Firefox 57 Brings Better Sandboxing on Linux

Catalin Cimpanu, writing for BleepingComputer: Firefox 57, set to be released tomorrow, will ship with improvements to the browser's sandbox security feature for Linux users. The Firefox sandboxing feature isolates the browser from the operating system in a way to prevent web attacks from using a vulnerability in the browser engine and its legitimate functions to attack the underlying operating system, place malware on the filesystem, or steal local files. Chrome has always run inside a sandbox. Initially, Firefox ran only a few plugins inside a sandbox -- such as Flash, DRM, and other multimedia encoding plugins.

Firefoxalypse

[freeze128]

I dread updating to Firefox 57, because it will break all of my plugins.

Re: Firefoxalypse

The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work. This increases the speed of the browser dramatically. Don't blame the Firefox developers who are creating a better product. Blame the lazy add-on developers who haven't upgraded their add-ons. Alternatively, use an ESR release. Regardless, stop whining.

Re:Firefoxalypse

I dread updating to Firefox 57, because it will break all of my plugins.

So, don't upgrade.

Re: Firefoxalypse

Only waterfox has no problem being both fast and support xul pluggins.

Yoi call people who have developed a fully functional codebase lazy because the don't adjust their priorities in line with a dick move.

Re: Firefoxalypse

But Mozilla has removed APIs so many of the plugins are impossible to implement again.

Re:Firefoxalypse

[serviscope_minor]

then run the LTS for a while. AFAICT, the plan is they're going to increase the featureset available to plugins afer 57.0. with luck what you want will mostly be available by the time the LTS expires.

Re: Firefoxalypse

If it matters that much to you, volunteer your own time, fork Firefox 56, and maintain it yourself. Firefox is open source so you have the freedom to do that. Anything else is whining and making demands of other people's time when they have no obligation to you. Stop complaining and fork Firefox if you care so much.

Re: Firefoxalypse

Insufficient edginess; return to sender.

Re:Firefoxalypse

[nmb3000]

I dread updating to Firefox 57, because it will break all of my plugins.

Apparently some editions of version 57 will continue to support "legacy" (bootstrap, XUL, etc) addons via a preference setting, including the developer and unbranded versions. This might be an option if you really want to upgrade to 57 but still want your addons.

Personally 56 is the end of the Firefox line for me. I completely reject the horrible Australis interface and the push towards the gimped and incapable Chrome-style Web Extensions. Firefox had a good run, but its Chromification is now complete and there's little reason to continue using it.

Waterfox or Pale Moon will probably be my Firefox replacement. Does anyone have any comments or suggestions on migrating to one of them?

Re: Firefoxalypse

The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work. ...

The amount of advance notice is irrelevant. The fact that the switch to Web Extensions is being driven by the calendar rather than the readiness of the software is the problem.

The new add-on interface still lacks functionality. There are many things that a Web Extension simply can't do, but that can be done by traditional Firefox add-ons. To add insult to injury, the Mozilla team isn't treating these gaps as a high priority. Their attitude seems to be "tell us what you're missing and maybe we'll add it later."

Alternatively, use an ESR release.

That would be a more useful suggestion if Firefox 56 was the ESR. But it's not -- they're using an older version. I may be willing to stand still, but I'm not interested in going backwards.

Re:Firefoxalypse

I've heard this so many times it seems like Chrome/Edge propaganda now. Why so negative on the visuals of the browser? WHO GIVES A FLIPPITY DO DAH what the browser looks like? Is that REALLY the criteria you judge software on? The shape of the buttons and tabs?

Fine, quit Firefox, but they are adding more and more support for privacy while all the other browsers are removing it or don't give to diddly flips about it. Hand over your data to GOOGLE using a chrome WHICH LOOKS LIKE AUSTRALIS ANYWAYS!

*Caps for emphasis on the total idiocy of these kinds of remarks.

Repeat after me, ditching software A because it's ugly for software B that is also ugly is stupid logic.

Re: Firefoxalypse

Except that Waterfox is not its own browser, it's wholly reliant on whatever the Firefox developers do. Once they stop overworking themselves by maintaining Firefox's legacy while updating it, and just pull out those bits, Waterfox will be fucked. Daydreaming about how easy it is to maintain XUL is just not going to get it done. There is no covert army of coders just waiting to take up the torch; if such a team existed they would have fixed the problems before things got to this point.

The whole "lazy" angle is just plain insulting, too. Do you honestly not realize that Firefox could have dropped this legacy stuff before they spend the last year overworking themselves to bring the engine up to speed? It would have made things easier, but they wanted to give us more time to find out how to port our legacy addons. The only people still bitching about it now are the people who never put in any effort to do so, and just feel entitled to having someone else make their niche APIs for them.

Re:Firefoxalypse

[KiloByte]

Even this sandbox is broken, as it breaks any non-trivial audio that requires a plugin.

Re:Firefoxalypse

Of course he says Waterfox/Pale moon would be his alternative, not Chrome.

