Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla VP Talks the State of Firefox

Posted by ryuzaki0 on from the what's-the-fox-up-to dept.

lisah writes "As Firefox downloads pass the 200 million mark, people are talking about how its security features stack up against IE7 and protect against malware. Mozilla VP Mike Schroepfer told NewsForge's Joe 'Zonker' Brockmeier that security will continue to be an issue 'for anything written in native code' but Mozilla intends to meet the challenge by including JavaScript 1.7 with the browser's 2.0 release. Schroepfer also talked about the timeline of future releases and offered just enough information to wet our whistles for 3.0."

121 comments

  1. I believe... by archcommus · · Score: 4, Informative

    It's spelled "whet." Either way the 3.0 stuff is interesting.

    1. Re:I believe... by EvanED · · Score: 1

      Why is this a troll? Mod it up! He's right!

    2. Re:I believe... by jejones · · Score: 4, Informative

      Something "whets your appetite," and that's probably what the author intended to write. To "wet your whistle" is to moisten your dry mouth (not necessarily to slake your thirst--wetting your whistle doesn't go that far), and has nothing to do with making someone eager for anything... but maybe the author was thinking of something like

      "After a long day of coding, I like to kick back and sip an ice-cold bottle of Mozilla..."?

    3. Re:I believe... by EvanED · · Score: 1

      Ah, good catch... I didn't go back and reread the original post before replying that he was right.

    4. Re:I believe... by Anonymous Coward · · Score: 0

      Actually it should be "whet" without a period. "whet." is an abbreviation for "whether".

    5. Re:I believe... by lisah · · Score: 2, Insightful

      I thought it was "whet" as well but deferred to this site:

      http://www.takeourword.com/TOW114/page4.html

      for the final answer. I also prefered "whet" as in "stimulate" (always a good thing) but went with "wet" since it seemed to come first in the days of olde. At any rate, I spent more time looking up that than anything else pertaining to the submission 'cause I know you guys are all about the details. ;-)

      Now, I will go wet my whetstone and whistle while I do it.

    6. Re:I believe... by EvanED · · Score: 1

      Standard American English puts the punctuation after the punctuation even if the punctuation isn't part of the quote. I think Standard British English accepts that as an option and required it for some time. But SBE uses single quotes (again, I think; I'm not English) instead of double quotes, so I can tell that you're not following that.

    7. Re:I believe... by Fireflymantis · · Score: 1
      To "wet your whistle" is to moisten your dry mouth (not necessarily to slake your thirst--wetting your whistle doesn't go that far), and has nothing to do with making someone eager for anything... but maybe the author was thinking of something like
      Actually it refers to litrally blowing on a whistle embedded into a beer mug to alert the waitress that you need a refill. Similar in style to modern day snapping your fingers for service. Perhaps rude today, but commonplace earlier in history.
    8. Re:I believe... by feed_me_cereal · · Score: 1

      "Wet your whistle" is correct. It means "to have a drink", not to anticipate a (in this case, metaphorical) drink. The poster probably meant to say "whet your appetite", as that would be appropriate in this case.

      --
      "Question with boldness even the existence of a god." - Thomas Jefferson
    9. Re:I believe... by feed_me_cereal · · Score: 1
      Actually, not everyone believes that either. The bottom part of the page is the relevant part:

      Even when it is acknowledged that the correct form is wet your whistle, odd stories about the origin of the phrase continue. The ever-popular one is that mugs or tankards formerly had whistles baked or built into them, so that pub patrons could whistle to the bartender when they were ready for a refill. Apart from some modern creations, no such mug or tankard has ever been found, nor has any historical reference to such things. So, folks, the phrase is a pretty easy one to explain: to wet your whistle is to moisten your whistling organs by having a drink.


      Not sure about how reliable this post is, but it's interesting.
      --
      "Question with boldness even the existence of a god." - Thomas Jefferson
    10. Re:I believe... by Kelson · · Score: 1
      "After a long day of coding, I like to kick back and sip an ice-cold bottle of Mozilla..."?

      Actually, there was a time a few years ago that you could brew up a cup of Mozilla to keep yourself going through that coding session. Sadly, the company that used to do it (and contributed a percentage of his profits to Mozilla) has long since closed up shop.

    11. Re:I believe... by Anonymous Coward · · Score: 0

      Those grammar rules are stupid and archaic. Why don't you refer to something more modern?

      http://en.wikipedia.org/wiki/Wikipedia:Manual_of_S tyle#Quotation_marks

    12. Re:I believe... by drdanny_orig · · Score: 1

      Wet/whet, whistle/appetite, whatever. I saw nothing in TFA that made me eager for version 3. What'd I miss?

      --
      .nosig
    13. Re:I believe... by Bromskloss · · Score: 1
      Either way the 3.0 stuff is interesting.
      Uh, where did you read about the 3.0 features? I can only find a very short comment on something about bookmarks.
      --
      Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
    14. Re:I believe... by EvanED · · Score: 1

      I agree. However, the improved rules are still not generally acceptable in, say, acedemic writing. And regardless of whether you could use them, saying that they are wrong (and thus that the original poster intended the period to be part of the quotation) is just brain dead.

