Firefox 48 Released With Multi-Process Support, Mandatory Add-On Signing

Mozilla on Tuesday released Firefox v48, touted as one of the most important updates the browser has ever received. With the new version, Firefox starts migrating users to using mullti-process threads (e10s, Electrolysis), and it is also the first version to ship with Rust component. In addition, Firefox is now also making add-on signing mandatory. From a Softpedia article: Announced last year, Electrolysis, e10s, or multi-process support is Firefox's ability to process core browser operations separately from the content viewed on a Web page. Multi-process support allows a page to crash without bringing the entire browser down with it and improves the browser's overall performance. e10s rollout will take place in two phases, first in Firefox 48, and it will finish in Firefox 49, set for release on September 13, 2016. Mandatory add-on signing refers to Firefox preventing users from installing any add-ons that have not been approved by Mozilla's testers. This is something similar to what Chrome employs, but Firefox users have been spoiled all these years, always having the capability of installing any add-on they've desired. Rust is a programming language that's a revamped and improved version of C++ but that protects developers from accidentally including dangerous memory bugs in their code. It achieves this by how the language was constructed and by how developers write the code.

Because dangerous memory bugs should be intentiona

[davidwr]

accidentally including dangerous memory bugs in their code

Good, now I can be assured that all of my dangerous memory bugs in my code are intentional [ioccc.org].

Re:

[KiloByte]

The ioccc is merely unreadable, it makes code really stand out. Instead, you want Underhanded C [underhanded-c.org] where code must be clear, appear good and pass code review.

Mozilla's starting to get back in shape

[LichtSpektren]

I've been on Nightly for awhile now and the performance with e10s is now almost as good as Chrome's. Firefox Hello is thankfully going to get axed in a future release, and if Mozilla continues to fine-tune the performance a bit more and rips out Pocket, I think Firefox will be back on top.

Re:

[Anonymous Coward]

Firefox has been the better browser for the past 2-3 years and nobody knows it. Just wait until they deploy WebExtensions in September. Firefox is now much more stable than Chrome, at both a low and higher number of tabs opened. Just wait until everyone realizes this and have the option to use Chrome extensions on Firefox.

Re: Mozilla's starting to get back in shape

[cfalcon]

> No per tab processes means no real sandboxing at the kernel level.

This change seems to be about stability more than security. Remember, if a browser process is owned, it is still running with all the permissions of the browser process. It can certainly go dick with other processes running, such as other instances of the browser, your email client, etc. But a crashed process that runs everything with threads is, everything is crashed, while if different tabs are there own processes, you lose that tab.

Thus, sandboxing

[cbhacking]

While what you say is true on some level - a compromised process can dick with your system, including other processes, just fine - you're missing the point of having a multi-process browser for security. The vast majority of what a browser does requires almost no access to the rest of the computer. You can have one container process that runs with user privileges and implements the few things the browser needs to be able to do to the system at large (save downloaded files, etc.) in a very secure manner, and is also responsible for launching sandboxed, low-privilege sub-processes that do the dangerous work of a browser (parsing web server responses, running plugins, executing javascript, etc.). If these sandboxed processes are compromised, the attacker can still fuck with your browser... but they can't get out into the rest of your system.

This is how Chrome and IE have worked for years (though Chrome's sandbox is a lot tighter than IE's). It's not just about stability/reliability, there's also a very real element of security here. Chrome's sandboxed render processes are so underprivileged that there's practically nothing a compromised one can do (to the rest of the computer) except try to attack its full-user-privilege container / broker process (through the IPC channels that let it do things like say "Please ask the user where they want to save this downloaded file"), but that is a very small attack surface compared to most of what a browser does, and the trusted process can have that attack surface very well-hardened.

Re:

[sexconker]

Truth. And before someone says "Yeah but the fucking PLUGIN crashed, it's not Mozilla's fault!!~1!":

The plugin container shouldn't allow a plugin crash to take out the whole browser. In FF, it still often does.