Re:Firefoxalypse

[ArhcAngel]

I've been using Waterfox for several years as my default browser. I keep a copy of Google IE6...er I mean Chrome for those web sites that employ less than compliant coding. I originally ran it on my Windows 7 gaming PC but now have it running on my Mint and Android devices as well. While purely anecdotal I feel like Waterfox is much faster than Firefox and comparable to Chrome in most regards. I haven't tried Pale Moon for a couple of years so I can't say how it compares to Waterfox currently.

Re: Firefoxalypse

[theweatherelectric]

Only waterfox has no problem being both fast and support xul pluggins.

Do you have benchmarks to prove it? I'd like to see the numbers on latest Waterfox versus Firefox 57, comparing both with and without add-ons installed.

Re: Firefoxalypse

[KiloByte]

Out of 37 extensions I use, there are WebExt equivalents for, *drumroll* 11. That much only because I spent some time looking for replacements.

APIs that would be required to reimplement those extensions aren't even coded yet, and any code that gets merged (which usually takes months) needs additional 18 weeks to percolate into an unstable ("non-ESR") release. With Firefox 52 EOL in June, the chances enough of extensions required for sane use will be ready by then are about nil. And the default, with nothing for privacy but tons of junk like Pocket or Telemetry, is almost as far from sanity as Chromium.

I guess it's time to look into packaging Waterfox or another fork.

Re: Firefoxalypse

Except that they only provided notice of the change, they didn't actually provide the APIs required for the change....because they spent too much damn time integrating Pocket, screen print.

Also, Firefox > 53 have serious memory leaks that cause it to hang after 3-4 days.

Re:Firefoxalypse

[Antiocheian]

Personally 56 is the end of the Firefox line for me. I completely reject the horrible Australis interface and the push towards the gimped and incapable Chrome-style Web Extensions. Firefox had a good run, but its Chromification is now complete and there's little reason to continue using it.

Same here, even though I didn't have a problem with Australis, so I'll stick with ESR for a few months and then move to Pale Moon. There's an Adblock Plus XUL-based fork for Pale Moon, so everything is ready for the move.

Re:Firefoxalypse

[theweatherelectric]

There's an Adblock Plus XUL-based fork for Pale Moon

Adblock Plus works in Firefox 57. Personally, I use uBlock Origin.

Re:Firefoxalypse

[DarkOx]

Why don't you just go back to the still maintained Seamonkey suite? It supports all the best FF extensions.

Re: Firefoxalypse

It's not that they removed them, but they simply haven't (or won't) implement them. The reason, as far as I can tell, is that they refuse to admit that there are better (or simply different) ways to design the interface.

Re:Firefoxalypse

you should have migrated over to ESR before it was too late (profiles are not entirely backwards-compatible anymore), at least you would have had more time.

pale moon is an option, but even then, compatibility with addons (old style) is spotty.

Re:Firefoxalypse

I've heard this so many times it seems like Chrome/Edge propaganda now. Why so negative on the visuals of the browser? WHO GIVES A FLIPPITY DO DAH what the browser looks like? Is that REALLY the criteria you judge software on?...

If I wanted to use something that looks like Chrome, I'll use Chrome.

Not some bastardized "Look, ME TOO!!!!" twerp-written imitation.

And if looking like Chrome weren't so important, why is Mozilla doing everything they can to be Chrome's bastard child?

Re: Firefoxalypse

That's great, except for the part where some plugins CANNOT be implemented under the new API.

And the part where a whole ecosystem of perfectly good extensions created by volunteers for free is being discarded without a viable replacement for many of them.

Re: Firefoxalypse

If you want to stay at v56 a while, which is what I plan to do until the whole extension clusterfuck gets sorted out:

sudo apt-mark hold firefox firefox-locale-en

I don't use as many extensions as you, but still a solid half of the 12 or so I use have no v57 version, and many of them can't given the API limitations.

This thing is being pushed out too early. First reach feature parity, THEN ship it.
.

Re: Firefoxalypse

So rather than working now (or sooner) to help get your APIs sooner, you're going to.. switch to a legacy-supporting fork that will eventually have to give up on legacy addons as well. Sounds as legit to me as the people who threaten to jump ship to Chrome because of a lack of addons, despite Chrome not having those addons either.

Re:Firefoxalypse

[jez9999]

Seamonkey is dead in the water. Once XUL support is removed it will be gone.

Re:Firefoxalypse

[jez9999]

Is that REALLY the criteria you judge software on? The shape of the buttons and tabs?

YES. The size of buttons and other UI elements, the colourfulness and skilfulness of the icon design to make icons clear and pretty, and the fact that the UI functionality is even there in the first place (bookmarks sidebar, separate search bar, status bar, live bookmarks toolbar, etc.) are all important.

Re: Firefoxalypse

[drinkypoo]

I guess it's time to look into packaging Waterfox or another fork.

Pale Moon has come a long way, the compatibility issues and frequent crashes are both gone.

