Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Should firefox be removed from portage?
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2  
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6305

PostPosted: Sun Feb 07, 2016 2:03 pm    Post subject: Reply with quote

Related news: The following patch was just merged into the palemoon overlay :D

When you sync the palemoon (and mv) overlays (and possibly reemerge current palemoon-26.0.3), you can now install most extensions from www-plugins/* (of the mv overlay) also with BROWSER="palemoon ..." system wide.
Back to top
View user's profile Send private message
Cyker
Veteran
Veteran


Joined: 15 Jun 2006
Posts: 1746

PostPosted: Mon Feb 08, 2016 1:56 pm    Post subject: Reply with quote

+ 1 vote for keeping.

Personally I think every single thing ever made ever should be in Portage (I'm still waiting for TDE... :D) - It should be up to US what we install.

Of course this isn't practical in the real world as our poor maintainers are already having a heck of a time keeping everything interoperating (Although some have been a bit lazier than others with the whole "This doesn't work? Rather than fix it, I'll just add more dependencies until it does!" mindset)

Every time something is removed from Portage it makes me sad :(


<pointless whining>
As for web browsers, well, we're basically back in the 90's.

We were nearly at a good place, had nearly dug ourselves out of the old Netscape vs IE pit, and could use any browser we wanted... but now we're right back in it again except it's Chrome vs Firefox.

I still use Opera 11.64 and 12 (The last Good browsers on the planet :P) and keep a Chromium that's in a forced incognito-mode for websites that really really won't work in my old Opera.

The problem I have is I HATE the interface and design of all current browsers - They appear to have been made for IDIOTS. Not one of them comes close to even just the interface functionality of the old Opera, which is absolutely hilarious and depressing at the same time. My only hope right now is that its spiritual successor, Otter, becomes a good enough replacement that I can switch to it fully, but it's got a long way to go...
Back to top
View user's profile Send private message
msst
Apprentice
Apprentice


Joined: 07 Jun 2011
Posts: 243

PostPosted: Mon Feb 08, 2016 8:44 pm    Post subject: Reply with quote

Quote:
every single thing ever made ever should be in Portage


I would except heavily outdated and unmaintained stuff that cannot be compiled any more without pulling super-old libraries due to everything else beeing on much newer major versions of the libs.

Because this is actually anyway booby trapping the automatic emerge-build process if you need to hand pull old libs that are long gone to get something to run. One can as well hand-compile that single outdated package then.
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Wed Feb 10, 2016 2:46 pm    Post subject: Reply with quote

first appeared on Should firefox be removed from portage?

Far from removing Mozilla Firefox! An uninformed idea!

Especially not in favor of Schmoog's own Chrome. Tragicomical! (Schmoog is a term of endearment for the Octopus of the Internet.)

And it's an really uninformed idea. Because it seems, Princess, that you are suggesting it because they allegedly don't support privacy, because of one particular functionality regarding cookies..

I thought, and I believe you can remember (
Updating and keeping your Gentoo non-poetterized wrote:
...looked up Princess Nell's profile and posts. No, not much about Firefox, to expect that she be into it deep enough, it appears to me. Packet capturing, brother in *nix. And see whether my claim about data harvesting and Google sitting in there is true or not!

), that the Schmoog was sitting in Zilla FF. Previously it even really seemed to be the case.... But I really had a change of mind, and for good reasons. Have a look:

More non-Decryptables (from Mozilla Cloud)
https://forums.gentoo.org/viewtopic-t-1034140.html#7848104

I have recently delved ever deeper in capturing traffic (actually I'm obsessed to control what goes in and out of my machine, when online being crucial)...

It appears to me that Mozilla devs have taken tracking protection seriously.

I did find occasionally the disconnect.me-banned (

https://disconnect.me/

) Schmoog packets in my dumps (and I wasn't accessing the Octopus's pages). But it's usually because of the referer!

E.g. I stuck this filter:

Code:

http.request.method == "POST" || http.request.method == "PUT"

(
which can be found on pages:
http://www.askapache.com/software/sniff-http-to-debug-apache-htaccess-and-httpdconf.html
)

into a dump gotten from my online session with various pages in Firefox open, during which time I was updating my local mirror with a couple of GB's worth of packages... With my rsync scripts, as I descrribed on:

Air-Gapped Gentoo Install, Tentative
https://forums.gentoo.org/viewtopic-t-987268-start-50.html#7871852

which was one of the pages open. Only opened, not touched --none of the previously opened pages was touched at all-- during the rsyncing (which takes long on my slow connection).

