Firefox 44 Deletes Fine-Grained Cookie Management

ewhac writes: Among its other desirable features, Firefox included a feature allowing very fine-grained cookie management. When enabled, every time a Web site asked to set a cookie, Firefox would raise a dialog containing information about the cookie requested, which you could then approve or deny. An "exception" list also allowed you to mark selected domains as "Always allow" or "Always deny", so that the dialog would not appear for frequently-visited sites. It was an excellent way to maintain close, custom control over which sites could set cookies, and which specific cookies they could set. It also helped easily identify poorly-coded sites that unnecessarily requested cookies for every single asset, or which would hit the browser with a "cookie storm" — hundreds of concurrent cookie requests.

Mozilla quietly deleted this feature from Firefox 44, with no functional equivalent put in its place. Further, users who had enabled the "Ask before accept" feature have had that preference silently changed to, "Accept normally." The proffered excuse for the removal was that the feature was unmaintained, and that its users were, "probably crashing multiple times a day as a result" (although no evidence was presented to support this assertion). Mozilla's apparent position is that users wishing fine-grained cookie control should be using a third-party add-on instead, and that an "Ask before accept" option was, "not really nice to use on today's Web."

Deny ALL Cookies

[zenlessyank]

Seems to be as fine grained as I need.

Re: Deny ALL Cookies

And I don't want to hear you whine when people stop visiting your site because of your fucking annoying popups.

Re:Deny ALL Cookies

[AmiMoJo]

Says the guy logged in to Slashdot.

Re:Deny ALL Cookies

Sadly denying all cookies today leads to an unusable web :(
Youtube videos wont even display, on ANY page.
Most sites refuse to even display ANY content.

The best option is to whitelist the few sites one uses, and relegate the rest to delete-on-exit or if you have an addon for it delete-on-close-tab.
That is of course in addition to uBlock and the like to block tracking/ad cookies which arent needed for most sites to function.

Re:Deny ALL Cookies

[Fly+Swatter]

It is sad that it is no longer rare to encounter someone that subscribes to the 'broken by design' philosophy.

Re:Deny ALL Cookies

adblock+ plus easy element. "Oh, I see you've got an annoying popup there that keeps coming back, asking me to do something silly like enable scripts, or turn on cookies. Welp, not any more you don't."

Re:Deny ALL Cookies

[stephanruby]

This post would have been a lot more believable if it had actually come from an Anonymous Coward.

Re:Deny ALL Cookies

Friendly suggestion: Switch to uBlock Origin. Much faster engine than adblock. Per-element blocking is also built-in and just a context menu away. As an extra bonus it's not sponsored by the very businesses we are trying to block.

Re:Deny ALL Cookies

Your welcome popup won't even appear in my browser, shit-for-brains.

Also, I'm 100% certain that your site is complete crap, despite never seeing it.

Re:Deny ALL Cookies

If anything, firefox abandoning fine-grained cookie permissions is going to make this 10x worse. Now, the only choice is to block all cookies (not very practical) or to dump them at every restart and then restart the browser more often (more practical but still annoying due to your attempt to save client state).

Cookies are essentially dead for their original purpose (scalable client state) due to all these privacy and tracking problems. At this point, it's better to assume they are only useful within a session and to persist user preferences on the server side.

Re:Deny ALL Cookies

The web is evolving and you're stuck in the past.

Re:Deny ALL Cookies

To be fair, I should have listed in the original post that if I need to use a site like Slashdot or Soylent I use IE. As for the rest of my browsing, I use portable Firefox with a whole bevy of plugins. Otherwise i browse with a VM with read-only folders that I manually update as needed.

zenlessyank was here

Re:Deny ALL Cookies

[zenlessyank]

To be fair, I should have listed in the original post that if I need to use a site like Slashdot or Soylent I use IE. As for the rest of my browsing, I use portable Firefox with a whole bevy of plugins. Otherwise i browse with a VM with read-only folders that I manually update as needed. zenlessyank was here

Re:Deny ALL Cookies

I use both.

Re: Deny ALL Cookies

s/fucking annoying/legally required/g

Re: Deny ALL Cookies

Is high flight frequency desireable to you?

Re:Deny ALL Cookies

> Sadly denying all cookies today leads to an unusable web :(

I browse with cookies disabled all the time. There is (at the moment) *exactly* one site for which I enable cookies before login (because the stupid webheads can't manage auth without cookies -- it's amazing how low our trade has fallen).

No, this one site ain't slashdot, that's why I'm Anonymous Coward here (hey, Slashdot: I'd register, heck I'd even *pay for a subscription* if you had a cookieless option for me. Deal?).

> Youtube videos wont even display, on ANY page.

youtube-dl is your friend (yes, it has to haul a couple of cookies around, but all is gone after one download, and it's only for YT). Plus I don't have to cope with the crappy, Javascript driven, bloated browser based "video player" YT wants to ram down my throat. Life is beautiful.

> Most sites refuse to even display ANY content.

I get to see those from time to time (or those idiots outsourcing the comments on their blogs to Disqus, or other disgusting things). I don't care. Shake the dust off my sandals and walk on. The Web's a big place :-)

Some day I'll start collecting them and publish a Web Hall of Shame.

Re:Deny ALL Cookies

Session variables. If people would use those and not just cookies. It'd be better.

Re:Deny ALL Cookies

[driblio]

Clue: all sites in the EU are legally require to get cookie consent the first time you visit them. So unfortunate developers have to put something in. Of course, if you deny cookies... You get the pop-up every time, something far more annoying than the problem it was trying to solve.

Re: Deny ALL Cookies

There's an adblock list you can subscribe to that maintains a blocklist of all those stupid cookie banners. In combination with Self Destructing Cookies it's a godsend.

Re:Deny ALL Cookies

[thegarbz]

Seems to be as fine grained as I need.

I need most of the internet to not break.

Re:Deny ALL Cookies

Don't use popups. Have a nice lightweight page that loads very quickly, submit the user's preference with a POST submission, log it to the database, and keep the user's session key in a chain of GET variables so the user is no longer annoyed by anything for the rest of their session of interaction with your site.

Or you could do it the same fucking stupid way as everyone else.

Re:Deny ALL Cookies

Wrong. They legally can't set any cookies without consent, and the rule was written to specifically exclude assumed consent such as "by browsing this site, you consent to"; as well as not giving the user a choice, such as a popup with only an OK button.

Which is of course why every business that hate those rules use one of the above as a protest, while pretending that the law is the reason for those annoying popups. And of course even the ones with the popup set cookies before even showing the popup. The popup has no effect, it's just there to protest a law that would be a huge improvement if anyone followed it.

Re: Deny ALL Cookies

[cdrudge]

It's not legally required that the popup is actually a popup though, is it? Numerous sites I've visited have had some form of a popup, but many also just have the notification as part of the normal flow of content in the page. There's usually an option to hide or close it for future views, but it's unobtrusive as part of the design.

Re:Deny ALL Cookies

[mysidia]

We don't want your fsck'ing "Welcome" popups. Just write a normal website that stays out of my face and gives me the static content I am looking for, thanks.

Re:Deny ALL Cookies

Hm, yeah, but vast majority of websites do not really have to annoy their visitors with cookies popups, because they work just fine without cookies (and most of the rest could be made to work without them). But they want to annoy them nevertheless on the pretext of the evil EU commanding them to do so, because they a) desire to use cookies for tracking and surveillance of visitors and b) want those who click on "Decline" to be frustrated and eventually give up and "Accept".
Remarkably, websites that ask mostly set cookies before one even answers and often annoy visitors with other popups as well, so...much as I would second such move, the EU possibly can not make a law and forbid website from being annoying. If there is some problem, then that it has been too soft; probably forgot about next gen cookies (dom storage) and, generally, rather than focusing on at the time current tools that faciliate surveillance, it should focus on surveillance itself. I do not mind Google setting its cookies. I do mind it reading them through its elements when I wisit totally unrelated, non-google website. If I block cookies, it will fall back to browser fingerprinting.

Re:Deny ALL Cookies

[CastrTroy]

because the stupid webheads can't manage auth without cookies

The only alternative for managing sessions without cookies is to maintain the session key in the links. This is fraught with problems. As soon as you leave, or open a new tab window on the same domain without the key in the URL, you start a completely new session. Also, when bookmarking a url with a session key, people will often send URLs to a friend giving them access to their session. What method do you have for session management that doesn't require the use of cookies?

Re:Deny ALL Cookies

[LordKronos]

Session variables. If people would use those and not just cookies. It'd be better.

And how exactly do you think session variables work? How do you link a browser to the session? Cookies!!!

Yes, I know you can put a god damn session id in the URL query string, but that's annoying, unreliable, and insecure. IF someone navigates your website for a bit, puts some stuff in the shopping cart, then just goes back to your homepage by stripping everything but the domain name off the URL...TADA!!! You've lost their session!!! Or if they jump to a different part of your website via a bookmark from a previous session...TADA!!!! You've lost their session. Or if they copy their URL and pass it to someone else/post it on a forum...TADA!!!! Someone else is now using their session (yes, you can "solve" that issue by linking the session by a secondary authentication variable like IP, but then you run the risk of having your website broken for anyone that moves between IP addresses).

In short, I've never seen a good, clean, reliable way to link a user to a session that doesn't involve cookies. If you've got the magic solution to that, please...I'm all ears.

Now if you mean websites should only use session cookies instead of persistent cookies, and the "deny all cookies" option only denied persistent cookies (does it do that already? I have no idea), then yes...that is a workable solution for most cases. Off the top of my head, I think the only thing you lose there is the ability to persist your login between browser sessions. But then again, if someone doesn't mind session cookie but dislikes persistent cookies, they could already set their browser to clear all cookies on exit or use a private browsing mode, and then all current websites would work perfectly fine.

Re: Deny ALL Cookies

[Z00L00K]

So you are the kind of guy that eats two cakes at the same time and get surprised by the chocolate lemon taste mix.

Re: Deny ALL Cookies

[Z00L00K]

However cookies are also used to store login session on some forums, which means that either having to log in each time or accept the plethora of unwanted cookies.

Re: Deny ALL Cookies

[Z00L00K]

And session keys in links opens a different can of worms.

Re:Deny ALL Cookies

[kimvette]

> Yes, I know you can put a god damn session id in the URL query string, but that's annoying, unreliable, and insecure. IF someone navigates your website for a bit, puts some stuff in the shopping cart, then just goes back to your homepage by stripping everything but the domain name off the URL...TADA!!! You've lost their session!!! Or if they jump to a different part of your website via a bookmark from a previous session...TADA!!!! You've lost their session. Or if they copy their URL and pass it to someone else/post it on a forum...TADA!!!! Someone else is now using their session (yes, you can "solve" that issue by linking the session by a secondary authentication variable like IP, but then you run the risk of having your website broken for anyone that moves between IP addresses).

It will be like experiencing 1997's web all over again!

Re:Deny ALL Cookies

[LordKronos]

It will be like experiencing 1997's web all over again!

Except our blink tags will now be CSS3 enabled.

Re:Deny ALL Cookies

[zenlessyank]

I believe that if we are having this kind of conversation then the internet is ALREADY broken. Well not broken, just many parts are poorly implemented due to money grubbing fucktards.

Re: Deny ALL Cookies

Exactly. Never mind cookies; Firefox needs a way to detect and kill these JavaScript annoyances without disabling JS entirely. No, I don't want to take your fucking survey or subscribe to your fucking mailing list.

Re:Deny ALL Cookies

[tepples]

and keep the user's session key in a chain of GET variables

A session identifier in a URI allows session fixation if a user ends up sharing a link.

Re: Deny ALL Cookies

[tepples]

Forums have several options to keep a user logged in without a persistent cookie:

• Switch to Basic authentication (RFC 7617)
• Switch to TLS client certificate authentication
• Use a session cookie and rely on the client-side password manager

Re:Deny ALL Cookies

[tepples]

What method do you have for session management that doesn't require the use of cookies?

I mentioned a couple in my reply to LordKronos.

Re:Deny ALL Cookies

He's a junior PHP dev. A lot of these guys don't understand what is really going on when they start a session and use the $_SESSION super global. It is true that the data in the variable is being stored server side, but it is a cookie that allows the server to track the session across requests... Which is of course the reason you have to call session_start before sending any output. Lots of folks seem to miss that part.

Re:Deny ALL Cookies

This (treat all cookies as session cookies) is what FF used to do. It's no longer possible to choose that or any other form of cookie handling in user-facing settings. THAT'S what's wrong. Yes, you can use an extension to do it (arguably with more detail and flexibility that FF used to have), but the issue is that you have to do that now to be able to control cookies at all.

Re:Deny ALL Cookies

Yeah, the web is evolving and you're going in the opposite direction. Enjoy your 3 site visitors.

Re:Deny ALL Cookies

uBlock Origin doesn't allow me to remove lists that I don't use (ie. ALL of the ones it has built in).

I'll stick with ABP. I have only my own custom lists and can remove the default ones so it's not all cluttered.

Oh and ABP has per element block that is just a click away and has had it forever.

Re:Deny ALL Cookies

Clue: all sites in the EU are legally require to get cookie consent the first time you visit them

I just pulled up amazon.co.uk, tutanota.de and seznam.cz without seeing a single popup.

Re: Deny ALL Cookies

If they hated the law they would standardise the pop up so that browsers could easily ignore them.

Re:Deny ALL Cookies

Look at Privacy Badger add-on from the E(lectronic) F(ree) F(oundation). Their application gives you the control that FF removed, and it also tells you how the cookie is used.

Re:Deny ALL Cookies

How'd you manage to log into /. while having all cookies disabled?

Re:Deny ALL Cookies

[thegarbz]

How did you actually manage to log in and post that? The idea of session tracking on a user device does not make the internet broken. The inability to control the behaviour of session tracking does.

Re:Deny ALL Cookies

Session variables

So, cookies then.

Re:Deny ALL Cookies

Learn how to spell fuck already

Re:Deny ALL Cookies

Thumbs up for ublock origin. I love how it just works, and how I can hide those obnoxious "please disable adblock" elements. ublock origin and disconnect are a great combination.

Also, having such a viable alternative that I can choose to use instead is a nice fuck you to adblock, which I'll remind everybody is run by a world class asshole.

Re:Deny ALL Cookies

WTF are you talking about? EVERY list that uBlock Origin uses is optional and selectable, unless you're unable to operate the dashboard for some reason. You're also welcome to add any custom list you please, either remote hosted or on your machine.

uBlock Origin also has a nice lack of an Acceptable Ads Program(tm) meaning that its maintainer doesn't accept payoffs from shady advertising companies in exchange for getting whitelisted.

Firefox 44

That is just one of the reasons I went back to Firefox 43

Re:Firefox 44

Fine-Grained cookie management was the reason I stayed on Firefox. What the fuck are these people smoking. Fine-Grained control of cookies and everything else is the only selling point of Firefox for me. I guess Dillo's about to get a run as my full time web browser.

Re:Firefox 44

[TheRaven64]

Perhaps they're expecting people to install add-ons? Fine-grained cookie management was why I switched to Firefox on Android, but I actually ended up using the self-destructing cookies add-on, which has exactly the policy that I want: any site can set a cookie, but unless I explicitly opt in (which I can do retroactively with the undelete button) to keeping it, then it's deleted when I navigate away from the site. Everything works as if I had cookies set to automatically accept, but doesn't get to persist any state for me across visits unless I permit it to.

No options for you

Ah, I see they are following the Gnome school of user interface design.

Re:No options for you

Ah, I see they are following the Gnome school of user interface design.

That's the "Why Would You Want To Do That?" philosophy.

Re:No options for you

No, its the "FUCK YOU! we know how to use our browser better than you" philosophy.

Re:No options for you

Don't even remind me. I finally updated Ubuntu from LTS to recent release and was welcomed with new modern flat design GTK theme. So flat that toggle buttons have only one state for on&off.
Anyway, the moment TreeStyleTab stops working with Firefox I will finally have a good reason to drop that browser forever, there is no other point in using half-baked Chrome clone. I never understood what were people responsible for that change thinking, was it: "Some users prefer Chrome to Fx, let's change our UI to the same as Chrome, alientating our current users that didn't like Chrome at all".

Re:No options for you

[Blaskowicz]

LOL when seeing toggle buttons I sometimes wonder if the devs have a weird sense of humor. Is it turned on or turned off? hmmm.. uhhh..

Re: No options for you

[Z00L00K]

Which browser alternatives are there that aren't IE/edge, Chrome, firefox then that have good privacy?

Re:No options for you

Unity. One option to rule them all.

Re:No options for you

[iampiti]

It's very popular nowadays. Microsoft themselves are implementing it in Windows 10. See Edge which has fewer options than if it had to run on a 8086 with 640 kb of RAM

Re:No options for you

No, its the "FUCK YOU! we know how to use our browser better than you" philosophy.

So the Apple school of UI design...?

Re:No options for you

[Vlad_the_Inhaler]

No, its the "FUCK YOU! we know how to use our browser better than you" philosophy.

Hey, they maintain the browser, I'd assume they know how to use it better than I do.
That is not really the point - I have a way that works and they have just killed it. I do not want to spend a couple of days looking for alternatives when this problem was caused by maintainers breaking something because they felt like it. The maintainers are maintaining for their own enjoyment and the lusers are out of luck.
If the solution is something which also works under another browser, I'll look at adopting the other browser.

Re: No options for you

The problem here being that you as a user has no influence over Mozilla, Google and Microsoft. You're not paying for the browser which means someone else is. You're not a voting member of an organisation and doesn't have democratic influence. Even with the latter someone needs to pay the developers.

As a paying Red Hat customer I do have some influence over their fork of Firefox. So far they haven't followed the Apple school of design because a large number of customers expressed discontent in their plans.

As a Microsoft customer on the other hand I see them ignore us completely. They complain in various ways that many still use XP but they refuse to pay any attention to our requirements, including our browser requirements. Large customers like Ericsson and Walmart is included in "our". Yet we are all ignored.

Some finds it shocking that many of us move from XP to RHEL but customer service is important to us. More important than running legacy applications that only works in Windows.

Bottom line: If you want influence over your browser you need to get it.

Either by using the influence of being a paying customer or by starting a new product. Setting up a user-driven organisation that elects it's leadership would be possible solution, if you want what the majority wants.

Re: No options for you

Epiphany but it has become Apple style in accordance with Gnome policy.

The gun is pointing at the foot

[phoenix0783]

They seem to be really trying to shoot themselves in the foot lately.

Re:The gun is pointing at the foot

I'm actually waiting for a full fork to happen soon. And no, projects like Iceweasel are not what I mean. They lack their own infrastructure and proper management. Firefox needs to be forked and managed under a separate foundation with full-time employees putting the stuff together. We need to take back the Internet and not get led into whatever direction the big players want us to go.

Re:The gun is pointing at the foot

[rubycodez]

anonymous twat talks like a mozilla shill. maybe 12 will soon be the number of employees they have

Re:The gun is pointing at the foot

[bhcompy]

Some kind of Navigator needs run this ship.. Some kind of.. Netscape Navigator..

Re:The gun is pointing at the foot

[elrous0]

It all makes a lot more sense if you consider that almost all of Mozilla's income comes from Google and Yahoo.

Re:The gun is pointing at the foot

[Artem+S.+Tashkinov]

You might have missed Pale Moon - the people behind it forked Firefox just before Mozilla decided to foist universally hated Australis on its users.

Re:The gun is pointing at the foot

My anonymous brethren is quite right though. The handfull of tinfoil-hatters who have the time to research every cookie are probably mostly using a hardened browser anyway, rather than firefox. And mozilla are quite right, features like that that hardly anyone uses don't belong in the core browser, they are exactly the kind of thing that should be handled with an add-on. Nice to see mozilla battling the bloat.

Re: The gun is pointing at the foot

I use this feature and have for ages. I deny every site by default. If I notice something I want doesn't work I switch it to allow for session. If it's a site I want to stay logged into I will switch to allow. It has never crashed on me. FF doesn't actually crash more than a few times per year on me at all.

Re:The gun is pointing at the foot

[Chas]

Yeah, but looks like they missed and blasted themselves in the balls.

Re:The gun is pointing at the foot

[narcc]

universally hated Australis

If by "universally" you mean "by a tiny minority of perpetually unsatisfied users on Slashdot".

Re:The gun is pointing at the foot

I love to look at Mozilla's own Firefox satisfaction stats. I check them daily. Currently the overall sentiment is 91% unhappy, and only 9% happy. When it comes to Firefox for Android, over 99% are unhappy, and only 1% are happy!

Mozilla's own stats show that their users hate Firefox. Even the most despised politicians, the ones who have fucked over millions of people, rarely get satisfaction ratings below 20%. Yet somehow Mozilla has managed to screw up so badly that not even 10% of their users are happy!

Re:The gun is pointing at the foot

Browser market share stats prove you are totally wrong.

In August 2013 Firefox held over 16% of the browser market.

Australis was included in Firefox 29, which was released on April 29, 2014.

By August 2014 Firefox only held about 11% of the browser market.

By August 2015 Firefox was down to about 8% of the browser market.

As of January 2016 Firefox is down to around 7% of the browser market.

Australis has helped drive away over half of Firefox's users.

Re:The gun is pointing at the foot

What a quote they had:

"not really nice to use on today's Web."

I guess it's Firefox that's not really nice to use on today's Web.

Re:The gun is pointing at the foot

As a newcomer I noticed an inconsistency in the tabs (focused tabs are curvy, unfocused tabs are straight) and proposed making them all straight. My proposal was rejected because it was "undoing Australis". What does that mean?

Re:The gun is pointing at the foot

[slaker]

I'm overwhelmingly a user of Palemoon rather than Firefox. I am extremely satisfied with Palemoon, particularly given the stewardship Mozilla has provided of late.

I hate what Firefox has become. At this point, It's a marketing company with a technology product, not a technology company. I don't like third party applications being inflicted on me. I don't like the state of flux in the UI that has existed since Firefox 26, the change or removal of features I've been using for years. I don't like arbitrary, zero-notice changes to features I'm using. These are all bad things.

But I'm going to stick with a Mozilla-derived browser for as long as humanly possible because all the alternatives seem worse. I like leaving tabs open. Browsers that use One Process-per-tab will annihilate my available RAM. Chrome (-ium), Opera and Safari all lack privacy and security-related addons that I won't surf without. Edge, with no addon support at all and forthcoming "We're gonna try to use Chrome's!", is a complete non-starter. I need Java in a browser for IT operations tasks. Anecdotally, I see as many issues with fake/bad addons in Chrome's Extensions as I did with BHOs in IE6's heyday.

Chrome has gone from the simple, lightweight option to a bloated mess that duplicates a lot of OS functions. I don't even want to load on a low-spec machines any more. I know it's the web's new favorite, but I'd rather take the ham-fisted marketing driven Mozilla mismanagement any day than live in an ecosystem where Noscript and RequestPolicy aren't really available.

Re:The gun is pointing at the foot

[The+Grim+Reefer]

As soon as tree style tabs work on Pale Moon, I'll happily switch to it.

Re:The gun is pointing at the foot

"The users still don't like it. Remove more options until it's foolproof!"

Re:The gun is pointing at the foot

Pale Moon supports Tab Kit 2nd Edition (TK2E), which has a "tree style tabs" feature.

I use TK2E in Pale Moon in both Win7 and Linux.

Re:The gun is pointing at the foot

maybe 12 will soon be the number of employees they have

It's already their average emotional age.

Re:The gun is pointing at the foot

I can concur. I left over Australis. It was a terrible design decision and basically ripped off Chrome. I figured if Mozilla was going to be led by moronic decisions my information was safer with Chrome, who actually want me to use their browser.

Re:The gun is pointing at the foot

ahhh... , I was ardent user of Classic Theme Restorer and Classic Toolbar Buttons addons. Got a new phone, installed ff. After 2 days of use I've uninstalled said 2 addons from my desktop. Yep, Australis is the future. Deny how much you want, it is.

Re:The gun is pointing at the foot

Also I have a XUL app that runs 27x7 in the last 3 years. Across multiple OSes and multiple FF versions (shame there's no XUL on mobile). Anyways the fact that it runs on FF flawlessly without modification (except when parameters need to change and restart) gives me a warm fuzzy feeling in the dick. It's good. I wish every app would be this successful and smooth rofl.

Re:The gun is pointing at the foot

[arth1]

They seem to be really trying to shoot themselves in the foot lately.

