Mozilla Announces Enterprise User Working Group 156
Lennie sends this quote from an announcement at the Mozilla blog:
"Recently there has been a lot of discussion about enterprises and rapid releases. Online life is evolving faster than ever and it's imperative that Mozilla deliver improvements to the Web and to Firefox more quickly to reflect this. This has created challenges for IT departments that have to deliver lots of mission-critical applications through Firefox. Mozilla is fundamentally about people and we care about our users wherever they are. To this end, we are re-establishing a Mozilla Enterprise User Working Group as a place for enterprise developers, IT staff and Firefox developers to discuss the challenges, ideas and best practices for deploying Firefox in the enterprise."
LOL (Score:3, Insightful)
Enterprise has never been (and I'll argue, shouldn't be) a focus of ours [slashdot.org]
Re: (Score:3)
> we care about our users
And he forgot to say: "The fact that we break your add-ons every few months is in your best interest!"
Re: (Score:2)
Can you elaborate some on that statement? I've been a long time firefox user and have never had an add-on broken except when transitioning between major releases. And even then, it was because the pluin author simply hadn't ported it yet.
For an enterprise, this is all standard operating procedure. Meaning, validation that everything is available and supported on a new release should happen every time. If it doesn't, someone either isn't doing their job of they don't understand what, "enterprise", means.
Re: (Score:2)
Re: (Score:2)
But that means the complaint is entirely baseless. Which is why I was asking for clarification because everyone I look at, his post completely looks like an entirely baseless troll.
Re: (Score:2)
It's not baseless, because Mozilla isn't backporting security patches to older releases, so if you want a secure browser, you have to upgrade to the latest major version. Because the major version changes every couple of months, and plugins have to check against browser version instead of an internal plugin API version, plugins, especially old but still working plugins, break across major versions when they shouldn't, and that means they're going to break often now.
So if you're using a plugin, and the devel
Stability (Score:2)
"have never had an add-on broken except when transitioning between major releases."
Thats fine and all when 'major releases' happen once a year or so. Nowdays its about once a fortnight or so.
Can you imagine Scotty and Spock having to upgrade the ships software every other episode (or Geordi and Data if you prefer TNG)
For myself I will probably continue using FF5.x for a while while I try out the competition. I certainly won't be upgrading Thunderbird .
Re: (Score:2)
I honestly don't mean to offend, but our society is completely screwed up when we now are being politically correct about the most mundane things, such as which scifi reference is acceptable; ST vs ST:TNG. I'm most definitely getting on my soapbox now.
If someone was offended by the selection of one, regardless of which one, would we really care? I mean, wouldn't we have identified a serious loser who likely should be marginalized anyways?
I'm sure you honestly didn't give it a second thought when you wrote t
Re:LOL (Score:5, Insightful)
Enterprise has never been (and I'll argue, shouldn't be) a focus of ours [slashdot.org]
I wonder if that guy is still the community coordinator for marketing...
Re:LOL (Score:4, Informative)
"I wonder if that guy is still the community coordinator for marketing..."
I'm not. I haven't been involved heavily in marketing since a year or so after I co-founded SpreadFirefox back in 2004. I'm currently the Director of the Firefox Desktop product.
- A
Re: (Score:2)
Re: (Score:3)
The anti-enterprise position was never the official view of Mozilla; it was something expressed by a few employees of Mozilla. There are certainly plenty of others who feel quite differently about it, as you can see from reading Planet Mozilla. I don't think Mozilla has expressed a position on any of this.
For example, here's a counterpoint view. [wordpress.com] There's some good points there. The main point: major Firefox releases that include important bugfixes were taking more than a year to come out. This was very bad f
Re: (Score:2)
Can you provide any specific examples?
In any case, Firefox point releases were taking only a month or two to come out, and Mozilla could have easily fixed memory bugs in point releases. There would be no reason to wait two years for bug fixes.
participants? (Score:4, Funny)
is Asa Dotzler part of this workgroup?
Re: (Score:2)
Wouldn't that be kind of like having North Korea chair the Nuclear Disarmament Committee [slashdot.org]?
In other words (Score:5, Insightful)
In true Mozilla fashion, I'm sure that will mean "We'll pretend to listen while we continue to do whatever we want"
Re:In other words (Score:5, Funny)
In true Mozilla fashion, I'm sure that will mean "We'll pretend to listen while we continue to do whatever we want"
See? FOSS software really is just as good as commercial closed-source software!
