Firefox 1.0.1 Released

homeobocks writes "Firefox 1.0.1 has been officially released by the Mozilla Foundation, with some important security fixes. An announcement and release notes are available." Presumably this fixes the window injection vulnerabilities.

On this subject

[NoGuffCheck]

Have they released any info on new signups as a result of the Firefox 1.0 NY Times Advert?

How do I automatically kill history in Firefox?

[Anonymous Coward]

Let's say someone is finished browsing pr0n for the night and wants to clear the cache, history and cookies automatically on browser exit. Is this possible with Firefox via a setting or script?

Check Updates...

[adam31]

How come it doesn't work in the Options->Advanced->Check for Updates tab?

It says no updates available... Do I need to actually update from the site?

Re:It'd be nice if XSLT+XML = HTML kept info on pr

[Lord Bitman]

I submitted a feature request / bug report regarding the lack of a true "back" button which actually keeps a true page history instead of just a list of URLs (ideally the server would have no idea you hit "back" and would recieve no request at all).
It turns out problems like this are actually put there on purpose because banking sites have threatened to block Firefox if it doesnt do this.

As for why there's no about:config option, that's for Jesus to figure out.

Re:seems like only yesterday

[theguyfromsaturn]

I think a better approach to this issue would be an "intelligent" punycode display. For instance, if any ASCII character is respresented using IDN characters then AND ONLY THEN should punycode be used.

As I understand it, there is only one IDN representation of non ASCII characters, if the only characters using IDN are non ASCII, then the address cannot be spoofed. However if an ASCII character is being represented using IDN representation, then spoofing is likely taking place, switch to punycode. This would preserve the ease of use for end users (punycode url are incomprehensible however much more comprehensible than other things they may be) without affecting the security since unnecessary use of IDN codes would trigger the "fishy" flag.

What do you think? Does this approach make sense. If so what is the best way to transmit this view to Firefox developpers?

Of course, I could be out to lunch on this one too, since I don't know in detail how the IDN thing works.

Tablet PCs

[Anonymous Coward]

I wish they would fix the pen input problem on the tablet PC. I'd rather use firefox, but I'm stuck with IE until I can easily enter pen input into the browser fields.

Re:Too bad it still doesn't fix the RAM problem

[zxnos]

interesting, on my leet 334MHz celeron 230 MB RAM i have firefox using 18,964K on a slashdot, IE using 15,112K and opera sitting at 18,600K. w/ five tabs in firefox i am at 34,000K... IE and opera have gone doen to 3k and 4.5K respectivley the only problem i have is that firefx has a habit of scrolling the page as it loads. i blame the 2 MB video card...

Good Experience

[CarlinWithers]

It's nice to see so much enthusiasm in the computer world. Personally, I've loved Firefox. It's nice to have the same browser in both Windows and Linux. Got it late (about 2 months ago), but it's done me good. I couldn't go back to non-tabbed browsing and no nested searches window. Also, scanned with ad-aware today. Only two files!!! Both in IE cache from the few times I've had to use IE for ActiveX integrated sites. Used to think 500 was normal. Thanks Firefox, and I expect more good coming from this.

Crashing problems.

[Captain Scurvy]

Sadly, this update doesn't fix the crashes I've been experiencing lately. Firefox crashes with me on certain URLs, especially those crappy xanga/myspace pages that are heavily-laden with video and sound. Before 1.0, I never experienced a crash. I make sure to submit the crash reports, though, so hopefully someone can figure out what's on.

Spreadfirefox.com

[hazzey]

How is this going to affect the download stats? Will we now have double the numbers because everyone has to download it again?

Re:Too bad it still doesn't fix the RAM problem

[Myen]

Firefox 1.1 (/Mozilla 1.8) should be better - they very recently fixed a bug where (some?) closed tabs, with whatever content on it, got leaked. Not in 1.0.1 / Mozilla 1.7.6 because they're afraid of sticking too many changes into a security release and breaking stuff.

Bug 283063 if you want to check and know how (to prevent all of /. killing Mozilla's bug database).

Re:Too bad it still doesn't fix the RAM problem

[shellbeach]

Too bad it won't run decently on anything less than a Pentium III with 256MB of RAM.

I run it on a Cyrix-133Mhz with 40Mb of RAM and Win95 - it runs better (less memory usage, faster) than IE5. Still slow to start up, of course, but I'm not expecting much from an old machine like that ...

Porn browsing tips for firefox =D

[H3g3m0n]

You can also simply set the number of days in the History option under privacy to 0. An even better idea is to start firefox with the -profilemanager commandline paramater, create a special profile called somthing such as "noprofile", and set all the cache, history, cookies etc... to not be stored. You can then make a script/shortcut file that runs "firefox -profile noprofile" which will load that profile.

