Slashdot Mirror

Re:MS Paint (Score:5, Informative)
by skyshock21 (764958) on Thursday April 21, @08:51AM (#12301598)

A fellow Slashdotter posted an amazing fix for the perceived "Adobe Reader Bloat" you speak of. Here's the text that was posted the other day: . . .

No browsers pass Acid2. So far, the development version of Safari comes closest.

...the update added an insane number of unwanted bookmarks and bookmark folders to Safari... I hope this isn't a new trend.

No, it's a bug, according to Dave Hyatt, author of Safari.

"Oh look! It has more vulnerabilities than IE!"

The quoted report was based on the last six months of 2004. Firefox 1.0 was officially released on November 9, 2004 http://mozillazine.org/articles/article5513.html. So, the product was still in beta for four of the months covered by the report. Without further details from the report, it's impossible to say how many vulnerabilities were in Firefox when it was considered ready for production end-user use.

Remember the Acid2 challenge mentioned on Slashdot a few days ago? Safari and Firefox both failed miserably, but Dave Hyatt, an Apple developer working on Safari's WebCore, has made amazing progress (in less than a week!) at compliance using the Acid2 test as a guide.

It would be nice to see the same pace of development on Gecko, but I'm not holding my breath.
--
perl -e '$??s:;s:s;;$?::s;;=]=>%-{<-|}<&|`{;;y; -/:-@[-`{-};`-{~" -;;s;;$_;see'

My guess is that Adobe's support for SVG will disappear soon; while I'd like SVG to succeed, there is no way that Adobe will cannibalize their income stream that they got from Macromedia.

macromedia makes money on the Flash creation software, not directly on the use of flash on websites. For Adobe, having PDF be an open document format has protected Adobe from a lot of criticism and calls for an alternative. SVG was created largely beacuse Flash was proprietary, but it is also very nice that it is an open xml standard. It would make more sense for Adobe to roll SVG support into their Flash MX (or whatever they call their creator tool these days).

Otherwise SVG will just continue to grow and people will create new better tools to manage the xml. And Adobe will likely be stuck with an open source competitor that has native support in Firefox (and IE would likely follow unless they pay Microsoft big money not to include it).

Either way Adobe should just continue to embrace svg, because they aren't going to be able to kill it and if they try it will just come back stronger than before.

Though I could see a situation were Adobe hobbles their plugins so that it won't provide the functionality of flash. The best thing to do here is to finish building svg support into firefox where it belongs and to push ahead regardless of what adobe decides.

read a old discussion about fireox support here

if this is the usual response by a developer at Apple...

http://weblogs.mozillazine.org/hyatt/archives/2005 _04.html

he hasn't gotten it all fixed yet, but what an effort.

Well, regardless of how far you can count, you obviously didn't look very hard for changes. The improvements to web-kit alone are major, and have also been back-ported to OS 10.3.9 for free (the latest minor release). The features you list

Spotlight
Automator
Core Video

Are not currently available in any other desktop OS (though Linux has beagle). In fact Longhorn won't now have WinFS (perhaps a more flexible solution than Spotlight but unfortunately vapour-ware).

You missed out:
Dashboard
Core Data
Web Core (DOM API accessible in cocoa etc)
xGrid
PDF annotations and forms (plus various preview.app enhancements)
Jabber, H.264 and multiple video IM
etc,etc...

Consider Microsoft's approach - renaming Windows 2000 to Windows XP (now with hideous colours), service packs for bug fixes, a monthly scramble by customers to install updates for remote vulnerabilities before they're exploited, and an attempt to move their customers to a subscription model (which looks like it's failed, but that's their goal).

Compare and contrast with the consistent and regular updates to OS X - major updates which you can *choose* to upgrade to every couple of years, augmented by regular updates every month or so fixing bugs and adding minor features.

I know which world I prefer to live in.

Just why should Apple give this update for free to all its customers, they already update the OS around every month for free? Sounds to me like you're the one who is cheap.

KHTML (or more exacly Safari engine, I don't know how many of the Safari-induced changes get back to the main KHTML trunk) progresses fast in terms of quality and may be the first browser to pass Acid2
While I'm far from a mac fan (heck, I don't even have one) I can't do anything but be impressed by the dedication and transparency Dave Hyatt puts in the Safari dev.

The Apple community is hella lucky to have such a guy handling their browsing needs...

Guess you're right. Looks like pain though. Besides, it doesn't matter really. I just like the suite anyway.

