Firefox in Trouble

[markus]

http://www.eweek.com/article2/0,1759,1774091,00.asp

I totally agree with the article.

[supernova_00]

...make sure to keep the browser patched up to avoid known security problems like the IDN (International Domain Name) bug.

First of all the dude needs to get crap straight and stop making it sound like firefox is at fault and the only one with the problem. This was not and is not firefox's fault, it is the fault of Domain registars and the browser, namely firefox and opera had to apply band-aids to fix those problems.

While Firefox does have an auto-update feature, the rollout of its first security patch, Firefox 1.0.1, was delayed for several days because of server overload problems.

Also misleading. Moz did not delay the release becuase of server overload problems, this was planned well in advance to do this.

It's not just Windows users who are facing a rocky upgrade route: Firefox 1.0.1 wasn't available for Linux and Mac users at all until several days later.

More like 16-24 hours later

Forget about trying to get new and better versions out. They're not going to be able to keep up on security fixes and bugs.

We aren't? We have hundreds of people capable of creating patches, only takes one to review a patch for a security fix in which any of the devs can check in be it asa, ben, mconnor, dbaron just to name a few and whose names weren't part of the "6" reviewers.

For example, it used to be that if you ran Firefox you never saw annoying pop-up ad windows. ... Today, instead of pop-ups, there are sites that feed you pop-unders: advertising windows that deploy under your current Web browser window, which you then see when you close your window.

It's annoying, it needs to be fixed, and if Connor is correct, I don't see that happening anytime soon. A Firefox extension, Adblock, can make the pop-under problem more manageable, but you must set it up manually for it to work.

Those are because of flash, we can't completly disable the flash popups because lots of sites use this legitly. IE even has the same problems becuase of flash pop-ups.

Here's the long and short of it. If the Mozilla Foundation and Firefox friends like Google don't start spending money?right now?to hire more programmers, more project managers and more servers, it won't matter how many ads in the New York Times Firefox supporters take out, Firefox will have already reached its high tide of popularity and we can only wait for the ebb to begin.

Umm no, we are no where near our high tide of popularity. And if the devs and hackers didn't have to rebutle and correct articles like that, we could spend more time on the browser.

[Veedems Veteran]

Well the first page of the article sounds like whining, more than anything, although, in between that annoying writing, are raised some valid points. The girth of the article definitely comes in the second page, though, where Mr. Connor voices his concern over the slow pace of development. He has a point. Well, both men have points. People abuse MS for their patch release system, but at least it works right when they do release a patch. Fx definitely has some issues there. Also, it's taking a long time for things to get done and, like Mike says, I don't see how 1.5 is going to be out this year.

With Opera making some huge improvements and hype starting to build behind IE7, the Fx team needs to pull a rabbit out of their hat and gain back the steam they had in the last quarter of last year.

Heck, maybe they should spend less time worrying about guys like me using the name "Firefox" in my builds and actually work on the app itself.

[Veedems Veteran]

Also misleading. Moz did not delay the release becuase of server overload problems, this was planned well in advance to do this.

They did plan it, though, to prevent server overload.

We aren't? We have hundreds of people capable of creating patches, only takes one to review a patch for a security fix in which any of the devs can check in be it asa, ben, mconnor, dbaron just to name a few and whose names weren't part of the "6" reviewers.

Even if it gets landed, an update isn't released. They don't release patches, only whole new builds, which takes too long.

Umm no, we are no where near our high tide of popularity. And if the devs and hackers didn't have to rebutle and correct articles like that, we could spend more time on the browser.

Firefox is already dipping in popularity in terms of hype and publicity. Also, the devs shouldn't have to respond to articles like this. They should be able to manage their time, firstly, and if these problems didn't exist, this article wouldn't even have been written.

Firefox's team is flawed, whether you wish to admit it or not.

[supernova_00]

I do agree that it is flawed at the moment but should be back to normal if not greater soon since no more Suite.

Most of the security fixes can't be fixed by just releasing a patch though, bummer there but I rather wait a few weeks for a whole new version instead of downloading firefox everytime a new patch is landed to fix a crasher bug or a security related bug. But generally when a security vulnerbility is found there is a quick fix that anyone compentent enough to click a few buttons and type about:config can fix themselves. Like how be tempoarliy disabled IDN support, disabling flash pop unders and at least a few others.

