homepage Welcome to WebmasterWorld Guest from 23.20.220.79
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Browsers / Firefox Browser Usage and Support
Forum Library, Charter, Moderators: incrediBILL

Firefox Browser Usage and Support Forum

    
Firefox 16 withdrawn due to security vulnerability
Firefox, security, vulnerability
longen




msg:4506928
 2:42 pm on Oct 11, 2012 (gmt 0)

The vulnerability allowed "a malicious site to potentially determine which websites users have visited", Mozilla said.

[bbc.co.uk ]

 

engine




msg:4506991
 5:15 pm on Oct 11, 2012 (gmt 0)

I'm pleased it was found at this stage and not after the its released.

It does seem a bad flaw, and follows on from the earlier bug in 15.
Firefox 15.0.1 Fixes Not So Private Browsing Bug [webmasterworld.com]

These bugs don't give me confidence.

g1smd




msg:4506992
 5:16 pm on Oct 11, 2012 (gmt 0)

No sooner than 15.0.1 was out, 16.0.0 appeared.

This "version numbers race" is insane.

SevenCubed




msg:4506995
 5:23 pm on Oct 11, 2012 (gmt 0)

This "version numbers race" is insane.


Isn't it. I can't imagine what the developers are smoking to get them so buzzed with quick version turnouts but maybe they should pass it on to the folks at W3C.

ken_b




msg:4506996
 5:26 pm on Oct 11, 2012 (gmt 0)

I want my old 3.6 back!

incrediBILL




msg:4506998
 5:31 pm on Oct 11, 2012 (gmt 0)

These bugs don't give me confidence.


The fact that they were quickly found and quickly acted upon is a good thing and should give you confidence that the developers are trying to stay ahead of the bad guys.

I'd be more worried if they weren't looking for vulnerabilities and if they found them, kept them quiet so unsuspecting surfers wouldn't know until it was too late.

This kind of thing happens when people escalate development cycles because it's too much too soon as everyone is racing to stay ahead of the competition and that's when security is more likely to suffer.

The problem is people quickly lose interest in any software if it has lengthy product development cycles so keeping it fresh and constantly releasing something new keeps it current in consumers minds, and the hackers.

Firefox should just dial it back a little.

grelmar




msg:4507016
 6:42 pm on Oct 11, 2012 (gmt 0)

Isn't it. I can't imagine what the developers are smoking to get them so buzzed with quick version turnouts...


They're smoking from the Agile Development Framework [en.wikipedia.org] crack pipe.

It's a fantastic method of developing software that ensures rapid releases cycles and quickly escalating version numbers, generates massive consulting fees and developer bonuses for all involved, while relieving the developers and management team of any responsibility for long term architectural decisions, vision, or generating actually sustainable code.

It's a very specific variety of Kool-Aid popular in Dot-Com circles right now. A similar variety was last tested in Jonestown.

g1smd




msg:4507024
 6:57 pm on Oct 11, 2012 (gmt 0)

"A camel is a horse built by committee decision".

incrediBILL




msg:4507041
 7:41 pm on Oct 11, 2012 (gmt 0)

Things like this remind me of this old gem:
"If builders built buildings the way programmers wrote programs, the first woodpecker to come along would destroy civilization"

GaryK




msg:4507073
 9:02 pm on Oct 11, 2012 (gmt 0)

FF never offered me 16.0, but it just now asked if I wanted to install 16.0.1. I'm not sure what to do so I told it not right now thank you.

g1smd




msg:4507079
 9:11 pm on Oct 11, 2012 (gmt 0)

Presumably that's the fixed version. I'll let other people test it out first though.

tedster




msg:4507176
 3:34 am on Oct 12, 2012 (gmt 0)

They're smoking from the Agile Development Framework crack pipe.

Right - and that particular approach wasn't really designed for a hostile environment.

I love agile development in the right setting - as a friend of mine describes it "Do it wrong quickly." But when security is in the mix, then doing it wrong can be a major issue. I don't think banks work with agile development.

morehawes




msg:4507202
 5:42 am on Oct 12, 2012 (gmt 0)

I want my old 3.6 back!


Agreed!

incrediBILL




msg:4507206
 6:27 am on Oct 12, 2012 (gmt 0)

The old 3.6 leaked like a puppy.

No thanks.

They finally fixed the leak in FF 15 and I left it running for a week without rebooting it daily as the used RAM didn't balloon up to 2GB+ or more.

graeme_p




msg:4507257
 10:13 am on Oct 12, 2012 (gmt 0)

@GaryK, that is the fixed one: [mozilla.org ]

Browsers are a security problem. As I suggested in a recent discussion on the Linux forum, use OS level security (Apparmour on Linux, for example) to limit browsers access to the system. I also use multiple browsers to make it harder for important data to leak through XSS etc.

bhonda




msg:4507459
 3:08 pm on Oct 12, 2012 (gmt 0)

I know it's a little off-topic, but surely having rapidly increasing version numbers hampers their ability to market the actual big releases.

For example, Windows 8. Previous version was Windows 7. Everyone knows that since that's a whole version number up, there are big changes afoot.

If Firefox decided to do something radical, something really impressive that we should take note of, how would that be named? Firefox 22? Or was that Firefox 23?

I think they're shooting themselves in the foot for a short term gain, but losing in the long run.

Back on topic though, I think I'll be waiting a little while too before I hit 16.0.1.

g1smd




msg:4507596
 8:25 pm on Oct 12, 2012 (gmt 0)

You missed it!

16.0.2 is out today.



Just kidding :)

incrediBILL




msg:4507621
 9:28 pm on Oct 12, 2012 (gmt 0)

I know it's a little off-topic, but surely having rapidly increasing version numbers hampers their ability to market the actual big releases.


It's a non-profit organization, you think they have marketing money? BWAHAHA!

I think it's more of a situation of keeping a rapid development pace just to prove their worth the grant money being wasted on Firefox.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Browsers / Firefox Browser Usage and Support
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved