Posted on 05/15/2013 6:49:55 AM PDT by ShadowAce
Mozilla is out with the Firefox 21 open source browser release today, fixing at least 8 security vulnerabilities, three of which are rated as being critical. The new release also provides new features that depending on your viewpoint could either improve or reduce user privacy.
One of the new features in Firefox 21 is the Health Report. Mozilla first began talking about the health report in September of 2012 as a non-invasive reporting mechanism. The report is intended to deliver information to users about the 'health' of the browser and its components. The report also shares that data with Mozilla.
Johnathan Nightingale, VP of Firefox Engineering at Mozilla, explained to Datamation that Firefox Health Report is enabled by default in Firefox 21.
"Firefox users who don't want to send health data to Mozilla can disable the data sending either from the health report itself, or from the 'Data Choices' section in the Firefox options window," Nightingale said. "Users who turn off the data will still be able to see their own browser health information."
Firefox 21 also includes an update to Mozilla's Do Not Track cookie mechanism. In the Firefox 21 release, users will now have three choices: Do Track, Do Not Track, and No Preference."
"From its inception, we have built Do Not Track as an expression of intent," Nightingale said. "By default, we don't send a header at all, 'No Preference', because we don't know the user's intent."
He added that the user can choose to express a preference either for, or against, tracking and from that point forward Firefox will express that decision to every site they visit. Mozilla's most recent data shows 17 percent of US users enabling DNT.
Performance is an area that Mozilla is constantly pushing with each new Firefox release, and Firefox 21 is no exception. Nightingale said that new graphics subsystem changes in Firefox 21 should give the browser performance wins on mobile and desktop.
Mozilla developers are now also currently working on the new OdinMonkey JavaScript engine for a future release of Firefox. "We're currently testing OdinMonkey on pre-release, but the optimizations it makes for asm.js code are going to change the world of gaming," Nightingale said.
The asm.js JavaScript library enables code to run at native speeds. It's is already being used to enable the Epic gaming engine for in-browser games.
On the security front, Mozilla has issued three critical security advisories with the Firefox 21 release. All three deal with memory related vulnerabilities and exploitations.
Some of the flaws were reported by Google security researchers using the open source Address Sanitizer tool.
"Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and invalid write problems rated as moderate to critical as security issues in shipped software," Mozilla states in its advisory. "Some of these issues are potentially exploitable, allowing for remote code execution."
Interesting; but until they fix the browser from leaking so much memory it’s a broken browser.
Every version since 20 screws up the right-click context menu on FR pages.
Leaking memory? I never notice, and I have FF up all day.
Wow. That’s a lot of cycles used to protect you from a badly designed OS.
How so? What makes the context menu different on FR?
I often right-click and pick "back" or "reload" from the context menu.
The problem with recent FF versions is that only the top and right outlines of the context menu appear. It will finally work after several consecutive attempts. It appears to correlate with the mouse position over a table or image.
This bug manifests sporadically on various websites, but its pretty consistent here on Free Republic.
Interesting. I’ve never noticed it. I’ll try to pay closer attention.
Sure does; I think it has to do w/ deallocating memory on closing of tabs [or navigating away]... flash-player and other such plugins might also be culpable.
I leave it up until about 80% of my memory is used up, then have to restart it.
I gave up on Firefox’s rapid release insanity at version 15.
My bank tunnel security no longer works with my old version, but if I upgrade, several of my extensions/add-ons no longer work.
Similarly, I quit upgrading Adobe Flash, because it and Firefox had too many conflicts around FF version 12.
==
Firefox upgrades break more things than they fix.
I haven’t been on any machines with less than 6 GB of RAM in several years, so I guess I never noticed.
Damn it! Seems just as I get my Firefox working and looking like I want, they come out with a new version that will screw everything up: Puts the tabs on top, disables a bunch of addons, scrambles/hides my menus, etc. The only “good” thing is that because I’ve had to change it back so often, I’m familiar with all the steps needed.
I have 6 GB in this machine, but I leave it on.... so it becomes apparent over a few days.
No, but there are safer OSes than windows. I don't use any anti-virus, anti-trojan, anti-anything. I haven't since 2003. I've never got a virus/torjan/malware since then.
I don't have to "learn to work around" my OS. It works the way I do. YMMV, of course.
OpenVMS is a solid & secure OS; though you'd need a VAX, Alpha, or Itanium to use it.
I should clarify that I’m using Linux.
I notice, but I leave FF up over several days.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.