Re:

[The-Ixian]

It has always been on top for me.

I like the idea of using an independently produced browser where I am not the product. Not saying that FF is 100% free of these influences, but it is certainly better than Chrome or IE/Edge.

Re:

[cfalcon]

Also consider Pale Moon. I think if I had to pick exactly ONE browser, I'd probably end up with Chrome- but I don't, so I use Pale Moon for almost everything, Firefox for some things, and Chrome when I need it.

Re:

[gfxguy]

I actually have the least compatibility issues with Firefox. Actually, it's one thing in particular (Pulse connect on Linux) that won't launch on Chrome. I haven't had any other problems with Firefox, and haven't even noticed any speed issues, so it's actually my go-to browser right now. Of course YMMV - I don't do a whole lot of non-basic web browsing.

Re:

[gmack]

How does the memory usage compare to Chrome?

Re:

[LichtSpektren]

Not noticeably different for me on Windows 7, but I use different extensions in both browsers, so it's not a fair comparison.

Re:Mozilla's starting to get back in shape

[chefmonkey]

A lot has been written on this, but this is a good and recent analysis: http://www.erahm.org/2016/02/1... [erahm.org]

tl;dr: Chrome uses twice as much memory as Firefox on all platforms.

Re:

[jensend]

Why the hate for Hello? I get the privacy/security/why are we integrating a 3rd party extension/etc concerns with Pocket. But Hello seems like a more natural fit in the browser itself, especially with the WebRTC push.

Re:

[sexconker]

Nobody wants WebRTC. Nobody wants websites to be able to send your browser alerts, either. Clowns need to stop working on shit nobody fucking wants.

Re:

[tepples]

Without WebRTC, how is one supposed to build a web-based voice chat application or a web application that scans product barcodes? Or should such applications be forced to be native and thus unavailable on platforms other than the developer's?

Re:

[LichtSpektren]

How's it gotten worse in the past three or so releases?

Multi-process not available for most users?

[trawg]

I was kind of excited by this so updated immediately instead of my usual process of waiting a couple days.

While it was updating I did another unsual thing - clicked through to the article - where I read the following:

e10s rollout will take place in two phases, first in Firefox 48, and it will finish in Firefox 49, set for release on September 13, 2016.

Firefox with multi-process support will first reach 1 percent of the users who don't have any add-ons installed in their browser, and in ten days' time, Mozilla will activate e10s for 50 percent of the same users.

Full e10s support for Firefox instances using extensions or running on older versions of Windows will be available in the fall, during the second rollout phase scheduled for Firefox 49.

So, at a glance (and from what I can see from my now-updated install), multi-process is not /really/ included in this release except in certain cases like users who don't have any add-ons.

Re:

[LichtSpektren]

You can check if e10s is available by going to Options -> General -> "Enable multi-process Firefox". I think what TFA means is that it's off by default (unless you don't use addons) until Firefox 49, but can somebody confirm that?

Re:

[trawg]

You can check if e10s is available by going to Options -> General -> "Enable multi-process Firefox". I think what TFA means is that it's off by default (unless you don't use addons) until Firefox 49, but can somebody confirm that?

I definitely do /not/ have that option available.

I can see a few things in about:config and about:support relating to it; it may be possible to get it going by mucking around with options but it's certainly not at the point to justify the headline.

Re:Multi-process not available for most users?

[Barefoot Monkey]

If you're using Firefox 47 or later you can enable e10s yourself. What you read simply means they won't be switching it on for you until FF49.

You can enable e10s by going to about:config and setting browser.tabs.remote.autostart to true. Restart your browser and then visit about:support and look up "Multiprocess Windows" on that page to see if it's enabled. (It might still be disabled if you have one or more add-ons that don't support e10s - if only it would tell you which)

I haven't installed the Firefox 48 update yet, but it may well introduce an option in the Options panel for you to enable multiprocess without having to go through about:config.