    15. Re:I believe... by orgelspieler · · Score: 1

      common hypercorrection. no. it is wet. in fact, the phrase predates "whet your appetite" by centuries. to whet means to sharpen (as in to make keen, like a blade or a sense, not sharp like a musical note). you cannot whet your whistle, unless you mean to take the metallic instrument to a grindstone to turn it into some insane woodwind weapon. :-)

    16. Re:I believe... by bigpicture · · Score: 1

      The correct phrase (in the dictionary) is actually "wet your whistle", "whet" means sharpen or intensify desire. Also sharpen a tool. Just my contribution to all those "Internet English Professors".

  2. Security? by remembertomorrow · · Score: 4, Insightful

    As long as people are running programs from administrator accounts, there will be far more security problems than there should be.

    Maybe when Vista comes out (circa 2020 AD) and becomes widespread, this problem will be alleviated a bit. Those of us using other OSes (Linux, MacOS, etc.) are fine at the moment.

    --
    Registered Linux user #421033
    1. Re:Security? by allusionist · · Score: 3, Funny

      AD 2101 Vista was beginning...

    2. Re:Security? by Gnavpot · · Score: 1
      As long as people are running programs from administrator accounts, there will be far more security problems than there should be.
      Actually, in the Windows version, automatic updating of Firefox depends on Firefox being run with administrative priviledges. When running as a restricted user, I am not even informed about the availability of new updates.
    3. Re:Security? by Emetophobe · · Score: 2, Interesting

      I run windows as an admin since it is much easier (iTunes is broken as a limited user, you can't sync your ipod unless you're an admin. This is just one of the dozens of problems you will encounter trying to run windows as a limited user). I use SysInternals' PsExec to run certain programs as a limited user while I am logged in as an admin. For example, all my firefox shortcuts look like this: psexec -l -d "C:\Program Files\Mozilla Firefox\Firefox.exe".

      PsExec allows you to run a process under alternate credentials.

      Here is a description of what the -l and -d parameters do:

      -l
              Run process as limited user (strips the Administrators group and allows only priviliges assigned to the Users group).
      -d
              Don't wait for application to terminate. Only use this option for non-interactive applications.]

      It's not the best solution, but it works, run firefox as a limited user using psexec and then try and overwrite something in c:\program files or c:\windows, it won't let you (which is a good thing).

    4. Re:Security? by Firehed · · Score: 1

      Nah, they'll just start an entirely new date system. Expect DNF to be released around 2 AV. Or Vista will be out 2 BDNF. If they aim for a 0 AV release, they can't be late!

      --
      How are sites slashdotted when nobody reads TFAs?
    5. Re:Security? by kimvette · · Score: 1

      So, in your calendar system, there will be a year zero?

      (there is no 0BC/0AD it skips from 1BC to 1AD)

      http://en.wikipedia.org/wiki/Year_zero

      Yes, it's strange from our perspective, but keep in mind that we now have a concept for the mathematical value of "zero" and not all ancient cultures dealt with anything but positive whole numbers.

      --
      The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
    6. Re:Security? by riscthis · · Score: 1
      I use SysInternals' PsExec [sysinternals.com] to run certain programs as a limited user while I am logged in as an admin. For example, all my firefox shortcuts look like this: psexec -l -d "C:\Program Files\Mozilla Firefox\Firefox.exe".
      If you use the same method to launch Firefox Preloader you'll ensure that Firefox always uses limited privileges, avoiding the possibility of a clicking a hyperlink from another application and invoking Firefox with admin privileges.
    7. Re:Security? by Milican · · Score: 1

      I sync my iPod every morning as a limited user.

      JOhn

      --
      Campaign for Liberty
    8. Re:Security? by Emetophobe · · Score: 1

      Odd, for some reason I could never get iTunes + my ipod to work as a limited user. Do you have music sharing enabled in itunes?

    9. Re:Security? by geekd · · Score: 1

      Maybe when Vista comes out (circa 2020 AD)...

      Dude, didn't you watch History Channel last night? The Maya say the world will end in 2012, so we'll never see Vista. (heh, never see the vista. Now that's a vista wasted)

    10. Re:Security? by Anonymous Coward · · Score: 0
      (there is no 0BC/0AD it skips from 1BC to 1AD)

      Isn't that cute? Some youngster learns a fact and assumes that because they hadn't heard about it that it must be news to everybody.

    11. Re:Security? by kimvette · · Score: 1

      Isn't that cute? Some dumbass carries out a personal attack hiding behind AC. Awwww.

