-ons to work with Firefox 3.0. Short form: in about:config, create a new boolean and set extensions.checkCompatibility to false. "The fix, which requires a little boolean creativity, great for anyone not afraid of taking risks. The idea is to stop Firefox checking its version history, allowing defunct extensions to work... [Those who do] get the fix working will have to remove the code from the prefs.js file once the stable Firefox comes out, but will enjoy their [favorite extensions] in the meantime."
[+]
Firefox Goes for World Download Record 344 comments
Kelson writes "For the upcoming release of Firefox, Mozilla is preparing Download Day 2008: a campaign to set a world record for the most software downloaded in 24 hours. Participants are asked to pledge to download Firefox 3 on the day that it's launched. The exact date hasn't been scheduled yet, but everything seems on track for June."
[+]
Firefox Appears Ready to Crack 20% Share Next Month 295 comments
CWmike writes "Mozilla's Firefox browser is on pace to hit the 20% market-share mark next month. Net Applications marketing VP Vince Vizzaccaro didn't pin all of Firefox's increase on a change last month to its update dialog; he did note the new approach. 'Mozilla has implemented a change in Firefox 3.0 [Release Candidate 1] where the installation now has a checkbox that defaults to making Firefox your default browser,' he explained. He refused to ding Mozilla for the practice. 'The option is clearly displayed and labeled, unlike Safari, which misleadingly labeled the Safari install as an "update" [but has] since correctly changed to an 'install.' However, this practice is a break from the traditional practice browsers employed of defaulting this option to off.'"
[+]
Firefox Download Day To Start At 1 p.m. EST 1080 comments
boustrophedon writes "Starting at midnight in their local timezones, downloaders have been asking when Firefox 3 will be ready for Firefox Download Day, June 17, 2008. Mary announced on the Spread Firefox Forum that downloads will commence at 10 AM PST." That means 1 p.m. East Coast time, and, in Justin Mason's view, some pretty annoying times of day for many parts of the world.
Reader CorinneI supplies a link to PC Magazine's (very positive) overview of the new version's features, which praises the "speedy performance, thrifty memory usage, and, in particular, the address bar that now predicts where you want to go when you start typing (what Mozilla insiders refer to as the Awesome Bar)." FF3, even in Beta and RC form, and even with the extension incompatibilities I've run into, has quickly replaced FF2 as my preferred browser — for me, the improved drop-down autocomplete behavior alone is enough to justify the switch.
[+]
Mozilla Outage On Firefox 3 Record Launch Day 427 comments
Kolargol00 writes "An outage affected the Mozilla.com website on the day the organisation launched its Guinness World Record attempt for downloads of the new Firefox 3 browser. The mozilla.com site was unreachable from around the world, occasionally responding with the message, 'Http/1.1 Service Unavailable.'" Since they decided to run their day from 1pm to 1pm Eastern time, the download day is actually still going, so you can still get Firefox and be part of the record.
[+]
Firefox 3.0.1 Fixes 'Carpet Bombing' Issue 168 comments
An anonymous reader writes "Firefox 3.0.1 was released today. It fixes 3 security vulnerabilities, including a critical issue reported by Billy Rios, Ben Turner, and Dan Veditz. The issue could be combined with an issue in Apple's Safari browser to read data from the user's disk or to execute arbitrary code. This issue was previously discussed on Slashdot.
The release also fixes a remote code execution bug involving the CSS reference counter, reported by the Zero-Day Initiative (previously discussed on Slashdot here), as well as a Mac-only potential code execution bug involving GIF image rendering, reported by Drew Yao of Apple Product Security."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Is it finally safe to download? (Score:5, Interesting)
That said, the map of countries is pretty cool. Ignoring the island micro-nations (the Falkland Islands won with 2% of 3000 people pledging to download), it's interesting to see how high Firefox penetration is in Eastern Europe. I wonder if that's a function of very connected economies without a lot of love for Microsoft and a strong desire for free software?
Oh, and good luck to the Firefox team trying to save the "E" logo from this year's cake! That thing is HUGE!
Re:Is it finally safe to download? (Score:5, Funny)
I wouldn't be surprised if it's both directly and indirectly fueled by the far superior native language support included in Moz.
Way back when Mozilla was still early milestones, I directed a Russia exchange student to try it, when IE wouldn't allow the proper entry of Russian characters for a URL.
No doubt he went back home, spread the word about Mozilla, and is single-handedly responsible for the popularity of Firefox across Eastern Europe... *cough*
Parent
Self-centered, even in kindness (Score:5, Insightful)
Really, if you didn't have the story behind the photo, you'd think that the IE Team was congratulating itself for shipping IE.
Memo to MS: When you give someone a cake, it only makes sense to put the RECIPIENT's name on the cake. I mean, you're recognizing the shipping of Firefox. Why didn't you put a Firefox logo on the cake? That's the object of the celebration.
Parent
Re:MS Cakes (Score:5, Funny)
Nah. Classic Microsoft.
They set DefaultLogo OnCake to "Blue-E".
Parent
Re:Self-centered, even in kindness (Score:5, Funny)
Parent
Re:Self-centered, even in kindness (Score:5, Funny)
Parent
Re:Self-centered, even in kindness (Score:5, Funny)
Why didn't you put a Firefox logo on the cake? That's the object of the celebration.
Somebody's even more humorless than Microsoft...
Is this the time to mention that the cake was a lie?
Parent
Re:Self-centered, even in kindness (Score:4, Funny)
You can't have your cake and eat it too.
Hence the IE logo. Its IE's cake but Mozilla is surely eating it.
Parent
Download safe, but useless (Score:5, Interesting)
A non-trivial portion of the commercial and research Linux user base has to stick with EL4 or a source rebuild from CentOS, Scientific Linux or whatever because of third party tool support requirements. And not everybody wants to upgrade their OS just because a new browser is out.
FF3 requires a pretty new library (libpangocairo 1.0). I spent an hour trying to come up with it this afternoon for my 100+ users. No luck so far.
The firefox team really let us down big time. We've been anxiously awaiting this release because it's supposed to solve the memory bloat problems (several of us here have to restart the browser several times a week because it's consumed insane amounts of RAM).
Parent
Re:Download safe, but useless (Score:5, Interesting)
An upgrade cycle is a major effort in an environment like ours, requiring testing with dozens of EDA tools and a variety of desktop apps. An upgrade that breaks a vendor tool or even access to critical docs, or that requires us to rebuild tools, modify user configs, etc, impacts schedules in a negative way, which means major headaches for everyone. 150+ desktops, 150+ compute farm systems. And don't even get me started on fixes that require users to restart X or reboot. High powered engineers working 80 hour weeks, some running things that require hours to set up? You have no clue what you're talking about when you blithely suggest upgrading.
And switching is not an option. Our app vendors support their apps on very few OSes. Typically one or two versions of EL and one or two SUSe. That's it. Ubuntu and Fedora aren't even in the picture.
When we upgraded most of the company from EL3 to EL4, we lost about a week. That's extremely expensive.
Parent
Re:Download safe, but useless (Score:5, Insightful)
It's your vendor's job to live in the past with you. That's what you pay them for.
Parent
Re:Download safe, but useless (Score:4, Informative)
That's the distro mainteaners' job.
And I'm sure one will be available in a few weeks if enough people want it.
In the mean time, Pango/Cairo is the font layout and rendering engine that makes the new Firefox look better, and the rest of us want that, so you'll have to pry it out of our cold, dead hands...
Parent
Re:Download safe, but useless (Score:5, Insightful)
Wow, I'm sure glad that Linux users avoid all that "DLL Hell" I keep hearing about on Windows.
Yeah, yeah, mod me down...
Parent
Re:Download safe, but useless (Score:5, Informative)
Meanwhile, here are some unbiased results from Ars Technica, showing the memory usage of firefox 3 in comparison with other browsers, with 50 tabs open.
http://arstechnica.com/news.ars/post/20080317-firefox-3-goes-on-a-diet-eats-less-memory-than-ie-and-opera.html [arstechnica.com]
If you want lower memory usage than what firefox 3 can give you
Parent
Re:Is it finally safe to download? (Score:5, Interesting)
A better gauge of Firefox's penetration would be to look at actual downloads [spreadfirefox.com] against number of internet users [cia.gov] in a given country.
Parent
Re:Is it finally safe to download? (Score:5, Funny)
Parent
Re:8 million, all set to exploit (Score:5, Insightful)
Parent
Hey timothy: (Score:5, Interesting)
Re:Hey timothy: (Score:5, Informative)
Perhaps it'll return one day -- or not.
timothy
Parent
Well done Mozilla People (Score:5, Interesting)
And at the end there was cake too!
No recipe... (Score:5, Funny)
Well of course there was no recipe-- that cake was a proprietary, closed-source dessert.
Re:No recipe... (Score:5, Funny)
Well of course there was no recipe-- that cake was a proprietary, closed-source dessert.
Parent
Re:No recipe... (Score:4, Funny)
Well of course there was no recipe-- that cake was a proprietary, closed-source dessert.
