Firefox Was the Most Attacked & Exploited Browser At Pwn2own 2014 207
darthcamaro writes "Though IE, Chrome and Safari were all attacked and all were exploited, no single web browser was exploited at this year's Pwn2own hacking challenge as Mozilla Firefox. A fully patched version of Firefox was exploited four different times by attackers, each revealing new zero-day vulnerabilities in the open-source web browser. When asked why Mozilla was attacked so much this year, Sid Stamm, senior engineering manager of security and privacy said, 'Pwn2Own offers very large financial incentives to researchers to expose vulnerabilities, and that may have contributed in part to the researchers' decision to wait until now to share their work and help protect Firefox users.' The Pwn2own event paid researchers $50,000 for each Firefox vulnerability. Mozilla now pays researcher only $3,000 per vulnerability."
Yeah, but it's fast and it's not bloated (Score:2, Funny)
Oh, wait...
Re:Yeah, but it's fast and it's not bloated (Score:5, Interesting)
Re: (Score:1)
It can actually be pretty fast if tweaked a bit [palemoon.org].
And you can soup up a Yugo, too [bbc.co.uk].
Linux users? (Score:1, Funny)
They can upgrade to Microsoft Windows 8.1, that's what about them!
Re: (Score:2)
Re:Yeah, but it's fast and it's not bloated (Score:5, Insightful)
"Yeah, but it's fast and it's not bloated"
On my Mac, the Chrome app is 6 times the size of Firefox, and far slower. Just sayin'.
I keep them updated. I don't use Chrome except when I have to because it's too slow (with NO bookmarks or plugins) versus my Firefox (with a shitload of bookmarks and lots of plugins).
I use these things in my daily work. Or rather, I use Firefox in my daily work because Chrome and Safari are so slow. But I have to check compatibility with them so I keep them around and do use them sometimes.
That's on my Mac. YMMV on your computer or on Windows.
Re: (Score:2)
you might want to open up the package for the .app on your mac to see if it has all of the previous versions inside of it..
some people report that when chrome updates itself it leaves the old version inside of the .app
http://hints.macworld.com/arti... [macworld.com]
Re: (Score:2)
On my Mac, the Chrome app is 6 times the size of Firefox, and far slower. Just sayin'.
So what? If the whole thing isn't loaded into memory, why would the file size matter? The biggest parts of GraphicConverter.app are the embedded PDF manuals; if you don't open them, they're never loaded into RAM.
Re: (Score:2)
"your firefox is faster cause its cached. The apps you don't use often aint..."
Nope. Not on this machine.
I agree that the startup time of Firefox is a bit longer. But the performance is better. So since I have a browser running all the time for my work, startup time is not much of an issue, but performance is.
Further, what I use them for is testing pages that are constantly changing, so caching is not an issue.
Software freedom > "fast" and "not bloated" (Score:4, Interesting)
At least Firefox can be altered to become what you want it to be because Firefox respect's a users software freedom. Far more important than vagaries like "fast" and "not bloated" is how a program treats its users. Proprietary browsers leave users no opportunity for improving the program. Thus security issues in proprietary programs go unfixed and are exploited for years. This, in turn, allows others to invade people's computers and leaves users helpless. This is exactly what happened with Apple's iTunes for over 3 years [telegraph.co.uk]. I would not be surprised to learn that software proprietors including Microsoft, Google, and Apple are doing similar things with proprietary web browser programs as well.
So while I like trustworthy programs like other computer users, I know that I can't ascertain the trustworthiness of proprietary programs like Microsoft's Internet Explorer, Apple's Safari, and Google's Chrome. The extent to which any of them are built from software that respects my software freedom is irrelevant because proprietary programs and their updates are essentially black boxes. I can't possibly inspect or fix all of the software I use, but I can put myself in a position where I stand to benefit from the improvements a lot of programmers make by exclusively running software that respects my freedom to run, inspect, share, and modify—free software [gnu.org]—freedoms I value in their own right.
Re:Software freedom "fast" and "not bloated" (Score:2)
Or you could use Chromium [chromium.org]
TFA doesn't say what the exploits are? (Score:1)
Or not that I saw. I wonder if, like usual, they depend on running malicious code from the attacking site, rather than being sensible and turning off javascript, running ghostery, and the like.
