back to article Firefox to doctor Pepper so it can run Chrome's PDF, Flash plugins

Mozilla is investigating hooking up Google Chrome's builtin plugins to Firefox. The foundation's Project Mortar hopes to spare its developers from building and improving non-core components of Firefox by instead providing the same software interfaces that Chromium, the open-source engine of Chrome, provides. That will allow …

  1. Anonymous Coward
    Anonymous Coward

    Can't say much about Chrome's Flash player, but I think Firefox's .pdf viewer works just fine...so whatever.

    I like how everyone discusses a better Flash player and .pdf viewer with everyone besides the one company that owns them.

    1. Ole Juul

      what does better mean?

      Yes, Firefox's pdf viewer works just fine already, and it would be better if they just stopped supporting flash altogether. Here's hoping things don't get worse.

    2. Anonymous Coward
      Anonymous Coward

      >I like how everyone discusses a better Flash player and .pdf viewer with everyone besides the one company that owns them.

      Flash Pepper is a joint Adobe/Google development, has been a while. Likewise MS and Facebook ('Zuckerbrowser' anyone?) get the source code to play with too. I guess they're all happy to let Adobe take the blame - or perhaps it's just that they don't like to boast.

      Doctor Pepper - nice one.

      1. Anonymous Coward
        Anonymous Coward

        Adobe don't "own" PDF - take a look at how long it has taken to get the PDF 2.0 spec formally agreed & issued.

        </nitpick>

      2. Anonymous Coward
        Anonymous Coward

        Re: Doctor Pepper - nice one.

        Some will die in hot pursuit of firey plugin crashes.

    3. DrXym

      Firefox's PDF viewer is fine for viewing but quite awful for printing. Basically PDF is just rendered into a bitmap via an HTML canvas and then that gets printed as HTML. I don't know if PDFium is better, but if it is then that in itself would be a benefit.

      1. Anonymous Coward
        Anonymous Coward

        Crap printer divers? Works perfect for me

    4. Steve Evans

      They certainly need to do something, Flash on FF 64bit has been broken since the last update.

      Yes, we know that flash is evil, and about to be condemned to the bin of history, but right now a lot of sites depend on it.

    5. Mage Silver badge
      Coffee/keyboard

      PDF viewer?

      Viewing PDFs IN a browser is mad.

      There are many reasons why it's a seriously bad idea. Why was it so hard to disable Firefox PDF viewing when they added it?

      Well, killing Flash may be the only thing that Apple and I agree on.

      1. Martin-73 Silver badge

        Re: PDF viewer?

        I didn't have that much trouble disabling it (but I'm on the LTS channel, not the bleeding edge). I use nothing but Foxit for reading PDFs now

  2. asdf

    unsafe at any sandbox

    Flash should never run on your computer in any form period (disable it in Chrome and always test your browsers for it and java just to be sure). That said if you absolutely have to use it then only run it with Chrome in a VM you reset after you are done. Raw dogging flash plugin on windows native is practically begging for malware.

    1. Duncan Macdonald

      Re: unsafe at any sandbox

      What is needed is a crippled Flash that can ONLY play videos - with ALL the scripting removed. Likewise for the PDF viewer - it should only display and print PDF files with ALL the interactive and scripting bits removed. If this was done then the result would satisfy 99% of web users needs without the horrible security holes that the scriptable plugins have.

      1. Version 1.0 Silver badge

        Re: unsafe at any sandbox

        ..."limit the damage malicious code can do if it exploits a security hole in the plugin" should read:

        "limit the damage malicious code can do when it exploits a security hole in the plugin"

      2. Jon 37
        Boffin

        Re: unsafe at any sandbox

        "What is needed is a crippled Flash that can ONLY play videos - with ALL the scripting removed"

        tl;dr: That's called EME and browsers implement it, but websites have to be updated to use it.

        Flash video players have scripting to make the play/pause/seek/volume buttons actually do stuff, and to choose the best quality video for your Internet speed. So you can't just remove the scripting from the Flash plugin and expect existing websites to work.

        If websites are using Flash to play video, then they need to switch to the HTML5 <video> tag, and use HTML/Javascript for their play/pause/seek/volume buttons. If websites want to automatically choose the best quality video for your Internet speed, then they can use Javascript and the Media Source Extensions (MSE) API for that.

