Forgot your password?
typodupeerror
Firefox Mozilla Software IT News

Firefox 3.6 Support Ends April 2012 187

Posted by timothy
from the slow-motion-shutdown dept.
An anonymous reader writes "Mozilla for some time after switching to the rapid release process talked about releasing Extended Support Releases that would give companies and organizations some breathing space in the race to test and deploy new browser versions. With the first ESR release (which will be Firefox 10), comes the Firefox 3.6 end of life announcement. Firefox 3.6 users will receive update notifications in April to update the browser to the latest stable version by then."
This discussion has been archived. No new comments can be posted.

Firefox 3.6 Support Ends April 2012

Comments Filter:
  • Group Policy (Score:5, Insightful)

    by DCTech (2545590) on Thursday January 05, 2012 @01:02PM (#38599500)

    companies and organizations some breathing space in the race to test and deploy new browser versions

    I doubt this hardly matters to companies. The thing is, they *cant* deploy Firefox as it is. There is no group policy like with IE, and recently with Chrome. You can distribute it easily within your company. This is what Firefox has always lacked and I don't understand why they have been so ignorant about it. Yes, it does nothing to home users, but it's required for companies.

    • by i.r.id10t (595143)

      Actually, it matters for anyone doing stuff complicated (usually needlessly) on the web that has to support something other than Microsoft... like learning management systems.

    • You can put it in an image and have the imaged version check for updates on its own servers. Infact I worked for a school district who did this for 30,000 machines

      • by smash (1351)
        Because that is easy to roll out to my existing 500 PCs /sarcasm. No group policy support = no way it is getting deployed on most corporate networks.
    • Re:Group Policy (Score:4, Informative)

      by DarkOx (621550) on Thursday January 05, 2012 @01:28PM (#38599964) Journal

      Right because it was so hard to script out the installer, and copy pre-crafted config file to the right place Actually if anything that ties corporate users more to a specific version because they have to actually invest some time into building their own deployment package which is certain to be somewhat version dependent.

      If you IT staff can't "deploy" Firefox they are worthless. I can completely understand them not wanting to chase the latest version, preferring to just replace the executable installer package with one that just has the security fixes in it but none of the new math. So all their pre-rolled configs and installation scripts don't have to change.

       

      • Re:Group Policy (Score:5, Informative)

        by Richard_at_work (517087) <richardprice AT gmail DOT com> on Thursday January 05, 2012 @01:46PM (#38600234)

        Fine, script the installer.

        Now update the home screen, and add new bookmarks to already deployed installs.

        That's where GPO carries on and your solution ends.

      • Re:Group Policy (Score:4, Insightful)

        by hairyfeet (841228) <.bassbeast1968. .at. .gmail.com.> on Thursday January 05, 2012 @02:23PM (#38600882) Journal

        Firefox has to run as admin to update, strike one. It doesn't have low rights mode like chrome and IE, strike two. Its crazy release schedule means zero testing before deployment, strike three and you're outta there!

        As someone who used FF before it was even called FF and the suite before that i hated to see it go but go it had to as its performance has been getting worse it seems as far as CPU spiking and RAM leaking, extensions were breaking everywhere and the final straw was that XSS bug that allowed malware writers to spam yahoo mail accounts from FF. If you got a bunch of spam emails from friends with Yahoo accounts, all consisting of a single word or sentence and a driveby malware link? that was the FF XSS bug. With low rights mode its damned near impossible to pull crap like that since the browser runs even lower than a user it simply can't get the permissions to do a lot of nastiness. Low rights mode was released with vista in 2007 BTW and here it is 2012 and Firefox STILL doesn't have it. But hey they have personas right?

        I truly hope the FF devs will stop going Goatse at their users and get back to their original mission statement which was to build a small, fast, and light browser with good security because I do miss NoScript although I don't know if its really needed with low rights mode and sandboxing. But if you think IT are "worthless" for not deploying a less securable browser that requires admin rights to install and isn't easy at all to set up GPOs that can't be trivially bypassed by the user? Then I'd personally hate to see what the admins are like you'd consider competent, probably the type that just gives everyone admin rights and cleans up after the messes.

        • Re:Group Policy (Score:5, Informative)

          by Dagger2 (1177377) on Thursday January 05, 2012 @04:35PM (#38603122)

          Firefox has to run as admin to update

          True for now [mozilla.org].

          It doesn't have low rights mode like chrome and IE

          True.

          Its crazy release schedule means zero testing before deployment

          Well, other than the six weeks it's in "Beta" (i.e. release candidate) where the intent is to make no changes, and the six weeks it's in "Aurora" (i.e. beta), where only bug fixes are made. And the extra twelve weeks it's in certify/deploy state in the ESR proposal. But other than that.

          extensions were breaking everywhere

          Extensions rarely break with the new "major releases are now minor releases" model. As of Fx10, it will even stop claiming they're broken [mozilla.org] too.

          and the final straw was that XSS bug that allowed malware writers to spam yahoo mail accounts from FF ... With low rights mode its damned near impossible to pull crap like that

          OK, I'm not sure which bug you're referring to, but generally running the browser in a low-rights mode doesn't prevent XSS bugs, because XSS bugs happen inside the browser itself.

          that requires admin rights to install

          Wait, install? You said "update" earlier. But OK... I believe it installs fine as a non-admin user if you opt to install it to a directory the user has write permission to, which is what Chrome does by default. Firefox Portable certainly works fine as a non-admin user (updates included!), and that's just a wrapper around a vanilla Firefox.

          and isn't easy at all to set up GPOs that can't be trivially bypassed by the user

          True, as far as I know. Though if you're allowing the browser to be installed without admin rights, the user could presumably just overwrite it with a version that doesn't obey GPOs, so either this applies to Chrome too or you in fact don't actually want non-admin users to be able to install the browser.

          I dislike the new release schedule as much as the next guy, but I'd prefer it if you disliked it for reasons that were true, or at least not getting fixed before 3.6's EoL.

          • by Culture20 (968837)
            Have they fixed the Mac OSX version's silent upgrade issue where it tries to open a GUI on the screen (thus failing when you SSH into a machine and try to update it)?
        • by Nimey (114278)

          FF doesn't need admin privs to auto-update. What it needs is for the Users group to have read/write/modify privileges to the Firefox install directory.

          The only thing that doesn't get you is updating the version number in Add/Remove Programs; the user will see the version increment, but I won't if I log on as myself.

        • > As someone who used FF before it was even called FF and the suite before that i hated to see it go but go it had to as its performance has been getting worse it seems as far as CPU spiking and RAM leaking,

          Same. Firebird user here. (http://en.wikipedia.org/wiki/Firefox#Early_versions)

          FF is a PIG. It has become the bloated pig that replaced the original pig Netscape Navigator, er, Communicator.

          * I'm tired of extensions breaking because dev's can't plan ahead and stabilize the API design.
          * I'm tired of i

          • by hairyfeet (841228)

            If you are on windows you should try Comodo Dragon [comodo.com] which has ABP and I would argue with the combination of its default settings which has the browser and ONLY the browser use the comodo Secure DNS malware site filtering along with low rights mode NoScript isn't really needed. There is NotScript if you want to replicate similar functionality but frankly i tried to get a win 7 install using Dragon infected for shits and giggles and while a few nasty sites could crash the browser not a single one managed to in

        • by smash (1351)
          Here here. I ran firefox since it was called Phoenix and in recent years they've simply lost the plot.
    • Re: (Score:2, Informative)

      by Anonymous Coward

      FrontMotion offers a customized version of Firefox (FrontMotion Firefox Community Edition) that supports lockdown via Group Policy. My company has been using it for years, and it meets our needs perfectly.

      • by Culture20 (968837)

        FrontMotion offers a customized version of Firefox (FrontMotion Firefox Community Edition) that supports lockdown via Group Policy. My company has been using it for years, and it meets our needs perfectly.

        That's nice. There are guys in Chinese software bazaars that offer customized versions of Microsoft products that use different installers. I trust them just as much.