Yes, thank you for explaining the joke to us, it was way too difficult to understand.
Parent
All your Cake... (Score:5, Funny)
Opera 9.50 is Also Out (Score:4, Informative)
Just wanted to shed some light on a lesser known, but in my opinion, very good browser.
Awesomebar? (Score:4, Insightful)
But I installed the Beta on my son's machine, and was shocked at the 'awesomebar'. What a monumentally bad idea, implemented in the most annoying of fashion! It is seriously the one factor keeping me from switching.
Evidently there used to be configuration options to turn it off in the about:config window, but those have been removed, in a nearly microsoftian attempt to force users into behaving how the designers wish. There is an ad-in I found that reduces the awesomebar so that it looks similar to the Firefox 2.0 version, but it still searches 'intelligently', i.e. unpredictably and unintuitively.. Is there any fix for this due out?
The other thing holding me back is firebug... does that have a 3.0 enabled version out yet?
Re:Awesomebar? (Score:5, Interesting)
Parent
Re:Awesomebar? (Score:5, Insightful)
To those who don't like it, please explain this to me: What could you do with the old address bar that you can't do now? Honestly, I don't get it.
Parent
Told You So! (Score:4, Insightful)
First.. (Score:4, Funny)
First they ignore you.
Then they laugh at you.
Then they fight you.
Then they send you a cake.
Then you pay your ISP for 8 million downloads.
Then you profit???
What are we doing again?
Re:If it ain't broke don't fix it. (Score:4, Informative)
Parent
Re:If it ain't broke don't fix it. (Score:5, Interesting)
This browser is much more responsive than FF2. My performance in Gmail is much improved. The memory leak was not fixed, but it was finally addressed it seems. The memory usage still creeps up very high, but it takes much longer to reach the point of a performance hit than before. The memory leak was/is my biggest issue with FF and as far as I can tell with FF3, it may be only a minor annoyance... which I am happy to have when compared to the numerous Force Quits needed per day with FF2.
Parent
Re:CPU hogging bug not fixed: Top 20 excuses (Score:5, Informative)
Now normally I would request that you either give us links to actual bugs that are outstanding. But I'm not going to do that, because I know you can't be objective when discussing this issue.
How do I know this? Because the bug marked "invalid" appears to be submitted by you. Thus I suspect that your vitriol for the Firefox/Mozilla people is a personal response to feeling scorned or something, and I'm not going to waste my time arguing with someone who argues because they had their feelings hurt and therefore holds an irrational grudge about something.
Parent
Re:CPU hogging bug not fixed: Top 20 excuses (Score:5, Insightful)
And I haven't seen FF crash. Never. On any of those machines. Apart from your little report, and the link (which conveniently points to another posting by you(!)), I haven't heard of people complaining about it either.
The way you repeat the same accusations (at least) four times in the space of two screens, and offer no proof at all beyond that link to your own message, suggests very strongly that you have an agenda. Your bug report 222660 (yes, I read your text!) doesn't contain any "easily reproducable steps", it actually reads
Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Do you call that a bugreport? No wonder it gets marked as invalid. Similarly, your list of articles fails to convince: some pointers to decreasing the cache size is not proof of a usability-destroying bug in the application.
Also, next time just say "...when I'm browsing porn". We all know what you mean with "performing research" anyway...
Parent
Re:CPU hogging bug not fixed: Top 20 excuses (Score:4, Informative)
In fact, I've never gotten a CPU spike. None of the friends I have that use FF got a CPU spike, ever.
So, I hope you can see the problem here. Many people use FF and never experience what you're talking about. In fact, every time I read it, I think it's just trolls bullshitting. I hope someone can post a video of a computer with FF3 suffering from that bug so we can have proof that the bug exists. I don't think it's a real bug.
But let's say it is real. This bug, since it occurs in corner cases, is going to be hard to fix. It will be hard to find. It probably has to do with multi-threaded code and data sharing between threads, or it has to do with garbage collector. Either way, it's not easy.
Let's talk about other browsers now. I won't bother with IE. Let's take Opera. I use Opera Mini 4 all the time. That piece of shit has bugs and breaks all the time for me. The only reason I use it is because it's better than the built-in browser, which works better than Opera, but gives me a bookmark list that's controlled by my phone carrier, which I don't want. So because I want to control my own bookmarks, I have to use Opera on my blackberry. Clearly Opera is no angel. I am a very unsatisfied Opera user. And how hard is it to fix a bug in an app that's only 130kb long? EH?? Should be cake, right? Opera Mini does crappy rendering on many pages and the most annoying thing is that sometimes it loses my feeds or breaks them so that I have to reinstall them. And there are usability issues, such as when I want to search Google, I have to click way too many times for comfort (why can't I use the enter key, once? Why do I have to click to start typing, then type, then click to open a menu and select "OK", then scroll down to search button and again click on it... why ????? WTF OPERA??).
