Firefox 3.6 Locks Out Rogue Add-ons

CWmike writes "Mozilla will add a new lockdown feature to Firefox 3.6 that will prevent developers from sneaking add-ons into the program, the company said. Dubbed 'component directory lockdown,' the feature will bar access to Firefox's 'components' directory, where most of the browser's own code is stored. Mozilla has billed the move as a way to boost the stability of its browser. 'We're doing this for stability and user control [reasons],' said Johnathan Nightingale, manager of the Firefox front-end development team. 'Dropping raw components in this way was never an officially supported way of doing things, which means it lacks things like a way to specify compatibility. When a new version of Firefox comes out that these components aren't compatible with, the result can be a real pain for our shared users ... Now that those components will be packaged like regular add-ons, they will specify the versions they are compatible with, and Firefox can disable any that it knows are likely to cause problems.'"

I want a mechanism for pluck-outs...

[jkrise]

At my company I would like a stripped-down Firefox without features like awesome bar and other bloat. Is there a way to do this, easily?

Also I have the SmartQ 7 and SmartQ 5 MIDs which are basedon the ARM processor. Thedefault browseris Midori... can I get a Firefox compiled for the ARM to run on that?

I hink firefox shoudl focus on these and similar issues...

Re:I want a mechanism for pluck-outs...

[toppavak]

A pony would be nice as well!

Re:I want a mechanism for pluck-outs...

[IBBoard]

Never mind that, how about a spell checker? Hang on.... ;)

Re:I want a mechanism for pluck-outs...

[sakdoctor]

The pony should be a plugin

Re:I want a mechanism for pluck-outs...

[Trent+Hawkins]

wouldn't the mobile version of fire fox do that?

Re:I want a mechanism for pluck-outs...

[Aquaseafoam]

You could try Midori. http://www.twotoasts.de/index.php?/pages/midori_summary.html

Re:I want a mechanism for pluck-outs...

[Shikaku]

At my company I would like a stripped-down Firefox without features like awesome bar and other bloat.

What is the other bloat? On the default install please list everything you'd like to have removed.

Re:I want a mechanism for pluck-outs...

[jamstar7]

The pony should be a plugin

The mental image that came to mind when I saw that convinces me that I watch WAY too much porn...

Re:I want a mechanism for pluck-outs...

[Lord+Bitman]

The awesome bar, and most of the other firefox bloat, should be plugins. Firefox had this great plugin architecture which everyone and their dog used- except the firefox devs.
Why doesn't firefox ship with an array of "default" plugins, all of which can be disabled? There's no need for something like awesomebar to be core, is there?

Re:I want a mechanism for pluck-outs...

[LordSnooty]

Take source, rewrite source, build.

Re:I want a mechanism for pluck-outs...

[wed128]

Ok i understand not reading the article. I understand not reading the summary. But not reading the post you're replying to?

slashdot gets more progressive every day.

Re:I want a mechanism for pluck-outs...

[anasciiman]

The code is available and forkable. Why not fix it to your liking and then submit patches?

Re:I want a mechanism for pluck-outs...

[Neil+Hodges]

Preferably with 144 TiB of RAM.

Re:I want a mechanism for pluck-outs...

Have you considered trying the new browser Midori

Re:I want a mechanism for pluck-outs...

[rliden]

I disagree. Most of those features like 'the awesome bar' should be config items not plug-ins/add-ons. So if someone wants a lean FF they can enable/disable those features in config. I would much rather some features be built in rather than a downloadable add-on, but being able to configure the browser without having to go into the about:config system would be something I very much appreciate.

Re:I want a mechanism for pluck-outs...

[Glothar]

No. I'm quite happy with Midori.

Re:I want a mechanism for pluck-outs...

[nabsltd]

There's no need for something like awesomebar to be core, is there?

Maybe the full set of functionality isn't required to be in the "core", but I think that you'd have to have some sort of location bar in the core.

Then, you end up with an add-on either extending or duplicating the existing functionality, either of which can become a problem.

I think it would be far easier to have the full "awesome bar" as part of the core, but have a real UI that allows users to enable/disable every feature.

Re:I want a mechanism for pluck-outs...

[RiotingPacifist]

Because the awsome bar is effectively free give firefox now uses sqlite to store bookmarks, as it can be disabled easily (or you can have an addin to re-theme it to the oldway, but getting rid of the "bloat" can be done with a gui setting)

Re:I want a mechanism for pluck-outs...

[R.Mo_Robert]

There's no need for something like awesomebar to be core, is there?

Apparently, this is something the Mozilla folks thought people would like--and, indeed, many do. When used properly, the AwesomeBar nearly lets you forget about bookmarks and history. I really miss this feature in other browsers or in computer labs with older versions of Firefox.

If you don't like it (or if you're just too set in your ways), you can tweak it do be Firefox 2-ish by changing some preferences--just Google it. Also, there is the oldbar extension.

Re:I want a mechanism for pluck-outs...

[bill_mcgonigle]

I would much rather some features be built in rather than a downloadable add-on

notice, this wasn't his suggestion (which seems good).

Re:I want a mechanism for pluck-outs...

[FatdogHaiku]

How about a pony the size of a kitten!!! That would be so cool...

I thought about a kitten the size of a pony but that might create some undesirable food chain issues...

Re:I want a mechanism for pluck-outs...

[gbarules2999]

I, on the other hand, think that Midori is a far better solution.

Re:I want a mechanism for pluck-outs...

[Toonol]

You can hide the awesomebar by tweaking settings and add-ons... first thing I do on any Firefox installation. However, the code is still out there, taking up space, and I have a hunch it's still causing a performance hit. My understanding is that it spawns a database query every keystroke in the address bar, sometimes multiple queries if there are lots of matches. I sometimes get stalls when I type into the location bar, and I wonder if the cause is that it's still making the queries, just hiding the results.

The awesomebar should always have been an optional add-on. That's how ALL the bloat-features should be handled. I still prefer Firefox more than any other browser, but my amount of proselytizing has sure decreased.

Re:I want a mechanism for pluck-outs...

[Degro]

This is why I've been using chrome as my primary browser lately, no add-ons so far. I switch my relatives and friends as well. It's like the OS X of browsers. Constantly disabling add-ons that other programs conveniently installed for them is really annoying. It's like cleaning out the windows malware their PCs always manage to accumulate. Just a few days ago I dealt with a PC that was running incredibly slow, a few seconds of lag for each letter typed. A quick look at the process list and I see firefox is using 99% cpu. I take a look at the add-ons and disable an add-on winamp snuck in and problem solved. Who knows what the winamp addon was doing, but it's really fucking annoying.

Re:I want a mechanism for pluck-outs...

[Nursie]

Whilst you can change the look, there seems to be no way to stop it storing a full history in its location database which you cannot wipe with the privacy settings.

This, IMHO, sucks!

Re:I want a mechanism for pluck-outs...

[clone53421]

Here you go.

Re:I want a mechanism for pluck-outs...

[clone53421]

Sure you can. You can wipe sites from the history (and thus from the location database) relatively easily.

You can begin typing, highlight a search result by hovering over it with the mouse, then press the Del key to remove that result.

You can also open the history tab, type something in Search, tab into the search results list, Ctrl-A to select all, and press the Del key to remove all of them.

Finally, you can add the HistoryBlock extension which silently prevents certain sites (domains or subdomains) from being added to the history, recently closed tabs, download manager history, cache, or cookies. Blocked domains or subdomains are hashed, so there is no incriminating list, although having the HistoryBlock extension may be incriminating by itself to some people.

Re:I want a mechanism for pluck-outs...

[EkriirkE]

SeaMonkey

Re:I want a mechanism for pluck-outs...

[G00F]

I agree. Firefox got popular because they didn't want the mozilla bloat Now it seams like the bloat people from mozilla came over and took over the firefox port.

Having the awesome bar as a default plug-in sounds like a wonderful idea. If I could code, I'd do it (as well as have default for downloads be to ask,kept the option to disable 3rd party javascripts w/o needing noscript, and infact a way to block various 3rd party objects(flash, pictures, javascript, etc). Maybe call it Phoenix again ;)

Nothing like having newer versions getting smaller and faster again.

Re:I want a mechanism for pluck-outs...

[Zantetsuken]

http://www.mozilla.com/en-US/mobile/

Re:I want a mechanism for pluck-outs...

[syousef]

There's no need for something like awesomebar to be core, is there?

It makes it easier to shove the change down the user's throat.

Re:I want a mechanism for pluck-outs...

[syousef]

If you don't like it (or if you're just too set in your ways), you can tweak it do be Firefox 2-ish by changing some preferences--just Google it. Also, there is the oldbar extension.