No worries, the feet will be removed in v45.0
You will still have plugins for right foot, left foot, and foot extensions, someone just need to write them. And sign them for every new version.

In 46.0, the rendering engine will be removed, but no worries, you can use a plugin.
in 47.0, the plugin loader will be removed, but no worries, you can load an extension for loading plugins.

Re:The gun is pointing at the foot

They've removed numerous useful features, like the option/shift/control-enter modifiers on urls used to do cool things like, open in a new tab, save link target to file, etc, a while back they removed these features and made the modifiers do dumb things like add www and .com to the beginning and ending of what was in the url bar. Completely useless.

I went and tried to give them feedback about this, but their feedback form would not allow me to submit because it contained the text "www" and ".com" in it.

The removing of fine grain cookie control is the last straw, I'm actively looking at new browsers now...

Re:The gun is pointing at the foot

[antdude]

Also try old school SeaMonkey that is a suite like old Netscape and Mozilla.

Re:The gun is pointing at the foot

[nmb3000]

And all 12 people that used the feature will be missed.

When your market share has shrunk to little more than the people who only continue to use your product because it has features that differentiate it from the alternatives, removing those very features is a damned stupid move.

I'm just waiting for them to finish the work currently underway to dump XUL and the current addon API, utterly destroying the current addon ecosystem and fully alienating all remaining users. That will be final stroke in Firefox's Chromification, and its death.

Re:The gun is pointing at the foot

I whitelist my cookies, and I whitelist just enough javascript using NoScript to make the websites I use work. It's not a tinfoil hat thing, it is a fuck advertisers thing. Without fine grained control of browser cookies whitelisting isn't feasible anymore and it forces a choice between using a browser with 500% more evil or using an actual tinfoil hat browser like Lynx or Dillo.

Re:The gun is pointing at the foot

Correlation is not causation.

Unless you have user surveys that cite this as the reason, you're just bitter and biased.

Re: The gun is pointing at the foot

I'm sure Firefox will be happy to make my homepage yahoo with every update again too.

Re:The gun is pointing at the foot

[jopsen]

The other end of that fact is that the total number of internet users is going up... And FF isn't adopting users as fast as chrome is.

Re:The gun is pointing at the foot

People do not normally go to "am I satisfied" sites on a whim just vote "yes". They do not uninstall products because they're satisfied either. If anything I'm surprised that even 10% of people ended up saying yes.

Re:The gun is pointing at the foot

You clearly don't know what "universal" means.

Re:The gun is pointing at the foot

When Australis was forced into FF, my relatives whose machines I have maintained all called me that their internet was broken. People could not access or use the bookmarks anymore. While waiting for my help, half of them were already googled for "how to fix internet" and installed Chrome..
Firefox just does not get it that each time they prevent existing users from using the browser, they will lose some part of customer base. Not a single user will install FF just because some some feature was removed from it.

Re: The gun is pointing at the foot

They are doing something MASSIVELY wrong if cookie management, of all things, is considered bloat.

Your insulting and belittling disregard of the matter aside, this is just another step towards crushing user control and the other feaatures making Firefox unique in favor of making Firefox a clone of Chrome - and a poor one at that, with all of the problems of Firefox and none of the advantages of either browser.

Re:The gun is pointing at the foot

[KGIII]

What does that mean?

That means, "Fuck you! We do what we like, if you don't like it - piss off."

Which, I guess, they can do if they want to? I'm not sure it's the best move to make but they can do it if they want. I stopped donating to them years ago. I've never been a huge fan but I used to donate just to ensure they would get a few extra bucks. I stopped that when it became obvious that they were no longer interested in just making good software that people wanted. I donated because I liked those people - not because I liked the browser.

I do like Thunderbird but the compiled version that I am using is not their version. I'd donate and support just Thunderbird if I could. There's at least one person from Mozilla in this thread. They seem to be a bit delusional. Someone pointed out the declining market share (quite a big percentage over a couple of years) and they countered with that's because the number of internet users has increased while the number of Firefox users hasn't increased. I'm guessing you can see some potential mental traps in that so I'll save the bytes from adding that. I'm also tired.

At any rate, if that's the attitude the rest take then the problem is internal and endemic. There's little that can be done without a change of management and, perhaps, ownership. That's the good thing, it can be forked. Given the reply that you got, using that as one example of *many* others, I think it's safe to say, they've actually completely decided that it's okay to ignore the users. For better or worse, that's their choice to make.

Me? I use Opera. It's Chromium with the garbage stripped out, a bunch of other features, and the ecosystem of both Opera and Chrome. Extensions are not a problem - I have to cull them once in a while as I tend to build up collections of them for no real reason other than I am easily amused. I think it's high time that we, the people, seriously consider putting our support behind a fork or a new project. While Opera is, technically, open source - it's not really completely free. So, that's not an option for this type of thing. Pale Moon? The new one, Brave? Vivaldi? I'm sure there are more.

I'll have to take a peek at 'em over the next few days. Then I'll watch a couple of them and throw a few donations out to see what happens over a few months. Oh, I'll stick with Opera as my browser. I just figure some things are worth supporting even if I don't personally use them. They keep things in motion and being developed. I benefit indirectly by my browser choice having competition. No, no I'm not altruistic at all. I'm quite pragmatist. Hell, if you can think of others besides the three I mentioned that are open source, feel free to tell me about 'em or link 'em.

Re:The gun is pointing at the foot

[athmanb]

You can't really finance a browser development team from a couple thousand nerds that all install Adblock and never use Yahoo once either. They need to kind of keep mainstream appeal up.

Re:The gun is pointing at the foot

[KGIII]

I'm too lazy to Google but NoScript is supplanted by uMatrix (same guy that does HTTP Switchboard and uBlock) on Opera. There's a Firefox version available now - he finally made you guys one last year. Also, any of the Chrome extensions can be used by Opera just fine and there are a couple of ways to do it including a nice automatic method. (It might even work by default now - I don't know. I haven't tried it.)

I really can't think of anything that would be keeping you back - IF you wanted to switch. However, you'd have to tell me what Request Policy does and then I might be able to find you an Opera version or a Chrome version. As I said, Chrome extensions work just fine in Opera - and in Vivaldi but Vivaldi hates two out of three computers that I use it on and I have to start it from the command line as they've yet to give me an option to disable hardware acceleration via the GUI.

Re:The gun is pointing at the foot

[serviscope_minor]

Not to mention that specifically mobile browsers are now a very significant percentage and chrome the default almost no one changes and for a quite a long time, the world's largest advertiser was advertising chrome heavily on one of the world's most visited websites.

Re:The gun is pointing at the foot

[serviscope_minor]

in 47.0, the plugin loader will be removed, but no worries, you can load an extension for loading plugins.

Well then you better get cracking on writing a plugin to load extensions in time for 48.0 when extension loading goes.

Re:The gun is pointing at the foot

They seem committed to windows centric behaviour, seem not to understand the use unix buffer and still like to use unnecessary capitalization and spaces in directory names.

Re:The gun is pointing at the foot

Thankfully, Internet Explorer market share is also down:
http://tinyurl.com/k3lwyuh

captcha: absurd :)

Re:The gun is pointing at the foot

It all makes a lot more sense if you consider that almost all of Mozilla's income comes from Google and Yahoo.

So Mozilla is removing a feature (at cost of the users privacy) to increase income?

Mozilla continues to alienate their userbase, continuing the slow dreadful death.

Re:The gun is pointing at the foot

In version 50.0, they will remove whatever remains of Firefox altogether, but no worries, you can always switch to another browser.

It looks like a repeat of Opera destroying itself by removing all features that made it, well, Opera. Fortunately, Vivaldi (www.vivaldi.com) is starting to get to the point that it's a worthy successor to Opera 12.x, and now, also Firefox.

Re:The gun is pointing at the foot

[thegarbz]

Australis has helped drive away over half of Firefox's users.

Yep Australis did that. Yes sirree, just Australis, nothing else. Users are only leaving because of Australis. There were no hundred Slashdot stories in this time describing dickhead moves such as advertising with tiles, fucking up home pages, removing endlessly more and more features, abandoning their plugin system, introducing Hello, partnering with a commercial product called Pocket, I'm sure I could come up with more if I had my coffee.

Yep just Australis. We have no other reason to hate it.

I left. But not over Australis. That was the least of Firefox's dick moves.

Re:The gun is pointing at the foot

[thegarbz]

What's in line for 48.0? The download is a static JPEG of the Welcome to Firefox website proclaiming how it's the fastest and smallest browser on the market?

Re:The gun is pointing at the foot

[greenfruitsalad]

on windows, a lot of installers seem to have "install Google Chrome and make it my default browser" button checked for some reason. it's no wonder chrome is spreading like a disease.

to me, there are only 3 reasons to keep firefox on my computers: vertical tree-like tabs, privacy extensions (better than anything on Chrome) and firefox sync (with my own server). if any 2 of these disappear, i'll switch.

Re:The gun is pointing at the foot

This comment proves that you don't know much about stats. There are lots of reasons market share shrinks. You've just decided to link it to Australis with absolutely nothing to back you up/

Re:The gun is pointing at the foot

Bwahaha, that's the funniest thing I've read in a while. You clealy have no clue about open source, and how Linux or any number of things came to be.

Re:The gun is pointing at the foot

[AmiMoJo]

It's because they treat their users like moron. Literally. Here is the article that started the whole "let's remove preferences" movement that began with GNOME and spread to many other formerly great apps: http://ometer.com/preferences....

Take the famous âoetoo many clocksâ example (2015 note - this doesnâ(TM)t seem to be online anymore, but it was a usability study Sun did in 2001). A significant number of test subjects were so surprised to have 5 choices of clock they couldnâ(TM)t figure out how to add a clock to their panel. This cost of preferences is invariably underestimated by us technical types.

In other words, design your UI for people so dumb they are surprised by choice and can't comprehend having to make a trivial, cosmetic decision.

Re:The gun is pointing at the foot

Will Google and Yahoo and the like continue paying them as their userbase contracts?

Re:The gun is pointing at the foot

I don't like the state of flux in the UI that has existed since Firefox 26

The version numbering is puke inducing as well. Stick with the fucking year, marketards, the big fast moving numbers don't impress anyone anymore.

Re:The gun is pointing at the foot

Of course Australis is the reason! The reason I left was the reason everyone left. Everyone thinks like me! Why, I could build a perfect utopia of a browser that everyone would love (but I won't actually do it).

Re:The gun is pointing at the foot

[TheRaven64]

Something of a biased set. I've been using Firefox on Android for over a year, and I am very happy with it. I wasn't aware until your post that Mozilla was collecting satisfaction stats, and even now I can't really be bothered to post there - but I probably would if I were unhappy with it. Firefox with the self-destructing cookies add-on is the only mobile browser that I've found that gives me the cookie management policy that I want.

Re:The gun is pointing at the foot

you'd have to tell me what Request Policy does and then I might be able to find you an Opera version or a Chrome version

RequestPolicy is like NoScript, but for any off-domain request, whether it's for images, scripts, or anything else.

If you "allow scripts for slashdot.org" in NoScript, a script hosted on slashdot.org can then load eleventy billion more images, scripts, or whatever from wherever. RequestPolicy puts the kibosh on that shit. For example, you would need to "allow requests from slashdot.org to fsdn.com" and then, once you've allowed that, "allow requests from fsdn.com to s3-us-west-2.amazonaws.com". This doesn't even affect the (in)ability for slashdot.org to make requests to, say, rpxnow.com.

A lot of sites no longer directly embed Facebook's tracking scripts, but they have a local script loader that loads them dynamically. This is specifically to defeat NoScript. RequestPolicy will catch it anyway. Right on this very page, slashdot's script loader attempted to load janrain.com, ntv.io, gstatic.com, googleadservices.com, rpxnow.com, taboola.com, googletagservices.com, google-analytics.com, scorecardresearch.com, stacksocial.com, doubleclick.net, and fsdn.com. NoScript would've allowed all of these as long as slashdot.org is allowed. It would not necessarily have allowed them to run, but it would have allowed scripts to load. It would also have allowed tracking images to load. With RequestPolicy, I've allowed only fsdn.com, and even at that, fsdn.com isn't further allowed to load from amazonaws.com.

And do you know how much bullshit I see on /.? None. Except for the other comments, but that's the bullshit I was here to read anyway.

RequestPolicy is 100% pure gold and is necessary.

Re:The gun is pointing at the foot

Worthy of Opera 12?

There will NEVER be a browser worthy of Opera 12, unless Presto were open sourced.

Re:The gun is pointing at the foot

[KGIII]

Ah, okay. Yeah - uMatrix does that. It's quite refined in the results and a pure whitelist approach. I don't see/get any of those things unless I explicitly allow them. Then I save them, if I want, and don't need to configure it again for the next session. Somewhere in this thread, I linked to the Firefox version and the Chrome version as well as gave some more information.

If that's what's holding you back from switching then it's possibly something you want to look into. You might find that it suits your purposes and even meets your expectations. I prefer to liken it to an old-school Windows software firewall but explicitly for your browser.

Re:The gun is pointing at the foot

Cum hoc, ergo propter hoc. FF may be losing market share, but that doesn't prove it was due to Australis. (Nor that it wasn't.)

Re:The gun is pointing at the foot

[iampiti]

I'm sure it's the future but that doesn't mean that I have to like it.
I don't understand those people who blindly defend that newer implies better. It may or may not be.
You may like the new way better but it doesn't mean its objectively better (that might be impossible to measure on some cases) or that it's the best option for most people

Re: The gun is pointing at the foot

[dolmen.fr]

If you really want to do fine-grained cookie management, use a plugin. I use Cookie Monster.

Re:The gun is pointing at the foot

[dolmen.fr]

This feature is available through plugins.

If you really want to do fine-grained cookie management, use a plugin. I use Cookie Monster.

Re:The gun is pointing at the foot

[iampiti]

Yeah, also the reason why Pocket and Hello were introduced. I mean, I understand they have to survive but they must find a balance lest more and more people will go to Chrome

Re:The gun is pointing at the foot

[Blaskowicz]

I run Firefox "Developer" edition (formerly Aurora, i.e. alpha) with "Electrolysis", and it's satistfying. I feared it would be a RAM hogging and that my process list would be polluted by a ton of "firefox" processes but what actually happens is you have "Web Content", "firefox" and "plugin-container" (in descending order of RAM use).

Page rendering is not super fast but the old issues of everything slowing down even text input are gone. When I first started using it I even thought the RAM use was rather low (for a browser) and that it seems better at freeing memory.
So far so good, regarding the tech. UI-wise I at least still have the menu bar and the title bar. On Windows I don't know how you get the frigging title bar back! Should be in the basic options. So, don't use Windows. That said the way of acting like Gnome developers sucks. I should be able to e.g. disable pictures even if I don't use the setting and if it would "break" the web.

Re:The gun is pointing at the foot

[TangoMargarine]

You must've missed the part where the most popular extension in the entire Mozilla "store" was the one that undoes the Australis interface around when it came out.

So sure, "a tiny minority."

Re:The gun is pointing at the foot

[TangoMargarine]

Anyone who likes Australis may as well just switch to Chrome.

But Mozilla is planning to jettison their extension system--literally the last reason to keep using Firefox--so the whole thing is kind of moot.

Re:The gun is pointing at the foot

[toddestan]

You've got the functionality nailed down, but it'll still somehow manage to use a gig and half of ram to do it.

Re:The gun is pointing at the foot

[allo]

Nope, but here it's a proof of it.

Re:The gun is pointing at the foot

[rubycodez]

you anonymous twats are quite wrong, cookie list can be kept very small with appropriate plugin. Many of my friends and I do it

Sad to see Mozilla siding with those that bloat the internet with spyware, malware and other privacy invading tech. they are siding with douches like you

Re:The gun is pointing at the foot

[Blaskowicz]

What's the percentage in desktop users?
By very roughling adding up the mobile browsers figures (i.e. I didn't bother to sum up every 0.06% there) and removing them the 7% figure is turned to over 16%.
If say 1 billion desktops access the web that's not a small figure. Ok tone that down a bit, then Firefox perhaps has up to 100 million users.

Re:The gun is pointing at the foot

[x_t0ken_407]

Was going to mention uMatrix! Great minds think alike lol.

Re:The gun is pointing at the foot

[x_t0ken_407]

...but Vivaldi hates two out of three computers that I use it on and I have to start it from the command line as they've yet to give me an option to disable hardware acceleration via the GUI.

I'm sure you have, but think I'll ask anyways. Have you checked in vivaldi://flags?

Re:The gun is pointing at the foot

[x_t0ken_407]

What's in line for 48.0? The download is a static JPEG of the Welcome to Firefox website proclaiming how it's the fastest and smallest browser on the market?What's in line for 48.0? The download is a static JPEG of the Welcome to Firefox website proclaiming how it's the fastest and smallest browser on the market?

You've got the functionality nailed down, but it'll still somehow manage to use a gig and half of ram to do it.

Oh, so badly do I wish I had mod points, lol!!!

Re:The gun is pointing at the foot

[KGIII]

I have not - let me do so...

I did not think of that, thanks. However, I don't see anything that correlates to "vivaldi-snapshot --disable-gpu-compositing" in there for flags. I see some GPU stuff, I see some compositing stuff... Hmm... *keeps looking*

I've actually got no idea? There are a few hits with CTRL + F for compositing and GPU. None of them appear to be anything even remotely close.

On those two boxes, I can use Opera and Chrome (it appears to be a GPU issue, if you're curious) just fine because they have an option to "Disable Hardware Acceleration" and that works. Vivaldi has no such option but works just fine with the above switch. There are two hits for acceleration on the flags page but one is for frames per second and the other is for overriding the block list - which is not something I want to do. If I could manually add something to the block list (it seems like it should be blocked) that might do it. So, for now, I've just used the switch when I want to use Vivaldi.

Much thanks! I'll keep poking. Eventually I'll find it. It's annoying but that's the way it goes. I like trying varied browsers out and seeing if there's anything exciting happening. Lately? Not really. I do like the idea of Vivaldi but they don't seem like they're going to have very good results.

Re:The gun is pointing at the foot

[KGIII]

Yup. It's excellent. I've been using it for ages - since the early days. It's got some quirks and it's not the easiest to figure out without reading the manual but I got it. I've got it fairly automated so that I share the settings between computers and updates get pushed to a central repository when I remember to save them. It took some human training but I've got that fairly well down now. If I've made any changes, I save it to the repository. I then just grab it when I'm using a session on a different box or different browser/user. It's not absolutely ideal but it works.

I did some reading, because of this same thread, and it looks like it also does what RequestPolicy does. So, they'd be able to dump two extensions in favor of one. I'm not a huge fan of the whitelist approach but it seems to work well in this case. I've acclimated and found it valuable. I'd like something with heuristics but the complexity and size would be absurd. So, I guess whitelist is appropriate as I'd be too lazy to blacklist everything.

I've actually tried to send the author money and he declined. It wasn't a lot but it was probably a bit more than most might send. I understand his reasoning though I do like supporting various projects. Hell, I think I mentioned it in this thread? I used to donate to Firefox and I don't even use it normally. Competition means my browser makers have to stay on their toes. I also gotta stop typing Chrome when I mean Chromium. Ah well...

Re:The gun is pointing at the foot

It's not the future because Firefox is on the way out. It gets a little worse with each release, and their share of the userbase just keeps shrinking. They have nobody but themselves to blame for being so arrogant and claiming to know what's best for their users when their users continually tell them otherwise.

Re:The gun is pointing at the foot

But Chrome is its own shit show. Chrome chokes on more than a half dozen tabs, and I've experienced this firsthand on a 5820k with 32GB RAM.

Also, Mozilla isn't doing anything with the "extension system." You're confused, son.

It's the NPAPI plugin architecture that's getting kicked to the curb like so much trash. Extensions/addons are entirely different things than plugins.

Re:The gun is pointing at the foot

[TangoMargarine]

https://blog.mozilla.org/addon...
http://www.thetimesgazette.com...

There's an add-on for that..

[kheldan]

I have an add-on that keeps only the cookies I explicitly select, the rest get deleted whenever I close Firefox, or when I manually delete cache and cookies with shift-control-delete. Just get that and have all the 'fine-grained' control you want.

Re:There's an add-on for that..

[mujadaddy]

Most of the cookie add-ons used FF's built-in functionality; they just made it easier to interact with...

I'm a little pissed off at this.

Re:There's an add-on for that..

Please identify WHICH add-on.

Re:There's an add-on for that..

[Barny]

Yeah, not sure what the fuss is. I have 'delete cookies when I close firefox' as default action, then I can allow sites to specifically keep their cookies.

This has been a standard feature of firefox for quite a while now and despite my other misgivings about their browser (the main of which being that all the features they have removed and said 'third party addons will replace this', have indeed been replaced and the browser runs like crap with the amount of them I now need to use) it still functions better (but not faster) than others.

Re:There's an add-on for that..

[vux984]

Yeah Mozilla probably is making the right decision here.

The feature *would* have been irritating as hell to use, and removing it to streamline the code and letting those users who wanted that sort of cookie control use an extension is the *right* move.

The 3rd party example you gave would actually be a functionally better solution for most people to use then what Mozilla had built-in. (What addon is it by the way that you use?)

The only real criticism i really have of Mozilla on this issue was the lack of clear communication to those users who were using the setting.

Re:There's an add-on for that..

[Apharmd]

Thanks for this. I used this functionality for a long time, so I need a replacement.

Re:There's an add-on for that..

[complete+loony]

Right, Firefox have been simplifying options that break web sites for years. If you want to mess with your browsing experience in a way that might break how websites work, install an addon.

There's no point having what amounts to a "Make all websites work" checkbox.

Re:There's an add-on for that..

[vanyel]

Close firefox? Only when the system crashes or I have to reboot for some reason. Too damn many windows I have to restore.

Re:There's an add-on for that..

[Ken+D]

it only breaks web sites that I want to break.

If a site only works if I drop my pants and bend over then I want to know that before my pants are around my ankles.

Re:There's an add-on for that..

[kheldan]

Please identify WHICH add-on.

'selectivecookiedelete' v4.1.1
Just checked it, it's still doing it's job, keeping the whitelisted cookies, deleting everything else.

Re:There's an add-on for that..

[complete+loony]

How many users will hit the "block all cookies from this domain" button, and then blame firefox for being broken? There are good reasons for reducing the number of ways users can screw up their configuration.

Re: There's an add-on for that..

[nighty5]

Care to share the name of such add-on? Many thanks.

Re:There's an add-on for that..

Yeah, not sure what the fuss is.

Try searching for "cookie restoration" and "cookie matching". Once you have logged onto one place on multiple sessions those sessions can be linked together by advertisers.

Re:There's an add-on for that..

[ShaunC]

I use Self-Destructing Cookies, which accepts cookies long enough to make a session work and then deletes them automatically when you close the related tab. There's a whitelist feature.

Of course as per usual with a Firefox update, I now have no clue whether or not that extension will continue working, or whether I need to tweak some arcane setting to keep it working, or whether said arcane setting has been removed from the browser entirely... So I'll just stick with my current version for awhile. Other people can be the guinea pigs and I'll look for their reports. The trouble with that approach is that with each release, there are fewer other users out there. Mozilla seems determined to run Firefox into the ground and it's just a sad thing to watch.

Re:There's an add-on for that..

which accepts cookies long enough to make a session work

If that's how it must work, then it's a non-starter. At least 98% of cookies I don't want to exist at all, even momentarily, while still allowing the other 1 or 2%.

Allowing all cookies, even for a short window of time, is unacceptable.

Re:There's an add-on for that..

[Barny]

There is an option to "reopen last session" on start. You get all your tabs back :)

Re:There's an add-on for that..

[Barny]

Good luck with that, ABP and noscript have my back for those kinds of shenanigans.

Re:There's an add-on for that..

Check “Accept cookies from sites”, select “Keep until I close FF”,
define exceptions for sites where you want to stay logged in (those
cookies will not be deleted when you quit FF).

Re: There's an add-on for that..

How about they just remove the options / preferences menu and all of the about: pages then? That would definitely make all sites work, as there would not be any option to mess up then.

Just because you don't use a feature, does not mean it isn't used at all. In the case of privacy features, especially on the web, those who do tend to have their reasons for doing so, and yes they will be upset if those features are teken from them.

Also, so what if a user fucks something up on their browser? It's their settings. If they can't be bothered to remember what they changed, then they can use the default option button or delete their profile and start over if it bothers them that much. It shouldn't be everyone else's job to handhold them through using a web browser. Especially if that handholding means denying others their own choices. You want a playskool browser? Go find one then. Don't demand that others should be required to do the same just because you are incompetent.

