Firefox 2.0.0.1 update...

Sigman

* The Arctic Moderator *
Joined
Sep 25, 2002
Messages
10,124
Location
"The 49th State"
geepondy said:
Firefox tells me when there is an update available. This isn't a standard feature of the browser?
geepondy, you must have the "Firefox Special Edition"!! :poke:

Seriously, some folks don't have the auto update configured. I for one don't typically configure auto updates to prevent every "Tom, ****, & Harry" program loaded from constantly checking & tying up resources.
 
Last edited:

raggie33

*the raggedier*
Joined
Aug 11, 2003
Messages
13,453
some one once said firefo gives ya password away i hope thats not true or this update fixes it
 

Eric242

Flashlight Enthusiast
Joined
Jul 18, 2006
Messages
2,931
Location
[-Mad in Germany-]
nerdgineer said:
Will adblocker work with Firefox 2?
Is it adblock or adblocker? Just asking because there so many different add ons to firefox and it could be both. If it is "adblock", it is still working with firefox 2.0. I had it installed with the older firefox version and when I installed 2.0, firefox searched all the add ons and styles I had installed to update them.

Eric
 

BB

Flashlight Enthusiast
Joined
Jun 17, 2003
Messages
2,129
Location
SF Bay Area
Hi Raggie!

It is very nice to see you back here... I have missed you as I don't usually go to the dark side of CPF.

Regarding FireFox giving away passwords... I was almost ready to dismiss this as a hoax or parody site (came up first in Google search):


Firefox gives up passwords:


THE MOZZARELLA Foundation has issued a security warning on its Firebadger open sauce browser. Apparently the browser's secure password manager has a nasty habit of telling other people your user name and password.

The problem comes about because Firebadger supplies the username and password stored on one page on a domain to another page on a domain. For example the Username and password input tags on a Myspace user's site will be shared along with the visitor's Myspace.com credentials.

According to Robert Chapin, of Chapin Information Services, who reports the problem on Bugzilla, the flaw means that passwords can be stolen without punters being aware of it.

In the short term, Mozzarella is suggesting avoiding using Password Manager and the Master Password Timeout Firefox extension.

However, an exploit found in the wild mimicked the login.myspace.com site almost perfectly, causing many users to believe they needed to log in.

The bug is real and reported here:

It is behavior I have seen before and accepted as normal for FireFox's password manager. However, when you think about it, there is a huge problem for some website to get a UID and Password for one host domain (at a time).

Basically, as I understand, Password Manager in FireFox only looks at the first part of any URL--the Host Domain part ("www.Iamhere.com, www.myspace.com, etc.)...

So, if you have a login remembered for myspace.com, if some user under myspace.com also has a password and UID field, password manager will automatically fill in the saved UID and password you used for myspace.com--and they now can go to your myspace.com account, or try other common places like hotmail, yahoo, www.bankofme.com, etc. and see if it works there too... This can also be an issue for places like store.yahoo.com and other places too...

At this point, again from what I understand, the bug is still not addressed/fixed and the subject to debate. This is also, apparently, a problem with trusted Java scripts/programs too (only uses www.domain.com for security considerations).

The last got-you in the Password Manager/FireFox bug is that the UID and Password fields can be hidden (and maybe auto submitted?) so that you cannot even see the passwords being populated or even stop their transmission.

Other browsers (like IE) appear not to have this problem for various reasons (FireFox attempted to make Password Manager easy to use so that people can use long and unique passwords).

So--the problem is real and can be bad if you use the same UID and Password for Amazon and Myspace (as an example). Changing your UID/Password for each site (that at least has your personal information like address, banking info, and credit cards) is a first step.

When I first read this, I was pretty upset and ready to stop using Password Manager--but as I read the issues, I am pretty OK with using it as is for now--because I have different UIDs and Passwords for different sites--although, I will probably go out their now and randomize the passwords a bit more to make sure.

Regarding the AdBlock question, there is a newer version out there (the old AdBlock is a "long" (in computer software terms) discontinued supported software):

Adblock Plus

They also have some auto-updating filters too (go to their website and read about them--and old one. Filterset.G I used before is now not recommended anymore). I use the two popular versions of "EasyList" myself now.

