Firefox 29 with new security features

What do you have and what do you want?

Moderators: b1o, jkerr82508

User avatar
viking60
Über-Berserk
Posts: 9320
Joined: 14 Mar 2010, 16:34

Firefox 29 with new security features

Postby viking60 » 19 May 2014, 13:08

Manjaro and Arch already have Firefox 29 with some improved security.
As we have seen in the private browsing thread we needed to start Firefox with

Code: Select all

firefox -private http://bjoernvold.com/forum
to get private surfing.
Sometimes it is practical to have cookies on sites where they are welcome and for that you needed to start a new session of Firefox without private browsing.

Now Firefox has put private browsing in the default menu, so you do not have to make two instances of Firefox in your menu system. It is exactly the same as starting Firefox like this:

Code: Select all

firefox -private http://bjoernvold.com/forum
and a new more private instance of Firefox will pop up.

Firefox has adapted the "Chromium style" menu but made it a little more intuitive with icons. You can edit the menu under the edit function by dragging and dropping whatever you want in there, so it is flexible.
Image
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
Snorkasaurus
Berserk
Posts: 587
Joined: 30 Dec 2013, 19:19
Contact:

Re: Firefox 29 with new security features

Postby Snorkasaurus » 19 May 2014, 16:03

If I could get past the "Craptastic Bar" I'd almost be willing to try FireFox. :-(
S.

User avatar
viking60
Über-Berserk
Posts: 9320
Joined: 14 Mar 2010, 16:34

Re: Firefox 29 with new security features

Postby viking60 » 19 May 2014, 16:39

Well you can drag everything away from the bar to the pop-down menu. Or drag what you need from the menu to the bar.
I just dragged the entire bookmark bar to the menu. And I dragged the search field away from the bar (to the menu) so you can pretty much design it as you like.
Before:
Image

After:
Image

I also added the "open file" function to my menu and now i can open pics directly in Firefox.
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
Snorkasaurus
Berserk
Posts: 587
Joined: 30 Dec 2013, 19:19
Contact:

Re: Firefox 29 with new security features

Postby Snorkasaurus » 19 May 2014, 16:48

Hey v60... I actually mean the "Awesome Bar". When that thing came out I gagged. :-(

There are other things I don't like about FireFox too though. Like the quick-release schedule... the best feature of FireFox is the extensive list of addons that are authored by numerous people all over the world. Now with their quick-release schedule the addon authors have to keep a much closer eye on any updates or their addons could bomb completely. Then there is the default behaviour of automatically updating to new versions without asking and without checking to see if the operating system dependencies are met. Any skinning that looks like chrome just makes me feel like I am being watched too. I haven't liked FireFox since v2.0.20.

S.

User avatar
viking60
Über-Berserk
Posts: 9320
Joined: 14 Mar 2010, 16:34

Re: Firefox 29 with new security features

Postby viking60 » 19 May 2014, 17:06

I get that, but there are a great deal of good (security) apps like auto destructing cookies etc. So I look into it once in a while.
Chromium also has a set of apps that will make Google annoyed so it is pretty good too.
In any case they are all competing with privacy these days - even they have understood that this is important by now. This awareness is new - and good.
I think this FF version is worth a closer look...I kind of like the added flexibility approach.
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
Snorkasaurus
Berserk
Posts: 587
Joined: 30 Dec 2013, 19:19
Contact:

Re: Firefox 29 with new security features

Postby Snorkasaurus » 19 May 2014, 19:49

Okay, I am trying it now... here's my notes:

- Having an installer (stub) that just downloads another installer is a scummy way to distribute FireFox. It gives the user [well, not THIS user] the impression that FireFox is much smaller (and possibly also faster) than it actually is. I imagine that it is also helpful to Mozilla in that it can keep better track (tracking) of how many installs have been done.
- During the install I was offered the option to let FireFox use a "Maintenance Service" to perform updates which is supposed to allow it to do updates without having to click "yes" on a UAC notice. I agreed to have it install the service and it did in fact create a Windows service called "Mozilla Maintenance Service". But I am running XP which does not have UAC and does not require any such service to function. This should be basic stuff for application developers to check for during an installation.
- Oh Ehm Ghee I hate skinned applications. I setup my window forms to look the way I want them to, having an application use its own look is insulting. I did find a way to change the colour of the skin over the tabs but not replace the rounded edges.
- The status bar (where I like to put my plugin icons) is gone (but can be partially reinstated with a plugin).
- The enlarged back button serves no purpose but to take up screen real estate that could be used for displaying web pages.
- I still hate the awesome bar which sucks up more resources than is necessary and does not make it easier to find previously typed addresses.
- The search engine list is riddled with tracking companies.
- Rather than a text based menu they have an icon based menu which takes up more space and does not make it easier to find selections. I have a very hard time believing that this is entirely unrelated to skinning and Windows 8 Metro.
- FireFox Health Report (tracking) is turned on by default
- Crash Reporter (tracking) is turned on by default
- By default FireFox is set to automatically update itself, even if the target system is not supported... potentially forcing an upgrade on a user who will then not be able to open his/her browser until they use a different browser to download the previous version and downgrade.
- The "Web Developer Tools" is a core component. I have a very hard time believing that a significant percentage of FireFox users use the Web Developer Tools... certainly not enough to justify it as a core component rather than a plugin (see next point).
- Data Manager is not a core component and must be installed as a plugin. So a significant portion of FireFox users use the Web Developer Tools but not the Data Manager?
- If you decide to install the Data Manager plugin you'll find it getting cluttered up with a long list of domains with the falsestart-rsa permission. This sounds stupid for two reasons... (1) my understanding of the falsestart-rsa permission is that [by whatever means] it reduces the latency of SSL handshaking by 30%. This is essentially worthless if you consider that you spend a second setting up your SSL connection to Facebook and then four hours chatting to your BFF about OMG and WTF. Nobody should care about the insignificant time they are saving at the beginning of that conversation. And (2) I can't see any justifiable reason to maintain a list (sometimes known as information disclosure) of sites that I have visited which support it. I am quite sure that most people do not want snork.ca to be hidden away in some sqlite database they can only access/remove with a data manager plugin... because if your employer finds out you have been browsing snork.ca you'll wind up on some kind of "list".