The oldbar extension plus hideunvisited, or just old location bar on its own only exist because you CAN'T just change some options and haven't been able to since the official non-beta release of Firefox 3.0. If you could there would be many less complaints but its disgusting that they instead tried to force user behaviour and it took extension developers to work around it. So please stop spreading untruthes.

Re:I want a mechanism for pluck-outs...

[double07]

Awesome bar is awesome.

Re:I want a mechanism for pluck-outs...

[Nursie]

No, you can't. The awesome bar reads them from it's database again later.

There is no way, from the GUI, to stop firefox recording stuff. Go into your .mozilla/firefox// and run strings on places.sqlite

Everything you ever visited is in there.

Re:I want a mechanism for pluck-outs...

[clone53421]

Then they're in your bookmarks. Delete the bookmarks.

Removing non-bookmarked sites from the history removes them from the Awesome Bar. It didn't at one point, but the issue has been fixed.

Re:I want a mechanism for pluck-outs...

[Hurricane78]

Yeah. And The ability to show pictures, to have a menu, to render graphics, to show fonts, and to understand css should also be plugins.
Who needs all that bloat??

Also, mouse functionality and that newfangled HTML are rather pointless. :P

Re:I want a mechanism for pluck-outs...

[Nursie]

No, it doesn't fix it.

They aren't bookmarks, the history is emptied. Try it, use a sqlite browser and take a look in your .mozilla directory, it NEVER gets rid of your tracks.

I don't *hate* the awesome bar, but firefox is not a good browser for privacy since it came along.

.NET Anyone?

[Daengbo]

Last February, and again in May, Firefox users complained when they found that Microsoft had pushed the .Net Framework Assistant add-on and the Windows Presentation Foundation (WPF) plug-in to their browsers as part of the .NET Framework 3.5 Service Pack 1 (SP1) update, which was delivered via Windows Update.

That's the first thing I thought of when I read the summary.

Re:.NET Anyone?

[NoYob]

The first thing I thought of was those Yahoo! toolbars that folks love to slip into every browser.

Re:.NET Anyone?

[Errol+backfiring]

Me too. AND the fact that Microsoft thought that a browser was less stable because of the plugins. So they should actually be glad they cannot install unwanted crap anymore.

Re:.NET Anyone?

[maxume]

Those components were installed by editing the Windows registry, not 'dropped in' as is discussed here (Firefox looks in various locations to find plug-ins and addons to load).

Re:.NET Anyone?

[poetmatt]

they said they would have a solution, and this is a viable one. That is exactly what I had in mind as well. Like they say, locks keep honest people honest.

Re:.NET Anyone?

[Arancaytar]

Yes, and I think that's pretty much what they're taking aim at. They already specifically blacklisted the add-on a while ago, causing huge cheer as well as huge backlash. It seems that with this approach they want a more flexible solution by making sure people can disable stuff they don't want.

Re:.NET Anyone?

[sopssa]

Well, as no one reads the article, this doesn't concern .NET update in any way:

In actuality, Microsoft did not drop its code into Firefox's components directory, Nightingale confirmed. "The .Net Framework and WPF use our existing extension/plug-in mechanisms, that's why we were able to disable them when they were found to be vulnerable," he said in a follow-up e-mail. "They aren't impacted by this change."

Re:.NET Anyone?

If it wants to install something totally unrelated it is a sure sign that you shouldn't use this software.

In that context, I search a PDF reader for Windows with print capability.
Acrobat: See above
Foxit: See above
Sumatra: Converts to image for printing -> SLOW

Re:.NET Anyone?

[Anonymous+Monkey]

That's what I thought. I wonder what Yahoo! would do if it's software could only be installed by the user, and not by other software. Perhaps they will strike a deal with Microsoft to get back at Firefox.

Re:.NET Anyone?

[ImYourVirus]

But it doesn't for crooks, so what are we going to do about microsoft now? /sarcasm

Re:.NET Anyone?

What do you mean? As far as I know, in all the instances where a toolbar is bundled with some other software, the toolbar installation is clearly mentioned in the software EULA, so each time the toolbar is installed, the user agreed that he wanted it. As a developer for a Web optimizer plugin, this Firefox change will make it much harder for us to reach our users.

Re:.NET Anyone?

[Krneki]

Those components were installed by editing the Windows registry, not 'dropped in' as is discussed here (Firefox looks in various locations to find plug-ins and addons to load).

Firefox (or any other browser) should have only one place for addons and plug-ins and this location should be locked with a password, like the OS devices.

Right now any program (or virus) can add addons to our browsers.

I'm sick of getting my browser hijacked every time I install a program.

Re:.NET Anyone?

[poetmatt]

you know, I actually wonder what mozilla will do it microsoft tries it again at this point.

Re:.NET Anyone?

[indi0144]

So my rant was useless?

http://slashdot.org/comments.pl?sid=1407593&cid=29776261

(no link because stupid slashcode eats my html tags)

I'd install a plugin that does just what I hinted in the end of the post :p

Re:.NET Anyone?

I'm sick of getting my browser hijacked every time I install a program.

Maybe you should stop installing malicious software, then.

There's a perfectly good reason why these apps need to look in multiple locations: different users have different setups.

It's all well and good to have "one location", until that one location on one person's machine is an administrator-only location that non-privileged users can't edit, meaning they have no ability to customize their use of the software. I don't give a crap what people install on their machines under their accounts because they're running with few privileges and can only mess up their own setup. I don't want to have to start manually tweaking permissions on some shared add-ons folder every time somebody wants a new tool added to their instances of Firefox.

Just because you choose to keep installing viruses and junkware that messes up your machine doesn't mean the rest of us should have to suffer through endless security configuration headaches.

Re:.NET Anyone?

[The+MAZZTer]

This is different from that. Those are actually packaged as add-ons so this change wouldn't affect them at all.

What Mozilla should do about those IMO is one of two things: 1) Enable the uninstall button for globally installed extensions (IE installed for all users) on Administrator accounts (in Windows; root on Linux... assuming Linux has global extensions) 2) Take steps to prevent or discourage apps from trying to plop extensions down and install them in Firefox without the user's consent. The "official" way for installers to install extensions should be to invoke Firefox with the URL of the XPI. Then the user would get the normal Firefox "Do you want to install this extension?" dialog and they can decide. Of course it would be impossible to fully prevent extensions from being covertly installed, but I think it would be worth the effort to lay down a few roadblocks if only to indicate to extension devs "don't do it this way".

Re:.NET Anyone?

[Canazza]

http://slashdot.org/comments.pl?sid=1407593&cid=29776261

link, because "plain old text" turns urls into links

Re:.NET Anyone?

[A+Big+Gnu+Thrush]

So true. Foxit was good for a while, but it got as bad as Acrobat.

Yahoo! and Adobe are two companies that can't fall off the face of the earth fast enough as far as I'm concerned.

Re:.NET Anyone?

[trevdak]

Regardless, there should've been a prompt to ask if you wanted to install it, and there damn well should be a working uninstall button.

Re:.NET Anyone?

[mqduck]

I'm pretty sure that's the first thing everybody here thought of.

Re:.NET Anyone?

[mqduck]

the toolbar installation is clearly mentioned in the software EULA, so each time the toolbar is installed, the user agreed that he wanted it. As a developer for a Web optimizer plugin, this Firefox change will make it much harder for us to reach our users.

I fail to see the downside for anybody but you, and you make it sound like you clearly deserve it.

Re:.NET Anyone?

[RudeIota]

Since .NET was installed in an 'official' way, I can only assume it is Firefox that provided Microsoft the ability to remove the "Disable" button from their first iteration of the Firefox WPF plugin. Is that behavior actually by design?

If it is, I certainly hope that gets changed in 3.6 too. Every plugin and extension ought to have 'Disable' and 'Remove' buttons, no matter what.

Re:.NET Anyone?

[maxume]

Actually, even if Firefox kept an encrypted store of what DLLs it had told the user about, there really isn't any way to prevent a malicious program from simply replicating the code used to create the store, so it would be pretty hard to always notify the user.

Google update is initiated here on my system (it looks like it is intended to facilitate installing updates to Google software while using Firefox, I would be surprised if it was doing anything nefarious):

HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins

I guess the DRM plugins are loaded because Firefox treats the Windows Media Player directory as a plug-in directory, by default:

http://kb.mozillazine.org/Plugin_scanning

Re:.NET Anyone?

[maxume]

You can make it less promiscuous:

http://kb.mozillazine.org/Plugin_scanning

(but a virus could just edit or blow away your settings, so it isn't a complete fix)

Re:.NET Anyone?

[maxume]

It's an artifact of supporting system wide extension installation, rather than per user. Microsoft probably should have used per user installation of the plugin (even though .NET is arguably a system wide update). Removing the support is probably overkill, as I imagine it is useful in managed environments.

Re:.NET Anyone?