That's one thing I'd like to get more information about, actually. How exactly are they extending webcore and how much have they opened up for Safari.

I don't know, the dev docs other have pointed to might shed some light on it. There are also tidbits in Dave Haytt's blog, including the statement that "This plugin will not be present in Safari or other WebKit applications, and is only accessible from Dashboard".

So it is my guess that while Dashboard is a WebCore app, it and it alone has the stuff that let you bridge JavaScript to Cocoa, which makes it far far harder to attack someone with it via Safari or Mail.

I just use the zip'ed version.

http://forums.mozillazine.org/viewtopic.php?t=2503 82
http://ftp.mozilla.org/pub/mozilla.org/firefox/nig htly/2005-04-15-05-aviary1.0.1/

I never use installer versions of software if I don't have to.

Information about the changes in Safari 1.3 can be found on on David Hyatt's blog.

Old news. :) Apple already hired Dave Hyatt back in 2002 to work on Safari. IIRC, he had previously been working on Camino (the Cocoa-native port of Mozilla). Wikipedia has a short writeup of the guy, if you're inclined to trust anything you read on that site.

Sometimes he writes about WebCore development on his blog. Remember the Acid2 test from a few days ago? Seems he's already working on fixing rendering bugs. Go Dave.

Old news. :) Apple already hired Dave Hyatt back in 2002 to work on Safari. IIRC, he had previously been working on Camino (the Cocoa-native port of Mozilla). Wikipedia has a short writeup of the guy, if you're inclined to trust anything you read on that site.

Sometimes he writes about WebCore development on his blog. Remember the Acid2 test from a few days ago? Seems he's already working on fixing rendering bugs. Go Dave.

Dave Hyatt Is making progress with Safari's handling of the test, and blogging as he goes. very cool.

This "new" system is a generic method to block all pop-ups by any plugin. (I say "new" because the basic method seems to be available since 1.0.) It seems to be implemented at a lower level in the code.

Unless someone has found an entirely different method that uses neither client-side scripts nor plugins, I would say this system should be safe for a while at least. And as far as I can see, that takes care of almost anything around today. I couldn't find any specifics in TFA though. I wish there were a few more details available without having to look through the code. Oh well...

You may use this (info about it here).

It could be another solution.

You can try the 1.0.3 release candidate, in which this bug is fixed, and which is due to be rolled out very soon. See here for download links.

Not with the new super pop-up blocker.

Here's some:
http://kb.mozillazine.org/Firefox_:_FAQs_:_About:c onfig_Entries

Googling on specific parameter names will find you more.

By the way, Firefox has an option in its preferences UI that lets you turn prefetching off. No tricks required.

First of all, this is a security feature that helps prevent being victimized by phishing attacks. DO THE FOLLOWING AT YOUR OWN RISK.

1. go to about:config
2. add/edit this key: network. http.phishy-userpass-length
3. the value is from 1 to 255.

the browser will warn that you are entering a username and password unless the length is less than that number. the default is 1. for more info, go to http://kb.mozillazine.org/About:config_Entries

No, this is:

http://forums.mozillazine.org/viewtopic.php?p=1285 813#1285813

Sorry this isn't working for me either.

I'm using FF 1.02 on Win XPSP2. Is there some setting?

That's my settings, too, so I'm guessing there probably must be an about:config or similar setting... but... I've looked at mine and the Mozillazine KB and can't see anything obvious. We're on a pretty basic LAN here - nothing fancy like AD. Maybe that's an issue?

1. But does it stop the bloody pop ups I've had to turn off Javascript to cure?

By default, popups aren't disabled for plugins (like Flash). Here's how to disable them for plugins;

1. Open a new browser window.

2. Type about:config for the URL and press enter.

3. You should see a long list of settings. Ignore them.

4. Right click on the background and select "New...integer".

5. Enter in the following;

privacy.popups.disable_from_plugins (press OK)

2 (press OK)

For reference, here's are the settings for the
privacy.popups.disable_from_plugins option;

* 0: open allowed
* 1: the opened windows are treated as popups, but they're allowed to
open (we limit the number of these types of popups)
* 2: the window is a popup, block it
* 3: block all, even the whitelisted ones.

reference link

Apparently mozilla.org took it upon themselves to remove the ZIP archive method of distribution, citing various incompatibility problems and the need to "simplify the test matrix". What stinks about this is that the ZIP method was (and still is) one of the cleanest and most convenient way to install Firefox. Now they've gone and removed it, without taking in any user input at all. In fact, most users aren't exactly too pleased with the decision, as evidenced by the comments in both blogs.