-Bill
 

TooManyGizmos

Flashlight Enthusiast
Joined
Jan 12, 2006
Messages
3,079
Location
Died Nov. 2015
Why update each time they come out with one ?????

What is so improved now over the updated ver. I downloaded a month ago ????

I don't see the need to do it every time they change the version number by one digit .

It caused me a lot of extra work a month ago - cause some extensions I use were not ready and avail. for the new release .

I like to always stay one or two revisions behind the latest/greatest/newest ...... till they get the bugs exterminated .


But that's just me .................................. TMG/*
.
 

IlluminatingBikr

Flashlight Enthusiast
Joined
Feb 26, 2003
Messages
2,320
You really should try and go with the latest versions, because they find bugs and security vulnerabilities that they fix. I'm not sure why you wouldn't want to have as many bugs and security holes fixed as possible. Anyways, usually the smaller incremental updates won't have much of an effect on your extensions - it's usually the bigger revisions that cause headaches.
 

raggie33

*the raggedier*
Joined
Aug 11, 2003
Messages
13,453
BB said:
Hi Raggie!

It is very nice to see you back here... I have missed you as I don't usually go to the dark side of CPF.

Regarding FireFox giving away passwords... I was almost ready to dismiss this as a hoax or parody site (came up first in Google search):


Firefox gives up passwords:




The bug is real and reported here:

It is behavior I have seen before and accepted as normal for FireFox's password manager. However, when you think about it, there is a huge problem for some website to get a UID and Password for one host domain (at a time).

Basically, as I understand, Password Manager in FireFox only looks at the first part of any URL--the Host Domain part ("www.Iamhere.com, www.myspace.com, etc.)...

So, if you have a login remembered for myspace.com, if some user under myspace.com also has a password and UID field, password manager will automatically fill in the saved UID and password you used for myspace.com--and they now can go to your myspace.com account, or try other common places like hotmail, yahoo, www.bankofme.com, etc. and see if it works there too... This can also be an issue for places like store.yahoo.com and other places too...

At this point, again from what I understand, the bug is still not addressed/fixed and the subject to debate. This is also, apparently, a problem with trusted Java scripts/programs too (only uses www.domain.com for security considerations).

The last got-you in the Password Manager/FireFox bug is that the UID and Password fields can be hidden (and maybe auto submitted?) so that you cannot even see the passwords being populated or even stop their transmission.

Other browsers (like IE) appear not to have this problem for various reasons (FireFox attempted to make Password Manager easy to use so that people can use long and unique passwords).

So--the problem is real and can be bad if you use the same UID and Password for Amazon and Myspace (as an example). Changing your UID/Password for each site (that at least has your personal information like address, banking info, and credit cards) is a first step.

When I first read this, I was pretty upset and ready to stop using Password Manager--but as I read the issues, I am pretty OK with using it as is for now--because I have different UIDs and Passwords for different sites--although, I will probably go out their now and randomize the passwords a bit more to make sure.

Regarding the AdBlock question, there is a newer version out there (the old AdBlock is a "long" (in computer software terms) discontinued supported software):

Adblock Plus

They also have some auto-updating filters too (go to their website and read about them--and old one. Filterset.G I used before is now not recommended anymore). I use the two popular versions of "EasyList" myself now.

-Bill
i hope it dont give em away.i try very hard to make my passwords.i sometimes forget em
 

bjn70

Flashlight Enthusiast
Joined
Nov 25, 2004
Messages
1,097
Location
DFW, TX
My Firefox is set to update automatically. Tonight it downloaded and installed an update- to version 1.5.0.9.

I don't know what 2.0.0.1 is or how it is different from 1.5.0.9.
 

sunspot

Flashlight Enthusiast
Joined
Aug 22, 2001
Messages
2,707
Location
Graham, NC
bjn70 said:
My Firefox is set to update automatically. Tonight it downloaded and installed an update- to version 1.5.0.9.

I don't know what 2.0.0.1 is or how it is different from 1.5.0.9.
The same thing happened to me. WTF
 

metalhed

Enlightened
Joined
Jan 29, 2004
Messages
671
Location
Washington State
Top