[markus]

But generally when a security vulnerbility is found there is a quick fix that anyone compentent enough to click a few buttons and type about:config can fix themselves.

*sigh* that is why open source will never get ahead!! Jesus and you think every tom, dick and harry know how to do that? why should I have to stay playing around with settings, and let's face it system admin's can't stay going around 'fixing' every browser around.

If MS used such a stupid mentality we would have never been were we are today!!

[supernova_00]

If it is so hard for someone to understand what I will write below then they should be shot.

1. In the address bar type about:config, next hit enter or the go key

2. In the filter bar type network.enableIDN

3. Double-click on the result below the filter, the line should now be bold

4. Close the tab and you are now safe from IDN spoofing

what is so hard about that?

Meant to put this in last post. MS doesn't release patches when they are ready, they wait up to a whole month afterwards to release the patch so not to make themselves look bad by having an update available every couple of days and having to make the users update their systems. Moz does the same thing, and like I said above "instead of downloading firefox everytime a new patch is landed to fix a crasher bug or a security related bug." as to not have their users bitch and moan every few days that they have another patch to install. Most things can't just be fixed with just a patch becuase of the way Firefox is secure and won't let certain things be changed by an api or whatever its called.

[kyro]

eweek = :boo:

[markus]

I did not say that it was hard to do, what I said was why should users have to do that!!

And MS releases patches after a month due to testing - they have to make sure that one patch will not break all the other software that is out there!!

And you said : "instead of downloading firefox everytime a new patch is landed to fix a crasher bug or a security related bug." Why should I have to download Firefox all over again? Imagine me having to donwload IE or Windows every time a new patch is released that would be insane!! having to install Firefox all over again everytime is just plain stupid!!

[supernova_00]

Like I said, becuase of security reasons a lot of things in the code just can't be changed via patches, and how would joe blow compile his own build after the patch was applied anyways. Oh and about MS so magically every first tuesday or whatever of each month MS somehow just releases all these patches that made it in just the nick of time for release day? I think not. A lot are fixed and tested and just wait for their release day every month. Why aren't these pushed as soon as they are ready via AutoUpdate?

[BajiRav]

oh you forgot one thing :whistle: this is very intuitive !!!

If it is so hard for someone to understand what I will write below then they should be shot.

1. In the address bar type about:config, next hit enter or the go key

2. In the filter bar type network.enableIDN

3. Double-click on the result below the filter, the line should now be bold

4. Close the tab and you are now safe from IDN spoofing

what is so hard about that?

Meant to put this in last post. MS doesn't release patches when they are ready, they wait up to a whole month afterwards to release the patch so not to make themselves look bad by having an update available every couple of days and having to make the users update their systems. Moz does the same thing, and like I said above "instead of downloading firefox everytime a new patch is landed to fix a crasher bug or a security related bug." as to not have their users bitch and moan every few days that they have another patch to install. Most things can't just be fixed with just a patch becuase of the way Firefox is secure and won't let certain things be changed by an api or whatever its called.

585623381[/snapback]

[IceDogg]

I'm sure there is problems with Fx, as with any company/product. I don't argue that. But this seems to happen anytime something or someone gains popularity to fast or people get tired of hearing about. I can name thousands, and I'm sure if I researched millions, of examples of people getting behind something or someone like this and then after they/it gets more popular they turn on it. My time here I have notice this very thing has happened with Firefox. Even the ones that didn't really care for it, before, was just like well I'll stick with IE or whatever, now, slam it hard and call people names for saying something good about it, like they had been slapped in the face or something. I remember when IE first came out and some people started to get behind it and this same kind of push came along for it.. then it became THE browser and everyone (almost everyone) starting hating it. My Favorite football team is either loved or hated.. very little middle ground, because they are one of the most popular teams. It's like that with everything. Thats why I knew it would happen with Fx too.

Now, what's my point? The point is now is the REAL test for Fx and the people developing it. This kind of thing has brought down many teams/companys/people/countrys and so on. This is the beginning of the test now. I hope Fx can make it through this as well. I really like the browser.. even with it's problems. But I do agree with some of what bangbang023 is saying. 1.5 by the end of the year is going to be really pushing it. And it is time to admit there is flaws and get to the work of fixing them.. wow sorry this turned into a book.

