Mozilla push to upgrade older versions of Firefox

Discussion in 'other software & services' started by TheWindBringeth, May 15, 2014.

Thread Status:
Not open for further replies.
  1. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,084
    https://groups.google.com/d/topic/mozilla.dev.planning/FAmU7SeLoJ8

     
  2. DoctorPC

    DoctorPC Banned

    Joined:
    Jan 9, 2014
    Posts:
    813
    Wasn't 3.5 or 3.6 the version a lot of people felt was the best one?

    Interestingly, I would think there actually is some security merit to run the older ones. Who would bother to code malware, or exploits to impact a browser nobody runs? Interesting concept really, but given our Nuclear Missile Systems run on old floppy based systems, precisely for security reasons, I would think there is some validity to it.
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,061
  4. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    See also:
    Mozilla plans semi-silent updates to tug laggards onto the newest Firefox
    http://www.computerworld.com/s/arti...dates_to_tug_laggards_onto_the_newest_Firefox
     
  5. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
    Yet I had nothing but trouble with it. I thought Fx 4 was when it really improved.
     
  6. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    3.6 running fine here :) They won't get me, as Auto Updates is OFF :p
     
  7. DoctorPC

    DoctorPC Banned

    Joined:
    Jan 9, 2014
    Posts:
    813
    3.6 was really a popular Firefox, and with good reason.

    Also, Chrome 14-Stable was the last GOOD Chrome in my opinion. In fact, I still run Chrome 14 - it's becoming really hard to find now that Google has sent 'letters' to anyone offering older versions to remove them.

    Why 14? 14 was arguably the most stable, and fastest they ever released. Also, and more importantly - it was the last revision that allowed you to 'pin' web pages onto the speed dial. Also no spying crap, or forced sync in 14.. So generally that's my choice until Opera decides to allow me to change search engines properly.
     
  8. allizomeniz

    allizomeniz Registered Member

    Joined:
    Aug 23, 2009
    Posts:
    903
    3.6.28 from my cold dead hand! :D
     
  9. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    They don't run on floppies because of security.
    They run on whatever technology was available back when they were developed.
    Mrk
     
  10. DoctorPC

    DoctorPC Banned

    Joined:
    Jan 9, 2014
    Posts:
    813
    Given our defense budget, and the fascination with technology, they'd of long upgraded them if they wanted to. The fact remains - security through obsolescence is a very real security deployment scheme.

    http://beta.slashdot.org/story/201349
    ICBM forces commander Maj. Gen. Jack Weinstein told Leslie Stahl from "60 Minutes" that the bases have extremely tight IT and cyber security, because they're not Internet-connected and they use such old hardware and software. "A few years ago we did a complete analysis of our entire network," says Weinstein. "Cyber engineers found out that the system is extremely safe and extremely secure in the way it's developed." While on the base, missileers showed Stahl the 8-inch floppy disks, marked "Top Secret," which is used with the computer that handles what was once called the Strategic Air Command Digital Network (SACDIN), a communication system that delivers launch commands to US missile forces. Later, in an interview with Weinstein, Stahl described the disk she was shown as "gigantic," and said she had never seen one that big. Weinstein explained, "Those older systems provide us some, I will say, huge safety, when it comes to some cyber issues that we currently have in the world.""
     
  11. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    You'd be very, very silly to think you're safe using an old version of a browser like Firefox 3.6. Many of the exploits found in the latest browsers aren't magically isolated to that version. Most of the time it will affect old code that is in versions as far back as Firefox 3.x. The same thing happens to IE, you see IE patches that are for IE6-11. The same thing happens for Chrome.

    Just because a security advisory doesn't explicitly mention an older browser version doesn't mean that version is not affected, it means they didn't bother testing that version, usually because it's too old.

    You're not safer using an older browser no matter what you think. They are not pushing old versions to update just because they feel like annoying you.
     
    Last edited: May 21, 2014
  12. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    No, you don't upgrade if you want to. You upgrade if there's a need.
    When it comes to multimillion-dollar-worth missiles supposed to carry nuclear payload, there is no need.
    You don't mess up with things that work. It's not your desktop.
    It's not an OS upgrade.

    It's THE EVERYTHING upgrade.

    Physical setup, communication lines, everything.
    As complex as replacing buses with trains.

    Mrk
     
  13. DoctorPC

    DoctorPC Banned

    Joined:
    Jan 9, 2014
    Posts:
    813
    Defense officials are on record stating they use obsolete gear on purpose, and why they do it. They've turned down upgrade options put forth. As noted above, that's the commander of the ICBM forces, stating the age, and hardened nature of the obsolete system is precisely WHY they use it. Again, it's incredibly easy to win arguments against you because I have the facts on my side every single time. I've used obsolescence as a security procedure in some select, difficult cases. It's a very real, and viable security methodology. (Intentional Obsolescence) ATM's use x.25 as a method to harden their communications from hackers, and it works.

    http://www.theregister.co.uk/2002/06/06/security_through_obsolescence/

    Opera x12 (Presto) will likely become the most security browser on the planet, as none of the new exploits would have any impact on it. So I can see deployment of Presto in the future, as almost all exploits will target Trident and Blink. Once again, security through obsolete software. I don't expect many to believe this, or understand it. But from an engineering perspective it's something we deal with everyday. Similar to how a 1966 Buick wouldn't generally be impacted much by an EMP, that would knock out every single vehicle on the road.

    If I created a method to where a Commodore 64 could access the web, I would have one of the most secure platforms on the planet. I suppose it could be done with some machine coding. <shrug>
     
  14. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    When they designed those systems, they were not obsolete. So your argument is invalid.
    Today, it is convenient. But the question of upgrade is not one of "pimp my ICBM" with the latest wallpaper, LOLZ OMG!
    It is the question of a huge uplift that is equivalent to redesigning cities. No one wants that bureaucracy.
    When they design new, they'll go for new.

    Please don't write about things you don't understand, like EMP.

    Mrk
     
  15. DoctorPC

    DoctorPC Banned

    Joined:
    Jan 9, 2014
    Posts:
    813
    Please don't assume you understand what I do and do not understand. I've done post EMP diagnostics for a defense contractor, and yes, I understand them. The fact that these systems are obsolete, which offers additional security is well understood by the military. There have been regression examples in many fields, they aren't widely discussed because you run into classified natures with many. The x.25 aspect of ATM's is an example of technology regression, a 25 year old technology used precisely because it is hardened against hackers, and modern hack tools.

    I've seen examples of legacy Juniper and Watchguard systems deployed precisely because those legacy systems have proven themselves to not be compromised. The NSA's own tools won't even work on those legacy systems. They'd need to develop an entirely new chipset implant, and given the rarity, it's not practical. Yet virtually all of the newer systems can be easily compromised by the NSA. (and others) Another example of purposeful obsolete hardware pushing.

    No one can break into my house because I have a moat and a drawbridge, and a dragon behind the door. Old, but effective.
     
  16. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,946
    Location:
    U.S.A.
    Let's not take this thread off topic, which is Mozilla push to upgrade older versions of Firefox. Focus on Mozilla or Firefox only. Thank you!
     
Loading...
Thread Status:
Not open for further replies.