Re:

[trawg]

You can enable e10s by going to about:config and setting browser.tabs.remote.autostart to true. Restart your browser and then visit about:support and look up "Multiprocess Windows" on that page to see if it's enabled. (It might still be disabled if you have one or more add-ons that don't support e10s - if only it would tell you which)

Yeh it still shows as disabled with add-ons. I haven't tried with add-ons disabled (it'd kind of defeat the purpose of using Firefox for me :)

Re:

[Freultwah]

Add browser.tabs.remote.force-enable and set it to be true. That should take care of it.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Big_Kay]

With add-ons disabled, it still lists 3 in about:support: Firefox Hello, Multi-process staged rollout, and Pocket. If you go to about:config and check extensions.xpiState, it shows the plugins, and which ones are "multiprocessCompatible" and those that are "runInSafeMode". Firefox Hello, Multi-process staged rollout, and Pocket are all shown as: "multiprocessCompatible":false,"runInSafeMode":true

Re:

[radarskiy]

"and in ten days' time, Mozilla will activate e10s for 50 percent of the same users."

It's disturbing that they're changing the configuration default outside of a visible version update.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:for a minute there i thought i had freedom.

[LichtSpektren]

The point of signing the extensions is so that some compromised or malicious developer doesn't put malware into an extension's update stream; which can be (and has been) a huge problem, since by default extensions auto-update. So, disallowing unsigned extensions is a security feature. If it turns out Mozilla will be nefarious about it, then you can always recompile Firefox from source with the mandatory signing thing cut out, or go to some fork. Right now I don't think it's a bad move.

Re:

[ewhac]

The point of signing the extensions is so that some compromised or malicious developer doesn't put malware into an extension's update stream; which can be (and has been) a huge problem, [ ... ]

[ Citation required ]

Re:

[CrashNBrn]

It's happened on Chrome's "store". I haven't heard of any such skullduggery within Firefox's realm.

Re:

[duke_cheetah2003]

The point of signing the extensions is so that some compromised or malicious developer doesn't put malware into an extension's update stream; which can be (and has been) a huge problem, since by default extensions auto-update. So, disallowing unsigned extensions is a security feature. If it turns out Mozilla will be nefarious about it, then you can always recompile Firefox from source with the mandatory signing thing cut out, or go to some fork. Right now I don't think it's a bad move.

I find it a bit hypocritical that people are "ooh ahhh, nice!" for mandatory signing of Firefox addons, but scream bloody murder when Windows 10 requires mandatory signing for drivers. WTF computer people? Why is it ok for one vendor to behave like this, and not for another?

Personally I don't care either way, but I'm just sitting here thinking, "WTF? Make up your minds, is mandatory signing good or bad?"

Re:for a minute there i thought i had freedom.

[Barefoot Monkey]

I don't find it hypocritical at all. If I want to use addon that isn't signed I can simply send it to Mozilla to be signed. It's quick and easy, and has no cost. I can do this for as many addons as I want, whether the addons are my own creation or somebody else's. Alternatively, I can use the developer edition, or a nightly, or the current ESR version of Firefox where this ceases to be an issue at all. With Windows 10 I have none of those options - getting a driver signed by Microsoft is prohibitive, so there's simply nothing I can do. Being completely different situations with nothing more than a superficial similarity, having a different reaction for each is quite reasonable.

Re:

[chefmonkey]

While literally true, that's hardly an honest assessment. It's impractical for all but 0.01% of the userbase. The rest are just stuck with whatever mozilla decides.

Or you could click here: http://archive.mozilla.org/pub... [mozilla.org]

You aren't as locked out as you're claiming to be.

Re:

[110010001000]

Personal computing in 2016 means that all your personal information is stored on computers owned by the corporations.

Re:

[NotInHere]

Except that in this case, the mozilla corporation is owned by the mozilla foundation, and their intentions are good.

Re:

[LichtSpektren]

God, I wish I had mod points to give you. This growing issue in the computer world has been a HUGE pet peeve of mine.