Once you start running code from attackers, you're just asking to be pwned.
check the fixes over the following hours for detai (Score:3)
Check the bugzilla and the security update the next day for full details on Firefox.
Re: (Score:1)
Or not that I saw. I wonder if, like usual, they depend on running malicious code from the attacking site, rather than being sensible and turning off javascript, running ghostery, and the like.
Once you start running code from attackers, you're just asking to be pwned.
Turning off Javascript breaks so much of websites and online services that it isn't really an option for most users. And when you start to whitelist sites and scripts, how do you know that these scripts/sites are not compromised, do you code review all scripts each time before enabling?
And isn't Ghostery bought by an ad company?
Re: (Score:2)
Interesting, though I've been using DoNotTrackMe which is faster than Ghostery and isn't joined at the hip to the ad industry.
No app by itself is all that safe (Score:2)
I do my browsing in an untrusted or disposable Qubes domain, which is about as strong security as you can get for a functional desktop system. Still, it would be awesome if pwn2own made it one of their target OS's... now for *that* I would get out the popcorn!
Not so many options (Score:1)
I am using Firefox for lack of a better option. I
IE is out of the question because it is too clunky, and Chrome has Google intruding into extension use and so on. I had to ditch it the day I discovered that they can remotely disable locally installed extensions. Firefox and Mozilla in general seem hell bent of making everything they make as horrible and cartoony looking as possible (Austalis(-hit)) .
It is sad that for all importance browsers have today, there are basically only 2-3 options to choose from.
Re: (Score:2)
15 years ago, Internet Explorer had just won the browser wars, and all we had on Linux was an old version of Netscape Navigator that barely worked. Even Netscape had abandoned it and no one had any idea if and when Mozilla would ever be ready.
Compared to that I think 2-3 options is pretty good, especially when all of the browser vendors respect web standards (even Microsoft), Firefox is completely open source and so is nearly all of Chrome and a large chunk of Safari too.
Re:Not so many options (Score:4, Interesting)
I left firefox after 4.0 debuncle. Yes it was the first release to really support HTML 5 but it was freaking HORRIBLE. Bad UI, sloooow, and on older hardware it was unusable. IE 9 won rewards on tomshardware.com which was released march 2011. I held my nose and gave it a try. It supported hardware acceleration, html5 (I admit it was more limited at the time), and was great on my 6 core system as it has per process tab. Since 2001 it ran circles on gecko web engines??!
Many slashdotters said ewww no thanks based on IE 6 memories.
I then played with Chrome. Yes it is spyware somewhat but it too has important features and has less hardware acceleration but it is more secure and frankly a much better browser than Firefox.
My father got hacked with Firefox. It is a shitty browser with no lowrights mode. It is frome the XP era and has no concept of %appdate and uses the filesystem and has access rights to some processes and threads. Bad security wise but that is what XP era software did.
Chrome and IE 9+ have separate code bases for this with XP vs Windows 7 and greater with sandbox support. Many here use Comodo Dragon which is based off of Chrome but has no privacy issues. However, be warned it based off the previous version of Chromium with some security holes.
Switch my friend!
Until Firefox goes to a processing model and supports lowrights mode I will not go back. This may change hopefully as Firefox is improving with performance and ram requirements since 2011 but on a 6 core system it is stupid not to multitask!
Re: (Score:2)
Now everyone uses Windows, hence Linux and OS X users aren't exactly in a position to switch to IE, regardless of its technical merits. This is no longer a Windows-only world, even if it's still the majority.
Besides, IE lacks the useful extensions I rely on in Firefox. Don't tell me said extensions are pointless or useless - I find use in them, so clearly they have worth. Going to IE would mean giving up said extensions or having to do things in a less smooth or capable fashion. Firefox is still the best br
Re: (Score:2)
You seem to think Firefox is still at version 4 or something. It is now heavily multithreaded, has sped up considerably (and is now competitive with even Chrome for most users), uses far less RAM (even compared to other browsers), and has even had its process sandboxing improved on most OSes.
Why is it still so much slower at javascript and when, if ever, will this change? I'm still using it, but it's frustrating that loading a webpage often causes the entire browser to choke hard (whether I run it on SSD or not.)
Re: (Score:2)
What are you taking about?
http://www.pcmag.com/article2/... [pcmag.com]
Re: (Score:2)
You seem to think Firefox is still at version 4 or something. It is now heavily multithreaded, has sped up considerably (and is now competitive with even Chrome for most users), uses far less RAM (even compared to other browsers), and has even had its process sandboxing improved on most OSes.
None of this is an attempt to deter people from switching, but simply to fight your misinformation. It's popular to bash on Firefox lately, while telling users to switch to Chromium. But Opera is probably a better choice for users who don't want to opt into Google's services and just get the faster and leaner browser, and it is better-poised to return to greatness than stagnate like Chrome has lately.
Because it is!
No it is not multithreaded. Don't believe me? Hit control alt delete? Firefox uses 400 megs of ram and has high cpu spikes while 5 of my out of date cpu just sit there. One bad site ruins the rest of the 20+ tabs while javascript and everything else pegs just one core where a single bad script can take down the freaking browser.
Sounds like Windows 3.11 and MacOS classic all over!
It is snappier yes but only if you do not run more than a tab or two. It is time to move on as it is obsolete at thi
Re: (Score:2)
What version of IE did you last use? I use IE as my secondary browser. There are reasons why it's not my primary browser, but clunkiness is not one of them. I find it far less clunky & far more stable than Firefox.
Re: (Score:2)
Moved to opera (Score:1)
Re: (Score:3)
Re: (Score:1)
That could be said of Chrome too (Score:2)
Chrome is just Safari's webkit with slower DOM and more marketing budget...
No lowrights mode (not surprised) (Score:5, Interesting)
Both Chrome and IE (yes slashdotters I did say IE) support lowrights mode.
This means it has no access to the file system at all, no access to processes or threads and %appdata is its prison ... assuming you are on Windows 7 or greater on Windows. XP users will get hacked regardless of browser because the OS does not support kernel level sandboxing.
I left Firefox for IE 9 in 2011 after it won rewards on tomshardware.com. Then switched to Chrome. Firefox like Netscape before it is a sad shell of its former self. I do admit the later firefox releases are much more lenient on ram usage and have improved drastically.
But I have an older Phenom II x6. Nice 6 core with virtualization support for VMWare .. but it is 2.6 ghz and is showing its age at only 2.6 ghz. My machine needs multi processing/threading apps to run close to modern and they provide greater security. One tab does not interfere with another and can be assigned for each core.
To prevent my fan from going high and causing high usage both IE 10+ and Chrome utilize my system fine and still display pages as fast as those reading this on an icore5 or later. But Firefox puts +20 tabs on one cpu with no lowrights mode and as you can image when firebug is on it slows down all the tabs and it is a security risk.
Like netscape it was the lack of funding that killed it agaisn't IE 6 onslaught. I wonder if the same is true? I used Netscape 4.7 before succumbing to IE 6 and then Firefox 1.5 to IE 9 and later Chrome today.
Re: (Score:3)
Vista or greater; Mandatory Integrity Control was introduced with NT 6.0, not 6.1 (better known as Win7). IE7 on Vista was the first browser to use the Low Integrity Level sandbox.
By default, Low IL actually does allow reading much of the file system and registry. It just can't do anything to any of it.
For what it's worth, you can *kind of* get the same benefit on XP by running a browser as a very-low-rights user. That causes no end of problems for some use cases (like downloading files), though.
Re: (Score:1)
You're an idiot as standard users still have access to threads, processes, and the file system. This means you can attach a rogue process or malware to an admin one which happens to run as a service. It can then be executed with full admin privileges.
Re: (Score:3)
Not actually true (you don't really know that much about MIC on Windows, do you?) Standard user processes, including non-sandboxed browsers, run at Medium IL. Admin processes, including services, run at High IL. Medium IL is just as incapable of attaching to a High IL process as Low is to Medium.
Re: (Score:2)
Not all services run as Admin or System. Also, the default configuration of UAC on Win7 and up is insecure; you need to turn UAC to the top level (the default, "Don't notify me when I make changes to Windows settings", can be used for invisible elevation to Admin).
Re:No lowrights mode (not surprised) (Score:4, Informative)
You're an idiot as standard users still have access to threads, processes, and the file system. This means you can attach a rogue process or malware to an admin one which happens to run as a service. It can then be executed with full admin privileges.
Nope. A standard user (which even includes admins who have not elevated through UAC prompt yet) can only attach to processes running under *the same* account as itself, and then only to a process/thread within the same *session* as itself.
In Windows, all services are launched in a separate session from the shell - meaning that direct attachment is not possible from a user shell to a service - even if they are running as the same user.
