Category Archives: Firefox

Firefox, Patches and updates, Security

Firefox 33 released

Leave a comment

The release of Firefox 33 snuck past my radar on October 13. In my conversations with Mozilla workers, it was explained to me that only major releases would be announced. But there was no announcement for Firefox 33. Clearly I need to keep bugging them about this. At least the release notes have improved.

The version number would seem to indicate that there are a lot of changes in this new version, and the release notes do list several new features. But none of those features are likely to be of much interest to regular users, aside from some improvements to searching.

Firefox 33 does include at least nine security fixes, as outlined on the Known Vulnerabilities (aka Security Advisories) page.

Firefox, Patches and updates, Security

Firefox 32.0 released

Leave a comment

A new version of Firefox was released yesterday, with the usual complete lack of any kind of proper announcement. The only thing posted on the Mozilla blog (“the official source for Mozilla-related news, opinions, events and more”) yesterday was this post about Firefox for Android.

On a more positive note, the release notes for Firefox are looking better. It looks like my insistent prodding has led to some action, because the Firefox 32.0 release notes page now has a page title that includes the version, and the topmost heading also includes the version.

Firefox 32 includes fixes for at least six security vulnerabilities, so anyone using Firefox should update it as soon as possible. Version 32 also improves performance, and adds some minor features, including changes to the page context (right-click) menu.

Firefox, Patches and updates, Security

Firefox 31 released

Leave a comment

Thanks once again to organizations like CERT and SANS, this morning I was alerted to a new version of Firefox.

Version 31 includes fixes for security vulnerabilities and other bugs, and adds several features, none of which is likely to be of much interest to anyone except developers.

There’s a post on the Mozilla blog that seems to be about the new Firefox, although it’s difficult to know for sure since the new version is never actually mentioned. New version announcements for Firefox are still terrible.

The official release notes for the new version are still woefully inadequate. Notable security fixes in Firefox 31 are listed on the Security Advisories (aka Known Vulnerabilities) page.

Firefox, Patches and updates, Security

Firefox 30.0 released

Leave a comment

At least seven security issues were fixed in version Firefox 30.0, released yesterday.

The release notes for version 30.0 show several other changes in this release, but only one is worth mentioning. A new ‘Sidebars’ toolbar button was added, presumably based on complaints that version 29 made it more difficult to toggle the bookmark sidebar on and off. But toggling the sidebar still requires two clicks as opposed to the single click that was required before version 29. So that’s not exactly progress.

For those of you keeping score, the release notes pages for Firefox are still a mess.

Chrome, Firefox, Internet Explorer, Privacy, Security

Web browsers can reveal browsing history

Leave a comment

Chrome, Firefox and Internet Explorer can be tricked into revealing your browsing history by unscrupulous web site owners.

The new vulnerability is similar to one that was discovered, then patched, in the major browsers several years ago. The new technique uses a different approach to accomplish the same thing.

Browser developers are working on fixes for this vulnerability, but in the meantime, anyone concerned about their browser history potentially being revealed should get into the habit of clearing their history frequently. Alternatively, you could switch to a privacy-oriented browsing solution such as the Tor Browser Bundle.

Firefox, Flash, Java, Security, Shockwave, Silverlight

Stop Firefox from showing embedded media automatically

Leave a comment

My browser of choice these days is Firefox, despite its recent problems with bloat, performance and the user interface.

I recently made a change to the way Firefox handles embedded content like Java, Flash, Shockwave and Silverlight. By default, Firefox displays embedded media automatically; when you visit a web page that contains embedded media, it plays immediately after loading.

To change this behaviour, do the following:

  1. Go to the Firefox Add-ons page. How you do this depends on the version of Firefox, but one method that always works is to enter ‘about:addons’ in the address bar.
  2. In the menu on the left, click ‘Plugins’.
  3. To the right of each listed plugin, there’s a button. Clicking that button drops down a list with these options: ‘Ask to Activate’, ‘Always Activate’ and ‘Never Activate’.
  4. Change the activation setting for each plugin. ‘Never Activate’ disables a plugin completely. ‘Always Activate’ means that the associated media will run without any user intervention (the default behaviour). ‘Ask to Activate’ will prompt the user before playing the associated media. I set the following plugins to ‘Ask to Activate’: all Java plugins, all Flash plugins, all Shockwave plugins, and all Silverlight plugins.

Once you’ve made these changes, visiting a web page that includes embedded media shows grey blocks where the media would normally appear. A link appears in the middle of each block: ‘Activate Adobe Flash’, ‘Activate Java’, etc. Clicking the ‘Activate’ link pops up a small dialog that allows you to activate the media this time only, or permanently for that particular web site.

This has several benefits:

  • Malicious code in Java, Flash and other media files no longer runs automatically when I visit sites that use them. This makes web surfing much safer.
  • Pages that contain embedded media load faster. If I decide that I want to actually watch some embedded media on a site, I only have to click the ‘Activate’ link.
  • I can now see exactly what kind of media is embedded on a web page, which is especially useful for determining the relative popularity of different kinds of media.
Firefox, Patches and updates

Firefox 29.0.1 released

Leave a comment

On May 9, a new version of Firefox was released by Mozilla. Since version 29.0.1 is considered a minor (‘dot’) release, there was no formal announcement.

The release notes provide some clues as to the changes in 29.0.1. A few minor bugs were fixed, but none of them appear to be security-related. The colour of unselected tabs was changed to make them more visible than they are in Firefox 29.