Slashdot Mirror

There are several bugs that make FF a pain to use for me (although I still use it because of the plugins).

* Bug 490122 - Firefox periodically becomes unresponsive/freezes: video jerks/pauses/halts; links, tabs, menus stop responding.

* Memory leaks: FF memory use grows to ~1.5GB and then it hangs with 100% CPU usage.
it may be a plugin or GM script issue but I could not isolate it. Seems to happen more frequently when browsing picture-heavy pages (google image seach, galleries, etc.)

I use an extension called Tag Toolbar to allow unlimited tags, and to edit the default tags--the default ones that Thunderbird ships with ($tag1, $tag2, ... or something similar) are special tags that are client-defined and as far as I can tell, useless. They're also the only ones most mail clients choose to support. Why would you want to store something on the server that has a different meaning on every client? Anyway, other than the tag toolbar, no I didn't have to do anything special.

I'm using other clients, which don't support IMAP tags and that's a bummer because Dovecot supports tag search directly on the server, so virtual folders would be beautiful on the iPhone for instance... oh well. It works nice on Thunderbird, and as far as I can tell that's the only one right now.

Oh, I'm also using Sieve to filter my mail, and it has very nice IMAP tag support, you can set them, read them, whatever.

The reason why it's so slow for some people is because it might still be CPU-bound. It's not using OpenGL on OS X yet, for instance.

More information here.

Firefox 4.0 b6 has not been released yet. However, the pre-release versions (Minefield) are available here

Look at the FAQ - there are some x64 specific optimizations that haven't been made. It even points to a bug where the x86 code-path is actually worse on x64.

Slashdot is quite perky with the last couple of betas. But it's especially disheartening that the video "upgrades" in this most current release fall short on my platform. When viewing the demo page ( http://demos.hacks.mozilla.org/openweb/HWACCEL/ ), I get 1 fps. I get 6 fps when running the same demo on Firefox inside a Parallels Windows XP SP3 VM. The VM is significantly faster... which boggles the mind actually.

So far as I remember, this was an Apple issue not necessarily a Mozilla issue, but still disappointing.

I find it funny that Chrome gets a 6 on this 'stress test'.

Firefox lagged chrome mostly because firefox cares a LOT more about compatibility, and adding all this crazy JIT compiled JS stuff is hard when you're trying to support all the introspection features which people have been using in firefox.

Firefox cares about compatibility? Are you kidding me? Reported: 2000-03-28

Doing a basic html element wrong for 10 years is not compatibility.

Agreed. They are working on multiprocess, it's called Electrolysis. It's very quiet, so I imagine they're behind schedule. It's also my impression that it's a very small team.

Slashdot is quite perky with the last couple of betas. But it's especially disheartening that the video "upgrades" in this most current release fall short on my platform. When viewing the demo page ( http://demos.hacks.mozilla.org/openweb/HWACCEL/ ), I get 1 fps. I get 6 fps when running the same demo on Firefox inside a Parallels Windows XP SP3 VM. The VM is significantly faster... which boggles the mind actually.

So far as I remember, this was an Apple issue not necessarily a Mozilla issue, but still disappointing.

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I also use TACO. Why do we need government action, when all the tools are already here?

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

I use and recommend Adblock Plus, Better Privacy, CustomizeGoogle, Flashblock, NoScript and RequestPolicy. This combination allows for extraordinarily fine grained control over what sort of information is tracked from session to session. Now, if you log into a site using an account controlled by that site then they are going to track some clicks regardless of what addons are used, but if you are logging in with a named account then you probably already knew that.

Isn't that what AdBlock Plus is for?

Is it just me, or does anyone else think it'd be somewhat wise to have Slashdot story submission code automatically turn links into Coral Cache links?

There's a Firefox plugin that does this for you.

Ignore the "Not available for Firefox 3.6" message - you can override compatibility checking with the Add-on Compatibility Reporter plugin and it works just fine.

Is it just me, or does anyone else think it'd be somewhat wise to have Slashdot story submission code automatically turn links into Coral Cache links?