Edited March 16, 2005 by IceDogg

[kaffra]

If it is so hard for someone to understand what I will write below then they should be shot.

1. In the address bar type about:config, next hit enter or the go key

2. In the filter bar type network.enableIDN

3. Double-click on the result below the filter, the line should now be bold

4. Close the tab and you are now safe from IDN spoofing

what is so hard about that?...

585623381[/snapback]

lol, whats so hard about that? sure after reading it here, no problem, but you expect normal users to know how to fix this on their own? :rofl:

[CoolCatBad]

Some considerations........Firefox does seem to appeal to the Geek crowd, but there is surely a second or even third generation of computer users coming along who can perform simple and effective hacking/modding on their own.

My 10 year old nephew can easily negotiate game cheats and other nefarious patching tasks, so I doubt he or his contemporaries would be troubled by tinkering with browser settings.

Sourceforge.net currently lists eMule as the most downloaded (open source) program, at 85 million or so, followed by Azureus at 36 million- almost a tie with Firefox.

A creditable sum, but even more so if you appreciate the value of the given "market", not in traditional terms of disposable income or other demographic factors, but in being a solid base of savvy, front-line customers.

[supernova_00]

lol, whats so hard about that? sure after reading it here, no problem, but you expect normal users to know how to fix this on their own?  :rofl:

585623434[/snapback]

by following the directions. Moz posted same info when secunia and everybody blew up about the IDN spoofing. If people can't follow those directions then who knows how they get every day life, damn passing written test for driving is harder then following that or for the kiddies, if they are past 5 grade they should be able to understand and follow those directions.

anyways not going to argue that anymore.

[Lare2]

If it is so hard for someone to understand what I will write below then they should be shot.

1. In the address bar type about:config, next hit enter or the go key

2. In the filter bar type network.enableIDN

3. Double-click on the result below the filter, the line should now be bold

4. Close the tab and you are now safe from IDN spoofing

what is so hard about that?

Meant to put this in last post. MS doesn't release patches when they are ready, they wait up to a whole month afterwards to release the patch so not to make themselves look bad by having an update available every couple of days and having to make the users update their systems. Moz does the same thing, and like I said above "instead of downloading firefox everytime a new patch is landed to fix a crasher bug or a security related bug." as to not have their users bitch and moan every few days that they have another patch to install. Most things can't just be fixed with just a patch becuase of the way Firefox is secure and won't let certain things be changed by an api or whatever its called.

585623381[/snapback]

O yes, and you want "average joe" or "joe user" (ho in the hell is joe BTW :laugh: ) to dig into the config to protect themselves from this.

If Firefox really wants to be a mainstream browser, they need to make it easy to use for those Joes mentioned above.

I use Firefox as you can see from mi sig, but I recognize that FF is still way too far from becoming a mainstream browser.

They have server loads with this usage base, imagine when those number grow.

[em_te]

If it is so hard for someone to understand what I will write below then they should be shot.

1. In the address bar type about:config, next hit enter or the go key

2. In the filter bar type network.enableIDN

3. Double-click on the result below the filter, the line should now be bold

4. Close the tab and you are now safe from IDN spoofing

585623381[/snapback]

I think we should also take into account that some people are actually scared when they see people telling them to do things which they don't understand. Even if they can follow instructions, they are still skeptical of who gave those instructions and are reluctant to follow them. IIRC, this fix for the IDN issue was not posted on www.mozilla.org (the source of trust), but was only posted on secondary sites. And information on secondary sites may not be safe such as the guy who went around recommending that people enable signed.applets.codebase_principal_support to fix certain "problems".

[mko]

I think we should also take into account that some people are actually scared when they see people telling them to do things which they don't understand. Even if they can follow instructions, they are still skeptical of who gave those instructions and are reluctant to follow them. IIRC, this fix for the IDN issue was not posted on www.mozilla.org (the source of trust), but was only posted on secondary sites. And information on secondary sites may not be safe such as the guy who went around recommending that people enable signed.applets.codebase_principal_support to fix certain "problems".

585623772[/snapback]

that fix however is the only way you can get certain sites to allow copy text to clipboard. besides Firefox still gives a warning when allowing sites to copy to clipboard.

