FF 1.5 out

[Bouncing Zabaglione Bros.]

I use IE6 currently, and I am thinking about downloading FF1.5. Will it make sense for a common (but heavy) web browser like me to get FF1.5? Can I have both IE and FF installed and use both?

Yeah, I've had both installed for ever (I've never been an IE user). The only thing you have to do is stop IE from trying to keep taking back the default browser association when it asks, or change it in the control panel internet settings.

 

[Bouncing Zabaglione Bros.]

Well, I can't delete search engines for the search engine toolbar, my roomate has no scroll bar, the options menu doesn't show up right, and he has some weird apple looking quazi bar in his address bar. I didn't have that many problems with RC1

Are you using a third party theme? It probably needs updating. I've seen that screw up windows/bars, etc in earlier builds. Try switching to the default theme and see if it works then.

 

[Tim Murray]

And for those, everyone should try out IE Tab.

"IE Tab, an extension from Taiwan, features Embedding Internet Explorer in tabs of Mozilla/Firefox.

This extension is derived from the famous extension IE View, but they are quite different.
While IE View always open IE-only pages in newly launched windows of Internet Explorer, IE Tab can open them in tabs of Mozilla/Firefox."

This is a brilliant idea. Let's take the browser that's tied into the operating system at such a level that a security hole in the browser can completely compromise the OS, and then tie it into a browser that is usually presumed safe but certainly can have security holes of its own.

Gwaaaaaaaaaaaaaah? Does this seem absolutely daft to anyone else?

 

[BRiT]

This is a brilliant idea. Let's take the browser that's tied into the operating system at such a level that a security hole in the browser can completely compromise the OS, and then tie it into a browser that is usually presumed safe but certainly can have security holes of its own.

Gwaaaaaaaaaaaaaah? Does this seem absolutely daft to anyone else?

I think you misunderstood the intent. Would you rather have those sites that only work in IE running off in their own window? Or would you prefer to have them as a tab, just like any other website, in your current FireFox browser? This extension only loads up IE for websites or links you explicitly designate. If this is installed but you choose not to open any links or sites within IE, then it will never have IE loaded.

It merely swallows the otherwise external IE window, and presents it as a normal tab within FireFox.

 

[Tim Murray]

I think you misunderstood the intent. Would you rather have those sites that only work in IE running off in their own window? Or would you prefer to have them as a tab, just like any other website, in your current FireFox browser? This extension only loads up IE for websites or links you explicitly designate. If this is installed but you choose not to open any links or sites within IE, then it will never have IE loaded.

It merely swallows the otherwise external IE window, and presents it as a normal tab within FireFox.

It's another potential vector of infection. The number of IE-only sites shrinks daily, and as Firefox usage increases, I imagine the number of security holes found will increase as well. Assume there's a security hole in Firefox. Usually, these are pretty minor and won't do anything besides crash the browser--certainly nothing like remote code execution. However, combine an IE exploit with a Firefox exploit, and suddenly, you have free reign over a silly number of machines. Yeah, it's more unlikely, but I dunno. I like having separate executables for separate programs.

 

[hoom]

Eh?
It just intercepts the IE window & displays it in a Firefox tab which is more tidy than having a separate window eg for windows update

Agree that over time this is less important (my eg is windows update because its the only IE only site I can think of) but its a nice bit of tidying up from my point of view.

 

[mkillio]

Yep, their Noia theme was out of date. Good job auto update, I went to help, check for updates and it said no updates available. I went to themes and it said update available. Deleting the search engine files did the trick, thanks for your help.

 

[Deepak]

One small problem with FF, I use flashget for downloading. But "download using flashget" option does not appear when I right click on a link. Any solution?

 

[L233]

It's another potential vector of infection. The number of IE-only sites shrinks daily, and as Firefox usage increases, I imagine the number of security holes found will increase as well.

The problem with IE is that some of the basic concepts are prone to security holes, i.e. the zone model and activeX.

The real problem is that the windows updater relies on these and that's why IE will likely stay the most insecure browser. It's not so much "security holes" resulting from sloppy implementation or coding but rather a security model that's a security risk in itself. The basic concept is "broken" from a security point of view.

 

[Deepak]

http://news.yahoo.com/s/pcworld/20051209/tc_pcworld/123878

Mozilla plans to repair the hole in the latest version of its open-source browser when it releases its next regularly scheduled stability build of Firefox. That should happen in late January or early February, said Mike Schroepfer, vice president of engineering for Mozilla.

"Based on the information we have, it's a low-severity issue, but we will address it anyway," he said in an interview Thursday.

