Slashdot Mirror

← Back to Stories (view on slashdot.org)

Nine Reasons To Skip Firefox 2.0

Posted by ryuzaki0 on from the rough-around-the-edges dept.

grandgator writes, "Hyped by a good deal of fanfare, outfitted with some new features, and now available for download, Firefox 2.0 has already passed 2 million downloads in less than 24 hours. However, a growing number of users are reporting bugs, widening memory leaks, unexpected instability, poor compatibility, and an overall experience that is inferior to that offered by prior versions of the browser. Expanding on these ideas, this list compiles nine reasons why it might be a good idea to stick with 1.5 until the debut of 3.0, skipping the "poorly badged" 2.0 release completely." OK, maybe it's 10 reasons. An anonymous reader writes, "SecurityFocus reports an unpatched highly critical vulnerability in Firefox 2.0. This defect has been known since June 2006 but no patch has yet been made available. The developers claimed to have fixed the problem in 1.5.0.5 according to Secunia, but the problem still exists in 2.0 according to SecurityFocus (and I have witnessed the crash personally). If security is the main reason users should switch to Firefox, how do we explain known vulnerabilities remaining unpatched across major releases?"
Update: 10/30 12:57 GMT by KD : Jesse Ruderman wrote in with this correction. "The article claims that Firefox 2 shipped with a known security hole This is incorrect; the hole is fixed in both Firefox 1.5.0.7 and Firefox 2. The source of the confusion is that the original version of this report demonstrated two crash bugs, one of which was a security hole and the other of which was just a too-much-recursion crash. The security hole has been fixed but we're still trying to figure out the best way to fix the too-much-recursion crash. The report has been updated to clear up the confusion."

12 of 606 comments (clear)

  1. Firefox to internet: by sporkme · · Score: 5, Insightful

    Firefox to internet:
    If you are for any reason dissatisfied with your Firefox experience, we will gladly refund your money.

    There will, of course, be growing pains. TFA highlights a known security bug, and points out that the memory leak has found its way into Firefox 2. CSS is initially seeing some compatibility hickups. There is always room for improvement. I began using Firefox 2 a few hours after the actual release. I was surprised to see an article complaining.

    The other points of the article are matters of preference and wishful thinking.
    -"I don't like the theme." ORLY well how is that IE theme support working out for you?
    -"The anti phishing is weak!" ---compared to what? The antiphishing in 1.5?
    -"Extensions did not automagically compatible-ize themselves!" OOOOHHH, well let me switch to that other browser that inherently supports third-party code. Perhaps we have overlooked the ".0" in the release version number. Third parties will have to adapt to meet the changes as Mozilla works to meet them. This does constitute a reason to potentially delay switching if extensions are absolutely necessary for your casual web usage.
    -"I don't understand the options screen!" BWAHAHAHAAAHAHAHAAAAA!!!! This can't be serious.
    -"I don't like the RSS thingy! IE does it better!" Where was it again that RSS originated? Was that Redmond? While IE's RSS Just Works (TM) there are clearly many custom options for this feature with Firefox, and unimaginable numbers of extensions are to follow.

    So why delay switching to 2.0? Because 1.5 is just fine. Not because 2.0 is broken. Comparing a .0 release to an established release, and to Internet Explorer, is just pretty laughable where I am sitting. I have not experienced a single crash or bug, but then I have not exactly been trying to break it. Overall, I am quite impressed and look forward to seeing where this release takes the community.

    --
    FairTax baby!
  2. Defending Firefox isn't helping Firefox by coobird · · Score: 5, Insightful

    It seems like quite a few people are out defending Firefox, but that's actually a disservice for Firefox.

    What it really comes down to is to make Firefox into a browser that can convince the other 80+% of the users to switch. Saying "oh but, Firefox did it first!" or "you can just change x setting to make it better if you like" is irrelevant because when it comes down to it, it's whether the average users think it's better than the other browser. Making excuses for issues that even be perceived as problems doesn't help Firefox.