Oh well, won't be the first dictatorial decision undertaken by Mozilla (branding, the Qute icon change, the naming fiasco..)

Apparently mozilla.org took it upon themselves to remove the ZIP archive method of distribution, citing various incompatibility problems and the need to "simplify the test matrix". What stinks about this is that the ZIP method was (and still is) one of the cleanest and most convenient way to install Firefox. Now they've gone and removed it, without taking in any user input at all. In fact, most users aren't exactly too pleased with the decision, as evidenced by the comments in both blogs.

Oh well, won't be the first dictatorial decision undertaken by Mozilla (branding, the Qute icon change, the naming fiasco..)

It seems there are no official zip builds for formal releases. Asa's blog explains why and suggests that those looking for them "look at the build ID in the final release, and get the same nightly build from the same branch".

Only problem? The release notes don't specify the build ID, so you have to run the installer first. When you do that, you discover the build ID is 20050317. Only there don't (currently) appear to be any 1.02 zip builds in any of the aviary directories for 20050317.

Am I missing something?

I'm the person who asked the original question: http://interviews.slashdot.org/comments.pl?sid=142 551&threshold=1&commentsort=0&tid=154&mode=thread& cid=11945799

Some of you seem to believe the only "stupid" users would suffer from this bug. In fact the installer made it easy for a user to install to the wrong directory:

Misconception #2:
Users know better than to install Firefox into the root of Program Files rather than a subdirectory, so those who do it wrong deserve their fate.

The installer's UI makes performing the correct action very difficult:
1. The user who wishes to install Firefox to D:\Program Files\Firefox must first navigate to D:\Program Files and then press "Make New Folder", click on the created folder named "New Folder", rename this folder "Mozilla Firefox", and then select this Folder.
*Note*: this is unlike any other Windows installer.
2. Windows 98 users cannot perform the "Make New Folder" step because this button does not exist on the Windows 98 file dialog. See this thread for a screenshot and more info:
http://forums.mozillazine.org/viewtopic.php?p=3669 60
3. Other installers automatically create a named installation folder, and users expect Firefox to do the same thing.
4. Some users may attempt to type the name "Mozilla Firefox" into the text box in the file selection dialog. Doing so does not result in the creation of this folder.
*Note*: This is unlike standard Windows intallers, where it does.

"So why write an entire browser instead of adding native widgets to the Mac port of Firefox?"

Where's the mac version?

There is no mac version. While Phoenix could be made to run on Mac without much trouble, we see no point in competing with Chimera. Chimera is the lightweight, standalone Mozilla browser solution for Mac OS X. We have received requests for a Mac classic version, and are considering the idea.

you have to work around Firefox/Mozilla's assinine profile directory naming convention, arguably the stupidest thing they've done.

If only there was some way to create profiles without the salt... oh.

Do you mean Mozilla Suite? It's no longer being developed by the Mozilla Foundation (well, there's no plan for a version 1.8, so "no longer" soon). There is a group of people who are planning to fork the code, and continue work on it, but it's likely that the Suite is not gaining popularity because it is considered deprecated now.

Yahoo! have retracted their promise: not everything will be Firefox-compatable after all.

This site is using Flash to do its popups in FireFox. So you shouldn't see them if you don't have the Flash plugin installed.

It executes this javascript. That does a document.write() to create an EMBED with the source pointing to this flash applet. And that flash applet is the thing that opens the popup.

It also sets a cookie so that it only gives you a popup once per day. This is why changing your JavaScript settings may seem to block it. But messing with those settings has no real effect.

I have FlashBlock installed, but that's not enough. The Flash applet still gets a chance to run for a fraction of a second before FlashBlock hides it, and that's all it needs.

See this post on Asa Dotzler's blog for a workaround for this problem.

To block pop-ups from plugins, open your Firefox 1.0 or 1.0.1 browser, type about:config in the address field. Right-click in the resulting config page somewhere and select New -> Interger. Type privacy.popups.disable_from_plugins in the resulting dialog, hit OK, type 2 in the next dialog and you're all set.

This pref can actually take three values:
0: open allowed
1: the opened windows are treated as popups, but they're allowed to open (we limit the number of these types of popups)
2: the window is a popup, block it

or even 007759.

Release Candidates out now

http://weblogs.mozillazine.org/asa/archives/007759 .html

Damn, those guys are quick.