        For websites that are using Flash for its DRM, and insist on DRM, then they also need to use the Encrypted Media Extensions (EME) APIs for DRM. EME allows plugins that work a bit like you describe - the plugin *just* does the DRM bit, no scripting and no UI. Adobe have "Adobe CDM", which is basically the DRM from Flash changed to work as an EME plugin. Microsoft and Google also have their own EME plugins.

        1. Duncan Macdonald

          Re: unsafe at any sandbox

          The play/pause/seek/volume buttons can be part of the viewer - not the script supplied by the website. (If Windows Movie Player can implement these functions when playing a .wmv file then there is no reason why a Flash viewer could not implement these functions when playing a Flash video file.)

          For most users of Flash - it is only used to play videos. For these users a crippled Flash that completely ignored all the scripting commands would be adequate. (Getting the website to change to HTML5 <video> would be better - but do not hold your breath.)

        2. Anonymous Coward
          Anonymous Coward

          Re: unsafe at any sandbox

          The main issue is that the video support implemented in browsers is not yet as "mature" as the Flash option. MPEG-DASH is currently an abomination, and HLS support is incomplete on most platforms (notably excluding Safari and to a lesser extend Edge).

          As for DRM, you also highlighted one of the key problems - that there is no viable single standard which works cross-browser and cross-platform (including mobile), so this is an additional burden on content producers who need to prepare multiple streams as opposed to Flash which is a single solution.

          Yes, I'm a Flash(/ActionScript) developer involved in video distribution, but I'm not an advocate of Flash/AS for the sake of it - once SME and EME improve, I'll be the first to put Flash up against a wall and shoot it. Until then, if you want a feature-rich video player with DRM that works cross-platform and cross-browser, Flash just works (tm).

      3. roger stillick
        Linux

        Re: unsafe at any sandbox

        IMHO= Here in USA we are months away from DIRECTV aka AT&T video offering their services in it's entirety to internet streaming service as a precursor to the satellite service going dark (stated sale goal of AT&T)..

        Firefox needs to fix Linux / flash or remain redundant for world wide video streaming use.. RS.

      4. Oh Homer
        Childcatcher

        Re: disabling ubiquitous technology

        All my work training is in Flash. I have no control or influence over that whatsoever. The nature of my profession (healthcare) is such that this training continues essentially forever.

        Similarly, nearly everything IT related that we use, which isn't Flash, tends to be Java.

        Ironically these decisions were initially made, years ago by various third party contractors, to provide platform agnosticism for the purpose of serving as many clients as possible with a single turnkey solution (i.e. to save money).

        Before the Masters of Do-ocracy arbitrarily decide to cripple their browsers, they first need to consider the impact this will have on people whose reliance on that now crippled technology is beyond their control.

        Now certainly one could argue that killing support for archaic and insecure technology will force Luddites and bean-counters to adapt, and they will, but probably not in any way that will benefit either staff or industry standards, since the aforementioned Luddites and bean-counters will tend to take the path of least resistance.

        In this case they will simply transition from one browser to the next, clutching at whichever one continues to support their existing infrastructure (or habits). In practice this means that first Google and now Mozilla are really just pushing everyone (in the workplace, at least) back to IE.

        At least until Microsoft kills it with Edge, and even then the Luddites and bean-counters will just use older browsers, older operating systems, older whatever they need to not spend any money and/or change their habits.

        Sadly I can't suggest an easier solution. There will always be extreme resistance where money (or familiarity) is involved. It's just a pity that, as ever, it always seems to be the majority at the bottom who end up being sacrificed by the elite Do-ocracy in the name of progress.

        1. Ilgaz

          Re: disabling ubiquitous technology

          I really don't think they will change a working thing (updated Java is fine) as these guys are paying millions of dollars to IBM so they can run 25 years old application unmodified.

    2. Len
      Headmaster

      Re: unsafe at any sandbox

      The problem with disabling Flash all together, and one that Mozilla has referred to in the past, is that a lot of older content is in Flash.

      Of course, nobody should have been creating anything new in Flash for years now. However, a large part of historic websites from roughly 2000 - 2010 would simply be unviewable if Flash support would be stripped out of a browser. Archival for historical purposes is hard enough as it is and digital ironically makes some things harder. A pamphlet published in 1980 will always exist after it has been printed, a web site published in 2000 only exists as long as it is published on a web server somewhere.

