Firefox 57 Brings Better Sandboxing on Linux (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

Firefox 57 Brings Better Sandboxing on Linux (bleepingcomputer.com)

Posted by msmash on Monday November 13, 2017 @08:05AM from the what-to-know dept.

Catalin Cimpanu, writing for BleepingComputer: Firefox 57, set to be released tomorrow, will ship with improvements to the browser's sandbox security feature for Linux users. The Firefox sandboxing feature isolates the browser from the operating system in a way to prevent web attacks from using a vulnerability in the browser engine and its legitimate functions to attack the underlying operating system, place malware on the filesystem, or steal local files. Chrome has always run inside a sandbox. Initially, Firefox ran only a few plugins inside a sandbox -- such as Flash, DRM, and other multimedia encoding plugins.

22 of 124 comments (clear)

Min score:

Reason:

Sort:

Firefoxalypse by freeze128 · 2017-11-13 08:08 · Score: 5, Insightful

I dread updating to Firefox 57, because it will break all of my plugins.
1. Re: Firefoxalypse by Anonymous Coward · 2017-11-13 08:18 · Score: 3, Insightful
  
  The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work. This increases the speed of the browser dramatically. Don't blame the Firefox developers who are creating a better product. Blame the lazy add-on developers who haven't upgraded their add-ons. Alternatively, use an ESR release. Regardless, stop whining.
2. Re:Firefoxalypse by serviscope_minor · 2017-11-13 08:32 · Score: 3, Informative
  
  then run the LTS for a while. AFAICT, the plan is they're going to increase the featureset available to plugins afer 57.0. with luck what you want will mostly be available by the time the LTS expires.
  
  --
  SJW n. One who posts facts.
3. Re:Firefoxalypse by nmb3000 · 2017-11-13 08:40 · Score: 2, Informative
  
  I dread updating to Firefox 57, because it will break all of my plugins.
  Apparently some editions of version 57 will continue to support "legacy" (bootstrap, XUL, etc) addons via a preference setting, including the developer and unbranded versions. This might be an option if you really want to upgrade to 57 but still want your addons.
  Personally 56 is the end of the Firefox line for me. I completely reject the horrible Australis interface and the push towards the gimped and incapable Chrome-style Web Extensions. Firefox had a good run, but its Chromification is now complete and there's little reason to continue using it.
  Waterfox or Pale Moon will probably be my Firefox replacement. Does anyone have any comments or suggestions on migrating to one of them?
  
  --
  "What do you despise? By this are you truly known." --Princess Irulan, Manual of Muad'Dib
  /)
4. Re: Firefoxalypse by Anonymous Coward · 2017-11-13 08:50 · Score: 3, Insightful
  
  The Firefox develops gave plenty of notice of this change, allowing add-on developers lots of time to upgrade and ensure their add-ons still work. ...
  The amount of advance notice is irrelevant. The fact that the switch to Web Extensions is being driven by the calendar rather than the readiness of the software is the problem.
  The new add-on interface still lacks functionality. There are many things that a Web Extension simply can't do, but that can be done by traditional Firefox add-ons. To add insult to injury, the Mozilla team isn't treating these gaps as a high priority. Their attitude seems to be "tell us what you're missing and maybe we'll add it later."
  
  Alternatively, use an ESR release.
  That would be a more useful suggestion if Firefox 56 was the ESR. But it's not -- they're using an older version. I may be willing to stand still, but I'm not interested in going backwards.
5. Re:Firefoxalypse by Anonymous Coward · 2017-11-13 09:03 · Score: 4, Insightful
  
  I've heard this so many times it seems like Chrome/Edge propaganda now. Why so negative on the visuals of the browser? WHO GIVES A FLIPPITY DO DAH what the browser looks like? Is that REALLY the criteria you judge software on? The shape of the buttons and tabs?
  Fine, quit Firefox, but they are adding more and more support for privacy while all the other browsers are removing it or don't give to diddly flips about it. Hand over your data to GOOGLE using a chrome WHICH LOOKS LIKE AUSTRALIS ANYWAYS!
  *Caps for emphasis on the total idiocy of these kinds of remarks.
  Repeat after me, ditching software A because it's ugly for software B that is also ugly is stupid logic.
6. Re: Firefoxalypse by Anonymous Coward · 2017-11-13 09:04 · Score: 2, Insightful
  
  Except that Waterfox is not its own browser, it's wholly reliant on whatever the Firefox developers do. Once they stop overworking themselves by maintaining Firefox's legacy while updating it, and just pull out those bits, Waterfox will be fucked. Daydreaming about how easy it is to maintain XUL is just not going to get it done. There is no covert army of coders just waiting to take up the torch; if such a team existed they would have fixed the problems before things got to this point.
  The whole "lazy" angle is just plain insulting, too. Do you honestly not realize that Firefox could have dropped this legacy stuff before they spend the last year overworking themselves to bring the engine up to speed? It would have made things easier, but they wanted to give us more time to find out how to port our legacy addons. The only people still bitching about it now are the people who never put in any effort to do so, and just feel entitled to having someone else make their niche APIs for them.
7. Re:Firefoxalypse by ArhcAngel · 2017-11-13 09:18 · Score: 2
  
  I've been using Waterfox for several years as my default browser. I keep a copy of Google IE6...er I mean Chrome for those web sites that employ less than compliant coding. I originally ran it on my Windows 7 gaming PC but now have it running on my Mint and Android devices as well. While purely anecdotal I feel like Waterfox is much faster than Firefox and comparable to Chrome in most regards. I haven't tried Pale Moon for a couple of years so I can't say how it compares to Waterfox currently.
  