1. I have no idea if CSS is flawed, or what the problems might be with it.
   
2. According to Dave Hyatt, "Sometimes trying to support the standards can be a real pain."

I like the approach this site uses. IE user see a "get Firefox" button, for for Firefox users, the image is replaced with "welcome, Firefox user!".

(from MozillaZine)

Firefox has not turned off IDN's, instead opting temporarily to display them in punycode, with the option of fully enabling them.

Asa Dotzler has answered this on his blog (kind of):

I suspect it will be called something like "the Mozilla browser testbed" or something similarly unfriendly to end users but it will essentially be Firefox.

This is in the comments to this blog posting entitled "mozilla product futures".

Asa Dotzler has answered this on his blog (kind of):

I suspect it will be called something like "the Mozilla browser testbed" or something similarly unfriendly to end users but it will essentially be Firefox.

This is in the comments to this blog posting entitled "mozilla product futures".

Recently I learned of a bug in Windows Firefox versions prior to 1.01 which was fixed in this version. This bug wipes user's hard disks. I've located 15 users who've suffered from this bug.
Why did it take over *one year* to fix this serious bug?
http://forums.mozillazine.org/viewtopic.php?t=2257 31

The bug only occurs when a user uninstalls Firefox. A user who uninstalls version 1.0 to prepare for installing version 1.01 is vulnerable. Why has the Firefox homepage not been updated to warn all users about this fact, and to offer a safe remedy?

At least 15 people reported the bug. Assuming that 5% of victims would post publicly about it, this would leave around 300 actual victims. Even 5% is probably too high; a 1% estimate would leave around 1,500 total victims. Since the bug only occurs when Firefox is uninstalled, many hundreds or perhaps even thousands of potential future victims exist.

The bug was reported in bugzilla and discussed without fixing for over *one year*. At one point a developer didn't remove the dangerous code because he said "This is not an acceptable solution to force on all users because some people make bad assumptions and then don't read dialogs." Is Firefox truly ready for "the masses" when developers maintain this sort of attitude towards users?

(copy, remove spaces, and paste bugzilla links since they won't work from Slashdot)

Original bugzilla bug:
https://bugzilla.mozilla.org/show_bug.cgi?id =23362 5

Firefox advocate ivanii attempts to raise concern about this bug (10/07/2004)
http://www.spreadfirefox.com/?q=node/view/2808

Here's links to a few people who suffered from this bug:
1.http://computercops.biz/postp82180.html
Thu Feb 12, 2004
"Using the Firefox uninstaller has deleted almost everything in the Program Files directory..."

2.http://www.terryfrazier.com/1391
10/5/2004
"What idiot writes an uninstall routine that wipes out everything in the parent folder?!"
"This is not some minor issue. This is a show stopper. I mean, damn!"
"..every last vestige of that vile firefox has been eradicated from my registry. "

3.http://sillydog.org/forum/viewtopic.php?p=4062 6
04 Aug, 2004
"After un install Firefox lost all ,MBX Eudora mail files"
4.http://forums.mozillazine.org/viewtopic. php?t=64 871&sid=2d93836acbfea243769078b48c3eff90
2004-03-28
Also posted on Bugzilla as user "Cy"
"This is not a minor inconvience. This is CARNAGE!!! Uninstalling a browser and ending up wiping out almost your entire hard drive."
"This is ruining mozilla's reputation. I now have a distrust of any win installer release by mozilla"

5.rajarajan.sampath final bugzilla victim to post.
2005-02-04
"The uninstaller wiped off, 2/3rd of my programs. This shouldnt be the case, no matter what."

6. Thomas Passin (original buzilla poster)
2004-02-09
"This is DANGEROUS."

7.https://bugzilla.mozilla.org/show_bug.cgi?id=2 42 118
2004-04-29
"...I uninstaled the whole directory "E:/Program Files"!! It wasn't very nice for me..."

8. https://bugzilla.mozilla.org/show_bug.cgi?id=26969 9
2004-11-13
"All my backups and irreplaceble files are now lost.....Thank you for making a shitty uninstaller....i fucking hate you now"

9.https://bugzilla.mozilla.org/show_bug.cgi?id=2 71 805
2004-11-25
"Firefox will deleted all my other program in c:\program files. very unlucky,I did it!!"