Unlike *nix'es, Windows uses proper tokens. What a process is permitted to do is not limited by a user account - rather each process has its own fine-grained token. By default a process inherits the token from the process that spawned it - but it can be further limited. When you log in, the shell process is created with a token which has all administrator privileges stripped from it and which runs with medium integrity level. So even if you are an administrator you will still get a standard user token. Upon login another token was also created - one which has high integrity level and has not been stripped of administrative privileges you may hold.
When you launch a process where the manifest demands elevated rights, Windows will issue the UAC prompt. If you accept then you get to run the process with your "super" token. This prompt is running with "high" integrity level (and by default even on a separate desktop) to prevent malicious processes already running as you from "remote controlling" the prompt at click the ok button for you.
It is important to note that unlike on Unix where you elevate to "root" with sudo - and thus receive privileges far beyond what is called for - Windows UAC prompt *can not* grant you privileges you did not already hold (well - if *another* user authenticates at the prompt you can "borrow" that users privileges).
It is worth noting that while all browsers were successfully attacked, the "Unicorn" class challenge Windows 8.1 x64/IE11/EMET was *not* exploited - even though it would have netted the attacker a cool $150,000.
Re: (Score:2)
Funny as I do not run as admin normally.
All I know is I repair computers and running as a normal user an exploit can bypass easily and attach itself to another process. I also seen a flash ad on slashdot try to attach malware to a service I had running as anormal user too! The AV caught it.
I now use flashblock after that incident.
I think you are ivory tower and read about computer stuff but in the real world hackers find ways to bypass. The more roadblocks you have the more steps it takes to crack.
Re: (Score:2)
IE 6 was the better browser sadly. If you can believe that which I know in 2014 that is hard.
Ask any older webmaster from that time frame?
W3C was something a committee did which was academic. Only Netscape and MS specific CSS and HTML mattered and websites needed to include specific workarounds for one or the other etc. Man, people forget how dark the web was 10 years ago.
The fact the majority of non Chinese and business users use Firefox and Chrome today show bundling had nothing to do with IE's rise. It c
Re: (Score:2)
Re: (Score:3)
W3C was something a committee did which was academic. Only Netscape and MS specific CSS and HTML mattered and websites needed to include specific workarounds for one or the other etc. Man, people forget how dark the web was 10 years ago.
This. And everyone seems to have forgotten how Netscape pushed the awful JSSS [wikipedia.org] as an alternative to CSS. Microsoft actually pushed CSS at the time.
At the time, the best browser actually won. It was the neglect by MS in the years following that was/became the big problem, one for which MS has rightfully earned a lot of scorn. MS never wanted the web to evolve too fast as it could undermine the very lucrative desktop business.
But at the time of Netscape/MS rivaly, it was actually Netscape who tried to foist ab
Re: (Score:2)
Linux doesn't support lowrights. Standard users or the wheel group in Unix can still access file system, threads, processes, etc.
Oh noes, they can see my pslist. The horror.
You can always wall a user off with selinux, what a PITA but it can be done.
How many were DNS baed issues? (Score:2, Interesting)
The tendency of Firefox to preserve its own DNS cach means I cannot use it when hopping from VPN to VPN with split DNS running. unless I configure and install my _own_ local DNS server to auto-reconfigure every time I activate a VPN. I'm afraid it's become unusable for me for real work and testing when switching from internal to external website access as I debug network and configuration issues: it's the only browser that fails this way.
Re: (Score:1)
The tendency of Firefox to preserve its own DNS cach means I cannot use it when hopping from VPN to VPN with split DNS running. unless I configure and install my _own_ local DNS server to auto-reconfigure every time I activate a VPN. I'm afraid it's become unusable for me for real work and testing when switching from internal to external website access as I debug network and configuration issues: it's the only browser that fails this way.
There are a ton of about:config settings related to dns. For what is worth, a look can't hurt, but I hate stupid design decisions causing more browser fragmentation. I have 3 browsers to keep mental bug lists for, and extensions for each are worlds apart even with the same names.
Stylish's bgcolor css scripts don't work in the official chrome version. Adblock has confusing multiple versions on chrome that I can't verify are legit, and I heard the filtered content is still downloaded. But stability, multiproc
Re: (Score:1)
That is a scary security risk.
