mozilla.org · Domains · Slashdot Mirror

Re:Is this another Windows-only problem? by Anonymous Coward · 2010-10-10 11:27 · Score: 0 · on New Tool Blocks Downloads From Malicious Sites

Downloads? Yes, all OSes and browsers are vulnerable, within limits (Javascript FTW). Downloads to arbitrary locations, arbitrary code execution, and local-user installation? Sort of. OSX is extremely vulnerable, and Windows & SELinux are mostly safe.

Low-IL processes ([1] [2] [3]) in Windows can't run or do much of anything (it can DoS the user, I guess, or read & transmit data). I said mostly safe because there are still weaknesses: unsafe application security/rules, communication with other protected but insecure processes or objects (including system services), driver exploitation via user-mode driver DLLs, et cetera.

Re:Can atheists refute one simple fact? by Guignol · 2010-10-09 22:02 · Score: 1 · on Largest Genome Ever

:) I'm not the poster you are asking that question to
But I, for one, do use vi(m) to post on /. (or anywhere else for that matter)
This is thank's to this very nice firefox addon
You might want to try it :)

Re:Better, but... by mbrubeck · 2010-10-07 12:59 · Score: 2, Informative · on Mozilla Releases Firefox 4 Beta For Android, Maemo

See bug 591661 where this is reported - one of the comments has a (slightly annoying) workaround to use your own sync server in Fennec.

Re:If only it was usable.... by mbrubeck · 2010-10-07 12:57 · Score: 4, Informative · on Mozilla Releases Firefox 4 Beta For Android, Maemo

There's a bug that causes random system freezes on the original Droid and the Droid 2: https://bugzilla.mozilla.org/show_bug.cgi?id=602252 Unfortunately we just discovered this today, too late to fix it for beta 1. We'll fix it before the stable release, of course.

Supported hardware list by mbrubeck · 2010-10-07 12:53 · Score: 1 · on Mozilla Releases Firefox 4 Beta For Android, Maemo

The beta release requires a newer processor than the Hero. See the system requirements page for details, and an experimental (non-optimized) build for older and low-end phones.

Re:Browsers? by icebraining · 2010-10-07 12:07 · Score: 2, Informative · on Mozilla Releases Firefox 4 Beta For Android, Maemo

Firefox Sync encrypts everything locally using your passphrase before sending to their server.

The Weave client creates a 2048-bit RSA keypair and a salt value, and derives a symmetric key from the passphrase and salt with PBKDF2. The private key is encrypted with that key and uploaded to the server, along with the salt and cleartext public key.
For each collection, a 256-bit bulk key and an IV are generated on the client. The bulk key is encrypted with the RSA public key and uploaded, with the IV, to the server.

https://wiki.mozilla.org/Labs/Weave/Developer/Crypto

Re:Where.. by Anaerin · 2010-10-06 11:22 · Score: 1 · on Why Are We Losing Vertical Pixels?

They're working on it for CSS 3, and Mozilla (That is, FireFox et al) have a working implementation in place already: https://developer.mozilla.org/en/CSS3_Columns

Re:Rotate by miquels · 2010-10-06 05:55 · Score: 1 · on Why Are We Losing Vertical Pixels?

You replace the menus with a single tiny menu, then put everything on the same line.

Tiny menu: https://addons.mozilla.org/en-US/firefox/addon/1455/

Which version of non-released Firefox 4.0? by Anonymous Coward · 2010-10-05 06:04 · Score: 0 · on Microsoft IE Browser Share Dips Below 50%

Please clarify, try the nightly build and tell us if you also run AVG

Re:They All Suck by WhitePanther5000 · 2010-10-05 03:19 · Score: 1 · on Microsoft IE Browser Share Dips Below 50%

If "they all suck", then it's probably more like "non-compliant websites suck". Flashblock helps a lot, but I still run into sites that jack up my CPU utilization with javascript. For instance, the ticker on an eetimes.com article pushes my core 2 duo to 70%. A little absurd for a 2 page article.