Re: (Score:2)
Just popular FOSS is as good as commecial closed source software. That is probably why it becomes popular at the first place. (And no, Apache doesn't cut it. It is just popular in a ninche that is "people who run web servers". An important ninche, but still small in numbers.)
What makes me wonder... I have really no idea on what goes on most people heads.
Re: (Score:2)
Web server software doesn't cut it because it's not popular with people who aren't running web servers? Hanh?
Also, "niche".
Re:In other words (Score:5, Insightful)
How long have people been begging for an MSI based installer, and some Group Policy support that is "official".. sure there are scripts that can hack GPO support in, and 3rd party builds of the MSI installer.. but people have been asking since Firefox 2...
Re: (Score:3)
How long have people been begging for an MSI based installer, and some Group Policy support that is "official".. sure there are scripts that can hack GPO support in, and 3rd party builds of the MSI installer.. but people have been asking since Firefox 2...
People have been asking officially since at least 2000.
https://bugzilla.mozilla.org/show_bug.cgi?id=52052 [mozilla.org]
https://bugzilla.mozilla.org/show_bug.cgi?id=231062 [mozilla.org]
Re: (Score:2)
Is there a reason why Mozilla doesn't do it? Is it money related?
Re: (Score:3, Insightful)
Yup. Why should an open source project be constrained to the demands of corporations that aren't involved or contributing to their effort? After all, the Linux kernel doesn't wait for anyone, but that doesn't seem to be a huge problem for corporations (well, except those wanting to deliver closed source drivers.)
Now if they want to take those concerns into consideration (like it seems they're doing) then more power to them.
Re: (Score:2, Insightful)
For the same reasons they should listen to users who are neither involved or contributing to their effort. The whole point is to have a good product used by as many people as possible. Corporate users are still users. If you can add features that they want and get a larger distribution for your product, why would you ignore them?
Firefox has had little corporate use because they are missing vital components that most corporations need (an easy way to roll out the program, updates, and a way to centrally c
Re: (Score:2)
The answer to your last question is, as always, opportunity cost.
That is, they could take such a stab by not doing something else instead. And then you have to decide whether the something else is more important.
Re: (Score:2)
After all, the Linux kernel doesn't wait for anyone, but that doesn't seem to be a huge problem for corporations
Funny, if you look at who writes the code of the Linux kernel ... you'll find them ... working for big companies ... who use Linux.
So whats actually happening even though you can't see it is that ... the linux kernel gets the futures companies want because MOST of the kernel devs actually work on Linux FOR some big company.
You do know what Linus does to pay the bills, right?
Why Mozilla should support non-paying corps (Score:2)
Because people are exposed to Firefox at work and are thus encouraged to use it at home, for instance with Firefox Sync.
Re: (Score:2)
After all, the Linux kernel doesn't wait for anyone, but that doesn't seem to be a huge problem for corporations
You're joking, right? If I had to guess, I'd suspect that most corporate users of Linux in the server room are running some version of RH or CentOS 5.x. My CentOS 5.5 boxes are running 2.6.18 with backported security updates.
Re: (Score:2)
Not really, there are occasional long term support versions of the kernel - eg 2.6.32 is still getting fixes applied upstream. I think the previous long term support version (2.6.27?) is still being supported too.
This is where the Firefox situation is different, they (currently) won't provide any fixes at all for their previous release which might only be six weeks old these days.
Re:In other words (Score:5, Insightful)
Yes, It sounds like their are doing a lot of crazy work where all they need to do is back track and go with a normal version numbers to fix the problem.
Mozilla JUST ADMIT YOU WERE WRONG! and go back to what was working before. Being wrong isn't a sin that is how we all learn, if you are going to bull headed and just make a lot of extra work just to cover your mistake, so you can save face, is plain stupid.
Re: (Score:2)
actually it means go yell in the UG what you want them to do
Re: (Score:3)
You mean despite the fact that it works better than the previous URL bar and was a logical addition to the database that's now being used for bookmarks.
I see a lot of hate for the awesome bar, but really, it beats the crap out of the previous URL bar.