      --
      The Christian Right is Neither (Christian nor right). See: Matthew 23, Matthew 25, Ezekiel 16:48-50
    12. Re:Security? by miro+f · · Score: 1

      This is an interesting example of the differences between Windows and Unix

      In *nix you run as a limited user and only those processes which need administrative right you grant with sudo
      In Windows you run as an administrator and then those processes which could be potentially dangerous you run as a non-privelaged user

      I'm sure even the most average user could tell which of these two practises are the most insecure. (And yes, I run Windows as an administrator and Linux as a limited user)

      --
      being vague is almost as cool as doing that other thing...
    13. Re:Security? by Anonymous Coward · · Score: 0
      Odd, for some reason I could never get iTunes + my ipod to work as a limited user.

      Just a few minutes ago you were declaring it "broken." Now it's just "I can't get it to work." IMHO, declaring software to be broken ought to be based on more than just your own single experience.

    14. Re:Security? by POWRSURG · · Score: 1

      Odd. Because I run as a non-administrator on Windows and I am not only informed of updates, but also able to install them (which would bother me if it was for any software besides Mozilla software). The same thing applies to Thunderbird too. I can't install new versions of them, but I can update them.

    15. Re:Security? by Firehed · · Score: 1

      Well, it was a joke, but you can't easily release Vista (or DNF) one year prior to or after "0". In any case, I didn't come up with the calendar back when zeros hadn't yet been thought up (zeros not existing would just be too ironic).

      --
      How are sites slashdotted when nobody reads TFAs?
    16. Re:Security? by Ganniterix · · Score: 1

      Of course there should be a year zero ... It's the year during which enough updates are released to turn vista from a publicaly sold beta to a fairly usable OS!!

    17. Re:Security? by Gnavpot · · Score: 1
      I run as a non-administrator on Windows and I am not only informed of updates, but also able to install them


      So there are three possibilities:
      1. Your normal program file location is writeable for normal users. Bad.

      2. You did not install your Mozilla software to the normal program file location. Messy.

      3. Your PC runs some kind of a Mozilla update daemon which has system priviledges. May be better, depending on personal taste.

    18. Re:Security? by Rufus+T.+Firefly · · Score: 1

      "I'm sure even the most average user could tell which of these two practises are the most insecure."

      The grammar rule from long ago is to use "more" when comparing exactly two things, not "most."

      Also, I'm wearing my new pinpoint Oxford shirt today!

    19. Re:Security? by master_p · · Score: 1

      So I suppose you don't mind if malware deletes your home directory...

    20. Re:Security? by Anonymous Coward · · Score: 0

      If your account is a member of the Power Users group, you will retain application installation privileges.

  3. Realplayer bundling by User+956 · · Score: 4, Funny

    As Firefox downloads pass the 200 million mark, people are talking about how its security features stack up against IE7 and protect against malware.

    Protect against malware? They're bundling with it!

    --
    The theory of relativity doesn't work right in Arkansas.
    1. Re:Realplayer bundling by AP2k · · Score: 0

      Shhh, you get bad karma when you mention that fact. =p

    2. Re:Realplayer bundling by iknowcss · · Score: 2, Informative
      No no no! Haven't you been paying attention? It's the other way around. Right on the site it says this:
      Forbes reports that RealNetworks, the creators of the (un)popular media player RealPlayer, have signed a two-year agreement with Mozilla to bundle Firefox with its software
      Not the other way around.
      --
      Life is rarely fair. Cherish the moments when there is a right answer.
    3. Re:Realplayer bundling by david_g17 · · Score: 1

      "They" aren't bundling with it. Real Player is bundling "them" with itself.

    4. Re:Realplayer bundling by dvice_null · · Score: 3, Informative

      Real Player is bundled with Firefox, not the other way around.

      This just means that Firefox will get users from Real Player user base, from those who don't already use it. It doesn't mean that Firefox will from now on delivered with Real Player. It might get some bad reputation for Firefox, but on the other hand it will get some reputation for Firefox and marketing is what OSS projects are usually missing badly. All the techies should know that this doesn't affect the Firefox product quality at all and other than techies.. don't really care about it.

    5. Re:Realplayer bundling by User+956 · · Score: 1

      It might get some bad reputation for Firefox

      I think that's exactly what a lot of people are concerned about. When you lie down with dogs, sometimes you end up with fleas.

      --
      The theory of relativity doesn't work right in Arkansas.
    6. Re:Realplayer bundling by Anonymous Coward · · Score: 0
      Real Player is bundled with Firefox, not the other way around.

      To my ear, it makes more sense to say Firefox is bundled with Real Player. I think it is the other way around. Ask yourself, "What is being bundled when, at the RealPlayer download site, a user gets Firefox in addition to the RealPlayer they were looking for?". Firefox is being bundled. If these were separate programs would you say, separately, "RealPlayer is bundled" [with itself] and "Firefox is bundled" [with itself]? Of course not, RealPlayer is bundler, and Firefox is the bundler.

      Firefox is bundled with RealPlayer, not the other way around.

