Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Firefox IT Technology

Firefox 83 Arrives With HTTPS-Only Mode and Faster Performance (venturebeat.com) 56

Mozilla today launched Firefox 83 for Windows, Mac, and Linux. An anonymous reader shares a report: Firefox 83's highlight feature is HTTPS-Only Mode, in which the browser attempts to establish fully secure connections to every website (just like the EFF's HTTPS Everywhere). If it can't, Firefox asks for your permission before connecting to a website that doesn't support secure connections. To enable HTTPS-Only Mode, click on Firefox's menu button, hit Preferences, then Privacy & Security, scroll down to HTTPS-Only Mode, and choose "Enable HTTPS-Only Mode in all windows." [...] Firefox 83 also brings performance improvements (improved page load performance by up to 15%, page responsiveness by up to 12%, and reduced memory usage by up to 8%). Firefox 83 is also the penultimate version of the web browser that will run Flash software; Firefox 85 will completely disable it when it arrives on Jan. 12, 2021.
This discussion has been archived. No new comments can be posted.

Firefox 83 Arrives With HTTPS-Only Mode and Faster Performance

Comments Filter:
  • by fustakrakich ( 1673220 ) on Tuesday November 17, 2020 @12:32PM (#60734814) Journal

    But in the future? Not bloody likely

    • I'm sure it will just be a similar page like when you try and connect to a site with self signed, expires, misconfigured ssl certificates. I for one applaud Firefox for doing this.
    • If they're disabling http traffic, then I hope they're not offering any click-through options for miss-matched site certificates either, or it kind-of defeats the purpose. We all know users will blindly click through anything to get to their websites.

  • by Anonymous Coward
    Firefox annoyance. Every update re-enables DNS over HTTPS, ignoring my setting that has it disabled.
    • by fahrbot-bot ( 874524 ) on Tuesday November 17, 2020 @01:59PM (#60735140)

      Firefox annoyance. Every update re-enables DNS over HTTPS, ignoring my setting that has it disabled.

      Create a file named "user.js" in your Firefox profile folder and put this in it with a value of 0 or 5:

      // Control DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR).
      // 0: Off by default, 1: Firefox chooses faster, 2: TRR default w/DNS fallback,
      // 3: TRR only mode, 4: Use DNS and shadow TRR for timings, 5: Disabled.

      user_pref("network.trr.mode", 0);

  • by xack ( 5304745 ) on Tuesday November 17, 2020 @12:36PM (#60734832)
    Across the entire internet. Firefox is just beta testing for them. Say goodbye to Windows XP, Vista, 7, and other old Windows. Say goodbye to old Androids and iPhones. It will be TLS 1.3 mandatory soon and only Google-tax paid trusted certificates.
    • You're assuming everyone upgrades the instant a new version comes out. As difficult as it may be to believe, not all of us want the extra overhead and lack of configurability brought on by this cruft of code.

      • ...you are right at leas in one sense : many people, like me, trend to follow the automatic upgrades proposed by their distro. And in that case, the LTS versions are very late compared to the current, latest version...

    • Okay, Goodbye! Don't let the door hit you on the way out.

      • Okay, Goodbye! Don't let the door hit you on the way out.

        I'm sure he sees the error of his ways now.

        Ever think you'd see the day that you pined for the intellectual stimulation of the 1990s Internet?

        Yeah, me either, yet here I am, doing exactly that.

    • Comment removed based on user account deletion
      • by bn-7bc ( 909819 )
        Well EOLed network connected devices shuld be replaced, why isnIt this as natural to people as replacing worn out break pads replaced on their cars? Sorry about the car analogy but it is the same thing (- the government requiring the break pad change) it is just sensible maintenance, what am I missing here?
        • For most manufacturers for things like printers, EOL is as soon as they feel there's no money in firmware updates, which usually isn't a very long time. So unless you throw out your network printers every 6 months, this is going to a problem. I guess I can keep a suitably outdated browser around like Opera 12 for things like this.

    • by bn-7bc ( 909819 )
      As long as letsencrypt issued certs ar on the aproved list I’m happy
  • local subnet? (Score:5, Insightful)

    by algaeman ( 600564 ) on Tuesday November 17, 2020 @12:38PM (#60734842)
    I really wish they would disable this for the local subnet. The behavior where it automatically changes your URL to https if it can't connect to an unsecured httpd on your local network is really annoying for developers.
    • Re:local subnet? (Score:5, Insightful)

      by thegreatbob ( 693104 ) on Tuesday November 17, 2020 @01:11PM (#60734966) Journal
      Also devices with simple http services such as cable modems, home gateway routers (to a lesser degree) and some managed switches.
      • Re:local subnet? (Score:5, Insightful)

        by WoodstockJeff ( 568111 ) on Tuesday November 17, 2020 @01:21PM (#60735008) Homepage

        Or those that DO have a built-in certificate so they can provide an HTTPS connection, until that certificate expires, and the browser refuses to connect because the certificate is no longer valid.

        It's already a pain to deal with browsers that won't allow self-signed certificates, and refuse connections for our own safety.