Re: (Score:3)
Don't feed the "the fate of the entire organization hinges on the one (mis)feature I care about" troll. Especially one who can't set maxRichResults in about:config.
Re: (Score:3)
Or just
Re: (Score:2)
Re: (Score:2)
Thanks for being the voice of reason. Thank you. If I had mod points I'd spend them gladly.
The key concept is customization.
Re: (Score:2)
See, when managing a fundamental core app (like the default webbrowser) for an ORGANIZATION, it really isn't much of a comeback to say "just set it in about:config". Yeah, I'll get right on that Chief. With the 4,000+ desktops my team would need to individually visit, you mostly sound like an ignorant ass.
See, you're not really in IT, that's why you're posting as AC. Real IT shops have deployment systems and configuration management systems. If a company wants to push out Firefox without the awesomebar, t
Re: (Score:2)
See, you're not really in IT, that's why you're posting as AC. Real IT shops have deployment systems and configuration management systems. If a company wants to push out Firefox without the awesomebar, that's a near-trivial undertaking.
Sure, you can script a copy of userpref.js into every user's profile, but what if you want to restrict certain config options? You could restrict them all by making the file read only and owned by administrator, but that might not be the desired behavior. It might be better to have an overrideuserprefs.js that can be set to be read only and admin owned, but that takes a recompile. This enterprise forum might allow for suggestions like this which the devs ordinarily wouldn't consider.
Re: (Score:2)
Sure, you can script a copy of userpref.js into every user's profile, but what if you want to restrict certain config options? You could restrict them all by making the file read only and owned by administrator, but that might not be the desired behavior. It might be better to have an overrideuserprefs.js that can be set to be read only and admin owned, but that takes a recompile. This enterprise forum might allow for suggestions like this which the devs ordinarily wouldn't consider.
It's been considered and implemented for a long time. There are several solutions.
Re: (Score:2)
You make it sound like firefox comes bundled with a full-on SQL server when in reality it just reads and writes to a SQLite database and some XML files.
And SQLite has horrible write performance and Firefox keeps writing crap to the database that I don't care about, like the last time I visited a bookmark. If I remember correclty SQLite will call sync() three times every time it updates an entry.
That does ensure that you don't lose all your bookmarks when Windows crashes anymore, but only at the cost of reduced performance all the time.
Re: (Score:3)
You're whining about a performance problem that doesn't exist.
O rly? [mozilla.com] They even have knowledge base articles about issues related to performance and corruption of hte SQLite file that stores bookmarks. So, no, he was not whining about something that didn't exist as a simple Google search would show you more examples.
Re: (Score:2)
And yet bookmark operations are still instant for me.
It's not bookmark operations, it's general sluggish performance when Firefox decides it wants to write lots of data to the database. It's particularly horrible on filesystems like ext3 where fsync translates into 'write all pending data to the disk'.
You're whining about a performance problem that doesn't exist. And if it does - submit patches.
Sure:
Patch - remove all SQLite code.
Done.
Re: (Score:2)
I guess most of these enterprises are using Firefox on Windows. Also, see MSI installer request.
Don't bother (Score:1)
Re: (Score:2)
That said, I don't think current management has a chance of doing what is necessary to win. They've taken their enormous lead in quality and squandered it with marketing stunts and foolish decisions. Forcing the awesomebar, crippling the status bar, database driven bookmarks, marketing-driven version numbers...
Re: (Score:2)
Here's my enterprise anecdote: Corporate standard is IE 8; Firefox is also available as a corporate-sanctioned browser. Years ago, before they started supporting FF, the engineers all had Firefox, and everybody else used IE6, because the engineers knew how to find, install, and use Firefox.
I see that same thing happening with Chrome today: most of the engineers I work with run Chrome as their "unofficial"-but-default browser; IE 8 & FF are installed too, but they are only used when necessary. And
Are you on the same planet? (Score:2, Insightful)
Online life is evolving faster than ever
No, it's not evolving faster than ever. Everything works with IE7. All innovations beyond IE7 are just sugarcoating, most of them invisible on the deployed web. The slow players still decide which features are widely available. The other players are falling over their own feet trying to outrun each other and the users are getting annoyed by an ever changing environment that doesn't let them do their work, for no benefit at all. The browser is a tool, you tools!
Re: (Score:1, Troll)
The problem you describe is caused by exactly the thing they're trying to solve here. Corporate users are stupid and think that deployment strategies which worked 10 years ago still make sense. Anything that touches the internet needs to be able to be updated rapidly, so the corporate "this version is the version we use for the next five years" idea needs to go away.
If you have a web app you consider critical, testing it against a browser version is fucking retarded. Test it against standards, or failing
Re: (Score:3)
Yeah, let's all be running continuously changed alpha quality code because only idiotic dinosaurs want to stick with stable, tested code instead. Oh and while we are at it let's rewrite all code that doesn't use a programming language that is older than 6 months. I mean jeez, if you aren't rewriting everything with the next latest toy language that is coming out you are just so dumb.
Re: (Score:2)
The problem you describe is caused by exactly the thing they're trying to solve here. Corporate users are stupid and think that deployment strategies which worked 10 years ago still make sense. Anything that touches the internet needs to be able to be updated rapidly, so the corporate "this version is the version we use for the next five years" idea needs to go away.
You're misunderstanding corporate IT. They _want_ to update software that touches the Internet ASAP, mostly for security reasons. They don't want to allow end users to update software willy nilly however, and although you can update FF with some psexec fu, just a simple "update silently now" executable would do wonders for scheduled tasks, psexecs, or active directory updates ( without having to download a mar and map drives to copy directories).
Re: (Score:2)
Just say it, corporate users want: security-only updates.
Re: (Score:2)
Anything that touches the internet needs to be able to be updated rapidly
No, anything that touches the Internet needs to be able to be security patched rapidly, but feature upgraded only when doing so won't break essential sites.
Even better would be if programmers writing Internet-facing code never released security vulnerabilities in the first place, or at least had the ability to detect when they were writing code which was boneheadedly never-ever-do-this, this-shouldn't-even-compile wrong. But apparently that's utterly technically impossible.
This is a little like saying "it w
Re: (Score:3)
So what you're saying is that Microsoft's fat-ass is still holding the internet back?
You mean, just like the Operating System? (Score:2)
Did I not hear a projected release date for Windows 8 as the end of this year? Hmmm, I'm pretty sure NO ONE WANTS A NEW WINDOWS ENVIRONMENT.
Please excuse the caps, but putting out a new Windows environment when the vast majority of corporate environments - both large and small - are probably still fragmented between XP SP2, some Vista, and a good bit of Windows 7 is just plain fucking stupid. How many have upgraded all of their internal systems to work with 7? I've been in IT in various guises for nearly 20
Wait a minute... (Score:2)
Re: (Score:3)
No, one of the devs on one of the teams basically said "fuck enterprise", while several folks from the foundation showed up in the slashdot thread to say "He doesn't speak for all of us."
Re: (Score:2)
Where did "Linux" come into this, if I might ask?
My general experience with Firefox on Linux is that Mozilla listens to the people who send them feedback (chiefly distros) too much. Unfortunately, these people are saying things that happen to be false (e.g. that Linux users really want Gnome theme integration more than, say, performance improvements; the two are mututally exclusive in many cases due to the way the Gnome theme system works).
Re: (Score:2)
"And yet Dotzler is in charge of just that, speaking for the Mozilla Foundation and marketing for Firefox."
Actually, I'm not marketing for Firefox. That was a long time ago (years.) Today I'm the Director managing the Firefox desktop product.
- A
Re: (Score:1)
Re: (Score:2)
They got a backlash of user feedback.
Here's hoping they change back to a sane versioning scheme so add-ons won't have to be upgraded so often.
Be sure to... (Score:2)
Starting Point (Score:1)
Don't release a buggy browser with new features only half implemented, and/or poorly tested just for the sake of a bigger version number.
My advice to everyone? Don't use firefox anymore.
Provide MSI and Support for Group Policy (Score:1)
Our it department would be more than happy to roll out Firefox but the lack of msi and group policy support is just a plain no go for them in our field (banking it).
"Re-establishing" (Score:4, Interesting)
Re:"Re-establishing" (Score:5, Informative)
in total three "meetings" [mozilla.org]. and - history repeats itself - the same problems with Firefox in enterprise environments:
* Packaging (MSI)
* Settings Management (GPO)
And the blog with the meeting notes is deleted [blogspot.com]. as I expected: This was a _really_ important project for Mozilla...