================ No, I misremembered. Went to look up, and pls. note that
GitHub.com did not do that! I'll correct this, and explain A.S.A.P.
================ N Sorry!

And I got only one found that appeared unwarrnted, and was from the Schmoog. But, it was referred to by the github.com where I just previously pushed my:

https://github.com/miroR/tshark-streams.git

So, to me, they do appear to take the promise of tracking protection seriously!

And I hope the Chrome supporters come to their senses! Chrome glitters I believe. But if you think you'll get privacy from the Octopus?? C'mon!

And lest I forget: private browsing, strict private browsing in the Preferences. They do seem to uphold it... To me, they do seem to. And the setting: no cookies, and fill in exceptions to the rule. I can bank, and do other stuff (when I don't have other network problems)... And no bother with cookies...

Regards!
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Wed Feb 10, 2016 6:07 pm    Post subject: Reply with quote

Pls. note that I corrected some details in the previous post.

I went to look up, in my uncenz archives (that I do with my primitive uncenz program), and found the http.request.method=="POST" by the referer github.com to the Schmoog, but in a dump of my online time when I was, two days. or one day (not so mild headache today disabling me somewhat), previously than my rsyncing of my mirror which I erroneosly remembered in the previous post.

And at that time I was working on Github, creating that new repo, and pushing to it, and as long as they did not give my password to the Schmoog, it's just a venial sin what they did.

And I'll post what they sent by post from my machine to the Schmoog, in this post that you are reading, if I am allowed... Sorry again!

Working (not a little work to get the info here, patience).
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Thu Feb 11, 2016 5:22 pm    Post subject: Reply with quote

miroR: whut?
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Fri Feb 12, 2016 9:43 am    Post subject: Reply with quote

steveL wrote:
miroR: whut?

In Defence of Firefox: some Harvesting by Referal Decrypted
https://forums.gentoo.org/viewtopic-t-1038896.html
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6345

PostPosted: Fri Feb 12, 2016 1:41 pm    Post subject: Reply with quote

Oh ffs, here we go again...
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6305

PostPosted: Sat Feb 13, 2016 7:56 am    Post subject: Reply with quote

@miroR: Could you summarize what is your point concerning firefox which makes their commercial route acceptable?

If I understood your posting correctly, your only argument is that the "don't accept cookies" option (with possible explicit exceptions) actually does what it announces?
Is this any different from the corresponding option in other browsers like palemoon?

For me there is only one (but very important) reason why I currently have firefox on my system besides palemoon. Namely, a lot stuff simply does not work with palemoon: Mainly multimedia, but also some simple sites requiring javascript do not work properly with palemoon. I don't know whether it is the fault of these sites or palemoon, but in the end this plays no role for me - I simply need to have firefox for such sites.

So I am strongly against removing firefox from the gentoo repository (yet), independent of any policy.
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Sat Feb 13, 2016 6:30 pm    Post subject: Reply with quote

mv wrote:
@miroR: Could you summarize what is your point concerning firefox which makes their commercial route acceptable?

I'm not aware of the commercial route in the least (or almost; I'd really have to dig deep to find any traces of that...), if Firefox is used the way I described. They are not obtrusive at all, if used that way, it seems to me..

mv wrote:
If I understood your posting correctly,

"my posting" meaning the topic these lines that I'm writing are in, and this other topic:
In Defence of Firefox: some Harvesting by Referal Decrypted
https://forums.gentoo.org/viewtopic-t-1038896.html

mv wrote:
your only argument is that the "don't accept cookies" option (with possible explicit exceptions) actually does what it announces?

I'm quite convinced that it does so. But as can be read in that other topic, I call anybody to prove otherwise, as I'm not an expert.

But you write that it is my "only argument". I've really engaged to write that other topic, and, yes, it's incomplete in that I show only that single way to get privacy taken care for by FF.

I can't find time to investigate what goes on in cases when one does not employ Private browsing, nor any Tracking-protection at all. Because I can do all that I need with those enabled...