  --
  "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
8. Re: Firefoxalypse by KiloByte · 2017-11-13 09:18 · Score: 4, Informative
  
  Out of 37 extensions I use, there are WebExt equivalents for, *drumroll* 11. That much only because I spent some time looking for replacements.
  APIs that would be required to reimplement those extensions aren't even coded yet, and any code that gets merged (which usually takes months) needs additional 18 weeks to percolate into an unstable ("non-ESR") release. With Firefox 52 EOL in June, the chances enough of extensions required for sane use will be ready by then are about nil. And the default, with nothing for privacy but tons of junk like Pocket or Telemetry, is almost as far from sanity as Chromium.
  I guess it's time to look into packaging Waterfox or another fork.
  
  --
  The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
9. Re:Firefoxalypse by theweatherelectric · 2017-11-13 09:49 · Score: 3, Informative
  
  There's an Adblock Plus XUL-based fork for Pale Moon
  Adblock Plus works in Firefox 57. Personally, I use uBlock Origin.
10. Re:Firefoxalypse by DarkOx · 2017-11-13 09:52 · Score: 3, Informative
  
  Why don't you just go back to the still maintained Seamonkey suite? It supports all the best FF extensions.
  
  --
  Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
11. Re: Firefoxalypse by Anonymous Coward · 2017-11-13 09:54 · Score: 2, Insightful
  
  It's not that they removed them, but they simply haven't (or won't) implement them. The reason, as far as I can tell, is that they refuse to admit that there are better (or simply different) ways to design the interface.
12. Re: Firefoxalypse by Anonymous Coward · 2017-11-13 10:17 · Score: 5, Insightful
  
  That's great, except for the part where some plugins CANNOT be implemented under the new API.
  And the part where a whole ecosystem of perfectly good extensions created by volunteers for free is being discarded without a viable replacement for many of them.
13. Re: Firefoxalypse by uncqual · 2017-11-13 12:02 · Score: 2
  
  freeze128 doesn't appear to be demanding anything of anyone. He is just observing that he dreads upgrading (just as I observed that I won't be upgrading and will be switching browsers).
  
  --
  Why is there an "insightful" mod and why isn't it "-1"? If I wanted insight, I wouldn't be reading /.
14. Re: Firefoxalypse by doom · 2017-11-13 15:52 · Score: 3, Insightful
  
  Blame the lazy add-on developers who haven't upgraded their add-ons.
  Let me enlighten you about a secret of software projects: if you want to be taken seriously as a platform for third-party developers, breakage-on-upgrade is never acceptable. And accusing them of being lazy is an excellent way of driving them away.
  
  Alternatively, use an ESR release.
  
  Which staves off the problem only temporarily. I would suggest the waterfox fork, or possibly palemoon.
  
  Regardless, stop whining.
  
  You first.
Download Link... by unique_parrot · 2017-11-13 08:29 · Score: 4, Informative

http://ftp.mozilla.org/pub/fir...
A question for Mozilla by hyades1 · 2017-11-13 08:35 · Score: 5, Funny

Is it called "Firefox 57" because that's how many users are left?

--
I've calculated my velocity with such exquisite precision that I have no idea where I am.
Why Chrome and not Chromium? by short · 2017-11-13 08:47 · Score: 3, Interesting

Why does Slashdot always compare Firefox with proprietary Chrome when all the mentioned features does provide already Free Chromium?
Original Article by theweatherelectric · 2017-11-13 08:56 · Score: 2

The BleepingComputer article adds nothing of value over the original blog post.
Re:How about giving users a choice? by theweatherelectric · 2017-11-13 09:10 · Score: 4, Informative

including some used for security
Like what? uBlock Origin works in Firefox 57, so does Adblock Plus, so does Ghostery, so does Privacy Badger, so does HTTPS Everywhere, etc. The only one missing from AMO at the moment is NoScript but that will be released soon.
Re:How about giving users a choice? by Antiocheian · 2017-11-13 09:48 · Score: 2

The author of Adblock Plus stated that the significant changes introduced here are unfortunate but sadly unavoidable. Thankfully Adblock Latitude, ABP's fork for Pale Moon doesn't have to apply such unfortunate changes.
Re:Too little too late. by theweatherelectric · 2017-11-13 10:25 · Score: 2

dropping flash support
That's what everyone is doing, even Adobe themselves. Flash is dead. You are in the first stage of grief. Time to move on.