      Unless someone creates something that converts existing Flash sites to HTML sites or develops a safe Flash player (not created by Adobe, thank you very much) those pages might be lost. If I recall correctly Mozilla is actually working on one of these solutions precisely for this reason.

    3. Charles 9

      Re: unsafe at any sandbox

      What about all those industrial control interfaces for critical, expensive, irreplaceable machines that can't run on anything BUT Flash? Some people have no choice BUT to swim with sharks for a living.

      1. asdf

        Re: unsafe at any sandbox

        >What about all those industrial control interfaces for critical, expensive, irreplaceable machines that can't run on anything BUT Flash?

        Oh yeah the homeland will be so secure next war :(. Again ideally flash should run on Chrome in *nix in a VM. Get three rings of protection that way and four if the *nix has proper RBAC or jails. Short of malware itself it really is one of the most insecure pieces of software possible on your machine along with Java. Security and ogres are like an onion.

        1. asdf

          Re: unsafe at any sandbox

          Forgot to mention the obvious that whatever user you run chrome under should have the least privileges (regular user, no sudo access at minimum) possible.

          1. This post has been deleted by its author

          2. defiler

            Re: unsafe at any sandbox

            For me, minimum permissions also includes a domain-wide Software Restriction Policy which stops users being able to execute any binaries from folders they have access to. So where does Chrome put Pepper Flash? Into the user's profile.

            Then the users complain that websites don't work until we set "deny" permissions on their PepperFlash folder. As if all those years of Chrome installing to the user's local profile wasn't infuriating enough.

            Pepper Flash couldn't burn fast enough for me.

            1. Anonymous Coward
              Anonymous Coward

              Re: unsafe at any sandbox

              And meanwhile someone will probably just find a privilege escalation exploit in Flash to go past the whole mess, regardless of installation.

        2. Charles 9

          Re: unsafe at any sandbox

          " Again ideally flash should run on Chrome in *nix in a VM."

          But with only one set of targets, they'll know how to chain them: break Flash to break Chrome to attack the hypervisor, then you're back to square one with performance penalties to boot and again no affordable way to replace the hardware that can ONLY be controlled by Flash. And it's not a matter of IF but WHEN.

          1. asdf

            Re: unsafe at any sandbox

            >break Flash to break Chrome to attack the hypervisor

            Zero days on hypervisors are extremely valuable and unless you are doing IT support for upper management in a large corp probably not a worry. They also tend to get patched very quickly when found. Needless to say if you don't keep everything patched daily then yeah it not near as secure.

        3. Anonymous Coward
          Anonymous Coward

          Re: unsafe at any sandbox

          Or even better, Qubes OS.

      2. Ilgaz

        Basic fix

        Use GNU gnash instead of Flash. That was the thing to do (including promoting it as an option) by open source community instead of monkeying with a clearly badly written piece of software. It would never do Netflix but it will work fine for an interface.

        1. patrickstar

          Re: Basic fix

          gnash only supports really ancient Flash content (no AVM2 support), so anything developed the past 10 years or so is off-limits to it.

  3. Anonymous Coward
    Anonymous Coward

    Well that's a complete volta-face by Mozilla as they were rabidly opposed to PPAPI and declared that they would never support it while clinging on to the old and very insecure NPAPI.

    When your user base is collapsing alarmingly then it's amazing just how much humble pie you can eat.

    1. Anonymous Coward
      Anonymous Coward

      For info, it was marked won't fix on Mozilla's bugzilla:

      https://bugzilla.mozilla.org/show_bug.cgi?id=729481

    2. Dan 55 Silver badge

      I don't think their user base is collapsing because they were using NPAPI. In fact it's a point in Firefox's favour given the amount of NPAPI plug-ins out there. NPAPI was given a sandbox in 2015 and they are (well, maybe were) improving it.

      As with most things, Mozilla seem to have decided that if it takes effort to maintain then that means they have to drop it. They're well on their way to making Firefox a new theme for Chrome.

      Whilst some web designers might think, "Great, I don't need to test anything any more, I'll just target Webkit", they forget that that'll lead to the same situation as IE6 before and there are a load of different versions of Webkit floating about out there anyway.

      1. Richard 12 Silver badge

        So Mozilla, why should I use Firefox?

        Now that it looks like Chrome, and you're making it talk like Chrome.

        Why shouldn't I just use Chrome?

        1. Version 1.0 Silver badge

          Re: So Mozilla, why should I use Firefox?

          <clueby4>If you are asking the question then I don't think you'll understand my answer so I'm not going to waste my time.</clueby4>

        2. Mage Silver badge

          Re: So Mozilla, why should I use Firefox?

          Certainly they have concentrated on maiming the GUI, making it like bad version of a mobile app and ignoring important issues. Print Selection? Has it ever worked properly. If selection is on 7th page it might print 6 empty pages with headers and footers.

          "Shrink to fit" seems dodgy.

          Security defaults are wrong and awkward.

          1. asdf

            Re: So Mozilla, why should I use Firefox?

            >Mozilla, why should I use Firefox?

            One word. Noscript. It should be your go to browser (or a derivative like Pale Moon that I like) for logging into sensitive sites. With that use case in mind you should probably avoid for random browsing and avoid installing any plugins at all with it and use the ESR version.

            1. Updraft102

              Re: So Mozilla, why should I use Firefox?

              Netscape, Mozilla Suite, and Firefox (and derivatives) are the only PC browsers I've ever used (beyond evaluation or Windows updating) since 1996, so I obviously "get it," but I also get what Richard is trying to say. Firefox fans should be upvoting his post!

              For a long time, Firefox has been trying to mimic Chrome. The entire UI was butchered to make it more like Chrome... various options removed to make it more like Chrome. I've taken them to task about it several times; I've lost count of the total times I've seen some feature or option removed or changed because "Chrome does it that way," with no other explanation given for the change.

              The things that make us still want to use Firefox instead of Chrome are being removed, one by one, in an insane quest to try to mimic Chrome in every way possible. If it keeps going in this direction, all of the reasons people gave when answering Richard's rhetorical question will be removed, one by one. If MS changes the addon APIs so that we have to use Chrome addons (because they're more secure, or whatever reason they will come up with), what good would Firefox be? It's already nearly unusable without addons (it needs Classic Theme Restorer right out of the box for sure; it's a convoluted, goofy eyesore without it). Pale Moon is almost certainly not a big enough project to handle all of the heavy lifting of maintaining the Firefox addon APIs (and the addon library) if the FF code base abandons them.

              The point is that Firefox users use Firefox because it's NOT Chrome. If we wanted the Chromiest browser we could get, we'd actually go get Chrome itself. They've fallen into the pattern of trying to ape the market leader in every way in the hope that this will somehow bring them market share... after all, Chrome does it this way, and they have the most market share, so if we do it that way, we'll get market share too!

              Firefox was once the challenger to the corporate giant trying to dominate the internet. Now they're the biggest cheerleader of the new corporate giant trying to do the same.

        3. Anonymous Coward
          Anonymous Coward

          "Why shouldn't I just use Chrome?"

          To stay away from Google data slurp, for example?

        4. anoco

          Re: So Mozilla, why should I use Firefox?

          Besides the fact that Chrome is THE telescreen, there are the plugins that make FF such a pleasure to use...

          I have just installed one that periodically minimizes the amount of memory that FF likes to bogard during a normal session. Now FF only stalls for a few seconds during the minimization event instead of the several minutes of freeze when it reached around 2GB of usage on a 24GB machine, with just one page open.

          Yeah... maybe the right idea is to make a Firefoxium. Since Mozilla can't code anymore, at least we could avoid the telescreen direct connection to Oceania.

      2. Anonymous Coward
        Anonymous Coward

        @Dan55

        NPAPI Flash in FF wasn't an issue for Win/MAC users but it certainly was for Linux. Stuck on V11 (another recent volta-face) and due for EOL next year. This left chromium or derivatives as your only option if you needed to interact with a site that required flash > V11

        Personally I think the world would be a better place if flash died immediately on all platforms.

        1. Anonymous Coward
          Anonymous Coward

          "Personally I think the world would be a better place if flash died immediately on all platforms."

          Except too much DEPENDS on Flash. And that includes important control software for critical machinery.

        2. P. Lee

          >Personally I think the world would be a better place if flash died immediately on all platforms.

          Well yes, but that only shifts the problem. The real problem is that the OS isn't providing protection from malicious software.

          We need that, and we need to be willing to take the performance hit required to do it properly.

          1. Text-based security manifests detailing what an application needs, before it installs (or runs, if it isn't "installed" software.).