        • While it is still annoying, I havenâ€(TM)t encountered any that I couldnâ€(TM)t make an exception for relatively quickly in currently available versions of Firefox. If they are going to continue to have that option available, it shouldnâ€(TM)t be too bad. Just annoying.
        • Comment removed based on user account deletion
    • Re:local subnet? (Score:5, Insightful)

      by TheDarkMaster ( 1292526 ) on Tuesday November 17, 2020 @02:13PM (#60735198)
      Just annoying? I would love to break the face of the retard who decided to do this. As well as the clown who decided to hide the "http://www" url part so you don't know exactly what type of connection is being done.
      • I would love to break the face of the retard who decided to do this. As well as the clown who decided to hide the "http://www" url part so you don't know exactly what type of connection is being done.

        It's OK, it's Firefox, just wait until the next release and it'll have been changed again. In the meantime add the following to userChrome.css:

        /* Highlight HTTPS URLs */

        #urlbar[level] .autocomplete-textbox-container > * {
        background-color: #FFFFB7 !important;
        }

  • by smooth wombat ( 796938 ) on Tuesday November 17, 2020 @12:54PM (#60734894) Journal

    When I tell the browser not to provide any "suggestions" when I type in the address bar, it should do just that. It does nothing. No hints, no words, no phrases, no nothing. It sits there and waits until I'm done typing and then goes to the page I typed.

    As for going to pages, it does just that. It doesn't harass me with warnings about this or that. I put in the page, it goes there. End of story. No, I do not want to jump through hoops to enable or disable this or that. I want to go to the web site, you go there.

    Nor do I want any notifications of any kind about any available updates. I know there are updates out there. I'll get them when I feel like it. It's why I turned off automatic updates or even the ability to download and wait for me.

    A web browser should do one thing and one thing only: display web pages. It should not, to use the whining of many on here, be a gatekeeper to where I want to go or what I want to do. It should not think, contemplate or decide it knows better than me. It should do what I tell it to do and that's it.

    • by Computershack ( 1143409 ) on Tuesday November 17, 2020 @01:00PM (#60734924)

      Which is all well and good and was a perfectly valid opinion to have back in the day when you actually had to know something about computers in order to be able to use them. However in today's world where a computing device running a web-browser is now basically an appliance dumbed down so much that even the mouth breathing masses who refer to an internet connection as "the wifi" that handholding is needed in order to maintain some level of security.

      And whilst you may think that the handholding is inconvenient now, it pales into insignificance to what it would be like trying to do anything online with tens of millions of computers, smartphones and tablets riddled with malware spewing terabytes/sec of shite all over the internet.

      • by jellomizer ( 103300 ) on Tuesday November 17, 2020 @01:55PM (#60735126)

        You don't remember back in the day that well do you?

        Unless you are going further back where you needed to do a dialup SLIP connection. Even when PPP connection came out for Dialup, most of all the details were abstracted away from you.

        After you have connected to the Internet, even early browsers were rather easy to use. Type in the address then go on from there. Most of the people who were not that good with computers had a default webpage setup, Aol, Yahoo, Alta-vista... And avoided the address bar like a plague. If told to say go to www.microsoft.com they would use the search engine and search for www.microsoft.com. It bugged the heck out of me seeing people do this... However after myself having gone to say www.mcrosft.com leading me to a page I didn't expect. Having them use the search engine probable wasn't such a bad idea, as it normally will correct for many mistakes. Even back in the Early/mid 1990's

        Newer Computers OS's aren't any more abstracted than the older one. They are more powerful, thus handle the abstraction more easily.

      • And whilst you may think that the handholding is inconvenient now, it pales into insignificance to what it would be like trying to do anything online with tens of millions of computers, smartphones and tablets riddled with malware spewing terabytes/sec of shite all over the internet.

        Well then, you can't complain when Microsoft starts implementing tons of new features to handhold its users since Windows 10 is the dominant OS on the market. Imagine trying to do anything online with hundreds of millions
      • The good old days, when Sprint was trying prevent me from signing up for their dial-up service because it "required Windows." I just kept demanding they tell me the various IP-addresses so I could populate the info in my TSR DOS Dialer.

      • About the same time the hand-holding started, is when commercialization took over the Internet and even with ad-blockers I have auto-play videos rammed in my face all day. The Internet today is practically intolerable compared to what it was 20 years ago.

        Hand-holding isn't about keeping people safe from shite. It's to make sure they can't fight against it.

    • If you like, you can just use your HTML rendering engine, then slap a simple UI on it. Then you get a no feature browser.

      However over time, these suggestions do help out in terms of security, as there is a less of a chance of me hitting a phishing site. As it will use Google or some other somewhat respectable company to give you the best option.

    • by Ksevio ( 865461 )

      Sounds like you're not a standard user. Those are all features I want in my browser.

      Auto-complete (suggestions) are very useful to me. I like being able to type the start of a URL for a site I frequent and have it complete and I like when I'm searching for something for it to finish the search terms. I guess most people don't enjoy typing as much as you

      When I go to pages, it should definitely alert me if there's a security issue. No other way I'd notice if a website or my connection was compromised.