Re:"Re-establishing" (Score:5, Informative)
The previous EWG was my effort and yes I believe it it failed because of a lack of interest by Mozilla.
The old information is here:
https://wiki.mozilla.org/Enterprise/Old [mozilla.org]
And yeah, it is sad that the blog came down with the meeting notes.
It looks like the wayback machine caught my back though
http://web.archive.org/web/20080608175739/http://e2pt0.blogspot.com/2007/08/firefox-ewg-meeting-2.html [archive.org]
At least for some posts.
Hope 1 Expectations 0 (Score:5, Insightful)
I'll follow and contribute as much as I can, hoping that something changes, but having the cold expectation that nothing will. On the windows side, FF essentially needs three things:
1. MSI for deployment.
2. GPO management.
3. Mozilla branding and support for the above, so I can automatically update the browser.
That's the peanut butter and jelly for enterprise. I can get the first two from other people, why not you guys? Why it has taken this long to get to this point is beyond me. Seriously, the 'battles' between chrome, opera, and firefox are like watching soccer moms fight to the death over the last tickle me elmo at a Walmart when there's a toy store next door with aisles full of the same toy, cheaper. Seriously, do you guys want to keep scratching with each other over grandma's machine, or do you guys want people like me to push your product to 50 machines at once, and let 50 people *see and use* your browser, learn for themselves that it's better, and take it home with them?
Re: (Score:2)
Seriously, do you guys want to keep scratching with each other over grandma's machine, or do you guys want people like me to push your product to 50 machines at once, and let 50 people *see and use* your browser, learn for themselves that it's better, and take it home with them?
Nah, we'll just make half-hearted attempts to quell unfounded "enterprise" FUD and let all the end users at home or in school enjoy our product's benefits, then take it to work with them -- You know, like BBSs, the Internet, Cellphones then Smartphones, etc, etc.
Re: (Score:2)
Only old luddites still use computers in the enterprise! The new hip kids are all unemployed and on the streets with their smart phones!
Re: (Score:2)
Read that list again:
"1. MSI for deployment.
2. GPO management.
3. Mozilla branding and support for the above, so I can automatically update the browser.
That's the peanut butter and jelly for enterprise. I can get the first two from other people"
Auto update of the browser does not work with FM for obvious reasons. I can re-push via GPO, but then I get the Frontmotion branding back (getting rid of icons is trivial, but it's still a pain in the ass. FM 3 required some reg hacks, 4 at least seems to be sane enou
Active Directory Integration? (Score:2)
Does this finally mean that there will eventually be complete Active Directory integration or something similar of a sort? Having a centralized way to manage Firefox clients would be brilliant.
The real plan? (Score:4, Insightful)
o stop supporting enterprise deployments (by rapid release, no bug fixes only)
o start an enterprise working group
o profit! (charge for support)
Re: (Score:2)
Just get a Google Apps account. Even having one GA user license gives you the ability to call Google (on the phone!) and get support for Chrome.
You don't need anything particularly fancy. (Score:5, Insightful)
1) Throw the MCSEs a bone: give them their MSIs and GPOs. Alternatively, bless FrontMotion's MSI and GPO projects as the "official" ways to get these things for businesses that need them.
2) From time to time (but no more frequently than once every two years), tag a release as Long-Term Support. This is exactly what it says on the tin: this release gets official support from Mozilla, including security fixes, until the next Long-Term Support release.
3) Support for a non-LTS release is not dropped until there have been at least two major releases since then. Under the current situation, that means FF5 support would not be dropped until the release of FF7, which in turn would not be dropped until the release of FF9.
I realize that long-term or even mid-term support is not sexy. Techies always want to live on the bleeding edge. But not every person or business is willing, or even able, to do that. They also need to be taken care of.
Re: (Score:2)
So your proposal #2 + #3 is basically that Mozilla spend a bunch more engineer time on support than they ever have, right?
Are you planning to provide those engineers, their management structure, training, etc?
Or are you hoping they'll magically appear? What do you suggest Mozilla _not_ work on to do that?
Re: (Score:2)
Currently they have enough resources to keep four versions in the air at once: Current, Beta, Aurora, and Nightly. This is actually up from the previous structure, where they had up to three versions in the air at once: current, one back, and (sometimes) Beta.