However, privacy is, it seems to me, enabled and properly cared for in FF if you go that way, and anyway, generally, both total relaxed comfort and true privacy, I don't think can be had in any browser, really...

mv wrote:
Is this any different from the corresponding option in other browsers like palemoon?

Sadly, I don't have any experience with palemoon.

The thing is, the (mostly) Mozilla NSS and the ability for common users like me to decrypt SSL, and the kind replies that I got from some of the leading Mozilla devs in Mozilla security-dev , and that I presented here on Gentoo Forums in at least two places (

Mozilla Cloud non-Decryptable Download?
https://forums.gentoo.org/viewtopic-t-1031758.html#7835876

More non-Decryptables (from Mozilla Cloud)
https://forums.gentoo.org/viewtopic-t-1034140.html#7848104
)
has made me appreciate the Mozilla efforts at privacy greatly.

mv wrote:
For me there is only one (but very important) reason why I currently have firefox on my system besides palemoon. Namely, a lot stuff simply does not work with palemoon: Mainly multimedia, but also some simple sites requiring javascript do not work properly with palemoon. I don't know whether it is the fault of these sites or palemoon, but in the end this plays no role for me - I simply need to have firefox for such sites.


mv wrote:
So I am strongly against removing firefox from the gentoo repository (yet), independent of any policy.

I could hardly bear to see that anyone would even suggest to remove it, so I
decided to write that other topci/article/tutorial (it has, in some of its aspects, properties of all the three). It took me a lot.
Somobody prove I was wrong in my assumptions in that article, I dare anybody! (Well, if we started talking deep into certs, I could get lost :oops: )

And, to anybody, again, what do you people think of using and installing Chrome and having Schmoog the Octopus take care of users' privacy? Because this topic is a suggestion to remove Firefox from portage because of privacy concerns, and some people have in this post, recommended... uhm... Chrome... uhm...
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6305

PostPosted: Sat Feb 13, 2016 10:53 pm    Post subject: Reply with quote

Quote:
I'm not aware of the commercial route in the least (or almost; I'd really have to dig deep to find any traces of that...)

You just have to start the binary version of firefox with the default settings:
You'll get the "pocket" button for which mozilla gets paid, perhaps meanwhile some links to facebook; on empty pages you get advertisement based on analysis of your clicks etc.
I consider this much more severe than what google did: google never made a secret that they collect data and make money from selling the corresponding advertisements. In contrast, mozilla started this route unobserved by the public.

(BTW: I consider your example extremely poor. The github website explicitly requests google analytics; perhaps they have a contract. So blaming google that it is called in such a case is inappropriate.)
miroR wrote:
mv wrote:
your only argument is that the "don't accept cookies" option (with possible explicit exceptions) actually does what it announces?

I'm quite convinced that it does so.

Yes, probably. Like every other sane browser. So why do you think that firefox is special concerning privacy?

The privacy intrusions of recent firefox versions are legend:
  • firefox sync used to be private so that things were encrypted on your machine before sending - mozilla could not access this data. This is no longer: They harvest the data themselves!
  • Same for the advertisements on the empty page: mozilla analyzes your traffic to send you advertisements by default.
  • Unless you take measures to install a minimal version of firefox, all your nearby SSIDs your machine sees are harvested.
  • Geolocation is yet another privacy-violating misfeature (the excuse for the SSID harvesting)
  • telemetry
  • There is a "data reporting" misfeature - not exactly sure what it does, but I guess it deserves its name
  • regular "health reports" sent to mozilla
  • A lot of other things, see https://airvpn.org/topic/15769-how-to-harden-firefox-extreme-edition/
True, most of the things can still be switched off, but the point is that these things are all switched on by default, and they are hidden to the "normal" user through about:config settings. It seems with every new firefox release new ideas are tacitly introduced to get to your data. Moreover, it is not always possible to reobtain the privacy. For instance, for the new firefox sync you can only reobtain your privacy by not using sync any longer.

In contrast, palemoon bases on a sane version of firefox where all these things were not introduced yet. Palemoon also has the previous sync method of firefox which respects user's privacy.
Back to top
View user's profile Send private message
miroR
l33t
l33t


Joined: 05 Mar 2008
Posts: 826

PostPosted: Sun Feb 14, 2016 5:46 am    Post subject: Reply with quote

I have sparsed "[citation needed]" in my reply, because I have very limited time for my reply. However, some "citations" will be very very hard to come by (like next to the string "World's Super-Spy")
mv wrote:
Quote:
I'm not aware of the commercial route in the least (or almost; I'd really have to dig deep to find any traces of that...)