Re:There's an add-on for that..

I don't want to have to regularly cull my cookies, I dutifully answered the pop-up and had most sites set to allow cookies for the length of the session and a very carefully chosen set were allowed to be permanantly stored. I had no idea this had happened and worse yet the cookies offerred since I updated were marked as retain until they expire. I don't want cookies on my system unless I explicitly allow them. This sort of behavior is unacceptable. I'll be downloading a plug-in to regain control.

Re:There's an add-on for that..

At this point they should streamline the code by deleting it all. Seems to be the direction they are heading. It will be so fast and safe then. Just make the whole browser a JPEG.

Re:There's an add-on for that..

[vanyel]

Yes, and that's a lifesaver, but many of them need to be logged into again, and then it flashes up bazillions of windows for a while while recreating them and it's generally a nuisance.

Re:There's an add-on for that..

How many users will hit the "block all detected malware from being installed" button, and then blame kaspersky for being broken? There are good reasons for reducing the number of ways users can screw up their anti-virus software.

Re:There's an add-on for that..

[complete+loony]

There's a bunch of things firefox has included in the core browser that probably should be replaced with an addon. There have been many examples of this already. What they are missing here is a prompt on upgrade if their change in behaviour applies to you so you aren't surprised by it.

Most users don't read the release notes, or follow some obscure blog where this change may have been discussed.

Re:There's an add-on for that..

>but many of them need to be logged into again,

'Cause you deleted all your cookies, genius.

Re:There's an add-on for that..

Seconded - Self-Destructing Cookies is awesome.

Re:There's an add-on for that..

Yes, but at what point do you say "So many of you are idiots, but we can't idiot-proof our product any more without making it unusable"?

Re:There's an add-on for that..

[xorbe]

And the name of this fine add-on is ...

Re:There's an add-on for that..

[Barny]

Indeed, whitelist to allow persistant cookies for the sites you need to or use something like KeePass to auto log them back in.

Re:There's an add-on for that..

[tgv]

I use that one too. Works well, and still seems to work. Before that, I used FF's built in mechanism, and I think it's an utter disgrace that they removed it without offering an alternative. I still trust Mozilla a bit better than Google, but at this rate, FF runs the risk of being abandoned by its last users.

Perhaps that's what they want anyway.

Re: There's an add-on for that..

[KGIII]

I hear that sort of sentiment frequently - but I hear it at completely and totally opposite ends.

"Software should be easy to use."
"I shouldn't have to hunt for some arcane setting."
"It should just work."
"There's no reason for the complexity."
"There's no reason for it to be this hard."

Then, your post.

"It shouldn't be everyone else's job to handhold them through using a web browser."

I'm inclined to agree with you. Of course, there's a reasonable limit and that's the problem. What's the reasonable limit? Me? I was happier when computers were more complex. No, not because it gave me a modicum of power but because that complexity actually meant that I had *more* options. Yes, yes... There are far more options today than there were yesterday, overall. However, look at some of the options menus for some of those applications that have spanned the ages.

I liked the complexity, it gave me more customizations and more interaction with the software - it enabled me to find my own path. VLC? Now there's a damned fine options menu - complete with nonsense and a horrid usability standpoint by most anyone's metrics, except mine. Crank on those advanced options and let me wreck shit. I love breaking stuff - fixing it is how I learn and I'm a bit fond of learning new things.

Somewhere, and I think the UX folks would do well to find it, there's a point where options become too many and of no value to even a tiny percentage of users. Somewhere, and I don't know where, they should consider not just ridding the options but stuffing them behind an "Advanced Options" menu - perhaps with a warning like you get if you adjust the about:config page on Firefox. Hell, document and let users daisy chain switches and start stuff from the terminal, cmd prompt, or adjust their shortcuts? I don't know but trend of removing options is starting to worry me - I've been watching it happen for years.

It's mine. It's my software. You gave it to me. No, you don't have to do what I want but you should (I think) give me all the options you can reasonably include. It's okay, by my, to stuff 'em into the advanced settings. I'm okay with that. You can hide 'em a bit, that's fine - just make sure that we know where to find them.

You'll note that I said that I didn't know where that line should be drawn? Yeah... So, umm... I've done *some* design and even have done some web design, technically. Err... Yeah... I probably should NOT be the one to help make that choice. However, just because I don't have the solution doesn't mean I can't see the problem. I am not a doctor but I can tell you that my wrist is well and truly fucked.

So, all you smart people... All you designers, usability experts, and such? Yeah... Figure out how I can still have all the options (within reason) and how you can stop Joe Average from screwing up his "internet." Yes, some will bitch about bloat. That's fine. Make the bloat valuable to those of us who use the options and we'll kill them in their sleep for you. Yes, a little bloat is fine. Sometimes we need to do more than one thing and do it well - when you've got a whole bunch of people using a product to do a whole bunch of things in a whole bunch of different ways. You can't, well you can but I wouldn't, do one thing and do it well because there's more to browsing than one thing - like extensions, bookmarks, downloading, etc...

But, you can probably pick a smaller subset and do it really damned good - if not "well." I don't use Firefox and I don't use fine grained cookie controls but I can see why others would and I respect that. They'll strip that out and add Pocket. (I think that's the name.) No... Do your subset of things and do it well. In this case, that subset includes enabling third parties to extend it. Keep core functionality and give the users options - by default. Of course, there's a reasonable point where too much is too much and too little is not enough. That's not my place to tell you where that is and I'd not listen to me if I did tell. However, removing this? Really?

Re:There's an add-on for that..

[greenfruitsalad]

is there a reliable alternative for Chrome? on my chromebook, i use "tab cookies" https://chrome.google.com/webs... but i often find google's cookies lying around even after closing all tabs related to google. Self-destructing cookies is always 100% reliable.

Re:There's an add-on for that..

[Pembers]

I'm not sure if this would help when you delete most or all of your cookies, but there is an option "Don't load tabs until selected". When combined with "restore previous session", that remembers all your open windows and tabs, and the URL that each of them was looking at, but doesn't load any of the URLs until it needs to display them. So if you're using a lot of sites where you have to log in every time you restart the browser, now you won't be prompted to log in to a site until you decide you need to use it and switch to its tab.

Re:There's an add-on for that..

I think that was verserion 3.17.

Re:There's an add-on for that..

[gstoddart]

Yeah, not sure what the fuss is. I have 'delete cookies when I close firefox' as default action, then I can allow sites to specifically keep their cookies.

I keep Firefox open for weeks ... I also keep Chrome and Opera open for weeks. I use them for different things,

The problem is the internet has become a cesspool of marketing, analytics, and other tracking bullshit.

If I log into my gmail, I need to set a cookie. If I visit some random website in Firefox, my NoScript and ask to set cookies means it set can't set cookies or run scripts ... because I don't choose to let some random website set cookies/run scripts so some asshole can track where I go on the internet.

I don't want to accept those cookies, I want to say "this site can set cookies, this site can fuck off" ... that has been a standard feature of Firefox for at least a decade.

Changing that feature to "sure, go ahead, set cookies because we've sold out to the advertising industry" says that Mozilla has jumped the shark and lost track of why people started using it in the first place.

But for the last few years they've focused on removing the features we want, and adding features we need to figure out how the hell to disable.

Firefox has been in decline as they focus on garbage and take out the good. It's quite disappointing.

Re:There's an add-on for that..

[dolmen.fr]

If you really want to do fine-grained cookie management, use a plugin. I use Cookie Monster.

Re: There's an add-on for that..

[dolmen.fr]

I use Cookie Monster.

Re:There's an add-on for that..

[mujadaddy]

uMatrix?

I haven't updated to 44 yet, but 43, uMatrix ("nothing 3rd party"), NoScript ("nothing, at all") is as fine-grained as you can ask for. Oh, I suppose I also have hosts & fw blacklists, too. The only way they keep track of me is browser-uniqueness, and I'm fine with that, under the way the current Infotainment Industrial Complex functions.

Re:There's an add-on for that..

[TangoMargarine]

I thought that only worked with a single window, though? Or do you have to leave all your windows open and just shutdown so it gets TERMed or something?

Re:There's an add-on for that..

[hawk]

>I don't want to accept those cookies, I want to say
>"this site can set cookies, this site can fuck off" ... that
>has been a standard feature of Firefox for at least a
>decade.

It's not that new . . . it long predates the firefox name and mozilla foundation.

I think it was in Netscape 3 . . . I don't remember if it's older than that.

hawk

Re:There's an add-on for that..

How many users will hit the "block all cookies from this domain" button, and then blame firefox for being broken? There are good reasons for reducing the number of ways users can screw up their configuration.

This is a ridiculous attitude. It's like saying: "Why allow users to delete files from their drives? Someone will delete something by accident and then blame the operating system." Control over cookies should be a basic function of browsers. Options are being continually stripped away from our software, seemingly to dumb it down for the mobile masses. It used to be that users had to take some god damn responsibility for their actions, and at least make a small attempt to learn about the devices they are using. I'm fine with hiding some of the more advanced options in an "advanced configuration" or whatever, so if the typical clueless user doesn't care about cookies they won't ever see any options or warnings about them. But removing these options entirely to cater to the lowest common denominator of users is trivializing our software and devices.

Re:There's an add-on for that..

gstoddart, we're sick of your mongoloid gibberish. Can you please just stfu, please? Everytime you attempt to use the human language all I can hear are grunts and squeaks!

Re:There's an add-on for that..

I find that I have to restart it about once a day, or it starts to pin 1-2 cores/threads at 100% and slowly consume more and more RAM, and tends to straight up crash before it hits 3GB. It's a little better when open tabs are under 200, but not much. The session manager addon makes my life a lot easier and safer (~200 tabs, 13 windows spread over 4 desktops, all just handled and backed up) and the self destructing cookies addon deals with all of the bullshit cookies.

Interestingly enough, FF is a TON more stable when Flash doesn't enter the equation. It's a real shame that the YouTube HTML5 player is still a steaming pile of runny dog shit in 2016, or I wouldn't need Flash at all.

I gave Chrome a shot (more than once) but since it can't even cope with six open tabs, it just isn't an option.

I've also started to compartmentalize things a lot more. I've been firing up a VM whenever I do anything banking related. It's probably paranoid and isn't actually keeping me any "safer" but I do feel better.

Does anyone even still use FF?

They should just rename it Netscape Communicator be done with it. And from the ashes a Phoenix will rise. Again.

Re:Does anyone even still use FF?

[NotInHere]

Perhaps by the time their servo rewrite is finished, the firefox name will be so unpopular that their best choice would be to release it under a different name.

Re:Does anyone even still use FF?

[Frosty+Piss]

Perhaps by the time their servo rewrite is finished, the firefox name will be so unpopular that their best choice would be to release it under a different name.

I'm thinking something like "Chrome"?

Re:Does anyone even still use FF?

[Ken+D]

How about "Silver Plastic" ?

Re:Does anyone even still use FF?

[ChunderDownunder]

It worked well with MS and Edge.
How about Mozilla Bono?

Re:Does anyone even still use FF?

[Opyros]

Better yet, they could constantly change the name the way they did in the early days of Phoenix/Firebird/Firefox.

Re:Does anyone even still use FF?

[KGIII]

Damn it... *sighs* So, the missus is grumpy. My typing is pretty quiet but that made me laugh loud enough to wake up and give me the hairy eyeball. Usually, I am elsewhere at this time of night - if I'm online. Tonight, she fall asleep on the couch beside me.

Either way, I'm still blaming you. How long have you been waiting to say that?

Re:Does anyone even still use FF?

[ChunderDownunder]

Sorry to Mrs KGill, it won't happen again!

Proud to have self-destructing cookies installed

I leave a site, its cookies explode.

Yahoo?

[whoever57]

Was Yahoo p***d off about people who don't allow some cookies to be set?

Re:Yahoo?

What the fuck is p***d? Slashdot tries to be a site for adults. You're allowed to spell out your words.

Did you mean pissed? Pissed isn't even a curse word...

Re:Yahoo?

[Frosty+Piss]

"p***d? Pissed? If you're thinking it you might as well say it.

Re:Yahoo?

[PRMan]

You'd be surprised. I used it at work QUOTING a customer and got written up for it.

Re:Yahoo?

What a bunch of cunts.

Re:Yahoo?

You work for infantile idiots.

Re:Yahoo?

[KGIII]

If you're thinking it you might as well say it.

I'd like to point out that this is probably not only not always appropriate, there's also the law of diminishing returns. There is some point, almost invariably, where it's time to stop saying what you're thinking - no matter how much fun it might seem like at the time. It's not really appropriate to tell Aunt Mary that she's a fat pig who eats like a slob during Christmas dinner when the family is talking about the weather - even if you're thinking it and even if it seems like a good idea at the time.

It's probably okay if you have Tourette's. Maybe not...

In this particular case, I'm inclined to agree with our beloved Mr. Piss but I'd like to stress the importance of examining the source when considering taking etiquette lessons. Rather than have you return a week hence, and without a job, spouse, or home, it's probably best to ensure you know that while such advice is certainly true in this case - it's not exactly true in all cases.

***

This has been a PSA from the Protecting People From "Frosty's Etiquette Advice©" since 2005 Organization. Click here to download your free copy of Explaining Mr. Piss' Behavior to Children Under the Age of Ten.

***

Muahhauhah

Eat. Shit. Then. Die. We. Are. Bought. And. Paid. For. By. Those. That. Track. YOU! And. We. Like. It. Like. It. Yes. We. DO!

Re: Muahhauhah

Do. We. Question. Mark.

not nice to use, eh?

[plaut]

Funny, I can now think of something else that's "not really nice to use on today's Web."

Add-ons?

[Zontar+The+Mindless]

...users wishing fine-grained cookie control should be using a third-party add-on instead...

That's a laugh. What third-party add-ons are going to remain after another year or so of breaking them with nearly every damned release?

Mozilla seem absolutely determined to jump the shark.

Re:Add-ons?

[narcc]

after another year or so of breaking them with nearly every damned release?

You guys just can't be satisfied. "This or that feature should be a plugin!" Mozilla removes features and suggests they are better handled by plugins "No! Not that feature!"

Their plugins sometimes break between releases because of the way plugins are structured, so they announce that they're replacing their plugin architecture with something guaranteed to have a more stable API. "No! You're destroying everything! NoScript will never work again!" "We're working with NoScript to ensure it continues to function in the manner users expect." "Liar! I hate you!"

Mozilla's users, at least on Slashdot, seem absolutely determined to jump the shark...

Re:Add-ons?

You are mostly right. Although it is unclear how many other extensions won't be adaptable to the new model. They are working with NoScript because NoScript is the 3rd most popular add-on for firefox. But what about those odd-ball add-ons that only have a couple of hundred users?

Meanwhile one thing that is legitimately and inarguably stupid is this add-on signing requirement they keep pushing back every couple of releases. They want to force you to submit your add-on source code to them for signing. At first they were doing automated code inspection and rejected add-ons that didn't pass, even for stylistic reasons. It took a couple of months of bitching before they finally backed off that level of scrutiny, doh!

But it is still a problem for people who have internally developed extensions - forcing them to choose between running an unsupported version of firefox or exposing their source code to mozilla who can not guarantee that it won't be pilfered away via corporate espionage.

All they need to do to fix it is make mozilla check for a list of exceptions to the signature requirements in an admin-only writable location (like /usr/lib/mozilla/ on linux or an admin-only part of the registry on windows). The code to do that is already 99% written because they already pull config data out of those locations, just need to verify it is admin-only writable.

But they keep resisting the obvious, instead insisting that anyone who wants to run an unsigned add-on must run a completely separate installation of firefox and thus forgo all the security benefits of getting auto-updates straight from them. The end result is much reduced security for those people - no crypto signatures for any add-ons and they must do manual compiles each time there is a new firefox release - and really, only the most hard-core of users is ever going to do that in a timely fashion. Just because you have an odd-ball add-on doesn't mean you are that hard-core.

I'm not that hard-core, but I still run the defunct "redirect cleaner" because none of the replacement add-ons quite match the original's functionality in corner cases. If I had enough time to compile every new release of firefox, I would have enough time to fix one of the replacement redirect-cleaner extensions to handle the corner-cases too.

Re:Add-ons?

[vux984]

But it is still a problem for people who have internally developed extensions

They have release channels that don't require the signed code.

In my opinion, their default model is correct for the general masses.

They DO HAVE a release channel suitable for advanced users who require internally developed unsigned stuff. One is not forced to stay on an old version.

But letting you simply turn off the signing as an option in the main release channel would be pointless, because then any malware would simply *do that* as its first action.

Having the version that doesn't require signed extensions as something you actually have to opt into and proactively download separately ... is the right decision.

Re:Add-ons?

[sumdumass]

Sure we can be satisfied. All they have to do is give control to the user instead of making inane changes because they know better for us.

If no one was maintaining this feature, the proper thing to do would be disable on new installs, check settings on upgrades, and put a job posting out for someone to volunteer to maintain it. While they are at it, notify the users of the problem and stop pretending their shit don't stink.

In fewer words, show the users some respect.

Re:Add-ons?

But letting you simply turn off the signing as an option in the main release channel would be pointless, because then any malware would simply *do that* as its first action.

AAAAGH!

Why do the mozilla apologists ALWAYS say that? It shows you do not comprehend the issue. If the place where the signing is turned off is in an admin-only writable location then malware can not "simply do that." And if malware has access to admin-only locations then your system is literally rooted and extension signing is the least of your problems.

They have release channels that don't require the signed code.

Those are not auto-updates, at least not for linux. Nor are they fine-grained, they are still all or nothing for crypto-signatures.

Re:Add-ons?

[MacTO]

It is hard to believe a company when they have worked hard to destroy their credibility with their own user base. For example: claiming to support privacy, while removing features that can improve privacy.

Also, Slashdot users are not a singular entity. Different people have different opinions. It is quite probable that those opinions will contradict each other.

Re:Add-ons?

firefox is no longer FOR the users. it's now FOR the advertisers.

Re:Add-ons?

[Kjella]

You guys just can't be satisfied. "This or that feature should be a plugin!" Mozilla removes features and suggests they are better handled by plugins "No! Not that feature!"

There's a huge gap between "You can have the car painted any color you want as long as it's black" and "We've stripped it down to the chassis, pick the parts that are right for you". I always thought extensions were going to cover niche functionality and act as a test bed so you could slowly pull in core shortcomings into the main browser at a leisurely and well structured pace because there's an overhead to extensions when you have many installed and your browser runs like shit because of some bad plug-ins and bad interactions. Depending on what glasses you look at it seems that Mozilla first pushes you to extensions, then blames the extensions, then breaks the extension. The user don't care why it's broken or whose fault it is, they just want it to work. And if you have to turn Firefox into Chrome to do that, well we already have Chrome. And it's a lot better at it...

Re:Add-ons?

So all they have to do is maintain every feature in perpetuity, never removing any? Sounds legit. But then why even have an extension system in the first place, if everything should be baked into Firefox forever, including the finest-grained possible settings?

What it comes down to is that when a person loses a feature they like, they will not care what the reasons for the loss were. They will not want to find an addon, because addons are only useful to have as a theoretical thing, and once you've got to use one, it's the end of the world. It doesn't matter if they've been asking Mozilla to "fix their shit" for years and they can never move fast enough because they have too many things to maintain.

No, Mozilla should clearly just magically hire people to maintain every feature instead, no matter how few people give a shit about them, or how many addons already exist that do the job better than the buggy baked-in versions did.

Re:Add-ons?

I was concerned about only Mozilla-signed add-ons being allowed so I looked into it.

Apparently Mozilla have streamlined and automated their signing process (previously it could take a while for new versions of your add-on to be approved). So it's very fast now. Also, you can submit closed-source add-ons for signing, and you can choose whether your add-on is shown in their marketplace or not. This means that private add-ons that workplaces use can still be trivially signed and used in normal (non-developer/non-ESR) Firefox browsers.

As long as their signing process works, I don't really see any major problems with the new requirement. You can still use closed-source, private add-ons. The author just needs to submit it (it can be submitted without giving Mozilla the source), it will be automatically signed, then the author distributes the signed add-on whatever way his company has been distributing it.

Yeah, I don't really get why they couldn't leave a toggleable option somewhere like you suggest. A direct corollary is Android's "Allow Unknown Sources" option. But there shouldn't really be a need for that option as long as their signing process works fluidly, so hopefully it does.

As usual, when I look into whatever the current drama is with Firefox I eventually find some kind of rationale that makes sense for the changes. Where Mozilla fails again and again is how poorly they communicate. Hopefully they can improve that.

Re:Add-ons?

[Ash-Fox]

That's a laugh. What third-party add-ons are going to remain after another year or so of breaking them with nearly every damned release?

As a Firefox user, I use many addons and I can't recall the last time this happened?

Re:Add-ons?

You can still use closed-source, private add-ons. The author just needs to submit it (it can be submitted without giving Mozilla the source)

As far as I can tell, that is misleading. You can submit binary add-ons, but if it is a pure javascript then you have to give them the javascript so they have a copy of the source.

Re:Add-ons?

[Dagger2]

Argh. Yes. I've even outright said "it should be possible to disable by putting a file into the Firefox program folder, since the only people with access to that also have access to replace the Firefox binary" and yet still got "but we can't add a pref because malware can write to your profile folder" in response. Sometimes by the very same people that also tell me that they aren't trying to do anything against malware with admin rights.

Re:Add-ons?

I didn't mean to be misleading. I assumed closed-source add-ons would be compiled, so at least the sensitive parts would be binary. You are right that submitting a pure JavaScript add-on would give Mozilla access to the source, as well as others when Mozilla is hacked or an employee steals your code.

However, I was wrong about the binary bit. Mozilla requires access to the source code even for binary add-ons. It looks like they will automatically sign the add-on, but reviewers will need to manually check the code at some point. They say to contact them if you can't provide the source code, so hopefully they are accommodating for businesses that want to keep their add-ons private.

Source Code Submission

Add-ons may contain binary, obfuscated and minified source code, but Mozilla must be allowed to review a copy of the human-readable source code of each version of an add-on submitted for review. In such cases, the author will receive a message when the add-on is reviewed indicating whom to contact at Mozilla to coordinate review of the source code. This code will be reviewed by an administrator and will not be shared or redistributed in any way. The code will only be used for the purpose of reviewing the add-on.

If your add-on contains code that you don't own or can't get the source code for, you may contact us for information on how to proceed.

I thought you could submit binary add-ons (e.g. using js-ctypes) to get around sharing source code for unlisted add-ons. I was mistaken, sorry about that. The only other suggestion I have is if your add-on's functionality can be duplicated in GreaseMonkey, you can go that route and can avoid releasing your code to Mozilla. Good luck...

Re: Add-ons?

FF should be complete without plugins being necessary.

Dont remove multi profile suppprt.

Cookies are pretty nasty and sites should only be able to set a single sessonid type cookie per window. Windows should only be share downwords.

Re:Add-ons?

[vux984]

You are technically right.

But its like arguing that there's no reason not lock the front door when you go out if there's a window that doesn't lock properly and that people could climb through.

Re:Add-ons?

[Dagger2]

I see it as a bit closer to mandating you brick up your windows, use remote-controlled electronic locks on the doors and then need to phone up a company to get in to your house -- it'd certainly improve security, but you should have the option to install your own lock.

Re:Add-ons?

[vux984]

But this goes in circles...

They make the version with the bricked up windows and remote locks. They make a version without. You can use either version.

But that doesn't satisfy; you want to use the version with the bricked up windows and remote locks, but now you demand to have them build a back door for you to use.

And then they say... that back door reduces the security for anyone who uses the product. It increases the attack surface of the product.

And then you say, but any one who opens the backdoor needs a level of access that would also allow them to drive a bulldozer through the brick windows. So give me a back door.

And then they say... sure, your right, if they have that much access they can drive a bulldozer through the windows... but that still doesn't mean it makes sense to increase the attack surface.

Re:Add-ons?

[Myen]

They have release channels that don't require the signed code.

That's the alpha version ("aurora"); the release version (and the beta) enforces signing, last I heard. They said something about having an unbranded version that doesn't require signing, but as far as I can tell from browsing around ftp.mozilla.org it doesn't actually exist.

They don't have anything that is actually expected to work for everyday browsing that doesn't enforce signing.

Re:Add-ons?

> but that still doesn't mean it makes sense to increase the attack surface.