Unfortunately SeaMonkey suffers from a number of these same failings, but at least has an improved [read basic] visual appearance. I currently do not have an available computer with more than 4G of memory but am considering buying one just so I can try my hand at custom builds of SeaMonkey that do not include Chatzilla, Composer, Mail, and Address Book (as well as falsestart-rsa and crash reporter).
:berserkf

My 3¢
S.

User avatar
viking60
Über-Berserk
Posts: 9320
Joined: 14 Mar 2010, 16:34

Re: Firefox 29 with new security features

Postby viking60 » 19 May 2014, 20:21

Hmm I just checked some of your points:
Health and Crash report is not turned on here (Maybe a difference in the Linux versions or maybe something I have unchecked before, but I don't think so :confused ).....
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
Snorkasaurus
Berserk
Posts: 587
Joined: 30 Dec 2013, 19:19
Contact:

Re: Firefox 29 with new security features

Postby Snorkasaurus » 19 May 2014, 21:55

viking60 wrote:Hmm I just checked some of your points:
Crash report is not turned on here (Maybe a difference in the Linux versions or maybe something I have unchecked before, but I don't think so :confused ).....

Did you do a fresh install of v29 or did you let FF update itself? I assume that if it was an upgrade, it would have kept your old settings (I believe that the reporting settings would be stored in your userprefs file).
S.

User avatar
viking60
Über-Berserk
Posts: 9320
Joined: 14 Mar 2010, 16:34

Re: Firefox 29 with new security features

Postby viking60 » 19 May 2014, 22:29

I did an update via the Manjaro repos; not "by itself".
So my old settings would still apply, I just can't remember having shut those off... :confused
So it could be me or it could be a difference between the Windows version and the Linux version.
In general Linux software does not update itself outside the repos, they will have to be packed and controlled by the maintainer - that makes it more secure.
:A
https://support.mozilla.org/en-US/kb/up ... st-version
Note: If you use your Linux distribution's packaged version of Firefox, you will need to wait for an updated package to be released to its package repository. This article only applies if you installed Firefox manually (without using your distribution's package manager).


...And it pretty much takes care of all your criticism on this point - you should try Linux :-D
If you stick to the repos FF will always fit.

If you are impatient and want the latest and best you can pick Manjaro or Arch (needs some experience) - there the bleeding edge software will be available before you can spell Apfelstrudel...
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"

User avatar
Snorkasaurus
Berserk
Posts: 587
Joined: 30 Dec 2013, 19:19
Contact:

Re: Firefox 29 with new security features

Postby Snorkasaurus » 20 May 2014, 01:12

viking60 wrote:In general Linux software does not update itself outside the repos, they will have to be packed and controlled by the maintainer - that makes it more secure.
:A
https://support.mozilla.org/en-US/kb/up ... st-version

My bottom line is that any software package that updates itself
- by default
- without asking
- without checking to see if the target system will support the new version

Is a disgraceful failure on the part of the application developer(s). To be honest, I am baffled at the ridiculous decisions made by browser developers. All major browsers have a default policy of allowing all cookies and none of them have a context menu that allows you to set per-site privacy/security settings. That is shameful.

Note: If you use your Linux distribution's packaged version of Firefox, you will need to wait for an updated package to be released to its package repository. This article only applies if you installed Firefox manually (without using your distribution's package manager).

Actually if I use my Linux distribution's packaged version of Firefox I would be using IceWeasel. :-(
Hmmm, I have something I'd like to test here... it'll take a while though, will get back to you on this one.

viking60 wrote:...And it pretty much takes care of all your criticism on this point - you should try Linux :-D
If you stick to the repos FF will always fit.

If you are impatient and want the latest and best you can pick Manjaro or Arch (needs some experience) - there the bleeding edge software will be available before you can spell Apfelstrudel...

Oh not at all... in fact it is extremely rare that I want the most recent version of anything. My PC is old, my laptop is old, my OS is old, my apps are old... I'm old.

S.

User avatar
viking60
Über-Berserk
Posts: 9320
Joined: 14 Mar 2010, 16:34

Re: Firefox 29 with new security features

Postby viking60 » 20 May 2014, 12:11

in fact it is extremely rare that I want the most recent version of anything. My PC is old, my laptop is old, my OS is old, my apps are old... I'm old.

:lolup
Yup you are made for Linux - it will work on old HW and make it young again.
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"


Return to “Software”