There's a Firefox plugin that does this for you.

Ignore the "Not available for Firefox 3.6" message - you can override compatibility checking with the Add-on Compatibility Reporter plugin and it works just fine.

"Clunky interface"? Really? The browser is completely configurable. You can make it look like Chrome, IE, etc. Mine just has the tab bar, a black status bar and a white "command bar", skinned by Vimperator.

Clunky default interface, possibly, but who cares?

"Clunky interface"? Really? The browser is completely configurable. You can make it look like Chrome, IE, etc. Mine just has the tab bar, a black status bar and a white "command bar", skinned by Vimperator.

Clunky default interface, possibly, but who cares?

I like SuperGenPass. It never actually saves a copy of your passwords, it algorithmically generates them from the site's domain name and your master password.

I like this approach. Is this similar to Stanford's PwdHash bookmarklet? I've never heard of SuperGenPass or its author before. Here's a caution about not using it on pages you don't trust: http://akibjorklund.com/2009/supergenpass-is-not-that-secure

PwdHash online version: https://www.pwdhash.com/
Firefox add-on: https://addons.mozilla.org/en-US/firefox/addon/1033/)

The Righthaven/Stephens Media copyright trolling was covered by a lot of the conservative blogosphere a few weeks ago. Righthaven (the trolls) has a deal for all of Stephen Media's 70-odd newpaper properties (including the Las Vegas Review-Journal). Wired had a story about their business plan.

A trademark lawyer blogged about why their business plan isn't a good one (hint: most bloggers don't have deep pockets).

Finally, Clayton Cramer posted a blacklist plus some links to BlockSite and SiteBlock to block all Stephens Media properties from Firefox/Chrome.

It was a bit of a cause célèbre for about a week, but I'm sure this will kick it up again...

If only the Mozilla Foundation had the balls to include an ad blocker which dealt with Google Adwords

Do I detect a non-user of AdBlock Plus? It's been featured on the Privacy & Security page of addons.mozilla.org for ages now, and occasionally featured on the front-page as well.

Yes, it works just fine with Google text-based ads, too. I haven't seen them in months.

If only the Mozilla Foundation had the balls to include an ad blocker which dealt with Google Adwords

Do I detect a non-user of AdBlock Plus? It's been featured on the Privacy & Security page of addons.mozilla.org for ages now, and occasionally featured on the front-page as well.

Yes, it works just fine with Google text-based ads, too. I haven't seen them in months.

And why not also embed the IE engine for compatibility with IE-only sites?

Aside from the fact that this has happened

No, it didn't happen. I'm already aware of that addon, but it changes nothing. Firefox does not embed IE by default. The user has to install a third-party addon to embed IE, and hardly anyone does that. A website must (shock and horror!) code to open standards to support Firefox. They can't half-ass it by flipping on the IE-mode and screw over people that didn't pay a toll to a "rights holder" that didn't do any work to create the website in the first place.

and it wasn't the end of the world, there simply isn't an analogy here. There isn't a native HTML renderer API you can call out to on every platform, or a reason to do so.

No, it's a perfect analogy. There isn't a native and licensed H.264 renderer you can call out to on every platform, either. There is a reason to do so for both HTML and H.264, and it's the same bad reason in both cases: to support viewing of content that isn't in an open format or coded to open standards.

The reason that's bad is that it encourages the problem it's meant to deal with and does an incomplete job of dealing with it at that. That's a net negative.

However, on pretty much every platform Firefox supports, there is a native video API, and that native video API most likely supports h.264,

That's just a statement about today. Look at the qualifiers I italicized. They will change in the future. If Linux adoption grows, the "rely on the OS" approach will cover fewer people. By encouraging the widespread use of H.264 now, we'd just be handing over free leverage to the patent cartel that is MPEG LA, and they will use it against us later to get as much out of us as they think they can get away with.

not that it's any of Firefox's fucking business what codecs it supports.