    • by steelfood (895457)

      That's where you're wrong. Many organizations use group policy, but it's certainly not mandatory for a product like a web browser. If that were true, programs like 7zip and textpad wouldn't be used in an enterprise environment either, and that's clearly untrue (especially among engineers and programmers).

      This is because most policy objectives can be enforced at a higher level. For example, blacklists integrated into the hardware firewall take care of most of the filtering for major companies. Smaller compan

    • I can think of at least half a dozen enterprise applications (Avaya UCM, TripWire Enterprise, Juniper Netscreen WebUI, etc) off the top of my head, latest versions of which require Firefox 3.6 to run (with disclaimers, warnings, broken functionality an all). They sort of work with FF9, sometimes, and absolutely don't with IE. This is going to suck.
    • Byob and Wpkg (Score:5, Informative)

      by gQuigs (913879) on Thursday January 05, 2012 @01:58PM (#38600432) Homepage

      They just relaunched Build your own browser, (byob.mozilla.com), which should help customize the settings. (I haven't tried it yet as we customized it manually)

      We deploy with WPKG and find it works quite well. Not all companies use the MSI deployment tools...

    • by Millennium (2451)

      One step at a time, man. Getting them back to a semi-reasonable release and maintenance schedule is probably going to have to be enough for now. MCSE-friendly installation can come later, and this has to happen first anyway.

    • Luckily Firefox is open source so someone has taken care of that. http://www.frontmotion.com/Firefox/ [frontmotion.com]

      Any IT department capable of using Google can easily find it.
  • rapid-release (Score:2, Informative)

    by alphatel (1450715) *
    For those who think "Wow, that's 6 versions ago", consider it was released just two years ago.
    • Re: (Score:3, Informative)

      by Anonymous Coward

      They're releasing less versions now then they did during 3.x if you look at the total quantity of updates rather then the version number.

    • by Synerg1y (2169962)

      Yea, the versioning makes it look likes its something from the 90s considering firefox is on 9 now I think, but ya, firefox's versioning system is still non-intuitive and according to the dev team everybody has to live w it.

    • Re: (Score:3, Interesting)

      So should we expect that six weeks later firefox 4 support ends? followed six weeks later by the end of firefox 5 support? etc...? etc...?
  • And PowerPC? (Score:2, Informative)

    by Anonymous Coward

    Does this mean FF 10 will support PowerPC?
    (probably not)

    One less supported browser for my old PPC boxes...

  • I am using 3.6 and when they stop supporting it, I plan to stop using Firefox. The only reason I am using it in a first place is NoScript, otherwise I would have moved to Chrome ages ago. NoScript allows me to be sloppy with updating hosts killfile, it is by no means mandatory.
    • With the first ESR release (which will be Firefox 10), comes the Firefox 3.6 end of life announcement.

      ESR stands for extended support release. Which means it will lag behind in updates to the main version but be updated only for security/stability reasons, just like Firefox 3.6.

      This is what people were asking for right...? A stable version of Firefox that will be updated about every year instead of every 6 weeks?

      And Noscript already works on the latest Firefox.

      • by steelfood (895457)

        I don't think there's an ESR for Firefox 3.6. It sounds like ESR is only a backport of security and stability fixes for supported browser versions, which, once 3.6 has been phased out, starts at 4.

        • by bipbop (1144919)

          Er, 4 hasn't been supported for a while. Nor 5. Nor 6. Nor 7. 8 was EOLed on December 20, and 9 will be EOLed on Jan 31.

          There are no backported security or stability fixes for 4-8. To put it in Mozilla's terms, 5 is the security/stability release for 4 [mozilla.org], 6 is the security/stability release for 5, and so on.

          According to TFA, the first ESR will be 10, not 4.

    • Use NotScript: https://chrome.google.com/webstore/detail/odjhifogjcknibkahlpidmdajjpkkcfn [google.com]

      There you go, FTFY, now you can move to Chrome.