You can do things such as put an obviouly diffrent skin on it to make sure you arn't running the wrong profile and install flashgot to allow you to grab entire image/movie gallerys.

You can have a custom adblock [mozdev.org] filter list to remove nonrelevant images such as those backgrounds, banners and image borders that sites have which slows down your browsing.

Under linux I have everything setup to use an highly encrypted filesystem so nothing can be accessed without the password, if you have your images, firefox profile, and its starting script in there then noone will beable to find anything also because its encrypted and only accessable by you, you can leave the history to be saved and create bookmarks etc. Just remember to unmount the filesystem and clear the loopback device.

it should bittorrent the autoupdate

[cheekyboy]

I wonder if they thought of using bittorrent to download the latest update. Or does bittorrent not scale to 27m users? :)

You could always have a seperate tracker for each country or each major region.

Re:Update button?

[hyu]

As someone else mentioned earlier, though it's worth repeating, in order to stagger the downloads and not overload the servers the update feature from within Firefox will not be enabled for roughly a week.

Re:/. rendering

[jals]

Can someone explain to me why Firefox has to create fixes for the Slashdot rendering problems. I was under the impression, and please correct me if I'm wrong (it happens a lot), but I thought the problems were with the Slashdot code? Isn't making /. render properly in Firefox just giving the people at Slashdot one less reason to bother fixing their code?

I could be way out of line if it is partly Firefox's fault, so sorry if that's the case...

Re:Ah, so this software does have vulnerabilities

[Mant]

Of course FireFox patches only fix Firefox, becuase that is all it is. That also means any problems in it only affect Firefox.

Ask anyone with a clue about computer security and they will tell you that is a good thing, unlike IE flaws causing problems all over the place becuase it is integrated into windows. It isn't like using Firefox stops you using windows update you know.

It definately is slower to start, as IE is loaded up when windows is. You don't notice IE's start up time as a seperate thing. As for spped in use, it depends on what the page is, images, script, CSS, complex layout and so on as too which one is faster.

I'm sure we will see lots of security updates for it, although so far it doesn't seem close to IE in terms of patches. I've never seen anyone claim it wouldn't need security updates. The argument has always been as open source the security would be better and the updates quicker.

I do suspect you a really a troll.

Re:On this subject

[Anonymous Coward]

well, to be fair it's probably slashdot's HTML's fault

Every single time this bug is mentioned, somebody blames it on Slashdot. Every single time, somebody else corrects them. Most of the time there's a reply saying something to the effect of "okay, so it's a bug in Firefox... but it's still Slashdot's fault!". And people continue to post comments like yours.

What is it going to take to convince people that it's a bug in Firefox? Showing them the bugzilla entry doesn't work. Showing them valid HTML that exhibits the same problem doesn't work. Showing them Firefox developers talking about the bug doesn't work. Telling them that it's fixed in current nightlies doesn't work.

Where the hell does this irrational superstition that it's Slashdot's fault come from? And why do you fools continue to post comments like this?

The other way around

[Khali]

Wouldn't it make more sense to do it the other way around? Make the update available first, then after some time make the new, complete package available.

By releasing packages before the update is made available, you are almost asking for current users of Firefox 1.0 to download the full 1.0.1, which will result in a higher load on your servers.

Re:On this subject

[Skater]

Statisticians have a concept called "significance". In this case, we'd compare the number of downloads that week to the average of the previous weeks (excluding the first one since it's the first week of release and so was understandably higher - normally reputable statisticians are loath to throw away data but this time it's the right thing to do). Without running the numbers, by looking at the charts I can tell you that we can't say the downloads that week are significantly higher than previous weeks (I'm a trained professional with several years of experience; please don't try that trick at home).

There's no way to say what would've happened. We could fit a trend to the previous weeks (again excluding the first week) and try to guess (with a huge margin of error), and there might be slight decrease predicted. BUT there are several weeks before the ad where the count jumped back up, too, so I wouldn't be comfortable making any conclusion about a trend from that data.

The best part..

[Anonymous Coward]

..is how the Windows installer is now signed with a code signing cert.

Now Peter Torr [msdn.com] can trust it!

Re:On this subject

[say]

I agree on your analysis, but I do believe that there are some possible ways to determine whether the advertisement did cause more downloads. For instance, you could make a general trend by analyzing download statistics of other comparable software releases. Obviously, there aren't many comparable releases, but I guess there must be some. When we have that trend line, we compare it to the stats for Firefox. If the general trend line dives at about the day number when the advertisement came, and Firefox didn't dive (and this difference is significant, it could indicate that the advertisement worked. However, you can't draw the conclusion that it did or didn't based on this simple analysis. But in a real market analysis I would definitely use this as one of my strategies for analysis.