Slashdot Mirror
Firefox 44 Arrives With Push Notifications (mozilla.org)
An anonymous reader writes: Mozilla today launched Firefox 44 for Windows, Mac, Linux, and Android. Notable additions to the browser include push notifications, the removal of RC4 encryption, and new powerful developer tools. Mozilla made three promises for push notifications: "1. To prevent cross-site correlations, every website receives a different, anonymous Web Push identifier for your browser. 2. To thwart eavesdropping, payloads are encrypted to a public / private keypair held only by your browser. 3. Firefox only connects to the Push Service if you have an active Web Push subscription. This could be to a website, or to a browser feature like Firefox Hello or Firefox Sync." Here are the full changelogs: Desktop and Android.
Who has a list of which configuration options I need to go into about:config and disable this time?
"BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
"a website could notify you when something important happened, even if you [don’t] have the site open"
Cool!
Is RSS dead now, like web onthologies?
NB: The message above might reflect my opinion right now, but not necessarily tomorrow or next year.
This version is also the first to require signed extensions with no way to:
1) Disable the signature check at all
2) Use any signature other than Mozilla's
3) Install a extension built and packaged by your distribution repository (unless Mozilla signs each build)
4) Forcefully install a extension that you built yourself
I don't understand why Mozilla gets away with this type of hidden DRM. At least in Secure Boot you could enroll your own signatures.
Here, the only option you have is to switch to an unbranded fork of Firefox.
A website registers a Service Worker with the browser. Service Workers are small JavaScript programs with super powers like intercepting network requests or running even when their parent website is closed.
What could possibly go wrong?
To assist law enforcement by fingerprinting your browser payloads are encrypted to a public / private keypair held only by your browser
FTFY.
~ People that think they are better than anyone else for any reason are the cause of all the strife in the world.
Yeah, to keep your antivirus and ad blockers out of the way.
Oh well, at least there's still Netscape.
“He’s not deformed, he’s just drunk!”
Who has a list of which configuration options I need to go into about:config and disable this time?
You must be an old timer!
Programs are configurable! Just go through all the apps and programs that you use on a daily basis and change whatever you want to make the system work to your liking.
All these features are easy to change, and learning a mere handful of methods will get you anywhere you want to go.
1) Go to about.config, click on the "I understand", type in "this.obscure.value", double click it to change value. The "this.obscure.value" is named in a transparent, easily understandable way such as "browser.cache.disk.smart_size.enabled". This enables the "smart size" feature of the caching system. It's obvious what it does, because it's name says it all.
2) Go to start->run->regedit, navigate to "this obscure value", type in "add new value" in DWORD format and set it's value to 1. For instance, to disable the new volume control and go back to the old style, just navigate to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion, create a new key MTCUVC, create a new DWORD EnableMtcUvc, and set its value to 0.
Only old folks think that's not simple, and I don't for the life of me know why!
3) Pick a random number, put "KB" in front of it, and do what's described there. For example, KB3035583 tells you how Microsoft has helpfully introduced "additional capabilities for Windows Update notifications when new updates are available to the user". It's just telling you how Windows 10 is now available. If you want to customize this behaviour, you can use task manager to stop the GWX.exe process. Or, you can go to programs and then click or tap on View installed updates, then scroll down until you see the KB3035583 update, select it, press "uninstall", and then confirm that you want to uninstall it.
Nothing could be simpler, I just *don't get* where these old folks are coming from!
4) Changing things in linux it's even easier! Just go to /etc as root and vi "some-random-file", and change the configuration manually. It's easy to do, because all the configuration files are in one place! For example, remote disks are called "shares", and the process that manages this is called samba, and the file to edit is thus /etc/samba/smb.conf.
What could be easier? The .conf ending lets you know that it's a configuration file!
If you don't know how to use vi, simply type "man vi" and you'll find all the information you need!
Really, I don't understand why old folks don't understand these things - everything is so simple!
