Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox 31 Released

Posted by Soulskill on from the baskin-robbins-edition dept.

An anonymous reader writes Mozilla has released version 31 of its Firefox web browser for desktops and Android devices. According to the release notes, major new features include malware blocking for file downloads, automatic handling of PDF and OGG files if no other software is available to do so, and a new certificate verification library. Smaller features include a search field on the new tab page, better support for parental controls, and partial implementation of the OpenType MATH table. Firefox 31 is also loaded with new features for developers. Mozilla also took the opportunity to note the launch of a new game, Dungeon Defenders Eternity, which will run at near-native speeds on the web using asm.js, WebGL, and Web Audio. "We're pleased to see more developers using asm.js to distribute and now monetize their plug-in free games on the Web as it strengthens support for Mozilla's vision of a high performance, plugin-free Web."

20 of 172 comments (clear)

  1. Spyware companies will love it by Anonymous Coward · · Score: 5, Insightful

    No disabling Canvas tracking and they even included
    navigator.sendBeacon by default so "analytics" is easier to send using onunload handlers. thanks Mozilla , i cant tell you how many users asked for that feature

    Mozilla : comitted to your privacy*

    *not applicable in your area

    1. Re:Spyware companies will love it by mythosaz · · Score: 4, Informative

      Some background - since I was unaware:
      http://www.ghacks.net/2014/07/...

    2. Re:Spyware companies will love it by Anonymous Coward · · Score: 3, Insightful

      You mean the same thing that you could already do a number of ways, but had to be synchronous. You have to completely remove onunload and onbeforeunload to prevent such things.

    3. Re:Spyware companies will love it by roca · · Score: 3, Informative

      sendBeacon was already possible with JS using XHR, just in a slower and more user-unfriendly manner. And unlike XHR, you can disable sendBeacon without breaking the Web, so it's actually better for privacy.

      However, if you want to completely prevent any sendBeacon-like activity, you need to just disable JS on that page.

    4. Re:Spyware companies will love it by Anonymous Coward · · Score: 4, Insightful

      Read again what I wrote: Don't let scripts read back the canvas content.

      Note that web browsers have previously removed features to protect privacy. For example, the ability to use arbitrary styles with the :visited selector was removed to prevent web sites from partially reconstructing browsing history.

      Another feature that needs to be removed is access to all locally installed fonts except for a minimal set of default fonts. With web fonts this is hardly a limitation, but access to local fonts enables a very effective fingerprinting technique.

  2. no thanks by xeno · · Score: 3, Insightful

    I'll install it when that godawful Australis interface is rolled back or replaced with something less eye-bleedingly bad. (And no, the craptastic classic plug-in is not a long-term solution.) For now, I'm holding at v28 (on Linux Mint or Ubuntu: "sudo apt-mark hold firefox"), and pondering what to do re security updates in the long run.

    Firefox has gone down the ugly-UI-shuffle-for-the-hell-of-it route, Chrome sends an astounding amount of telemetry back to the hive-mind, and IE's performance is still a total joke even if I can see past the OS implications and numbingly-bad design. Are niche browsers all we have left?

    --
    I think not...(*poof*)
    1. Re:no thanks by xeno · · Score: 5, Interesting

      ...and I'm not alone. According to Moz's own dev feedback tools, the Australis phelgm-globber of an interface has been trending at 80%-dislike from day one after introduction..

      http://www.lifehacker.com.au/2013/11/less-than-20-per-cent-of-users-like-firefoxs-new-australis-ui/
      https://support.mozilla.org/en-US/questions/999831
      http://soylentnews.org/article.pl?sid=14/05/12/133214

      --
      I think not...(*poof*)
    2. Re:no thanks by Anonymous Coward · · Score: 5, Insightful

      My gripe about the new Firefox is not the Australis interface per se, but it's an example of the core problem: Firefox removes features without giving you a choice or a way to re-enable them without plugins. For example:

      Separate Stop/Reload buttons. I get shivers of terror when I think back on the days of slow dial-up when a page would seem to hang when it was almost loaded, so I would go to hit the Stop button, only to realize in horror that it changed to Reload an instant before I pressed it, and the page would start loading again from scratch. I don't want buttons to change functionality due to forces outside my control. But hey, at least it saves a few pixels. (More on that later)

      The Find bar. Without a plugin, it can no longer be made persistent across tabs. Whose genius idea was it to not only change the default behavior, but to make the previous default behavior impossible? Did it ever occur to them that I might want to look up the same thing on more than one tab?

      Then there are the defaults they changed that don't require a plugin, but you do have to go into about:config to fix them. Separate download folders for different sites? It took me 3 weeks to figure out why after downloading several files I couldn't find them. They were in the default Windows Download folder, which I never use. Then it took me another 3 weeks to figure out why it kept jumping back to that folder, seemingly at random. Finally I figured out that it "helpfully" separated the downloads by site, which is a horrible way of doing it. And not only do you have to go to about:config to fix it, but the entry to fix it isn't even there! You have to add it yourself!

      Since I'm on a roll, I might as well bitch about my other issues with Firefox. How about their schizophrenic design philosophy?

