Slashdot Mirror

The bill would create a list of blocked Internet sites, added Ed Black, president and CEO of the Computer and Communications Industry Association, a tech trade group.

. Users who want content will find a way around this. There's already a firefox add-on to circumvent Department of Homeland Security seized domains like torrent-finder.com. Thanks to Streisand effect of government domain seizures I found some great torrent sites I never before knew existed.

There's a reason why we have addons like https://addons.mozilla.org/en-US/firefox/addon/mafiaafire-redirector/ to automate that process.

That's what the Firefox extension, Platypus is for... unfortunately, it's no longer maintained, but Aardvark can produce similarly readable web pages without out too much work. Combine that with the Greasemonkey script, Autopagerize to join those multi-page articles designed to make you look at a whole new set of advertisements for each paragraph, and you come a little closer to having the experience that Tim Berners-Lee had in mind for the world wide web in the first place.

And LordLimecat does not know ANYTHING about mozilla. There are bugs that have been here for TWO major version numbers. they pulled out this 4.0 major change over without bothering to fix a lot of the bugs that cause issues to a lot of people or are plain old rookie mistakes that they let hang because they dont want to bother with fixing it.

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Security&resolution=---

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Preferences&resolution=---

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Tabbed%20Browser&resolution=---

Honestly Firefox could crush the others if they focused on speed, reliability, and limited bugs.

And they need to rat out the plugins that cause issues. the browser should be telling me that "Adblock plus is slowing down your session, we recommend disabling it until they get around to fixing it" (For example as the last version before current had a major issue that was freezing firefox.)

And LordLimecat does not know ANYTHING about mozilla. There are bugs that have been here for TWO major version numbers. they pulled out this 4.0 major change over without bothering to fix a lot of the bugs that cause issues to a lot of people or are plain old rookie mistakes that they let hang because they dont want to bother with fixing it.

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Security&resolution=---

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Preferences&resolution=---

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Tabbed%20Browser&resolution=---

Honestly Firefox could crush the others if they focused on speed, reliability, and limited bugs.

And they need to rat out the plugins that cause issues. the browser should be telling me that "Adblock plus is slowing down your session, we recommend disabling it until they get around to fixing it" (For example as the last version before current had a major issue that was freezing firefox.)

And LordLimecat does not know ANYTHING about mozilla. There are bugs that have been here for TWO major version numbers. they pulled out this 4.0 major change over without bothering to fix a lot of the bugs that cause issues to a lot of people or are plain old rookie mistakes that they let hang because they dont want to bother with fixing it.

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Security&resolution=---

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Preferences&resolution=---

https://bugzilla.mozilla.org/buglist.cgi?product=Firefox&component=Tabbed%20Browser&resolution=---

Honestly Firefox could crush the others if they focused on speed, reliability, and limited bugs.

And they need to rat out the plugins that cause issues. the browser should be telling me that "Adblock plus is slowing down your session, we recommend disabling it until they get around to fixing it" (For example as the last version before current had a major issue that was freezing firefox.)

I hate to spoil your rant, but you can turn the status bar back on in FF4.

The trick is in knowing that they now call it the "add-on bar".

In the new menu, go to Firefox -> Options -> Add-on bar. Or press Ctrl+/

The URL preview and download status still won't show in the bar like it used to, but if you want that as well, you can still restore that old behaviour with this addon, as recommend by Mozilla's official knowledgebase.

How's that for configurable?

"Mozilla's motto for Firefox is to keep it being completely customizable..."

Ah yes. That's why I can turn the status bar back on in FF4, right?

Mod parent "-1 Doesn't understand what customizable means in this context".

Yes, that is why you can turn the status bar back on. And why you can show no ads, or have your bookmarks folder look how you want. Or have thirty gazillion toolbars. Or have a minimalist browser look and feel. Or re-theme with the click of a button or two.

You confuse the ability to customize with "Mozilla did all the work and considered every customization wanted and has settings for them all". They made it customizable... now all you have to do is download and install some customizations, or write your own.

what would be the point of using FF over chrome if the are the same darn browser?

One of them doesn't track you.

