The IT Nerd

Firefox 5 has just hit the streets today. Of course it is making its appearance shortly after Firefox 4 showed up. Why the quick release? Here’s the quick hits from the release notes:

• Added support for CSS animations
• The Do-Not-Track header preference has been moved to increase discoverability
• Tuned HTTP idle connection logic for increased performance
• Improved canvas, JavaScript, memory, and networking performance
• Improved standards support for HTML5, XHR, MathML, SMIL, and canvas
• Improved spell checking for some locales
• Improved desktop environment integration for Linux users
• WebGL content can no longer load cross-domain textures
• Background tabs have setTimeout and setInterval clamped to 1000ms to improve performance

All are worthy upgrades. Although Microsoft has had a few things to say about WebGL that weren’t all that positive. Mozilla doesn’t see it that way. Shock, not. So I would download away and post your impressions below.

Mozilla’s latest web browser Firefox 4 is now available for you to download. Here’s a few reasons to consider using it:

• Much like its main competition from Microsoft, there’s a new user interface.
• Firefox Sync gives you access to bookmarks, open tabs and passwords across computers and mobile devices.
• A 6x speed boost.
• Improved privacy features.
• Crash protection from problematic plugins like Flash.

You can grab it from this link. Now that Internet Explorer and Firefox have kicked out their latest efforts, and Chrome sits in the wings, who’s the king of the web?

Are you sick of plug-ins like Flash crashing your browser? If so, you should update to Firefox 3.6.4 ASAP as that includes a new feature called “Crash Protection” which prevents Flash, Silverlight, and Quicktime crashes from bringing down your entire browser (although the only browser crashes that I ever experience are Flash related). But, Mac users who according to “The Steve” need this sort of protection because Flash sucks need not apply. Here’s what the Mozilla Blog had to say about that:

At this time Firefox offers crash protection for Adobe Flash, Apple Quicktime and Microsoft Silverlight on Windows and Linux computers. Support for other plugins and operating systems will become available in a future Firefox release.

Charming. That means that all that Mac users get are bug fixes and security fixes. That’s not a bad thing. But if you want crash protection, I guess you’ll have to use Google Chrome.

If you haven’t updated to Firefox 3.6.3 yet, what are you waiting for? The latest version of Firefox plugs the hole that was used to hack the browser at Pwn2Own where every major browser was hacked. According to the security advisory, here’s what was fixed:

A memory corruption flaw leading to code execution was reported by security researcher Nils of MWR InfoSecurity during the 2010 Pwn2Own contest sponsored by TippingPoint’s Zero Day Initiative. By moving DOM nodes between documents Nils found a case where the moved node incorrectly retained its old scope. If garbage collection could be triggered at the right time then Firefox would later use this freed object.

So if you haven’t updated, do it now! At least one browser cares enough to close the holes found at Pwn2Own. As for the rest, what are you guys waiting for?

Apparently the rumors were true. Firefox 3.6 is out and you can download it from here. The Mozilla blog has all the details of what’s new in this version of Firefox, but here’s the highlights:

• Personas: Personalize the look of your Firefox by selecting new themes called Personas in a single click and without a restart
• Plugin Updater: To keep you safe from potential security vulnerabilities, Firefox will now detect out of date plugins
• Stability improvements: Firefox 3.6 significantly decreased crashes caused by third party software – all without sacrificing our extensibility in any way
• Form Complete: When filling out an online form, Firefox suggests information for fields based on your common answers in similar field
• Performance: Improved JavaScript performance, overall browser responsiveness, and startup time
• Open Video and Audio: With the world’s best implementation of HTML 5 audio and video support, now video can be displayed full screen and supports poster frames

All of this sounds really cool. I’m downloading it now and will be test driving it shortly. As soon as I have some feedback, I’ll post it here.

UPDATE: Firefox 3.6 seems a lot faster. I can’t comment on anything else yet. But the speed increase is well worth it.

If the Google hack that was helped along by Internet Explorer has you a bit spooked, then you may have an alternative. According to the MozillaWiki, Firefox 3.6 is due to be released tomorrow. Here’s some proof:

One thing to keep in mind is that Firefox 3.6 has been plagued with delays, so it wouldn’t be a shock to see the ship date slip. But on the other hand, it could mean that it’s finally ready and we’ll actually get our hands on it.

Tune in tomorrow to see which it is.

Firefox 3.5.3 is now available and to get it, click “Help” followed by “Check For Updates” or you can download it here. The big news is that besides nuking a bunch of security related issues, it actually checks to see what version of Adobe Flash you’re running and if you’re running a version with a security hole it will prompt you to update. That’s a very good feature and I hope that they check other plug-ins in the future as that is a great way to ensure that you’re completely secure. If you’re a Firefox user, I’d download it ASAP.

Firefox has been updated to version 3.5.1 to fix a number of security and stability issues according to the release notes. However one of those issues was apparently self inflicted. However security issue in question was “self inflicted”:

“Looking at the exploit code and our test cases, I think this is self-inflicted and we should have hidden the bug earlier,” argued Andreas Gal on Bugzilla. Gal is a project scientist at the University of California, Irvine, where the technique called “trace trees” was developed. Firefox 3.5’s TraceMonkey engine is based on that technique, and builds on code and ideas shared with the open-source Tamarin Tracing project.

Another contributor agreed. “It would seem that the Milw0rm exploit code is based on the test cases for this bug,” said someone identified only as “WD” in the same Bugzilla thread. “When you look at the crash details in a debugger, it’s pretty clear that it’s exploitable with a heap spray to the access violation address in question.”

At least they fixed it quickly after taking responsibility for the issue. That’s refreshing. I highly recommend that you update to this release now if you’re Firefox user.

For those of you who were waiting for Firefox 3.5 to hit the streets, it’s now available for download. An early review of it was posted on Slate and it’s positive. I’m downloading it right now and I’ll have some impressions shortly. But if you’ve got something to share, feel free to leave a comment.

UPDATE: Every man, woman and dog appears to be downloading this as their download servers are being hammered. But I managed to get a couple of my computers upgraded. My immediate thoughts are that it’s a lot faster than it has been in a very long time. Safari and Chrome may have to watch their backs.