Unfortunately, everyone wants a flashy website these days, and the people paying the web developers don't really care about how it effects the end user... as long as it's pretty and it attracts page hits.

Obviously that's not always the case... but still, blame the websites. At this point you basically wind up with the the decision to (SLOWLY) see everything as intended, or live with some quirks for a faster browsing experience.

Re:PDF warning? by Animaether · 2010-10-05 02:48 · Score: 1 · on Analyzing CAPTCHAs

Don't you check what links are before you click them?

Just plugging a FireFox add-on related to that...
https://addons.mozilla.org/en-US/firefox/addon/3199/ - Link Alert

Re:do you know how instant search works? by muckracer · 2010-10-04 21:14 · Score: 1 · on GoogleSharing, Now With No Trust Required

> just type it all out in another window (text editor would be easiest), proof it carefully, then copy/paste.

Or even easier, use the built-in search entry bar in Firefox (to the right of the location bar). It only gets transmitted when you hit Enter or click on the magnifying glass icon. Couple that with the Scroogle Firefox add-on and you're searching anonymously and SSL-encrypted (FWIW):

https://addons.mozilla.org/en-US/firefox/addon/12506

Always wondered though, if you can still do an anonymous search in one tab while having your non-anonymized Gmail account open in another. Probably not...

Not a Rhetorical Question by Colonel+Korn · 2010-10-04 12:30 · Score: 0, Troll · on GoogleSharing, Now With No Trust Required

How is this different from the SSL version of Scroogle search, which has been around for at least a year?

https://addons.mozilla.org/en-US/firefox/addon/12506/

Honestly, I'm too lazy to read TFA tonight, but if there's a benefit to GoogleSharing, what is it?

Re:Xmarks by Runaway1956 · 2010-10-02 03:13 · Score: 1 · on Xmarks May Not Be Dead After All

https://addons.mozilla.org/en-US/firefox/addon/13255/ Someone pointed me to a link, and I just paid the suggested $15 through paypal. I feel a wee bit better now, since I've been using Xmarks for two years (or more) and never paid a dime.

Re:Publicity Stunt? by vlm · 2010-09-30 23:17 · Score: 1 · on Xmarks May Not Be Dead After All

Just curious, does Firefox sync addon support syncing to your own server somehow?

I see no mention of such a feature on the plugin webpage, but you mention "so even if you sync to their servers" which implies the option.

Because you're googleing for "firefox sync own server" or something like that. The product went thru a name change, during R+D it was called "WEAVE". So google for something like "firefox weave support own servers" and eventually you find detailed descriptions of exactly what to do to set up your own sync server.

Such as:

https://wiki.mozilla.org/Labs/Weave/Sync/1.0/Setup

Re:complete with tracking and statistics by WCguru42 · 2010-09-30 12:32 · Score: 2, Interesting · on Google URL Shortener Opened To the Public

https://addons.mozilla.org/en-US/firefox/addon/162021/

This Firefox add-on (Their homepage http://long-shore.com/ has Opera and Chrome support as well) allowed me to hover the link and see that it was a Goatse link.

Very useful.

My unrivaled intellect allowed me to know that it was a Goatse link as the poster was trying to make a point and the link name was "gaping hole." Not sure why the Troll mod as his point is valid and anyone dumb enough to click a link with that text on it shouldn't be on the internet.

Re:complete with tracking and statistics by Shikaku · 2010-09-30 11:48 · Score: 3, Informative · on Google URL Shortener Opened To the Public

https://addons.mozilla.org/en-US/firefox/addon/162021/

This Firefox add-on (Their homepage http://long-shore.com/ has Opera and Chrome support as well) allowed me to hover the link and see that it was a Goatse link.

Very useful.