Also, work is underway on Electrolysis - splitting Firefox into separate processes

I'm the author of the guest blog post. I have some clarifications that should clear things up a lot.

First, I'm just a member of the large community of Firefox users. I do not work for Mozilla (though that would be awesome), and I do not speak for Mozilla. As far as I know, no one within Mozilla is working on implementing any of my ideas at the moment. I simply had a concept and was offered the amazing opportunity to write some guest blog posts. The linked post is Part 1. Part 2 is coming.

Second, contrary to the article summary and to the many comments from people who clearly did not read the post, I am not proposing to hide the location. The location will be completely visible at the top of each page, with even more information. As far as I can tell, there is nothing that the location bar can do that is not possible in my concept.

Finally, the arguments behind each step are available in much more detail on the Mozilla Wiki. That should answer many questions.

if you want to contribute to the discussion in a substantive manner, please first read the article and then go to the discussion page. I've already responded to a number of excellent comments there. Also, if anyone is interested in helping me implement some of these ideas, please let me know!

David

Or, i dunno... maybe we could use JavaScript to add flexible dynamic scripting to our existing stable Java platforms? ...otherwise what's the point? To use a domain specific language for tasks it wasn't designed for or is very good at?

Personally, I'd rather use a slow dynamic scripting language to glue the fast compiled language code together, (see: Perl), not write the whole damn server in slow JS.

Hint: Just use Rino and be done with this nonsense.

Although I generally agree with you, I haven't actually seen one of these ad things in years:
Get: https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

Webpage-JS can steal focus from URLbar / chrome
https://bugzilla.mozilla.org/show_bug.cgi?id=125282 Resolved Fixed
Content still can steal focus from chrome by window.focus();
https://bugzilla.mozilla.org/show_bug.cgi?id=604289 ASSIGNED

Webpage-JS can steal focus from URLbar / chrome
https://bugzilla.mozilla.org/show_bug.cgi?id=125282 Resolved Fixed
Content still can steal focus from chrome by window.focus();
https://bugzilla.mozilla.org/show_bug.cgi?id=604289 ASSIGNED

I had to file this bug: Bug 659717 - Make Mozilla the team of innovative leaders, instead of the team trying to be like the innovative leaders.

Well, they ignored the massive backlash about removing the status bar, so what makes you think they'll listen to the masses about the location bar? Mozilla's been making some really questionable design decisions lately, and their response always seems to be "find an add-on to do it." Extensions are nifty and all, but they should be required for what some would consider basic interface functionality.

There is an extension to make the "add-on" bar act like the old status bar, but it's got some issues (might be FF, might be the add-on).

This is just an experiment by the community. It doesn't mean Mozilla is going in any direction. Mozilla Labs is a place for breaking the web and learning from the broken pieces. Sometimes, interesting ideas arise, like the Awesome Bar HD (which still needs a lot of work). Other times, they go too far (Home Dash).

Anyway, Mozilla's motto for Firefox is to keep it being completely customizable, so you'll still be able to have the browser look any way you want, even if they change the standard UI.

Request Policy prompts you before each redirect that isn't on the same website. I don't know any way to turn it off or whitelist it, if you're looking for that, but it's probably your best bet.

PPM support has been removed many years back, XBM support was removed about a year ago.
https://bugzilla.mozilla.org/show_bug.cgi?id=504822
https://bugzilla.mozilla.org/show_bug.cgi?id=197530

Why did they remove PPM? Surely it can't have been more than, say, 30 lines of code!

PPM support has been removed many years back, XBM support was removed about a year ago.
https://bugzilla.mozilla.org/show_bug.cgi?id=504822
https://bugzilla.mozilla.org/show_bug.cgi?id=197530

Why did they remove PPM? Surely it can't have been more than, say, 30 lines of code!