[Miamicanes]

> What do you mean? As far as I know, in all the instances where a toolbar is bundled with some other
> software, the toolbar installation is clearly mentioned in the software EULA, so each time the toolbar
> is installed, the user agreed that he wanted it. As a developer for a Web optimizer plugin, this Firefox
> change will make it much harder for us to reach our users.

Q. What's the difference between a 'trojan' and 'malware'?

A. Malware has a EULA.

I can't even *begin* to emphasize how badly it pisses me off when some app tries to sneak BHOs and plugins into their installer... almost always in ways that someone in a hurry to install the app that's actually *desired* will overlook. I flat-out refuse to ever use Yahoo and Google's toolbars, *precisely* because they have so many people trying to ram them down my throat and trick me into installing them.

Re:.NET Anyone?

[maxume]

Firefox has lots of technical users, but still, the majority of Firefox users at this point are non-technical, and they don't particularly care that Microsoft installed a thing in their browser that makes stuff work.

Re:.NET Anyone?

[hairyfeet]

I think what you and the others that hate toolbars want is a nice little thing called Ninite. Dozens of programs including Foxit to choose from (and you can suggest more) and NO TOOLBARS. I just installed the latest Foxit in both WinXP and Win7, zero toolbars. it also makes it butt simple when you are building or repairing a PC which of the major programs you want installed without having to play "installer monkey".

Just pick the programs you want from the list, download the installer, and away you go. Has all the biggies like Chrome, Songbird, Aimp, Foxit, OO.o, Pidgen, Irfanview, etc. Really easy peasy and nice, so enjoy!

Re:.NET Anyone?

[AmberBlackCat]

In my opinion, the missing uninstall button is a Firefox problem. How could they let you install software and list it as is installed software, but provide no method to uninstall?

Re:.NET Anyone?

[schon]

I'm sick of getting my browser hijacked every time I install a program.

Maybe you should stop installing malicious software, then.

But.. but.. how else will I see the dancing bunnies?!?!?!

Re:.NET Anyone?

[andi75]

If it's "mentioned in the EULA" it might as well be "on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'". About the same amount of people will be able to read & understand it.

Re:.NET Anyone?

[DangerFace]

In my opinion, the missing uninstall button is a Firefox problem. How could they let you install software and list it as is installed software, but provide no method to uninstall?

Simple. Go to your FF address bar and type file:///C: then click on Program Files. You will be faced with a long list of software that FF is claiming is installed on your system, but can't just uninstall. I find it odd that you seem to think a few developers of a piece of software should be able to override the makers of the operating system. Maybe you also think that all the viruses and rootkits and trojans Windows gets from the web is a Firefox problem too?

A while ago there was a fuss about the Dalai Lama's computers getting hacked by Chinese dudes, and one of the guys asked for advice here. The overriding issue was that pretty much any modern software is hackable, if you have a team of experts working on it. MS has such a team, and they chose to target a specific program running within their own operating system - how were the FF devs supposed to stop them? OK, so they make good software, but they can't force you to use a different/better operating system.

Re:.NET Anyone?

[pjt33]

1) Enable the uninstall button for globally installed extensions (IE installed for all users) on Administrator accounts (in Windows; root on Linux... assuming Linux has global extensions)

I think the majority opinion about Linux administrators is probably still that you shouldn't run X as root. Have the button there and use kdesudo / whatever the GNOME equivalent is.

Re:.NET Anyone?

[clone53421]

Yeah... they pissed off so many people that they finally rolled out an update to the .NET assistant just to make it possible to uninstall it.

The problem, IIRC, was that it installed in the Program Files folder, which meant that only an administrator can uninstall it. Firefox knew this and greyed out the uninstall button if you weren't an administrator. The update moved the addon to the user's application data folder (where most plugins are stored) so that it can be uninstalled by limited users.

Re:.NET Anyone?

[clone53421]

IIRC, the plugin could be disabled – just not removed.

Re:.NET Anyone?

[clone53421]

1) Enable the uninstall button for globally installed extensions (IE installed for all users) on Administrator accounts

Wait... I thought they already did?

Re:.NET Anyone?

[mr_lizard13]

"Whoooosh" !

Re:.NET Anyone?

[barkingcorndog]

the toolbar installation is clearly mentioned in the software EULA, so each time the toolbar is installed, the user agreed that he wanted it. As a developer for a Web optimizer plugin, this Firefox change will make it much harder for us to reach our users.

I fail to see the downside for anybody but you, and you make it sound like you clearly deserve it.

Here. This is for you.

Re:.NET Anyone?

[Catiline]

In my opinion, the missing uninstall button is a Firefox problem. How could they let you install software and list it as is installed software, but provide no method to uninstall?

Simple. Go to your FF address bar and type file:///C: then click on Program Files. You will be faced with a long list of software that FF is claiming is installed on your system, but can't just uninstall.

What a textbook example of a strawman argument! Firefox was not intended to manage software installed to "C:\Program Files\" and presumably was not used to install any of these programs (Firefox itself excepted). What the GP is complaining about is the ability of add-ins for Firefox to disable the internal Firefox un-installation command. If you had followed the previous stories, you'd know that already.

Maybe you also think that all the viruses and rootkits and trojans Windows gets from the web is a Firefox problem too?

When a virus, rootkit, trojan or other form of malware gets installed due to a flaw in the design of Firefox, then that flaw is a problem Firefox should address. However, this is such a small percentage of the above listed programs that your question can be answered "no" with reasonable levels of honesty.

Re:.NET Anyone?

[the_B0fh]

youtube of course! Unless it's the other kind of bunnies, then porntube...

Re:.NET Anyone?

[Toonol]

Perhaps they will strike a deal with Microsoft to get back at Firefox.

Thereby boosting Firefox's market share.

Re:.NET Anyone?

"I can't even *begin* to emphasize how badly it pisses me off when some app tries to sneak BHOs and plugins into their installer..."

I'm sorry, but your browser is not the reason why Barack Obama got elected. Settle down and go back to Conservapedia.

Re:.NET Anyone?

[orngjce223]

Out in Gnome land we call it gksudo. Same idea, different toolkit.

Re:.NET Anyone?

[shutdown+-p+now]

Note that this problem only existed in the first release of the WPF Firefox extension. It had since been fixed (after the original problem made it to the front pages of /. and the like), and "Uninstall" is active, and works just as it should. See this and this

Re:.NET Anyone?

[maxume]

Yeah, I know, I don't really care that people were pissed off about it so I mostly focus on pointing out that they are getting the technical details wrong.

Re:.NET Anyone?

[jonadab]

Yeah. Microsoft isn't the only culprit, though. Symantec, for instance, does the same thing.

Re:.NET Anyone?

[mqduck]

Yeah, I did begin to suspect that I may have been taking sarcasm seriously... But I'm honestly still not sure.

Re:.NET Anyone?

[Xest]

Yes, similarly there should've been a dialog to ask if you want to allow the Firefox team to disable the plugin, and an option to re-enable it.

This is Firefox's problem, it's been a great browser for years (although I find it is getting more and more sluggish with each release sadly), but their tools to integrate into the common Windows network setup that most the world's business sits on still needs a lot of work and if Microsoft release a .NET plugin for companies to switch from IE to Firefox for their business apps then simply disabling the plugin without asking (although it does tell you, whatever use that is) and without giving an option to reenable was a moronic decision. Particularly as many companies will have a corporate security policy in place which would've negated the security flaw making it a non-issue to them anyway.

It has to work both ways because some people actually appreciate the idea of .NET with Firefox. Fighting that just gives large business one more reason to stick with IE which doesn't bode well for FOSS.

Re:.NET Anyone?

[jonadab]

Yeah, but does it associate them all with the correct file types? (IrfanView should be associated with all the raster image file types that don't have layers, Gimp with the ones that do have layers, Inkscape with vector image types it supports, ...)

Re:.NET Anyone?

[Krneki]

You have no idea what I install, so stop giving sentences.

As for the plugin auto-install location. You make a valid point. So I say, give 2 locations, 1 admin and 1 user.

But both of them should be locked and not accessible without giving explicit permission.

Re:.NET Anyone?

[complete+loony]

I think a user should be allowed to block a global extension from loading, but not be able to uninstall it. I also think firefox should have a number of it's own internal features turned into extensions that are installed and enabled by default, but which a user can then go to the addons screen and disable.

Re:.NET Anyone?

[Hurricane78]

You fail to see the humor that flew right over your head, and so we will make a sound like laughter because you clearly deserve it. :P

Re:.NET Anyone?

[mqduck]

jerk :-P

Re:.NET Anyone?

[troll8901]

Darn, I didn't recognize this quote at first, and went searching for the exact same quote to reply to you. I'm ashamed. Here's my geek card.