What is to stop malware from insert records into the DNS for Russian banks etc? File system escalations are bad enough and at least Chrome and IE do not have any filesystem access and can only write to %appdata.
But Firefox nope. I will make sure not to use it even if it does support threading like its competitors starting to do last decade.
Re: (Score:2)
I was not referring to the insertion of false data: I was referring to its insistence on doing a local cache, appartnely not part of the system DNS, _after_ switching DNS servers and potentially needing new DNS answers due to being in a different DNS "view". This is common enough practice with various proxy and load balancer configurations, to have a different DNS record on the internal network than on the external network.
Inserting false DNS records is a whole _different_ security risk, one that is an ongo
Re: (Score:2)
Well the OS would be a better way to store DNS caches as it is updated with properly security often.
I had a man in the middle attack before about 10 years ago when something didn't seem right. After flushing dns I re pinged and another ip address was shown. Ahh the joys of old XP pre-SP 2 :-)
I do not trust Mozilla to have the resources that Apple, Redhat, or Microsoft have in this area frankly.
Re: (Score:2)
It's generally a bad idea for applications to be caching DNS at all.
Re: (Score:2)
Opera? (Score:1)
someone forgot Opera? Just asking. www.opera.com
Re: (Score:2)
thereby proving... (Score:2)
I'd be more concerned . . . (Score:2)
I'd be more concerned about the severity of the exploit than the number of them.
ALL of them are security problems... (Score:2)
Every can be broken into and some asshole can do arbitrary things on a users machine because...
And on top of those two things there is the ever changing HTML specification, the ever changing CSS specification, and the bit of garbage called DOM.
And cracked by a "carefully constructed URL?!? What!?!?! Can these
Conditions of instability: (Score:3, Informative)
Many crashes do not start the Crash Reporter.
See for yourself. Go to this URL:
https://crash-stats.mozilla.com/home/products/Firefox/versions/27.0#duration=14
(Mozilla does not allow links from Slashdot.)
Those are NOT ALL the crashes! Those are just the crashes that don't also crash the Crash Reporter.
The earlier version, 26.0 is crashy, also:
https://crash-stats.mozilla.co
Re:Conditions of instability: (Score:4, Informative)
I have ~350 tabs in my Nightly install and it's not unstable at all. Heck, I have 1400 tabs open in my main Firefox 3.6 install, and managed to get it to 2400 recently, and it's not crashy either. Admittedly it's a bit janky due to the garbage collector (which has improved massively since 3.6), but what do you expect with 2400 tabs open? Firefox does not appear to be inherently crashy with many tabs.
If you're seeing crashes, please post some of your own crash reports so we can see if there's any obvious common cause in them. The overall crashes per ADI reports don't tell us much about how crashy Firefox is compared to other software, without also having similar reports from other software to compare with.
Re: (Score:2)
Pardon my french, but why the f**k do you need 2400 opened tabs for?
Re: (Score:2)
someone always responds to every firefox story saying they have hundreds of tabs opened..
i dont think ive ever seen a good reason why..
Re: (Score:2)
I don't, I'm just really, really lazy about closing them. Firefox copes with it just fine, so there's no pressing need to.
Re: (Score:3)
Re: (Score:2)
I have a 3-row tab bar from Tab Mix Plus, Tabhunter for finding tabs with specific titles, and an extension that colors tabs into groups when middle-clicking on links. I use BarTab to delay-load tabs (and, importantly, to unload tabs that haven't been focused for a few hours.)
Of course, the reality is that most of these tabs sit around being essentially glorified bookmarks, so I'm not really navigating them so much as just leaving them sitting scrolled off the top of the tab bar.
Re: (Score:2)
XP x64, a Phenom II X4 at ~3 GHz, and enough memory that 32-bit Firefox can't use it all.
It's hard to do a proper comparison between my two profiles, since they have completely different tab sessions and the Nightly one has three times as many extensions enabled, but I believe current Firefox versions do use quite a bit more memory per tab than 3.6 does. They handle it far better though.
Jank is the term Mozilla uses for occasions when the browser UI locks up for noticeable periods of time. On Firefox, this
Re: (Score:3)
I have huge issues with Firefox, mostly with regards to memory management. However, stability is not one of them. I have maybe one or two crashes a year, and that's with a minimal, carefully culled selection of extensions.