Re:Firefoxalypse

[markdavis]

>"Why so negative on the visuals of the browser? WHO GIVES A FLIPPITY DO DAH what the browser looks like? Is that REALLY the criteria you judge software on? The shape of the buttons and tabs?"

It is not just how it looks but how it operates. Some of us want tabs on bottom. Some of us want sane, traditional "file" menus for fast access and easy training. Some of us want a status bar. Some of us want predictable forward, back, reload, and home buttons that are together, don't disappear in context, or are not combined into some moving monster. It is a lot more than just the tabs being curved.

I agree with the whiners that claim they will "move to Chrome" which is, in no way, a suitable replacement (or logical argument). It has the same sucky UI that people don't want to use but ALSO is far more proprietary, has far less user control, and has all kinds of Google-isms built in.

There are alternatives such as Pale Moon, or Waterfox... but even that move can be very painful depending on circumstances (we are not just talking about techie-home-users). And it is unclear if those will ever gain the ACTUAL improvements Mozilla has added to Firefox for performance, memory usage, and security.

Re: Firefoxalypse

The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work. This increases the speed of the browser dramatically. Don't blame the Firefox developers who are creating a better product. Blame the lazy add-on developers who haven't upgraded their add-ons. Alternatively, use an ESR release. Regardless, stop whining.

Half the APIs needed for the addons are missing and wont be implemented until FF57+

Re:Firefoxalypse

I dread updating to Firefox 57, because it will break all of my plugins.

It took me 2.68734 seconds to properly pronounce your thread title. Well done.

Re: Firefoxalypse

Notice isn't what matters in this particular case. Most of the plugins that break in 57 do so because the WebExtensions APIs required to implement them simply don't exist yet. You can't honestly blame the add-on developers for that.

Re:Firefoxalypse

[roca]

Good thing those are all still there in 57 then. (Except maybe live bookmarks; I'm not sure about that.)

Re:Firefoxalypse

[nmb3000]

Why so negative on the visuals of the browser?

Aside from the fact that I find it subjectively ugly, I dislike it because I think the design is unusable outside of a very base case of 2-4 tabs. Tabs-on-top is also a huge pain in the ass when using Remote Desktop or anything else that puts a bar along the top of the screen. It also goes against all OS design guidelines by removing the window title bar and system menus which makes muscle memory around those UI elements worthless. I could go on, but it doesn't really matter.

Is that REALLY the criteria you judge software on? The shape of the buttons and tabs?

Of course. These UI elements are the only way to interact with the application. Would you complain if the steering wheel of your car was changed to a cube and the brake and accelerator moved to toggle switches on the dashboard? After all these are just the shape and position of a few controls. So far I've been content to fix these problems using a UI addon, but every single one of those is made non-functional in version 57.

Hand over your data to GOOGLE using a chrome WHICH LOOKS LIKE AUSTRALIS ANYWAYS!

Which is why I would never switch to Chrome. I do have to use it occasionally as the "modern" web is becoming a "Works best with IE ^H^H Chrome" clusterfuck, but every time I do I'm just reminded why it sucks.

After using Firefox for 15 years, watching it turn into a mini-me of Chrome is soul-crushing. Honestly, I'm really hoping that the 57 fiasco will either spawn a viable fork that puts the browser back on the right path, or pushes more development resources towards Gecko alternatives like Waterfox.

Re:Firefoxalypse

[theweatherelectric]

Some of us want sane, traditional "file" menus

The menus are in Firefox on Windows. Turn on the Menu Bar via the Hamburger menu -> Customize -> Toolbars options (or press F10 to turn them on and then select View -> Toolbars -> Menu Bar to keep them on).

Some of us want predictable forward, back, reload, and home buttons that are together, don't disappear in context, or are not combined into some moving monster.

That's how Firefox 57's UI is working for me. I use the Light theme (one of the three themes included in Firefox 57 by default) with the Compact density setting. See the Customize settings page.

And it is unclear if those will ever gain the ACTUAL improvements Mozilla has added to Firefox for performance, memory usage, and security.

So just use Firefox and customize the UI CSS if you really want to.

Re:Firefoxalypse

Noscript is still flagged Legacy. I won't upgrade until it's available.

I run Adblock Plus, Ublock Origin, and Noscript. They're all turned up to 11, and they still manage to block different things.

Re:Firefoxalypse

[theweatherelectric]

It also goes against all OS design guidelines by removing the window title bar and system menus

You can turn on the Menu Bar in Firefox via the UI Customize settings (Hamburger menu -> Customize) or by pressing F10 to turn them on and selecting View -> Toolbars -> Menu Bar to keep them on.

So far I've been content to fix these problems using a UI addon, but every single one of those is made non-functional in version 57.

You can customize the UI via the built-in Customize settings. You can also modify the UI CSS if you really want to.

watching it turn into a mini-me of Chrome is soul-crushing. Honestly, I'm really hoping that the 57 fiasco

Firefox isn't a mini-me of Chrome and there is no fiasco. Relax. Don't worry, be happy. You'll feel better.