User perspective

[omfglearntoplay]

From a user perspective, this sounds like a good move. Stability problems in Firefox always seems to stem from add-ons or extensions. Lock that crap down, and make the devs code the right way.

Re:User perspective

[fluffy99]

From a user perspective, this sounds like a good move. Stability problems in Firefox always seems to stem from add-ons or extensions. Lock that crap down, and make the devs code the right way.

Correction - stability problems in Firefox have always been blamed on add-ons or extensions. Of course the developers always became deaf when people having issues with no plug-ins installed.

Re:User perspective

[RiotingPacifist]

Because --safe-mode is too much?

To get help all I've ever had to do is run the program in --safe-mode and see if the bug is still there (often it's not), personally i like keeping a blank profile and launching it with --no-remote anyway, but --safe-mode isn't that much to ask, given they are normally caused by addons

Re:User perspective

[fluffy99]

You missed the point. The Firefox developers all sang in unison that the memory leaks and instability were the result of plug-ins and publicly refused to admit that Firefox had issues, despite the fact that people were posting bugzilla examples of the problems with no plugins installed. Sometimes it was a corrupt profile issue or something gone awry with an upgrade in which case a total nuke and reinstall usually fixed it.

Effects on Add-on Development

[Voulnet]

So what would be the effect on Add-on development? Would it make it more difficult to develop them? Would it constrain the Add-on developers?

Or is this just a method to lock out some Add-on with already known problems?

Re:Effects on Add-on Development

[socsoc]

Hopefully it's gonna lock out add-ons that weren't initiated from within the browser with explicit intention from the user. The MS .NET stuff and the browser addons that get automatically (if you're not paying close attention, which my users never are) added from Adobe Reader, Java, CCleaner, etc.

Re:Effects on Add-on Development

[v1]

Seems like the best way to deal with an open plugin structure is to require mozilla to approve an app for wide-scale access to the internals, and for everyone else, restricted access that's more idiot-proofed. That way, anyone can write a plugin (unlike say, the apple store) albeit with limits, but at the same time the main app devs can allow power user plugins that are proven to be safe.

It's too bad Apple hasn't gone this route. (yet) Right now the only reason they are claiming for the app approval process is to "protect the users". While that certainly is one of their goals, eliminating competition with their own software, (the #1, #2, and #3 top reasons for app rejection at the store) doing what mozilla is doing would accomplish user protection without the lockdown/collateral damage of a must-be-signed-to-run system.

Re:Effects on Add-on Development

[vertinox]

So what would be the effect on Add-on development? Would it make it more difficult to develop them? Would it constrain the Add-on developers?

Its the same reason why IE made it easier to develop web pages by tolerating broken HTML code.

People were using unintended features to make their work easier, but then when the unintended feature was removed then it breaks a lot of things.

In that respect, the developers should have wrote to spec in the first place rather than taking advantage of loopholes because it might get fixed one day.

Re:Effects on Add-on Development

[BitZtream]

Doesn't effect that at all. Microsoft used a specific method available to Firefox plugins to add a reference to the Microsoft plugin. MS did not drop their extension in the firefox directory, they just added a registry key (in the documented way) to point to where their extension was.

You can still do that.

Re:Effects on Add-on Development

[BitZtream]

The MS plugin is not effected by this. It did things in the proper way, the documented method for adding system wide extensions rather than user level extensions. That is why Mozilla could easily disable the insecure version of the plugin, because it actually followed the rules.

MS just added a registry key that pointed at the files for the extension, which is well documented and used by many other pieces of software to allow plugins to be installed even before Firefox, and allowing any version of Firefox (or Thunderbird or whatever) to find them, even after installation into some random directory.

If you bother to read the article, it says the same. Google Desktop Search on the other hand, doesn't follow the rules and will be blocked unless Mozilla makes a work around for them or Google updates GDS to follow the rules.

This is essentially like not allowing code from anyone other than MS to be dropped into the Windows directory, and requiring it to be put somewhere else and properly registered with the system rather than throwing it in the system32 directory and loading it as if it were trusted code from MS.

Re:Effects on Add-on Development

good for you, youve posted the same thing like ten times, enough already

Re:Effects on Add-on Development

[socsoc]

I disagree with the "proper way." I do not use .NET and have no wish for that to be in a competitor's browser. To me the proper way is for me seek out a download, preferably through an XPI, but definitely not through Windows/Microsoft Update.

Although I thought I read it, I didn't see the link to the second page to TFA, so thanks for redirecting me back to it.

Re:Effects on Add-on Development

[ImYourVirus]

If it followed the rules, it would have asked instead of just installing it, quit spewing this shit of 'they did it the right way' obviously not if the user was unaware it was happening and thus didn't want it installed.

Re:Effects on Add-on Development

[natehoy]

Net effect: Slight increases in development effort.

As I understand it, you can install additional functionality into Firefox in one of two ways:

1. Use the built-in installer. This is the "countdown box" that confirms that you want to install what the software is asking to install. It checks compatibility, and offers the capability of checking for updates and validating compatibility when a new version of Firefox gets installed (and disabling software that has NOT been tested with that specific flavor of Firefox).

2. Throw a file into a plugins or addons directory and Firefox will look for it and load it unconditionally next time it starts.

Sounds to me like they are going to reduce or eliminate #2.

So, as a developer, you'll probably have to package your plugins into a Firefox install package rather than an old Netscape-style plugin. You'll build that package specifying what versions of Firefox you have tested your plugin with, and the user will be informed that a new plugin wants to be installed.

Firefox could also fix this by scanning for all plugins and enumerating the ones that the user has identified as "safe", while prompting for any new ones that aren't in the database yet (or that have had their version numbers or file dates changed).

But that's more of a patch - the real solution is to protect the directory and only allow installs through the Firefox UI. I would be very curious to find out how they intend to protect the directory, though maybe they are simply ignoring anything "unexpected" that happens to be sitting there.

Re:Effects on Add-on Development

[gbjbaanb]

but it isn't a .NET addon. Its a Firefox addon.

So you should be perfectly able to install any .NET update from WU safe in the knowledge that it is not affecting your non-.NET applications, like Firefox.

Re:Effects on Add-on Development

[Dudeman_Jones]

I'm pretty sure this is a response to that mega security flaw addon that Microsoft forced into Firefox a while back. Current add-on devs probably won't be affected because they are almost always installed via firefox's own addon installation method. (Just rolls off the tongue, don't it?)

Re:Effects on Add-on Development

[Late+Adopter]

Eh, you're right in this particular case, but you're not thinking broadly enough. There *is* a use for the "right" way, namely package managers, at least for those of us under Linux. I don't know if Flash is a "component" under these definitions, but I like being able to keep it synced with my distro's repositories the same way I update the rest of my software.

Re:Effects on Add-on Development

[tepples]

That's pretty easy to do when you aren't in a domain environment and not running WSUS...

Then ask the administrator of your WSUS server to deploy a group policy against the installation of the .NET framework.

Re:Effects on Add-on Development

[tepples]

There *is* a use for the "right" way, namely package managers, at least for those of us under Linux.

.rpm or .deb?

Re:Effects on Add-on Development

[tokul]

MS just added a registry key that pointed at the files for the extension

I guess you missed the part about not displaying real .NET plugin in firefox plugin list. Yes, they again used some browser feature. In normal world such use is usually called abuse.

Re:Effects on Add-on Development

[ImYourVirus]

Yes sure that's fine if it's something you wanted installed, but you're not even given the option, it just does it, almost like spyware type crap but not the same of sorts.

And are you sure its flash? Because microsoft doesn't make flash, adobe does, and regardless I'm pretty sure that's not what were talking about.

Marketshare Issues.

[carp3_noct3m]

In the browser wars, people tend to forget sometimes that marketshare is an inherent part of how much your browser will come under attack. Issue's like these, while it's good they're being patched, should have been taken care of a long time ago in anticipation of things to come. Firefox is still my preffered method of browsing, but thats because I am a halfway knowledgeable user that uses adblock, noscript, betterprivacy, use privately encrypted TOR when about (Iron Key) and only allow certain cookies. I used to recommend it to people, but now it seems just as bad (GASP) as IE with a standard install. I agree with jkrise (First Post!), there needs to be something like sub-builds that focus on security. I still like firefox better, as I occasionally evaluate the other browsers, and find them all lacking more than firefox in some areas. Just my two cents of subjective opinion though. Carpe Out.

Re:Marketshare Issues.

[socsoc]

I am a halfway knowledgeable user that uses adblock, noscript, betterprivacy, use privately encrypted TOR when about (Iron Key) and only allow certain cookies.

Do you really feel this is necessary? Sounds like you are jumping through a lot of hoops and degrading your browsing at the expense of a tin-foil hat.

Re:Marketshare Issues.

