Firefox 1.05 Released

Zebbie writes "The Mozilla Foundation released Firefox 1.05 today. The release notes indicate that there have been some 'security fixes' and 'improvements to stability.' From the web site: 'Firefox 1.0.5 is a security update that is part of our ongoing program to provide a safe Internet experience for our customers. We recommend that all users upgrade to this latest version.' It is interesting that these security updates are not yet posted on the security advisories page."

Re:Why bother with a Mac version?

[rincebrain]

I beg to differ. Deer Park is far faster and more stable than previous versions.

Go try that instead of the 1.0 series if you have complaints about speed.

Anybody else experience

[sanmarcos]

Anybody experience the huge memory usage when opening a few big images?.

Firefox should focus on improving the bookmark manager, the preferences, and polishing up the UI, but not forget about the most important things, speed and stability that is.

It started as a lightweight mozilla, but it consumes just as a big chunk of memory as Mozilla does.

Today, Firefox is the only serious competition to IE, (I see a lot of people using FF, even non geeks). Also, remember that another of Firefox key features is security. Lets hope that IE7s new features (that are similar to the ones FF always had, tabs, search box, etc), dont take away market share from FF.

Re:Anybody else experience

[Demona]

Firefox for Win32 is incredibly stable and fast, only crashing perhaps once every few weeks if not months, and usually only when using video plugins. Under Slackware Linux 9.1, Firefox has been sucking worse and worse ever since it was called Firebird 0.6, to the point now where it runs for LESS THAN ONE HOUR before slowing to a stop and sucking up 100% CPU, requiring a restart. This is not a Slackware problem - a friend of mine with an identical Slack 9.1 setup has never had any problems like this with Firefox. This is not a Linux problem - no other application on the system does anything like this. This problem is still present even after upgrading all Mozilla libraries on the system, and it is incredibly frustrating for my Linux browser to suck so badly that it makes me feel like I'm using Windows. Unfortunately, at this time all the alternative browsers for Linux do not meet my needs. None of the numerous developers I've discussed this with appear to have any idea what the problem could be, despite my providing numerous GDB backtraces. I am currently considering running Firefox for Win32 under WINE. Yes, it's that bad.

Re:Anybody else experience

[Slowping]

Hmmm which firefox versions are you using?

I have three computers (all Linux) which has firefox as their browser. Two desktops and one laptop. All three of them run cpufreqd.

My two desktops stay up for months on end. Thanks to tabbed browsing, I leave just one browser window open and use it for everything. I've had firefox stay up for as long as the machine, without problem.

For all three computers, I comfortably browse a various collection of websites, including many which have flash or java. None of the machines are taxed enough to force cpufreq into the gigahertz range.

You sound like you know what you're doing, so I won't question the poor behaviour you're seeing. Maybe you're browsing multi-lingual websites? Multibyte fonts killing the browser? Maybe a bad plugin or extension? I'm not sure what the problem might be or what to suggest if you've already talked to the developers.

Re:Anybody else experience

[Demona]

As I said, this has been with every version since Firebird 0.6, increasingly worse up to and including the new Deer Park alphas. I should also note that creating a new profile from scratch did result in one improvement -- now it generally crashes quickly instead of hanging on at death's door for days at a time sucking all my CPU. Of additional note is that this problem continues even when I do not have Flash installed, with ALL plugins and extensions disabled, AND with both Java and Javascript disabled. How's that for a boot to the head?

Re:Anybody else experience

[kavin]

Also, remember that another of Firefox key features is security.

A comparison of unpatched known vulnerabilities[1] in latest public version browsers (by securityfocus), ranks firefox as 8/9th:

Browser: Number of known vulnerabilities

1. Konqueror: 0
2. Opera: 0
3. Safari: 0
4. Netscape Browser: 1
5. Camino: 1
6. OmniWeb: 1
7. Internet Explorer for Mac: 1
8. Mozilla: 2
9. Mozilla Firefox: 2
10. ...

so although they are making security a priority, it looks like they're not a "key" leader.

- p

--

1. Comparison of web browsers

Re:Anybody else experience

[Homology]

I've noticed that JavaScript enabled will cause Firefox to continously use 100% CPU and be unresponsive. One fix is to disable JavaScript and only enable it when needed. The culprit is ads served via JavaScript from kontera.com, so I just blackholed kontera.com.

ok, then

What the hell is this?

Taken in Deer Park Alpha 2, default theme.

Re:why 'automatic upgrade' not working?

Mozilla always delays the automatic updates for a while to spare their servers the sudden mass downloading.

Re:here's the link

[Acts+of+Attrition]

why, you're not running windows?

You should really consider downgrading to it.

FF Performance on Linux

[RzUpAnmsCwrds]

Has anyone else noticed how SLOW Firefox is on Linux?

On Win32, on my Athlon 64 3200+ system, Firefox takes about a second and a half to render a 1000-comment Slashdot page (IE takes about half a second, interestingly - Trident seems to be very good with nested tables).