      They remove the menu bar because it's using up too much screen real estate. (Ignoring the fact that the menu bar is a GREAT place to put toolbar buttons so you don't need an extra toolbar) All right, I disagree with their philosophy of trying to save every pixel they can for the page itself, but at least I can understand that it's a legitimate philosophy. Then they go and make the Back/Forward buttons gigantic so that they waste pixels that could be used on the page. Not to mention the wasted space from the rounded tabs, which means you can fit fewer tabs on screen at once. They should at least be consistent. If they're willing to waste space, why not "waste" it on stuff that's functional, like the menu bar?

      In short, the designers are (willfully?) ignorant of the fact that not everyone uses their web browser exactly the same way they do. They could avoid all the gripes by all the users if they did one thing: Any time they change the interface, add an easy-to-find checkbox under the options to restore the old functionality. It shouldn't require looking through about:config (and especially searching the internet for the correct item to add), or worse, a plugin, to change things back to the way they were. EVER.

    3. Re:no thanks by Anonymous Coward · · Score: 3, Informative

      I switched to Pale Moon, and I am very pleased. I used Firefox and its Mozilla predecessors since about v. 0.92, and I was horrified and traumatized by FF v. 29. PM is the browser Firefox should have been. The following is taken from the Pale Moon home page.

      Pale Moon is an Open Source, Firefox-based web browser available for Microsoft Windows and Linux, focusing on efficiency and ease of use. ...
      Pale Moon offers you a browsing experience in a browser completely built from its own source with carefully selected features and optimizations to maximize the browser's speed, stability and user experience, while maintaining compatibility with thousands of Firefox extensions many have come to love and rely on. ... ... contrary to what Mozilla has done with their redesign of the user interface, Pale Moon will continue to provide a familiar set of controls and visual feedback similar to previous versions, including grouped navigation buttons of a decent size, a bookmarks toolbar that is enabled by default, tabs next to page content by default (easily switchable) and not in the least a functional status bar and more freedom in customization, to name a few things.

      I switched to Pale Moon right after FF v. 29 came out. I was able to copy my FF user profile into the Pale Moon user profile directory and it ran without any particular problems. I have not used FF since then.

      Four Stars and two thumbs up for Pale Moon.

    4. Re:no thanks by bigfinger76 · · Score: 3, Insightful

      Why not just get the Linux version of Pale Moon? I did just that yesterday when my bookmarks toolbar disappeared, and so far I really like it.

    5. Re:no thanks by jenningsthecat · · Score: 3, Informative

      I'll install it when that godawful Australis interface is rolled back or replaced with something less eye-bleedingly bad

      If enough of us move to Pale Moon, (it's all I've used since shortly after Australis first shat all over my computer screen), then perhaps Mozilla will get the hint that we love Firefox, but hate what it's become. And if they don't get the hint, well, then we're supporting a viable alternative for the time when Mozilla gets eaten by the shark it just jumped.

      BTW, although the Linux version of Pale Moon is 'unofficial' and maintained by somebody outside the organization, I've had no trouble running it under Debian Jessie with all of my usual addons.

      --
      'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
    6. Re:no thanks by jenningsthecat · · Score: 4, Insightful

      > In short, the designers are (willfully?) ignorant of the fact that > not everyone uses their web browser exactly the same way > they do.

      Aren't you make that mistake yourself?

      No, he's not making the same mistake. He's perfectly willing to let others use the new design and features - he just wants a way to keep the old behaviour, and so do I.

      > Any time they change the interface, add an easy-to-find > checkbox under the options to restore the old functionality.

      That leads to an explosion of difficult-to-understand checkboxes in the UI, and an unmaintainable mess under the hood.

      I'm not very well qualified to comment on the 'unmaintainable mess', but it smells fishy to me. If Pale Moon can keep the old behaviour while incorporating the new security enhancements, surely Mozilla can keep the old UI and the new one without compromising maintainability. Especially since addon designers have been doing pretty much that for your users for 25 or more releases. And as for the 'difficult to understand check boxes', scratch them. Just give us a well documented set of 'about:config' entries that are already present and prefixed with something like "old behaviour" so can go to one block of entries, change them all, and be done. Heck, you could boil it down to ONE entry called 'browser.pre_australis_mode'.

      I'm pretty sure that won't happen though, not because it's too much work, but because Mozilla is hell bent on me-tooing their way into the future with all the other browser makers whose attitude is 'screw the users'. So in the meantime I'm using Pale Moon. Yes, I see the apparent hypocrisy in that decision. I hope Mozilla sees the hypocrisy of bringing private corporation attitudes to their ostensibly FOSS organization.

      --
      'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
  3. Re:We are wise to this by tepples · · Score: 5, Interesting

    If the "malware blocking" is anything like the analogous feature in Internet Explorer (called "SmartScreen"), then it's going to be harder for end users to download and install a newly compiled executable release of an application developed and self-published by an individual, even if that program is distributed under a free software license. IE repeatedly warns users that if an executable is "not commonly downloaded" by other IE users participating in SmartScreen, it should be deleted on sight, especially if the developer hasn't paid protection money to a member of the Authenticode CA cartel.