[carp3_noct3m]

Like I said, I only use the TOR on my ironkey when I'm say at class on an open wifi signal. The cookie thing is annoying as hell at first, but, as well as with noscript, once you have gone to the majority of the sites you frequent, its not an issue anymore.

Re:Marketshare Issues.

[TheReaperD]

Do you really feel this is necessary? Sounds like you are jumping through a lot of hoops and degrading your browsing at the expense of a tin-foil hat.

If you are doing anything of importance with your browser, yes. If all you do is surf the web all day, then usually, no.

If you work with online banking, do other forms of commerce online, then you need to treat your web browser like your bank should because it is, by extension, your bank. If any form of VPN connections are used to your work, then you need to treat your computer as a work computer and secure it appropriately. Also, if you surf for porn, you really need to use this as the most nasty exploits are routinely found on these sites. Since a majority of people do the first and/or third they now go in the category of needing to secure their browsers.

Re:Marketshare Issues.

[Spyware23]

You can't just ignore the problems away. If you'd start reading various specs (esp. Javascript-related ones) you would realize that enforcing extra security is just common sense.

In addition to the add-ons listed above, may I recommend SafeCache and SafeHistory, you will most likely need Nightly Tester Tools (another add-on) to override compatibility (warning, etc).

Re:Marketshare Issues.

[thePowerOfGrayskull]

I am a halfway knowledgeable user that uses adblock, noscript, betterprivacy, use privately encrypted TOR when about (Iron Key) and only allow certain cookies

And here are us uninformed louts who somehow manage to squeak by without any of these - and no A/V or software firewall to boot - and haven't gotten compromised in over 20 years...

Re:Marketshare Issues.

[someSnarkyBastard]

http://www.google.com/search?hl=en&client=firefox-a&rls=org.mozilla%3Aen-US%3Aofficial&hs=tqT&q=--inurl%3A+porn&aq=f&oq=&aqi= 215M hits for porn, so you were saying?

Re:Marketshare Issues.

[broken_chaos]

Like I said, I only use the TOR on my ironkey when I'm say at class on an open wifi signal.

What are you doing at class that needs privacy/security from those around you on wifi, but not from an unknown party (the TOR nodes you're routing through)?

Re:Marketshare Issues.

[rsborg]

... but thats because I am a halfway knowledgeable user that uses adblock, noscript, betterprivacy, use privately encrypted TOR when about (Iron Key) and only allow certain cookies....

First time I've heard of betterprivacy, which is VERY cool. Thanks for the tip. (Just a note: it seems, according to the BetterPrivacy addon summary, it will help ALL your browsers because LSO's like flash cookies are cross-browser, so deletion of these will generally make you much harder to track on all browsers as long as you (like me) launch FF once a day or so). Link to BetterPrivacy addon.

I've been charmed by Chrome and Safari, but plugins like this are hard to find on the other browsers... go FF!

Re:Marketshare Issues.

[carp3_noct3m]

The TOR nodes I'm routing through are privately encrypted by IronKey and are not public. I am doing work related stuff (I am both a Computer Contractor and Personal Security Contractor).

Re:Marketshare Issues.

[BenoitRen]

Issue's like these

What the hell bit you to put an apostrophe there?

Re:Marketshare Issues.

[BenoitRen]

Also, if you surf for porn, you really need to use this as the most nasty exploits are routinely found on these sites.

IE exploits and social engineering, sure. Firefox exploits? I don't think so.

You're really being paranoid if you use NoScript and TOR. All that's needed is a regularly updated web browser that isn't IE, and common sense (even though it's not that common in the realm of computers).

Components specifying version compatibility ...

[BitZtream]

Works great, till you have someone like myself, who just specifies that my components are compatible with Firefox 2.* to 10.* so I don't have to worry about a new version claiming my plugin isn't compatible even though it is, which has happened enough in the past that I just don't care anymore.

Am I wrong? Yes. Is Mozilla wrong? Yes, you never trust the external code to tell you the truth, basic programming 101.

Re:Components specifying version compatibility ...

[maxume]

I take it you don't care about getting accepted by addons.mozilla.org?

Re:Components specifying version compatibility ...

[The+MAZZTer]

You can't upload such extensions to addons.mozilla.org, thus it isn't likely many people will use it. Right now extensions can only specify up to 3.6.*.

Re:Components specifying version compatibility ...

[kalirion]

Seriously, I wish Firefox gave you the user the option of "Yes, install this extension even though it's not marked as compatible, I ACCEPT FULL RESPONSIBILITY." It's a pain opening the archives and updating the version compatibility values manually.

Re:Components specifying version compatibility ...

[traycerb]

The addon Mr. Tech Toolkit has this option. Under its options Misc -> XPI install options -> Enable Addons Compatibility checking

Re:Components specifying version compatibility ...

[Sockatume]

So, you just have it assume that it's compatible in perpetuity? Even though it might not be? Surely you can see why Mozilla thinks that defeats the whole purpose of having add-ons declare compatibility.

Re:Components specifying version compatibility ...

[kalirion]

I'll give it a shot, thanks!

Re:Components specifying version compatibility ...

[RiotingPacifist]

FF less than 3.6
      1. Right-click -> New -> Boolean
      2. Name: extensions.checkCompatibility
      3. Value: false

FF more than or equal to 3.6
extensions.checkcompatibility. is used instead (bug 521905). "" is the application version, including alpha and beta releases but excluding minor version updates. For example: Firefox 3.6b2 -> extensions.checkCompatibility.3.6b Firefox 3.6 -> extensions.checkCompatibility.3.6 and Firefox 3.6.1 -> extensions.checkCompatibility.3.6.

it's all here, did you even look before complaining?

Re:Components specifying version compatibility ...

[Ihmhi]

What if Mr. Tech Toolkit is incompatible with the current version of Firefox?

Re:Components specifying version compatibility ...

[clone53421]

It's just an about:config setting. Firefox won't care if Mr. Tech Toolkit says it's incompatible, as long as the setting was already made.

Re:Components specifying version compatibility ...

[FlyingBishop]

Install nightly tester tools. I don't imagine those will ever become incompatible, seeing as they're used for people testing the nightly builds.

Re:Components specifying version compatibility ...

[BitZtream]

Not one bit, my add ons are part of a commercial service and would be of no use to anyone on addons.mozilla.org. Of course, pretty much none of the ones on addons.mozilla.org are effected by this change anyway since they've already been given the once over and told to fix those sort of issues anyway.

Re:Components specifying version compatibility ...

[BitZtream]

I do, but far too many times has the addon been compatible but disabled because it says its only valid for older versions. So they have to upgrade, go through a hassle and delay as I have to package up a new version, which is part of a larger package, so that has to be rebuilt, uploaded blah blah blah.

Nothing particularly hard, but I've yet to have the plugin broken by a Firefox upgrade. I did have one case where functionality was reduced but the plugin detected it and fall back to another method anyway, which was a check to deal with a situation caused by another plugin changing some core functions (javascript) of the UI.

I know why its there, I don't think its a bad idea, but trusting the plugin to be honest is a mistake on their part, and forcing the plugin to be disabled with no easy way to reenable it is just freaking annoying to users when you release new versions as often as Mozilla does.

Geeks may be fine with tweaking and hax0ring all the time, the random people our software sells to on the other hand just want things to work so my way works better for them.

Re:Components specifying version compatibility ...

[Ihmhi]

It was a joke. Don't worry, though. That joke is going to be good because I'm going to take all the words out and add new words. That joke will be fixed.

Anti-competitive?..

[mi]

prevent developers from sneaking add-ons into the program

Not that I disapprove of this particular decision, but imagining the Slashdot's reaction to Microsoft implementing a thus-describable feature makes my head spin...

Re:Anti-competitive?..

[maxume]

I don't know, people mostly criticized UAC for being ineffective, and it is at least similar in spirit.

Re:Anti-competitive?..

[solevita]

Sounds like Mozilla is securing Firefox; I imagine the average Slashdotter would approve of Microsoft doing to the same to IE. I don' t think this is related to anti-competitive behaviour, it's just ensuring that plugins act as plugins and don't overstep the boundary into application code.

Re:Anti-competitive?..

[Nimey]

Mozilla isn't a monopoly, unlike Microsoft's operating system business.

Re:Anti-competitive?..

[mi]

Sounds like Mozilla is securing Firefox; I imagine the average Slashdotter would approve of Microsoft doing to the same to IE. I don' t think this is related to anti-competitive behaviour

The browser, it has long been declared (and accepted) is a platform. Imagine Microsoft blocking "unapproved" software on the platform it controls — Windows... In the name of security...

No, the only real defense for Mozilla here is that, unlike Microsoft, they aren't a monopoly... Only one of the responders pointed this out...

