dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
5785
share rss forum feed


Insight6

join:2012-08-25
reply to therube

Re: Mozilla Firefox 16.0.1 Final

said by therube:

Check to see if browser.zoom.siteSpecific is set to true in about:config.

Yes, it is.


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

1 recommendation

reply to Mele20

said by Mele20:

Fx 10.0.9 ESR is not yet available at least via internal updater. Mozilla says it was released on Oct 11 but I can't get it.

It's up

»Re: Firefox 16.0 Released
--
Gladiator Security Forum
»www.gladiator-antivirus.com/

BangBang

join:2000-07-05
Fairview, NJ
reply to NICK ADSL UK

My tablet got updated to 16.0.1 and it crashes immediately upon loading. Now I have to find an older apk since google store only has the newest ver.



Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

2 edits

Does this help ?

»wiki.mozilla.org/Mobile/Platforms/Android
they appear to have fennec-16.0.en-US.android-arm.apk on their own sever.

Ok..here are all the previous versions for android make sure you get the one for your specific device.

»ftp.mozilla.org/pub/mozilla.org/···eleases/


slajoh01

join:2005-04-23

I deleted FF entirely from my machine. It seems to me that the later versions are becoming unstable and more vulnerable as far as security goes than the older versions of FF.

And to mention, a lot more slower as well.

For the fans of FF, I would download the older versions or use Chrome.

This is becoming horrible.

I know no browser is perfect, but Im sticking to IE for the moment.


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:4

1 recommendation

I agree but I think ALL recent and current versions of all browsers except IE have deteriorated horribly, are unstable and generally a big fat mess. I don't like IE 8 but at least it is stable and I do not have to go insane with update after update after update and IE 8 is supported for a very long time. All the browsers went bad when they decided to do rapid updates.

Even Opera is a complete mess now and that is shocking for Opera to be as broken as it is currently. And it only started when Opera felt compelled to join the constant update frenzy. I have Fx 4 and Fx 10 ESR. Fx 4 is far superior to Fx 10 ESR in terms of stability, very seldom crashing, very few problems and lacks ONLY the ability to do HTML5. In no other way is it a lesser browser than Fx10 ESR. Fx10, on the other hand, has a myriad of problems, crashes a lot, is very unstable. I can't imagine the versions since 10 how awful they must be. 10 has only one advantage over 4 ... it can do HTML5. It has one horrific disadvantage and that is the horrible plugin container.

Sea Monkey used to be a really nice browser with an email client. Now it is just as crippled by constant updates as Fx is and is just as unstable and messed up.

I prefer Opera 10...really old version or Opera 10.10. I prefer Sea Monkey 2.6 or even earlier. When I get a new computer, I will put Fx 4 on it.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


EdmundGerber

join:2010-01-04
kudos:1
reply to slajoh01

said by slajoh01:

I deleted FF entirely from my machine. It seems to me that the later versions are becoming unstable and more vulnerable as far as security goes than the older versions of FF.

And to mention, a lot more slower as well.

For the fans of FF, I would download the older versions or use Chrome.

This is becoming horrible.

I know no browser is perfect, but Im sticking to IE for the moment.

What's your Operating System?


Insight6

join:2012-08-25

I run both Win 7 on the PC and OS X on the iMac I too share the criticism of those that state or imply as browsers have rapidly evolved most of them have developed increasing problems with stability and compatibility problems with certain functions or programs, add-ons, plug-ins, etc.

I use IE 9 on Win 7 has it is far and away the best IE MS has ever come with and boy starting with version 4 active desktop they've come up with some dogs--but I fine IE 9 overall good.

I use FF on OS X despite a variety of problems as the default on OS X including new ones with 16.01. It seems like they are updating it every other day to a newer better version.

I also run Chrome and Safari. The latter just for TV Guide--that's all that dog is good for, a Internet TV guide, and Chrome just to stay familiar or when I have a need to use multiple browsers at the same time. Among other things Chrome is a cookie magnet--admittedly the least of its problems.



Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

Chrome a cookie magnet... right.all those websites out there are just waiting to get a visit from a Chrome user..
Set it up so you get no cookies or whatever...it's easy
»support.google.com/chrome/bin/an···er=95647



Insight6

join:2012-08-25

said by Name Game:

Chrome a cookie magnet... right.all those websites out there are just waiting to get a visit from a Chrome user..
Set it up so you get no cookies or whatever...it's easy
»support.google.com/chrome/bin/an···er=95647

Yes you can set it up as you allude. However, it does take an extra step or slightly different setting in its unique settings and advanced settings interface to do that. Admittedly, an easy extra step but an extra step never the less and if you miss it, which is easy if one doesn't pay attention or use it a lot along with multiple other browsers you would be surprised at the cookies it gets, (there are different types of cookies as you know), than some other browsers.

I use OS X Snow Leopard soon to be ML and I use the outstanding cookie control program "Cookie Stumbler." The latter tells you a lot about the specific impacts of specific cookies and sites if you don't have the browser "locked" down.


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

Yes..all browsers "out of the box" need something like that if you refuse to set the internal controls of your chosen browser not only for cookies but more importantly..other vectors that target vulnerabilities users have surfing the web. Seems the trend is to use third party proggies for all of this..and not surprising since many of the browsers have been slow to offer internal controls.