  4. Re:when Firefox becomes as insecure as IE by ivort · · Score: 2, Funny

    And When Opera Becomes more Popular than Firefox we can all move back to IE : )
    http://www.thesecondchancemovie.com/_site/mediapla yer/index.php?id=9f72b0fbe5bde711a0696cac5b339a5e

  5. The State of Firefox? by Billosaur · · Score: 4, Funny

    Isn't that near Nevada? Or maybe Montana -- my geography's not good.

    --
    GetOuttaMySpace - The Anti-Social Network
    1. Re:The State of Firefox? by Anonymous Coward · · Score: 3, Funny

      I think it's North Carolina's Portugal.

    2. Re:The State of Firefox? by Fallingcow · · Score: 2, Funny

      Oh, come on. Everyone knows where it is. We all had to study ancient civilizations like Phoenix and Firebird in grade school, and they were located on the same land as the modern state of Firefox.

    3. Re:The State of Firefox? by owlnation · · Score: 1
      Oh, come on. Everyone knows where it is. We all had to study ancient civilizations like Phoenix and Firebird in grade school, and they were located on the same land as the modern state of Firefox.
      And the State Capital is, of course, Springfield. You may not find this in older textbooks or in Encyclopedias but I'm sure a source like Wikipedia would have an in depth article on its elephant population if nothing else.
    4. Re:The State of Firefox? by Anonymous Coward · · Score: 0

      Oh, come on. Everyone knows where it is. We all had to study ancient civilizations like Phoenix and Firebird in grade school, and they were located on the same land as the modern state of Firefox.

      And until they withdraw to the 1998 ceasefire line I will not condemn the actions of the State of Internet Explorer.

    5. Re:The State of Firefox? by Anonymous Coward · · Score: 0

      After a 90 hour work week and now in the middle of pulling an all nighter on a friday, that really made me laugh hard LOL

      -J

  6. They nailed it by quokkapox · · Score: 4, Interesting

    Security is no longer a concern with the Firefox installs I've set up for various family members. Firefox updates itself now, painlessly and seamlessly, and often within a day or two of serious security alerts. I wouldn't be surprised if some exploit gets announced over the weekend and everyone is on 1.5.0.7 by Tuesday morning. That is still way better than Microsoft.

    --
    it's a blue bright blue Saturday hey hey
    1. Re:They nailed it by Anonymous Coward · · Score: 0

      So you've set up your various family members running as Administrators then? Mind posting their IP addresses?

    2. Re:They nailed it by Qzukk · · Score: 1

      Firefox doesn't do any weird stuff to the OS and can therefore be installed, run, and upgraded as a user. I just created a Limited User account on XP, dowloaded 1.5.0.6, and installed it to that user's Documents directory, and pulled up slashdot. Worked fine for me.

      --
      If I have been able to see further than others, it is because I bought a pair of binoculars.
    3. Re:They nailed it by Anonymous Coward · · Score: 0

      Umm, yes. At least Firefox has no shame in admitting that their software is just as crap as IE.

      Oh yea, and it is much slower too.

      ps, I'm an opensource user and advocate, but firefox source code has never impressed me. in fact it scared me shitless last time I browsed through it.

    4. Re:They nailed it by rapidweather · · Score: 1

      I'm running Firefox 1.5.0.6 now, but since I use a livecd linux, I'll have to put it in there when I can. (automatic updates won't work on livecd linux)

      Right now, I just set it up in /ramdisk, and change the preferences as I want, for my ~./mozilla

      I run it from a user shell (knoppix) and here I am.

      My latest CD has Firefox 1.5.0.5, and I checked Mozillazine and found that the upgrade is mostly because of a flaw affecting Windows Media Player. Probably something else, too, but I guess they automatically make a Linux version anyway, just so the version numbers don't start forking off..

      I have 9 RSS feeds, so I copied my bookmarks.html file over to it's place in ~/.mozilla, and restarted Firefox, and my feeds are up and running.

      Yes, everyone is running us ragged with these constant updates, probably needed for Windows for sure, but less so for Linux, and even less for livecd with Guarddog firewall. Not going to be left behind, however, so I'll put it in my next build of Rapidweather Remaster of Knoppix Linux.

      I started this evening out to test Opera 9.01, build 400, got that done, next I'll work with Flock, it is a little behind Firefox right now. I also have Flock in my CD, but I remove myspace as a bookmark, too much bad press, etc.

      -- Rapidweather

      --
      Rapidweather's Linux Screenshots.
  7. Did I miss something? by Chunt620 · · Score: 1

    "It's not hard to remember the days when sites using JavaScript would function properly only in Internet Explorer or Mozilla/Netscape"

    I must have missed these "days" they speak of. I can't remember a day going by without seeing a JavaScript error being thrown in ANY browser.

    1. Re:Did I miss something? by richdun · · Score: 1

      Exactly, it's not hard to remember today, or yesterday, or the day before that. A bit obvious, sure...

    2. Re:Did I miss something? by lillgud · · Score: 1

      I can't remember a day going by without seeing a JavaScript error being thrown in ANY browser.