    I like Firefox and upgraded to 2.0 on Tuesday, but it's not really the opinion of the Firefox crowd that really matters, it's the users still using Internet Explorer, the crowd that Firefox is really going after.

  3. Re:Sad Co-incidence by dvice_null · · Score: 5, Informative

    This might help if you have crashes:
    http://kb.mozillazine.org/Firefox_crashes

  4. Re:The 9 Reasons by Antiocheian · · Score: 5, Insightful

    1). The theme: so he doesn't like the theme. That's why themes were invented for, go grab one which you like. Crap.

    No, it's not crap. This will be an important reason for many people to avoid 2.0

    Yes, there are themes and I immediately installed one of them after I set up Firefox. But you can't ask this from the user base Firefox is aiming at.

    3). Confusing Options dialog: hell, have you ever really gone through IE's Tools->Internet options ? Thought so. Anyway, it's really hard to spot well designed dialogs these days. Not a reason for not using the browser. Crap.

    It seems you agree on his point and yet call it crap. The options dialog DOES suck. And yes, it's really easy to spot well designed option dialogs, take a look at Microsoft Office.

    4). Compatible extensions: man, people need some time for updating their extensions, but they are quick, e.g. all my extensions have been upgraded in a few days. But, if you're willing, in most cases you can fix them on your own.

    The cited article is about reasons for NOT upgrading from the good and working 1.5.x. Indeed my most needed extension is not working with 2.0 yet. His objection is solid, yours lacks in more aspects than style.

    7). Freezes: yes, they occur. But hello, restore session. I don't say it's no problem, I'm saying it's no reason not to switch.

    So you say that it's ok to upgrade to a buggy new version. I really don't think you are entitled to an opinion on Slashdot.

  5. Re:The 9 Reasons by xoyoyo · · Score: 5, Insightful

    >> 2). Weak antiphishing: there was none before, now he's complaining it's weak. Get lost.

    Weak antiphishing is worse than no antiphishing. If a user gets used to seeing antiphishing messages pop up every time they do something stupid, then when one doesn't appear they're going to assume everything is okay.

    This might be acceptable if you were talking about a tiny percentage of transactions, but Firefox can't guarantee that.

    The Firefox phishing protection is host based, which means that someone has to submit a site and then it has to be verified before being added to a database. Worse, connection to the live blacklist is optional, so you may be browsing with an antique blacklist.

    All that will happen is that the scammers will spread their phishing sites more widely: there are hordes of compromised PCs out there, you can't track them all.

    A heuristic approach would be better: at the moment all the phishing mail I get seems to use a hole in php. Better surely to have mandatorily updated list of rules in the antiphishing engine:

    Alert if apparent domain in #text of tag does not match href attribute
    Alert if URL contains a space
    Alert if URL is IP address with no dots

    &c&c

  6. Re:It may not be a good browser, but.... by spectral · · Score: 5, Informative

    Opera fanboy alert: Opera doesn't have ad supported mode anymore. Yes, that's right. It's free (cost), even though not free (speech)

  7. Re:The 9 Reasons by jesser · · Score: 5, Informative

    Sure, there's restore session, great. Does it restore the text of the email/post/whatever that I was typing? No, of course not.

    Actually, it does.

    --
    The shareholder is always right.
  8. Re:Meh by rpdillon · · Score: 5, Informative

    Go to about:config.

    Filter on "tabs"

    Find the entry for "browser.tabs.closeButtons". It'll probably be set at "1". Setting it to "2" makes the close button only visible on the active tab. Setting it to "3" makes the close button the right appear again (1.5 behavior).

    Hope this helps.

  9. 9 Reasons to upgrade to 2.0 by sygin · · Score: 5, Informative

    I have been using Firefox 2.0 on Windows and Linux for a while now (RC1)

    1. It is faster than 1.5
    2. It is more stable than 1.5
    3. It is smaller than 1.5
    4. It does more 'out the box' - requires less extensions
    5. It looks better than 1.5
    7. I love the spell checking
    8. It is more secure than 1.5
    9.If it uses more memory, it is because it remembers
        the previous pages and the back button works instantly.