How is it a "growing issue"? If you use an open platform like Windows (pre-10) or Android or macOS or Linux, you can install whatever browser you want. If it turns out Mozilla will be nefariously constrictive of their products, you have the freedom to use something else.

Re:

[tepples]

Thinking back on it, as I recall every other version of Windows that's ever been released has been a closed-source, proprietary, commercial product.

Previous versions of Windows were proprietary software, I'll grant. But they did not require device drivers to be sponsored by a corporation or LLC. Windows Vista, Windows 7, and Windows 8.x required device drivers to be digitally signed with a kernel-mode software publisher certificate, but they did not specifically require that the certificate be EV. As far as I can tell, only corporations and LLCs qualify for an EV certificate, not individuals.

punctuation goes inside the quotation marks

I was taught that this is true only if the punctuation is par

Re:

[avandesande]

It's like 50$ to set up a LLC. If you are messing around with custom drivers it might be a good idea to use one for liability reasons too...

Re:

[TangoMargarine]

I was taught that this is true only if the punctuation is part of the material being quoted.

You were taught wrong.

As a programmer this irks me, but it's true.

One thing the British get right

[tepples]

"How to Use Quotation Marks" by Mignon Fogarty [quickanddirtytips.com] states: "in British English periods and commas can go inside or outside (kind of like the American rules for question marks and exclamation points)." I write in American English with two exceptions that I can think of: periods and commas interact with quotation marks in the British manner, and dates are in international form (yyyy-mm-dd). I've chosen to mix select aspects of one national style into another where I find it justifiable, and if that's inherently w

Re:

[TangoMargarine]

You're aware of the meaning of "quick and dirty," yes? As in "not rigorous and when somebody gets in an argument about formal language use and you cite one, you get laughed out of the room."

So American English consistently goes inside, and British English apparently can't be arsed to make a consistent rule. So what possible advantage would there be in going with British English in this case? :P

Re:

[tepples]

As in "not rigorous and when somebody gets in an argument about formal language use and you cite one, you get laughed out of the room."

I cited something. What did you cite?

"in British English periods and commas can go inside or outside (kind of like the American rules for question marks and exclamation points)."

British English apparently can't be arsed to make a consistent rule.

Yes it can. The cited article describes "the American rules for question marks and exclamation points" as follows: "If the question mark or exclamation point is part of your quotation, it stays inside; but if the question mark or exclamation point are not part of the quotation, they go outside the closing quotation mark." So under the British rule, iff the quoted text ends in a period or comma, the period or comma goes inside. Furthermore, page 2 of the cited article sta

Re:

[LichtSpektren]

Some corrections to your post:

1. Windows 10 isn't an open platform because the OS will uninstall your programs if they are not Microsoft's preference. Cf. https://tech.slashdot.org/stor... [slashdot.org]

2. The telemetry that was backported to Windows 7 can be uninstalled by denying certain updates. Cf. https://gist.github.com/xvital... [github.com]

3. According to American style, the question mark only goes inside the quotation marks if a question is the substance of what is being quoted. Cf. http://www.grammarbook.com/pun.. [grammarbook.com]

mandatory "freedom" not to do as "desired"?

[sittingnut]

"mandatory add-on signing refers to Firefox preventing users from installing any add-ons that have not been approved by mozilla's testers. ... firefox users have been spoiled all these years, always having the capability of installing any add-on they've desired."

of course doing what we "desire" should not be allowed.
stay within the plantation and obey the rules, that way nothing gets broken or get crashed (hopefully). and nobody gets "spoiled", god forbid!
we, the user children, should not be 'spoiled" by allowing us to make mistakes, by too much freedom to do what we 'desire'.

be calm, be correct, be at peace, ... as in "rest in peace"? in mozilla's politically correct heaven.
 

Re:

[nowsharing]

It's really a double-edged sword. The main critiques of FF has been memory leaks and performance (compared to Chrome usually). The biggest hit in performance is almost always due to inefficient add-ons and extensions. Signing add-ons gives Mozilla their first chance to deliver a multi-process, memory efficient browser.