Of course, all you have to do to fix that is replace one line of code with
if (true)
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
Sad, really. Firefox has gone from the older days of being a wonderful alternative to IE, to whatever it is today ... losing market share rapidly and deservedly.
Maybe I will have a look at Pale Moon.
Oh... it IS the case; but you made it sound like a FORK; when its really a proper release channel for developers.
Is that what Ubuntu users are called now?
"I don't know, therefore Aliens" Wafflebox1
At this point you sound like someone whining that the LTS release doesn't have the cutting edge features you want.
Sounds to me like he's "whining" about an LTS that has added overly restrictive features that he doesn't want.
Do you call it "whining" when you do it, or is it only for other people?
Is that what Ubuntu users are called now?
Only if they want to get their Mozilla Firefox extensions from a source *other* than Mozilla; or did I miss something?
let someone know they're being Pushed out the door for not toeing the party line on some Social Justice issue unrelated to javascript compiler speed? Cause Mozilla clearly already had that feature
Hire a Linux system administrator, systems engineer,
And now, if we want to do something revolutionary with an Extension that they haven't foreseen, well, too bad. You need their permission which some negative nancy will refuse to grant because "powerful".
Peter predicted that you would "deliberately forget" creation 2000 years ago...
did I miss something?
I think so, since "build from source" is what Linux distros do.
"I don't know, therefore Aliens" Wafflebox1
I think so, since "build from source" is what Linux distros do.
Then what is the problem? Have the distro modify the source going into the repo to remove any non-OSS friendly stuff... isn't that what iceweasel is?
I'm confused. We are delaying the removal of this preference to Firefox 46
If you haven't already, rather than messing around with settings and installing extensions, just drop it. Uninstall and don't look back. There are other browsers.
Have the distro modify the source going into the repo to remove any non-OSS friendly stuff
They already only distribute OSS extensions.
"I don't know, therefore Aliens" Wafflebox1
Give Pottering a week and we'll have some spaghetti code that does the same thing in kernel.
Only the State obtains its revenue by coercion. - Murray Rothbard
So based on last month's stats, Firefox is down to about 7% of the browser market. That's across all versions, on all desktop and mobile (where Firefox for Android has a massive 0.05% of the market) platforms.
At this point, Firefox as a whole is nearly below iOS Safari 9.2, IE 11, and UC Browser for Android. It almost has fewer users than Opera Mini, even! Hell, even Chrome 46 still has almost as many users as Firefox has in total, and Chrome is up to version 48 now!
It's now clear that Firefox 44 introduces a lot of shit that users just don't want, and there's a lot more dumb shit in the pipeline, too.
Based on this, I'm going to make a prediction: Firefox will be at or under 2% of the market by the end of 2016.
So many of Firefox's changes only serve to drive users away to other browsers, and I don't see anything suggesting that they'll start listening to their few remaining users any time soon. Rust and Servo are total dead ends at this point, so we can't count on them to save Firefox.
Once Firefox hits such a low single-digit share of the market, it's likely that Mozilla will be considered completely irrelevant. This is bad for the web, of course, since it cements the WebKit/Blink monoculture.
Web push is already easily handled through WebSockets. I wrote a couple applications that are able to handle hundreds of random notifications per second coming from a server. Works with Chrome, Firefox and even IE. Older versions of IE require a polyfill but even that works great.
That was the turning point of my life--I went from negative zero to positive zero.
Firefox is really pissing me off anyway, mine keeps loosing the spellcheck. I've gone through all the troubleshooting steps, checked the language packs are installed, and yet often the "Check Spelling" disappears and instead "Add a dictionary" shows up.
Does anyone know if security.tls.insecure_fallback_hosts is now deprecated? I have an old device that will never get its SSL certificates reissued and I cannot create a new certificate with better algorithms. I use an old portable version of Firefox that I use to sometimes login. I noticed with Firefox 44 if I now go to the IP address, which I have added in the above preference name, I am greeted with the Advanced button and expanding it gives me a link to "(Not secure) try loading 'ip address' using outdated security." If I click on it it does nothing and gives redirects back to the "Your connection is not secure" page.