Re:one problem with online news by Anonymous Coward · 2010-09-29 10:13 · Score: 1, Funny · on Most Readers Don't Like Customized News

I'd be pleased just to get rid of all the anonymous commenting on most news sites. The level of nastiness leveled by pretty much anyone commenting on sites like Yahoo News is just mindblowing. Anonymous web commenting has gotten so out of hand, someone even made a firefox plugin to filter it!

You're wrong because you're ugly!

one problem with online news by sirinek · 2010-09-29 09:58 · Score: 3, Insightful · on Most Readers Don't Like Customized News

I'd be pleased just to get rid of all the anonymous commenting on most news sites. The level of nastiness leveled by pretty much anyone commenting on sites like Yahoo News is just mindblowing. Anonymous web commenting has gotten so out of hand, someone even made a firefox plugin to filter it!

What about "Browser based ON DS9..." by karlandtanya · 2010-09-29 04:11 · Score: 1 · on Browser-Based Deep Space Nine MMO Coming In 2011

Showing 0 - 0 of 0 results for lcars

Re:Overkill? by hairyfeet · 2010-09-28 07:48 · Score: 1 · on Bookmark Synchronizer Xmarks Hangs Up Their Hats

It sounds like what you want is FEBE to make sure you don't lose anything in case FF crashes. You can set it to backup as many times as you want, and it'll back up HTML bookmarks as well as the sqlite way. It sounds like just what you are looking for.

Try Google bookmarks by beernutz · 2010-09-28 06:22 · Score: 3, Informative · on Bookmark Synchronizer Xmarks Hangs Up Their Hats

I really like the Google bookmark service.

https://www.google.com/bookmarks/l

Uses labels like gmail, and has browser addons.

FF:
https://addons.mozilla.org/en-US/firefox/addon/2888/

It is built into chrome

Safari:
http://www.associatedcontent.com/article/901411/goggles_use_google_bookmarks_with_safari.html?cat=15

Gmarks by Anonymous Coward · 2010-09-28 04:58 · Score: 1, Informative · on Bookmark Synchronizer Xmarks Hangs Up Their Hats

Gmarks for Firefox lets you sync your google bookmarks! It's awesome! 'nuff said.

ping (Re:HTML 5?) by dveditz · 2010-09-23 15:07 · Score: 1 · on Is the Web Heading Toward Redirect Hell?

Firefox was an early adopter of the <a ping> HTML 5 feature to solve exactly this redirect-for-tracking issue, added in early 2006: https://bugzilla.mozilla.org/show_bug.cgi?id=319368 There was huge controversy that the feature helped sites track users (never mind that you're being tracked as it is, and that the feature let you turn it off) and it was disabled before it ever shipped. We thus continue trudging through redirect hell when the browser could have been doing that for us in parallel while giving us the content we wanted.

The feature would have sold better if it was framed as <a shortcut> or <a dest>. That is, keep the historical href behavior jumping through redirects in old browsers, while new browsers could just load the final content directly from the shortcut (or dest) attribute and treat href as the ping. I'm sure that suggestion gives HTML purist fits on semantic grounds. At least it's backward compatible unlike ping which requires a site to choose between serving different content to old and new browsers, forgoing link tracking on old browsers (the majority? fat chance), or not supporting the feature at all (we have a winner!).

URL-shorteners are a different use-case altogether and not served by <a ping>

Re:How do you get offenders to stop? by RichardDeVries · 2010-09-23 08:31 · Score: 1 · on Is the Web Heading Toward Redirect Hell?

This Firefox addon does the same using the api provided by longurlplease.

Re:How do you get offenders to stop? by shog9 · 2010-09-23 07:44 · Score: 5, Informative · on Is the Web Heading Toward Redirect Hell?

Close enough: https://addons.mozilla.org/en-US/firefox/addon/9549/

Re:force-cached PNG's by muckracer · 2010-09-22 03:28 · Score: 1 · on Introducing the Invulnerable Evercookie

> there used to be the additional option of having that same selection as a pop-up window on exit (closing the browser).
> This was done away with...dunno...with 3.5+, I think. That's what I mean.
> Install the BetterPrivacy Plugin to see roughly, what it was about.