The big disappointment is AdBlock Plus. This extension is the source of most slowdowns, and after the v27 update, AdBlock slows Firefox down to a crawl, and sucks up so much memory that regular restarts are needed to keep the browser from going berserk due to running out of memory.
I do
Re: (Score:2)
I've never installed Adblock. Between Noscript, Prefbar, and the MSVP Hosts file, I see ... well, pretty much NO ads.
Re: (Score:2)
Firefox is unstable when many windows and tabs are open, even when using NoScript, Adblock, and Ghostery, as mentioned above.
Dont complain about problems with firefox while running 3rd party code, particularly addons that can conflict. I think I read about potential issues when combining those three, as they overlap quite a bit.
Re: (Score:2)
Dont complain about problems with firefox while running 3rd party code, particularly addons that can conflict.
Of course, the response whenever somebody complains that yet another feature has been removed from Firefox is, "well, you can just get an add-on that does what you want."
Re: (Score:2)
Right, but it is up to you to make sure that A) theres no conflicts, which typically occurs with overlapping functionality (COUGH adblock/ghostery/noscript), and B) the extension is well written and has no leaks.
You would do better to complain to adblock or whoever that their extension has a memory leak than to complain about firefox.
Re: (Score:2)
But some of these extensions are the reason for me to run firefox.
I may not complain if they don't work, but I'll stop using firefox too.
Re: (Score:3, Interesting)
Just saying, I use Firefox as my primary browser. It last crashed.....I can't remember when. Is it maybe possible there's something wrong with your computer?
I use it because IE...though I don't have anything specifically against the new versions, I just don't like it. Chrome, beyond not trusting it being a google product (I assume it logs every keystroke, it wouldn't be out of character for them, though I will grant they probably don't log password fields, but all others...), is there honestly a more blo
Re: (Score:2)
Re: (Score:2)
Re:Firefox is the most unstable program in common (Score:5, Informative)
That's odd, I keep literally dozens of tabs open in it all the time and haven't had it crash on me for as long as I can remember.
Comment removed (Score:5, Insightful)
Re: (Score:2)
I had trouble with youtube playing music as soon as you use flashblock or adblock. No issue at all with other browsers.
FYI this is after I disabled it for the FREAKING SITE. It seems unless they are uninstalled no music or videos can be displayed
Re: (Score:2)
Odd. I use YouTube relatively often, and always have AdBlock Plus &Flashblock enabled/installed. The biggest problem I've run into with the combo is that ABP thus far can't get rid of the smallish semi-collapsing ad that appears within the video and is sponsored by the account holder.
From what I recall, though, the main difference between Firefox and other browsers is that it's the only one that lets ABP block sites from even requesting a resource; on other browsers, all ABP can do is hide elements fr
Re: (Score:2)
My lady is running less plugins than I am, and literally running a subset of the plugins I am running, and her Firefox crashes fairly frequently while mine crashes only occasionally on a resume from suspend. The notable difference is that she is running Windows (7 x32) and I am running Linux (Ubuntu somethingrecent.) If one of us has more stable hardware, it's her, and not me.
Re:Firefox is the most unstable program in common (Score:5, Informative)
I would recommend noscript. Firefox does have a glaring flaw in that all the tabs run in the same process so if one gets wonky, it's game over for everything. It's probably flash that's killing you. I use noscript which blocks everything (like flash) that I don't explicitly want running and it makes Firefox very stable. As a side benefit, it makes browsing much safer. I use Chrome a lot too but when I'm going to any questionable sites, I use firefox just because of noscript.
Re: (Score:3)
Flash runs in a separate process, and has for quite a while.
Re: (Score:2)
Yes. Flash has run in a separate process for 5-6 years now IIRC. When Flash crashes, it doesn't take down Firefox, it just displays a block say that Flash crashed, and I believe it gives you a report link.
Re: (Score:1)
On ubuntu, on my home machine, I find firefox unusable even after much tweaking.
I also notice that chrome handles bad javascript much better than firefox. Other than that I think firefox is a fine browser.
I'm sure most of the security exploits have to do plugins. Its a common trade off, lock it down and make it more secure or open it up and make it potentially more usable.
To each their own (Score:2)
I've just not found that to be the case since the M days. And that's with usually 3-4 windows with lots of tabs open. I actually like and use both Chrome and Firefox. I think to say one is oh so much better than the other just doesn't fly from what I've seen and what my users have said. They both work very well.