Also, if you look at normal people's FF installs, they're often full of malicious extensions and toolbars. This is Mozilla striking back at malware/adware parasite companies by neutering the

Re:mandatory "freedom" not to do as "desired"?

[NotInHere]

If you really have unsigned add-ons you want to install, there are multiple options for you. See the FAQ entry "What are my options if I want to install unsigned extensions in Firefox?".

https://wiki.mozilla.org/Add-o... [mozilla.org]

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[LichtSpektren]

next year, add-ons that circumvent DRM and TOS will no longer be signed due to legal pressure by the bigplayers. so enjoy your "tube" downloaders while you still can.

Well, if that happens, then large swathes of people will flock to other browsers, including myself. Until then, it's not a reason to not use Firefox.

Re:mandatory "freedom" not to do as "desired"?

[TangoMargarine]

If you don't like it, why don't you fork it

It's called Pale Moon. You should check it out :)

Electrolysis Meh.

[CrashNBrn]

Splitting Firefox's tab data over into the "plugin container for Firefox" hasn't done much to improve Firefox's GUI performance. Once FF hits certain ram limits, it will start ignoring mouse clicks and keyboard shortcuts. So while FF may claim its NOT unresponsive, I think the fact that now it's acceptable for FF to IGNORE hardware input from the user, instead of delaying it until it can process is far worse.

I can't wait to get off this sinking ship. Maybe Piro could crowdfund Tree Style Tab for Chrome.

Enterprise users last remaining users...

[kimvette]

Not satisfied with alienating the general public, Mozilla, who are hell-bent on losing all market share, have now successfully alienated their remaining userbase: enterprise users, with this:

"Mandatory add-on signing refers to Firefox preventing users from installing any add-ons that have not been approved by Mozilla's testers."

They will no longer have to listen to the userbase complaining about the many memory leaks and race conditions in Firefox because they have finally gotten rid of the annoying users.

S

Re:

[LichtSpektren]

Firefox has the best standards compliance of any browser, its performance nowadays is not too far off from Chrome's, and it's just as extensible as ever. Can you show me any examples of Mozilla refusing to sign a non-malicious extension?

Re:

[Dagger2]

and it's just as extensible as ever

They're working hard on this. Their announced plan is to drop support for extensions soon (to replace them with, approximately, Greasemonkey scripts, which can't do anything like the range of things extensions can).

And this version of Firefox takes away your ability to decide what code runs on your own computer when you use it, which just isn't acceptable. It's not good enough that Mozilla will probably give you permission to run one exact, unmodified version of an extensi

Re:

[LichtSpektren]

Sorry for the double post, but see here: https://wiki.mozilla.org/Add-o... [mozilla.org]

"How will the unbranded versions of Firefox work?

They work just like Firefox, with two differences: they will have a setting to disable mandatory signature checks, and they will not have the Firefox name and logo (instead using a generic name and logo). These builds are available in the en-US locale only."

Re:

[The-Ixian]

I just don't see the supposed performance issues with FF.

FF is my daily driver though I have IE, Edge, Opera and Chrome also installed on my computer. I use them all for various purposes (Chrome for chromecast, Opera for side project work, IE and Edge for work and FF for personal/everything else) and I just don't see any performance differences. If there are, they are measured in time increments imperceptible to me.

Welcome to 2009

[Billly Gates]

Chrome 1.0 and IE 8 are happy you can have security in lowrights mode in appdata and can use more than 1 core wahoo

Mandatory signing

[rlk]

Three showstoppers:

1) I have a bunch of old extensions that are not signed. Things like FLST, OpenNewWindowFromHere, and others. I'm not much interested in losing that functionality.

2) I sometimes like to edit extensions with, you know, emacs or something. Things like FLST, where I like the tab flip behavior but not the focus last selected tab itself, which the developer didn't provide a way to turn off while keeping tab flipping.

3) Some extensions have code that can't be given to Mozilla for verificatio

Re:

[The-Ixian]

Workaround is to use a dev or nightly build.