Sorry...the wrong plugin (even though BetterPrivacy is another must-have).

I meant, of course, AskforSanitize:

https://addons.mozilla.org/en-US/firefox/addon/13015/

CyberSearch anyone? by brettz9 · 2010-09-21 18:25 · Score: 1 · on Google Preps Instant Search For Chrome 8

Even Slashdot users don't know about CyberSearch? https://addons.mozilla.org/en-US/firefox/addon/7931/ or http://cybernetnews.com/cybersearch/ . This has been public at AMO since June 2008 and at their site earlier than that.... Granted, this one really ought to be built into Firefox (like Tree Style Tab) so more know about it, since it's not just a niche use.

One particularly handy tip you might miss about the add-on: type "^" and then your search term to instantly search the site already loaded in the same tab (no need to define a keyword).

Re:EH by man_of_mr_e · 2010-09-19 17:01 · Score: 1 · on Linux Kernel Exploit Busily Rooting 64-Bit Machines

And this is why so many people get compromised. You think "Oh, it's just a local vulnerability".

The problem is, virtually anything you might do that goes out onto the internet could potentially exploit a local vulernability. Unless you don't allow people to access the internet at all, your web browser, email client, streaming radio player, Instant Messenger, etc.. all of them can (and probably do) have flaws that could be used in conjunction with a local root vulnerability to gain root access. Let's say you're one version behind on Firefox, well any malicious hacker can own your computer by combining this vulnerability (or any of several others) with this local root vulnerability and you're owned.

All you have to do is visit the attackers site. Bam. Ownage. Should someone actually want to do so.

Re:dev IE9 and dev FF vs release Chrome? by spinkham · 2010-09-18 09:12 · Score: 3, Informative · on IE9, FF4 Beta In Real-World Use Face-Off

Bartab + FF 4 beta = almost instant restart with 100+ tabs.

Oh, actually, looks like bartab like functionality is now the default in the latest builds, as per the anonymous coward below. http://blog.zpao.com/post/1140456188/cascaded-session-restore-a-hidden-bonus

Re:Speaking as someone that switched to OS X by iris-n · 2010-09-18 04:54 · Score: 1 · on IE9, FF4 Beta In Real-World Use Face-Off

Oh that's amazing!

I hope they don't ever fix it; and Thunderbird dies a slow and painful death.

Another example is this:

https://bugzilla.mozilla.org/show_bug.cgi?id=299346

Thunderbird would randomly corrupt and then delete your address book. It's five years old.

Re:Speaking as someone that switched to OS X by Moridineas · 2010-09-18 03:03 · Score: 1 · on IE9, FF4 Beta In Real-World Use Face-Off

I already replied with the one I submitted, but here's another one that I first saw referenced on Slashdot.

https://bugzilla.mozilla.org/show_bug.cgi?id=92165

It's just _PAINFUL_ to read through this bug! It's almost 10 years old now!

And on the topic of crazy bug reports...here's another (non-Mozilla):

http://sourceware.org/bugzilla/show_bug.cgi?id=4980

Re:Speaking as someone that switched to OS X by Moridineas · 2010-09-18 03:01 · Score: 2, Informative · on IE9, FF4 Beta In Real-World Use Face-Off

Here's another example (somebody on Slashdot posted this awhile back and I bookmarked it for hilarity)

https://bugzilla.mozilla.org/show_bug.cgi?id=92165

Re:Speaking as someone that switched to OS X by Moridineas · 2010-09-18 02:50 · Score: 2, Informative · on IE9, FF4 Beta In Real-World Use Face-Off

Test case + bug #, or it didn't happen.

Sure. And apologies for getting the year wrong--it's actually been since 2003.

https://bugzilla.mozilla.org/show_bug.cgi?id=222747

I can't tell you how many Mail.app bugs haven't been fixed. I can tell you that I get a lot more complaints from Thunderbird users than from Mail.app users.

Another bug which I don't even know how to submit to Bugzilla and so haven't. User is composing an HTML email. While typing, midsentence, and for no apparent reason, the font changes. I thought the user was doing something dumb like clicking elsewhere in the email, but no, the font / style just randomly changes mid-sentence.

It's these kind of bugs that are SO irritating to users.

Re:Speaking as someone that switched to OS X by Anonymous Coward · 2010-09-17 21:27 · Score: 0 · on IE9, FF4 Beta In Real-World Use Face-Off

I think Bugzilla still blocks links from Slashdot, but let's try this search. (You may have to copy and paste, Mozilla got annoyed at people pointing out bugs from Slashdot threads.)

That query returned 453 bugs in the "New" status (or "Confirmed" as everyone else calls it) that have been open for at least five years, and that are blocking or critical.

Keep in mind that since they're in the "New" state that means no one has worked on them at all. If someone was working on them, it'd be "Accepted" - these are bugs that have been verified to exist, but no one has done anything with them. Including 10 marked as blocking.

Re:Why does linux get this? by klossner · 2010-09-16 04:31 · Score: 1 · on Adobe Releases New 64-Bit Flash Plugin For Linux

I keep Flash under control with the Flashblock add-on. Until I click on it, a Flash element just shows an image of the Flash icon.

Re:i'm glad this is happening by aBaldrich · 2010-09-15 10:41 · Score: 1 · on Google Fixes 10 Bugs In Chrome, Pays $4000 Bounty

Well, google provides over 80% of the Mozilla Foundation's funding, and Mozilla pays $3000 per bug, so effectively Google is paying bounties for other browsers.

Re:M$ snubs XP ? by Anonymous Coward · 2010-09-15 10:38 · Score: 0 · on IE 9 Beta Strips Down For Speed

The current Firefox 4 nightlies and soon the beta releases will have compositing acceleration enabled by default. Compositing acceleration uses Direct3D 9 and works on Windows XP:

http://blog.mozilla.com/joe/2010/09/15/testing-hardware-acceleration/
http://hacks.mozilla.org/2010/09/hardware-acceleration/

You get 3000$ per bug by Anonymous Coward · 2010-09-15 09:25 · Score: 0 · on Google Fixes 10 Bugs In Chrome, Pays $4000 Bounty

Just so you know. Not only Google offers rewards.
Mozilla does the same:
http://www.mozilla.org/security/bug-bounty.html

Re:Where's the acid test for JS? by RebelWebmaster · 2010-09-15 05:51 · Score: 1 · on Mozilla Unleashes the Kraken

Linux builds don't get PGO due to spotty GCC support, which may be a large part of the problem. Mozilla has been trying to switch to GCC 4.5.x with its improved PGO support as their official Linux compiler, but have run into issues with doing so thus far. Bug 559964 is the primary bug tracking their progress. Take a look at the bug dependencies if you're interested in the problems they've hit so far.

Where's the acid test for JS? by Muerte2 · 2010-09-15 03:41 · Score: 1 · on Mozilla Unleashes the Kraken

I'm guessing this is in response to the recent criticism of both the Sunspider and V8 benchmarks as not testing realistic workloads. I'd be very curious to see an "acid" test of javascript that's developed with input from all the browser vendors and the community. It looks like maybe Microsoft of all people is moving in this direction with their JSMeter app? In all fairness this is kraken version 1.0, it could change drastically with more feedback from the community.

Also, did anyone verify the numbers in the original post? On my x86_64 linux box I get 28631.6ms with Chrome and 38106.4ms with FF4 nightly. It seems to me that Linux really gets the shaft in JS performance. It significant underperforms the Windows version on the same hardware.