Doesn't extend to all externally-installed add-ons

[Todd+Knarr]

I notice this doesn't extend to plug-ins and extensions found via the various plugins directories and registry keys. If it were me, I'd extend this feature to include saving a list in a locked-down location of all known extensions/add-ons found via the plugin directories and via registry keys. Every time the browser started, if it found a plugin or extension being loaded via the registry or a plugin directory that wasn't on the list, it'd notify the user what the plugin was and ask whether they wanted it enabled or not. That way nothing can get added to the browser without the user knowing and approving of the change.

Down in the advanced options I'd add a setting to give expert users the additional option of removing the plugin by either removing it's files from the plugins directory it was found in or removing it's registry keys depending on how it was found.

That was the idea behind Firefox/Firebird/Phoenix

It was supposed to be a stripped down browser, instead of the bloat of the full Mozilla. And, when they started, they were close. But now they seem to be heading back in the other direction.

The actual problem is...

[JustNiz]

The acutal problem is that firefox blindly loads whatever is in that directory.
Locking the directory is a hack of a solution that others, especially Microsoft will easily find a way around. The proper answer is that Firefox needs to compare components it finds by their signature (checksum and name combo or whatever) with a secure list of components it is authorised by the user to load, before it loads them.
The other fix firefox needs is to deny installed extensions the ability to prevent the user from uninstalling them (like Microsoft's .NET framework firefox extension did).

Re:The actual problem is...

[Nemyst]

Simply put, they should have an "approved" list within the browser's data as opposed to a "disabled" one like they appear to have now. Any new plugin found is disabled until added to the approved list by the user. Sure, it'd probably be possible to edit the list upon installation of said add-on, but that should lock out legitimate developers from doing it (Microsoft wouldn't do that for instance). Malware writers will always find a way I guess.

Re:The actual problem is...

[fluffy99]

It'd also be nice if verified plug-ins were signed by Mozilla, so the user knew they were safe. Perhaps make use of some of that peer-review that all the OSS folks claim is constantly happening? If it looks kosher, bless it with a digital signature like Microsoft does? Firefox has become a victim of lots of crappy add-ons. Keeping a list of unsafe add-ons would also be helpful (again list MS does).

Re:The actual problem is...

[BZ]

> they should have an "approved" list within the browser's data

That's precisely what this fix does.

> as opposed to a "disabled" one

I have no idea why you decided there's such a list. Was it something in the article?

That's assuming you're talking about component loading, not add-ons; from the latter part of your comment it sounds like you're talking about add-ons...

Re:The actual problem is...

[jonaskoelker]

Well, I'd think that whenever you update the list, you'd make the user enter a password which you'd then run through a PBKDF to generate a signing key for a signature system (having already stored the validation key). Whenever you access the validation key, have the user input the password again (so you can re-make the signing key and check that the validation key is in fact the one the user doesn't know he wants it to be).

[oh, and if you can't compute the validation key]

Change the list, sign it, store the signature, then promptly forget the signing key.

Note how the parent said "a secure list [...]"?

If your response is "but the attacker can peep at your memory when you generate the signing key", then my response is "if he can do that, he has already pwnt you. Nuke from orbit, try again."

Re:The actual problem is...

[RiotingPacifist]

with a secure list of components it is authorised by the user to load, before it loads them

Trying to secure what is on the users disk is hard, the best Mozilla can do is ask the OS to keep the disc in the same state (what they are doing)
Alternatively they could sign all the extensions but would make starting up slow. At the end of the day there is nothing they can do that MS can't work around, however with help from MS they can prevent anybody else doing the same.

IMO this is the sort of thing an improved apparmor should handle by only allowing firefox (and basic utilities) access to ~/.Mozilla (but there isn't much demand for securing the Linux desktop as people put all their faith in repos)

Re:The actual problem is...

[clone53421]

I have no idea why you decided there's such a list. Was it something in the article?

You mean this?

Re:The actual problem is...

[Late+Adopter]

There's a problem, though, that there's no difference between a user interactively and his processes (well, Windows has an interesting hack for UAC). Trying to prevent my programs from doing something ends up being inseparable from trying to prevent ME from doing something. Any such method (signed whitelists) ends up being DRM, and that sounds just as bad when it's done for my protection, since you've done it without my permission. And then if there were a way to let me turn it off, my processes could do that too. You see the dilemma.

Ultimately, you have to trust the OS permission model and give the user the power to fuck up everything he has rights to. More ideally, we start using OSes with capability-based security systems and properly sandbox apps.

Re:The actual problem is...

[BZ]

Right, for add-ons there's a blacklist of add-ons that are ignored even if installed. By default add-ons are not installed, of course.

For components there's a whitelist of which ones will be loaded.

This slashdot article is about the latter, not the former.

Re:The actual problem is...

[clone53421]

I think you're a little confused. Maybe I'm just not understanding your point.

Add-ons (extensions, themes, and plugins) that are known to cause stability or security issues with Firefox are put on a "blocklist."

"Components" = plugins. Go to the Add-ons window... you'll see separate tabs for Extensions, Themes, and Plugins. So the "blocklist" does apply to plugins, or "components" as you're calling them.

Re:The actual problem is...

[BZ]

> "Components" = plugins.

No, "components"is very much not plug-ins. Plug-ins are binary object files that are loaded by the browser and interact with the browser via NPAPI. Components are either JavaScript or binary object files that interact with the browser via XPCOM. See https://developer.mozilla.org/en/Creating_XPCOM_Components for details.

A major difference is that NPAPI is a restricted API which allows plug-ins to make certain requests of the browser (and vice versa), while XPCOM is the internal object model of the browser and allows access to most of the browser objects (including direct access to the internal layout data structures in some cases, for binary components).

Another major difference is that NPAPI has a backwards-compatible ABI, while XPCOM in general does NOT. In particular, the ABI changes in various ways with every Gecko version, and a binary XPCOM component compiled against one Gecko version will almost certainly crash if run against a different one, unless it takes some not-that-trivial precautions to avoid that.

This last is the reason for the components white-list: a number of apps have been tossing binary object XPCOM components into the Firefox install directory, and as Firefox got more popular there have been more and more of these. The old behavior was to load the components from that directory (on the possibly-naive assumption that it's the Firefox install directory and hence components in there are part of Firefox). This caused serious problems when users started upgrading from Firefox 3.0 to Firefox 3.5, because suddenly components compiled against Gecko 1.9.0 were running against Gecko 1.9.1 ... and by and large crashing. Since it looks like convincing other software vendors to not mess with your install directory is not likely, the alternative approach of hardcoding the list of components to load was taken.

Someone who wants to install a binary XPCOM component can continue to do so in an extension, with the major difference there being that extensions have version compatibility checks performed; an extension that only claims to be compatible with Firefox 3.0 won't be loaded by Firefox 3.5.

Hope that makes things clearer.

Re:The actual problem is...

[BenoitRen]

You're talking to BZ, one of the major Mozilla developers, pal! I don't think he'll get confused about that. :)

Re:The actual problem is...

[BitZtream]

And how well do you think this will go over with corporations which require specific extensions to be used by employees?

I know of several that have required extensions for Thunderbird, users aren't allowed to disable them. The user is not always authorized to make changes like this to the system.

You have a very limited view of the computing world.

Re:The actual problem is...

[clone53421]

Oh. :X

Re:The actual problem is...

[JustNiz]

Simple. Change permissions so only the admin can modify the list of allowed plugins.

>> You have a very limited view of the computing world.

Yeah probably. but at least I'm not rude and insulting.

Re:That was the idea behind Firefox/Firebird/Phoen

[MyFirstNameIsPaul]

That's why I started using Phoenix in the first place. However, I am guilty of running up to a dozen plugins...

Re:Doesn't extend to all externally-installed add-

[BitZtream]

You do get notified when at least some of those methods are used the next time you start Firefox. Pretty sure it's been that way since shortly after the MS plugin fiasco.

nethack

[SnarfQuest]

If it doesn't allow rogue add-ons, does it allow nethack ones?

Re:nethack

[thelenm]

Sure, it's roguelike.

Re:Open source

[maxwell+demon]

They don't disable installing the plugins, they disable installing them the wrong way.
And of course, you can always get the Firefox source and disable the check, if you really want.

Re:That was the idea behind Firefox/Firebird/Phoen

[Reapman]

Tired of reading these sorts of comments. Sure there's some "bloat", but what that bloat is varies by opinion. I've read where supporting CSS is "bloat". Graphics are "bloat". tabs are "bloat". RSS. etc.

My understanding (and please tell me if I'm wrong) is the point of Firefox was to supply a WEB BROWSER. Back then when you downloaded it you also got an email program, news reader, wysiwyg website builder, etc. Firefox was JUST a browser. Still is.

If you REALLY want where everything is an option go build it yourself. Have something where you choose which renderer you want (Moz's, Webkit, etc), whether or not to have tabs, allow plugins, command line version, etc. Hit next a few times and presto your very own browser.