[DannyGlass]

I think Firefox is the best browser on the planet, but it's not going to stay that way long unless the team behind it gets their act together sooner rather than later.

He probably hasnt even used Firefox in his life and his just trying to say untrue opinions so that IE can be the top most used web browser, its not like IE has never had any problems and since ive been using Firefox i havent had any spyware/adware but with IE i use to get it all day long and then my pc would just come to one big hault.

-DannyGlass

[Veedems Veteran]

He probably hasnt even used Firefox in his life and his just trying to say untrue opinions so that IE can be the top most used web browser, its not like IE has never had any problems and since ive been using Firefox i havent had any spyware/adware but with IE i use to get it all day long and then my pc would just come to one big hault.

-DannyGlass

585623806[/snapback]

Oh my....please stop, there is no reason to even bother saying something like that.

[markus]

He probably hasnt even used Firefox in his life and his just trying to say untrue opinions so that IE can be the top most used web browser, its not like IE has never had any problems and since ive been using Firefox i havent had any spyware/adware but with IE i use to get it all day long and then my pc would just come to one big hault.

-DannyGlass

585623806[/snapback]

*sigh* of course you are right (being sarcastic)!! Using IE = spyware/adware infested PC, using Firefox = no sypware/adware.

Geez when are we going to stop hearing comments like these and start having a real intelligent conversation.

[Chicane-UK Veteran]

Geez when are we going to stop hearing comments like these and start having a real intelligent conversation.

As soon as you stop being so damn one sided in your arguments as well my friend! You know Microsoft are pretty damn far from being a perfect company, yet you talk about them like the sun shines out of their backside!

[Malisk]

To further confuse Windows users, the default installation of this 'patch' leaves you with entries for both the now-gone older version and the new one in Windows' Add or Remove Programs control panel.

It's a known bug that's been around since June of 2004 and it's still not been fixed. I am not amused.

Is he seriously saying Firefox is in trouble part because a redundant entry in Add/Remove Programs, that doesn't impact his system in any way? Please... :no:

Today, instead of pop-ups, there are sites that feed you pop-unders: advertising windows that deploy under your current Web browser window, which you then see when you close your window.

It's annoying, it needs to be fixed, and if Connor is correct, I don't see that happening anytime soon. A Firefox extension, Adblock, can make the pop-under problem more manageable, but you must set it up manually for it to work.

And the alternative is...?

IE isn't one, and Opera I'm not sure.

He can't possibly claim Firefox is in trouble if the competitors are lacking here as well.

Forget about Microsoft coming out with IE 7 to challenge Firefox. If Firefox rots from the inside out—the way so many other programs, like the original Netscape browser, did—then it's not going anywhere much beyond where it is now.

The original Netscape wasn't open source, so I doubt that will happen. If it starts running low on developers, I'm pretty sure others will pick up on where they left. Which ?ber geek wouldn't want to help develop Firefox -- a competitor to IE itself -- if a request for help was announced?

Here's the long and short of it. If the Mozilla Foundation and Firefox friends like Google don't start spending money—right now—to hire more programmers, more project managers and more servers, it won't matter how many ads in the New York Times Firefox supporters take out, Firefox will have already reached its high tide of popularity and we can only wait for the ebb to begin.

An ebb can't begin unless there are better alternatives. He's basically saying less people will browse if Firefox loose its edge? Which browser will they switch to? He's already said this too:

Forget about Microsoft coming out with IE 7 to challenge Firefox.

So I'm not sure what he's trying to say at all. People want to browse the web, and will use the best browser for the job. IE 7 isn't even out yet and we don't know what it'll do, so how can he say Firefox is in trouble?

WHEN IE 7 is released and IF it's better, THEN he should maybe have written this article and it would've made sense.

[Veedems Veteran]

As soon as you stop being so damn one sided in your arguments as well my friend! You know Microsoft are pretty damn far from being a perfect company, yet you talk about them like the sun shines out of their backside!

585624399[/snapback]

IE and MS have nothing to do with this. Get over it, everyone.

The team really should work on breaking up the app a bit so that they can patch individual files and patch them instead of releasing a whole new version. That would make things a lot easier.

[Chicane-UK Veteran]

Apologies bangbang023.. trying to surpress the fanboy in me, but sometimes it fights to get out in threads like this.