Re:*shrug* by thePowerOfGrayskull · 2010-09-13 05:47 · Score: 1 · on Why Twitter's T.co Is a Game Changer

I never click on a shortened link. You never know when it migh be a redirect to goatse.cx or worse.

Alternatively, you could just use an appropriate tool for the task.

personally I find them a convenient thing to have - especially in those situations where copy-paste isn't an option.

Full Hardware Acceleration by Anonymous Coward · 2010-09-12 23:04 · Score: 0 · on IE9 Team Says "Our GPU Acceleration Is Better Than Yours"

"We're excited that other browsers are starting to optimize for the Windows platform .. Today, IE9 is the first and only browser to deliver full hardware acceleration of all HTML5 content"

"Microsoft marketing is making noises about IE9 having a monopoly on "full hardware acceleration". They're wrong; Firefox 4 has all the three levels of acceleration they describe. It's surprising they got this wrong, since Paul Rouget published a great overview on hacks.mozilla.org a few days ago (and our plans, source code, and nightly builds have been public since we started working on this stuff many months ago) link

"Firefox's hardware acceleration interacts with a machine's graphics hardware via DirectX or OpenGL, depending on platform" link

Re:Pointless battles by icebraining · 2010-09-12 09:55 · Score: 1 · on IE9 Team Says "Our GPU Acceleration Is Better Than Yours"

For example, Firefox crashes when a user loads a 2-3 MB GIF file, because each frame is kept decoded in memory and the browser goes over the 2 GB memory barrier (for 32 bit applications). https://bugzilla.mozilla.org/show_bug.cgi?id=523950

80/20 rule!

How many people try to load a 800x600 GIF with 8639 frames and thus benefit from a fix to that bug?
Now, how many people watch Youtube videos and javascript animations/games, which will be much faster and use less power with GPU acceleration?

Re:Pointless battles by toxickitty · 2010-09-12 09:37 · Score: 2, Interesting · on IE9 Team Says "Our GPU Acceleration Is Better Than Yours"

Speaking of Firefox bugs that should've been fixed ages ago but never have. There's my all time favorite bug: Bug 105843 - Cache lost if Mozilla crashes (https://bugzilla.mozilla.org/show_bug.cgi?id=105843). This bug basically says it all it is 9 YEARS old. So for well probably since Firefox has been made it has never cached anything right. Never set that browser cache too high one crash and it's all gone. I can't even begin to imagine how much extra data Firefox needs to download over other browsers. It's also why Firefox seems to chug so much after it crashes when you have 20 tabs open and the thing crashes.

Like the OP I find it really ridiculous they can't get the basics right yet we seem to get GPU accelration, it's just pathetic.

Pointless battles by mariushm · 2010-09-12 08:48 · Score: 5, Insightful · on IE9 Team Says "Our GPU Acceleration Is Better Than Yours"

I find it ridiculous how browsers battle over something like this when they can't fix very old and stupid bugs, and fully support some older standards such as CSS 1 and CSS 2.

For example, Firefox crashes when a user loads a 2-3 MB GIF file, because each frame is kept decoded in memory and the browser goes over the 2 GB memory barrier (for 32 bit applications). https://bugzilla.mozilla.org/show_bug.cgi?id=523950
Or, another example, the file input box ignores any css color rules simply because the html specs doesn't specify any rule so for several years nobody is able to decide something. It's actually since 2000 ffs: https://bugzilla.mozilla.org/show_bug.cgi?id=52500
Or, for several years now, when uploading a file using a form, the progress is stuck somewhere around 50% and it's discussed over and over but nobody can actually do even a temporary simple fix. Since 2004: https://bugzilla.mozilla.org/show_bug.cgi?id=249338

It's actually surprising they're able to code something as complex as gpu acceleration when they can't fix small bugs and at the same time it's unfortunate that basic things are forever and ever skipped in the hunt to get the latest "features" (sometimes just to check something on a feature list) instead of actually getting some things working properly.