      It hasn't occured to you that those errors might come from terrible JavaScript code on the page?

  8. I can't wait until IE 8! by Chabil+Ha' · · Score: 1

    I can't wait until IE 8.0 comes out. And all the nice features that it will implement. Oh wait...

    I think another sticking point here is that we not even know for certainty that Firefox 3.0 is in the works, but what things are mapped to go into it! Can MS speak the same on IE 8? I really think that IE is looking to get another butt-whoopin'.

    --
    We're all hypocrites. We all have hidden parts, it's the contrast between them that make us more a hypocrite than others
    1. Re:I can't wait until IE 8! by Anonymous Coward · · Score: 0

      we not even know for certainty that Firefox 3.0 is in the works

      You can download from the nighties the firefox 3.0 branch (unfinished of course). So you can check it yourself...

    2. Re:I can't wait until IE 8! by Kelson · · Score: 1

      From context, I think the GP was trying to say, "we not only know for certain that Firefox 3.0 is in the works..."

      It's the only way the rest of the post makes sense.

    3. Re:I can't wait until IE 8! by dvice_null · · Score: 2, Informative

      > we not even know for certainty that Firefox 3.0 is in the works

      Eh? You can download the nightly version of it from here:
      http://ftp.mozilla.org/pub/mozilla.org/firefox/nig htly/latest-trunk/

    4. Re:I can't wait until IE 8! by vux984 · · Score: 3, Funny

      Can MS speak the same on IE 8?

      Of course they can, just not yet. You just need a bit of patience.

      After all how can MS know what features they'll be inventing or innovating before their competition has invented and innovated them first?? ;)

  9. No "protected mode" please by Rog7 · · Score: 2, Interesting

    I hope Mozilla/Firefox can maintain security without adopting a restricted "protected" sandbox mode ala IE 7 on Vista. I use a simple HTML homepage stored locally on my PC and Vista's method decides to segregate it from other browser windows, making it near useless in its basic purpose. It seems like a lazy way out on the issue at the expense of convenience for the user.

    Keep Firefox its own entity, don't copy this "feature" designed to bludgeon-patch IE's giant flaws.

    1. Re:No "protected mode" please by Bogtha · · Score: 1

      I hope Mozilla/Firefox can maintain security without adopting a restricted "protected" sandbox mode ala IE 7 on Vista.

      You can make Internet Explorer treat local web pages as if they were remote by giving them the mark of the web.

      --
      Bogtha Bogtha Bogtha
  10. What Happen? by Reverend528 · · Score: 1

    Someone set up us the COM!

    --
    Badass Resumes
  11. Security will always be a problem? by LuckyStarr · · Score: 1

    From TFA: Schroepfer also predicts that security will continue to be a problem "for anything written in native code," such as C and C++. For example, he notes that security problems caused by memory issues have evolved over the years; from stack-based exploits, to heap-based, to null pointer exploits.

    From http://vsftpd.beasts.org/IMPLEMENTATION: The correct solution is to hide the buffer handling code behind an API. All buffer allocating, copying, size calculations, extending, etc. are done by a single piece of generic code. The size security checks need to be written once. You can concentrate on getting this one instance of code correct.

    Can somebody please tell me, why are we still having this discussion?

    --
    Meme of the day: I browse "Disable Sigs: Checked". So should you.
    1. Re:Security will always be a problem? by miro+f · · Score: 1

      as far as I can tell, performance, performance, performance. Although the performance hit is negligable, in marketing speak not many people care about security by design, whereas people will certainly notice if their application is slower because every time an array element is read/written to it has to be checked for whether it is out of bounds of the array.

      Hopefully with computers getting faster these kinds of issues will take a back seat. I already write most of my code with my own little buffer handling wrapper

      --
      being vague is almost as cool as doing that other thing...
    2. Re:Security will always be a problem? by jesser · · Score: 1

      Firefox has had relatively few security holes due to buffer overflows. Most of the recent holes in Firefox have been dangling pointer dereferences or JavaScript privilege escalation bugs. The dangling pointer dereferences, in turn, have mostly been garbage collection hazards or bugs involving non-reference-counted layout data structures called "frames".

      --
      The shareholder is always right.
  12. Recent updates by Aadomm · · Score: 1

    Since one of the updates earlier this week I am getting some kind of memory leak problem with Firefox, suddenly its hogging resources to the point where I have to kill the process. Seem to remember this was an issue at some point in the past but I thought it was history. Anyone else seen this again over the last week?

    --
    Mention the Lord of the Rings one more time and I'll more than likely kill you.
    1. Re:Recent updates by dvice_null · · Score: 3, Informative

      Here is a pretty good resource for solving issues with Firefox:
      http://kb.mozillazine.org/Category:Issues_(Firefox )

  13. Firefoxpacks by Doc+Ruby · · Score: 1, Redundant

    I've downloaded Firefox myself at least 40 times. And not for every version, certainly not the first several releases. And not including the automatic updates.