Re:

[tepples]

I have a bunch of old extensions that are not signed. [...] I sometimes like to edit extensions

If an extension is licensed for redistribution, you can solve cases 1 and 2 by submitting it to AMO as an unlisted extension.

Some extensions have code that can't be given to Mozilla for verification because the code is proprietary.

Organizations with in-house extensions experiencing case 3 can use Firefox ESR.

Re:

[NotInHere]

Organizations with in-house extensions experiencing case 3 can use Firefox ESR.

But won't firefox ESR 52 include mandatory add-on signing?

Re:

[tepples]

Unlike Firefox current, Firefox ESR 52 will allow it to be turned off. From Add-ons/Extension Signing [mozilla.org]:

Signing enforcement will be enabled by default in [ESR] releases, and enforcement can be disabled using the xpinstall.signatures.required preference.

Re:

[suutar]

sounds like you want the developer branch.

Unifiedcomplete Preference Removed

[rsmith-mac]

Heads up, FF 48 has removed the browser.urlbar.unifiedcomplete setting [techdows.com]. This setting was introduced in Firefox 43 to disable the annoying Unified Complete [ghacks.net] system introduced in that build. Unified Complete is what causes the first drop-down result to be "Visit/Search With [domain]" rather than the most relevant result, as was the default before Firefox 43.

Since the preference has been removed entirely, there is no current way to get this behavior back. It would need to be fixed by an extension.

Re:can we please

[LichtSpektren]

Firefox has about 10% market share (several studies collected here [wikipedia.org]), which is hundreds of millions of people.

Re:can we please

[Joce640k]

That's probably going to drop a bit it they break all the add-ons.

(Again...)

Re:can we please

[LichtSpektren]

That's probably going to drop a bit it they break all the add-ons.

(Again...)

My interpretation of Mozilla's plans is that they plan to gradually deprecate XUL in order to give time for developers to keep their extensions working with every version of Firefox. So it's not as if they're all going to break overnight. Some will break and won't get fixed if they're not maintained, but that happens on every platform.

Re:

[Dagger2]

The plan is actually to drop extensions completely. They're also adding support for what are roughly Greasemonkey scripts, but those aren't going to be anywhere near as capable as extensions are.

If your extension can be ported to a content script easily, then great, but otherwise you're screwed and won't even be allowed to keep your extension working.

You must be new here

[sjbe]

Can we please stop posting about minor, useless OSS software releases? It's not like anyone uses this piece of shit anymore.

Really? Wow and here I thought I was using Firefox to type this. Thanks for letting me know that I'm not really using the browser I think I am.

Re:

[epyT-R]

So what do you use? Edge?

Re:

[JustAnotherOldGuy]

So what do you use? Edge?

Lol, "Edge", also known as The Little Browser That Couldn't.

Couldn't load slashdot or yahoo or any moderately complex page without choking and then helpfully informing you that "Edge has stopped and is restarting". Only to crash AGAIN, and again, and again. But who needs a browser that understands CSS, Javascript, or those new-fangled "image" thingys, right?

Re:can we please

[LichtSpektren]

What if add-ons don't sign? Can we still "force" them in?

See here: https://wiki.mozilla.org/Add-o... [mozilla.org]

Re:

[sexconker]

What if add-ons don't sign? Can we still "force" them in?

For the regular builds, no.

The developer build and the "unbranded" builds will let you, for now. This too will go away at some point.
Note that the "unbranded" builds are auto updating to the regular Firefox builds, so if you use one of those you need to disable automatic updates. It's a "bug".

Re:can we please

[chefmonkey]

Alternately, you can grab the add-on and push it to the add-ons server for signing yourself -- it's all automated. The point of signing is that it allows Mozilla to shut off malicious add-ons when they arise. As mentioned elsewhere, all add-ons hosted on Mozilla's servers have already been signed, so you'd only have to do this if you found some unmaintained add-on lying around elsewhere on the web. To be honest, that sounds kind of fishy, so I'd proceed with caution.