It's also worth noting that the people taking care of Current already have a lighter load than the other three teams, because their product has already gone through multiple rounds of QA and isn't getting any new features. My thought, therefore, is to
Re: (Score:2)
Currently there is one version actively being developed, a testing version which fixes may need to be backported to, a release candidate (requires basically no resources, more or less by definition) which is misnamed "Beta", and a release version which only gets a fix in extraordinary situations (actively-exploited zero-day). So there are only two versions to really support, and they're very similar to each other so most of the time the same patch applies to both.
With LTS, you lose that last benefit; backp
Re: (Score:2)
Boris - Charge for LTS? The people who need it can and will happily pay the cost, which should be minimal per user. Heck, you could even make a profit to support additional enterprise features (msi, gpo) and other FF development; I don't think anyone would complain.
I suspect I'm not the first to suggest this hybrid model, which as you know has been used by many open source organizations. What happened in prior discussions?
guanxi
Re: (Score:2)
I think the upshot in previous discussions was that Mozilla needs the core people working on the things they're actually working on more than it needs the money.
Or put another way, nothing is stopping other organizations from just paying people to do LTS (and Debian and Red Hat have done just that, with Mozilla providing the bug database, version control setup, some code reviewer bandwidth, etc). Presumably if people want _Mozilla_ to do LTS and pay for it (as opposed to paying a third party) that means th
Re: (Score:2)
Thanks for explaining. I would be concerned about software whose security patches are produced by a 3rd party. Some things need integration with the organization's knowledge, processes, etc, and aren't good candidates for outsourcing. Maybe that is the concern of others, too; I don't have experience with Debian and Red Hat's patches, however.
Thanks again; it's great that Mozillians are engaging the public on this issue.
Re: (Score:2)
Perhaps these "enterprises" that so dearly want these things could put some money together and give it to Mozilla to cover the added costs. That way the cost to any one company would be minimal, and they'd all get what they want. And "enterprises" are supposed to be huge businesses anyway, so the cost of a developer or two should be chicken feed to them.
Oh, who am I kidding? It's cheaper to just make demands.
Re: (Score:2)
What would be useful would be providing people, not money. Mozilla _has_ money if you look at financial statements; what they have a hard time doing is finding good people and working them into the organization (c.f. mythical man-month for the problems with the latter).
Re: (Score:2)
What would be useful would be providing people, not money. Mozilla _has_ money if you look at financial statements; what they have a hard time doing is finding good people and working them into the organization (c.f. mythical man-month for the problems with the latter).
Other software organizations hire, integrate, and are productive with many more developers than Mozilla. It's hard to believe Mozilla's problem is human resources.
Re: (Score:2)
> Other software organizations hire, integrate, and are
> productive with many more developers than Mozilla.
Yes, but they also typically took their time growing to that point.... Mozilla Corp has grown by at least a factor of 3 in size over the last few years. That's always pretty difficult.
Note that the problem is not just hiring people, but hiring people who actually get open source (and don't get upset when they don't get checkin privileges their first day on the job, will actually work well with
Re: (Score:2)
Perhaps these "enterprises" that so dearly want these things could put some money together and give it to Mozilla to cover the added costs.
Moz lives and dies by the add click.
Show me some evidence that Moz is acrtively pursuing alternative sources of funding and is willing to make the concessions needed to get there.
Re: (Score:2)
What do you suggest Mozilla _not_ work on to do that?
The 15 different iterations of the search / address bar that we've had in the last couple months would be a nice start. They could also merge existing projects such as Frontmotion's work into their own rather than reinvent the wheel....
Re: (Score:2)
> The 15 different iterations of the search
> / address bar that we've had in the last couple
> months would be a nice start.
Which of the people working on that would have been able to write core security fixes for stable branches?
> They could also merge existing projects such as
> Frontmotion's work into their own
That would involve Frontmotion wanting that, no? Do they?
Seriously, this has been discussed literally for years, pretty seriously. It's not like the people involved are dumb. It's j
Re: (Score:2)
Which of the people working on [any feature] would have been able to write core security fixes for stable branches?
Um. This is a trick question right? All of them. Because if your programmers can't write secure code, why are they writing Internet facing code?