Will this keep out Adobe's crap?

[Choad+Namath]

Will this prevent Adobe from installing their mongoloidish "Download Manager" Add-on that's set up to start every time you open a new window instead of just running when you start your browser?

Re:Will this keep out Adobe's crap?

[argent]

Probably not: Firefox still has to handle platform-based plugins written for APIs that predate the Firefox extension framework. I'm sure that Acrobat will keep reinstalling itself, too. :(

Re:Will this keep out Adobe's crap?

[clone53421]

Wait, what? That add-on ran, downloaded what it was supposed to download, and then I uninstalled the add-on (or maybe I didn't, since I read that it was supposed to remove itself automatically anyway – I don't remember). It didn't cause me any undue hardship.

IE and extension blocking

[Jim+Efaw]

I seem to remember that IE 8 does something like this when it's first installed, asking if you want any IE extensions enabled at all, and whether you want IE extensions blocked until you approve them, or something of that nature. But suffice to say that I don't install IE often enough to remember for sure.

It's not that simple

[carp3_noct3m]

It really isn't that simple. You could be running *nix or a mac. You might go to the same 3 sites everyday, but never browse new things. Due to the nature of the ways browsers are installed by default (which you imply you are using) you could get infected by even legitimate websites (who resell adspace to unscrupulous buyers) and not even realize it. With no tools, how do you propose to prevent cross-site scripting attacks, Java-script attacks, etc? I actually don't run a/v on personal systems. But I do run daily scans (while I'm at work) with multiple tools. I used to use no software firewall, relying on my strict PIX access-lists to protect me, but now I am using windows 7 and the firewall is so granular it is a good extra step. You are actually a malicious wet dream, someone who thinks they have everything so secure, that as long as you hide the bot/trojan etc well enough, they will never know they are a zombie machine. Just because you haven't been infected in over 20 years doesn't mean you can't get infected tomorrow. So, either you customize your browser intricately (JS, active-x settings, etc) or your just playing Russian roulette. Read this for tips on where you might be lacking. http://www.cert.org/tech_tips/securing_browser/

Re:It's not that simple

[TheReaperD]

You're forgetting one option: Just because they think they have not been compromised in 20 years does not mean that they haven't. The best exploits are the ones the user never sees. If they don't run any of these tools or their equivalents, how would they ever know if they were compromised unless they were hit with a bad quality exploit (I admit, there's a lot of these) that made itself obvious?

Re:It's not that simple

[IntlHarvester]

Expecting every user to whitelist all of their web content is certainly the most impractical plan ever (and doesn't address the real problem of social engineering anyway).

Using things like Tor isn't just impractical, it's paranoia.

How about browser vendors getting their shit together instead? Firefox is a prime example, loudly promoted as "secure", but actually a cheap whore for any DLL someone decides to throw onto your computer. If they focused on building effective sandboxes first rather than "development platforms" (that nobody asked for), the majority of this problem wouldn't exist.

Re:It's not that simple

[carp3_noct3m]

I am currently talking about personal computing, business computing is a bit different. So until the browser vendors do get their shit together, it is up to the user, no matter how practical, to secure themselves. Much like one of the reason when I'm in the CONUS I have my CCW (Concealed Carry License) and do carry, because the police and other factors are reactionary, in this world, you have to be prepared to protect yourself, physically and electronically, unless you trust the entities that are supposed to do it for you. It's not paranoia if they're really after you.

Re:It's not that simple

[clone53421]

I spent a long time on an unprotected Windows box without being compromised, and I know this because I did periodically run tools to verify that I hadn't picked up an infection. I just didn't have a resident AV client to hold my hand the whole time.

Of course, then I visited a seedy website *once* in IE (can't remember why I was using IE... the computer was on its last legs and having hardware & data corruption problems, so it might have been right after I'd reinstalled Windows) and got instantly 0wned. Windows Firewall popping up a blocked connection on a program whose name and description are in Russian? Not a good sign... whereupon I redeemed myself by breaking out Task Manager, Regedit, and Windows Explorer and cleaning it off manually.

Re:It's not that simple

[clone53421]

Using a live CD gives you pretty good assurance that you're going to catch anything.

To be entirely sure, yeah, you'd need to take out the hard disk and scan it from a known clean box.

Anyway my new computer has NOD32, which I'm pretty confident in.

Re:It's not that simple

[thePowerOfGrayskull]

I run clam AV against my windows partition on linux boot once a month to make sure I can maintain my compromise-free boast ;)

Re:It's not that simple

[thePowerOfGrayskull]

It's not paranoia if they're really after you.

But if they're not... it is...

Not about the conceal carry (I've one too). Heck, if it makes you feel secure to do as you do, then carry on. Frankly, if you wanted to be truly secure, you'd have a dedicated VM for browsing that you restored to snapshot after every session. As far as TOR... the extent that others care about someone's Internet comings and goings is often far, far overestimated.

Me, I'll continue on in my somewhat-tweaked-install of FF and my monthly clam-av scans under linux boot. And I'll keep hoping that in my ignorance, I don't get pwned ;

Simply not security minded.

[Lord+Duran]

I honestly don't understand why a web browser, which today is a platform for doing almost anything, would let any foreign code run without an explicit user request/confirmation - in the form of a standard, Firefoxy window the user knows. It's simply not security minded. Don't trust other people's code!

Um, what's this then?

[argent]

JavaScript C-Types

Some add-on authors create binary components not because they want to interact with Firefox at the C++ level, but strictly so that they can make use of third party DLLs. If this is the only reason you are using a binary component instead of JavaScript, take a look at the new JavaScript C-Types support introduced in Firefox 3.6. It allows JavaScript code to load functions from DLLs on windows, and should allow you to eliminate your dependence on binary components entirely. This leads to a better compatibility path as new versions of Firefox are released.

They say this can only be used from Chrome, but... um... I'm still not happy about having this in the API at all. :(

Re:Um, what's this then?

[maxume]

Why? It doesn't increase the damage that a malicious component can do, in any way (hell, a malicious component could offer the C-types support itself).

Re:Um, what's this then?

[argent]

I'm concerned about privilege escalation from untrusted objects. There's already been on installer fix for a privilege escalation from an arbitrary web page.

Re:Um, what's this then?

[maxume]

Do you have a pointer to more info?

Re:Um, what's this then?

[argent]

This is an old one, Same-origin violation with InstallTrigger callback, but there have been later errors in XPInstall. the whole installation mechanism is unnecessarily tricky.

I would like to turn the XPI installation mechanism off completely, and only install extensions by downloading them to the local file system and installing them explicitly from a command line or menu. There doesn't seem to be a way to do this.

Also, recently found was Chrome privilege escalation in XPCVariant::VariantDataToJS(), and a few other privilege escalation attacks in Chrome.

This kind of thing makes me wish there was a good alternate gecko-based browser on Windows, like Camino on the Mac, so the whole XPI/XUL/Chrome mess could be avoided.

Re:Um, what's this then?

[maxume]

It used to be possible to drag and drop an xpi to install it, but I have no idea if this works in recent versions. Remove addons.mozilla.org from the add-ons whitelist and you get most of the other half (the mechanism isn't quite disabled, but you shouldn't ever see an install popup, just a warning dropdown; the whitelist is accessed using the 'Exceptions...' button next to the 'Warn me when sites try to install add-ons' check box on the Security panel of the options dialog).

I just tried dragging and dropping an xpi, and it at least initiated the install process (but I canceled after that).

Re:Doesn't extend to all externally-installed add-

[mounthood]

Every time the browser started, if it found a plugin or extension being loaded via the registry or a plugin directory that wasn't on the list, it'd notify the user what the plugin was and ask whether they wanted it enabled or not.

Don't ask me anything. Add-on's and extensions should only be included if you go to a Firefox UI and turn them on. There won't be any stealth additions, and if people really want some plug-in they'll figure it out, and the vendors will help by giving instructions.

Also, don't ask me about upgrades. Just upgrade the plug-in when starting (and restart if you must), and give me a way to lock an add-on at a particular version.

Anti-competitive my ass

[GrumblyStuff]

What, you mean, MS prevent programs from being installed or even piggybacking on other installs?

I don't know of anyone who'd be against that except the sales/marketing assholes of the world.

But that's ok. You seem to have a straight head judging from your sig.

Re:Rogues

[VGPowerlord]

Spies do it from behind, pretending to be someone else!

Re:Sounds like an improvement

[tpwch]

The way to handle this in firefox is to create separate browser profiles, one locked down for online banking and other stuff where you need extra security, and one for causal browsing. This is more secure than the way IE handles it.