That's just begging the question. If not "increasing the attack surface" were the be all and end all justification the way you use it then we might as well not have any software at all.

This is about proportionality - something that MANY geeks have a poor grasp of. Making an admin-only config significantly improves functionality without only the most minor "increase in attack surface."

Furthermore you need to acknowledge you've changed your argument midstream. Your original post clearly and unequivocally mis-stated the situation going on about user-writeable configuration. Once that error was spelled out you came up with this "attack surface" sophistry. That's a sign you aren't looking for solutions to legitimate problems, rather you are simply trying to defend mozilla's actions with any rationalization that comes to mind. Don't do that. It is disingenuous "team firefox" fanboism and has no place in a technical discussion.

I'm confused

[LunaticTippy]

No browser works the way I want it to "as is." I have to install a handful of 3rd party addons or whatnot before a fresh install is not crazy-making. I'm not sure why this is a big deal. You can still manage cookies however you want with 3rd party extensions so who cares?

Re:I'm confused

Why would they go out of their way to remove features related to web browsing, like cookie management, and then actively add weird shit like "Hello," a chat client?

Re:I'm confused

[GrBear]

And this would be my perfect browser. Focus on one thing only.. properly and safely rendering a page.. that's it!

If you want cookie retention and management, use an add on..
If you want DRM video (looking at you Netflix), use an add on..
If you want bookmark management, use an add on..
If you want , use an add on..

Users will pick what features they want on the web, and what features they don't. Stop trying to shove shit like Pocket down our throats and removing features we use.

Re:I'm confused

[Gavagai80]

That's a great approach, in a perfect make-believe world where add-ons are all reliably maintained. In the real world, if you have 10 essential features split up as 10 different add-ons maintained by 10 different people/organizations, you have 10x the chance of one of them breaking in a future update. Being a feature of the core program entails more reliable maintenance. Of course even that can fail sometimes, as in the case of this article where they were unable to find anyone to maintain the feature... but it's still more reliable than add-ons.

Re:I'm confused

[complete+loony]

If you want bookmark management, use an add on..

Simple bookmark management should be built in. But perhaps even that should be an add on, just one that is installed & enabled by default.

Re:I'm confused

Exactly.

I have 19 addons installed currently. The vast majority of them exist to undo some of the more idiotic changes that been have made to FF over the years (from minor annoyances like making Escape not mean stop, to mid-level annoyances like putting the close-browser shortcut right next to the close-a-single-tab shortcut, to the world class clusterfucks like aurora) but I also have several that serve useful purposes like clobbering annoying ads, cleaning cookies, giving me the ability to turn off things like js/flash with a single click, batch download, and so on.

The functionality that matters to me but not other people doesn't need to be forced on all of us when only some of us need/want it. The addon architecture is a good answer to this, and it is just about the only thing that Firefox still has going for it.

Fuck you Mozilla.

Multiple crashes a day my ass. Choke on your fucking advertising money.

mozilla is dying like slashdot

from the inside out. new open source browsers need to take its place so mozilla can finish dying

"Maintained"

Does code have to be "maintained"? What if it's already bug-free (or doesn't have any bugs that anyone notices)?

Re:"Maintained"

Likely Mozilla's management or UX department could not figure out, how they could break the feature, so they just removed it. The UX department needs to justify their position by doing monthly random changes to UI so they can show up pictures of their heroic changes on company meetings.

Re:"Maintained"

[allo]

It has, when you want to do all the breaking changes in the rest of your code and then try to avoid fixing the crashes you introduced.

Because Reasons

[ewhac]

It occurred to me after submitting the article that the per-cookie approval feature has been part of Firefox since it was called Netscape, so it's been around for a very long time.

Moreover, the allegation that enabling the feature destabilized the browser is pharmaceutically pure bullshit. I've been using the feature since its inception, and have Firefox windows open and running for days at a time without ill effect.

Contrariwise, I just went to check my cookie store, and found a bunch of new, unapproved, unwelcome, provably unnecessary cookies have appeared in just the week since I moved from v43 to v44. Deleting them after the fact is not a solution. Once set, tracking can take place immediately. The damage has already been done.

The proffered reasons for the change are easily shown to be false, so I do not hold out any hope that Mozilla management will have a change of heart on this matter and reinstate the long-standing feature.

Would anyone care to recommend a cookie management add-on?

Re:Because Reasons

I use and recommend the "Self-Destructing Cookies" add on. By default it allows the cookies to persist for as long as you keep the site open, which is handy for a lot of authentication cookie driven sites, then the cookies vaporize a second or two after closing all tabs on the site. You can still configure specific sites with "Always deny" and "Always allow" options by way of the toolbar icon and it plays well with the "Always deny 3rd party cookies" option.

Re:Because Reasons

[kwalker]

Same here. I've been using this in Firefox FOREVER. Turning that feature on and installing AdBlock are the first two things I do on a new Firefox install. I have Firefox running for days or weeks without issue (Only issue is when having too many Javascript-heavy tabs open and the whole process bloats up to over 1GB then starts chugging).

Crashing multiple times per day my ass! The only crashes related to this is when some site I've never been to before bombards me with so many cookie requests that the popups window order gets confused and I can't click on the right one anymore. In that case, a restart of Firefox (Since I've already blocked at least a few of those cookies) keeps it from happening again on that site.

I'd be interested in any way to fix this bullshit as well.

Re:Because Reasons

> Would anyone care to recommend a cookie management add-on?

Self-Destructing Cookies

Cookies are automatically deleted when you navigate away from the web page that placed them. You can designate some to persist, although it isn't the most convenient UI.

Re:Because Reasons

> Would anyone care to recommend a cookie management add-on?

Self-destructing cookies:
https://addons.mozilla.org/en-...

You won't have to manually delete cookies or be harassed by those pesky "enable cookies to continue" sites. This addon accepts all cookies and then deletes them after a few seconds (plus other options). You can easily whiteliste those sites that REALLY need cookies to persist.

PS This addon has nice (frightening!) stats, too; mine are:

Removed 1626 cookies since 2/1/2016, 11:20:07 AM. Of these, at least 666 were probably attempts to track you across the web.

49 LocalStorage scopes were removed along with them. This includes 0 scopes that were created by possible trackers.

Currently monitoring 32 domains, 308 cookies and 10 LocalStorage scopes, 0 of which will expire soon.

Re:Because Reasons

[Jiro]

Does this extension work if you open in a new window, rather than in a new tab? It only claims to work with tabs.

Re:Because Reasons

[ewhac]

You're the third person in this sub-thread alone to recommend Self-Destructing Cookies.

While I like the idea of its behavioral detection of tracking cookies, and its stats panel is informative, my ultimate problem is that it allows the cookies to be set in the first place. 99.9% of the cookies shoved at my browser are entirely, provably unnecessary -- the page displays the same regardless. As such, my philosophy is that they should never be accepted in the first place, even temporarily.

The cookie request is also a waste of bandwidth. If you're going to display the same page either way, why clog the pipe with a cookie that you're manifestly not doing anything meaningful with?

Re:Because Reasons

Cookies are automatically deleted when you navigate away from the web page that placed them.

That's not at all the same thing though. There are cookies (most of them actually) that I don't want to accept, ever, even for a mere instant.

Re:Because Reasons

Sounds like you a religious person.

A cookie that is never transmitted to a website poses no risk to the user.

Re:Because Reasons

if i have to have cookies.
i want to respond to all non-whitelisted cookie requests with random data.

Re:Because Reasons

Obviously cookie authentication works really well for you - ASP.NET and a lot of dynamic web sites use a cookie to tie your requests to the server-side application's session, invalid/missing cookies redirecting you back to the login page.

Re:Because Reasons

When I used FF I used this: https://addons.mozilla.org/en-US/firefox/addon/cookie-whitelist-with-buttons/

Re:Because Reasons

I doubt that makes a difference. Windows are just groupings of tabs.

Re:Because Reasons

why clog the pipe with a cookie that you're manifestly not doing anything meaningful with?

This is like complaining about the weight of the dust in your car affecting your fuel economy.

Don't dilute your otherwise sound message with crazy.

Re:Because Reasons

[KGIII]

uMatrix has some neat features you may be interested in - including blocking cookies and a bunch of settings. I don't think you can make it block cookies, from the home domain, by default but it will block third party cookies, scripts, etc... It's a bit like NoScript except it's better.

Think an old-school Windows software-based firewall. Now imagine that for your browser - complete with the learning curve. I just recently shared my config file with someone to get them started, somebody from here. I'd suggest a more personalized settings but that's okay to start with someone else's.

It uses whitelisting. Yup. If it's not from the first-party, it's blocked by default and that includes scripts, frames, xss, cookies, etc... I believe, now that I look at it, you can probably set it to block all cookies (even from first-party) by default and then whitelist the site as you go.

The good news is that there's a version for it on Firefox now. I use Opera and I've had uMatrix for ages. It's made by the same guy who makes HTTP Switchboard (another nice app) and uBlock which is a bit like AdBlock Plus but much better and, again, much more refined. Though uBlock works out of the box, there's a lot more you can do with it. Combining uMatrix and uBlock gives you a whole lot of refinement options and really lets you customize your experience.

Alas, the author will not accept donations of any kind - and I've offered to send him some money, I'd even offered what some might call a good chunk of money for a regular donation. He declined and pointed me to his FAQ which, it turns out, says he does not accept donations. (I think I'd tried to send him $500, so not a whole lot.)

So, if you don't mind a small learning curve (it's not entirely intuitive but not difficult - I figured it out) and want to actually get it "right" then I recommend uMatrix. You can export your settings (your whitelist/saved sites) and use them on multiple computers which will save you some time if you're using more than one computer. It is, and I'll be upfront, a bit of work at first. However, once you get a few of your regular sites set up it's good to go. When you find something that doesn't work then you enable it. When you get it to work, you simply save it and add it to the list so that it's retained between sessions. If you're unlikely to visit the site again, don't save it. If you don't need the script(s) then don't enable them.

For each third-party, you can block or accept, set to always block, set to always allow, and whatnot. It's really very nice. I *highly* recommend spending a few hours with it enabled and seeing the difference that it makes. It does make many sites entirely unusable - but then you just enable what needs to be enabled and you're good to go. If you frequent the site then you save it. If you trust the site or just will be visiting once - don't save it but can even go so far as enabling all. It's really quite an impressive tool.

I'll go ahead and get you the link:
https://addons.mozilla.org/en-...

Opera:
https://addons.opera.com/en/ex...

Chrome:
https://chrome.google.com/webs...

If you want to get fancy and use HTTP Switchboard, or just read about it, then I'll grab that link for you too:
https://addons.opera.com/en/ex...

I'm sure you'll figure it out quickly. It's not as much work as I make it seem. I've been using it for a while and once you get it all set you're pretty much good to go with very little interruption. It's surprising how few sites that I actually care to allow to fun scripts from third parties. Sometimes, I even block them on the main sites - I don't always just set to allow.

I suppose, if you need a hand with it th

Re:Because Reasons

take a look at umatrix, in combination with "selfdestrucing cookies"

umatrix allows you to whitelist (or blacklist if you prefer) cookies depending on the site (and same for images, css, scripts, xhr, and plugins)
and selfdestructing cookies allows you to keep the cookies you do allow for the minimum amount of time necessary

Re:Because Reasons

[ewhac]

Indeed, I've been looking at uMatrix (in combination with NoScript), and there's a lot to recommend it. As far as cookie management goes, however, it's not as fine-grained as what Firefox had. You can only enable/disable a site's ability to set cookies. You can't inspect/approve every single cookie request itself. Sometimes you can get a site to work by accepting certain cookies and denying all others. FF's facility let you do that.

Re:Because Reasons

Would anyone care to recommend a cookie management add-on?

I don't have an add-on, but I find it enough to set my browser to accept cookies for a session's length only, here on SeaMonkey

Of course, I close my browser once a day, so it may not be private enough for you.

Re:Because Reasons

I use an add-on called Cookie Controller. It's pretty damn useful! ;)

Re:Because Reasons

If you want such fine grain, you could use uMatrix and block all cookies by default.

It's official

FF has now passed both New Coke and Microsoft Bob on the list of all-time worst acts of product assholery.

Re:It's official

When Clippy is less irritating and more useful, you know something is terribly sick.

Wow, recent news

The UI for this option was removed in 2012 and you're just noticing now. Well done!

Re:Wow, recent news

[ewhac]

Check the dates in the bug report. The UI and underlying code have been there since it was called Netscape. The "bug" mysteriously appeared over five years ago, but the work to remove the feature was done in late 2015, and was only rolled out in FF44.

By converting Firefox to Chrome ....

[Artem+S.+Tashkinov]

they lose their identity and userbase. It's strange how they fail to understand that.

The Australis UI was the first step. Now this. Soon, a looming XUL deprecation which is an even worse idea -- I wonder what's the point of using Firefox will be then.

In short we had a fantastic web browser, now we have a Chrome wanna-be. Soon, we'll have a Chrome copy with Gecko underneath, but who on earth cares what rendering engine they are running?

Re:By converting Firefox to Chrome ....

[zixxt]

The Australis UI was the first step. Now this. Soon, a looming XUL deprecation which is an even worse idea -- I wonder what's the point of using Firefox will be then.

XUL needs to die, XUL and XPCOM is why extensions break every time there is a update to the browser. Heck even the guys that invented XUL and XPCOM say that its outdated ad crappy.

That's what you get when you pick CEOs...

... according to their gay-friendliness, rather than their competence and loyalty to OSS values. Enjoy the new, bloatwared and advertising-friendly Firefox. Enjoy also a dildo in your ass.

apropos

[Rudisaurus]

Mozilla's apparent position is that users wishing fine-grained cookie control should be using a third-party add-on instead, and that an "Ask before accept" option was, "not really nice to use on today's Web."

The same could be said for Firefox 44, really.

Definetly add-on

I agree, that this should be an add-on. Not many people are using this and many of those who think cookies are evil just set Firefox to automatically delete those when Firefox closes. You can still can set cookies you want to persist in settings anyway. If there is no add-on yet then I think they should have inform about this earlier, so someone interested could have made add-on for those that use this feature.

I used this feature long time ago, but then I noticed that auto-clearing cookies on exit and manually set those few sites that I am actually interest of is actually better way to handle cookies.

Why the fuck isn't Mozilla panicking?!

When I eyeball the January 2016 browser market share stats, it looks like Firefox is now at or just under 7% of the browser market. That's across all versions on all platforms!

IE 11 alone has almost as many users as Firefox does in total. The same goes for iOS Safari 9.2. Hell, even Opera Mini almost has more users than Firefox does! Desktop Chrome 47 has over 3 times as many users as Firefox does in total. Chrome for Android 47 has 2.5 times as many users.

These numbers should be scaring the living shit out of Mozilla. They should be in a constant state of panic right now. Firefox is getting decimated.

Maybe Mozilla doesn't realize it, but Firefox is the only product they have left that has any sort of a user base. Seamonkey, Thunderbird and Persona have been left to flounder. Firefox OS was a massive disaster, maybe even worse than GNOME 3 was. Rust and Servo are dead end projects. Bugzilla is a relic.

Why the fuck will anyone, especially the big players in the game, give a damn about what Mozilla thinks or wants? Mozilla already has so little influence. Soon enough Firefox will have so few users that nobody will give a fuck about it or its users, which in turn means that Mozilla will lose whatever small amount of influence it does have left.

It's fucking insane how Mozilla isn't reacting to this. It's fucking insane! It's like they're nearing the edge of a cliff, but they're running faster and faster!

I don't want Mozilla as an organization to vanish. They play such an important role in keeping the web free and open. Yet they also seem to be so intent on destroying themselves! Please, Mozilla, wake up! Please, Mozilla! PLEASE! Stop ruining Firefox! Stop making yourself irrelevant! Please, Mozilla! Please stop it!

Re:Why the fuck isn't Mozilla panicking?!

[LinuxIsGarbage]

When I eyeball the January 2016 browser market share stats, it looks like Firefox is now at or just under 7% of the browser market. That's across all versions on all platforms!

IE 11 alone has almost as many users as Firefox does in total. The same goes for iOS Safari 9.2. Hell, even Opera Mini almost has more users than Firefox does! Desktop Chrome 47 has over 3 times as many users as Firefox does in total. Chrome for Android 47 has 2.5 times as many users.

These numbers should be scaring the living shit out of Mozilla. They should be in a constant state of panic right now. Firefox is getting decimated.

Maybe Mozilla doesn't realize it, but Firefox is the only product they have left that has any sort of a user base. Seamonkey, Thunderbird and Persona have been left to flounder. Firefox OS was a massive disaster, maybe even worse than GNOME 3 was. Rust and Servo are dead end projects. Bugzilla is a relic.

Why the fuck will anyone, especially the big players in the game, give a damn about what Mozilla thinks or wants? Mozilla already has so little influence. Soon enough Firefox will have so few users that nobody will give a fuck about it or its users, which in turn means that Mozilla will lose whatever small amount of influence it does have left.

It's fucking insane how Mozilla isn't reacting to this. It's fucking insane! It's like they're nearing the edge of a cliff, but they're running faster and faster!

I don't want Mozilla as an organization to vanish. They play such an important role in keeping the web free and open. Yet they also seem to be so intent on destroying themselves! Please, Mozilla, wake up! Please, Mozilla! PLEASE! Stop ruining Firefox! Stop making yourself irrelevant! Please, Mozilla! Please stop it!

I currently only use Firefox for a couple of specialty plugins, or extensions, and I use an outdated version at work as that's required by IT. Otherwise I use Chrome. That said I agree with you, I don't want them to die. I don't want a Webkit monoculture with a sprinkle of IE. It's bad enough that we already lost Opera. More players and more options is good for the user!

Re:Why the fuck isn't Mozilla panicking?!

[narcc]

hat's across all versions on all platforms!

Which is the only way to get the number that low. Mobile users tend not to change browsers. Most have few, if any, any options. Including mobile is deceptive.

Re:Why the fuck isn't Mozilla panicking?!

Most have few, if any, any options.

Nonsense. The stats prove you wrong yet again.

Let's look at Android, which is by far the most widely used mobile OS today.

Android users have at least these web browser choices (there are others beyond these, too) available to them:

1. Android Browser
2. Opera Mini
3. Opera Mobile
4. Chrome for Android
5. UC Browser for Android
6. Firefox for Android

As we can see, mobile users have lots of choice.

The one browser they aren't choosing is Firefox for Android!

Opera Mini has almost 5% of the market. UC Browser for Android has over 8%. Android browser has over 3%. Chrome for Android has over 18%.

Firefox for Android? Well, it has 0.04%! Yes, that's right, it has a small fraction of a fraction of just 1% of the browser market!

Including mobile is deceptive.

No, including mobile just reflects the reality of how people use the web today.

People today are using a wide variety of mobile browsers.

They just aren't using Firefox for Android because it's total shit!

Re:Why the fuck isn't Mozilla panicking?!

It's fucking insane how Mozilla isn't reacting to this.

They're reacting, with a stream of negative-expectation decisions ("let's do x which has a 1/3 chance of improving our marketshare, and 2/3 chance of hurting it").

Re: Why the fuck isn't Mozilla panicking?!

Yeah I did that
Then Palemoon got its ass in gear
Now I don't use FF at it. It bit the dust aged V42

Re:Why the fuck isn't Mozilla panicking?!

For the same reason Microsoft refuses to listen to users about their Win8 and Win10 path.

For the same reason Oracle f*cks up everything they buy/touch.

For the same reason SAP's ECC/APO/SCM products are bloated pieces of sh*t that takes an army of experts to coax into barely usable products.

By the time decision-makers have advanced to the top of these huge companies, their arrogance overpowers any common sense that they used to have.

Re: Why the fuck isn't Mozilla panicking?!

Been using FF on Android for years and love it. I like it better than Chrome personally.

Re:Why the fuck isn't Mozilla panicking?!

[Askmum]

Mozilla moved themselves into the same position as Netscape. The "obsolete" position. The "We think we are too big to fail so we think we can do with our product whatever we want, fuck users" position.
I just installed Pale Moon. Firefox is gone. Just like Netscape was dead after 4.x and Mozilla took over, Firefox was dead after Australis and Pale Moon took over.

Re:Why the fuck isn't Mozilla panicking?!

[KGIII]

It's not a bad thing losing to Opera. I mean, well... Alright... But still, Opera's a fine browser! I've been using it for ages. As in, years and years now, I have been using it. I used to actually *pay* to use it. (It wasn't free but you could get a version with ads in it that was free for a while and before that it was demo-ware.)

There was a rough patch where Opera really took a nose dive. They "jumped the shark" and decided to dump their code base and go for Chromium. It was a tumultuous time for a KGIII. I was lost and alone in this dark world you call home. I was using Chromium and sometimes Firefox. But, I stuck with Opera - even if it became my secondary browser.

I checked each new version, eagerly. I installed the stable, developer, and beta builds - hoping to find some sanity in the madness. Eventually, around version 23, it started to get viable again. The ecosystem was naught and one needed to download Chrome extensions, unpack them, and load them that way. But, things grew, the leaves sprouted, and the memory footprint returned to normal and the loathsome CPU spikes began to die out. The days were less bleak, the Sun a little brighter, and the birds sang a merrier tune.

And Opera, albeit a bit slowly and lurching, climbed out from the tomb and stomped into the light reborn! Right at about version 25 it became good again - not just viable. I found an extension that some hardworking soul had created - it enabled automatically using Chrome's extensions with just a click and, best of all, it didn't run resident and eat CPU cycles! Then, soon, I found that I didn't really need that extension any longer. The ecosystem had grown and the planted seeds had reached fruition!

And a happy KGIII sang and danced naked in the glade. He was a happy, happy man. I realized that I'd not given Opera any money in a long time. So, I scoured their site and found there's no way for me to give them money. Otherwise, I'd give them a shekel or two, I'd give them three if they played a merry tune while dancing a jig. They've not actually kicked me out of their forum yet but that day's surely coming.

Which is to say, it's okay to lose to Opera. Opera's a fine browser. It was an excellent browser. Then it was not a good browser at all - but that lasted but a short time. They're now an excellent browser again. I dare say, Opera's my favorite browser. Give it a week's worth of your use and you might agree. It kind of grows on you, a bit like a fungus but that's growth. Seriously, 'tis a fine browser.

Re:Why the fuck isn't Mozilla panicking?!

[Waccoon]

I lost faith in Opera when they decided to force updates, rather than ask first. They also use an updater that runs as a background process (at least on Windows), which is no better than the Mozilla Maintenance Service. At least Firefox lets you disable the background updater in the UI.

Re:Why the fuck isn't Mozilla panicking?!

Browser "market share" numbers ignore a critical fact: Many people use multiple browsers.

Personally, I use Pale Moon for regular browsing. It's loaded up with all my usual extensions to make things work "right". AdBlock Latitude, NoScript, Better Privacy, Ghostery, RequestPolicy, etc. These form my "fuck you" to advertisers and trackers. It also has some dev tools like HttpRequester that I use when I'm either A) debugging a web API that I wrote or B) tinkering with the back-end of someone else's site so I can write a non-shitty front-end for it to make it usable (or to bypass other bullshit on their site).

When I need to access an SSRS web interface, I use IE11, since only IE will render SSRS web interface pages correctly, and only in compatibility mode. (Firefox did until about version 15 or so. No webkit-based browser ever has.) That's because SSRS (at least v.10 that was packaged with SS2k8r2) was written for the dark ages of IE6/IE7. IE11 kicks "compatibility mode" on automatically.

Edge is my "current unsafe browser" of choice, pretty much by laziness. It's there by default, but it's not safe (not like a proper FF-based browser with tons of privacy extensions, anyway), so if there's something I trust that refuses to work no matter how many scripts I allow in NoScript/RequestPolicy, I fire up Edge and give it a shot. And then I shut it down afterward, and it gets precious little chance to gather any browsing statistics on me.

So market share stats are an over-hyped "crisis". Sometimes you just have to view these things as tools, not as lifestyle choices.

Re:Why the fuck isn't Mozilla panicking?!

[Blaskowicz]

How many people choose using these browsers instead of just using them because they're the default?
e.g. Opera Mini will be found on phones with limited CPU/memory and bandwith, perhaps some embedded devices. Includes so-called "feature phones".
UC browser might be the default on a lot of phones in China etc. for all we know.

The one that is unequivocally not a default browser is Opera Mobile : it comes in at 0.02% only!

