Are you by any chance using either NoScript or the "HTTPS Everywhere" extension? It was recently discovered that they both do some things that can cause crashes...
> Websites, like Banks for example, won't run if you > use a browser version they haven't tested
Where are you finding these banks?
I've been using Mozilla Suite and then Firefox nightly builds (not releases; clearly not tested by any banks) for about 10 years now, and in that time I've dealt with at least 5 different bank websites. None of them locked out any browsers. One had a sniffing bug that detected "Minefield" as "IE" that caused a date picker to not work and refused to fix it, but that's about it.
A 3GHz i7 is a _lot_ faster than a 3GHz P4. Have you tried actually comparing them?
Heck, a 2GHz Core 2 Duo core was about comparable in raw speed to a 3.6GHz P4 core last I measured. And an i7 is a lot faster than a Core 2 Duo.
More to the point, Moore's law is about transistor count, not clock speed. Transistor count continues to increase just fine; scaling clock speed just got hard because of power issues and such.
1) The Flash plugin they bundle has various local changes applied to it (e.g. its version number often doesn't match _any_ public version number released by Adobe).
2) They haven't removed H.264 support last I checked. They just said they would, then nothing. Just like they said they're release Android source, then nothing.
> What should be done is someone step up and > TAKE OVER from Mozilla!
If someone wants to step up and take over long-term support of Firefox for those who want it, Mozilla would be _quite_ happy with the result. I don't see anyone stepping up. Do you? Or are you saying you're stepping up?:)
Nah, the submitter just quoted part of a conversation out of context and then the Slashdot editors went and posted it. Pretty normal for Slashdot recently.
> It's not like the browser world is making sudden > great progress.
Browsers today are switching to using hardware accelerated rendering, changing their HTML parsers for the first time in a decade, working on JITs for JavaScript, adding new ECMAScript features, adding a ton of DOM APIs, implementing new networking stacks (SPDY, say), revamping user interfaces (Firefox 4, IE9), adding support for lots of new HTML elements for the first time in over a decade.
What exactly would constitute "great progress" in your book? A fundamental redefinition of how links work or something on that scale?
It's a bit out of date, since all browsers have gotten faster since then, but it shows IE8 being about 18x slower than any modern browser on this particular benchmark. And this is a benchmark that hammers a lot on the VM (dates, regular expressions, etc), not the language itself.
On code that runs for longer than a few ms and is actually compute-intensive the difference between IE8 and any modern browser is even more pronounced.
Heck, at this point you can compile C code to JavaScript and then run it in some browsers and have it be only about 5x slower than the original C code. That's with (typed) arrays representing the C stack and heap and so forth...
I'd love to see your benchmark code, by the way. Or for you to rerun the benchmark in something that actually tries to run Javascript quickly, as opposed to IE8.
Only the ones that use the OS certificate store as their trust store.
For browsers, that happens to be "Safari", out of the commonly-used ones. Firefox uses its own certificate store, as do Chrome and Opera, and don't rely on the one in the OS itself.
CRLs and OCSP only work if you can reach the server they're hosted on.
You could have systems fail hard on failure to reach such servers, but that gives the SSL parts of the internet single points of DoS failure, not to mention that some CAs run pretty flaky servers to start with.
> do you mean website certificates where more than > one CA has signed them?
That's what I was talking about, yes. I'm not aware offhand of anything preventing such, and I was under the impression that they were in fact used in various cases.
But yes, one CA signing another CAs certificate is the more common way that sort of thing is done.
Slashdot Mirror
> Mine is 5.0 (according to the About box) and
> when I click on "Check for Updates" it says
> Firefox is up to date.
That should NOT be happening.
Would you mind filing a bug report about this and adding ":bz" (with the colon) to the cc field?
Alternately, would you be willing to answer some questions about your situation either here or over e-mail?
Are you by any chance using either NoScript or the "HTTPS Everywhere" extension? It was recently discovered that they both do some things that can cause crashes...
The stats here are desktop-only. They don't include any mobile browsers at all.
And the default Android web browser is not Chrome (yet, possibly; they're working on changing that).
> Websites, like Banks for example, won't run if you
> use a browser version they haven't tested
Where are you finding these banks?
I've been using Mozilla Suite and then Firefox nightly builds (not releases; clearly not tested by any banks) for about 10 years now, and in that time I've dealt with at least 5 different bank websites. None of them locked out any browsers. One had a sniffing bug that detected "Minefield" as "IE" that caused a date picker to not work and refused to fix it, but that's about it.
Scalability I'll grant you, though that's what Intel is working on.
What are the major performance and debug-ability problems that cannot be overcome with better implementations and tools?
What are the major ease of maintenance issues that are not being addressed by ongoing language evolution (e.g. addition of namespacing, modules, etc)?
> Sadly this rise has happened in a time when it has
> become almost essential to get a college degree
Which is what enables the higher tuition rates, of course.
Otherwise people would just say "screw you" to colleges and go get a job instead.
P4 used a 180nm process in 2000.
Core 2 duo used a 65nm process in 2006. That's about 9x the density, so corresponds to doubling every 2 years in there.