10. https://bugzil

Recently I learned of a bug in Windows Firefox versions prior to 1.01 which was fixed in this version. This bug wipes user's hard disks. I've located 15 users who've suffered from this bug.
Why did it take over *one year* to fix this serious bug?
http://forums.mozillazine.org/viewtopic.php?t=2257 31

The bug only occurs when a user uninstalls Firefox. A user who uninstalls version 1.0 to prepare for installing version 1.01 is vulnerable. Why has the Firefox homepage not been updated to warn all users about this fact, and to offer a safe remedy?

At least 15 people reported the bug. Assuming that 5% of victims would post publicly about it, this would leave around 300 actual victims. Even 5% is probably too high; a 1% estimate would leave around 1,500 total victims. Since the bug only occurs when Firefox is uninstalled, many hundreds or perhaps even thousands of potential future victims exist.

The bug was reported in bugzilla and discussed without fixing for over *one year*. At one point a developer didn't remove the dangerous code because he said "This is not an acceptable solution to force on all users because some people make bad assumptions and then don't read dialogs." Is Firefox truly ready for "the masses" when developers maintain this sort of attitude towards users?

(copy, remove spaces, and paste bugzilla links since they won't work from Slashdot)

Original bugzilla bug:
https://bugzilla.mozilla.org/show_bug.cgi?id =23362 5

Firefox advocate ivanii attempts to raise concern about this bug (10/07/2004)
http://www.spreadfirefox.com/?q=node/view/2808

Here's links to a few people who suffered from this bug:
1.http://computercops.biz/postp82180.html
Thu Feb 12, 2004
"Using the Firefox uninstaller has deleted almost everything in the Program Files directory..."

2.http://www.terryfrazier.com/1391
10/5/2004
"What idiot writes an uninstall routine that wipes out everything in the parent folder?!"
"This is not some minor issue. This is a show stopper. I mean, damn!"
"..every last vestige of that vile firefox has been eradicated from my registry. "

3.http://sillydog.org/forum/viewtopic.php?p=4062 6
04 Aug, 2004
"After un install Firefox lost all ,MBX Eudora mail files"
4.http://forums.mozillazine.org/viewtopic. php?t=64 871&sid=2d93836acbfea243769078b48c3eff90
2004-03-28
Also posted on Bugzilla as user "Cy"
"This is not a minor inconvience. This is CARNAGE!!! Uninstalling a browser and ending up wiping out almost your entire hard drive."
"This is ruining mozilla's reputation. I now have a distrust of any win installer release by mozilla"

5.rajarajan.sampath final bugzilla victim to post.
2005-02-04
"The uninstaller wiped off, 2/3rd of my programs. This shouldnt be the case, no matter what."

6. Thomas Passin (original buzilla poster)
2004-02-09
"This is DANGEROUS."

7.https://bugzilla.mozilla.org/show_bug.cgi?id=2 42 118
2004-04-29
"...I uninstaled the whole directory "E:/Program Files"!! It wasn't very nice for me..."

8. https://bugzilla.mozilla.org/show_bug.cgi?id=26969 9
2004-11-13
"All my backups and irreplaceble files are now lost.....Thank you for making a shitty uninstaller....i fucking hate you now"

9.https://bugzilla.mozilla.org/show_bug.cgi?id=2 71 805
2004-11-25
"Firefox will deleted all my other program in c:\program files. very unlucky,I did it!!"

10. https://bugzil

I assume you mean this

I honestly cannot see where it answers my question (I did check it before posting, too)

That's the first question most of us would ask. A related question: what's the significance of Ben Goodger switching his employment from Mozilla Foundation to Google? Is this just a device to offload some of your payroll costs?

According to this FAQ entry it does so, and this FAQ entry describes how too.

Josh (one of Mozilla's recent hires) posted what sounded like great news about Camino's short and medium term release cycle back on March 5. But these latest revelations may have raised some employment questions for guys like him and Mike. Camino is mostly (completely?) volunteer right now, but even in that light job insecurity can raise questions in how much one can volunteer.

Josh (one of Mozilla's recent hires) posted what sounded like great news about Camino's short and medium term release cycle back on March 5. But these latest revelations may have raised some employment questions for guys like him and Mike. Camino is mostly (completely?) volunteer right now, but even in that light job insecurity can raise questions in how much one can volunteer.

earlier I did post story on this subject and get rejected , then I submitted the same story at OSNews here , it's on front page there hours ago, wtf slashdot?
anyway, this is text of story:
In sad news for people who prefer Mozilla Suite over Firefox, seems will be there no Mozilla Suite 1.8 Final while developers already start talking about fork , others are just happy over the situation. More here.