Add to that that many people don't install any applications at all, or a handful ones. Some use an Android phone without using a Google account. (e.g. one of my friend, on whose phone I will install Firefox browser when we get to it)

Re:Why the fuck isn't Mozilla panicking?!

[tepples]

IE 11 alone has almost as many users as Firefox does in total. The same goes for iOS Safari 9.2.

That's because the App Store Review Guidelines forbid you from running any browser other than Safari on an iPod touch, iPhone, or iPad without discarding your iPod touch, iPhone, or iPad. Chrome for iOS wraps Safari, as do all the other browsers on this list that aren't Opera Mini. Opera Mini doesn't run on the iPod touch, iPhone, or iPad either; it's essentially Remote Desktop to a proxy that can log your keys.

Re:Why the fuck isn't Mozilla panicking?!

[KGIII]

I've no idea how it currently works in Windows. But, last I knew, it was not impossible, just hidden from normal users as power users will use Google to find it. I'm going to speculate that people who can't Google should probably be automatically updating to get their security updates.

That said, and it has been a while, edit shortcut to append this switch: --disable-update (note, that works for Chrome, Chromium, et al as far as I know - but it has been a while)

If you want added protection (the above doesn't work unless you open Opera from that particular shortcut so opening a new browser session from an email link would mean you'd get updates, just rename "opera_autoupdate.exe" to "opera_autoupdate.bak" and that should work and you should still be able to update by normal method.

The service can be stopped like any other service or startup application. Hmm... Run msconfig.exe from the run dialogue if you don't already have a handy app to do it for you like CCleaner.

But yes, pushing updates on users is a choice they made but I do believe it's fairly trivial to bypass. I'm not sure why you'd think that protecting the average user (while not actually disabling the possibility) is a reason to lose faith but to each their own? I grab every update offered and it's done by my package manager. I'd prefer to be using the version with the most recent security fixes but that is indeed a preference. If you absolutely want to disable updates, you can do that. It's probably not that complicated - the above is from memory so might not be right, use Google. I'm pretty sure you can still disable it, if you want. However, Firefox might be the browser you prefer.

Re:Why the fuck isn't Mozilla panicking?!

[Waccoon]

I did look into this, and Opera has changed the name of the command-line switch to disable updates (at least once). Sometimes it works, sometimes it doesn't. That's the problem with products that are in a state of constant development -- you can't just use a Google search to get tips, because the information you find may be out of date.

I use Autoruns to disable most startup processes on my machine. However, on top of a background process, Opera also uses the Task Scheduler to run the browser to check for updates, so you need to disable that as well. Most browsers use multiple update schemes at once, so if the browser doesn't allow you to disable updates from the UI, it's always a toss-up whether you can do anything about it. Bypassing this nonsense may have been simple 5 years ago, but these days it's not trivial by any means.

Re:Why the fuck isn't Mozilla panicking?!

[x_t0ken_407]

My story is very similar, having been a longtime Opera Presto user. Much weeping, and gnashing of teeth on my part. Just as you said, right around ver. 25, Opera became good again and I could do away with the constant jumping between Chromium and FF (and Opera) and use it as my main browser again. But then, I learned of Vivaldi, which is Opera Presto at heart! It's snapshots have finally reached a point for me that I can use it as my primary browser, and it's been working great. I definitely recommend it to ALL previous Opera Presto fans!

Re:Why the fuck isn't Mozilla panicking?!

[KGIII]

I really didn't care much about what was under the hood but what I saw as a user. Oh, I've got the snapshot installed and load it via the terminal but not often. I do a subset of things in there and toss it off onto a different "desktop" and then "work" (ha, right!) in that virtual desktop to keep things from being less confused. At any rate, Presto was nice and all but it isn't keeping me back from continuing to use Opera and I'm not one of those folks who decided to stick with the (now) very old version which is, I think, somewhere around 12 or maybe 15. Alas, I'm too lazy to switch. ;-)

I'd probably use it more if I didn't have to remember the switch in the terminal. I've only got it installed on three separate boxes but it's flaky on two of them. I do have it installed on a few others but they're not real - they're virtual machines. It works like a champ in virtual machines. In both failing cases, they're fairly modern nVidia GPUs but not lagging far behind and not bleeding edge. I'm not a gamer and don't even care about HD movies. However, they do HD just fine (I thnk?) and they're neither old nor exceptionally new.

I use a rather vanilla install of Lubuntu and use the open source drivers. I've tried with the proprietary drivers and the result is the same so I went back to the open source drivers. The one that is "good" is a laptop. The two that don't work are a desktop and a laptop. It works fine in every VM that I've tried.

I approached the company and mentioned the need for the switch. I've even found others who have expressed a need for this switch. I have had, shall we say, a less than stellar experience while interacting with them. They may not be "they" in this case, I'm not sure if it was/is a user or a company representative. If I've got an error log and can repeat it, well... That means it exists, at least on my system. If I've got a missing option (on all other Chromium based browsers) that mean they intentionally deleted that option. They can put it back. Hell, I could put it back and I program like garbage.

Given that I have the source, I may just do that. I should be able to do a dif and find it after using a file search to pull the text out for the name on the option itself. Then I can just slap it where I want and patch new versions. I'd upload it and share it with them but it's obvious that they don't want the option. :/

Fuck Mozilla

[sexconker]

I built a new Windows image for our workstation PXE deployments, this time without Firefox.
If you're going to be just another trash browser you're no longer getting installed on the systems I'm responsible for.

In true Mozilla fashion, the discussion on the bug tracker has been censored, so people can't even effectively complain about it.

Re:Fuck Mozilla

[sexconker]

And in true Mozilla fashion, my post to the mailing list, where Mozilla told people to discuss the issue, was rejected by the moderator:

To: firefox-dev@mozilla.org
Subject: Cookies in Firefox 44

The recent change to how cookies were handled in Firefox 44 should be reverted.
Stifling discussion on the bug tracker is also bad form.

Your request to the firefox-dev mailing list

Posting of your message titled "Cookies in Firefox 44"

has been rejected by the list moderator. The moderator gave the
following reason for rejecting your request:

"Bugzilla is for tracking technical work, it's not a debate forum.
Firefox-dev is the proper place to discuss such things, but as your
message isn't adding substantive to the discussion I'm rejecting it."

Any questions or comments should be directed to the list administrator
at:

firefox-dev-owner@mozilla.org

Bye, Mozilla.

Re:Fuck Mozilla

[KiloByte]

What will you use then, Google Spyware that lacks key privacy-related extensions?

Re:Fuck Mozilla

[sexconker]

Currently I'm evaluating PaleMoon.

Re:Fuck Mozilla

I switched from FireFox to PaleMoon a couple of years ago; 100% satisfied: 64-bit from the start, totally stable, using cookie management for ages, never a problem, never a crash, got the status bar back, very happy to be in good hands: PaleMoon builders avoid including non-sense FireFox features on a day-to-day basis ... maybe you should give it a try

Re:Fuck Mozilla

It's pretty good so far. Useable enough for daily browsing. However, google apps complain thinking it's an older version of FireFox -- not fatal but I hope it doesn't fall too far behind or Google doesn't just blacklist something in the 'fingerprint' of the browser and makes it unusable.

Re:Fuck Mozilla

[zixxt]

Currently I'm evaluating PaleMoon.

LOL a slower, buggy and less secure wanabe fork of Firefox.

Re:Fuck Mozilla

[ChoGGi]

Palemoon v26 came out a while ago, browsing the changelog I see stuff like

Added a control preference for onunload= events as dom.disable_beforeunload. This allows you to completely disable events fired when leaving a page.

Yes, they add useful features, rather then taking away used features

Re:Fuck Mozilla

Try Iron: http://www.srware.net/en/software_srware_iron.php

Been using it happily for at least six years now. Only drawback is no auto-update, but that is kind of a good thing, I can go read about the new version before installing it. I skip the odd version that has issues (such as 47, but 48 quickly followed ).

Re:Fuck Mozilla

And even if it was accepted, all you're likely to get there is an exquisitely-worded reply that boils down to "screw you". For example. I don't think I've ever seen Mozilla change their mind as a result of a non-employee post on that mailing list.

Re:Fuck Mozilla

At least it is a wannabe fork of Firefox instead of a wannabe clone of Chrome.

Re:Fuck Mozilla

PaleMoon no OSX version..

Re:Fuck Mozilla

There is an unofficial build
https://forum.palemoon.org/viewtopic.php?f=41&t=10847

Re:Fuck Mozilla

[sexconker]

And I've just turned that fucker on. No page should get to fire code when I decide to close it. Slashdot, I'm looking at you and the tabs that refuse to close because your ajax is so unresponsive.

Re:Fuck Mozilla

Frankly, the moderator was right. Your two lines don't add anything to the discussion, and delivering the mail to 100+ recipients would just waste everyone's time. You just don't go into a developer mailing list with the same attitude as you go to a forum thread. At least tell them why you disagree with the change.

Go try the MozillaZine forums or something.

I'm surprised your idiocy got moderated to +5.

Re:Fuck Mozilla

Google is looking at your user agent string.

1) Go to the about:config
2) Change (or add)
    general.useragent.override.google.com
to
    Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.9) Gecko/20100101 Goanna/2.0 Firefox/38.9 PaleMoon/26.0
the "38.9" number seems to be key. I'm sure you can make it a higher number.
3) You may need to set
    general.useragent.site_specific_overrides
to
    true

Brendan Eich

Brendan Eich would not have allowed this to happen. The furor over his support for traditional marriage was just a pretext to remove a politically inconvenient person from a key position, and the SJWs who perpetrated that lynching just useful idiots serving the financial elite.

Re:Proud to have self-destructing cookies installe

^^^ This

Self-Destructing Cookies was a genuine break-through in cookie privacy.

I wish the idea would be extended to other tracker-enabling downloads like fonts and HTML5 web storage.

Weening myself from web use.

Not renewing my smart phone either.

WaterFox?

[kaizendojo]

WaterFox's latest build seems to still have the granularity. For those not familiar, Waterfox is a high performance browser based on the Mozilla platform. Made specifically for 64-Bit systems. It is speedy and all your FF extensions should work. In fact, in upgrading to WF, all of my FF prefs, extensions and addons were in place and working right on first boot. https://www.waterfoxproject.or...

Re:WaterFox?

[sexconker]

WaterFox doesn't make changes aside from being a 64-bit build, as far as I know. It's basically a 64-bit build using the Intel C compiler with the optimizations flag turned up to 11.
It will eventually get this "update".

I'm currently evaluating http://www.palemoon.org/ as my personal Firefox replacement. The workstations I'm responsible for will get Chrome by default, and not Firefox. (Along with IE/Edge/Safari.)

I'm 100% done with Mozilla, and I expect the organization to go under by the end of 2018.

WRONG SOLUTION

Dear Mozilla developer,

I don't want to search for your fucking unnamed addon, firstly because I don't want cookies to be accepted from certain domains even before I close the browser, secondly, because it's idiotic to remove something that was useful and didn't cause any harm.

Fuck you, fuck whatever advertising company paid Mozilla to remove this useful feature as well as for adding all the anti-privacy bloatware that I regularly have to disable (pocket, peerconnection, etc...), and fuck your gay-friendly CEO.

Regards,

An unsatisfied firefox user, soon looking soon for alternatives

LOL even Brendan Eich is using Chromium for Brave!

Everything we need to know about the sorry state of Firefox is shown by the new Brave web browser that Brendan Eich is creating.

Look at what Brave's FAQ page says:

5. Why aren’t you using Mozilla’s Gecko engine on laptops?

We were, under a partially sandboxed, multi-process architecture called Graphene. But we did a careful head-to-head comparison and by every measure, Electron/chromium won. We wish Mozilla well, but as a startup, we must use all sound leverage available to us. For web compatibility and in particular Chrome compatibility, this means chromium.

For those who don't know, Brendan Eich worked at Netscape, created JavaScript, co-founded the Mozilla project, and was even the CEO of Mozilla as recently as 2014. He has a very long history with the technology behind Gecko and Firefox.

Yet despite having so much experience with Mozilla's technology, his team has gone with Chromium as the basis of their browser. Like their FAQ says, Chromium is better than Firefox "by every measure".

The problem for Mozilla is that while Firefox has become total shit, they have no better alternative to offer. The Servo project is sputtering, at least partially due to it using Rust, which itself is an immature programming language.

I don't know what Mozilla is going to do. The only option available now is to throw away Servo, throw away Rust, and try as hard as they can to get Firefox fixed up. But even that probably won't be enough. Things are looking extremely bleak for Firefox.

Add-on good, default preference bad

[l2718]

I fully agree that functionality that can be provided by add-ons need not be provided by the core program. In fact, this level of extensibility is a great selling point for Firefox.

The problem is what to do with those who set the preference in the past and have yet to install an add-on. I think it would have been better to take the "paranoid" default (deny all), making sure they have at least as much security as they had before. I find it hard to believe that there are many users who were regularly approving each cookie separately but couldn't dealt with the breakage caused by a temporary "deny all" default.

Cookie storms

[Maow]

I fucking hate sites that cause cookie storms.

I got hit by one today, at Chandra Observatory, of all places.

Set your cookies to request always and prepare for > 30 of them: http://chandra.si.edu/photo/20...

However, it doesn't seem like this solution of Mozilla's is a great one if one were to take the new default into consideration.

But it's why I'm still on v39.0 - can't keep up to all the changes

Re:Cookie storms

[ewhac]

Set your cookies to request always and prepare for > 30 of them: [ ... ]

A mere thirty? Lucky you. That's easily manageable; just lean on the ESC key for a few seconds. I've visited sites that tried assaulting me with nearly a thousand for a single page.

Re:Cookie storms

[KGIII]

That link only wants to set two cookies. One is from them and the other is from chandra.harvard.edu. How'd you get 30 of them? Are they retrying?

uMatrix tells me that they've got 94 elements (most from the first party) and uBlock says 5 ads are blocked.

However, and this may be the difference, you might note the mention of uMatrix. I'm blocking all the third party cookies (except it lists the ones blocked - there's just one) but, and this might be important, I'm blocking all the scripts from third-parties on that site. Maybe it is those scripts that are loading those cookies? They're the usual scripts from Facebook, recapcha, Google, Twitter, and JQuerry. But those aren't actually trying to load cookies. Maybe they are awaiting the loading of the script to do so?

Except, that doesn't necessarily make sense. See, on *most* pages, those sites would be trying to load cookies *and* scripts, but they're quite explicitly not doing so on the page you linked. Which is odd... I can open a tab and go to a different page (like The Free Dictionary) and see Google trying to load a script. It's also happily trying to load a cookie. But, it's not doing that at the site you linked - even when I refresh and browse around a little bit.

The reason I take the time to type this is because, well... You might have a problem? I'm pretty sure I'm not affected by malware and haven't made any changes that would be blocking just that one site's attempts. No, they'd show up - if they were being made. They're not. I'd be curious as to why you're getting whacked with 30 of them and I'm seeing only two. I'm not even seeing attempts to load more. Err... I can screen shot an example site and the site you linked to, if you want? Do you still get 30 attempts if you disable ads? That might be it...

Ah well, I'd clicked out of morbid curiosity and then noticed it was just two cookies and not thirty. I've no reason to believe you'd lie about it, nor can I imagine why you would. So, I figured I'd share the discrepancy and see if that'd help you find out if there's a problem with someone injecting code into your IP stream or what.

Re:Cookie storms

[Maow]

That link only wants to set two cookies. One is from them and the other is from chandra.harvard.edu. How'd you get 30 of them?

Excellent question. I merely followed a link posted in an Ars Technica comment.

I'm blocking all the third party cookies (except it lists the ones blocked - there's just one) but, and this might be important, I'm blocking all the scripts from third-parties on that site.

I have Ghostery and NoScript running, so 3rd party elements shouldn't have any effect.

The reason I take the time to type this is because, well... You might have a problem?

I appreciate the effort, but honestly, I don't think so.

It's rare that I get these cookie storms, am running FF under Linux (no Windows box), exclude scripts and 3rd party elements, ...

I'd be curious as to why you're getting whacked with 30 of them and I'm seeing only two. I'm not even seeing attempts to load more. Err... I can screen shot an example site and the site you linked to, if you want? Do you still get 30 attempts if you disable ads?

Most ad servers are black-holed at my DNS, but since you've taken the time to look into it, I'm going to do a little further looking.

I do recall clicking "Allow" on the first cookie pop-up, 'cause Chandra has to be trust-worthy, I didn't use my usual policy of "Allow for Session" (or "Deny" if not as trusted as Chandra).

 

So, I figured I'd share the discrepancy and see if that'd help you find out if there's a problem with someone injecting code into your IP stream or what.

Thanks again - I'm going to look back at it and see what happens. Although I'm kind of hesitant to subject myself to the "storm" again, I might risk it.

Off to Ars to find the link and re-click it...

Re:Cookie storms

[KGIII]

Heh... They're only cookies. ;-) What's the worst they can do? Besides, we're geeks. Pushing buttons is in our nature. If you don't believe me...

Imagine any three of us, you can be one, locked in a room with nothing but each other and a big red, function unknown, button that was clearly labeled "DO NOT PUSH" in white letters. You know that button's getting pushed. It could mean the end of civilization but one of us is pushing that button.

And for my testing, I'm on Lubuntu but using Opera. The end results should be the same. uBlock does, indeed, indicate that there are five elements being blocked.

Curiouser and curiouser. The box, mine, should be clean. I don't actually use it as much as I should - I'm usually booted to a Live USB without persistent data. I just install the latest Opera and a few extensions and run with that. I can import and export my uMatrix settings from dropbox. I've got a number of "images" that I use and, more often than not, I'm actually connected to a VM far away and using a VPN to get there. So, I'd presume I'm pretty clean - at the moment.

Oh, and that might sound complicated to some (and this is more for someone else that might read this than it is for you personally) it's not that hard or that slow. This laptop has 32 GB of RAM in it so it holds a Live USB image just fine - I can even load a VM in my live OS and have room left over - I sometimes do with persistent data. To get it running, I just boot from USB and it takes *maybe* five minutes to get my browser installed as well as the extensions and get those configured. It's not much work at all. As I'm using it for just browsing, though I sometimes configure Thunderbird as well but I cheat for that, I don't really care if it gets burned to the ground. I leave it running for days and days sometimes.

As for the Thunderbird, I just use a profile that's not here. I know that sounds odd to some, I just either use VNC and get it from a box located elsewhere (back home in Maine) or I grab a saved profile (recent) and just stuff it in there in the right hole and it not only works but has my extensions and whatnot. I've even got my keys. I keep it stored on servers that I own and, really, it's not hard at all. It's even "quick enough."

Note: The above two paragraphs really aren't aimed at you. I kind of figure that you know what you're doing and probably know more about what I'm doing than I do. I have, after all, seen you post before or I'd have not actually said anything. The two paragraphs are included for others who might not actually know and be curious as to what sort of idiocy I'm doing, why I'm doing it, and how the hell it actually works. I get some strange responses when I say that I don't have an OS installed and, depending on the box, I often don't. I hardly ever actually use my base install on anything any more. Add it with VNC and VMWare and, well... Throw a VPN into the mix and you've got my base configuration as well as the various Live USBs that I use. It could be more refined but I wanted to get on the road quick and I've not actually been home since September.

Re:Cookie storms

[Maow]

Okay, the comment with link back to Chandra:

http://arstechnica.com/science...

Also, in previous comment, I neglected to mention that I have RequestPolicy also running as plugin in Firefox to further prevent 3rd party content.

I see I do have a couple scripts allowed to run there, NoScript is giving options to Forbid scripts from:

• jquerytools.org
• ajax.googleapis.com

si.org is not allowed.

Oddly, RequestPolicy doesn't show jquerytools.org nor ajax.googleapis.com in neither the "Allowed" nor "Blocked" lists yet NoScript give the choice to Forbid them both at that site.

I'm now suspecting some kind of JS confusion, perhaps the main site not being able to run JS but the other two can contributed to the storm.

Anyway, that's a little more about my situation - if only I had a 2nd pc or even a working VM that I could re-visit Chandra from to test. As I don't, I really don't want to risk a logout or crash since this pc is also doing some other functionality (server stuff) I don't want to interrupt.

Re:Cookie storms

[KGIII]

That is so very odd... I'm wondering if you're on to something with the JS? Mainly, multiple attempts to reload it? I followed your footprints, through Ars, and got just the two cookies again and I'm pretty familiar with uMatrix and how it works - it doesn't let anything past without permission, it's whitelist based and an ogre about it. That's why I use it. ;-)

Oh - I had a second conversation in this thread with a user. RequestPolicy is just an add-on to fill in where it seems NoScript lags. When I moved over to Firefox for a while, I grew fond of NoScript. I returned to my Opera and found no such animal existed. So, I found this little known extension (at the time, it's still pretty rare as I seem to be about the only advocate though a few people have now picked up on it and do so as well) called uMatrix.

Now, coming from NoScript, I didn't really like it... But then, I figured out what all the buttons do and just started curating my list as I went. It's all whitelist approach and very, very refined. You can really dig in to what is an isn't allowed to access your browser. If you get bored or curious, give it a shot. There's now a Firefox version too.

Also, checking the page with Firefox indicates the same thing here. As in, I'm seeing what I see both on Opera and on Firefox. I do have VMs but I'm not sure they'd help. Hmm... I guess, I could probably set it up so that you can access one but I think that'd be going a bit far to figure out a cookie issue. Meh, it might be fun. ;-) I don't have a Windows VM to spin up but I suppose I could actually make one if I needed. However, that'd probably not be much help either. I dare say, that'd not really help either of us out.

Same with Apple

When a corporation allows the morons in the executive suite to use the business to grind personal political/psycho/sexual axes, the corporation risks losing focus on what it's supposed to be all about. Mozilla is just supposed to be making money by providing users with a quality, standards-compliant, non-Microsoft-monopoly web browser. Apple is just supposed to be making great computer hardware and software. Both companies have recently veered into the cultural ditch of progressive sexual politics and seem not to be noticing the warning signs flashing in their faces. Tim Cook's been attacking Christians lately and I presume the share holders are not supposed to be concerned that many of their customers are Christians and that while he's fiddling, there seems a dearth of new products on the horizon. The man's not in his position to push his politics. He is there to see to it that Apple is always innovating and that it is making mountains of money for shareholders by happily selling products to everybody.

You could have been less provocative with your comments, which will likely lead somebody to downgrade your post to "troll", but there is is indeed a nugget to your argument which people sometimes miss. Businesses are just supposed to do business.

Re:Same with Apple

"In 2008, California voters narrowly passed Proposition 8, a constitutional amendment limiting legal marriage rights to heterosexual couples. Four years later, it came to light that Eich had been among Prop 8’s supporters, donating $1,000 to the anti-gay marriage campaign. The revelation sparked a righteous Twitter storm among technophiles"

So donating $1,000 to some PAC fund 4 years before being named CEO constitutes 'using the business to grind personal political/psycho/sexual axes'?

The dude never made any controversial or caustic remarks while working for Mozilla. He donated $1,000 of his paycheck to an anti-gay-marriage PAC. You can sift through anyone's life with a fine toothed comb and jump up and down screaming in an SJW rage about some anti-gay or anti-minority or anti-female thing that someone did. Donating $1,000 to a PAC is really low on the list of outrageous actions.

Re:Same with Apple

[KGIII]

So donating $1,000 to some PAC fund 4 years before being named CEO constitutes 'using the business to grind personal political/psycho/sexual axes'?

Well, it does if you're a crazy zealot who's simply repeating what they heard without actually looking into it themselves but, damn it, there's a reason to be outraged and they will be righteously indignant. After all, when you've nothing to be proud of, you can join the braying herd of jackasses and at least get noticed or feel as if you've made some accomplishment.

Lest anyone read anything more into what I said then what I wrote, fuck off. Whilst I personally don't condone artificial limits to rights based on innate traits such as sexuality, I also don't appreciate browbeating people into submission and attempting to force conformity in beliefs and lawful actions. If people can't accept that others may think different than they - then they sit and be quiet while the adults have a discussion.

This condemnation and shame is no different today than it was when it was an actual punishment handed down by the courts and from the pulpit during Puritan times. It's no more acceptable now than it was then. People should be allowed to speak and act lawfully without that impacting their past, present, and future employment - to a reasonable extent. There's such a thing as being unreasonable and extreme. Right now, the people who thrive on public admonishment and retribution are continually demonstrating that they're both unreasonable and zealots. If you want to judge people, and that's a generic you, how about you judge them by their skill at performing the task they're hired to do and not how they donated to a political action committee? I know, that's too much to ask.

