1 edit
1 recommendation |
to beck
Re: Mozilla will automatically disable all plug-ins in Firefoxsaid by beck:Well, what if I don't want my plug ins turned off? Pretty f*ing high handed of them. +1 It's still my pc, not theirs. My responsibility, and ultimately my decision. They need to get over themselves. ETA: Firefox used to be the "yes you can" browser. They've turned into the "no you can't" nanny browser. It's really sad. |
|
therube join:2004-11-11 Randallstown, MD |
Do you install security updates from MS? Including those ones, those "killbits"?
Killbits are "no you can't"?
Do you use that service from Google (also included in FF) that says, "no you can't" when you want to visit a "bad" website?
Do you use the OpenDNS service, & one that filters, oh "bad" stuff? Perhaps porn or warez or whatever "bad" might be, you know, one of those "no you can't" DNS services.
Do you specifically try avoid particular websites when you browse, because you know they are bad or harbor bad things? Well guess what, in that case you are your very own "no you can't".
And in the end, for every "no you can't", well there is a way to "just say yes". |
|
NOYBSt. John 3.16 Premium Member join:2005-12-15 Forest Grove, OR |
to goalieskates
said by goalieskates:said by beck:Well, what if I don't want my plug ins turned off? Pretty f*ing high handed of them. +1 It's still my pc, not theirs. My responsibility, and ultimately my decision. They need to get over themselves. ETA: Firefox used to be the "yes you can" browser. They've turned into the "no you can't" nanny browser. It's really sad. It may be your PC but it is their product to design and build anyway they please (see fit). If you don't like their product then don't use it. Quite frankly the masses need this protection. It is unreasonable to expect everyone out there using a computer to be a tech guru and keeping up to date with all the security threats and issues. Just like it would be unreasonable for everyone out there driving a car to do all their own maintenance and repairs. Some can but the masses cannot. Especially when it comes to safety devices such as brakes and air bags. And it is unreasonable to expect them too. Safety devices are not always only for the safety of the user/operator but the safety of others as well. |
|
2 recommendations |
said by NOYB: It may be your PC but it is their product to design and build anyway they please (see fit). If you don't like their product then don't use it.
Quite frankly the masses need this protection.
The masses do NOT need this protection. Your basic assumption (and that of FF) is that the masses are all stupid and won't listen if warned. It's a top down, we-are-the-experts mindset, much like DHS preaches, and really not that far from tyranny. Big Brother will decide. Even if they get it wrong, they will decide. It's also light years away from the original spirit of Mozilla. That may not bother you, but it's a definite shift away from what they were, and I find that really sad. They were special, and it made them great. A lot of really generous and talented people contributed to them in a spirit of openness and giving. They didn't sneer at the masses or their own customers. Now they're just a royal pita, and I find myself unwilling to update any of their stuff for fear of "features" like this one. If nothing else, this gives me newfound respect for all those companies that refuse to budge off IE6 - and find other ways to secure their browsers. Maybe they have a point we've all been overlooking - that you can as easily be taken out by your browser vendor as you can by the bad guys. Either way, you're dead. Heh. |
|
|
Well atleast I found a way to get around Click-to-Play so to speak. I just open Blocklist.xml and remove everything under the "Pluginitems" section. As therube pointed out above with » kb.mozillazine.org/Blocklist.xml you can also turn off updating and enter the updates you want from the list online. This is what Pro users like ourselves and Corporate customers using the ESR releases need to get around this and take back control. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
to therube
said by therube:And in the end, for every "no you can't", well there is a way to "just say yes". Apparently not so. At least not with Win 8. |
|
Mele20
1 recommendation |
to kickass69
Why don't you just disable blocklist in about:config? extensions.blocklist.enabled;false I have used the Proxomitron since 2002. It gives me a toggle switch for Flash, Java, etc. I love that because the last thing I want is Flash automatically playing some dumb video when I go to a site. So, I don't see the objection to "click to play". As I understand it, there is no "blocking". Mozilla is doing the same thing Proxo has always done....Mozilla is just very late to the party. I don't use flash on Fx anymore though at all because of the two crap services connected to it that Mozilla has so badly designed that they have to run all the time for no reason. My current concern is HTML5. Why is Mozilla not also making that click to play? They should. |
|
therube join:2004-11-11 Randallstown, MD |
to Mele20
> Apparently not so. At least not with Win 8.
You're speak of what, the OS itself? |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
Mele20
Premium Member
2013-Feb-4 5:25 pm
It's OT but briefly, as one example, Microsoft will not allow a user (even with full Admin rights and UAC disabled in the registry) to turn off Automatic Maintenance in Win 8. You can disable it, but it re-enables itself before its next every 24 hour scheduled maintenance). |
|
Khaine join:2003-03-03 Australia |
to goalieskates
said by goalieskates:said by NOYB: It may be your PC but it is their product to design and build anyway they please (see fit). If you don't like their product then don't use it.
Quite frankly the masses need this protection.