Actually, it is, because security is Firefox's business. Giving untrusted websites free reign to load dozens of unknown external libraries and feed unchecked data to them is a very bad idea.

For all Firefox knows, I could have a Linux-only hardware-accelerated theora card -- why should Firefox get in the way by insisting it's all software-based, so Firefox can keep a stranglehold of control on it?

Firefox shouldn't get in the way and it wouldn't get in the way. Hardware accelerated decoding is a good thing. But it should actually be hardware accelerated decoding, not hardware enabled decoding. I don't want a dongle to be required for a fully functioning browser.

I've got h.264 in hardware and in two OSes on the same machine. I've also got Firefox on the same machine. And it's only fucking zealots like you that keep me from connecting the two together.

Nobody is stopping you. You even have access to the source code to make it happen. They're just not doing the job themselves, because it's a really bad idea to have that in the standard Firefox.

If Firefox can't support GPU rendering on all operating systems, then it shouldn't support it on any.

Fixed that for you. Does it still make sense?

If so, why does Firefox currently support GPU rendering? It doesn't work on all OSes -- not all OSes have drivers for modern enough GPUs to make this work.

If not, what is your argument?

No, that version doesn't make sense. Firefox supports software rendering as a fallback when GPU rendering isn't available, and both rendering methods do the same thing. Your DOM gets rasterized whether you have GPU acceleration or not.

What I'm against is licensing tech from monopolies under restrictive terms where it can't be made available to everyone,

And why not also embed the IE engine for compatibility with IE-only sites?

Aside from the fact that this has happened and it wasn't the end of the world, there simply isn't an analogy here. There isn't a native HTML renderer API you can call out to on every platform, or a reason to do so.

However, on pretty much every platform Firefox supports, there is a native video API, and that native video API most likely supports h.264, not that it's any of Firefox's fucking business what codecs it supports. For all Firefox knows, I could have a Linux-only hardware-accelerated theora card -- why should Firefox get in the way by insisting it's all software-based, so Firefox can keep a stranglehold of control on it?

I've got h.264 in hardware and in two OSes on the same machine. I've also got Firefox on the same machine. And it's only fucking zealots like you that keep me from connecting the two together.

If Firefox can't support GPU rendering on all operating systems, then it shouldn't support it on any.

Fixed that for you. Does it still make sense?

If so, why does Firefox currently support GPU rendering? It doesn't work on all OSes -- not all OSes have drivers for modern enough GPUs to make this work.

If not, what is your argument?

We don't need to regress back to the days where websites only work if you have the "correct" OS.

Yeah, just keep repeating that as if it's an argument. I mostly agree with you, but I find your methods disgusting. You would restrict my freedom to ensure I have freedom. Do you realize how pathological that is?

Maybe you could add a "whitelist this site for cookies y/n?" query right after "do you want to save the password for this site"?

The CS Lite addon does what you want (for Firefox):
https://addons.mozilla.org/en-US/firefox/addon/5207/

Give Cookie Monster a try:
https://addons.mozilla.org/en-US/firefox/addon/4703/

It's like NoScript, but for cookies instead of javascript. You can white/black list by subdomain, or parent domain (*.domain). By default, I block all except a whitelist of a few domains of sites I login to. For sites like the New York Times, I simply "temporarily allow" cookies for the current browsing session.

One really nice feature (editable) is that it will delete cookies for the current domain when you change the action from Accept to Reject/Deny.

I might keep seeing ads for it everyplace that Overstock runs ads.

The solution: Adblock Plus

try the Firefox CookieSafe AddOn

Maybe you could add a "whitelist this site for cookies y/n?" query right after "do you want to save the password for this site"?

CookieCuller for Firefox does exactly that. You can white-list cookies for sites you trust and the rest of them are flushed every time you close your browser.

There is an addon for Firefox CookieMonster which does exactly that.

can't a more informative tab tree be visible on the left but auto hide when you mouse off?

Sure. For example, this is basically "the" vertical tab addon for Firefox, and it can autohide.