Core i7 in 2008 is a 45nm process, so about 2x the density again. For this one, http://en.wikipedia.org/wiki/Transistor_count has numbers: 731e6 transistors on 263 mm^2.
Core i7 in 2010 is 1170e6 transistors on 240mm^2, with a 32nm process. So about 1.75x the transistor/mm^2 of the 2008 i7.
The price might rise along those, though. Hard to say.
The doubling in transistor density certainly doesn't look like every 18 months any more.
A 3GHz i7 is a _lot_ faster than a 3GHz P4. Have you tried actually comparing them?
Heck, a 2GHz Core 2 Duo core was about comparable in raw speed to a 3.6GHz P4 core last I measured. And an i7 is a lot faster than a Core 2 Duo.
More to the point, Moore's law is about transistor count, not clock speed. Transistor count continues to increase just fine; scaling clock speed just got hard because of power issues and such.
> "Various local changes" doesn't mean it's a new
> implementation of Flash.
Sure, but it does mean they can easily have crashes that the Flash plugins Adobe ships do not.
> How reassuring.
It's meant to be! After all, Google is so good for the web! Or something....
I think you're pretty seriously confused about how the Mozilla _project_ (which you seem to be confusing with the Mozilla Corporation) operates....
You can get support for old Firefox versions through some distributions, in the past. Has that changed for some reason?
Equinox and solstices happen once every 13 weeks.
Chrome ships major updates about once every 7 weeks.
Now the question is, why are you off by a factor of 2? :)
1) The Flash plugin they bundle has various local changes applied to it (e.g. its version number often doesn't match _any_ public version number released by Adobe).
2) They haven't removed H.264 support last I checked. They just said they would, then nothing. Just like they said they're release Android source, then nothing.
> Was it too much effort
Yes.
> What should be done is someone step up and
> TAKE OVER from Mozilla!
If someone wants to step up and take over long-term support of Firefox for those who want it, Mozilla would be _quite_ happy with the result. I don't see anyone stepping up. Do you? Or are you saying you're stepping up? :)
> Have they totally lost it?
Nah, the submitter just quoted part of a conversation out of context and then the Slashdot editors went and posted it. Pretty normal for Slashdot recently.
> It's not like the browser world is making sudden
> great progress.
Browsers today are switching to using hardware accelerated rendering, changing their HTML parsers for the first time in a decade, working on JITs for JavaScript, adding new ECMAScript features, adding a ton of DOM APIs, implementing new networking stacks (SPDY, say), revamping user interfaces (Firefox 4, IE9), adding support for lots of new HTML elements for the first time in over a decade.
What exactly would constitute "great progress" in your book? A fundamental redefinition of how links work or something on that scale?
> what am I going to do with 4 cores on a phone?
Use less power any time you have four parallel threads of execution than you would with a single core tying to run them all via timeslicing...
Also, this may be targeted at tablets, not phones.
> Javascript is in IE8 on win xp.
Uh.... This is the same IE8 that doesn't have a JIT, right? Unlike every single browser actually shipping now?
Here's a relevant graph: http://ie.microsoft.com/testdrive/benchmarks/sunspider/default.html
It's a bit out of date, since all browsers have gotten faster since then, but it shows IE8 being about 18x slower than any modern browser on this particular benchmark. And this is a benchmark that hammers a lot on the VM (dates, regular expressions, etc), not the language itself.
On code that runs for longer than a few ms and is actually compute-intensive the difference between IE8 and any modern browser is even more pronounced.
Heck, at this point you can compile C code to JavaScript and then run it in some browsers and have it be only about 5x slower than the original C code. That's with (typed) arrays representing the C stack and heap and so forth...
I'd love to see your benchmark code, by the way. Or for you to rerun the benchmark in something that actually tries to run Javascript quickly, as opposed to IE8.
That _used_ to be the case, but they were planning to change it last I heard. Maybe they haven't done that yet, though.
Chrome was exposed because it had this CA in its set of trusted certs, no?
Once they shipped an update to their own cert store, they were not exposed any more, independent of what Apple did with the OS-default cert store.
> (2) sends all browsers (and email apps
Only the ones that use the OS certificate store as their trust store.
For browsers, that happens to be "Safari", out of the commonly-used ones. Firefox uses its own certificate store, as do Chrome and Opera, and don't rely on the one in the OS itself.
CRLs and OCSP only work if you can reach the server they're hosted on.
You could have systems fail hard on failure to reach such servers, but that gives the SSL parts of the internet single points of DoS failure, not to mention that some CAs run pretty flaky servers to start with.
DigiNotar is not exactly an example of race to the bottom on price... more like a monopoly jacking up prices.
> Is there any software around that will actually accept
> certificates which are that broad?
There has been in the past; those were considered bugs and fixed. But maybe some users are still running 6-year-old web browsers.
> do you mean website certificates where more than
> one CA has signed them?
That's what I was talking about, yes. I'm not aware offhand of anything preventing such, and I was under the impression that they were in fact used in various cases.
But yes, one CA signing another CAs certificate is the more common way that sort of thing is done.