Re:Firefoxalypse

[uncqual]

I don't dread it, because I won't do it. After over a decade of loyal FF use, 56 is the end of the road for me as I've only found a comparable WebExtension plugin to ONE of the seven or so plugins I rely on. A major reason I have been loyal to FF, and tolerated its performance issues related to memory over the years, is because of the plugins.

I actually regret upgrading to 56 from 55 -- performance dropped into a abyss upon installation (I now keep an about:memory tab open all the time so every so often I can click on 'minimize memory' which resolves, or at least ameliorates, the performance problems for a couple of hours).

Re: Firefoxalypse

[uncqual]

freeze128 doesn't appear to be demanding anything of anyone. He is just observing that he dreads upgrading (just as I observed that I won't be upgrading and will be switching browsers).

Re:Firefoxalypse

[theweatherelectric]

I can click on 'minimize memory' which resolves

Sounds like you've got add-on problems. You should see if the problem persists with all add-ons disabled and maybe reset to a clean profile if you've been changing about:config settings (see about:support).

Re:Firefoxalypse

[uncqual]

But, people who are already running 56 have no trivial LTS option - in a recent release (54?) Mozilla declared that backwards compatibility is not supported (I'd check the release notes again but find them extremely hard/counter-intuitive to find on the new FF website design - apparently it's focused on looking "cool" and trying to "sell" rather than focusing on trying to be functional and on providing information). Sure, you could reenter all your passwords, export/import your bookmarks (to some non FF format?), etc. -- but one might as well try other browsers at that point since it seems likely that Mozilla's poor planning, coupled with a lack of developer enthusiasm for developing/testing extensions for a browser with declining market and mind share, will mean that LTS will expire without a proper set of extensions available for a 57+ version.

Re:Firefoxalypse

[uncqual]

I've considered doing that, but since the problem cropped up simultaneously with the install of 56 and without any upgrades to add-ons (I don't allow automatic upgrades), I figure that probably isn't worth my time given that the lack of add-ons I want in 57 mean I'll be abandoning FF anyway -- small odds of buying a few more weeks or couple months (before some security problem goes unfixed in obsoleted 56) isn't worth the effort.

Re:Firefoxalypse

[uncqual]

(I forgot to mention also, I don't screw around with about:config settings hardly ever -- and certainly not in the past couple of years).

Re:Firefoxalypse

[theweatherelectric]

I figure that probably isn't worth my time

It's trivial to do. Go to about:support and click on "Restart with Add-ons Disabled" to run Firefox in safe mode. When you're finished with safe mode, exit Firefox and run it up again normally. There isn't much effort required.

Re:Firefoxalypse

[Trogre]

So what do you plan to do? Fork the FF 55 codebase, or start your own browser engine from scratch?

If it's the latter, please be kind enough to share it with the rest of us.

Re: Firefoxalypse

If you use 52 till EOL you can switch to 61 beta or 60 release. Not bad? just leap to 61.

Re:Firefoxalypse

[uncqual]

Probably sell out and switch to Chrome -- but I've not spent much time in it so plans could change (the only time I use it now is when some web site, unfortunately more frequent recently, doesn't work in FF but does in Chrome - presumably because the site doesn't bother to test as well on FF any more).

But, nope, I'm not forking FF 55 and taking it over :) That's not the sort of system or code (or politics) I enjoy working on.

Re:Firefoxalypse

I will switch people to firefox, telling them it's fast. After trying late 57 beta I think this browser might be a big success.

Re: Firefoxalypse

And like lots of people say every damn time we have this discussion. WebExtensions do not and will not ever have feature parity with current extensions. They, by design, do not have the same level of access to the browser. Lots of these addons simply CANNOT exist at WebExtensions. I'll be sticking to ESR and switching when a suitable fork pops up.

Re:Firefoxalypse

[jon3k]

As a long time Chrome user I've been running Firefox Nightly on both Linux (Fedora 26) personally and on Windows at work, and it has been absolutely fantastic. The only plugins I use are: uBlock, RES, Vimium and Tab Session Manager but it has been wonderful so far. I have 40+ tabs open at any time and I haven't had a single issue, it's really been fantastic. The performance has been extremely good. The only caveat is that it seems to put tabs to "sleep" in the sense that if you don't use it for quite a while, when you flip back it has to reload the page. But this has really been a non-issue for me so far.

As long as you can find a comparable plugin to what you've been using I can wholeheartedly recommend it.

Re: Firefoxalypse

[jon3k]

37 Extensions? I didn't even know there were that many. Mind sharing a list?

Re:Firefoxalypse

[jon3k]

Aside from the fact that I find it subjectively ugly, I dislike it because I think the design is unusable outside of a very base case of 2-4 tabs. Tabs-on-top is also a huge pain in the ass when using Remote Desktop or anything else that puts a bar along the top of the screen. It also goes against all OS design guidelines by removing the window title bar and system menus which makes muscle memory around those UI elements worthless. I could go on, but it doesn't really matter.

You can hide the connection bar. There's also Tree Style Tabs.

Re: Firefoxalypse

This 'fuck off and die' attitude of yours is why projects like Firefox and Gnome are dying. Users shouldn't have to fork these projects just to get usable software. The developers should just do the responsible thing and do what the users of the software want. It's childish to disrespect the users.

Re: Firefoxalypse

The real danger is that once these users try Chrome, even with only a subset of their preferred extensions, they'll see how much faster it is than Firefox and won't want to switch back to Firefox. I've tried the Firefox 57 betas and they're still noticeably slower than Chrome. It was possible to put up with Firefox's slowness when it still supported lots of useful extensions. But with that benefit disappearing there will be no reason to use Firefox, and actually a lot of reasons to not use it.

Re: Firefoxalypse

[doom]

Blame the lazy add-on developers who haven't upgraded their add-ons.

Let me enlighten you about a secret of software projects: if you want to be taken seriously as a platform for third-party developers, breakage-on-upgrade is never acceptable. And accusing them of being lazy is an excellent way of driving them away.

Alternatively, use an ESR release.

Which staves off the problem only temporarily. I would suggest the waterfox fork, or possibly palemoon.

Regardless, stop whining.

You first.

Re: Firefoxalypse

[doom]

This 'fuck off and die' attitude of yours is why projects like Firefox and Gnome are dying.

It sure doesn't help.

Re: Firefoxalypse

[doom]

Yup. Is there an equivalent for "It's All Text" yet?

Re: Firefoxalypse

[theweatherelectric]

The developer of It's All Text recommends emacs chrome or GhostText.

Re:Firefoxalypse

And search bar. Search bar addon for Firefox 57 https://addons.mozilla.org/en-US/firefox/addon/o-o-0-o-o-wingowing/

Re: Firefoxalypse

You do realize that your answering a post related to code that has already been forked, don't you. A post that address the single point that dropping xul plugins was speed related. The whoosh in this one is strong.

Re: Firefoxalypse

Pale Moon already demonstrated that its developers are far more into "fuck you and your add-ons, it's our way or the highway" back when they broke a lot of add-ons with engine switch followed by another add-on apocalypse with dropping support for jetpack add-ons.

The message was exactly what people here are complaining about: "Tell us what isn't working, and if we find it important, we may implement it in the future".

Re:Firefoxalypse

I'm sure it will crush chrome now. It was all about the speed after all!

While waiting for this, you may want to consider consulting your physician on the topic of drugs you're taking. They appear to be causing severe brain damage.

Re:Firefoxalypse

[Luckyo]

Noscript, instead of all the grandstanding is apparently simply not portable. The functionality needed in the API does not exist.

In before a bunch of knights in shining armour start quoting Noscript's author from months ago. Yeah, he said it might be possible and that it was a high priority to firefox team themselves to get it working. And even with that level of support, it still hasn't been done. Draw the relevant conclusions and understand you're being lied to.

Re:Firefoxalypse

[KozmoStevnNaut]

You can add the title bar back through the UI customization.

It's almost as if you haven't actually made any effort, and jumped straight to baseless complaints instead.

Re:Firefoxalypse

[KozmoStevnNaut]

Why both ABP and uBO? They overlap completely. Replace ABP with Privacy Badger instead.

Re: Firefoxalypse

[KiloByte]

AdBlock Plus (the WebExt version is useless, BTW), bug489729. CanvasBlocker, Classic Theme Restorer, Cookie Monster, Decentraleyes, DNSSEC/TLSA Validator, Download Status Bar, some poo Youtube downloader I won't grace with naming, Font Information, Google Privacy, google-no-tracking-url, Html Validator, HTTP/2 Indicator, HTTPS Everywhere, I don't care about cookies, Iceweasel Branding, KeysDisable, Last tab close button, No Coin, Open in Browser, OverbiteFF, Perspectives, Privacy Settings, RequestPolicy Continued, RequestPolicy Sync, RightToClick, Sage, SixOrNot, Smart Referer, Stylus, TinEye Reverse Image Search, Translate This, U2F Support, View as text, YesScript.

And I don't consider myself extension-heavy, compared to other users I have seen.

Re:Firefoxalypse

"Edge propaganda" I could understand, but calling the hate for anything that looks like Chrome "Chrome propaganda" shows you have no clue what you are talking about.

If anything, it would be "anti-Chrome propaganda", and that would be fit coming from Firefox fans. Unfortunately, Mozilla seems hell-bent on pissing off Firefox fans.

Re: Firefoxalypse

[jon3k]

I lost it at OverbiteFF, I've actually played with that before.

Seriously, how many do you actually need though? Two or three?

Re: Firefoxalypse

[KiloByte]

Seriously, how many do you actually need though? Two or three?

Need: AdBlock Plus, bug489729, Classic Theme Restorer (for sane UI), Cookie Monster, DNSSEC/TLSA Validator, I don't care about cookies (EU sites are useless otherwise), Open in Browser (you can't view a goddamn diff otherwise!!!1!elebenty-one!), RequestPolicy, Sage, YesScript (too many sites have anti-AdBlock javascript).

Want for privacy: Canvas Blocker, Decentraleyes, Google Privacy, google-no-tracking-url, Smart Referer.

The rest merely make life nicer. And indeed, OverbiteFF is dead weight.

Re: Firefoxalypse

[G00F]

WOW! You are the second person I know to have more than 10ish. I know one person with 20's and they claim to be a plugin addict. I have 10, and think that's on the higher side. I set most people up with uBlock or Disconnect and that's it.

Going over your extentions, some appear to duplicate what already exists. Examples: can use google to translate page. Can shift click to force right click. Seams many of your plugins wouldn't be needed if you used NoScript.

FF 57 with no NoScript, ment that I use Pale Moon with NoScript + uBlock as a minimum until NoScript released for FF.

Re: Firefoxalypse

[KiloByte]

Sadly, a majority of web pages are unusable or seriously degraded with NoScript. Even Slashdot is uncomfortable to read.

That's why I use RequestPolicy to kill most third-party stuff, but default to allowing first-party scripts. Certain offenders then get smacked down with YesScript.

Re:Firefoxalypse

>using a chrome WHICH LOOKS LIKE AUSTRALIS ANYWAYS!
you say that as if I was happy with that change at the time. Never heard of the "Firefox is turning into a chrome clone" complaint before or what?

How about giving users a choice?

Remember that Firefox 57 also only supports WebExtensions add-ons, which will break lots of add-ons including some used for security. How about giving users a choice whether they want faster speeds or to retain the functionality of XUL add-ons. This is what Apple calls courage. I call it asinine. Let users upgrade and get the additional security, but let them decide if they want speed or legacy add-ons.

Re:How about giving users a choice?

[theweatherelectric]

including some used for security

Like what? uBlock Origin works in Firefox 57, so does Adblock Plus, so does Ghostery, so does Privacy Badger, so does HTTPS Everywhere, etc. The only one missing from AMO at the moment is NoScript but that will be released soon.

Re:How about giving users a choice?

[Antiocheian]

The author of Adblock Plus stated that the significant changes introduced here are unfortunate but sadly unavoidable. Thankfully Adblock Latitude, ABP's fork for Pale Moon doesn't have to apply such unfortunate changes.

Re:How about giving users a choice?

[theweatherelectric]

I don't see any major problems in that list, and in any case they say improvements are already in the works. The fork will be left behind as new releases of Adblock Plus roll out.

Re:How about giving users a choice?

[tepples]

Bug 1325692 causes data loss by making it impossible to disable the Ctrl+Q shortcut to quit. In the XUL era, one would use Keybinder, but the replacements for Keybinder are incompatible with the Linux version of Firefox because of bug 1325692.

Re:How about giving users a choice?

[KozmoStevnNaut]

It's ctrl+shift+Q in FF57, not just ctrl+Q. If you have session saving turned off, it will also warn you before closing the browser.

Re:How about giving users a choice?

[tepples]

It's ctrl+shift+Q

That solves being close to "close current tab", but it's dangerously close to "switch one tab to the left" (Ctrl+Shift+Tab).

Re:How about giving users a choice?

[KozmoStevnNaut]

For me, I use different fingers for those two shortcuts, so it makes it rather difficult to mix them up by mistake.

Re:Not in Munich though

[jfdavis668]

Year of the Windows desktop!

Dear PaleMoon devs, a request... apk

This FF 57++ builds sounds really good (assuming it's not bs lie propoganda pr, which I say it's not) - strip it of any "no good" elements & INCOPORATE IT into the next Palemoon builds, please!

* I've been gravitating towards PaleMoon a bit (as an alternate to Classic Opera 12.18 64-bit I use 90% of the time to this day) & would LOVE to see a build based on this engine from Mozilla (minus ANY tracking/advertising machine stuff of course).

Addons I like (NoScript only - lol, helps me FIND SCRIPT TAGS script src to block in hosts) are ported already to "WebExtensions" so, "have @ it" boys!

APK

P.S.=> Thanks - should this take place that is & of course, also assuming all the "grapevine talk" in favor of this build IS true (I assume it is currently)... apk

More Details

Firefox 57, dubbed Firefox Quantum for it's speed increase over it's predecessors, is set to be released tomorrow. This version will ship with improvements to the browser's sandbox security feature for Linux users. The Firefox sandboxing feature isolates the browser from the operating system in a way to prevent web attacks from using a vulnerability in the browser engine and its legitimate functions to attack the underlying operating system, place malware on the filesystem, or steal local files. Chrome has always run inside a sandbox. Initially, Firefox ran only a few plugins inside a sandbox -- such as Flash, DRM, and other multimedia encoding plugins.

Ugh, parent is a fake APK... apk

I'd release my HOSTS file generator as open source if it weren't for trolls like the parent. I'm getting tired of imposters like this user.

* This has happened before, when a fake APK replied to my posts about bump stocks. It was probably AssFux...LOL.

* Bump stocks really should be banned. The far right, funded by the NRA and the Vatican, is firmly entrenched on trying to stop any gun control. We must not allow them to succeed in again stopping gun control legislation.

P.S.=> While I'm busy improving internet security, these trolls are busy causing trouble. Grow up.

Download Link...

[unique_parrot]

http://ftp.mozilla.org/pub/fir...

A question for Mozilla

[hyades1]

Is it called "Firefox 57" because that's how many users are left?

Re:A question for Mozilla

Is it called "Firefox 57" because that's how many users are left?

Yes, and it's always rising

Re:A question for Mozilla

[Big+Hairy+Ian]

Is it called "Firefox 57" because that's how many users are left?

I thought it was homage to Wesley Snipes Passenger 57 :)

Attempting to impersonate me? Weak... apk

Attempting to impersonate me? Weak... & as usual, I'll record it as I have for years now in my favorites (100's of them by now), that's all.

(You know, I actually PITY fools like you - I really do! Don't you have ANYTHING worthwhile to contribute back to the world instead of being a pest? Apparently not...)

APK

P.S.=> You KNOW you're overcoming opposition when attempting to "impersonate me" happens, lol... apk

Cripplefox

No Tab Mix Plus? It's not Firefox, it's Cripplefox. Fuck the crips.

Re:Cripplefox

[Luckyo]

Don't worry, google only wants your blood.

Why Chrome and not Chromium?

[short]

Why does Slashdot always compare Firefox with proprietary Chrome when all the mentioned features does provide already Free Chromium?

Re:Why Chrome and not Chromium?

Because even chromium already sneaking in binary blobs for it's voice recognition thing

Re:Why Chrome and not Chromium?

[short]

That blob has been fixed both upstream and in Fedora chromium since 2016-09-07: enable_hotwording=false

Re:Why Chrome and not Chromium?

Firefox has trademark crap just like chrome. seems fair. ice weasel / unbranded firefox == chromium

Re:Why Chrome and not Chromium?

[NewYork]

Slashdot is manipulating our minds :)

Re:Why Chrome and not Chromium?

[toddestan]

Part of the problem is that there's really no standard "Chromium" as they all differ depending on who built it and what they decided to include/exclude. However, Google specifies exactly what's in Chrome so if someone says Chrome you know exactly what they are talking about.

The same thing exists actually on the Firefox side. While the source code is open, Mozilla owns the Firefox trademark and keeps pretty strict rules on what you can call Firefox should you start distributing your own builds. So the Chromium equivalent is closer to IceCat (formally IceWeasel, which exists exactly for this reason), along with other builds like Waterfox.

Original Article

[theweatherelectric]

The BleepingComputer article adds nothing of value over the original blog post.

BlackArch is at 55.03

Good enough for me. How much more sandboxed can you get than a portable VM of a blackarch linux live iso at a library with the tor browser bundle?

Stop adding bullshit k thx.

This shit is fast, I knew it would be. First time running it here like this.

Too little too late.

[clockley(571021718)]

I've long since switched to Chrome, It seems Firefox abandoned Linux user years ago, from dropping flash support to not implementing a proper sandbox to broken GPU acceleration its clear Linux is not a priority for Firefox.

Re:Too little too late.

That's entirely fitting given how little Linux users have given a shit about Firefox and in contributing to it ever since they decided to care more about the licensing of some icons. You get back what you give; it goes both ways.

Re:Too little too late.

[theweatherelectric]

dropping flash support

That's what everyone is doing, even Adobe themselves. Flash is dead. You are in the first stage of grief. Time to move on.

Re:Too little too late.

[tepples]

The next step is to dig up the contact information for the authors of each animation and game on Newgrounds and ask them to port them to HTML5. How would we go about that?

Re:Too little too late.

[theweatherelectric]

The next step is to dig up

No, the next step is to get Adobe to release a WebAssembly build of the Flash run time. And if Adobe doesn't care about Flash enough to do that then tough luck, kid.

It seems like you're in stage 3 of grief: bargaining.

Re: Not in Munich though

It's the year of stupidity in germany, munich included.

Dear PaleMoon devs, a request... apk

This FF 57++ builds sounds really good - strip it of any "no good" elements & INCOPORATE IT into the next Palemoon builds, please.

* I've been gravitating towards PaleMoon a bit (as an alternate to Classic Opera 12.18 64-bit I use 90% of the time to this day) & would LOVE to see a build based on this engine from Mozilla (minus ANY tracking/advertising machine stuff of course).

Addons I like (NoScript only - lol, helps me FIND SCRIPT TAGS script src to block in hosts) are ported already to "WebExtensions" so, "have @ it" boys!

APK

P.S.=> Thanks - should this take place that is & of course, also assuming all the "grapevine talk" in favor of this build IS true (I assume it is currently)... apk

This is a positive for Firefox

I know some dread dealing with some plugin's breaking. But Firefox 57 is probably the best thing to happen for Firefox in a long time. This in my opinion helps Firefox catch up to Chrome in many ways and gives users of Firefox a reason to stick with the browser. You want plugin's there is always Chrome.

Parent is a fake APK... again... apk

I'd release my HOSTS file generator as open source if it weren't for trolls like the parent. I'm getting tired of imposters like this user.

* This has happened before, when a fake APK replied to my posts about bump stocks. It was probably AssFux...LOL.

* Bump stocks really should be banned. The far right, funded by the NRA and the Vatican, is firmly entrenched on trying to stop any gun control. We must not allow them to succeed in again stopping gun control legislation.

* Posts discussing the need to ban bump stocks are promptly censored to -1. Moderation is censorship, and that's a fact no matter how much all of you try to deny it.

* Whenever you point out the truth that moderation is censorship, people get very angry. It's like you kicked their dog or insulted their mother. They're very attached to their censorship... erm... moderation system.

APK

P.S.=> While I'm busy improving internet security, these trolls are busy causing trouble. Grow up... lol... apk

I've already busted you impersonating me

See subject & this link loony boy "ne'er-do-well" https://news.slashdot.org/comments.pl?sid=11351467&cid=55542661/ Grow up!

QUESTION - Do you work for Joogle or what??

(I ask that because I'm only saying I like FF - & WHO wouldn't like THAT? Joogle (the main moneyman behind /. is who, lol)).

APK

P.S.=> You have serious mental issues, no questions asked... apk

I had a games website once

[jez9999]

My games website was somewhat popular (1000s of views per day and this was the mid-90s so was a kind of big thing then) and I had a guy who regularly updated it for me. One day I decided to overhaul the design to make it something I thought looked more appropriate. I asked the guy and he said he didn't like it and preferred the current one but I was sure I was right so I ploughed ahead and replaced the site with the new design. He left, and the site viewership dwindled down and never recovered.

Mozilla kind of reminds me of me from 20 years ago.

Bug 1325692 marked as wontfix

[tepples]

The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work.

Yet they mark some admittedly missing WebExtension functionality as "wontfix". See comment 11 by Andy McKay to Bug 1325692 - [commands] Explicit support for overriding built-in keyboard shortcuts by WebExtensions: "Removing flags, this API is not going to be written in time to for Firefox 57."

Port the plug-in to Web Audio API

[tepples]

Then download the source code for the plug-in, exercise your right under the source code's free software license to transpile it to JavaScript and port it to the Web Audio API, and use one of the *monkey extensions to insert it into every page that requires said plug-in. Or hire someone to.

Re:Port the plug-in to Web Audio API

[KiloByte]

Then download the source code for the plug-in, exercise your right under the source code's free software license to transpile it to JavaScript and port it to the Web Audio API, and use one of the *monkey extensions to insert it into every page that requires said plug-in. Or hire someone to.

How exactly do I "transpile" a honest LD_PRELOAD library (and its dependencies) to JavaScript? And how do you propose to call ioctls from JavaScript injected into a page?

Emscripten

[tepples]

How exactly do I "transpile" a honest LD_PRELOAD library (and its dependencies) to JavaScript?

First you obtain its source code, and then you use Clang with the Emscripten or WebAssembly target.

And how do you propose to call ioctls from JavaScript injected into a page?

By writing a shim that translates audio ioctls to their corresponding Web Audio API calls. In some cases, it may be easier to delete all the operating system integration, keeping only the codec proper, and write a new Web Audio API integration.

Re:Emscripten

[KiloByte]

easier to delete all the operating system integration, keeping only the codec proper, and write a new Web Audio API integration

That can work if all you want is some codec, rather than making audio work at all. That "Web Audio API" won't work if the browser itself can't output sound.

Re:Emscripten

[tepples]

In the HTML5 model, integration with the operating system's audio output API is the responsibility of the browser, not the plug-in. If your browser can't play sound, your browser is broken.

Tree Style Tabs ported

[PingSpike]

Piro's Tree Style Tabs has been ported to 57:
https://addons.mozilla.org/en-...

So I'm on board. No other browser offers this functionality still and its my must have feature. Vivaldi has something similar, but not the same.

I wish Video DownloadHelper would get ported though. That could be a problematic change.

Re:Tree Style Tabs ported

[theweatherelectric]

I wish Video DownloadHelper would get ported

Version 7 has been released with Firefox 57 support.

Haters will be haters

You know, many of the comments in this thread appear to come from the instant gratification crowd. Folks who are always ready and willing to vote somebody or something off the island.

The design changes for Firefox reminds me of the python2 vs python3 wars where the lead developers decided to bite the bullet and make api breaking changes for the good of future development. The bdfl reasoned that there was also a whole new class of users to be captured wit these changes.

I predict the same thing happening here. Lots of chrome users migrating to firefox who will more than make up for the,sorry I'm outta here crowd of dissolutioned whiners.

They have the right to their feelings and opinions. It's just sad to see once again the minority hijacking a good news design item with their breathless rants of opinionated .. whatever.