I think Mozilla does a fine, fine job. That they can't please a certain vocal minority is understandable. And the constant "angel" example of Opera is pure bullshit.
Parent
Re:OSS Incompetence (Score:5, Funny)
Hey! Guess what, Einstein! It's FREE! So if you've tried Open Source and don't like it, then it's really no great loss to you, is it?
I mean you show up at their website when all kinds of news outlets are running stories about firefox download day and the website doesn't even say that download day starts at 1 EST. What kind of amature shit is that?
Yes, they underestimated demand and probably have a little egg on their faces. But Firefox WORKS! And it's FREE! So what's your problem?
Oh, and it's spelt "amateur".
Then you finally download it and it's full of security holes. What the fuck?
No, it has A security hole. It will be fixed. Someone will find more holes. They will be fixed. So don't use it. Whatever the hell works for you.
I put more effort in to jacking off than these clowns put in to their "Record Download Day". What an embarassment.
Perhaps this explains your short-sightedness and/or blinkered vision. And your obvious frustration. Maybe keep it in your trousers for one day, see if you feel better then, eh?
Parent
Re:Why is this considered a world record? (Score:5, Informative)
As in, it's supposedly unique people choosing to download the setup package, and presumably running setup thereafter - not some automated installation.
Parent
Re:Why is this considered a world record? (Score:5, Insightful)
Parent
Re:Foolish idea: Millions of downloads on the 1st (Score:4, Insightful)
Parent
Re:Foolish idea: Millions of downloads on the 1st (Score:5, Funny)
"June 17, 2028. Firefox 2.9.948 released. Soon we'll go to 3.0 RC1!"
And why am I suddenly reminded of WINE?
Parent
Re:Foolish idea: Millions of downloads on the 1st (Score:4, Insightful)
Parent
Re:Foolish idea: Millions of downloads on the 1st (Score:4, Funny)
Maybe they want to try to beat the download record again, when all those people come looking for the patches.
Parent
Re:CPU and memory hogging bugs still there? (Score:5, Insightful)
Parent
Re:CPU and memory hogging bugs still there? (Score:5, Insightful)
Let's see, Firefox:
- Can render many different doctypes: HTML 4.01 traditional, HTML 4.01 Strict, XHTML 1.0 Strict, XHTML 1.1, RSS, etc, etc, etc
- Includes a Javascript interpreter
- Has its own platform-independent GUI drawing code, and those widgets are designed to match the native widgets on each platform
- Supports UTF-8 and many, many other character encodings.
- Stores bookmark and preference data in a RDBMS (not a very capable one, admittedly, but still)
- Has a plugin framework
- Runs on virtually every OS that is still in use
- Is very friendly to web developers (e.g., supports neat stuff like Firebug)
- And a zillion other features [mozilla.com].
This is a serious piece of work, under active development. The fact that they were able to add more features, plus stability, plus better memory management, plus better security handling (like seriously addressing XSS), PLUS address many of those only-a-problem-for-technical-twits issues that are out there says to me that the Firefox development team really has their shit together. This is an application that I have open all day, every day, and for me, it works great.(of course, I'm currently posting using Safari, so YMMV)
Parent
Re:Firefox is the most unstable prog in common use (Score:4, Insightful)
Parent
Re:Firefox is the most unstable prog in common use (Score:5, Funny)
Parent
Wow, that's a strange map (Score:5, Funny)
Strangely, it also looks exactly like the letters "Error establishing a database connection".
Parent
Re:Instructions Please!!! (Score:5, Informative)
1. First you should check your OS repositories to ensure you cannot install this program via that method. Search for: blah
2. If the program is not available in your distro's repositories (or you desire a newer version)
a. Download the following tar.gz file to your HDD
b. Move the downloaded file to the location you wish to install it
c. Open a command window and type:
blah -xyz filname.....
3. To launch the program type "blah"
About your 2nd question though. I would go ahead and select "Bookmarks" -> "Bookmark all tabs" and save them in 1 folder. Then if it works and your session is still there you just need to delete that folder. Else, just go to your bookmarks and right click on the folder you created and select "Open all in tabs".
Parent
Anyone doing research keeps tabs open. (Score:5, Informative)
Anyone doing research that cannot be finished immediately needs to keep tabs open.
Parent
Err, technical solution? (was:Still Slow) (Score:4, Insightful)
Parent