Why hasn't Mozilla developed a Chrome-like sandbox for Firefox?

I agree with both of you. We can't hold it against Firefox if users don't utilise security add-ons. But that doesn't mean most users should even be aware of those. Ok, they should, but reality is a different story. Most users just want a browser that works. As has been mentioned before, for most it's just a matter of hearsay: "This browser is good vs. that browser sucks." A smaller but still big number of people will be aware that this is safer, that is faster, etc. But more detail is for people who work with computers or for enthusiasts.

Today, browsers are incredibly important, they're used by most if not all computer users. So it is indeed important that they are as safe as possible out-of-the-box, especially for the average non tech-savvy user.

 

MoonBlood,

I understand where you coming from, and I agree there is way to much, even for a seasoned geek to learn and retain, but I'm speaking about a more average user level. The average computer user should known that a browser is for searching online for pictures, videos, email, and websites. Default settings/configurations and simple UIs are as you said a way to make good use of the wheel. This falls on the developer; however, the client at some point will need to be engaged in the decisions process. It's these decisions that hurt security and privacy the most. It ultimately falls on the client, not the application. The client is expected to understand how to use the browser .. not how the browser works. So if an 8 year old can navigate a browser menu and settings without an instruction manual. Shouldn't we expect the same from a grown adult? After all, we dumb down (simplify) everything for users. Hopefully that clarifies what I'm trying to say, and its okay if you don't agree. I'm not suggesting we take users and put their hand on the stove so they burn themselves. Rather, I think we should let them do things their way and if they happen to burn themselves. So be it. They learned something.

 

A good reminder, thanks.
I've used icacls "file or path" /deny usersoi)(ci)(x) on /appdata/ + all sub folders and there are no ill effects.

 

I agree that at some point, a user's decision will need to be made when facing some situation while browsing the Internet/checking e-mail, etc. But, there are situations when they simply cannot make such decision.

I don't expect anyone to decide whether or not some advertisement will lead them to a malicious domain hosting an exploit to exploit some browser security vulnerability, for example. Unless millions of users are capable of verifying it on their own, and on dedicated systems, there's no way they can do. This is where both the operating system and web browser come in.

Google Chrome simply makes great use of Windows own sandbox/other mitigations. (They also sandbox in Linux, but I'm familiar with Windows.) Most of the work was done by Microsoft itself, it's in the operating system.

This will help them, when they cannot make such decisions you're talking about. Not only helps them, as it won't put the burden of configuring anything on their shoulders.

So, I agree they (the users) should care, but so should the developers of such software that will expose them to threats at a larger scale.

I actually recall a relative receiving an e-mail from a friend, which lead to a malicious domain (it was blocked by AVG LinkScanner back then). This thought my relative a lesson: always be suspicious. It turned out that this friend's system was infected, and sending e-mails to the contacts that were in the e-mail program.

Regarding Firefox, whether they will ever introduce a sandbox or some other methods, as long as it will help users and not put the burden of configuration on their shoulders, it will be welcome. I just hope it won't come too late in the party, though.