Never mind that it turns out that many of these outrages are based on misinformation, lies, and intentional omissions of circumstances. Never mind that some are fabricated from whole cloth. Never mind that they, the actors, have usurped a worthy cause and tarnished the name. It's fucking HARMFUL to society and HARMFUL to people - adding MORE HARM is not a good thing in the vast, vast majority of cases. But no... They'll do it just to inflate our egos and little bit and facts are secondary because, damn it, if nothing else we've opened a dialogue... "Something must be done. Somebody has to say something!" Yup, something has to be done and somebody should say something. However, that something is probably not what they're thinking and that someone almost certainly is not them. Take the outrage and do something actually useful.

When I'm ruler of the galaxy, I'm kicking all of 'em off the planet. And before folks sit there with a smug look, I hold the "MRA" folks in the same light. Yes, some people have a legitimate message and legitimate gripes - they appear to be an infinitesimally small number. There is no "both sides" to this coin. It's one side and on that side is a bunch of people looking for cause to be outraged and willing to manufacture that cause if they have nothing more meaningful in their lives that day. They don't care who gets hurt, so long as they can feel better about themselves for a few minutes and feel like they've accomplished something.

Well, that felt nice to write. Before some dumb ass comes along and says, "You're doing it too!" I'd like to point out that no, no I'm not. No, I'm not singling out anyone, using shame, or trying to destroy someone's life and livelihood. I'm not seeking to get anyone defunded nor am I wanting to harm anyone. Hell, I'm not even trying to silence them. There's a big difference between telling someone that you're sick of their stupid shit and don't want to hear anymore as opposed to preventing them from speaking. Sadly, it's reached the point where that has to be specified.

Yup. I'm gonna post this.

NOT EVEN CLOSE TO THE SAME!!!

[dltaylor]

Yes, I "shouted". Obviously to OP has no clue.

Denying the creation of a cookie in the first place has nothing to do with deleting them when Firefox is closed (whoever closes ALL of their FF windows anyway?).

I hope Pale Moon keeps the feature, but, IMO, FF44 is now nearly useless.

Re:NOT EVEN CLOSE TO THE SAME!!!

Denying the creation of a cookie in the first place has nothing to do with deleting them when Firefox is closed (whoever closes ALL of their FF windows anyway?).

They are different in implementation detail only. If you are worried about privacy and tracking then deleting a cookie at the end of your session is just as effective as blocking the cookie completely.

Re:NOT EVEN CLOSE TO THE SAME!!!

I never open more than one browser window unless you count the private window, right before I close the regular one.

I almost never visit more than one site or family of sites in a single session, particularly if that involves signing into a site. i.e. i'll open related tabs to queue up pages from a top-level page of links, then work down the queue reading and closing one tab at a time.

Quick in, quick out, don't leave a trace. I browse the web like I'm on a special forces mission...

Re:NOT EVEN CLOSE TO THE SAME!!!

There's over-the-top hyperbole, and then there's calling Firefox "nearly useless" because of this. Next you'll be telling me that Linux is "nearly useless" because it doesn't have support for i386 baked into it anymore.

Re:NOT EVEN CLOSE TO THE SAME!!!

You forgot to say "Now get off my lawn you young whippersnappers!" at the end of your comment, Mister Four-digit User ID. You sure you actually know how a modern browser works? Or do you think it's still called Netscape? Anyway you must be about 70 years old, I hear people get pretty irritable over the smallest things at that age -- much like how you're acting. Maybe the hospice nurse should put a curfew on your internet usage, wouldn't want your ticker to give out from getting too upset, now.

Re:NOT EVEN CLOSE TO THE SAME!!!

[KGIII]

My UID may not reflect it but, lemme tell you something, son...

When you reach our age, you'll yell at any damned cloud you want to. Why? Because, fuck that cloud and we don't give a shit if you or your kid brother are unimpressed with our cloud yelling. Now, if you could just get the damned paper onto the porch in the morning, I'd tip you a whole extra nickel each week.

Actually, getting old is awesome in some ways. I can hide my own Easter Eggs and the young ladies giggle when I give someone the finger! I can straight up not just yell at clouds but I can use all the blue language I want. They just think you're old and senile. I can't wait until my kids put me in a nursing home. I'm going to piss my pants every day and laugh when the cute nurse changes me and gives me a sponge bath. If I want to play with my pudding, I'll play with my damned pudding. Now, order me a damned pizza or I'll piss in my trousers a second time.

Re:NOT EVEN CLOSE TO THE SAME!!!

[dolmen.fr]

If you really want to do fine-grained cookie management, use a plugin. I use Cookie Monster.

Re:Proud to have self-destructing cookies installe

[KiloByte]

For web fonts and similar 3rd party assets you want Smart Referer. Unless the primary website's address or id is encoded in the URL, this stops such tracking.

All the tracking for nothing?

[simplypeachy]

Firefox records and submits telemetry, by default, without gaining consent. If you're going to abuse your user, why can't the user at least benefit? They have telemetry, so they at least know which users have this feature enabled ("I use this feature"). If their telemetry is thorough, they know which users enabled it, then disabled it and left it off ("I tried this feature. I then stopped using it"). Now you know how popular it is, rather than just using a supposition as one of your major reasons, you have data.

They have Bugzilla. So they can query all bugs that this feature caused or was involved in. They then look at their ~100 lines of code and can decide on how disruptive the codebase is as a result of it being unmaintained and have an idea of how this state detriments the user experience.

It's crashing "multiple times a day"? Where's the data? Firefox records and submits crashes by default. Where's the query you ran that gives you this evidence? Is it the fault of the feature, it's lack of maintainer, or is something breaking it that is the fault of neither?

Fucksake. Spy on us then just ignore the damn science that it does? How very asinine.

Re:All the tracking for nothing?

The problem with using telemetry for this kind of thing is it's going to be biased. The people who disable telemetry are exactly the kind of people who restrict cookies.

Re:All the tracking for nothing?

We need a browser addon that auto accepts ALL cookies. And sends them to null. They never stay in memory or on disk.

But anytime a request to read a cookie comes along. It responds with random data.
Maybe even user defined data. How about some rick astley clips.

Re:All the tracking for nothing?

Telemetry is only enabled for pre-release builds. It's otherwise opt-in. The Firefox Health Report thing is on by default, but it doesn't have that kind of info, as far as I can tell. Which kind of calls your arguments into question.

Re:All the tracking for nothing?

No, its not. On every update I search through about:config for any new .mozilla.com, .mozilla.org, etc. URLs and change them to something obscene.
I wish Mozilla would start using a tracking subdomain for all tracking, that way I could block it at my dns.

Time to move on

Firefox has been getting slower and not quite right. But I clung to it for exactly this feature, fine-grained management of cookies. If it's gone in the next version, then I can start looking for faster neater alternatives.

Re:Proud to have self-destructing cookies installe

> Unless the primary website's address or id is encoded in the URL, this stops such tracking.

Which will be the case for any asset used for tracking, so that extension is a no-op for this purpose.

Even Eich has abandoned Gecko with his

new project @ https://brave.com/.

Re:Even Eich has abandoned Gecko with his

[sexconker]

Brave is an advertising platform first and foremost.

Brave replaces ads the page / 3rd parties deliver with ads Brave delivers, while promising that the ads Brave delivers are safer and less invasive, as well as better targeted.

However good it may be as a browser it's a non-starter for me. It's core purpose is to put its own ads in front of my eyeballs.

A truly honest browser would refuse to load ANY content from a separate domain by default. That means going to butt.com will not allow you to load up an embedded youtube video, a referenced font, an externally-hosted jquery, or even butt.com's content on a generic CDN. ALL butt.com content should come from butt.com, plain and simple. Otherwise, the user should have to manually allow butt.com to load content from content.butt.com, *.butt.com, or butt.com.cdn.net, or youtube.com, or whatever.

Yes, this would "break" much of the current web and most users would never switch to a browser that enforced these things. And most sites would never respect these things. But the web would be a much better place if connecting to a host meant you received content only from that host by default. We're currently at a point where blocking third-party content breaks a huge chunk of the web, but blocking third-party cookies doesn't. I'm afraid that in a few years I'll be forced to accept cookies from "trackurshit.fucku.lolol.net" before being able to access most sites.

Re:Even Eich has abandoned Gecko with his

You fundamentally misunderstand why large websites are connected. The reason butt.com uses CDNs, webfonts, hosted sites, optimizers, etc is because the business in not in the business of those things, and it shouldn't be. People absolutely *loathe* websites and will navigate away from websites that take more than a half second to load. You can actually see the numbers drop. From an optimization point 3rd party adverts are the absolute worst. They wait for the page to completely load and screw with site metrics, all while adding vulnerability. Add to that it doesn't even take cookies to track you, go ahead turn off, JS, unless you're turning off image rendering and caching you're still being tracked. Add to that your browser automatically reports what it is. The amount that sites know about you without cookies is mind boggling. Without a single cookie I can tell where you're located, if you've visited before, every page you're on and how long you're spending, your device, etc.

Re:Even Eich has abandoned Gecko with his

You've reminded me of one of my favorite Bill Hicks riffs...

https://www.youtube.com/watch?v=aMN8REGJXaA

Re:Proud to have self-destructing cookies installe

Just stop sending referer headers altogether. It breaks so few sites that fine tuning it is just not worth it.

I still run Opera 12

[Trax3001BBS]

It's cookie option is to delete any new cookies received when shutting down.

More evidence...

...that Firefox is disconnected from its users. I should have jumped ship earlier. They would ignore (or mark complete/will not fix) my bug reports, and they hijacked firebug's keybinds for their own inhouse version (which was a pretty shitty thing to do). The interface thing with australis caused a lot of hate with people. They probably lost a lot of user base over that because people like familiarity; breaking it completely just caused people to leave. The more they change the more people will leave, and their drop in user base is proving it.

Someone start a gofundeme.org for Pale Moon

Firefox has lost its way so badly it hurts. What a shame.

Thank gawd for forks.

Breaking News: Technical Debt Solved!

Wow. What a pathetic excuse, they're the maintainers, FFS. It's 'unmaintained'? ... So 'maintain' it, THAT'S YOUR JOB.

If I could use that excuse at *my* dev job, I could save lots of work for myself. But I suspect my management would rightfully tell me to suck it up and update/fix the damn code.

Re:Breaking News: Technical Debt Solved!

Mozilla does not seem to have developers, they only have UX-gods and feature removers. As a developer, if I was just removing or breaking existing features at my day job, I would get fired. At least our customers want to keep using the software's features which were the reason they selected us at first place and they usually only want improvements, not monthly UI redesigns and feature removals.

They did?

[OhHellWithIt]

I haven't tried to use the cookie prompts for quite some time, but the basic functionality still seems to be intact in the preferences under Linux.

Let the migration begin

[BigChigger]

I've used FF since Netscape. I'm done.

That's it, I'm done

[Indigo]

This is where I get off the bus. I've used Firefox for years, Netscape before that - gladly so. But the Firefox people have gone from great developers making a useful product, to pretty good but a little squirrelly, to UX weenies and marketing assholes, to evil sellouts actively trying to screw me over. Fuck 'em.

On a completely unrelated note, if you use Linux, chattr +i is your friend. Works on directories as well as files too. Just sayin'.

Bloat vs extensions

[jopsen]

Do nothing people complain about bloat... Move features into extensions, people complain features are disappearing..

What is the better option?

Re: Bloat vs extensions

If cookie management consumes so many resources as to constitute bloat on any computer released in the last 15 years, either their coders are incompetent or the browser is fundamentally and massively flawed, or both.

it would also help if they weren't throwing their current extension developers to the wolves.

Re: Bloat vs extensions

Instead of removing basic web related features, they could stop adding nonsense social media features.

Or reducing bloat...

[jopsen]

People also like to bash about bloat in FF... Moving features that aren't used often into extensions is a great solution...

They are easier to maintain, and can be developed independently of FF... Faster iterations, and release of features to end-users, etc..

Re:Or reducing bloat...

[tepples]

And it allows the excuse "you're using too many extensions" for any and all RAM and CPU use complaints.

Time to drop this turd

[Meniconi,Nando]

See Subject.

After all these years, I guess that is it then.

[mike2006]

I have been using Firefox since the early days. Sure there were some releases with problems but 44 for me is the worst ever in my opinion. I have completely wiped it from APPDATA and Programs, reinstalled, yet frequent crashes. Crashes immediately if loading from the taskbar in Windows 7. If I use any plugins like Ad Block Plus or Noscript I get high CPU utilization and it sucks up allot of memory. Occasionally it just disappears in the middle of doing something.

Now with the cookie thing which I use frequently in web development and other plugins that will be borked, that's it I am done. They are forcing me to adopt another default for all my work.

I will check out waterfall listed above. I started to look at Palemoon before this and thought do these alternatives have dev teams or just one guy that will some day will disappear?

Mozilla can't keep a secret...

[jopsen]

Was Yahoo p***d off about people who don't allow some cookies to be set?

That's a serious accusation, did you even care to read the bug before writing that?
FYI, while the deal isn't public, it was rather clear that it was contingent on Yahoo reinventing their search engine as they did.
So you can be confident that it's more likely Mozilla that pressures Yahoo than the other way around.

Besides the bugs, mailing lists, wiki, regular monday meetings, irc channels, etherpads, source code, review notes, commit comments, is all open.
I work at Mozilla there is very little private communication, apart from security bugs, just about everything is completely public.
The notes I make on stuff I work on is in a public etherpad, with links often posted on IRC.. So anyone can could jump in an make a mess of my notes :)

And you are welcome to participate! (and welcome to ask questions, as well as leaving useful comments, suggestions in my notes)

Also there is no way employees at Mozilla could keep a secret like that - You can be sure someone would blog about it :)
(Lots of people at Mozilla are in it for the mission)

Mmmmm, fine-grained cookies...

[coldsalmon]

I hope we still have the option for chunky chocolate chips!

Can still delete cookies individually

[chris-chittleborough]

This report is about removing optional user control over which cookies get created. Firefox 44 still allows users to delete individual cookies. Open up Preferences, go to the Privacy tab, click on "remove individual cookies" (a hyperlink) and you will see a list of all your cookies, grouped by domain name. Click on the ">" before a domain name to see the cookies for that domain. Select and delete as desired.

Personally, I prefer to use NoScript but allow websites to create cookies. That way I can whitelist domains in NoScript until a website works, without having to worry about which cookies to allow. Once I've finished with a website, I can always delete all the relevant cookies until next visit. This works well for me; YMMV.

So much hate...

[eWarz]

To be fair, I haven't used Firefox for a LONG time. When I did use it, it was when they first forked from the original Mozilla code base and went through a gazillion different name changes. That being said, I think this story is overblown and most of you are overreacting. Mozilla is simply trying to move (the UN-MAINTAINED) fine grained cookie control to the hands of some excellent add-on developers. The current code that resides in the Mozilla repo is completely un-maintained. Anyone like me who remembers what Firefox was like back in the day will know what I mean when I say 'less' is 'better'. Can Mozilla do stuff better? Without a doubt. Should this be a change that stops you from using Firefox? No. Disclaimer: I don't use Firefox outside of Ruby on Rails selenium tests.

Export current cookie permissions before upgrade?

[D4C5CE]

In case Firefox 44 drops the permissions list entirely (does it?): How does one export these cookie settings to a format readable by humans and replacement add-ons / other browsers?

Fishy/Phishy Firefox

Stupid features like this are either enabled or reside in the browser and now they're taking away privacy features with each release.

Just a small sample of stuff from about:config:
dom.event.clipboardevents.enabled
browser.taskbar.lists.*
social.*
social.manifest.facebook
browser.safebrowsing.*

What about cookie warnings?

[azrael29a]

While I don't mind cookies that much I do mind the retarded EU-mandated cookie-warnings that keep popping on every site possible, Fortunately there is an addon for that too!
I don't care about cookies 2.5.3
Available for Firefox, Chrome, Opera, and some other less popular browsers (no version for IE).

EU cookies

[klapek]

In EU we have a dumb piece of legislation that requires almost every webpage to require a permission for any cookies it may be saved on your device. I have a strong impression it was initially a web browser that was required to acquire such permission.

ABORT on goddammed ESC key

[TheRealHocusLocus]

Some where back in the dim recent past, Firefox's ESCape key no longer meant abort everything and return control completely to the user. No matter if the base html is incomplete, no matter if some goofy-gumdrop JSON cloud-abortion is in progress, or a 302 redirect is in progress. No matter if you'll have to settle for a blank page because CSS cannot decide what color the text will be. Just ABORT. Now the ESC key means hardly anything.

Now in the face of incomplete loads, packet loss, severely delayed DNS lookups, javascript tumors that are busy metastasizing to grow the page from seeds using repeated lookups to unresponsive and overworked database servers --- all of this results in pages that won't stop loading, tabs that will not close immediately, or even pages with visible readable content that will not respond to scrolling requests or link clicks... until... exactly what I never found out.

The purported reason was to save the poor deep data content providers from aborted transactions caused by unwashed masses hitting reload and ESC. I say, if they're overloaded or vulnerable in any way to aborts or identical re-submits they are vulnerable to script kiddies too and someone has not done their job properly or provisioned their servers adequately. I never considered the ability to abort a web load as anything but an intrinsic RIGHT --- until it was taken away. It was,like, what are they thinking?

I've had to force-close Firefox to regain control. And no we're not talking about Flash or embed delays either, I run NoScript. This is Firefox's native process refusing to abort everything under all conditions.

If content providers bite into some apple of complexity (for example) embedding advertising and load sharing schemes that do little tricks (such as) using gobblegook DNS names with low or zero TTL, they deserve to be sandbagged for their effort by the masses until they re-think their decision and (god forbid) roll back in the general direction of 'static' content.

Unfortunately this is something a third-party addon cannot really fix. If ever I was temped to fork a whole project and create a new subculture to fix one aggravating feature=bug this is it.

Re:ABORT on goddammed ESC key

This. So much of this.

Related to it is the interface nightmare they created with popups. I don't know if it was a feature or a plugin/addon but popups _were_ grouped.

There should be _one_ popup window so when you click 'Deny All' it propagates to every other pending cookie for that host. At least when you fucking hit escape it should apply to the current active window regardless if it's VISIBLE or not! The number of times I've had to move a popup to find what fucking window was active is insane.

The popup storms are a result of parallel connections either through pipelining or straight single connection/request. Try it. Set your persistent connections low and disable pipeline.

Re:ABORT on goddammed ESC key

[TheRealHocusLocus]

Here is an addendum that I would have added to the original message IF the EDIT/ADD Slashdot feature request I propose here was implemented, please vote for it!

Here is a good description of the ESC key behavior change which among other things introduces a Firefox add-on called SuperStop . SuperStop adds a Shift-ESC key combination which most often succeeds in shutting everything down. But it is it is apparently unable to prevent the triggering of JS timers that have been set... allowing persistent-connection-abusive sites like Yahoo News to awaken from the dead to do more nasty poodle doo.

Holy crap, really?

[gstoddart]

Further, users who had enabled the "Ask before accept" feature have had that preference silently changed to, "Accept normally." The proffered excuse for the removal was that the feature was unmaintained, and that its users were, "probably crashing multiple times a day as a result" (although no evidence was presented to support this assertion).

So, basically Firefox has decided to permanently become a steaming pile of shit, and they focus on interface designs and features nobody cares about, while ignoring the features which made us use it in the first place?

You know, a lean standard compliant browser which allowed us control over our privacy and security? The things we actually want out of it.

Removing that feature is fucking moronic, because it allowed us to say "yes, I trust this site and they can set cookies, but all these sites can piss off, never ask me again".

Basically Firefox is now suffering from the Open Source feature rot ... if nobody is maintaining it, it's because it's not a shiny feature, which means it gets neglected.

I've used this feature for years, and it has NEVER caused a browser crash, not once. Silently saying "sure, go ahead, set all the cookies you want, we don't care" is a bullshit outcome from an organization which has become far too focused on shiny baubles instead of maintaining the good pieces in there.

Over the last bunch of years I'm more or less forced to conclude that the Mozilla foundation has lost the plot of what we wanted out of that browser in the first place.

OK, folks, so what's the best cookie manager plugin for Firefox? Because for those of us who run multiple browsers for multiple purposes with different levels of security and the like, the options seem to keep dwindling.

I have to say, it seems like Mozilla is just running themselves into the ground, and are jumping from one thing to another ... apparently now it's killing off Firefox OS and jumping into IoT.

Sorry Mozilla, you act like you're driven by marketing idiots with ADHD these days. Pathetic.

Re:Holy crap, really?

gstoddart expert software engineer (not) can criticize with impunity. Mozilla realizes you're just another idiotic wannabe nobody so they humor you moron. gstoddart once again evidences what happens when a mongoloid imbecile such as himself attempts to impart his version of writing on others! A wave of unintelligible gibberish scribblings issues forth from gstoddart the mongoloid imbecile of slashdot and we are stuck dealing with it unfortunately!

I agree so much with the non techs above crying

Cause who the hell would use that feature?
If you don't trust a site here is some advice.... Do not go to it.

Maybe stop looking up all your child porn while you pretend to actually be working...

Firefox-Fucks User, Moves Control to Data Miners

I guess thats why there are forks

Re:LOL even Brendan Eich is using Chromium for Bra

Even Pale Moon has forked Gecko, not just Firefox.

Bye Bye Firefox

Used to be good, now wants to cow-tow to advertisers. See you later.

This article looks like FUD

[dolmen.fr]

The feature that was removed is a basic cookie management option where addons do a much better job with a better UI.

If you really want to do fine-grained cookie management, use an addon. I use Cookie Monster.

I like that Mozilla removes useless limited features that I long ago replaced by a powerful addon. The Firefox core must have good APIs (for example cookie management, cookie filtering) on which extensions can be built.

Re:This article looks like FUD

[CanadianMacFan]

The issue is that they removed a feature that stopped cookies from being installed and suggested using an add-on which removes the cookies after you leave the site or close the application. There is quite a difference in behaviour. In the latter case the cookies can still be used to track the user.

Re:This article looks like FUD

The issue is that they removed a feature that stopped cookies from being installed and suggested using an add-on which removes the cookies after you leave the site or close the application. There is quite a difference in behaviour. In the latter case the cookies can still be used to track the user.

Yup. There is no way to disallow cookies from being accepted and placed on your system with Cookie Monster. I know, I've used it for years. And when FireCrap 44 came out, I found a ton of cookies I never would have allowed. So stop saying Cookie Monster or another add-on can replace this feature, because the boy geniuses at Mozilla DELETED it without notice.

Accept cookies and continue to website

[tepples]

Unobtrusive may fail to satisfy the requirement that the notice be "conspicuous". And in some places, such as the Netherlands, the law is or recently has been that a site operator must obtain the user's explicit consent before setting a persistent cookie. This leads to "Accept cookies and continue to website" interstitials.

Me want cookie

[tepples]

You have chocolate cookies with lemonade flavored bits? Where can I get me some o' dat?

We use cookies. [Accept] [Leave]

[tepples]

as well as not giving the user a choice, such as a popup with only an OK button.

Then they give the user a choice that may be familiar to long-time users of porn sites: a popup with an Accept button and a Leave button that goes to a popular search engine or the front page of The Walt Disney Company's site.

Anonymous Add to Cart needs a cookie

[tepples]

vast majority of websites do not really have to annoy their visitors with cookies popups, because they work just fine without cookies (and most of the rest could be made to work without them).

On an e-commerce site, how do you implement an "Add to Cart" button without cookies? Users expect one anonymous visitor's cart to be separate from another anonymous visitor's cart, and they don't expect to have to create an account and log in (through a cookie-free method such as RFC 7617 Basic or a TLS client certificate) before adding an item. Or do you instead plan to associate a shopping cart to a query parameter in the URI? That breaks when a user shares a link to a product.

Re:Anonymous Add to Cart needs a cookie

I hope you do realize I did not say "all".

Anyway, yes, I would pass session ID in the URL (after all, neither cookies contain a cart's contents, just an ID), and would not worry about users. Those using URLs should know what that is, the rest have buttons.

Re:Anonymous Add to Cart needs a cookie

[Rakarra]

On an e-commerce site, how do you implement an "Add to Cart" button without cookies?

Then you can have the popup when they try to add to cart. That's more preferable than the sort of "you have to have cookies to even glance at the front page of our site" nonsense that was being discussed in the thread.