See, the mere existence of a question like this ought to put the heebie-jeebies into every programmer in existence. This is the 2010s now! All your code is Internet-facing, security-critical code, all the time! No exceptions! If you can't write secure code, you are getting your computer and all your clients' computers pwned by LulzSec script kiddies! Bad programmer!
Re: (Score:2)
> Because if your programmers can't write secure
> code, why are they writing Internet facing code?
The location bar, which is the context here, is NOT internet-facing, actually.
But that's not the point. Writing security fixes doesn't just require writing secure code but also an understanding of what the security model is, why it failed, and how to fix it. This is much harder than writing code to start with.
> The language should just automatically take care
> of all known security vulnerabilities
Re: (Score:3)
What do you suggest Mozilla _not_ work on to do that?
Oh, ask me! Ask me! I have lots of ideas! For starters hw about:
* all of WebGL, because I don't need another gaping security hole in my browser and WebGL was the first thing that crashed Firefox 4 on our work computers
* the entire 'personas' architecture, because why does anyone need fifty 'Harry Potter' skins that make it harder to see where the buttons are?
* all of HTML5 until some adult enters the room and actually writes a standard for it
In fact, how about not adding any 'features' at all until you fix
Re: (Score:2)
You don't even have to cut exec salaries to hire more people. But:
1) Hiring more people may not move the work faster (c.f. mythical man-month).
2) Hiring people is not that simple. Mozilla has been actively hiring for years, and just can't find enough people so far.
3) By your argument, the same people could be hired to work on something more important, if something else seems to be more important.
Re: (Score:2)
They aren't committing, which makes me suspect that this group is simply a bone thrown to divert criticism.
Hey, that's great! (Score:2, Insightful)
Mozilla bleeding from the eyeballs? (Score:2)
I just don't get it. When Firefox was known as mozilla 0.3, they were doing this sort of crap. For several years now though, they've _mostly_ got the development and release models right. Now over the last year, they've totally gone off the rails.
FF4 is buggy, clunky, and has new UI elements that apparently came from the mind of a blind and retarded monkey--and in some cases, no way to turn them off! FF5 is...mostly identical. Same UI, and still buggy.
But hey--FF4 isn't supported anymore, and presumably FF5
Re: (Score:2)
At least Windows users get some sort of installer (Score:2)
Whilst an msi would be better than an exe installer, at least Windows users get the latter. Mozilla has never provided a natively-packaged (.deb or .rpm) Firefox of any sort for Linux, never mind any official 64-bit builds. Yes, distros can and do provide both, but they aren't always updated timely, particularly if you're on an LTS release.
Mozilla should, if they're trying to catch any Linux admins, provide repos for the most common Linux distros (Ubuntu and Fedora to start, maybe others later) - it can't b
Re: (Score:3)
it is not surprising that many would be willing to slow progress in the name of stability.
Indeed. What many in the web development sub-industry don't seem to grasp is that progress that breaks existing stuff isn't progress, it's just random unmotivated thrashing around, aka, destruction. Progress means going forward, and that means adding features - not breaking existing ones.
In the software industry, we've somehow internalised a false idea, which is that all new development necessarily means changing the way we used to do things. But that's not actually true. If we did things right in the first
Re: (Score:1)
This hideously misspelled derivation of 'faggot' is primarily used by uneducated rednecks who fail to see the irony of calling someone a derogatory name but having no idea how to say the word.
Re: (Score:2)
Yes but until frontmotion==Mozilla corps will see it as a modified version of Firefox.
I say Mozilla has about 3-6month before what small Corporate street cred they have is gone.
After that it won't matter. This story will hit the trade magazines and the hype towards Chrome will be against them in Corps' minds.
The only card Mozilla will have left is that Chrome makes it easier to track its users. And if they play that card, Google will pull the plug on their cash flow.
Re: (Score:2)
"Enterprise". Hate that word!
Here's a definition. "Enterprise" means "it just works, it installs, upgrades and uninstalls cleanly, it patches its security holes without breaking other unrelated stuff at the same time, it does all of this in a silent, automated manner on 10,000 workstations at once, and it doesn't spend all its development budget on animating a flashing monkey in a million pixels and chasing the fickle consumer market instead of just doing its job."
Most "Enterprise" class software isn't (so very much isn't), but at leas