Mozilla Firefox

Discussion in 'other software & services' started by Hadron, Aug 27, 2016.

  1. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    Note that browsers run HTML and JavaScript code. The most common type of code injection is JavaScript based:
     
  2. reasonablePrivacy

    reasonablePrivacy Registered Member

    Joined:
    Oct 7, 2017
    Posts:
    2,001
    Location:
    Member state of European Union
    No, they are talking about Javascript code injections.
    In the larger perspective there are many types of code injection attacks. Most common is SQL injection, but it didn't affect browsers (probably). When somebody is typing commands into terminal i.e. bash interpreter there are possibilities to inject code. Binary code injection into process memory is just one type of code injection.
     
  3. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Hi Rasheed, the link you posted is for Firefox 56 and earlier versions. For Firefox 69.0.3, that article is old.

    Since Firefox 63 came out in October 2018, you can not disable automatic updates via Options or about:config. Perhaps you can still disable the nagging or warnings about new updates which is what I guess you are talking about, that I don't know as I always maintain Automatic updates disabled. Perhaps you are right.

    Bo
     
  4. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    I would contend Chrome is still the most secure browser, because of its sandboxing technology and strict site isolation. However, it’s undoubtedly the most privacy-invasive browser, therefore trumping its security as only a secondary reason for choosing it over one such as Firefox, for example, or even another Chromium-based browser that doesn’t spy on its users.
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Yes correct, it was the nagging that bothered me, this can still be disabled. But I'm using Firefox 63 and you can also still disable "automatic install" of updates, this is the most important to me.
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Well, then it's boring to me. I would rather see them hardening Firefox against memory code injection. This is what they have already done with Chrome and Edge.
     
  7. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    Yeah, I'll believe that when I see it. If you look at the list, Chrome didn't win because it failed 3 privacy options
    - Lack of support for a master password mechanism (Chrome, IE, Edge)
    - No option to block telemetry collection (Chrome, IE, Edge)
    - Lack of organizational transparency (Chrome, IE, Edge)

    Meanwhile, Firefox doesn't have strict site isolation yet.
     
  8. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,868
    2020 for Firefox and for Android not in 2020 - someone told me.
    "fission" is only at its first steps.
     
  9. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    You can set this in Firefox about:config

    security.sandbox.content.level = 5
     
  10. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Hi Rasheed. Its very likely your Firefox 63 is the only Firefox 63 installation in the entire world in which you can disable automatic updates via Options or about:config.

    Like I told you earlier, those Options were done away with in Firefox 63.

    Thats why now, to disable Firefox from checking and installing updates automatically, you must use a policy.

    Read the link below, specially the first line of the opening post.

    http://forums.mozillazine.org/viewtopic.php?f=23&t=3041932

    Bo
     
  11. Marwood

    Marwood Registered Member

    Joined:
    Aug 11, 2019
    Posts:
    20
    Location:
    UK
    According to MajorGeeks, Firefox 70 has been released although you can't get it via the browser yet. You can use the link on MajorGeeks site:

    https://www.majorgeeks.com/files/details/mozilla_firefox_70.html

    which will eventually take you here

    https://download-installer.cdn.mozilla.net/pub/firefox/releases/70.0/

    where you can download either the 64-bit or 32-bit version of Firefox 70 in your preferred language.
     
    Last edited by a moderator: Oct 21, 2019
  12. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    2,068
    Location:
    Serbia
    According to their wiki, it should be available tomorrow -
     
  13. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Is FF 70 the version that defaults to "DNS over https" ?
     
  14. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,219
    Location:
    USA
    Firefox auto-updated to v70 this morning ( 10-22-2019 ) :thumb:
     
  15. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,867
    Location:
    Outer space
    That has already been default for a while, and does not offer anything similar to site isolation afaik.
     
  16. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    It was there starting w/ver. 69.0.3. It defaults to Cloudflare servers but can be modified to whatever.
     
  17. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Thanks @itman for your reply :)

    Yes, I understand that DNS over https (DOH) defaults to Cloudflare IF you choose to enable DOH.

    My query was directed to whether or not DOH was enabled on all clients by default. Mozilla has been slowly rolling out DOH on a testing basis but has said that at some time soon DOH would be enabled by default on all clients.

    Moz as now published release notes for FF 70 and DOH has not yet been enabled by default on all clients:

    https://www.mozilla.org/en-US/firefox/70.0/releasenotes/
     
  18. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    i have just updated to 70 but seems slower than 69.0.3 , maybe it's adguard that slowes down
    have you noticed a slow down with some adblock extensions?
    tahnks
     
  19. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    As far as I am aware of, it was enabled by default as of ver. 69.0.3. Prior to that, it was an optional setting.
     
  20. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    Not enabled by default for me.
     
  21. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,868
  22. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
    hi
    but does somebody upgrade to v70?
     
  23. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    I am on ver. 70 and have no noticed any performance issues.
     
  24. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,410
    Location:
    U.S.A.
  25. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    6,167
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.