Re:That was the idea behind Firefox/Firebird/Phoen

[Requiem18th]

No no no, I think he's right, images, toolbars, panes, tabs are necessary infrastructure, RSS is not, the awesome bar is not, bookmarks are not, the question is, does this look like an extension? then why not make it a *default* extension? That way disabling the "bloat" would be easy for those who care and invisible for those who don't.

Put differently, why don't firefox devs learn to write extensions?

Ninite installs only programs you pick?

[KWTm]

I think what you and the others that hate toolbars want is a nice little thing called Ninite. Dozens of programs including Foxit to choose from (and you can suggest more) and NO TOOLBARS. I just installed the latest Foxit in both WinXP and Win7, zero toolbars. it also makes it butt simple when you are building or repairing a PC which of the major programs you want installed without having to play "installer monkey".

Just pick the programs you want from the list, download the installer, and away you go. Has all the biggies like Chrome, Songbird, Aimp, Foxit, OO.o, Pidgen, Irfanview, etc. Really easy peasy and nice, so enjoy!

Wow, it's so easy to use! It's almost like having Synaptic for MS Windows programs!

Re:Ninite installs only programs you pick?

[hairyfeet]

Sweet, isn't it? It is also a great way to try out programs, since you don't have to worry about missing a toolbar checkbox or any of that BS. I never got around to trying ImgBurn, but since my old Nero 6 isn't compatible with Win7 I thought I'd give it a spin, I find it nicer than Nero for the kind of straight DVD backups I'm doing.

So be sure to spread the word to all your friends. Ninite makes it easy peasy for folks to add the latest and greatest without worrying whether they know what they are doing or will forget to uncheck the toolbar boxes. It is especially good for those that for one reason or another are having Flash problems. Just have them check Flash, run the installer, and voila! It is all done, no muss or fuss. And if there are any freeware programs you like that aren't on the list just let them know. This thing has the potential IMHO to become a Synaptic for Windows!

Re:Ninite installs only programs you pick?

[jonadab]

> This thing has the potential IMHO to become a Synaptic for Windows!

There are other problems, though, most of them stemming from the fact that neither Windows nor the applications in question are designed for this.

For example, it is traditional, in the Windows universe, for developers to give their software the most completely insane default install options they can dream up. For instance, by default, IrfanView doesn't associate itself with most of the file types it supports, even important ones that you probably don't have any other software for (e.g., TIFF). Similarly, OO.o is afraid to associate itself with .doc by default, even though you don't have MS Office. (I guess they think someone might actually want to use WordPad, or maybe they were just on drugs.) Other software thinks its a good idea by default to associate itself with file types it doesn't even support properly and which you probably have other software for. Some software has lots of optional components, in which case the defaults for which ones to install are never what you would actually want. And so on. Everyone who's ever had to manage Windows systems knows the rule: never ever pick the default/easy/express install option. *Always* pick the advanced/custom option. This rule is much older than the "browser toolbars" that Ninite says it says no to.

How does Ninite cope with install options?

Re:Ninite installs only programs you pick?

[hairyfeet]

Actually with nearly 15 years in the PC repair biz I can tell you with authority that a good 97+% of users pick the default install, which is why i have to clean out toolbars and why Ninite is a blessing.

Now if you want to tweak the hell out of the program and THEN have it automated, the tool you are looking for is NOT Ninite but Almeza. It is $30 but has a 30 day free trail. I haven't tried it on Vista/Win7 yet, but on XP it made the most awesome software install discs. Open Office, Klite Mega Codec pack, anything you wanted to serious tweak and then automate Almeza was the way to go, I just haven't had time to give it a spin on Win7. If you do let me know how it goes.

But you are complaining Ninite is a hammer and you want a band saw. Ninite is made for the average home user who just don't want to do the "toolbar tango" and I can tell you from experience a good 97+% have no clue what all those options are, hence why they always use default. If you are a power user you may want something more complex, and that is where Almeza comes in. Almeza also has features Ninite don't like making auto-installing CDs/DVDs. So to me it is all about having the right tool for the job, Ninite for basics and Almeza if you want total customization.

Re:That was the idea behind Firefox/Firebird/Phoen

[Zixaphir]

Have you even actually compiled Firefox before?

This is one that really needs to come as default:

Christian Anti-Porn 1.0.5.

Flee sexual immorality (1Co 6:18). Christian Anti-Porn will filter links and alert the user if any porn websites are clicked. This will not block but warn every Christian that he is going to crucify Jesus Christ again if he proceeds to such websites.

Re:That was the idea behind Firefox/Firebird/Phoen

[Reapman]

Misunderstood what I said, but I didn't write it very well. What I'm saying is a core feature for one isn't for another. I have ZERO problems with the Awesome Bar, I rather like it. I have zero use for RSS, wouldn't miss it if it was gone. However it being there doesn't hurt me any more then Minesweeper being on my computer when I install Windows.

What I'm tired of is people saying that Firefox is as bloated as Netscape Communicator or Mozilla was in the day. We're not even remotely near that. When they make Thunderbird a mandatory part of Firefox, I'll be concerned.

Re:Sounds like an improvement

[Eravnrekaree]

Oh no, does this mean i have to have a seperate instance of firefox open or that i would have to completely shut down firefox just to switch from slashdot to a bank website? Youve got to be kidding me. IE will automatically apply the right settings without restarting when you go to a website, so i dont accidently visit the website with the wrong profile. With that pathetic idea on firefox i would have to completely shut down firefox and restart it with a different profile, and if i forgot to do that i would blow my entire security scheme. IE does it automatically and that is safer. So no, your idea will not work and is not safe.

Re:Sounds like an improvement

[Eravnrekaree]

Are you a Firefox developer. Why can;t Firefox just implement such a basic security feature as Zones, and furthermore it should be in the main browser since we all agree everyone should use it. Why not? The fact that IE has more security features than Firefox is just pathetic, quite frankly, it could be the case that IE is even safer and protects your privacy more with its Zones feature and as long as you keep it up to date. Why is Firefox so opposed to user friendliness and so ignorant of users needs?

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:That was the idea behind Firefox/Firebird/Phoen

[Requiem18th]

I didn't misunderstand what you said, I know very well that what is bloat for someone might be a must for someone else, that's why extension are for, it allows you to have features in your browser that most users wouldn't like by defalut. The point is that, there being a perfect tool for extending and configuring Firefox, Firefox dev use, why? Even if you *Reapman* don't mind it someone else... lots of someone elses, do mind.

Actually I think you are the one missing the point saying that people can't say Firefox is bloated, you are taking a users are wrong approach, if enough users think your app is bloated then it is bloated. Or rather ask, what right you have to say it isn't bloated? Just because it is fine for you it doesn't mean it is fine for everybody.

Note that personally I don't find Firefox to bee too bloated, is just that I think the "core + default extensions" is the right way to go at this point in the life-cycle of Firefox.

Re:Are you familiar with italics tags?

[Toonol]

But caps are more standardized. Many forums don't handle italics. There's nothing wrong with the OCCASIONAL capitalized word for emphasis.

Re:That was the idea behind Firefox/Firebird/Phoen

[BenoitRen]

My understanding (and please tell me if I'm wrong) is the point of Firefox was to supply a WEB BROWSER. Back then when you downloaded it you also got an email program, news reader, wysiwyg website builder, etc.

This implies that at one point in time you did get all that with Firefox, when you're really talking about what is now SeaMonkey.

Gorgor?

[rirugrat]

Now how I am going to view Gorgor's links on FARK without Greasemonkey? Wait, that might be a good thing...

To Mozilla: THANK YOU!

Few things annoy me more than having a piece of software I install on my PC start fscking with other programs from other vendors. I found out some malicious program slipped a MS DRM plugin into my Firefox on my XP netbook (ALL DRM is malicious). I have to use Windows on the netbook for accessibility purposes because the magnifiers for Linux perform terribly on the thing. That doesn't give MS the right to infect my browser as part of their crusade to control the Internet.

So, in a world where we can't even trust the proprietary OS that we disabled folks are forced to run, thanks for taking steps to protect us from it, Mozilla.

Re:WHAT!!??!!

[Runaway1956]

Wait - you think that an ex-cheerleader and ex-beauty queen is qualified to be POTUS? A woman who was caught up in scandal while serving PART of a term as governor? The same woman who QUIT HER JOB as governor, so she would have time to write a book? THAT Sara Palin? PUH-LEASE!!!!

Be honest - Palin's strongest point is her looks, and her second strongest is her faith in God. What else can she bring to the (arguably) most powerful office in the world? Please, don't ask me to vote for her cup size. I'm as lecherous as any 50 year old, but those mams won't do us any good at all when the shit hits the fan.

Re:WHAT!!??!!

[Sarlin]

At least her nipples are bigger than our current president's balls!

Re:This is one that really needs to come as defaul

[badkarmadayaccount]

Something tells me we are in for a nail shortage.