Yes. (Score:3, Insightful)
Most people don't open a lot of windows and tabs at the same time. The people who do that are usually those doing serious research. For example, what to do about the changes in Google Voice coming in May, 2014?
The problem is much worse when many windows and tabs are open under the Windows OS and Windows is hibernated several times.
Re: (Score:1)
windows has been unstable for me since 3.0, must be the same bug they still haven't fixed
Re:Yes. (Score:5, Informative)
Most people don't open a lot of windows and tabs at the same time.
Define many. I routiney have 10+ windows with 20+ tabs in most of them, and another 10+ windows with 1 or 2 tabs.
I do software development; not primarily web based, but it comes up both in web apps and web services, so I'm regularly loading and debugging sites that are rendering pretty broken stuff too.
I honestly can't recall the last time FF crashed on me for any reason.
The problem is much worse when many windows and tabs are open under the Windows OS and Windows is hibernated several times.
I haven't rebooted my Mac in ages -- last time I installed an update that needed a reboot. A few months easy.
My home office win 7 destkop gets rebooted around once a month for windows updates. Sleep/hibernate/wakeups the rest of the time.
I'm not disputing your experience. But I do wonder whether your crashes are tied to a particular plugin, or are linked to some other characteristic of your system. We use FF at the office as well, on dozens of computers -- stability is NOT problem there as well. Don't know what to tell you.
Re: (Score:1)
But I do wonder whether your crashes are tied to a particular plugin, or are linked to some other characteristic of your system. We use FF at the office as well, on dozens of computers -- stability is NOT problem there as well. Don't know what to tell you.
Ditto. I run noscript and the only "FF" crashes I've had are the flash plugin and that doesn't even take down FF - I just hit refresh and the plugin reloads. Sounds like his problem is in bad JS or plugins. I'll regularly have 20 tabs open, but usually only in 1 window, or many fewer tabs in each of a couple of windows when doing webdev. And I'm running Windows.
Re: (Score:2)
With 200+ open tabs spread over 20 windows, personally I think I would crash long before the browser.
Re: (Score:1)
Even with lots of tabs open, it's stable for me on Linux. Maybe it's your OS.
Re: (Score:3)
Re: (Score:1)
I do, too, and I have almost never had FF crash on me. Since you mention multimedia content, perhaps its your GPU drivers or some other config.
Re: (Score:2)
My gosh, its almost like 3rd party addons can make a product unstable!
And its almost like people have been misunderstanding that about firefox for the last 10 years!
Re: (Score:2)
What distro/environment? In Mepis, Debian, OpenSUSE, and Fedora, it has been rock-solid stable for me using KDE 4, GNOME2, KDE 3/Trinity. I usually only keep 4-10 tabs open and use the Too Many Tabs extension for the rest, and Iusually kill off the Flash plugin via htop an hour or two after watching a video. That's a nine-year-old 2GHz Centrino laptop with 1GB of RAM, running 24/7 with Firefox almost always in use, AdBlock Plus & FlashBlock installed.
OTOH it crashed or froze up fairly often when I wa
Re: (Score:2)
Correction: 24/7 with Firefox almost always in use when I'm actively interacting with the system (6-12 hours/day, maybe). I didn't mean that there's always somebody using Firefox at all hours of day and night.
Same here. (Score:2)
Re: (Score:2)
Re: (Score:1)
have you considered that GOD has not once appeared in thousands of years?
Re: (Score:1)
God came back recently, through the vehicle of the operating system TempleOS.
Re: (Score:2, Interesting)
Re: (Score:2)
Imagine if a prophet included a page of maths leading up to e=m*c*c or the chemical formula of a cancer cure (although I don't see why a god would invent cancer and then want the cure to be known) or maybe even a work of art that is so inspirational that people are struck with awe? However, if a g
Re: (Score:2)
wtf?! Chrome developer tools SO much better! (Score:2)
What?!?! Chrome developer tools beat the pants of Firebug, in my opinion. I install Firefox for non-developers, for people who consume content. For developing sites, Chrome saves me gobs of time compared to Firefox.
Re: (Score:2)
Sold to the highest bidder? Most.
Nice to see security-research becoming a racketeering operation.
Re: (Score:2)
Considering the article, wouldn't it be kinda obvious why firefox got hacked? The source code is available.
So are most parts of Chrome, including the sandbox.