    If Firefox counts all those in the 200 million, there's probably less than a million people downloading.

    --

    --
    make install -not war

    1. Re:Firefoxpacks by dvice_null · · Score: 3, Insightful

      I have 4 computers that have Firefox installed on them. All those computers use Linux, so those installations are not counted at all. There are also loads of websites which offer Firefox downloads for their users, those are not counted either. And then we have companies that might have thousands of users and the it-staff propably downloads Firefox once and then copies that to all the computers. That is propably 199 million more downloads.

    2. Re:Firefoxpacks by Kelson · · Score: 4, Interesting

      I've lost count of the number of times I've downloaded Firefox, but I can also say that each Windows download has gotten installed on roughly 10 different computers. So you subtract some, and you add some, and eventually you lose any hope of having a useful estimate.

      The downloaded count is a simple metric that tells you that there's still a lot of interest int he product. It's easier to determine than the number of times it's been installed, the number of copies in use, or the number of users.

      The number means what it means. Trying to translate from #Downloaded to #InUse is pointless.

      (Incidentally: no, automatic updates are not included in the total. And IIRC there was some effort made to avoid double-counting manual updates, like not counting downloads made using Firefox. I don't remember exactly.)

    3. Re:Firefoxpacks by Anonymous Coward · · Score: 0

      Let's see...you've downloaded Firefox 40 times, which means that if all FireFox users were like you, they's still have at least 5 million unique users. I'd say that it'd be generous to say that there are a million users who downoad Firefox as often as you...that makes about 40 millon downloads. If (also on the high end), the average non-developing user downloads Firefox four times, that still gives over 40 million total unique users. I'd say that's a pretty conservative estimate, and there's no word about how many other installs there could be (downloads from other sites, some Linux installs, CD distribution, etc.)

    4. Re:Firefoxpacks by Paolone · · Score: 1

      Well, a couple of years ago I've downloaded it once and installed in about 50 computers. I even got a GMail account for it when it was still a "zomg zomg you have a GMail account you must get me one!!!111one111" craze. So we are way more than even.

    5. Re:Firefoxpacks by BCW2 · · Score: 1

      I work in a whitebox store. When we clean a customer computer we will always instal firefox from one of several CD's that get burned for each release, they also have other utilities that we use. In the lsat two years I have installed Firefox on at least 300 boxes, with only one download for each release.

      --
      Professional Politicians are not the solution, they ARE the problem.
    6. Re:Firefoxpacks by Doc+Ruby · · Score: 1

      How many different people use those 50 computers?

      --

      --
      make install -not war

    7. Re:Firefoxpacks by Paolone · · Score: 1

      Smart question. About 1 person in 5-10 has both a laptop and a desktop, so let's say 40.

  14. At least it's better than QuickTime by WilliamSChips · · Score: 1

    But for some reason you give Apple a free pass.

    --
    Please, for the good of Humanity, vote Obama.
  15. Yeah, 15X here by pkcs11 · · Score: 0

    So subtract 14 or so downloads from the 200 million for the times I've gotten it.
    Most of us geeks have gone through countless re-installs of our OS. So 200 millionn is specious.

    --
    "I have an odd craving to whisper about those few frightful hours in that ill-rumored and evilly shadowed seaport of dea
  16. Re:Copy/paste bug STILL not fixed! Arg! by The+MAZZTer · · Score: 1

    Try running Firefox in safe mode, it might be due to an extension you both use. If that doesn't resolve it, boot Windows in safe mode and try it again, as it might be caused by a software conflict.

  17. FUD by brunes69 · · Score: 1

    Unlike IE, you don't have to be an administrator to install or update Firefox. Just unzip into any directory you want and it will run happilly,

    And it will auto-update happily too as long as you can write to the Firefox install directory..

    1. Re:FUD by Anonymous Coward · · Score: 0

      Not FUD -- this is a serious Mozilla design flaw. Sure, install FF in a user-writable directory. Now they can get updates. And now any process they run can completely own FF, installing keylogger extensions and crap plugins, or even doing updates to the binaries.

      IE's auto-updates may be huge, nasty, and six months late, but at least there's no need to risk infecting the IE binaries in order to get them.

      Mozilla's auto-update is sleek, but it's wrong-headed. The only safe way to use Firefox is under Linux, with an official distro-updated version -- Now you have to wait a couple more days for updates, and you have to enter your password when they arrive -- but in the mean time your Firefox installation isn't fair game to next week's 0-day buffer overflow in Flash, or whatever.

  18. Re:Copy/paste bug STILL not fixed! Arg! by dvice_null · · Score: 3, Informative

    > Firefox also seems to be a huge memory hog,

    See this article:
    http://kb.mozillazine.org/Reducing_memory_usage_-_ Firefox

    It will tell you how to recude memory usage and also points you to an extension which you can use to track down extensions that leak memory: http://dbaron.org/mozilla/leak-monitor/

  19. my biggest gripe by Anonymous Coward · · Score: 0

    Get this... my biggest gripe with firefox is that when i click on the address bar... it doesn't highlight the url. I have to select the whole thing and delete it to enter another address. On a laptop with a touchpad, this is miserably annoying.

    There must be a setting for this, or an extension to fix it, but while that might help me (and please do direct me to it), I have at least one friend who hasn't switched to firefox for ONLY this reason.

    1. Re:my biggest gripe by alexborges · · Score: 0, Offtopic

      Double click on it punk

      --
      NO SIG
    2. Re:my biggest gripe by nukem996 · · Score: 1

      or right click and select "Select All"

    3. Re:my biggest gripe by Kelson · · Score: 0, Offtopic

      Double-click instead of single-click. It'll highlight the URL much faster than selecting the whole thing manually, and it should still be easy with a trackpad.

    4. Re:my biggest gripe by Ruediger · · Score: 1

      As others said you can double-click, but you can also click on the site icon or use Ctrl + L.

      --
      "...personality goes a long way."
    5. Re:my biggest gripe by FriendOfBagu · · Score: 1

      or use the ALT-D keyboard shortcut. It moves the focus to the address bar and selects the whole thing. I use it all the time. Same thing works in IE.

    6. Re:my biggest gripe by nithinsujir · · Score: 1

      it does for me. but if not use Ctrl-L instead of mouse.

    7. Re:my biggest gripe by Anonymous Coward · · Score: 0

      I'm posting from Firefox 1.5.0.6 here and cannot reproduce what you criticise. Clicking the location bar's text does highlight the whole URL.

    8. Re:my biggest gripe by R.Mo_Robert · · Score: 1

      Double-click? I have to triple-click (once to give focus, twice to select double-clicked word, three times to select whole line).

      --
      R.Mo
    9. Re:my biggest gripe by Anonymous Coward · · Score: 0

      How is this off-topic? It's a direct response to the parent post!

      @#$! mods on crack.

    10. Re:my biggest gripe by Anonymous Coward · · Score: 0
      How is this off-topic? It's a direct response to the parent post!
      Because the parent post was off-topic too?

      Just because someone else made the first mistake doesn't give you a free pass :-p
    11. Re:my biggest gripe by miro+f · · Score: 1

      I think this is the default behaviour in linux only, in windows the default behaviour is to highlight the entire URL

      --
      being vague is almost as cool as doing that other thing...
    12. Re:my biggest gripe by Anonymous Coward · · Score: 0

      Yeah, it's triple-click. That's standard on unix stuff (once for focus, twice for a word, three for a line) but maybe it's not a reflex action for windows users?

  20. You've got it backwards! by matts-reign · · Score: 1

    You're going about this the wrong way. You may forget to run a program as a lesser user, and I have limited faith in the sysinternals app from having things "break out" and run as the regular user. What you should be doing is running select applications that need more priveledges as super user, and be logged in as a limited user. This is how almost all linux/non-windows operating systems are set up.

    --
    Waffles rock.
    1. Re:You've got it backwards! by dwalsh · · Score: 1

      >I have limited faith in the sysinternals app from having things "break out" and run as the regular user.

      You describe the ideal situation, but hacks are written to exploit the browser, not the browser plus sysinternals, because that is a rare combination.

      --
      ${YEAR+1} is going to be the year of Linux on the desktop!
    2. Re:You've got it backwards! by Anonymous Coward · · Score: 0

      wtf are you talking about?

  21. More FUD by brunes69 · · Score: 1

    Having restricted-write access to binaries on a system is not to enhance secrity or protect you from keyloggers. It is to ensure ease of use fo rthe sysadmin, who doesn't haver to worry about what version of $FOOBARSOFT you are running.

    Case in point? If you download *any* trojan app and runit in Linux, it can install a keylogger. All it has to do is add it to your ~/.bashrc, or ~/.xinitrc, or any number of other KDE or Gnome auto-start locations. Boom, you are exploited, and unless you fully audit your machine daily you'll never know it.

    Having root-only writeable executables does *nothing* to protect you. I mean, where is your most important data ? in /usr/bin or in $HOME?

    It's there to help sysadmins, not to protect users from their own stupidity.

    1. Re:More FUD by rohan972 · · Score: 1

      You're right, but on multi user systems it protects sensible users from the others. For example, I run linux, for freinds who want to use the computer, I can make a user account for them without concern/watching everything they do.

      --
      http://marriedmansexlife.com/
  22. Firefox is the most unstable program in common use by Futurepower(R) · · Score: 0, Troll

    With the new version of Firefox, 1.5.0.5 and .6, Firefox is once again the most unstable program in common use.

    Version 1.5.0.4 was quite stable. Now the CPU hogging bug is back!

  23. That's enough buffer flows for all human history! by Futurepower(R) · · Score: 0, Troll

    "Can somebody please tell me, why are we still having this discussion?"

    MOD PARENT UP!!!!