Packet Storm Security on Wednesday released code that takes advantage of the vulnerability, which can cause a buffer overflow and put users at risk of a denial of service attack when running the browser, according to a posting Thursday by independent security consultant John Bambenek on the SANS Internet Storm Center Web site.

According to the posting, the vulnerability is in the browser's history.dat file, which stores a user's history of Web sites visited. It can be exploited by crafting an abnormally long URL with perhaps a few million characters. If a user navigates to a site that exploits the hole, "it will crash the browser each time it is started after going to such a page," Bambenek wrote in the posting.

 

[Moloch]

Well if you still have 512MB don't switch from opera quite yet as I checked memory usage after dicking around a bit.. looking at lots of pictures(since it historically has had high memory usage compared to it's peers) and found it to be using 300MB phyisical and about 300MB virtual.
Luckily I have 1GB so I didn't notice it but for those that lack ram opera is still your best bet

 

[hoom]

I'm somewhat jaded by the lack of adblock support so far, there are a whole bunch of ads seeming to get through & the adblock screen never has anything showing as blockable.

 

[BRiT]

I'm somewhat jaded by the lack of adblock support so far, there are a whole bunch of ads seeming to get through & the adblock screen never has anything showing as blockable.

Have you tried using Adblock Plus with the Filterset.G enabled and syncronized? I never see any ads at all. Even better, it allows for loading but not displaying of the ads for supported websites, such as our beloved B3D.

 

[Fodder]

Just installed Portable Firefox 1.5 here at work. Seems a touch more sluggish than previous versions, and the password manager doesn't seem quite as effective at re-catching all my details, but that may just be my imagination. On the flipside, dragable tabs gets a big thumbs up.

 

[stevem]

Well if you still have 512MB don't switch from opera quite yet as I checked memory usage after dicking around a bit.. looking at lots of pictures(since it historically has had high memory usage compared to it's peers) and found it to be using 300MB phyisical and about 300MB virtual.
Luckily I have 1GB so I didn't notice it but for those that lack ram opera is still your best bet

Yeah, it's not svelte, but try the following switch: config.trim_on_minimize = true. Even when not minimized, mem usage on mine has dropped ~50% @ no cost to paged mem... Also ensure a clean install & confrim extension compatibility with FF1.5. Even the updated version of Adblock has a mem leak esp with Flash 8. Try Adblock Plus as recommended above. The bfcache function caches previous pages in ram based on the amount of mem you have. Try changing browser.sessionhistory.max_total_viewers = -1 (auto) to 0-5 pages depending on browsing habits.

One small problem with FF, I use flashget for downloading. But "download using flashget" option does not appear when I right click on a link. Any solution?

Try the Flashgot extension.

 

[Gubbi]

One small problem with FF, I use flashget for downloading. But "download using flashget" option does not appear when I right click on a link. Any solution?

Check the Flashgot extension for FF. Besides, unless you paid for Flashget (or have a very old version like me ), it's an adware laden POS.

Edit: just saw Steve already suggested that.

Cheers
Gubbi

 

[Simon F]

Check the Flashgot extension for FF. Besides, unless you paid for Flashget (or have a very old version like me ), it's an adware laden POSi

I use "Free download manager" via Flashgot. Seems to do the job quite nicely and has zero adverts.

 

[Deepak]

Check the Flashgot extension for FF. Besides, unless you paid for Flashget (or have a very old version like me ), it's an adware laden POS.

Edit: just saw Steve already suggested that.

Cheers
Gubbi

Flashget is adware? Didn't know that, never noticed...which download manager then you suggest.

 

[Deepak]

http://news.yahoo.com/s/pcworld/20051213/tc_pcworld/123910

Computer users who have not upgraded to the latest version of Mozilla's Firefox browser may now have an extra incentive to do so, thanks to a hacker who has posted an exploit.

On Sunday, a hacker going by the name of Aviv Raff published sample code that could be used to take over the computers of Firefox users running version 1.0.4 or earlier of the browser. The exploit takes advantage of a known bug in the way Firefox processes the popular Javascript Web programming language.

"I think it's been enough time for people to upgrade from v1.0.4. of Firefox. So, here is the PoC [proof of concept] exploit for the... vulnerability," he wrote on his blog.

The bug was fixed in Mozilla version 1.0.5, which was released during the summer, and has also been fixed in version 1.7.9 of the Mozilla Suite, said Mike Schroepfer, vice president of engineering with Mozilla. "As long as users keep updated to the latest version, they're, in general, very safe."

 

[Zaphod]

The extremely security conscious among us (with a gig of hd space to spare) could always run Firefox using the Browser Appliance Virtual Machine. It's a free VMware implementation with Firefox 1.0.7 and 1.5 running on Ubuntu Linux 5.10.