  4. Malware blocking for file downloads by Anonymous Coward · · Score: 5, Informative

    The "malware blocking for file downloads" is a severe invasion of privacy. It works by sending the URL of nearly every downloaded file to Google.

    When a binary file is downloaded, the user-agent extracts several pieces of metadata about the file, including:

            The target URL from which the file was downloaded, its referrer URL and any URLs in the redirect chain.
            The SHA-256 hash of the contents of the file.
            Any certificate verification information obtained through the Windows Authenticode APIs.
            The length of the file in bytes.
            The suggested filename for the download.

    ...

      Remote lookup (present in FF 32)

    The user-agent stuffs all file metadata into a ClientDownloadRequest protocol buffer and sends it to the remote service.

    This remote service is https://sb-ssl.google.com/safe...

    1. Re:Malware blocking for file downloads by Lennie · · Score: 5, Informative

      How to turn off this feature

      Do any one of the following:

              Turn off browser.safebrowsing.malware.enabled in about:config or in the Preferences > Security > "Block reported attack sites." This disables all Safebrowsing malware protection, including the warning interstitial that appears when the user navigates to a malware site.
              Replace browser.safebrowsing.appRepURL in about:config with an empty string. This disables application reputation checks but leaves other Safebrowsing malware protection intact.

      https://wiki.mozilla.org/Secur...

      --
      New things are always on the horizon
  5. Misfeatures by Arker · · Score: 3, Informative

    "Malware blocking" = yet another bad signature/reputation based scanner. If I wanted one, I would have one installed - and Firefox versions without this misfeature would still use it to scan, so in what universe was this worth doing?

    If you really want to do something about malware, disable javascript by default.

    "Automatic handling of pdf and ogg files" - I have a pdf reader already. I dont need another one, and I dont need one 'integrated' in my browser, period.

    "loaded with new features for developers." Pretty sure that means for advertisers.

    --
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-
    Friends don't let friends enable ecmascript.
    1. Re:Misfeatures by Anonymous Coward · · Score: 4, Informative

      Speaking of misfeatures, your entire post is in tt.

  6. Re:I would like (just) a web browser please by ultranova · · Score: 3, Interesting

    Any chance we can just have a web browser which just does normal browsing, doesn't take hundreds of MB to run, and starts in under a couple of seconds ?

    Next you'll be asking it to not leak memory like a sieve.

    --

    Forget magic. Any technology distinguishable from divine power is insufficiently advanced.

  7. Re:We need a new browser by sd4f · · Score: 3, Insightful

    I certainly think so. It's a real pity that mozilla is just becoming a dud social justice warrior organisation now. I guess the people who work for them all aspire to work for google, which is probably why their trying to do an orange version of google chrome...

    Since the UI changes, and getting rather annoyed with FF29 (or was it 30) which would constantly block stuff or ask for permission (like vista) to enable things, I just moved to opera. Not sure if it's good on the security and privacy side, but at least the UI, for the most part is lightweight. Needs a few improvements. I'd stick with FF28, but not very keen on running unpatched versions, and it was having many issues anyway with stability, so I guess it's better to just move along.

  8. User stats are daft. Mozilla is being led by fools by bussdriver · · Score: 4, Insightful

    Mozilla asks for user data and people who do not opt-into that are not contributing data. Me being one of the many who do not-- I suspect intermediate and advanced users comprise the majority of this group. This means their data of people not using things like menu bars because they getting metrics from the most daft users of firefox.

    Good designers will use metrics only as a factor not as a mindless system to think for you. Simplistic metrics are a whole issue in themselves along with improper use of statistics (on metrics) which is a common problem as well. Menu bars are never used heavily but they are extremely useful - of all times, in 2014 when phones have more screen space than a desktop did in the 90s we suddenly become obsessed with screen space??

    Great designers also will accommodate advanced users and the large base of existing users by not arbitrarily pissing them off. Necessary changes can be done more gradually along with instructions on how to change the feature. (like making sure the user knows how to get to menus when you killed them... and to not foobar the pop-up menu version of the menubar... proper grouping and hierarchy make large things easier.) Also the current situation of "don't make me think" is likely a fad in the design world; I hope that users want to use their brains effectively in the future; otherwise, Edward Tufte etc. are irrelevant as we devolve.

    If Mozilla wants to REALLY be a community they will let users choose and try something democratic, such as opt-in or opt-out of a major interface change. Since opt-in would never gain a majority of the users on these recent changes; the designers would naturally push for an opt-out policy but at least they could measure their failure by making opt-out easy to do (like force the user to use it for a few months before presenting the option.) At least then users at all skill levels feel empowered and PART OF SOMETHING (mozilla could even use the opportunity to leverage altruism and promote an organization image unlike the top-down corporate browsers.)

    FURTHERMORE, it doesn't matter how many more daft users you have over the advanced users. Your software is not default like IE was. Users install Firefox because of people like slashdot readers. I have brought mozilla 100s of users and I can take them away, some already left for Chrome anyhow... but many do what their nerd or IT staff tells them to do (or whomever sets the default.)

    --
    Democracy Now! - uncensored, anti-establishment news