The latest version of ssh allows one to whitelist hosts with deprecated encryption so I have access that way, too. It would be nice to not have Firefox 44 and another just to access this device.
Lol
That doesn't really fix any of the problems with signing.
This version is also the first to require signed extensions with no way to:
1) Disable the signature check at all
That is incorrect. They pushed it back again to FF46.
But more generally, I agree it is total bullshit. And what's worse is that the answer is super fucking easy. All they need to do is let the user specify a white-list of extensions that do not need signatures. Require that the white-list be kept in an admin-only writeable location, like the system-wide firefox install directory where there is already some config data. If an attacker can write to admin-only files then the whole system is already compromised anyway.
Instead they want you to use an entirely different 'unbranded' build of firefox which just means that people won't be able to get the automatic firefox updates which will result in older, more exploitable versions of firefox persisting on users' systems. So drastically less security for anyone even slightly out of the ordinary.
Dumb all around on this from Mozilla.
You are full of it...
I mean, with Gnome you talk about about desktop Linux and that has benefited from systemd.
I support your dislike of Gnome (2, 3, x), that's why there is KDE, XFE etc.
Oh yes, and I needed to undo a wrong moderation.
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
Yet, mind bogglingly enough it is still way simpler than trying to fix windows registry. Mind you fuck up about:config and the browser stops working, Windows registry fucks itself up and you computer stops working. Want to keep a computer working, always dual boot and that way you can boot to Linux to fix your gaming and browsing machine. I have managed to keep windows 7 going since getting this computer without a reinstall by that very method. Damn being able to edit a text file makes like so much easier when it comes to fixing a broken OS or broken program. Having to reinstall a program or and entire OS and every program you have because you couldn't edit a text file is fucking nuts. One five minute edit versus hours and hours of reinstall, oh, yeah that edit is so very, very hard.
Chaos - everything, everywhere, everywhen
I searched about:config for 'push' Changed a few values from true to false, and buggered up the Mozilla push URL. Has crashed yet. Only time will tell
My reaction (sent to Mozilla) to the inclusion of the Amazon plug-in:
[Firefox has made me] very, VERY sad indeed. Amazon? Why don't you just shoot my privacy in the head? It would be a kinder solution. More to the point, sucking up to Amazon is NOT going to fix your terrible financial model. Amazon does NOT share any of Mozilla's laudable goals, but "partnering" with those vicious privacy-destroying monsters will destroy you, too. How can ANYONE possibly trust an Amazon partner? Amazon will share a few pennies with you--but Amazon will laugh when you go bankrupt anyway.
Now I've suggested an alternative business model of project-oriented charity shares. I'm already getting blue in the face from repeating that solution, but you are ABSOLUTELY NOT offering a better alternative. Amazon is EVIL, and now I regard Firefox as EVIL, too. My chief regret is that there are no alternatives that are significantly less evil--and it always comes back to stupid financial models.
Longer version with more about the alternative financial model I favor: https://ello.co/shanen0/post/8...
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Where can I borrow a cup of mod points? This post deserves more on several dimensions...
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Pull my finger
<pulled>
</pulled>
FTFY
There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
Because the alternative is easy malware installs?
Careful, your cluelessness is showing. If someone's computer is compromised a rogue browser extension is the least of their worries.
"What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
/)
You must be an old timer!
Only old folks think that's not simple, and I don't for the life of me know why!
Nothing could be simpler, I just *don't get* where these old folks are coming from!
Really, I don't understand why old folks don't understand these things - everything is so simple!
There is a fine line between being funny and being an ASSHOLE and you definitely are not funny.
My first computer course was at Rice University, programming PL/1 on an IBM mainframe with punch cards. I programmed COBOL and FORTRAN on VMS on a VAX at the University of Houston. I used UNIX before Torvalds ever thought of making Linux.
