User: Password:
|
|
Subscribe / Log in / New account

Attack code for Firefox 16 privacy vulnerability now available online (ars technica)

Attack code for Firefox 16 privacy vulnerability now available online (ars technica)

Posted Oct 12, 2012 11:42 UTC (Fri) by Lennie (guest, #49641)
In reply to: Attack code for Firefox 16 privacy vulnerability now available online (ars technica) by Cato
Parent article: Attack code for Firefox 16 privacy vulnerability now available online (ars technica)

I believe the next ESR will be 17. This release was 16. So it will be time soon enough. ;-)

I believe the ESR based on Firefox 17 will be released at the same time as Firefox 18, but I could be mistaken.

Do you really still have addons that break ? That should hardly ever happen anymore.

I think they fixed it in 7 or 8. I run nightlies, betas, stable and I've not had that since that time (have to admit I removed some I didn't use anymore anyway and that seemed unmaintained).

Yes, Chrome has a different process model for security.

Firefox does not, they tried to figure out how to do it, but I think they had a really hard time to make it backwardcompatiblity with addons.

Also I think they didn't do it because Firefox needed to fix their memory usage first. That seems to be mostly done now.

The Firefox developers also introduced a new addon-model a few years ago which just uses webtechnologies instead of dependence on the C++-API (which is the part that might break on upgrades).

It is kind of ironic that I've not seen a lot of security bugs in Firefox which would be blocked by the Chrome process model.

I've seen tests which mention Firefox Mobile is the fastest browser on Android. In those tests Chrome on Android (not the Android browser) is the slowest, I was thinking could that also be because of the process model ?


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds