Slashdot Mirror
Thunderbird 2.0 Alpha 1, Firefox 1.5.0.5 Available
nuyorker and hdm wrote to mention the new releases for Thunderbird and Firefox. hdm writes "This release of Firefox fixes 12 security holes, many of which can be used to execute malicious code. The Browser Fun project has provided an online demonstration of one of these flaws. This demonstration is capable of executing code on Windows, Linux, and both architectures of the Mac OS X platform; you're going to want to upgrade today!"
Does anyone know if this latest release has gotten rid of some of the memory "features" that I've come to love in Firefox. I don't know what I would do if they got rid of them (other than have a smaller page file ;).
Thanks!
All glory to the Hypnotoad!
Security holes were found. Security holes were fixed. I don't see a lack of attention to security.
If this signature is witty enough, maybe somebody will like me.
Yes, this smacks of what M$ does with its automatic update service and can be a privacy issue. But if they don't do this, the update will have a much smaller adoption rate and since they disclosed what security bugs they fixed, the hackers can easily exploit them on unpatched versions, of which there will be a greater percentage because people are lazy and don't update.
I've often seen it preached that OSS doesn't have the same problems since many eyes look at it and thus find all the bugs.
Must be a rosy freaking world you live in where ALL the bugs in software can be fixed. Do I give MS more shit than Mozilla? Considering they make a couple million dallars profit a DAY I'd expect a bit more from them. Besides which much of the problems with IE are based off of their Active X technology which people have said would be a huge security disaster from the very beginning.
And yeah, Firefox is a big security shield because if I feel it is no longer secure I can UNINSTALL IT.
Uhh... no. People give MS shit for finding and not fixing security holes. Since we're talking about browsers, I give you IE6, which hasn't received a serious overhaul in over half a decade and has proved to be an extremely insecure application.
Microsoft has a history of leaving known (as in having exploits in the wild) security flaws unpatched. Some argue they do this because hackers can then reverse-engineer patches and create exploits of the bugs, but that logic is a bit dubious to me. If your software has security problems, they should be addressed. Period. And this is exactly what Mozilla does.
About your last point, that's one of the key improvements in version 1.5. Updates are downloaded and installed automatically. Users will be up to date unless they specifically set it otherwise. Users of previous versions still have to upgrade manually, but I think in time most will.
Favorite quote: "
Actually people complain about MS finding and then NOT fixing security holes. Look at the update record of their browser, compaired to FF, Firefox has about a week to a month fix rate, MS has about 1 year to never fix rate. People also complain that IE is UNFIXABLE due to its dependance on Active-X, which basically gives malware a pass to the kernel.
Firefox finds bug, fixes bug, no news here.
I really have no qualms about Firefox fixing a bug, it shows that their on it. Nobody claims that OSS is bug free, or security risk free, since this is impossible, from closed or open software. Code is a complex beast, like the hydra, you chop off one bug/security hole, and you probably open up more. That is intrinsic in coding, and design. The difference is the flexability of OSS, where bugs are easily seen, and easily remedied.
When the market share hits critical mass, things should get fun, though. But the openess of OSS still will keep it from reaching IE proportions. And shame on those who think that Firefox = security, the internet is still a bad place, no matter what you run. Good software is no substitute for intelligence, ever.
A patriot must always be ready to defend his country against his government. -edward abbey
First, whoever rated you insightful should never be allowed to moderate again. Sheesh. You're trolling, pure and simple.
Second, Microsoft makes one billion dollars in profit every month. In my opinion, they should be held to a higher standard.
Third, you're grossly misrepresenting most Firefox users, who don't expect Firefox to be perfect.
Fourth, Firefox is a safer browser to browse the web with, whether you like it or not.
Looks like Firefox 1.5.0.6 will be released very quickly to fix a bug in some streaming media links in 1.5.0.5. Specifically, Windows Media ".wmv" when called using "mms://", maybe real using "rm://", does not work. Breaks streamining video links on http://mlb.com/ Release candidates for Firefox 1.5.0.6 are already on the way.
Second, Microsoft makes one billion dollars in profit every month. In my opinion, they should be held to a higher standard.
First off, no they don't. They come close to it, I'll give you that, but not it's not quite a billion.
Secondly, the Mozilla Foundation make MILLIONS OF DOLLARS every - who knows what. They aren't saying. (Because they're the Mozilla Foundation and not the Mozilla Corporation so they don't have to. But it's estimated to be somewhere in the order of $70 million.)
So, when you realize Microsoft makes far more products than just IE (including Office, the XBox, various games), both Mozilla and Microsoft are likely using roughly the same amount of resources to secure both browsers.
Third, you're grossly misrepresenting most Firefox users, who don't expect Firefox to be perfect.
Perfect? No. I expect there to be rendering glitches and other errors. I expect there to be some bugs.
I ALSO expect there not to be a good 10 critical security flaws (which, according to other commenters, weren't all actually fixed in this release) being found every couple of months.
We're up to somewhere around 40 critical security vulnerabilities found since Firefox 1.5 was released. Critical in this case means "can run arbitrary software without user intervention". The number of security flaws found in Firefox is, to most users, quite troubling.
Fourth, Firefox is a safer browser to browse the web with, whether you like it or not.
Safer than IE? Sure, I'll buy that.
Safer than Opera? Definitely not. (There are currently 3 unpatched known vulnerabilities in Firefox, compared with none in Opera.)
Safer than Safari? Safari has 2 unpatched flaws, both of which are rated "not critical".
Safer than Konqueror? Konqueror has only one unpatched vulnerability (rated "less critical").
So, Firefox may be safer than IE, but it's less safe than basically every other browser on the market other than IE.