Re:Anonymous Add to Cart needs a cookie

[tepples]

I hope you do realize I did not say "all".

Perhaps you're right that my worldview is skewed by the fact that I work on an e-commerce site as my day job.

Anyway, yes, I would pass session ID in the URL (after all, neither cookies contain a cart's contents, just an ID), and would not worry about users. Those using URLs should know what that is, the rest have buttons.

And then you get people who return to the home page by using an in-browser function that deletes everything after the hostname, with the result "I went back to the front page of the store to look for something else to add to the cart. Why was my cart emptied?" Even people who know how a URL is structured don't know which specific query parameter holds the session ID. And even the tinier minority of users who both know how a URL is structured and correctly guess which query parameter is the session ID delete one too many characters from the URL.

Worse yet: "Why did this unauthorized charge appear on my account? I put in my credit card number but decided not to place the order." The answer is that you shared the URI of a product that included your session ID, and someone else completed checkout with your payment credentials.

Re:Anonymous Add to Cart needs a cookie

[tepples]

Which means you can no longer provide "People who viewed X also viewed Y" or "People who viewed X ultimately bought Y" views to your shoppers.

Re:LOL even Brendan Eich is using Chromium for Bra

[justthinkit]

They do seem to have an interesting approach. On that same FAQ page they discuss their philosophy on ad reduction, ad replacement and removal of tracking stuff. There could be a substantial discussion on ad replacement alone.

Ads are something no user wants, but every advertiser and content-hoster wants. Bottom line is ads will always be around in one form or another. And they will always be evolving and changing.

Maybe ad replacement is a potential solution. You can't get rid of them (permanently everywhere that is), and you do want some content to survive (e.g. Slashdot), so maybe an ad vetting/voting/whitelisting system has some merit.

Basic auth or TLS client certificate

[tepples]

In short, I've never seen a good, clean, reliable way to link a user to a session that doesn't involve cookies. If you've got the magic solution to that, please...I'm all ears.

Have the user create a username and password and use RFC 7617 basic authentication. Or have the user create a TLS client certificate.

Re:Basic auth or TLS client certificate

[LordKronos]

In short, I've never seen a good, clean, reliable way to link a user to a session that doesn't involve cookies. If you've got the magic solution to that, please...I'm all ears.

Have the user create a username and password and use RFC 7617 basic authentication. Or have the user create a TLS client certificate.

teach me how to logout (note: "close your browser" is not an acceptable answer) and I might stop despising basic authentication.

TLS client certificate? lol...ok, I'm sure all my users will love that. I'll get on that right away.

Apparently you didn't see where I said "good, clean"

Re:Basic auth or TLS client certificate

[tepples]

This answer has a script that logs the user out of basic auth by replacing stored credentials with wrong credentials.

Re:Basic auth or TLS client certificate

[arglebargle_xiv]

Have the user create a username and password and use RFC 7617 basic authentication. Or have the user create a TLS client certificate.

teach me how to logout (note: "close your browser" is not an acceptable answer) and I might stop despising basic authentication.

Haven't you read the original RFC? it says:

The scheme name is "Basic".

What you're asking for is in the upcoming "Extended" authentication scheme, RFC 13,617, due out in September 2030 (15 years between updates, 2617 -> 7617).

Re:Basic auth or TLS client certificate

[LordKronos]

This answer has a script that logs the user out of basic auth by replacing stored credentials with wrong credentials.

That's awesome. And I totally expect that users who want to disable all cookies from my website are going to be thrilled to let me run javascript on their website instead.

Re:Basic auth or TLS client certificate

[tepples]

Then use progressive enhancement. In the HTML page, send a "To log out, close your browser" message. Attach a script that replaces this message with a button to log out as described in the linked answer. To get past the extension that blocks non-free scripts, distribute this script under a free software license and add appropriate metadata.

Re: Basic auth or TLS client certificate

[LordKronos]

And make the user close all tabs? I'm not hearing a very convincing argument yet.

Re: Basic auth or TLS client certificate

[tepples]

A user who is ending his or her browser session so that another user can begin a session will be closing all tabs anyway.

Re: Basic auth or TLS client certificate

[LordKronos]

A user who is ending his or her browser session so that another user can begin a session will be closing all tabs anyway.

What? Says who? My wife and I login on the same browser all the time without closing tabs. In fact, I do this all the time when paying bills. Have one tab open with my online banking account, another tab open with my bills spreadsheet, open a 3rd tab to login to my credit card. I setup a payment to my card and log it in the spreadsheet. Logout on the 3rd tab, login to my wife's card account at the same bank, setup a payment on her card, log it in my spreadsheet. Then finally I use the online banking again to shift the necessary money between checking and saving.That's just one of many examples where we do that.

Beside that, there's just the matter of security. I'm not closing my browser because I need to keep pages open, but I want to logout of websites so that I'm no longer using. I shouldn't have to close all my tabs to do that

You're trying very hard to contrive some arrangement that makes basic authentication look like it's not utterly broken, but sorry...it's utterly broken. Why do you think almost nobody uses it? Do you think nobody knows about it?

Re:LOL even Brendan Eich is using Chromium for Bra

[justthinkit]

Regarding ad voting, the potential for abuse of this is high (i.e. people hating every ad). One solution would be that your votes are always relative. In other words, do you like this ad more or less than other ads. This way some ads will always bubble to the top. And advertisers can then study/learn from those ads, and/or choose to run those ads more. And when they do that, people grow tired of those ads. So they bubble down the list and force new ads to appear.

This may not sound that great, but right now I am staring at sites that pad with screen after screen of white space, or force gigantic menus to overwrite content or display zero content when I try to ad-block them (via no JS and hosts anyway). Point is that we are already in the middle of an arms race.

Restore session fails offline

[tepples]

There is an option to "reopen last session" on start. You get all your tabs back :)

When I tried it, I got "Problem loading page: Server not found" as I switched to each tab. Firefox saves the URI, not the entire DOM, and it goes back to the Internet to re-fetch the page after I reopen Firefox. If I'm not connected to the Internet, such as if I'm on the bus to or from work or the grocery store, I get a dozen tabs of fail.

Maybe it hadn't been changed..

[CanadianMacFan]

Maybe nobody had done any maintenance on it because it didn't need any. From the sounds of it everyone here found it to be working fine so there doesn't seem to be much need for the code to have been touched.

Seems like we need someone to go in and to small insignificant changes to the parts of Firefox that we want to keep as is.

Re: Cookie Monster

[dltaylor]

It says it is a front end for the internal firefox features.

What happens on 44? Have you tried it?

Re:Export current cookie permissions before upgrad

[D4C5CE]

For the record, enabled sites have a type=cookie, permission=1 (Allow) or 8 (Allow for Session), in the moz_hosts and (more recently, clumsily introduced and inconveniently distinguished by leading protocol IDs that hence needed to be set twice, for http and https) moz_perms tables of the respective /home/user/.mozilla/firefox/*.default/permissions.sqlite (readable e.g. by SQLite Database Browser).

Backup while you can.

Absolutely: Best browser under the SUN!!! apk

Been showing them that here for a DECADE Trax3001BBS (ltns by the way, how have you been) http://slashdot.org/comments.p... for more speed than other browsers (was the SPEEDKING for its time year in year out) & it is by FAR still the MOST FLEXIBLE BROWSER there is in options - groundbreaking, & least security flaws too (HTML 5 ready & 64-bit too).

* Great minds KNOW alike!

(No browser to date offers SO many options, especially for security protection (& C/C++ coded speed too) in options in BY SITE preferences for cookies, scripts, referrers, frames/iframes, customized CSS or PAC files use, plugins ONLY ON DEMAND & far more...))

APK

P.S.=> Opera's even BETTER/FASTER & MORE SECURE when you combine it with a good hostsfile & who makes the best hosts files? Hey, you know - "yours truly", gratis, courtesy of:

APK Hosts File Engine 9.0++ 32/64-bit http://www.start64.com/index.p...

Giving users more speed, security, reliability, & even anonymity online from 1 single file you already natively have for FAR LESS resources yet doing more than crippled by default sold out to advertisers so they don't work right, clarityray/pagefair/blockiq detected & blocked useless, wasteful in cpu/ram and messagepassing overheads usermode slowness (vs. hosts in far faster kernelmode) INFERIOR browser addons... apk

Wrong Default

Further, users who had enabled the "Ask before accept" feature have had that preference silently changed to, "Accept normally."

Um. No. Good sense, best practices, and appropriate paranoia should have it change to "Deny". Remember "default deny" as a security principle? It needs to apply here.

(The 'silent' bit is underhanded as wellâ¦)

I suspect the people who make these decisions are the kind of people who's first response to a permissions problem is to chmod 777 all the files. Because, y'know, getting it to work is more important than taking a minute to think about what's really being asked.

I select "Ask Before Accept" because I normally do _not_ choose accept. And if the website doesn't work, well, it's a crappy website and I can direct my attention elsewhere. Silently changing this seems like a breach of some sort of trust.

Why use addons 4 speed/security/reliability?

Hosts do more for less APK Hosts File Engine 9.0++ SR-4 32/64-bit http://start64.com/index.php?o...

-

FREE, not 'souled-out' to advertisers!

Does far more w/ far less more efficiently vs. addons (clarityray blockable, redundant + RAM/CPU wasteful & 'souled-out' crippled by default) & local DNS servers @ home.

Fixes DNS' security issues & stops tracking @ webpage + DNS levels via 1 file you NATIVELY have!

(Firewalls do rest on FAR less used IP address trackers/threats vs. host-domain names).

-

Obtains data vs. online threats & ads via 10 reputable security community sites - easily edited by you using my program.

-

SPEEDS YOU UP 2 ways:

Adblocking ALL ads + local RAM cached favorite sites @ TOP of hosts for faster resolution vs. remote DNS (for reliability + speed) vs. other "so-called security 'solutions'" SLOWING YOU!

-

All via what you already have vs. illogically "bolting on browser addons 'MOAR'" (clarityray detected/blockable + usermode slow & increased messagepassing, cpu + ram overheads)

-

MalwareBytes' hpHosts Admin (MalwareBytes employee verified it's source as safe http://forum.hosts-file.net/vi... ) hosts & recommends it -> http://hosts-file.net/?s=Downl...

&

MalwareBytes = BEST antivirus per a VERY recent testing of them all http://www.av-test.org/en/news...

&

It's safe proven by 57 antivirus programs in BOTH its 64-bit model https://www.virustotal.com/en/...

+

32-bit model https://www.virustotal.com/en/...

&

Installer-> http://f.virscan.org/APKHostsF...

-

* "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend".

APK

P.S.=> By "yours truly" - "The Lord of Hosts" so-to-speak:

"The image this title brings to mind is a mighty military commander who can at a mere word summon rank upon rank of protective power" -> https://answers.yahoo.com/ques... & THE WORD = hosts!

(Accept NO substitutes)

...apk

Re:Why use addons 4 speed/security/reliability?

[Ash-Fox]

I don't need that crap, my network already blocks unwanted domains through DNS. This has no relevance to the extensions I use.

Re:Why use addons 4 speed/security/reliability?

MALWARE LINK WARNING

Re:Why use addons 4 speed/security/reliability?

Ash-Fox, apk's post shows too much to the contrary from very reputable sources' tests for a troll like you to be believed.

WARNING: MALWARE LINK ABOVE

Beware, the parent post links to malware, and it's a nasty one

The other AC pointing this out wasn't clear enough.

Re:WARNING: MALWARE LINK ABOVE

Ash-Fox apk's post shows contrary info from reputable sources' tests and apk's program stops malware + best antimalware's people recommend and host his program.

Re: Cookie Monster

What happens on 44? Have you tried it?

Nothing happens. Cookie Monster is not a fix for the prompt. In fact AFAIK there is no add-on that replaces this exact feature. One I've used since Netscape days, one I noticed had gone missing immediately. Thanks Mozilla, I went back to v43 and won't every be upgrading again. Between the pre-fetch crap when rolling over links, the Pocket crap and this? I'm out. Congratulations!

DNS eats more power & is exploitable

DNS is prone to going down a lot & uses more resources + moving parts to exploit or breakdown (kaminsky redirect poisoning & DNS amplification attacks being another).

APK

P.S.=> For networks, you take BIG chances (home users can make do with a hosts file they can easily manage vs. DNS many parts)... apk

Re:DNS eats more power & is exploitable

[Ash-Fox]

DNS is prone to going down a lot

My DNS is not prone to going down, why is that?

For networks, you take BIG chances

Oh no, my router at home has a blacklist of domains, that's a bigger chance than the average that has no blacklist. You talk a lot of shit.

uses more resources

Nah, my solution uses less resources. Less storage, less manual labour (after all, I only have to change the router, nothing else), less CPU (only one system has to deal with filtering, all the other systems spend less CPU than before, because there isn't even a TCP connection attempted to invalid IPs like 0.0.0.0 or 255.255.255.255 etc.

moving parts to exploit or breakdown

Hosts files are broken by operating system design, they're not meant to block DNS entires, they're not meant to handle large amounts of domains (look how it breaks on Windows), they're not even capable of blacklisting an entire domain without listing all of it's subdomains which goes into multi-terabyte files which Windows cannot load and uses far more memory than a simple wildcard blacklist on DNS server.

home users can make do with a hosts file they can easily manage

A large amount of devices in my home don't even support hosts files in any reasonable way. Tablets, game consoles, television, mobile phones etc. For the home user, this is probably a better and more wholesome way to handle blacklisting of domains because you won't have enterprise-level control of all your devices.

Separate authentication from authorization

[tepples]

My wife and I login on the same browser all the time without closing tabs. In fact, I do this all the time when paying bills.

Win+L, click your wife's name.

Logout on the 3rd tab, login to my wife's card account at the same bank, setup a payment on her card, log it in my spreadsheet.

If your wife authorizes you to pay her bill, then perhaps instead of you impersonating her, she should add you as an authorized manager of her account. Separate authentication (e.g. you are LordKronos) from authorization (e.g. LordKronos may withdraw from checking account 963852741 and make payments on 4345 6789 3210 6543). Ask your bank how to set this up, or find a bank that allows this.

Beside that, there's just the matter of security. I'm not closing my browser because I need to keep pages open, but I want to logout of websites so that I'm no longer using.

What is the attack model associated with staying logged in as yourself?

You're trying very hard to contrive some arrangement that makes basic authentication look like it's not utterly broken, but sorry...it's utterly broken.

The feature exists. I grant that the feature is broken. But it's possible to unbreak the feature. So instead of starting a web site that requires use of cookies, one can instead build browser extensions or contribute browser patches to unbreak the feature.

Re:Separate authentication from authorization

[LordKronos]

For simple browser tabs, I have no interest in multiple windows logins. And besides...that doesn't even address the 1 example I gave. I need to login to the same website with multiple credentials while keeping the tab open. I don't want to have to "switch user" every time I go back and forth. And I have no idea where you are going with the authorize-to-make-payments thing. To make the payments, I have to log into the bank's website with the appropriate credentials. And there's no way most banks are going to let me pay her card from my account. Hell...Discover, for example, won't even let me manage my own two cards from the same account...I need a separate online account for each card.

What does contributing browser extensions or patches accomplish? The specification itself needs to be fixed. And how do you suggest I "contrbute browser patches" to something like IE/Edge? And extensions serves no purpose, as only a minority of people install them. Even something as widespread as adblocking is only installed for something like 10% of users last time I checked.

Sorry, its just broken. Cookies, on the other hand, work perfectly fine for 99% of users. Good enough for me.

Banks should still roll a joint for you

[tepples]

And there's no way most banks are going to let me pay her card from my account.

Since when are banks that issue payment cards no longer willing to let a cardmember add a joint account holder?

Hell...Discover, for example, won't even let me manage my own two cards from the same account...I need a separate online account for each card.

Then perhaps that bank needs to Discover some cardmembers that aren't you. Facebook gets a lot of things wrong, but separating auth and auth is one thing it gets right: each person has one account, and that account is connected to resources.

But thanks for clarifying. Now I have a sound bite to use against cookie haters: Basic auth is broken because logout in long-running browsers is broken.

Re:Banks should still roll a joint for you

[LordKronos]

Since when are banks that issue payment cards no longer willing to let a cardmember add a joint account holder?

Why would I want to become an authorized user and have her card show up on my credit report? The current system works very well.

Then perhaps that bank needs to Discover some cardmembers that aren't you.

LOL...with as much money as I've made off them? Not a chance. They've done many things to annoy me, but I've made about $2500 off them in the last 6 months alone. I can deal with separate accounts.

Very convoluted trail you are leading me down to avoid cookies.

DNS eats more power/is exploitable & routers?

See subject: ROUTERS = MASSIVELY PRONE TO EXPLOITS STUPID! Want a boatload of examples of that from many manufacturers too? Ask!

* FACT: Hosts do FAR MORE for FAR LESS than any other SINGLE solution & they are NATIVE to your system's IP stack already in kernelmode efficiency + speed!

(Especially vs. slower broken or exploitable usermode crap, especially browser addons which I noticed you give up on, & DNS servers in software too, NOW RUNNING FOR ROUTERS, lol, which I can dust easily too - see above, & ask! You'll regret it... lol!)

APK

P.S.=> There IS no "manual labor" using my program to create hosts & migrating them by scripts is easy for central admins on large networks too - you fail again as always, fool... apk

Re:DNS eats more power/is exploitable & router

[Ash-Fox]

You failed to answer even the first question in response to your first point:

DNS is prone to going down a lot

My DNS is not prone to going down, why is that?

For someone that claims a lot, you don't really have much to back it up.

FACT: Hosts do FAR MORE for FAR LESS than any other SINGLE solution & they are NATIVE to your system's IP stack already in kernelmode efficiency + speed!

You completely ignored all the caveats I pointed out.

Especially vs. slower broken or exploitable usermode crap, especially browser addons which I noticed you give up on

Except if you read my post, I stated I use addons and I can't even remember a time when they broke on me during updates. I also stated I don't use them for advertisement blocking which is what your assumption was.

P.S.=> There IS no "manual labor" using my program

You have to go to each damn computer to set it up.

migrating them by scripts is easy for central admins on large networks too

Why the hell would large networks use hosts file instead of end point security solutions like Lumension?

How DNS + hosts compliment one another

Hosts + OpenDNS compliment one other. I don't resolve 'every host-domain there is' via hosts. Only favorites @ top of hosts (24 for beating indexing > 2++ million records).

It's where folks spends MOST TIME online & it's faster + more efficient vs. calling remote DNS servers.

Placement of favs for FAST RESOLUTION from memory (hosts = cached like any file) also saves CPU cycles, RAM, + I/O turning off the slower usermode clientside DNS cache service vs. using kernelmode diskcache (no context switch overhead to IP stack this way too).

The rest of my hosts files' entries are 3,821,870++ blocked entries vs. malware & ads of many kinds.

I use REMOTE FILTERING DNS SERVERS that help block malicious sites/servers/hosts-domains via DNSBLs (not locally as a separate redundant wasteful recursive server or a service/daemon).

---

OpenDNS:

208.67.222.222
208.67.220.220

Patched vs. Kaminsky redirect poisoning - 99.999% ISP DNS aren't.

---

It LIGHTENS remote DNS loads - admins should like that!

I make my hosts file (& do reverse dns pings for FAV sites for faster, more reliable, & safer connections) using:

APK Hosts File Engine 9.0++ SR-4 32/64-bit http://start64.com/index.php?o...

FREE & adds speed, security, + reliability.

Does more w/ less more efficiently vs. browser addons & local install DNS servers + fixes DNS' redirect security issues!

Obtains data vs. threats & adbanner blocking via 10 reputable security community sites!

MalwareBytes' hpHosts Admin (MalwareBytes employee) hosts & recommends it -> http://hosts-file.net/?s=Downl... & MalwareBytes = BEST antivirus per a VERY recent test of them http://www.av-test.org/en/news...

APK

P.S.=> GUARANTEED safe per 57 antivirus programs recently in its 64-bit model https://www.virustotal.com/en/...

+

Its 32-bit model https://www.virustotal.com/en/...

& Malwarebytes folks verified its source safe http://forum.hosts-file.net/vi...

& it's installer http://f.virscan.org/APKHostsF...

... apk

Partial quotes Ash-Fox? Learn to read

"P.S.=> There IS no "manual labor" using my program to create hosts & migrating them by scripts is easy for central admins on large networks too - you fail again as always, fool... apk" - by Anonymous Coward on Wednesday February 10, 2016 @02:22AM (#51476965)

See subject (BOLD IN QUOTE ABOVE TOO ESPECIALLY) as it makes my point for me you are SO DESPERATE you'd stoop to that...

APK

P.S.=> Here's YOUR partial quote ONLY in UNDENIABLE Black & White:

"P.S.=> There IS no "manual labor" using my program" - by Ash-Fox (726320) on Wednesday February 10, 2016 @04:16AM (#51477257)

Never thought you'd STOOP TO SUCH A "LOW" Ash-Fox but you have REVEALED yourself for all to see - thank you!

Funny how you won't touch the list of routers I can put out that are SCREWED WITH EXPLOITS too eh?

LMAO - not!

FUNNIER STILL is how you don't deny DNS exploits I noted in DNS Amplification attacks + Kaminsky redirect poisoning flaws too!

NOT!

FUNNIEST OF ALL?

You switched TOTALLY from browser addons, to DNS, to routers - but 1 little file folks already natively has does it all with less moving parts & for FREE... apk

DNS outages GALORE make you eat your words

http://www.bing.com/search?q=d...

* See subject, that link & eat your words...YOURS may not go down but then, NOBODY USES IT TO GIVE A SUFFICIENT LOAD TO MAKE IT GO DOWN either, lol!

(Kaminsky flaw redirect poisoning can happen to you, & IF you try fix it using TCP vs. UDP, you DOUBLE YOUR OVERHEADS, making DNS even MORE INEFFICIENT - patching it can f'up MX records iirc as well, so you're beaten @ every SINGLE turn... DNS amp attacks make it even MORESO!)

APK

P.S.=> It's always just (& you KNOW I've just GOTTA say it now don't you? Ah, but of COURSE you do) "too, Too, TOO EASY - just '2ez'" making a do-nothing "ne'er-do-well" LIMITED MENIAL in Ash-Fox EAT HIS WORDS... lol!

... apk

Re:DNS outages GALORE make you eat your words

[Ash-Fox]

http://www.bing.com/search?q=d...

* See subject, that link & eat your words...YOURS may not go down but then, NOBODY USES IT TO GIVE A SUFFICIENT LOAD TO MAKE IT GO DOWN either, lol!

But my question was:

My DNS is not prone to going down, why is that?

Your evidence has failed to provide, yet again.

Re:DNS outages GALORE make you eat your words

Mere anecdotal evidence, probably a lie. Of course apk has a point that you don't give a load enough for it to wasting power ram cpu and io on something hosts does for less! Apk put up plenty of evidence of dns going down so you lose there too.

Re:DNS outages GALORE make you eat your words

[Ash-Fox]

Mere anecdotal evidence

Oh no, not actual experience in the matter!

probably a lie

If your own home router's DNS server dies constantly, I don't think that's the fault of DNS, APK.

Apk put up plenty of evidence of dns going down so you lose there too.

Sock puppet all you want, APK.

Ash-Fox: How old are you and...?

I'm 1/2 a century++ old & have nearly a quarter century of hands-on professional experience in the art & science of computing on nearly every level there is in it - do you HONESTLY THINK I haven't setup & configured AND MAINTAINED DNS servers? Guess again, & plenty of them on corporate networks (in the Fortune 100/500 too @ times) though I primarily did software engineering over that timeframe, to be that, YOU HAVE TO BE A FULL DOMAIN-WIDE ADMIN & many times OR YOU CAN'T DO YOUR JOB fast... that's how it works, from experience professionally (& I've been @ computers as a non-pro since 1982) - how about you by way of comparison?

PUTTING WORDS IN MY MOUTH I NEVER STATED TOO, along with earlier PARTIAL SELECTIVE QUOTING ME TOO?

What a bullshitter - I never SAID even ONCE that my "router goes down" OR "my dns goes down" (hosts do the job for less here, better).

APK

P.S.=> Answer the questions & I've put out DNS GOING DOWN BY LOADS OF VALID, CONCRETE, VERIFIABLE & UNDENIABLE information from valid sources - where's yours? ANECDOTAL & YOUR SINGLE EXPERIENCE (allegedly, probably a lie) ONLY - but if you're NOT placing extreme loads on YOUR personal DNS? Sure, it might not go down - not enough to TAKE it down is put onto it is why more than your "expertise" which I have NO CLUE of since I've never seen "Ash-Fox" written about by respected sources (whereas I can literally show TONS in my name by comparison) OR wares even by "Ash-Fox" - THIS IS THE PRICE OF YOUR "FAKE NAME" ONLINE rookie - languishing in anonymity, lol, just another "FACE IN THE CROWD" (Tom Petty) - I took the "ROAD NOT TAKEN" by comparison & STICK MY NECK OUT THERE WITH MY NAME ON MY WORK AND MY POSTS unlike weasels that hide behind FAKE names... apk

Re:Ash-Fox: How old are you and...?

[Ash-Fox]

What a bullshitter - I never SAID even ONCE that my "router goes down" OR "my dns goes down" (hosts do the job for less here, better).

Shh APK.

You just failed to answer the question and your red herrings leads to this crying of yours.

Let's get back on topic:

My DNS is not prone to going down, why is that?

LOL, ok "too, Too, TOO EASY"... apk

Ok - you NEVER have to take down YOUR DNS server for maintenance of the DNS server itself for patching OR the OS?

* Ask Coren22 if HE has to http://slashdot.org/comments.p... (let's let another /.'er speak for me)... lol, that alone busts you in 1/2 easily & from another /. user (let alone the TONS of evidences I put up for DNS literally GOING DOWN from BING, Google would show more...)

* Lastly, in closing? SEE SUBJECT - "just '2ez'" as always, lol!

APK

P.S.=> Answer that - lol, THIS is going to be GOOD, lol... IF you don't? Then you're not running it SECURE AS CAN BE since it's foundations wouldn't be patched... apk

Re:LOL, ok "too, Too, TOO EASY"... apk

[Ash-Fox]

Ok - you NEVER have to take down YOUR DNS server for maintenance of the DNS server itself for patching OR the OS?

If I time the amount it takes to restart the DNS server (much like how the daemon is restarted after updating it):

real 0m0.008s
user 0m0.000s
sys 0m0.000s

So, I guess as far the rare updates (I think I only ever saw one last year), there might be a downtime of 0.008 seconds, which isn't really long enough to miss all the standard three DNS requests most resolvers send out.

Now, if this wasn't on the same system that provides Internet routing to the rest of my network, I'd probably invest in a Bird setup for reliability of certain network services. Which would be trivial on a couple of Raspberry Pi Zeros to provide the network uninterrupted DNS resolution (among other network services).

As far as the hardware restarts go, according to my router data, it's been rebooted four times last year (I believe two were for system patches, two were due to me physically moving the hardware in the house). I am not seeing the "DNS is prone to going down" problem here.

Routers alone = shit (here's proof #1/15)

http://blog.emaze.net/2013/08/...
http://blog.ptsecurity.com/201...
http://blogs.pcmag.com/securit...
http://ea.github.io/blog/2013/...
http://hardware.slashdot.org/h...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://hardware.slashdot.org/s...
http://it.slashdot.org/story/0...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/article...
http://it.slashdot.org/it/05/0...
http://it.slashdot.org/it/07/0...
http://it.slashdot.org/it/08/0...

* PARTIAL QUOTING ME Ash-Fox? Again?? The lists I am putting out are going to CRUSH your do-nothing ass on router "reliability" & security... lol!

(My routers don't go down by the way loser...)

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Ash-Fox's DNS DOES GO DOWN, lol, admittedly

See subject - LMAO !@ U & again": YOU DON'T PUT ENOUGH OF A LOAD ON YOUR ALLEGED DNS SERVER YOU STUPIDLY USE THAT EATS MORE POWER & CPU/RAM + OTHER I/O vs. hosts TO MAKE IT GO DOWN, stupid!

(Other than you NOW admitting you have to restart it, lol, so YOUR DNS DOES GO DOWN after all, little liar...!)

APK

P.S.=> I suggest you NOW take a peek @ ROUTER RELIABILITY from here on downward too chump -> http://slashdot.org/comments.p...

Realize 1 thing: You have to HOP from DNS, to ROUTERS, etc. but all I need is 1 SINGLE FILE I ALREADY HAVE TO DO WHAT I NEED DOING vs. your bullshit... apk

Re:Ash-Fox's DNS DOES GO DOWN, lol, admittedly

[Ash-Fox]

Ash-Fox's DNS DOES GO DOWN, lol, admittedly

I said my DNS isn't prone to going down and I stand by that statement. I gave you some statistics to show total downtime, which is next to nothing. Less downtime than waiting for Windows to fail loading multi-terabyte hosts file (which is necessary if you want to block a domain and all it's possible subdomains) that won't load properly regardless to get sorta equivalent blocking (it doesn't block resolution, still has to point to an IP, even if it's an invalid one after all).

I suggest you NOW take a peek @ ROUTER RELIABILITY from here

I don't have really any reliability issues noted here, as you could tell from my previous post, my router has been reliable.

but all I need is 1 SINGLE FILE I ALREADY HAVE

My blacklist for my DNS server is also just one file. But unlike your 'one' file, I don't have to replicate it across the network to all computers, I literally just change it in one place and done. I don't even have to hack my devices that don't support hosts files to support it and other crazy non-sense.

Re:Ash-Fox's DNS DOES GO DOWN, lol, admittedly

Your DNS goes down (you admitted it has to) + apk blew you away on that lie + "router reliability" (not) too Ash-Fox? http://slashdot.org/comments.p... YOU GOT CRUSHED AGAIN by apk as always.

Routers alone = shit (here's proof #2/15)

http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #3/15)

http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://it.slashdot.org/story/1...
http://krebsonsecurity.com/201...
http://krebsonsecurity.com/201...
http://krebsonsecurity.com/201...
http://krebsonsecurity.com/201...
http://krebsonsecurity.com/201...
http://lifehacker.com/software...
http://linux.slashdot.org/stor...
http://mobile.slashdot.org/sto...
http://mobile.slashdot.org/sto...
http://mobile.slashdot.org/mob...
http://linux.slashdot.org/comm...
http://linux.slashdot.org/comm...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #4/15)

http://mobile.slashdot.org/sto...
http://mobile.slashdot.org/sto...
http://mobile.slashdot.org/sto...
http://nakedsecurity.sophos.co...
http://nakedsecurity.sophos.co...
http://nakedsecurity.sophos.co...
http://nakedsecurity.sophos.co...
http://nakedsecurity.sophos.co...
http://nakedsecurity.sophos.co...

APK

Routers alone = shit (here's proof #5/15)

http://phys.org/news/2014-03-w...
http://seclists.org/cert/2012/...
http://securityevaluators.com/...
http://securityevaluators.com/...
http://slashdot.org/submission...
http://tech.slashdot.org/story...
http://tech.slashdot.org/story...
http://tech.slashdot.org/story...
http://tech.slashdot.org/story...
http://tech.slashdot.org/story...
http://tech.slashdot.org/story...
http://soylentnews.org/article...
http://secunia.com/advisories/...
http://secunia.com/advisories/...
http://secunia.com/advisories/...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #6/15)

http://www.bing.com/search?q=r...
http://tech.slashdot.org/story...
http://thestack.com/root-comma...
http://thestack.com/zyxeltech-...
http://threatpost.com/12-milli...
http://threatpost.com/dns-base...
http://threatpost.com/internet...
http://voices.washingtonpost.c...
http://www.cbc.ca/technology/s...
http://www.dshield.org/diary/+...
http://www.dshield.org/diary/2...
http://www.dshield.org/diary/5...
http://tools.cisco.com/securit...
http://tools.cisco.com/securit...
http://tools.cisco.com/securit...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #7/15)

http://www.dshield.org/diary/A...
http://www.dshield.org/diary/B...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #8/15)

http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/C...
http://www.dshield.org/diary/D...
http://www.dshield.org/diary/D...
http://news.softpedia.com/news...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #9/15)

http://www.dshield.org/diary/E...
http://www.dshield.org/diary/E...
http://www.dshield.org/diary/E...
http://www.dshield.org/diary/F...
http://www.dshield.org/diary/J...
http://www.dshield.org/diary/M...
http://www.dshield.org/diary/M...
http://www.dshield.org/diary/M...
http://www.dshield.org/diary/M...
http://www.dshield.org/diary/M...
http://www.dshield.org/diary/T...
http://www.dshield.org/diary/W...
http://www.dshield.org/forums/...
http://www.dshield.org/forums/...
http://www.dshield.org/forums/...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Re:Routers alone = shit (here's proof #9/15)

[Ash-Fox]

My router doesn't suffer from any of the issues you linked. Clearly not a problem for me.

Re:Routers alone = shit (here's proof #9/15)

Like your DNS never goes down (you admit it does) + apk blew you away on that lie + "router reliability" (not) too Ash-Fox? http://slashdot.org/comments.p...

Re:Routers alone = shit (here's proof #9/15)

[Ash-Fox]

Like your DNS never goes down

No, I said it's not prone to going down and as I said, it's not. It's uptime in the last year, rounded up is 100% and that's with me physically moving hardware around in the house at some point.

I even told you that if I needed further reliability, which I don't because it's sitting on the router that provides Internet connectivity that I could easily use BIRD.

You're just being salty, APK. You're trying so hard to move the goal posts, argue semantics while throwing in red herrings, but it isn't working. It's quite obvious from my descriptions it's working pretty well and not prone to going down. There has been nothing described that even hints at an unacceptable situation that means it's "prone to going down", as you insinuate it to be something far, far worse, considering your previous irrelevant articles on the issue.

Re:Routers alone = shit (here's proof #9/15)

"...if I needed further reliability ... I could easily use BIRD."

I should read the archives of "Internet engineering" mailing lists more often. I would learn about these sorts of interesting things more often.

Kudos!

Routers alone = shit (here's proof #10/15)

http://www.eweek.com/security/...
http://www.itworld.com/article...
http://www.itworld.com/article...
http://www.itworld.com/article...
http://www.majorgeeks.com/news...
http://www.majorgeeks.com/news...
http://www.net-security.org/se...
http://www.networkworld.com/co...
http://www.networkworld.com/ne...
http://www.networkworld.com/ne...
http://www.networkworld.com/ne...
http://www.networkworld.com/ne...
http://it.slashdot.org/story/1...
http://www.theregister.co.uk/2...
http://it.slashdot.org/story/1...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #11/15)

http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.securityfocus.com/i...
http://www.securityfocus.com/n...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #12/15)

http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #13/15)

http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #14/15)

http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2..." ADD_DATE="1449501567" LAST_VISITED="0">Lock up your top-of-racks, says Cisco, theres a bug in the USB code â The Register
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/2...
http://www.theregister.co.uk/P...
http://www.wired.com/threatlev...
http://www.zdnet.com.au/cisco-...
http://www.zdnet.com/cisco-fix...
http://yro.slashdot.org/commen...
http://yro.slashdot.org/story/...
http://yro.slashdot.org/story/...
http://yro.slashdot.org/story/...
https://isc.sans.edu/forums/di...
https://nakedsecurity.sophos.c...
http://www.theregister.co.uk/2...

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each)... apk

Routers alone = shit (here's proof #15/15)

https://nakedsecurity.sophos.c...
https://nakedsecurity.sophos.c...
https://threatpost.com/exploit...
https://www.hackread.com/cisco...
https://www.incapsula.com/blog...
https://www.schneier.com/blog/...
http://hardware.slashdot.org/s...
http://www.theregister.co.uk/2...
http://news.slashdot.org/story...
http://news.slashdot.org/story...
http://news.com.com/Bug+expose...
http://news.cnet.com/8301-1009...
http://it.slashdot.org/story/1...
http://www.theregister.co.uk/2...

* STILL BELIEVE routers = best security alone?

YOU SAID YOUR DNS NEVER WENT DOWN TOO?

Funny YOU ADMIT IT DOES -> http://slashdot.org/comments.p... & you FAIL vs. myself as usual, noob do-nothing "rookie ne'er-do-well" CHUMP!

APK

P.S.=> So much for your faith in routers alone stupid (225 in total, 15 posts with 15 items each) & YOU OUTRIGHT LIED ON YOUR DNS NEVER GOING DOWN TOO - HUGE fail (one for my bookmarks)... apk

1 router & 1 dns = SINGLE point of failure

See subject? It's PUREST TRUTH fool, lol - 1 grenade (on a router which I've proven happens by 225 evidences of it) OUT she goes...

BOTH DNS & ROUTERS too!

(Which YOU SAID DNS "NEVER GOES DOWN" yet ADMITTED it has to stupid AFTER I FORCED YOU TO -> http://slashdot.org/comments.p... AND I posted TONS OF EVIDENCES WORLDWIDE IT DOES? STFU already... lol!)

ESPECIALLY CONSIDERING DNS IS VULNERABLE AS HELL TO BOTH Kaminsky Redirect Poisoning AND dns AMP attacks...

APK

P.S.=> It has TRULY been a pleasure catching your LIES & showing anyone reading how "reliable" ROUTERS aren't -> http://slashdot.org/comments.p...

YOUR PARTIAL QUOTES OF ME TOO, YOU LITTLE FUCKING DO-NOTHING ZERO BULLSHITTING "ne'er-do-well" FUCK?

THIS IS THE PRICE OF YOUR SORRY ASS TRYING VAINLY TO "take me on" & LOSING as always, LOU-ZER (that should be your "registered 'luser'" name here, I have so MANY times I've smashed you INTO THE GROUND with your bullshit, it's not funny anymore)... apk

DNS & ROUTERS = SINGLE POINT OF FAILURE

See subject: w/ security issues e.g. Kaminsky redirect poisoning flaw & DNS amp attacks - "GOOD SOLUTION" (lol, not).

* FACT: YOU HAD TO ADMIT DNS GOES DOWN (after I forced it out of you -> http://slashdot.org/comments.p... )

Besides wasting more CPU, RAM, & other forms of I/O in more moving parts complexity that also eats more electricity - such "efficiency" (not) in "Bolting on 'MoAr'", lol - when hosts do what is needed from 1 part you already natively have.

APK

P.S.=> Same w/ you "running to routers" - I pointed out a GOOD 225++ (considering my list is ONLY PARTIAL too) flaws in those being BROKEN INTO LEFT & RIGHT also - another "SOLID SOLUTION" (lmao, NOT) by Ash-Fox: The "ne'er-do-well" MENIAL troll! apk

Re:DNS & ROUTERS = SINGLE POINT OF FAILURE

[Ash-Fox]

* FACT: YOU HAD TO ADMIT DNS GOES DOWN

? I never denied there was downtime, I said it wasn't prone to going down.

Re:DNS & ROUTERS = SINGLE POINT OF FAILURE

[Ash-Fox]

See subject above? It's truth & BOTH DNS + ROUTERS ARE FULL OF SECURITY ISSUES GALORE

As opposed to the operating systems that support hosts files? Eh. Not really.

DNS & ROUTERS = SINGLE POINT OF FAILURE

See subject above? It's truth & BOTH DNS + ROUTERS ARE FULL OF SECURITY ISSUES GALORE, as well as downtime.

APK

P.S.=> I've backed myself with 100's of evidences from reputable sources vs. your MERE "anecdotal evidence" so, I'll let others decide for themselves... apk

You can't win: See DNS & ROUTER issues above

That works against you too then & ROUTERS + DNS are a SINGLE POINT OF FAILURE (huge one, see my posts above regarding BOTH...).

APK

P.S.=> You FAIL - I use what I already vs. ILLOGICALLY "Bolting on 'MoAr'" that does what needs doing FOR LESS (cpu/ram/other I-O, messagepassing, moving parts complexity + room for breakdown & exploit) have that my program FURTHER PROTECTS & also FURTHER REINFORCES vs. threats online (& nothing in usermode can break thru that protection beyond WFP/SFP while my program resides resident protecting hosts (& yes, I've tried to corrupt it myself even & couldn't))... apk

Re:You can't win: See DNS & ROUTER issues abov

[Ash-Fox]

That works against you too then & ROUTERS + DNS are a SINGLE POINT OF FAILURE (huge one, see my posts above regarding BOTH...).

APK, I already stated this in a previous post in another way. But, if it's a big concern that you need HA, just use technologies like BIRD with BGP. Problem solved, you can stop being salty now.

Jumping to YET another thing, lol... apk

Let's see: 1st you tried DNS (I pointed out how often it goes down by the ton & security flaws galore in it)!

2nd, you tried ROUTERS (I pointed out 225 known instances, there are MANY MORE, of them being security flawed)

FACT: BOTH REPRESENT A SINGLE POINT OF FAILURE THAT'S HIGHLY EXPLOITABLE!

(Due to what I pointed out - your dependence on them is flawed on those grounds alone!)

* NOW you're spouting even MORE BS?

Please... lol!

* Hosts files do all that's needed FOR LESS!

APK

P.S.=> Hosts files do all one needs for less yet doing FAR MORE for more speed, security, reliability, & anonymity (easily migrated across ALL endpoints on a network by a central admin & scripts)]

Best data source for such hosts files for said central domain-wide admin? You guessed it:

APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.start64.com/index.p...

By "yours truly" - (accept NO substitutes) - WHAT HAVE YOU PERSONALLY CREATED THAT'S BETTER & YOUR CODE highly recommended by the likes of MalwareBytes' HpHosts as I have on YOUR PART? Answer = NOTHING, lol... apk

Re:Jumping to YET another thing, lol... apk

[Ash-Fox]

Let's see: 1st you tried DNS (I pointed out how often it goes down by the ton & security flaws galore in it)!

You said it's prone it going down and I asked why mine wasn't, something you still failed to answer. There was nothing that showed my DNS server was particularly prone to going down.

2nd, you tried ROUTERS (I pointed out 225 known instances, there are MANY MORE, of them being security flawed)

I didn't try, I pointed out that my DNS server runs on my router which would make it pointless for any further resilient design since it was the single point of internet connectivity on my network. There little use for DNS or even hosts on my network without Internet connectivity. You on the otherhand twist it's meaning and some how think I should be setting up a pointless resilient DNS infrastructure or maybe a resilient router infrastructure which I don't really feel I need, since HA is not part of my personal requirements.

FACT: BOTH REPRESENT A SINGLE POINT OF FAILURE THAT'S HIGHLY EXPLOITABLE!

Okay, let's put it in your logic. My router goes down because I decide to unplug it. However, I have a resilient DNS infrastructure. Oh great, I can do DNS look ups on hostnames that I can't access because my Internet is down, that's less exploitable than when they both go down. Sorry, it's not really doing much and pointless at this moment in time too.

* Hosts files do all that's needed FOR LESS!

But they don't. I can't even use a hosts file on the game consoles, the smart television, the digibox, the tablets, the mobiles and I don't particularly want to ask people to let me setup hosts files in their computers so they can immediately benefit from region bypasses and other things on my network.

I had more to post, but the lameness filter kicked in.

Re:Jumping to YET another thing, lol... apk

You lie! Apk answered your question long ago. His last post proves it. Truth is you don't answer his Ash-Fox http://slashdot.org/comments.p...

Re:Jumping to YET another thing, lol... apk

[Ash-Fox]

It's funny when you have to sock puppet your own support crowd, APK.

Re:Jumping to YET another thing, lol... apk

Answer APK's question Ash-Fox http://slashdot.org/comments.p... he answered yours and proved you LIED yet again saying he didn't and like when apk cornered you forcing you to admit your DNS does go down. Why do you keep avoiding that question of APK's? We all know why.

BS: I answered your lie... apk

You admit your router goes down + I answered that lie too (insufficient load & no need vs. hosts - poor "ROI") http://slashdot.org/comments.p...

I am merely pointing out ROUTERSsee 15 posts of mine with 225 examples of insecure routers) & DNS (kaminsky redirect poisoning flaw, dns amp attacks, rogue DNS servers etc.) = SINGLE POINTS OF FAILURE with MASSIVE VULNERABILITIES & you've got ALL YOUR EGGS IN A FAULTY BASKET with LITTLE "ROI" FOR THE EXTRA MONIES OUTLAID + POWER BILLS RAISED also!

APK

P.S.=> If you want to secure your TOYS? Go ahead - but you're depending on a SINGLE POINT OF FAILURE with MASSIVE SECURITY ISSUES in BOTH use of DNS & ROUTERS, period... apk

Re:BS: I answered your lie... apk

[Ash-Fox]

You admit your router goes down

Indeed, but the statistics I shared doesn't reflect my DNS server prone to downtime. Having some down time does not equate to being prone to downtime.

I am merely pointing out ROUTERSsee 15 posts of mine with 225 examples of insecure routers)

Your problem, not mine.

DNS (kaminsky redirect poisoning flaw, dns amp attacks, rogue DNS servers etc.)

Not an issue I experience on my DNS server.

SINGLE POINTS OF FAILURE with MASSIVE VULNERABILITIES

If HA is necessary, I've told you the technologies you can use to do it.

you've got ALL YOUR EGGS IN A FAULTY BASKET with LITTLE "ROI" FOR THE EXTRA MONIES OUTLAID + POWER BILLS RAISED also!

I already measured the wattage my router uses, there is no noticeable difference between running a DNS server or not on it, so this is just further non-sense.

If you want to secure your TOYS?

Nah, I secure my entire network. Failure to secure certain systems is what leads to compromises. Such as when Target was hacked through HVAC company systems.

but you're depending on a SINGLE POINT OF FAILURE

I have a backup router I can plugin if this one fails (I don't need HA here, but could set it up if I wanted), I'm not seeing the single point of failure that hurts me here.

We have no way of knowing the truth

See subject: After all, you LIED that I didn't answer your question first of all http://slashdot.org/comments.p...

& I did LONG ago!

So - How can we trust your ALLEGED DNS uptime (which goes down anyhow which you admitted it HAS to after I forced that truth out of you-> http://slashdot.org/comments.p... )?

NOW I ASKED YOU A QUESTION YOU AVOID TO NO END (because you KNOW you've created NOTHING YOURSELF that compares to what I've done... lol!)

* I'm also NOT the one DEPENDENT ON A SINGLE POINT OF FAILURE IN A ROUTER or DNS - you are - & ROUTERS + DNS are both HUGELY security issue riddled (of which I proved tons of evidence for & it's NOT EVEN COMPLETE!)

BOTTOM-LINE: You keep on "Bolting on 'MoAr'" ILLOGICALLY costing yourself money in equipment + power costs increasing running it & complexity room for breakdown & EXPLOITS GALORE... me, by way of comparison?

I use what I already natively have in hosts files + firewalls (& the hardware level stateful packet inspecting firewall in my modem also) doing MORE for LESS...

APK

P.S.=> There's NO NONSENSE in the FACT that WHEN YOU RUN MORE HARDWARE or SOFTWARE you use more RAM/CPU, MessagePassing + other forms of I/O, & consume MORE POWER - there is NO WAY AROUND IT, & just physics fact... period!

... apk

Re:We have no way of knowing the truth

Dude, you're going off topic and aren't adressing Ash-fox's points.

Re:We have no way of knowing the truth

[Ash-Fox]

P.S.=> There's NO NONSENSE in the FACT that WHEN YOU RUN MORE HARDWARE or SOFTWARE you use more RAM/CPU, MessagePassing + other forms of I/O, & consume MORE POWER - there is NO WAY AROUND IT, & just physics fact... period!

If the measurement is 9.5 watts without and the measurement is 9.5 watts with, does it really matter if there is some tiny difference beyond what's measured there? Cost wise, I'm just not seeing a problem.

Re:We have no way of knowing the truth

Ash-Fox nothing runs for free. Programs consume memory, cpu, and more. Who are you fooling other than yourself? Noone.

Re:We have no way of knowing the truth

[Ash-Fox]

You're just salty you can't actually come up with a reasonable counter.

Bullshit - he's avoids MY question

See subject & this post of mine that proves it http://slashdot.org/comments.p...

* ESPECIALLY THE CLOSING QUESTION TO HIM THERE IN MY 'P.S.' (which I already KNOW the answer to, but I want to see him "SQUIRM", & ANSWER IT HIMSELF... lol).

APK

P.S.=> Ash-Fox, I know YOU are the "Dude" poster too - so "Run, Forrest: RUN!!!", lol... apk

Re:Bullshit - he's avoids MY question

[Ash-Fox]

Ash-Fox, I know YOU are the "Dude" poster too

Cool story.

Opera 12 just UPDATED too Trax3001BBS

Opera 12.18 (64-bit too) http://www.bing.com/search?q=o...

* Enjoy!

APK

P.S.=> Has some security update in it iirc... apk