I used OS/2 Warp when everybody was suffering through Windows 95. I started using Linux when IBM killed off OS/2. I ran WebCT on Solaris for over 6,000 professors and students at Texas A&M University Kingsville.
And that is just stuff over 8 years ago. At Rackspace I spent 5 years supporting Managed Linux customers then 3 years in Operations supporting the engineers working on their cloud infrastructure.
I have probably forgotten more about computers than you will ever know in your entire life.
Maybe you would not have to attempt to be funny and people would actually listen to your ravings if you knew how to keep your shitty little website online: http://www.okianwarrior.com/
Just another sign that Slashdot has jumped the shark sign since only ASSHOLES like you seem to come to Slashdot these days.
LOL the worst part is that you are probably just another hipster wannabee who thinks that running a Mac makes you cool!
A man who wants nothing is invincible
Yes, you are confused. Delaying something instead of cancelling it means I know before it pissed me off. Posted via chrome.
And chrome sucks for dashslot, so I'm not real happy about it either.
The mozilla devs have destroyed firefox. Citing 'stability', 'maintainability', 'unused features', etc. they have removed most of what firefox was known for and reduced it to a chrome knockoff. The new firefox is pathetically crippled, lacks a decent interface and configuration options, and looks out of place in the major linux desktop environments. Push notifications should have been implemented as an add-on for those who want it and not implemented in such a way as to create new problems for users who don't want it.
4) no troll is complete without mentioning systemd has replaced much of traditional configuration :)
Those using FreeBSD basically have to use Chrome
Google doesn't ship Chrome for FreeBSD. Chromium is in packages, but Chrome and Chromium are not the same thing - Chrome includes things like the Netflix DRM. Updates to the Chromium port also take a while because Google refuses to accept patches for FreeBSD (closing the submitted issues as 'FreeBSD is not a supported platform') and so the port needs to maintain a large set of patches.
I am TheRaven on Soylent News
You are doing it wrong. The registry is just a database of settings, a simple hierarchy. It stores access control information too, on a much finer grained level than Linux allows. On Linux you have simple file permissions, and that's it.
The registry is periodically backed up. If you someone screw it up, which with the default permissions is hard to do, you can just revert back to an older version. Windows can do this automatically most of the time, or you can do it manually by booting the install media, going into a recovery command line and simply copying the backup files over.
If you aren't doing something similar on Linux, you are also doing that wrong. Before editing critical configuration files that could stop the system booting, you should make a backup copy. Who wants to rebuild a long, complex config file from scratch?
It's also worth noting that there is nothing stopping apps using text files for configuration on Windows. In fact, it's officially supported and encouraged.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Backend POSTs to you!
Not that you've ever browsed any of the source code in Linux but, if you're willing to sign an NDA and provide a reason (I've used "I'm curious" as a reason) then you can see Windows source code, at least quite a bit of it. It's called the Shares Source Initiative. It has been a policy for like ten years now - maybe longer.
You can use Google to find it. Or Bing, I suppose. Just search for Microsoft Shared Source Initiative. Hell, I use Lubuntu and I know this. So, you've got good luck browsing the source code - if you actually want to, could make up a reason, and took the few seconds to use a search engine.
I'm not sure what benefit you'd actually, personally, gain from browsing the source code. That's not really the benefit from free software. The benefit isn't so much that you can browse, but that you can change, fix, and edit the source code. You can not do that with Windows, however. Well, if you're big and powerful enough then they might let you or will do so on your behalf. But not so for you. For example, Windows XP is still being quietly maintained and updated - just not for you. The US Navy pays Microsoft, not a whole lot actually, to provide continued support for Windows XP.
At any rate, if browsing the source code on Windows 7 is your goal, make up a good reason and check out the shared source initiative. You can browse quite a bit.
"So long and thanks for all the fish."