    The reasons not to quoted in the 'story' are moronic

    Cheers
    Sygin

    --
    Don't make your problems my problems!
  10. Responses from a Firefox developer by Anonymous Coward · · Score: 5, Informative

    I am a Firefox developer, so I can comment with some authority on these points.

    First, as to the "critical security hole", as we've already stated in numerous other places, the actual exploitable hole was patched long ago. A non-exploitable crash does remain and will eventually be fixed. Anyone who reports this as a security hole has not done their due diligence.

    Second, the summary posted here is a bit surprising. The feedback we've seen so far is quite the opposite of this summary: most users are, in fact, reporting better performance, lower memory usage (we fixed some of the most egregious leaks), and an easier-to-use browser. Additionally, we fixed far more bugs, especially old, longstanding bugs, in this release than in any previous Firefox release. So even if none of the new features flotas your boat, this release *should* be a polished step forward, once you start poking around a bit.

    Third, as to the nine points this article raises:
    # The new theme sucks
    As this is a matter of personal preference, I can only encourage those who dislike the new theme to download one of the many alternative themes available. There are updated versions of the 1.5 Winstripe/Pinstripe themes, as well as many others, whatever suits your fancy. I will note that the majority of editors reviewing Firefox 2 have felt that the new theme is a step forward; so clearly not everyone believes this is a negative point.

    # Antiphishing technology is both weak (blacklist based) and a potential privacy problem. The privacy issues are raised because Firefox 2.0 Antiphishing Features employ an engine previously released by Google, which has been shown to potentially cause privacy risks.
    This argument is unclear. One of the antiphishing modes uses a blacklist and the other submits URLs to Google. So it at worst is not both weak and privacy-violating at the same time. Going further, however, I would ask for a less vague argument about privacy. Switching on full antiphishing protection displays a warning notice to the user specifying exactly what sorts of data is sent where, and for what purpose. I hardly consider it a violation of privacy to allow people to explicitly choose to send their data somewhere else. (Of course, given that Google doesn't actually do anything with this data other than feed it into their anti-phishing database, I don't consider it a violation of privacy regardless, but we have options precisely because not all users will feel this way.)

    # The new Options dialog box is confusing, poorly designed, and illogically hides important features
    Especially given the positive feedback we've gotten on the redesigned pref window, I'd suggest explicitly naming problems here rather than making such a vague and general argument. The new options box is IMO a vast improvement on the old one: it reduces the number of tabs containing embedded tabs to one (the Advanced tab), it rewords many options for grammar and clarity (especially where the old wordings had generated bug reports), and it slightly modifies the default set of options to better fit actual usage. Name the "important features" being hidden and I suspect the list will consist of features that are very important to a tiny fraction of our userbase.

    # There are many reported compatibility issues with the large existing libraries of extensions, themes, and plugins currently avaialble for earlier versions o Firefox.
    Actually, since the Gecko engine remained at version 1.8, with almost every XPCOM interface backwards compatible with Firefox 1.5, this release has by far the _fewest_ number of incompatibilities of any release in Firefox history. Most extensions are compatible once their version numbers are set properly, and only a small fraction actually broke. Additionally, we contacted the authors of the most popular extensions in advance of the release to explicitly ask them to test their extensions, and filed bugs to track the upgrading of popular extensions. While we can always do more here, I think this has been th

  11. Re:Do volunteers care about tracking down memory l by joto · · Score: 5, Interesting

    Maybe it's because you aren't surfing. If you actually use firefox, instead of simply letting it remain minimized at about:blank for a month, it will quickly use ridiculous amounts of memory. Here it's at 305MB and counting... Oops, just checked, it's now 306MB. And I haven't really done anything apart from writing this in the meantime.

  12. Re:Sad Co-incidence by dvice_null · · Score: 5, Insightful

    If people have problems, they are more likely to speak it up, than those who don't have problems. Just to make things a little more equal, I for one have had no problems with Firefox 2.0.