I don't trust firefox to make rational decisions in the image area, after they removed mng support and then created the apng format. Over 700 people voted for it to be put back, they could have put mng back and let people choose what they want to use. The overhead was small as mng shared a lot of the png code. https://bugzilla.mozilla.org/show_bug.cgi?id=18574

See also
https://bugzilla.mozilla.org/show_bug.cgi?id=18574

https://bugzilla.mozilla.org/show_bug.cgi?id=88020

See also
https://bugzilla.mozilla.org/show_bug.cgi?id=18574

https://bugzilla.mozilla.org/show_bug.cgi?id=88020

Firefox support APNG but not MNG, see https://bugzilla.mozilla.org/show_bug.cgi?id=257197

Firefox does not support PPM, see https://bugzilla.mozilla.org/show_bug.cgi?id=197530

Firefox does not support XBM, see https://bugzilla.mozilla.org/show_bug.cgi?id=504822

Firefox support APNG but not MNG, see https://bugzilla.mozilla.org/show_bug.cgi?id=257197

Firefox does not support PPM, see https://bugzilla.mozilla.org/show_bug.cgi?id=197530

Firefox does not support XBM, see https://bugzilla.mozilla.org/show_bug.cgi?id=504822

Firefox support APNG but not MNG, see https://bugzilla.mozilla.org/show_bug.cgi?id=257197

Firefox does not support PPM, see https://bugzilla.mozilla.org/show_bug.cgi?id=197530

Firefox does not support XBM, see https://bugzilla.mozilla.org/show_bug.cgi?id=504822

PPM support has been removed many years back, XBM support was removed about a year ago.
https://bugzilla.mozilla.org/show_bug.cgi?id=504822
https://bugzilla.mozilla.org/show_bug.cgi?id=197530

PPM support has been removed many years back, XBM support was removed about a year ago.
https://bugzilla.mozilla.org/show_bug.cgi?id=504822
https://bugzilla.mozilla.org/show_bug.cgi?id=197530

Yeah, besides, it's not like Google was trying to hide the fact they are crawling any Internet site -- The user agent is:
Googlebot/2.1 (+http://www.googlebot.com/bot.html)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

Many sites actually show more information if they detect the Google bot to increase their search rankings.

Later, If you click the search listing and can't see what the bot saw, in most cases, it's not because the search database is out of date, it's because of a pay/register wall bait & switch. Protip: Firefox plugin User Agent Switcher will sometimes let you in with the "right" user agent (if the site doesn't also check IP addresses).

My point is that Google is distributed -- they could hit a site from a different IP range and use a different User Agent string (ie pretend to be Chrome or FF), to hide their identity but they are not... (This is actually how Google detects bait and switch type links).

It's hard to fault a web crawler for crawling the web. This is especially true in Facebook's case since Facebook promotes all those external links back to Facebook pages via "like this" and "follow us on Facebook" links.

When you find the mouse trap has sprung, do you complain that the bait is gone?

And why Firefox 4 fails utterly. They literally did remove the 'status bar'. Not an ability to hide it, it's gone.

At least one case where Google isn't forcing the change down on people...what a concept.

Install the Status-4-Evar add-on and your status bar is back. This is why Firefox 4 wins completely. It's extremely extensible. Alternatively, you can use Firefox 4's add-on bar to display status oriented add-ons and toolbar icons and buttons similarly to the old status bar. I use the add-on bar to display two extensions I happen to like (ShowIP and ServerSpy).

I don't think there's any need for a status bar any more - addon buttons can go at the top and target URLs show in a popup at the bottom.

However, one of the best things about Firefox are it's addons - you can re-enable the status bar if you want by using Status-4-Evar

Sorry about that! Try this one, and if slashdot is killing URLs in posts now (why not, they were 403 for an hour this morning) it's pentadactyl you seek.

You can probably do the brushed metal theme yourself, for the rest here you go. Without it, I find firefox unusable.

1. Unity: don't care, won't use. I'll apt-get install xubuntu-desktop.

2. Gnome 3: same as above.

3. Thunderbird: good, so they're going to fix that four years old bug preventing people from dragging attachments from a message to a folder?

4. LibreOffice: no problem for me, I'll apt-get it but I think most people would appreciate to be able to open .doc and .xls files in the initial installation. Maybe a small program could handle office files and prompt to install the office suite. Nevertheless people is more willing to wait some more minutes when installing the OS than when they have some work to do, maybe quickly. I believe that this decision is detrimental to the user experience.