    I've been hearing about buffer overflows almost all of my long life! Let's have the OpenBSD (secure by design) people write one routine for buffer handling for each language and make everyone use it. Save people from boredom and frustration.

  24. The CPU hogging bug is back! by Futurepower(R) · · Score: 0, Troll

    "Anyone else seen this again over the last week?"

    YES!!! See this comment: Firefox is the most unstable program in common use.

  25. Re:when Firefox becomes as insecure as IE by Anonymous Coward · · Score: 0

    Could you please stop spamming? Thanks.

  26. the solution: by miro+f · · Score: 1
    open your address bar and enter:

    about:config


    find the option or enter into the filter:

    browser.urlbar.clickSelectsAll


    and set it to true. This is one of the first things I change. I never understood why the default option is not to select all...
    --
    being vague is almost as cool as doing that other thing...
    1. Re:the solution: by Millenniumman · · Score: 1

      Isn't there a proper way to set it, with a nice GUI?

      --
      Stupidity is like nuclear power, it can be used for good or evil. And you don't want to get any on you.
    2. Re:the solution: by miro+f · · Score: 1

      Not that I know of. There are a lot of options in about:config, it would be one incredibly complex GUI to be able to change them all.

      There might be an extension that will allow you to set more common variables... But I don't know of it. For now, this is good enough for me

      --
      being vague is almost as cool as doing that other thing...
  27. Opera?? Why Bother? by Ash+Vince · · Score: 1

    Lets just be honest for a moment, IE is the dominant web browser as it is preloaded on 90% of the worlds PC's before they are sold.

    As a web developer, clients are generally only interested in what their site will look like under IE. Even graphic designers who use Macs only ever check what the site will look like under IE for the Mac. (Or maybe IE for the PC when it looks shit on IE for the Mac and we explain why).

    Mozilla is working long and hard to try and make some inroads into this. And the best thing they can do is make their browser replicate the way IE renders pages. (Piss poor rendering quirks and all).

    I have had 2 or 3 clients over 3 years who have actually cared what their site looked like under mozilla / firefox. And this is out of hundreds of different sites I have built in that time. I have never had one client even care about Opera. So if it passes the acid test or whatever, who cares? Certainly not anyone who wants to make any money out of the web. Just a few geeks who still behave like kids and scream to be in some elite minority.

    Now I do not like this state of affairs, but I am also a pragmatist who realises that the only thing that stands a chance of making any inroads into the browser market is firefox. So I honestly think that regardless of which is the better browser the best thing to encourage a more diverse web, with more sites optimised for a more general platform rather than just IE would be if the Opera devs just packed it in and started contributing to mozilla / firefox. Maybe when we have two browsers with 50%/50% market share things would change but not now.

    Have any web developers out there ever been asked to produce a commercial site with Opoera in mind? I would love to hear some real positive responses but I fear I will be disapointed.

    --
    I dont read /. to RTFA, I read /. to offend people in ignorance.
    1. Re:Opera?? Why Bother? by Handlarn · · Score: 2, Insightful

      If you're the web developer then isn't it your job to make sure that the site works well in Explorer and Firefox and Opera?

      You're the expert; why wait for a client to tell you they need their stuff to work on Opera? They might not even know Opera or Firefox exists. If I hired someone I would assume they'd make it compatible with all the major browsers without me having to explicitly say so. Besides, Opera seems to render contents very true to HTML/CSS standards (more than Firefox and Explorer, in my experience) and that alone seems to me to be a good reason to make sure it's compatible.

    2. Re:Opera?? Why Bother? by hkmwbz · · Score: 1
      I know, "don't feed the troll" and all, but I disagree. It's important to respond to troll so that their lies do not stand without any objections.
      So I honestly think that regardless of which is the better browser the best thing to encourage a more diverse web, with more sites optimised for a more general platform rather than just IE would be if the Opera devs just packed it in and started contributing to mozilla / firefox.
      Yeah, who needs choice? It's not like anyone needs Konqueror or Opera. But hold on! It seems that people DO use Opera and Konqueror (or KHTML). Safari uses KHTML, which is much lighter than Gecko, and has about equal standards support. Opera is even more efficient, and is used on lots of mobile phones and other devices, including Nintendo DS and Wii.
      Have any web developers out there ever been asked to produce a commercial site with Opoera in mind?
      You mean like web developers using Adobe products?
      --
      Clever signature text goes here.
  28. Firefox update by zymano · · Score: 1

    Latest update is bugged.

    Clicking links wont work anymore.

  29. Just FYI by vain+gloria · · Score: 1

    Mitchell Baker, Mozilla's "Chief Lizard Wrangler" cited the company's install base at 40m-50m in an interview a couple of months ago.

    link

  30. Eh? by Anonymous Coward · · Score: 0

    Mozilla intend to make their browsers more secure by using a newer revision of javascript? Javascript is the security problem, don't take my word for it, go and read the Mozilla security page yourself. A good proportion of javascript on the web is totally unneccesary so why don't they ship with javascript disabled by default?