Re:

[LichtSpektren]

I was about to rush and grab it until...

"Firefox is now also making add-on signing mandatory"

I don't see what the big deal about this is. Everything on addons.mozilla.org is already signed. If you have some legacy thing that hasn't been signed yet, you can use the Extended Support Release until Firefox 52.

Some Issues Around Mandatory Signatures

[Anonymous Coward]

The largest problem with mandatory signing is that you must send your source-code to mozilla to be signed and they do not (and really, can not) guarantee that it won't leak out to someone else. So if you have an in-house developed extension that contains proprietary business information, you must choose between getting it signed or running versions of firefox that do not receive regular security updates and do not have signature checking for any extensions at all, so are basically the worst of both worlds.

Firefox ESR allows turning it off

[tepples]

They could avoid this problem with one level of abstraction, you sign your own extension then they sign that signature.

Mozilla won't blindly countersign extensions because it wants to avoid a situation where you sign an extension and then distribute it to the public without Mozilla having a chance to check it for the most obvious malicious patterns.

The correct solution would be to have a signature checking config setting stored somewhere that is writeable only by an administrator account.

Firefox ESR releases have such a setting. Firefox current lacks this setting because Mozilla wants to avoid a situation where it becomes common to social-engineer users into elevating to change this setting. Home users are more likely to use Firefox current, but they're also less likely to need an in-house private extension. Home users who make their own extensions can use Firefox Developer Edition.

Use Firefox trademark against binary patchers

[tepples]

Checking for the most common patterns just means people will find less common patterns. It isn't hard to avoid with trivial obfuscation.

Obfuscation kicks an extension into the manual review queue.

Mozilla is not capable of hand-inspecting add-ons to that level of certainty, they either automate signatures or they take way too long.

Mozilla automates signatures for easy cases and admits to "tak[ing] way too long" for hard cases.

Someone that naive can be social-engineered into running a binary patcher too.

There exist both branded builds and unbranded builds. Unbranded builds allow use of unsigned extensions but lack the Firefox name and logo. This gives Mozilla a hook to sue the distributor of such a binary patcher for trademark infringement.

Make it warn at every startup before the add-on is initialized that they are using a questionable add-on.

Or provide a separate way to install unsigned extensions in such a way that they're automatically uninstalled when

Re:

[tepples]

Detectable obfuscation is, by definition, an obvious malicious pattern.

Not always. Sometimes it means "I licensed these functions from a third party under a contract that forbids me to disclose their source code." The Review Policies [mozilla.org] states: "If your add-on contains code that you don't own or can't get the source code for, you may contact us [mozilla.org] for information on how to proceed."

Re:

[The-Ixian]

Sounds like there are a few options for you.

According to https://wiki.mozilla.org/Addon... [mozilla.org], you can use a dev or nightly build which will have the about::config option to disable signing enforcement. This would allow you to keep on a current build.

Otherwise, like you say, submit the extension to Mozilla for signing. There are also automated methods to do this using an API or the jpm util.

Or be mature - separate the magic algo from the UI

[raymorris]

It would be nice if Firefox allowed extensions signed by trusted certs, rather than just their own. The infrastructure is already there for certs uses for TLS.

Since they didn't do that:

> So if you have an in-house developed extension that contains proprietary business information, you must choose between getting it signed or running versions of firefox that do not receive regular security updates

A third option is to separate your proprietary logic algorithms from the user interface. Firefox is one UI. Y

Re:

[tepples]

Assuming that by "propitiatory" you meant "proprietary": Firefox ESR will continue to include a "disable signing" option.

Re:

[CrashNBrn]

Add-On Signing is optional in Firefox Developer (aka Aurora), and Firefox Nightly.

Re:Whoops

[chefmonkey]

Ah, I follow your logic: "Whoa. Firefox is now better in performance and memory footprint than Chrome. But it has THE EXACT SAME ADD-ON SIGNING POLICY AS CHROME, so... you know... fuck it. I'll stay on the worse browser."