It seems it would be harder to make tabs at the top autohide though, just because there are several things at the top, like the address bar, menu bar, etc. - where would you need to position the mouse for it to unhide? Would you have to aim the mouse for a specific point? With vertical tabs you only have to flick your mouse to the side of the screen. It's a big target you can't overshoot.

These days most screens are wider than they are taller. And text still reads better vertically. So the height is valuable real-estate while there is side space to waste. My desktop has the application bars hide on the left/right.

The more vertical space the better.

Exactly. The only time you don't want vertical tabs is on e.g. a netbook if it'll reduce the browser's horizontal viewing area to below 1024 pixels.

Firefox users should check this out if interested.

Of course, there is a Firefox extension that does exactly that.

• you can display many more tabs while keeping the titles visible
• you save precious vertical space and use horizontal space instead, which is often wasted (a side effect of monitors being wider than they are tall while pages are taller than they are wide, and also of the fact that most pages don't benefit from being given more width past a certain point - the extra space is left empty, or the lines of text are too long)
• you can organize tabs into a hierarchy by simply indenting them (when I use Firefox, I use the excellent Tree Style Tabs extension for this.)

"The JavaScript compiler translates JavaScript source into Java class files. The resulting Java class files can then be loaded and executed at another time, providing a convenient method for transfering JavaScript, and for avoiding translation cost."

http://www.mozilla.org/rhino/jsc.html

Firefox 4 isn't due out until November

Firefox 4 beta 3 supports WebGL

I am aware of that. But what is the installed base of Firefox 4 beta 3 among one's web site's audience, especially given that Firefox 4 is reported to break extensions designed for Firefox 3.6.x? Until the Flash whitelist plug-in, which states that it works with "Firefox 1.5 - 3.7a5pre", is updated for Firefox 4, I do not feel ready to give it up just to try WebGL, and I'd bet that a lot of other Firefox users agree with me.

Mozilla are working hard with browser performance. From startup performance, I/O reduction to speed up some things, even a new caching system. I could name more, but you get the idea.

Mozilla are working hard with browser performance. From startup performance, I/O reduction to speed up some things, even a new caching system. I could name more, but you get the idea.

Mozilla are working hard with browser performance. From startup performance, I/O reduction to speed up some things, even a new caching system. I could name more, but you get the idea.

At least there's an addon for it.

I think Flash will stick around for at least a few more years. Actionscript has turned into a fairly nice language, and I think it will be a while yet before HTML5+Javascript match its performance and capabilities... at least for substantial web applications and games.

It's already there in Firefox 4 and IE9. Both will feature fast JavaScript engines and pervasive hardware acceleration of their layout engines. Observe just one example:

http://www.youtube.com/watch?v=OIZUdZdFzOo

Watch some beautiful hardware accelerated CSS3 transitions in Firefox 4. Note also that the HTML5 version of the YouTube hosted video is embedded in the page with an iframe. I watched the embedded WebM version in Minefield with no Flash player installed:

http://hacks.mozilla.org/2010/07/firefox4-beta2/

Safari, Opera, and Chrome will catch them up eventually but for now Firefox and IE are well ahead in this regard.

I work for Mozilla on Firefox and I just wanted to respond to some of the claims being made here. We've opened up the bug so that others can take a look (bug 570658), but there is not much to see, here. The bug says that:

1) if you visit a page that uses an iframe
2) and that iframe's src attribute uses a deceptive url (e.g. "http://safe.com@evil.com")
3) then we don't pop up a warning that the url is deceptive

What's odd about the bug is that there is very little value to step 2 - only someone examining the page's source would notice the iframe's src attribute, so it's not clear to me where the deception is supposed to come in. A genuinely malicious page would source their attack iframes directly, unless they thought that this deceptive url might fool our phishing/malware protection. It won't.

If someone thinks we're overlooking an attack vector here, we're really interested to hear it, but as described the attack feels pretty weak.

If you think we're missing something critical, please do comment in the bug or get in touch with our security group ( http://www.mozilla.org/security/ ).

Johnathan