          2 System-based HTTP security proxies, so we can track bad requests.

          3. No network/raw sockets without permission/manifest

          4. No disk access outside a temporary area unless noted by the manifest and agreed to by the user/admin.

          5. Severely restricted system calls for anything not "properly" installed.

          6. Multiple application installations / kick-off options for privileged and non-privileged use. That Enterprise App which needs IE can get its privileges. Normal browsing gets almost nothing.

          Flash is just an instance of an issue. We should *not* be relying on applications to police access to resources. That is the OS' job.

          Don't do the fruitless search for bad software that AV does, set up a framework where the OS can easily manage all software. It is hard, and it may not have instant take-up, and it may take several iterations to get right, but it should be do-able. We don't need a VM, we just need decent permissions management for more than just disk files and it needs to be built in, not retrofitted like EMET.

        3. Random Handle

          "NPAPI Flash in FF wasn't an issue for Win/MAC users but it certainly was for Linux. Stuck on V11 (another recent volta-face) and due for EOL next year. This left chromium or derivatives as your only option if you needed to interact with a site that required flash > V11"

          Linux NPAPI Flash Player is riding again - Adobe quietly released a new beta of the Flash 23 runtime for Linux 5 days ago - although you'll still need to drop back to 11 and Google for HWA/DRM etc.

      3. Anonymous Coward
        Anonymous Coward

        NPAPI support VLC

        I hope VLC plugin is made to work with PPAPI by the Time firefox stop it being used as i NEED it for one of my devices and my choice of Browser is slowly being reduced on My Desktops otherwise im limited to my mobile devices with individual Apps. :-(

  4. Digitall
    Stop

    Out of the frying pan..

    ..and into the firefox!

    Kill flash completely!

    Pdf viewer in firefox is fine as it is.

    1. Charles 9

      Re: Out of the frying pan..

      It NOT fine as it is. It can't do FORMS.

      1. Dan 55 Silver badge

        Re: Out of the frying pan..

        It's a viewer, it's not supposed to fill in forms, sign, upload to cloud, and 1001 other security holes.

        1. Charles 9

          Re: Out of the frying pan..

          What good is a form viewer if you can't fill out the form? Forms are a type of document, after all, and it's hard to really trust ANY PDF viewer, so why not limit the attack surface?

          1. Crazy Operations Guy

            " What good is a form viewer if you can't fill out the form? "

            The vast majority of PDF's out there are just static documentation. Besides, its not like the built-in viewer is the -only- option. You can install the Adobe or FoxIt plugins and get the extra functionality that is only needed once in a blue moon.

          2. Dan 55 Silver badge

            Re: Out of the frying pan..

            The PDF viewer is limiting the attack surface by not doing form filling.

            1. Anonymous Coward
              Anonymous Coward

              Re: Out of the frying pan..

              Most PDF attacks are in the rendering engine, which can still be hit whether it can do forms or not. It's kinda hard to resave a filled form and e-mail it back unless you can fill it out (and I'm important stuff like government forms), and turning it over to a third party program increases your attack surface.

  5. wolfetone Silver badge

    Remember when web browsers were different, didn't converge, yet still managed to abide by the W3C standards*?

    Pepperidge Farm remembers.

    * Not you Internet Explorer.

    1. Havin_it

      Pfft. Pepperidge Farm must be going a bit Nana Moon.

      There were rendering inconsistencies between all browsers. CSS positioning rules, box model, link pseudo-selectors (shudder) without even beginning to think about the JS incompatibilities (my nurse says I mustn't do that any more) ... OK, IE gave us a lot more work to do than the others, but don't claim the rest were all singing from the same hymn-sheet.

  6. bombastic bob Silver badge

    time to fork FF and make something better?

    is it time to fork Firefox and make something batter?

    I don't like the "hamburger menu", nor the tendency towards 2D FLATSO, nor the "flatso-looking touch friendly" preferences that are now web pages [and missing the "automatic updates" turn-off-ability which I don't want happening in my LINUX DISTRO, thank-you-very-much].

    I'd like to ROLL BACK to something more _SANE_, like a TRADITIONAL interface. Let it NOT open PDFs in a java-based PDF viewer, thanks. In fact, let's just DISABLE JAVA entirely. And flash. And support HTML5, but let people selectively SHUT IT OFF if they want [to avoid ads ABusing it].

    And how about BUILDING IN the capabilities of the 'NoScript' plugin? Either that, or ship it INSTALLED BY DEFAULT.

    I just hope that disabling NPAPI won't affect NoScript [and some of the other plugins I like to use].