Re:Whoops

[chefmonkey]

Replying to myself, because I realize this isn't entirely accurate: Firefox lets you host your (signed) add-on on your own site if you want. Chrome absolutely requires you to download it from Google servers.

Re:

[Anonymous Coward]

And even that misses the point, I think. Until now, Firefox also let you write and deploy your own unsigned add-on, even if you don't host it anywhere. There are businesses who have created Firefox add-ons specific to their corporate intranet. These add-ons are only used inside the company, they aren't hosted anywhere, no one wants them to be hosted anywhere. And more specifically, no one wants to submit their corporate property / business logic / trade secrets to Mozilla to be blessed with an unnecessary s

Re:

[chefmonkey]

Right. What you want is horrifically insecure, which is why everyone is moving to disallow it. Chrome beat Firefox to the punch, but this change has been desperately needed for a long time. As long as you have a product used by millions of users, it's a giant blinking target for malware. Signing is entirely about being able to pull that malware out of the field after it is discovered -- and there's some really skanky add-on based malware out there.

As has been mentioned, if you don't like it, you have option

Re:

[Dagger2]

It can be done just fine without being horrifically insecure, for instance by putting a list of acceptable extension fingerprints in /etc/. Why Mozilla won't do that I'm not sure -- I've not been able to get a straight answer out of them that isn't obviously wrong.

There are no options for dealing with this in Firefox. There are a few options (like Nightly, unbranded builds, other browsers) where you side-step the problem with Firefox by not using Firefox, but none of those options fix the problem for people

Re:How much more Chrome-like is it?

[LichtSpektren]

No changes in the UI. And Classic Theme Restorer still works: https://addons.mozilla.org/en-... [mozilla.org]

Re:

[trawg]

There's one change I've noticed - the awesomebar dropdown has changed. I think it's the "Searching for something already in your bookmarks or open tabs? We added super smart icons to let you know" referred to in the official release notes [mozilla.org].

The icons look different and the layout of the content is slightly different. Here's a shot of the previous version [qgl.org] and the new version [qgl.org].

Classic Theme Restorer -> Location bar (3) -> Alternative appearance seems to restore the previous layout but it seems to still hav

Re:

[LichtSpektren]

Have you tried using the Extended Support Release instead of the stable branch?

Telling them to "stop with the useless bells and whistles" and instead "stabilize the code" is exactly what they're doing these days.

Re:

[CrashNBrn]

Except they haven't done that. ALL of Firefox's tabs are within the same "plugin-container.exe" process.

Re:

[LichtSpektren]

You can turn it off. In Nightly, right now the setting is in Options -> General -> "Enable multi-process Nightly [Firefox]"

Re:

[ArchieBunker]

I have to know. What are you doing with those 120 tabs? It takes me all of 3 seconds to see if a page is worth my time before closing it. Are you a hoarder?

Re:

[LichtSpektren]

You can still use unsigned addons in the Developer and Nightly branches. If you're willing to void any promise for support, you can also use an unbranded version of the stable branch: https://wiki.mozilla.org/Add-o... [mozilla.org]

Re:

[sexconker]

The developer and nightly builds will require signing soon.

And there's no EME-free unbranded build.
And the unbranded builds currently auto update to the branded builds.

Re:

[tepples]

The developer and nightly builds will require signing soon.

Citation needed. I thought the whole point of the developer build was to let its users develop websites and extensions, possibly using experimental features that'll be introduced two releases from now.

Re:

[ewhac]

Come to think of it I recall ff flat refused to cooperate with my old router web page based on ciphers - has this been fixed?

No idea; go visit the manufacturer's Web site for your router and see if there's a new firmware release that removes the deprecated ciphers.

Re:

[sexconker]

It's been "fixed" in the sense that FF and Chrome will just tell you to eat a dick if you so much as try to look at SSLv3 encrypted content.
Download a portable release of FF 31 or something.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[account_deleted]

Comment removed based on user account deletion