5. Chromium: don't care as I install Chrome, Firefox and Opera. I'm using Firefox mostly because of Firebug.

6. Computer Janitor and PiTiVi: Computer What!? I use OpenShot as video editor.

7. LightDM: seems a good idea for a functionality I use for 5 seconds when I boot my notebook, which doesn't happen often as I suspend it at night.

8. Déjà Dup: very good idea. I'm using a combination of rsnapshot and duplicity and I don't think DD has the same functionality (it doesn't pull files from remote servers or runs scripts on them to dump DBs, right?) but it's good to offer a good backup functionality for the general public. However they should implement something like Time Machine to backup the whole system.

9. Ubuntu Software Center: don't care much. I find more convenient to use apt-get and apt-cache than using the GUI and what I usually see of the USC is only the updates window. However I'm sure that many people find more convenient using the GUI so those changes will be appreciated.

Summing up, I started reading TFA expecting some more stupid changes from Canonical but I'm surprised to see that they either don't affect me or they might improve my experience. It's a good change after at least one year of invisible changes that made my notebook perform better (i.e.: suspend always work, ext4 is fast) and too visible ones that I had to work around to be able to work the way I like (all the GUI changes).

I don't know, it really is a country club in Africa, but I think Miguel went for "Tamarin", which is a type of monkey. But unfortunately this name is already occupied by a Mozilla project, which strangely is some kind of scripting language, and to his dismay is also being used as the name for a Java framework. *head asplodes*

Install the Better Privacy addon for Firefox. It lets you manage LSOs and delete them on exit.

Firefox: BetterPrivacy

Being able to manually delete LSO's is ok but too labour-intensive. The addon above lets you delete-on-close like regular cookies you flag as "allow for session" in FF.

Which they had already written for WebGL.

http://mxr.mozilla.org/mozilla-central/source/content/canvas/src/WebGLContextUtils.cpp#101

At least then users have to click ok before trusting a site, in a similar fashion to location data.
And hopefully that check will be strongly worded.

Personally, I'm glad I run NoScript

Use TorButton then (the Windows bundle includes it IIRC). AFAIK it solves most of the problems you mentioned. If you are using Firefox 4 then you need the alpha version from here.

Add to that BetterPrivacy, and you should be much harder to track.

Use TorButton then (the Windows bundle includes it IIRC). AFAIK it solves most of the problems you mentioned. If you are using Firefox 4 then you need the alpha version from here.

Add to that BetterPrivacy, and you should be much harder to track.

Try YesScript. You can blacklist sites that cause problems while letting the rest through without having to explicitly whitelist them.

Great idea. Then I can blacklist www.thissiteissafehonest.com _AFTER_ it's used Javashit to download malware to my computer.

Disabling Javashit by default is the only safe way to browse the web these days.

Try YesScript. You can blacklist sites that cause problems while letting the rest through without having to explicitly whitelist them.

Yea, but the way MafiaaFire is made is quite "vulnerable". ICE can just 'steal' MafiaaFire's domain(s) and the the addon doesn't work anymore. This is one of the reasons I've made a re-write of MafiaaFire ( https://addons.mozilla.org/da/firefox/addon/fireice/ )

Also, Flash cookies are evil in that browsers can't purge them

https://addons.mozilla.org/de/firefox/addon/betterprivacy/

Whilst I agree with the thrust of your argument, there are a few mistakes.

No scope to speak of.

JavaScript has scopes. A variable declared in a function goes away at the end of the function, same for the body of an if, a loop, etc. Standard C/C++ rules apply that a variable declared in the parent scope carries into a child scope (variables declared before a function are accessible inside the function. Things get screwy with closures, of course, but that's typical functional crap.

It looks object oriented, but has no real notion of classes. No inheritance.