You just have to start the binary version of firefox with the default settings:
You'll get the "pocket" button for which mozilla gets paid, perhaps meanwhile some links to facebook; on empty pages you get advertisement based on analysis of your clicks etc.
I consider this much more severe than what google did: google never made a secret that they collect data and make money from selling the corresponding advertisements.

You have a point here. But no, Mozilla actions are not much more severe than Schmoog's actions generally, although this is a severe failing. But they do not compare generally, I would hope (you have swayed me a little). And when It, the Octopus, does some stuff in public, It covers up so much more from public.
mv wrote:
In contrast, mozilla started this route unobserved by the public.
That is probably why Monica Chew, Mozilla developer, had left (has she been back in the meantime?). From some of the links by the Mozilla devs that I gave, it should be possible to reach to articles about her, and also McCracker mentions her:
More non-Decryptables (from Mozilla Cloud) wrote:
I would think this is part of the new "tracking protection" functionality just rolled out by firefox. You should ask Monica Chew about about it.
And more there.
And Schmoog the Octopus has always done it all in public whatever they have ever done, sure?! Very sure... C'mon!

Like when they harvested wireless nodes (everybody's and anybody's) when they went on taking shots of all streets in very many cities of the world, for whatever the project was called (I read about it in The Guardian, a few years back, do not remember details [citation needed])?

Like when they did not know that the NSA was sucking right at the ingresses/exits of theirs to the Trans-Atlantic cables decrypting all of their encrypted connections for the users, GMail, Google+, any, any whatsoever [citation needed]?

(
mv wrote:
BTW: I consider your example extremely poor. The github website explicitly requests google analytics;

and so I blamed them, for that.
mv wrote:
perhaps they have a contract. So blaming google that it is called in such a case is inappropriate.)
Search for, you or anybody, in that topic of mine, aa well as in my posts in this topic you are reading... [search for] the string "venial" and see that for that I don't blame the Schmoog, but those who probably have a contract with the Schmoog, the Github I blame. But that's a venial sin of GitHub, I repeat it here.

But I do blame Google for being, as I said there, the World's Super-Spy. Behind that Octopus is the NSA, and It works with probably almost all and any of the worlds' secret services. [citation needed]
mv wrote:
miroR wrote:
mv wrote:
your only argument is that the "don't accept cookies" option (with possible explicit exceptions) actually does what it announces?

I'm quite convinced that it does so.

Yes, probably. Like every other sane browser. So why do you think that firefox is special concerning privacy?

You may have a point here. It may not be special. But pls. don't try to suggest that Schoog's Chrome is the recommended replacement... Palemoon, that's a different story, like you write further below...

mv wrote:
The privacy intrusions of recent firefox versions are legend:
  • firefox sync used to be private so that things were encrypted on your machine before sending - mozilla could not access this data. This is no longer: They harvest the data themselves!
  • Same for the advertisements on the empty page: mozilla analyzes your traffic to send you advertisements by default.
  • Unless you take measures to install a minimal version of firefox, all your nearby SSIDs your machine sees are harvested.
  • Geolocation is yet another privacy-violating misfeature (the excuse for the SSID harvesting)
  • telemetry
  • There is a "data reporting" misfeature - not exactly sure what it does, but I guess it deserves its name
  • regular "health reports" sent to mozilla
  • A lot of other things, see https://airvpn.org/topic/15769-how-to-harden-firefox-extreme-edition/
True, most of the things can still be switched off, but the point is that these things are all switched on by default, and they are hidden to the "normal" user through about:config settings. It seems with every new firefox release new ideas are tacitly introduced to get to your data. Moreover, it is not always possible to reobtain the privacy. For instance, for the new firefox sync you can only reobtain your privacy by not using sync any longer.

I have never used sync, That's really something that goes somewhere near the category of "for the non-understanding masses", like I said for the passwords in the other topic, which this topic made me write.
And by saying what category I put the sync into, I'm not exculpating Firefox. No.

Thanks for the information. I have wrote what I observed in my, as you categorize it, poor example.

mv, I can't do much at all. I struggle to do things, employing extensive work. And I'm proud of that example, because it is technically correct. It is a little real decryption in action of figuring out a real harvesting.