      • by sinij (911942)
        Thank you! RIP Firefox, killed by version bloat.
        • by dpilot (134227)

          Going to Chrome because of version bloat on Firefox seems a trifle funny. There may be reasons to go to Chrome, but protesting version bloat isn't one of them.

          • by steelfood (895457)

            Well, Chrome does a whole host of things better than Firefox. Stability and memory usage are key. GP was probably weighing whether the stability and memory usage is worth not having control of what Javascript runs and what doesn't.

            GP obviously considered being able to control Javascript more important than the stability and memory usage. Since GP just found out there actually is a Javascript filter addon for both browsers, the favor has swung to Chrome, considering Firefox has no answer for the memory usage

            • My copy of Firefox 3.6.x has comparable memory usage to Chrome when you actually add up what all the Chrome child processes use.
              And the only memory I've seen in a long time are add-on related (Firebug I'm looking at you).

              And I honestly can't think of the last time Chrome or Firefox crashed on me. Maybe once in the last 6 months due to flash?
              Chrome handles Flash crashes slightly better but they still happen.
              For me, Chrome's real selling points are the better javascript engine and a smoother GUI (it definitel

            • Re:FTFY: NotScript (Score:5, Interesting)

              by revealingheart (1213834) on Thursday January 05, 2012 @02:34PM (#38601082)

              You'll have to provide sources for Firefox's alleged instability. Here's a link to Mozilla's Firefox crash statistics [mozilla.com]. If you can link to a report about Chrome's stability, it would be very useful.

              As for memory, Mozilla have been working on reducing memory in Firefox with the MemShrink project [mozilla.org]. Nicholas Nethercote's blog [mozilla.com] has the latest reports on improvements to the upcoming versions. Even then, it's been established before in testing that Chrome is a relative heavyweight [tomshardware.com] when it comes to memory.

              • by afidel (530433)
                Let's see, ~2.5 crashes per 100 active daily users, convert that to crashes per year for an average user and you get 8-9 crashes a year. I've been on Chrome for about 14 months and I have yet to crash it, the closest I have come is an extension that was consuming 100% cpu on load which meant I had to kill the Chrome process and clear out that extensions folder.
                • by Skuto (171945)

                  The crashes aren't uniformly distributed. Far from it. If you hit a problem case, it'll crash 10 times a day. If you don't, it'll run for months without an issue.

                  As you already observed, extensions are the main problem makers, and that's true for all browsers.

          • by tlhIngan (30335)

            Going to Chrome because of version bloat on Firefox seems a trifle funny. There may be reasons to go to Chrome, but protesting version bloat isn't one of them.

            Chrome makes it so you don't care what version you use.

            Updates are applied transparently in the background (no admin needed), which happen when you start the browser. Extensions stay working and AREN'T version-dependent. (Firefox is supposed to have a stable extension API so new versions don't break extensions, but...).

            And no funky UI changes that kee

            • by afidel (530433)
              If you want no-admin required FF updates you can use portable firefox [portableapps.com]. Install in once and then just run updates as normal. A nice bonus is that it keeps everything under one directory so moving to a new PC is copying a folder over and adding a desktop link, much more convenient than the old way of moving FF profiles (I haven't tried the sync feature of 4+).
  • by Luckyo (1726890) on Thursday January 05, 2012 @01:22PM (#38599864)

    The ESR is specifically targeted at groups looking to deploy it within a managed environment. It is not intended for use by individuals, nor as a method to mitigate compatibility issues with addons or other software. Mozilla will strongly discourage public (re)distribution of Mozilla-branded versions of the ESR.

    They essentially admit that the problem is major enough for people to want to get this "corporate world only" release, and they actually want to prevent people from getting it as much as possible. Disgusting.

  • Looks like I may have to try out Fx 4 and see how things go.

    3.6 is a very nice browser. Never had any problems using it or with memory usage.

    *Sigh* Why is it when I find something that just does what I want, the manufacturer has to discontinue it and replace it with something a whole lot crappier?

    • by Merk42 (1906718)

      Looks like I may have to try out Fx 4 and see how things go.