Yes and no. JavaScript is object oriented in that everything is an object, it just doesn't follow the traditional model. Unfortunately, this is trumpeted as a feature rather than a bug (The concept of a class is a useful refinement over the more primitive object soup style used by JS since it makes it far easier to reason about the system's behaviour — open for extension, closed for modification). The JS object model is more abstract and less intuitively helpful which makes it more difficult to use correctly but you can implement inheritance using the prototype member. eg.

function Class1() {
    this.my_value = 5;
}
Class1.prototype.something = function() { return this.my_value; };
function Class2() {
    Class1.call(this);
    this.my_value = 10;
}
Class2.prototype = new Class1(); // inherit
Class2.prototype.constructor = Class2; // constructor points to Class1() due to above
Class2.prototype.something_else = function() { return 6; }; // extend
var obj = new Class2();
alert(obj.something() + obj.something_else()); //16

All of the features that have made languages "safer" and "easier" to program in, javascript lacks.

I agree with this notion, unfortunately, I see "safer and easier" as being in direct opposition to the current trend of dynamic/duck-typing in newer languages (auto-typing [type inference] is fine). I like compiler errors, they find bugs before the program crashes, or worse, results in a production system that appends a number to a string instead of adding two numbers causing the output to be completely wrong when a difficult to trigger code path runs.

I can't think of one innovative or positive aspect of javascript

JavaScript is the bastard child of Scheme/Lisp, Smalltalk and Java. It inherits the polished turd ugly syntax of C/C++ (from Java), a poor implementation of everything as an object (Smalltalk) and an obsession with minimalist abstract syntax like recursive closures from Lisp. This is pretty much a match made in hell.

Even as rivals like Mozilla and Google have introduced bug bounty program, the Redmond Washington giant has stuck doggedly with a position it articulated almost a decade ago, refusing to offer monetary rewards for information on software holes. But security experts say that position may have to change.

Here is the source for Mozilla projects. Here is the source for Google Chrome. And where do I find Internet Explorer's source code? Oh, right. Well, I'm sure if they truly wanted my help making their browser better and more secure, they'd be okay with letting me take a peek at the source code. How can they start a bug bounty program when they won't even trust the community with seeing their code?

To put it another way: when you practice security through obscurity, offering monetary incentives for bug discovery is not a financially sound decision.

Furthermore, there have been times when a bug submitted to Google was deemed not a bug and a discussion ensued why that was with the source code referenced. I believe Microsoft could just say, "Oh, sorry, we don't owe you anything for discovering that feature but since you can't see the source code you'll have to take our word for it."

Microsoft doesn't need bug bounties. They need to achieve the prerequisite of code inspection before they can even consider putting their money where their mouth is.

for what its worth..
https://addons.mozilla.org/en-US/firefox/addon/mafiaafire-redirector/

After reading this article, I initially tried to find the add-on by using the Fire Fox Add-on search window https://addons.mozilla.org/en-US/firefox/ but the search didn't return any results.

It appears that Mozilla's Fire Fox Add-on search is being censored.

for what its worth..
https://addons.mozilla.org/en-US/firefox/addon/mafiaafire-redirector/

After reading this article, I initially tried to find the add-on by using the Fire Fox Add-on search window https://addons.mozilla.org/en-US/firefox/ but the search didn't return any results.

It appears that Mozilla's Fire Fox Add-on search is being censored.

A search for addons called MAFIAAFIRE is yielding no results.

Mafiaafire appears to be unlisted, as browsing through the list of extensions reveals no such program. Did Mozilla cave in to DHS demands despite their initial refusal, or was the software never listed in the first place?

Unlawful domain seizures. Takedown demands. DHS has too much power and too little oversight.

One of the commenters on the FF extension suggested that the extension introduces a serious vulnerability into your browser - by downloading the XML file containing the list of sites to be redirected, you are basically offering that website the ability to redirect "youtube.com" to "nastysexxxxxychix.com" or whatever. Certainly this would be unpleasant on a work computer, but it could also be used to send you to a malicious site. He also pointed out that every 15 times the extension is actually called you are sent to a "Help Us" page where they probably ask for donations.

The same commenter forked the extension to another called FireIce which has a hardcoded list of sites. I think the ideal way would be with a user-configurable list which the user can easily update from a website as desired, rather than automatically downloading an XML file without user input.

This other extension - which I haven't tried and cannot endorse - is at https://addons.mozilla.org/da/firefox/addon/fireice/