      For u

  • by Vlad_the_Inhaler ( 32958 ) on Tuesday November 17, 2020 @12:55PM (#60734896)

    Not sure if this has already made it here - I don't read Slashdot on my phone when I'm travelling - but Microsoft also has a way of killing Flash for their browsers.
    It is KB4577586, and if you subsequently change your mind you will need to reinstall Windows or fall back to a previous recovery point.

    As to https, some of the sites I use have absolutely no financial or security information on them and are therefore http only. If Firefox tries to prevent me looking at them then they won't have to worry about me browsing them with Firefox. Nuff said.

    • by roca ( 43122 )

      https is about much more than just protecting "financial" or "security" information. For example people browsing over http can be redirected to arbitrary destinations as a DDoS attack. See https://en.wikipedia.org/wiki/... [wikipedia.org]

  • I need this sometimes

  • Is there any reason to be using Firefox at this point? Use Waterfox.
  • In shared hosting environments, it is common to have many sites on a single IP address with HTTP and HTTPS servers running. But small web sites often don't have HTTPS set up, especially if they've been around before Let's Encrypt came along. Connecting to these HTTP web sites through HTTPS will just make the browser throw a certificate error at you, and then, if you choose to ignore the error, probably show a web server default page, not the same content you would get via HTTP. You can not assume that you w
  • Why is it taking so long for them to get rid of the Flash cancer? "Corporations" .. seriously? These corporations can't invest in switching out of it? They should be taken over by a startup.

  • For 8 years sites can sniff to see that you're in private mode - bugzilla.mozilla.org/show_bug.cgi?id=1506680 - and I'd like them to take that security seriously.

  • Firefox 83 is also the penultimate version of the web browser that will run Flash software; Firefox 85 will completely disable it when it arrives on Jan. 12, 2021.

    What about Firefox 84, you insensitive clod?

  • by Zarhan ( 415465 ) on Tuesday November 17, 2020 @04:05PM (#60735500)

    What would be the best way to run flash after 2020, with least amount of hassle?

    There a bunch of places that need flash next year too. With e.g. Cisco UCS-E series servers you cannot even upgrade the firmware to a HTML5-based version since there isn't one available. Yet we still would like to access that CIMC interface.

    Setting up a VM to run older browser and last version of Flash seems overkill. Would installing e.g. Firefox portable (with the ESR 78), https://portableapps.com/apps/... [portableapps.com] with the flash plugin alongside the "normal" firefox be a good solution?

    We could probably put in application specific firewall so this old version will not allow access anywhere but to those specific hosts that run those old flash interfaces...but has anyone cooked up a solution and tested it yet?

    • How to run flash after 2020: you don't.

      Either you update your crap to a new version that does not require Flash or you buy something new that does not require Flash.

      Optionally, if you live in the USA you can probably try to sue the company that made your crap, for relying on Flash.

    • by arQon ( 447508 )

      > Setting up a VM to run older browser and last version of Flash seems overkill.

      No, that's EXACTLY what you should be doing.

      > Would installing e.g. Firefox portable (with the ESR 78) ... with the flash plugin alongside the "normal" firefox be a good solution?

      No, it would be a terrible one.

      You have the right answer already. You even came up with it yourself. Stop trying to talk yourself into doing something that you KNOW is utterly Stupid And Wrong.

      The difference in overhead is about 300MB of RAM and a

    • There is the standalone Flash Player projector available for Linux, Windows and Mac that can run locally saved SWF files or from a URL.
      It may not work with odd Cisco equipment that may do funky things that need it embedded in a web page but it's worth a shot.
      https://www.adobe.com/support/... [adobe.com]

    • I don't think there's a single "best" solution, but here's mine:

      I run Qubes, so running things into their own VMs is easy and seamless. I created a Flash Qube (VM), and installed the Adobe Flash standalone player (not the browser plugin). To make the player open automatically:


      user@flash:~$ cat .mailcap
      application/x-shockwave-flash; ~/apps/flashplayer '%s'; test=test -n "$DISPLAY"
      user@flash:~$

      I automated things a bit to make it seamless with my normal browser in my Web Qube. First, I created a Desktop entry as a custom handler for .swf:


      user@web:~$ cat ./.local/share/applications/swf.desktop
      [Desktop Entry]
      Version=1.0
      Terminal=false
      Type=Application
      Name=Open SWF in flash VM
      Exec=qvm-open-in-vm flash
      MimeType=application/x-shockwave-flash
      user@web:~$

      Next time I tried to download a .swf file, Firefox asked me what to do with it, I chos

      • by Zarhan ( 415465 )

        This looks like a good approach if it works. Thanks. Better keep that VM as a fallback anyway.

        And to "just upgrade", it's not "my" systems, it's my customers. If they want to run such thing and pay for the maintenance work knowing the risks then all I can do is to attempt to mitigate those.

  • by drafalski ( 232178 ) on Tuesday November 17, 2020 @04:35PM (#60735586)

    I stopped updating it on my phone a while ago (looks like that was v79 in August). Have they update per any user feedback yet?

CChheecckk yyoouurr dduupplleexx sswwiittcchh..

Working...