      You mean Firefox 9.0.1, right? Firefox 4 isn't supported anymore.

  • by crankyspice (63953) on Thursday January 05, 2012 @01:30PM (#38599988)

    Sigh. As one of the Righthaven tools[1] found out the hard way ... the CM/ECF system used by all Federal District Courts has been tested to work with FF 3.5; from extensive personal experience it also works fine with FF 3.6. It does not work at all with FF 4.0+ (in that you can't use FF to upload PDFs, which is all you'd use the Electronic Case Filing system for (document retrieval is done through PACER, though they overlap).

    For some stupid reason, ECF specifies an ACCEPT parameter of “image/*” for the PDF upload forms, which of course is incorrect (PDFs are MIME type “application/pdfper IANA [iana.org]; see also, e.g., RFC 3778 [rfc-editor.org]).

    As of FF 4.0 (https://developer.mozilla.org/en/HTML/Element/input [mozilla.org]), that 'accept' parameter is honored and FF filters the file selector box to only permit image filetypes to be uploaded. End result? #massivefail

    Yes, ECF is broken. But try getting not one, but 89, Federal bureaucracies to fix their tech in a timely fashion... (Each district court runs its own ECF system.)

    Sigh.

    [1] Declaration of Shawn A. Mangano, Esq., Righthaven LLC v. Democratic Underground, LLC, No. 10-cv-01356-RLH-GWF, docket entry 127-1 (Dist. Of Nevada, June 29, 2011)

    • by _0xd0ad (1974778)

      I'm really unimpressed with any lawyer who couldn't figure out how to change the filter to "All Files" so that they could find the PDF. Yes, it works fine. Yes, I whipped up an HTML test page and I tried it.

      I'll give the benefit of the doubt and assume that you, being a geek lawyer, either knew this or could have figured it out, and it's just the Righthaven tools who apparently don't know how computers work.

      Of course, a FF extension to change the accept parameter of <input type="file"/> elements would

    • by sjames (1099)

      It's not reasonable to hold Firefox/Mozilla responsible for other people's broken and steaming piles. They were nice enough to give everyone several YEARS to figure it out and do the right thing. The three toed sloth is slow, but at least it moves.

  • Finally, we know for sure which "major versions" are worthwhile: 10, 17, 24...

  • by sirdude (578412) on Thursday January 05, 2012 @01:50PM (#38600296)

    It's interesting looking at how the minimum requirements for 3.6 [mozilla.org] and 9 [mozilla.org] compare. In just under 2 years, the recommended hardware for FF has effectively quadrupled in Windows. Macs have odd changes and Linux doesn't warrant minimum/recommended requirements.

    Looking at the recommended requirements from a different angle, you need at most a 12 year old system to run FF on Windows and a 6 year old system for Macintosh. Linux's restrictions are solely software dependencies.

    Weird.

    • by bipbop (1144919)
      That IS weird, considering they've rolled out only minor updates and UI problems since 3.6. I'm puzzled that the requirements would have changed at all.
      • by 0123456 (636235) on Thursday January 05, 2012 @02:41PM (#38601172)

        That IS weird, considering they've rolled out only minor updates and UI problems since 3.6. I'm puzzled that the requirements would have changed at all.

        I believe you'll find the new randomly-positioned status bar takes a lot more RAM and CPU than the old one because it has to continually work out which part of the screen you're trying to read and then ensure it always pops up on top of it.

    • by BZ (40346) on Thursday January 05, 2012 @04:17PM (#38602856)

      I believe the 3.6 requirements just hadn't been updated in a few years and were more or less totally bogus. When 4 shipped, the requirements were updated to reflect reality.

  • by Caerdwyn (829058) on Thursday January 05, 2012 @02:20PM (#38600822) Journal

    Someone tell me why any enterprise should ever donate Mozilla a single penny of support ever again? Mozilla has aggressively and loudly snubbed enterprise users (after having courted them), has refused to listen to anything other than their politically-driven BS, and have told people to change their way of dealing with upgrades just to accommodate Mozilla. Looks like an abrupt about-face after those "evil corporations" stopped contributing. So when's the next ideologically-motivated "fuck you" change coming?

    It's very disappointing. I worked at Netscape back in the 1994-1996 timeframe, and I knew some of the people who did very well in the Netscape IPO then went on to Mozilla. They've apparently changed. I guess it's okay to be enterprise-hostile after the enterprises have landed them a huge paycheck...

    • by SiMac (409541)

      Someone tell me why any enterprise should ever donate Mozilla a single penny of support ever again? Mozilla has aggressively and loudly snubbed enterprise users (after having courted them), has refused to listen to anything other than their politically-driven BS, and have told people to change their way of dealing with upgrades just to accommodate Mozilla.

      Mozilla created Extended Support Releases specifically to accommodate enterprise users. In what way did they "refuse to listen"?

  • by rubycodez (864176) on Thursday January 05, 2012 @02:22PM (#38600856)
    They're talking about x weeks after y weeks....what business need is z YEARS, with z>=2, with only bug fixes and security updates. This pandering to out of control bloat, bugs, eye candy and gee-whiz nonsense needs to stop. Business and many people like myself want a stable, secure, predictable, and useful browser, not a petri dish for every brain fart a mozilla developer has.
    • by Elbart (1233584)
      Nice rant.
    • Did you guys complain this much about the transition from FF2 to FF3? Firefox development has never been slow, they've always had teams of people working on big changes that are slated for the "next release", and other changes that are too big for that version and need to be delayed further. The problem was that they were trying to get too many features into the next release, which made it harder to test them all. IMHO the jump from FF3.6 to FF10 will be about the same magnitude of changes as the jumps from
  • by epine (68316) on Thursday January 05, 2012 @02:28PM (#38600968)

    In all the versions I've used, FF offers you an upgrade without first checking how many of your existing extensions won't come along for the ride. After one bad experience, I decided no upgrade was preferable to a negative upgrade, on the suspicion that one or more of my plug-ins would bonk.

    The simple technical advisory function was MIA.

  • It's good they have finally picked a release for long term support. I don't give a shit that they say it this is not for individuals, I'll be sticking with 10 if it is LTS in any way, and that is what I will encourage others to use.

    I am tired of being what amounts to their beta tester. And it irks me that anyone would use the public at large in that way.

    Just hope they are serious about this. In the past most of their "enterprise" efforts have just been talk.

  • So I should probably think about updating all the machines I have running Firefox 2.0.0.20?

    We have a bunch of older Mac running 10.3.9 that can't even update to Firefox 3.6 because it requires 10.4.

    I thought the whole point of Firefox was that it was supposed to have lower system requirements than IE.

    • by Elbart (1233584)

      I thought the whole point of Firefox was that it was supposed to have lower system requirements than IE.

      Who said that?

  • ... just maybe the Redhat/CentOS guys will decide for a newer version in their repos.
  • by CyDharttha (939997) on Thursday January 05, 2012 @03:27PM (#38602028) Homepage
    I wonder what version Ubuntu 10.04 LTS will move to? It's still on FF 3.6. There's just over a year of support left for the desktop LTS version.
    • by Nimey (114278)

      I could see them maintaining their own patches for it. They did that with previous LTSes (definitely 6.06) once the bundled version of Firefox had gone EOL.

  • by TheSkepticalOptimist (898384) on Thursday January 05, 2012 @03:54PM (#38602438)

    For what?

  • April 24th, 2012. :)

  • I'm on 12 already.. get off the short bus people!

  • . . . to something more in line with expectations. For the ESR patches, number them 10.0.1, 10.0.2, etc, while the mainline goes 10.1, 10.2, 10.3, etc. until the new ESR (currently planned to be 17) gets version 11.

  • Well then.... (Score:3, Interesting)

    by smash (1351) on Friday January 06, 2012 @12:15AM (#38606834) Homepage Journal
    It looks like Firefox 3.6 is going to become the IE6 of the 201Xs.

There is no royal road to geometry. -- Euclid

Working...