The masses do NOT need this protection. Your basic assumption (and that of FF) is that the masses are all stupid and won't listen if warned. It's a top down, we-are-the-experts mindset, much like DHS preaches, and really not that far from tyranny. Big Brother will decide. Even if they get it wrong, they will decide. The masses have shown that they are not computer literate and need a helping hand at every turn to keep their computer secure. Further, flash is proprietary software, that inhibits the uptake of open standards like html video, so I'm not quite sure how you can equate blocking it to tyranny. If you want to run insecure software you still can. If you read the original blog post (» blog.mozilla.org/securit ··· plugins/) about this: quote: Mozilla is changing the way Firefox loads third party plugins such as Flash, Java and Silverlight. This change will help increase Firefox performance and stability, and provide significant security benefits, while at the same time providing more control over plugins to our users.
Previously Firefox would automatically load any plugin requested by a website. Leveraging Click to Play Firefox will only load plugins when a user takes the action of clicking to make a particular plugin play or the user has previously configured Click To Play to always run plugins on the particular website.
No where does it say they are taking that choice away from you. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
Mele20
Premium Member
2013-Feb-5 7:36 am
said by Khaine:Further, flash is proprietary software, that inhibits the uptake of open standards like html video, so I'm not quite sure how you can equate blocking it to tyranny. If you want to run insecure software you still can.
No where does it say they are taking that choice away from you.
Flash is NOT being blocked. Mozilla is being hypocritical. Why are they letting Flash run amok on Fx but not Java or Silverlight? I guess Adobe must have given Mozilla a lot of money. I'd far prefer complete and total blockage of Flash...no exceptions...it is a piece of garbage and let Java and Silverlight run as click to play. |
|
therube join:2004-11-11 Randallstown, MD |
Then don't install Flash, period. Then disable Flash in Addons Manager. Then block Flash - using click-to-play, using NoScript, using FlashBlock, or whatever other means fit your needs. |
|
SeleniaGentoo Convert Premium Member join:2006-09-22 Fort Smith, AR |
to Mele20
You are a bit behind the times, Mele20. While none of these runtimes are fool proof in exploits, Adobe took their previous failures seriously and got serious about plugging Flash. Seen how many updates they have had(even for Linux)? Some improved hardware acceleration but a good many of them addressed security issues. Adobe got its butt in gear(had to, to save its platform), now Oracle has to.
Mozilla just started doing this and Adobe has improved since they started doing it. I say the best way to approach the unknowledgeable with a screen that says they are disabled. Then give 2 choices: to be directed to update the plugin or disable further warnings(not recommended) with a link to info. It keeps the users freedom while giving the non-savvy warning to get off their butt and update their plugins. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
Mele20
Premium Member
2013-Feb-6 4:09 am
A bit behind the times? How? I have always hated Flash from its inception. I think I still have a bookmark to an prophetic article about the dangers in Flash (not particularly security dangers either) from back around 1999-2000. » www.nngroup.com/articles ··· ent-bad/ |
|
SeleniaGentoo Convert Premium Member join:2006-09-22 Fort Smith, AR |
Selenia
Premium Member
2013-Feb-6 1:09 pm
said by Mele20:A bit behind the times? How? I have always hated Flash from its inception. I think I still have a bookmark to an prophetic article about the dangers in Flash (not particularly security dangers either) from back around 1999-2000.
»www.nngroup.com/articles ··· ent-bad/ Because Flash is not near the security issue it once was. Adobe has made good strides there and Google even +1s them by sandboxing the plugin in Chrome. This was a first for Mozilla and Java is far more dangerous atm. |
|
BlackbirdBuilt for Speed Premium Member join:2005-01-14 Fort Wayne, IN |
said by Selenia:... Flash is not near the security issue it once was. Adobe has made good strides there and Google even +1s them by sandboxing the plugin in Chrome. This was a first for Mozilla and Java is far more dangerous atm. It can be an ugly digital world out there. Any company producing software for the universe of Internet-facing computers has to be dead serious about security and software protection in a major way, or they will face extinction... it's a classic situation of 'go big or go home'. Adobe seems to be learning the lesson (though there may be some dissent on that), and there are now signs Oracle has finally awakened to the smell of smoke and is starting to focus resources on securing Java. Frankly, I have genuine hope for both of them to succeed in this... as I do for all software makers. But the sad reality seems to remain that only when a highly-publicized security mess occurs, will most companies grudgingly spend the resources to patch up their products that were flawed from inception. |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
to Selenia
We are discussing Mozilla finally doing what Proxo has always done...give folks the freedom to decide whether or not to let a plugin run when a webpage is opened or instead have a toggle switch so the user can decide for themselves what happens. The issue is the same as allowing users to control cookies or forcing users to accept all cookies....willy-nilly. It is not a security issue as much as it is an issue of USER CONTROL and right to privacy and not being subjected to some crappy Flash movie unless they desire to see it. So, Flash is just as important, and actually probably more so, because Flash is on so many web pages and Java is not. Who wants some crappy, garbage Flash movie playing when you open a web page? Most users would prefer to choose if they wish to see the Flash movie. |
|