    (it's amazing how FAST a site will load without jquery or nodejs loading EVERY! SINGLE! TIME! because some dweeb is ALWAYS making a tiny tweek to the ginormous libraries, one that forces a re-re-re-download of all of that monolithic scripting crap EVERY! SINGLE! TIME! )

    [I noticed that debian seems to have merged their iceweasel fork with firefox... bummer if I'm right about that]

    1. asdf
      Thumb Up

      try pale moon

      Pale Moon perhaps? It was forked around FF 25 or so (and is lightning fast for FF, not midori fast though). Only two drawbacks are its usually not in your distros repo but you can use their installer easy enough and some of the latest versions of FF addons don't work with it (Noscript does and browser comes with an XSS filter by default).

      1. This post has been deleted by its author

      2. Badger Murphy
        Thumb Up

        Re: try pale moon

        This can't be overstated! Anyone looking for a good Firefox fork, look no further!

        I've been using Pale Moon almost exclusively for over a year on multiple computers, and it is leaps and bounds ahead of Firefox in terms of stability and responsiveness.

        Also, it has stripped out so much nonsense that has been added by Mozilla over the years, such as 'Pocket', 'Hello', Australis UI, telemetry, and on and on.

        Also, it comes in a 64-bit flavor for those of us that have a computer and OS from this millenium.

        I've had great luck with compatibility with existing Firefox plugins, as well. Seriously, this Pale Moon thing is good stuff!

        1. bombastic bob Silver badge
          Devil

          Re: try pale moon

          "This can't be overstated! Anyone looking for a good Firefox fork, look no further!"

          I'll consider it, thanks. saves me the trouble of doing it myself, like when Mate forked from gnome 2.

        2. Updraft102

          Re: try pale moon

          Firefox has been available in 64-bit for a long time for Linux and Mac, and Windows finally got 64-bit ten months ago.

    2. Anonymous Coward
      Anonymous Coward

      Re: time to fork FF and make something better?

      and missing the "automatic updates" turn-off-ability which I don't want happening in my LINUX DISTRO, thank-you-very-much

      No. FF doesn't auto-update on any decent Linux distro, since it's a compile-time switch.

      java-based PDF [...] let's just DISABLE JAVA

      No. You really meant Javascript.

      I just hope that disabling NPAPI won't affect NoScript

      No. NPAPI is an interface for external plugins (out of process, through plugin-container). NoScript is an in-process extension, those are based on XUL/HTML/JS/CSS.

      it's amazing how FAST a site will load without jquery or nodejs [...] because some dweeb is ALWAYS making a tiny tweek to the ginormous libraries, one that forces a re-re-re-download of all of that monolithic scripting crap

      No. Hardly anyone tweaks this kind of libs, and they are quite fast to download (only a few hundred KB). They are slow to get loaded in the javascript engine though. Which can't be helped by using centralized download locations. Oh, and node.js is a server-side environment, not a client-side library.

      I noticed that debian seems to have merged their iceweasel fork with firefox

      No. Iceweasel was only a cosmetic rebrand of Firefox, because of copyright issues (can't use the name Firefox if you modify the software, which didn't fit Debian's way of backporting new security fixes to earlier versions). Mozilla having recently waived its restrictions in this regard, Debian went back to using the Firefox brand without changing its development process. So, no merging.

      PS: sorry to be such a know-it-all smart-ass but there was so much cluelessness in this post that I couldn't decently let it slip. Downvote all you like, I deserve it.

      1. bombastic bob Silver badge
        Flame

        Re: time to fork FF and make something better?

        RE: "there was so much cluelessness in this post that I couldn't decently let it slip."

        I've been doing this stuff for so long that my brain is getting full, so if I slip on a detail or two, especially late at night, who cares. I don't. Details details details. Whoopee twiddle.

        Nit-pickiness is just an irritant. what I meant and how you interpreted it apparently differ. so what if 'nodejs' is server-side, I probably was thinking of another thing, another monolithc package. whatever. And if I use the word 'merge' instead of some OTHER term, who gives a blank. So thanks for the nit-pick. NOT.

        I've been doing this schtuff for so damn long anyway that nit-pickiness is just an irritant. Usually the YOJNG and INEXPERIENCED dwell on such pointlessness. For the rest of us who are *NOT* *CLUELESS*, and probably write better and more complex [kernel level] code in a fraction of the time than the nit-pickers, it's JUST an irritant. Probably need to spray it with disinfectant or something...