I am not a fan of these third party plug-ins.add-ons or whatever the developers might call them. Too many get broken in the rash of updates we are seeing with browsers as each try to capture more market from the competition.

And I certainly know all the differenet "kinds" of cookies.
--
Gladiator Security Forum
»www.gladiator-antivirus.com/



Insight6

join:2012-08-25
reply to NICK ADSL UK

For anyone running OS X I highly recommend "Cookie Stumbler" a yearly subscription based ($18) program that is specific to dealing with and controlling cookies at various levels and with a great deal of flexibility not available in plug-ins or add-ons or part of any browser. The program controls all cookies for all the browsers through its one interface and its system settings and controls.



Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

1 edit

Yup..big problems when you have OSX..

»www.mac-forums.com/forums/os-x-o···rol.html

»www.macworld.com/article/1168182···ler.html



Insight6

join:2012-08-25

I assume that you are being good naturally sarcastic with your remark about OS X and cookies.

Of course there is no special cookie problem specific to OS X. None. There are however, excellent programs like Cookie Stumbler that allow you to totally control and dictate what cookies can and cannot do system wide including simultaneously controlling browsers like FF, Chrome, and Safari while allowing the user to totally control what stays and what does not.


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

Know it well but don't use it on my Macs..to many other ways to do it...especially on FF for Macs. But to each his own..

General Problems Cookie Stumbler

»support.writeitstudios.com/kb/bugs
»support.writeitstudios.com/kb/bu···lean-why
»support.writeitstudios.com/kb/bu···uld-i-do
»www.macupdate.com/app/mac/40464/···r-family

»www.writeitstudios.com/blog.php
--
Gladiator Security Forum
»www.gladiator-antivirus.com/


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to Mele20

I find IE 9 used with a Hosts file, TPL's and per-site cookie permissions on most sites, suites my needs.

Mozilla 16.0.1 despite MFSA2012-88 not working quite up to snuff with Ad Blockplus for Facebook, works for me.



therube

join:2004-11-11
Randallstown, MD
reply to slajoh01

said by "slajoh01" :

> FF ... seems to me that the later versions are becoming unstable

In what way? Are you crashing regularly?

> more vulnerable as far as security goes

How so?

said by "mele" :

> ALL recent and current versions of all browsers ... are unstable

In what way? Are you crashing regularly?

> IE8 ... I do not have to go insane with update after update after update

Have you had a look at ALL of the updates IE8 has gone through? It is hardly the same kid it was when it was originally released in 2009 or so. Now are you safer because MS fixes security exploits in it less regularly?

> SeaMonkey ... is just as unstable

Unstable in what way? Are you crashing regularly?

> I prefer SeaMonkey 2.6

How is SeaMonkey 2.6 much different from the current 2.13.1 or even the first 2.1?
To get to a different architecture, you'd need to drop back to 2.0.14.

slajoh01

join:2005-04-23

It seems that FF 4 and even 3.6 were the most stable versions.
But version 4 started to support HTML5.

I am dumping 16 and installing 4 as we speak...

As far the security holes in 4, I dont really care as I mostly I use IE 8. I only need FF for this one site which works the best with FF.



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to NICK ADSL UK

Total Recall - The Details Behind Firefox 16 Recall

• »www.securityweek.com/total-recal···6-recall



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

The fierce competition between Web browsers’ vendors has created an “arms race” in which each vendor adds functionality and technologies at an ever growing pace in order to provide a richer web experience for users increase market share.

Translation: We put stuff in without really testing it and have our users find any bugs.

This is nothing new. Almost everyone that develops software/firmware has the same model.
--
Don't feed trolls--it only makes them grow!


therube

join:2004-11-11
Randallstown, MD
reply to siljaline

Thanks for that.

quote:
When the user browses to the attacker’s web page, a Javascript on that page opens a new browser window with a Twitter’s lists URL (»twitter.com/lists). If the victim is signed in to Twitter, then the window is automatically redirected by Twitter to the victim’s personal lists page and the URL now contains the victim’s personal twitter ID (e.g. »twitter.com/Imperva/lists). The attacker’s Javascript now queries the new window for its URL by using the location object. On previous versions, the same origin policy had failed such requests.

However, in Firefox 16 the same origin policy was not implemented correctly and allowed the attacker to gain access to the URL, allowing the leakage of personal data such as the victim’s Twitter ID in this case.

So that's why the POC didn't work for me when I tried it. I don't twit!
(Now I might just sign up for Twitter just to see what it does, nah.)


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

said by therube:

Thanks for that.

Jiggy-doo


therube

join:2004-11-11
Randallstown, MD
reply to therube

> Stupid testcase showing complete lack of even rudimentary security checks here

> One thing I can't understand is how we could possibly not have had a test for this

Bug 799952 - (CVE-2012-4192) Cross domain access to the location object



therube

join:2004-11-11
Randallstown, MD
reply to StuartMW

Can't say I agree with his summary, "The future of JavaScript security".



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico
reply to StuartMW

Another way of putting the Beta business model is:

It's available for pre-release testing [...]

MS Releases IE10 preview for Win 7 users:
»blogs.msdn.com/b/ie/archive/2012···ber.aspx