And also I put in (if you download the bunch) the SUMS the SHA256 hashes of the original non-publishable PCAP, and screencast (their hashed are in commented), so, theoretically at least, someday I may even expand on it to show more.. And it is by that means, theoretically verifiable, by further work (if I change my password, and then publish them.

mv wrote:
In contrast, palemoon bases on a sane version of firefox where all these things were not introduced yet. Palemoon also has the previous sync method of firefox which respects user's privacy.

Thanks for the information! Maybe Mozilla is repairing on the damage created when Monica Chew left (and has she been back? Her being back would corroborate very much my stance, which is somewhat weakened now, in defence of Firefox).
Back to top
View user's profile Send private message
uxcn
n00b
n00b


Joined: 27 Nov 2015
Posts: 41
Location: Seattle, WA

PostPosted: Sun Feb 14, 2016 11:47 pm    Post subject: Reply with quote

I would vote for keeping. Gentoo is a meta-distribution... much to my chagrin. It's anathema to make choices for users.

Having said that, I personally wouldn't mind seeing a modern CLI alternative. Browsers could benefit from a ground up re-think; particularly dealing with user control. For example, HTTP by default, downloading images by default, storing cookies by default, downloading and running Javascript by default, etc...
_________________
Some possibly useful scripts...
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6305

PostPosted: Mon Feb 15, 2016 10:54 pm    Post subject: Reply with quote

uxcn wrote:
Browsers could benefit from a ground up re-think; particularly dealing with user control

++ I hated this lack of control already on the first existing netscape browser. That's why in the beginning I was very optimistic when I heard that some free organization "mozilla" had started a ground-up rewrite. Of course only, until the first versions appeared in which even the little user control of netscape was gone (like optionally not loading imagine until you press a button for a particular page you wish to see images). And things have only worsened since then.
Back to top
View user's profile Send private message
uxcn
n00b
n00b


Joined: 27 Nov 2015
Posts: 41
Location: Seattle, WA

PostPosted: Tue Feb 16, 2016 2:16 am    Post subject: Reply with quote

mv wrote:
++ I hated this lack of control already on the first existing netscape browser. That's why in the beginning I was very optimistic when I heard that some free organization "mozilla" had started a ground-up rewrite. Of course only, until the first versions appeared in which even the little user control of netscape was gone (like optionally not loading imagine until you press a button for a particular page you wish to see images). And things have only worsened since then.


I don't necessarily disagree with a lot of the stuff mozilla is doing, maybe even for non-obvious reasons. The thing that bugs me is that mozilla is presenting it like there's a dichotomy between user control and safety when it could easily be perceived as greed or laziness instead.

I don't want to rant, although there's a lot that does bother me about modern web browsers which I'm surprised nobody really reconsidered for the last ten years or so. For example, editing text... completely inseparable from browsing the web... even more so now than ever (e.g. Facebook, Google+, GMail, Yahoo Mail, MSN, Twitter, Stack Overflow, Github, Bitbucket, Atlassian, Forums, etc...). And yet everyone essentially implements their own text editor in Javascript.

I've been using elinks which is decent for a lot of stuff. It's best in a true-color terminal though.
_________________
Some possibly useful scripts...
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6305

PostPosted: Tue Feb 16, 2016 9:49 am    Post subject: Reply with quote

uxcn wrote:
The thing that bugs me is that mozilla is presenting it like there's a dichotomy between user control and safety

I do not understand what you mean here. Lack of control always means less safety. Everybody knows this, and I do not have the impression that mozilla presents it in the opposite way. IMHO, it is rather clear in the presentation that everything is done for those users who do not want control and safety (because they are too lazy or without the technical knowledge to control it correctly), i.e. for users who want to load and execute everything on every page out-of-the-box with all privileges the page might desire; unfortunately including all risks... a minimal safety is then restored as an afterthought by reporting fishing sites etc. - at the price of sending mozilla your whole usage date.
Back to top
View user's profile Send private message
khayyam
Watchman
Watchman