        1. Anonymous Coward
          Anonymous Coward

          Re: time to fork FF and make something better?

          A [kernel level] developer who nevertheless confuses Java and Javascript. Riiiiiiiiight.

      2. bombastic bob Silver badge
        Meh

        Re: time to fork FF and make something better?

        "FF doesn't auto-update on any decent Linux distro, since it's a compile-time switch."

        I'm seeing hits on the update server in the latest Mint. And I checked the settings, and it seemed to be enabled in 'about:config' as 'app.update.enable' (etc). I turned it off. Still seeing plugin update scans, though, but no more hitting "app.update.url" since I shut the other stuff off.

        so yeah, it was obviously happening. and now it's not. But you're right, any DECENT Linux distro should NOT have this on, and having to use about:config to turn it OFF was irritating.

    3. Anonymous Coward
      Anonymous Coward

      Re: time to fork FF and make something better?

      "(it's amazing how FAST a site will load without jquery or nodejs loading EVERY! SINGLE! TIME! because some dweeb is ALWAYS making a tiny tweek to the ginormous libraries, one that forces a re-re-re-download of all of that monolithic scripting crap EVERY! SINGLE! TIME! )"

      It's also amazing how many sites don't load at all...including such places as driver repositories where I'm supposed to get updated drivers for my hardware (which, being the source, means no viable alternatives). Meaning I MUST enable them to keep my stuff updated and safe. And since it's like this across the board for hardware and they can flee to countries who could care less about standards, sometimes it feels like you just can't win.

    4. Updraft102

      Re: time to fork FF and make something better?

      The hamburger menu is a UI abomination. It is something of a necessity on phones, as touchscreens need large buttons and controls (a mouse's hotspot is one pixel, and you can position it precisely before clicking; a fingertip on a 1080p smartphone's screen can cover six thousand pixels, and there's no precise positioning possible before the tap), and a phone has very limited screen space as it is. Having all of the usual buttons and controls on-screen like a traditional PC program would take up all of a phone's screen space, with no room for the content... so all of that stuff is pushed off into the hamburger menu, the kitchen junk drawer of user interfaces. Compared to the traditional menu bar, it's less intuitive, requires more drilling and clicking, and makes it harder to find the option you're looking for.

      That's one way the "mobile first" mentality harms us over here in desktop land. With hamburger menus being seen as normal instead of the unfortunate UI kludge that they are, we're being forced to deal with them even though we don't need them on our large-screened, mouse (or touchpad) driven computers. Mozilla's decision to remove the menu bar and replace it with a hamburger menu on the PC edition of Firefox is one of those Jackie-Chan-expressing-disbelief meme moments.

      Pale Moon is that fork you ask for, as asdf already noted.

  7. Anonymous Coward
    Anonymous Coward

    Why not go the whole hog and make Firefox a Chrome skin, like Opera did?

    It's seriously depressing how much ground has been lost to google.

    When will the internet be renamed googlenet?

    1. Anonymous Coward
      Anonymous Coward

      Re: Why not go the whole hog and make Firefox a Chrome skin, like Opera did?

      As soon as Goog and Failbook manage to decide which half of the internet they command.

  8. dshan

    It's All Core

    If a technology is "required to provide a complete web browsing experience" then I'd say by definition it's "a core piece of the web platform" and so should be in Mozilla's wheelhouse.

    As noted by others Firefox's PDF viewer works very well now, and I recall they spent a lot of time and effort to develop it using Javascript. They said at the time this was so it would be easily expandable and maintainable; to just dump it now for another viewer seems odd to say the least.

    Also, why bother doing anything further to Flash now, just kill the sucker and be done with it. If they make it more "secure" it'll just be another excuse for websites to keep using it.

    1. Charles 9

      Re: It's All Core

      "Also, why bother doing anything further to Flash now, just kill the sucker and be done with it. If they make it more "secure" it'll just be another excuse for websites to keep using it."

      Because many people don't need an excuse...they're REQUIRED to use it, and the requirement won't be going away anytime soon.

  9. AceRimmer1980
    Pint

    Re:Firefox to doctor Pepper

    What's the worst that could happen?

  10. Anonymous Coward
    Anonymous Coward

    FLASH....

    ...aaaaahaaaaaaaaa!

    Savior of the universe!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like