On the same box, under Ubuntu Linux (and Fedora as well), Firefox takes over NINE SECONDS of 100% CPU to render the page. Konqueror, in comparison, takes under two seconds.

What's wrong here? Why is Firefox on Windows nearly six times faster than it is on Linux?

No one at the LUG seems to believe me until I *show them* the difference - and demonstrate it on *their* system to show that it's not a config problem.

Try it yourself.

Disable IPv6

[Rafikichi]

Goto about:config in Firefox. Set this string to true: network.dns.disableIPv6 I don't know why, but having IPv6 enabled slows down the broswer incredibly in Linux... but not on Windows. Turn it off and Firefox loads pages like the rest of 'em.

Re:Disable IPv6

[marcovje]

IIRC it has to do with DNS hosts that don't answer at all (or correctly) to IPV6 DNS requests. Some bad home routers also are said to be a possible cause

(From https://bugzilla.mozilla.org/show_bug.cgi?id=68796 )

When IPv6 is enabled on the client machine, mozilla does a AAAA lookup first,
and if there is none, does a lookup for the A record. Correct response for a
name server if there is no AAAA record (but the domain exists) is to return
NOERROR, with an empty reply. The BBC server returned NXDOMAIN (which was
incorrect), and mozilla exhibited correct behaviour by assuming that the domain
did not exist.

See also
https://bugzilla.mozilla.org/show_bug.cgi?id=23160 7

Re:Disable IPv6

[The+Wicked+Priest]

To elaborate on this, the IPv6 thing isn't a problem in all distros, but it was (for me) in Ubuntu -- the first distro I've used where IPv6 was enabled by default. I disabled it and everything works better.

Disabling it just in Firefox was good enough for the browser, until I got a local DNS running on the same system, at which point it reverted to the slow lookups, until I disabled IPv6 system-wide.

Re:Why bother with a Mac version?

[sabat]

I cannot live without Adblock. If Safari only supported an extension like that -- oh, and Googlebar and Yahoo's bar -- then I'd probably switch.

The annoyances of Mozilla products (Windows)

[fluor2]

1. Why do they still release just complete versions? I want an update to distribute to all our clients. Mozilla products are update hell.

2. Why do they still insist on supporting many profiles per user? If I would like multiple profiles, then I would also create multiple users on my Windows.

3. Why are profile paths so strange? The mozilla creates something like ...\Application Data\Mozilla\Firefox\Profiles\default.21a. That's hilarious.

4. Why do they use Application data folder for cache? It's making the users' profile LARGE! They should use ...\Local Settings\ like internet explorer! (local settings belong to the machine, thus they do not roam like the application data folder)

Re:The annoyances of Mozilla products (Windows)

[zebs]

1. Why do they still release just complete versions? I want an update to distribute to all our clients. Mozilla products are update hell.

Scheduled to be fixed in Firefox 1.1

2. Why do they still insist on supporting many profiles per user? If I would like multiple profiles, then I would also create multiple users on my Windows.

Because it can be usefull to some people.

3. Why are profile paths so strange? The mozilla creates something like ...\Application Data\Mozilla\Firefox\Profiles\default.21a. That's hilarious. Seems pretty reasonable to me!

4. Why do they use Application data folder for cache? It's making the users' profile LARGE! They should use ...\Local Settings\ like internet explorer! (local settings belong to the machine, thus they do not roam like the application data folder)

Yeah that should be fixed! Although you can change the folder location manually.

Profile paths are strange because...

[argent]

... they're there to prevent a path-guessing attack like the ones used to fake out the security zones in Internet Explorer.

Gecko in Firefox not inherently safe... try KHTML?

[argent]

Looks like the way the Javascript extensions for Chrome are integrated into Firefox are there in all the JS interpreter instances or contexts, they're just privileged. If the script is expected to be run from an untrusted environment, it's run at a lower privilege level.

In an inherently safe model, the interpreter wouldn't contain any mechanism to request unsafe actions... they'd simply be syntax errors. They would only be added explicitly when the script was known to be running from a safe environment.

Same with URI handlers: they would only be available from a reference within a safe environment.

As I understand it, KHTML is an inherently safe design. Extensions have to be explicitly loaded into an instance of the HTML display object through I/O slaves. Gecko, apparently, isn't... at least not in a broser that uses Chrome for its user interface. It's better than the Microsoft HTML control, but it's not an inherently secure design as it sounded like originally.

What are the options for a KHTML-based browser for Windows? On the Mac, of course, Safari is secure (so long as you turn off "open safe files after downloading"), but I haven't been following WIndows browsers that closely.

Or use a custom css sheet for safari

[bach37]

Mozilla adblock css works with Safari. Go to safari's advanced tab, and choose the .css file. No ads.

Re:Do the release notes contradict themselves?

[JadeNB]

Surely that's a contradiction. If you install into a new directory then you aren't going to get your old extentions.

Your extensions and themes are in your profile directory, not your install directory.