Joined: 07 Jun 2012
Posts: 6228
Location: Room 101

PostPosted: Tue Feb 16, 2016 12:18 pm    Post subject: Reply with quote

uxcn wrote:
The thing that bugs me is that mozilla is presenting it like there's a dichotomy between user control and safety

mv wrote:
I do not understand what you mean here. Lack of control always means less safety. Everybody knows this, and I do not have the impression that mozilla presents it in the opposite way. IMHO, it is rather clear in the presentation that everything is done for those users who do not want control and safety (because they are too lazy or without the technical knowledge to control it correctly), i.e. for users who want to load and execute everything on every page out-of-the-box with all privileges the page might desire; unfortunately including all risks... a minimal safety is then restored as an afterthought by reporting fishing sites etc. - at the price of sending mozilla your whole usage date.

mv ... you're missing a car analogy ;) ... "those users who place themselves in the drivers seat without the requisite skills to use said car, and then proceed to set the bar for who, or what, should "get outta the way" ... all with tacit approval of the manufacturer, the department of transport, etc"

best ... khay
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6345

PostPosted: Tue Feb 16, 2016 1:56 pm    Post subject: Reply with quote

Here's some food for thought... is the LICENSE="MPL-2.0 GPL-2 LGPL-2.1" line in the ebuild still valid? You aren't free to distribute the compiled binaries, even with corresponding source, because of Mozilla's trademark policy (an additional restriction that the GPLv2 does not allow).
Back to top
View user's profile Send private message
uxcn
n00b
n00b


Joined: 27 Nov 2015
Posts: 41
Location: Seattle, WA

PostPosted: Wed Feb 17, 2016 7:24 am    Post subject: Reply with quote

khayyam wrote:
mv ... you're missing a car analogy ;) ... "those users who place themselves in the drivers seat without the requisite skills to use said car, and then proceed to set the bar for who, or what, should "get outta the way" ... all with tacit approval of the manufacturer, the department of transport, etc"


Mozilla literally designed a language to improve safety for their users, so I'm not entirely sure I agree with that precise notion. However, I do think people are missing that firefox is in fact losing a lot of users, and has been for a while... to chromium. I've personally used it since it was firebird, and I still generally like it. However, being brutally honest I'm not really sure it's leading innovation anymore from a user perspective. Plugins are to a degree, but maybe that's the real point.

Ant P. wrote:
Here's some food for thought... is the LICENSE="MPL-2.0 GPL-2 LGPL-2.1" line in the ebuild still valid? You aren't free to distribute the compiled binaries, even with corresponding source, because of Mozilla's trademark policy (an additional restriction that the GPLv2 does not allow).


IANAL, but I would think MPL 2.0 covers the necessaries.
_________________
Some possibly useful scripts...
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6305

PostPosted: Wed Feb 17, 2016 7:39 am    Post subject: Reply with quote

uxcn wrote:
Mozilla literally designed a language to improve safety for their users

I still do not understand what you mean. Which language are you talking about? XUL is not a language and not related with safety. Do you mean javascript? I am not sure whether this was invented by mozilla, and I would consider it more as a safety threat.
If things like noscript, request-policy, ... were provided by mozilla and not by third parties exclusively, I would understand your argument.
Back to top
View user's profile Send private message
uxcn
n00b
n00b


Joined: 27 Nov 2015
Posts: 41
Location: Seattle, WA

PostPosted: Wed Feb 17, 2016 8:21 am    Post subject: Reply with quote

mv wrote:
I still do not understand what you mean. Which language are you talking about? XUL is not a language and not related with safety. Do you mean javascript? I am not sure whether this was invented by mozilla, and I would consider it more as a safety threat.
If things like noscript, request-policy, ... were provided by mozilla and not by third parties exclusively, I would understand your argument.


Rust, you can learn a little more about it here. Brendan Eich actually originally wrote Javascript with Netscape, which I would agree is currently out of control. I would also agree Mozilla isn't doing enough to address it, although they've stated they're working with the NoScript developers to try to ensure support through the transition to Web Extensions.
_________________
Some possibly useful scripts...
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6305

PostPosted: Wed Feb 17, 2016 11:38 am    Post subject: Reply with quote

uxcn wrote:
Rust

Now I understand perhaps what you mean. However, AFAIK the "safety" of rust means only things like type-safe, memory-safe, etc, i.e. features which prevent or linger accidental mistakes of the programmer of the language.. In this sense, also javascript is an equally "safe" language. This has not much to do with browser safety.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum