Firefox Now Blocking All Plug-Ins Except Latest Flash

[exfileme]

Now you get to choose if a plugin will play on a specific website.

Firefox Now Blocking All Plug-Ins Except Latest Flash : Read more

 

[LuckyDucky7]

That might be great, but how exactly does NoScript-by-default protect people from downloads and entities that they subsequently assume are safe (i.e. on completely legitimate sites)?

 

[A Bad Day]

[citation][nom]LuckyDucky7[/nom]That might be great, but how exactly does NoScript-by-default protect people from downloads and entities that they subsequently assume are safe (i.e. on completely legitimate sites)?[/citation]

If you done everything you can, then it's up to the website admin to maintain the website. For example, MS can do it's best to secure its OSes, but it's up to the users to not act like idiots.

 

[sykozis]

So, we inconvenience the user....for the sake of security.... Why don't they just stop releasing new browser "versions" now while people still have fond memories of Firefox....

 

[A Bad Day]

[citation][nom]sykozis[/nom]So, we inconvenience the user....for the sake of security.... Why don't they just stop releasing new browser "versions" now while people still have fond memories of Firefox....[/citation]

Tell that to Google.

 

[tpi2007]

One useful feature that IE has and that I'd like for Firefox to implement is a benchmark of how much time each plug-in adds to the start-up time of the browser. But, if possible, I'd like even more, I'd like to know what the impact of each plug-in is when loading a web page; the ability to perform this benchmark on demand, so you can appreciate the impact of the plug-ins on different websites would be ideal.

 

[pythy]

I dont't get it. If a user can pre-configure Click to Play on a trusted website to load plugins automatically, what happens if that "legitimate" website gets compromised? Does Click to Play have a way to tell whether a site has been compromised? If not, then what's the point of all this?

 

[Guest]

If a "legitimate" website gets compromised, and you told your browser to always load whatever comes from this website because you, as a user, trust it implicitly, then you will get owned. Period. You told Firefox that you want it to load whatever this website gives you and not question it. What's the solution? Don't tell your browser to implicitly trust ANY website. All websites are susceptible to getting hacked. Why would you lower the barrier for hackers by telling your browser to ignore its built-in safeguards?

This is something Mozilla should have done a long time ago, and I welcome this change. If users don't "get it", or think this is too much of a nuisance, then go back to IE or Safari and enjoy getting owned with the rest of those users.

 

[jackt]

Firefox gonna lose share being security paranoid, stuf like this and the https ...

 

[webbwbb]

I wonder how long it will be until they get sued by a patent troll who claims Mozilla stole their "invention". I seem to remember IE once having a similar feature that Microsoft subsequently removed for this very reason..

 

[digiex]

Many casual not "tech savvy" users can't comprehend this changes.

 

[xpeh]

[citation][nom]digiex[/nom]Many casual not "tech savvy" users can't comprehend this changes.[/citation]

Grey space and a button that says "Play." If those people don't know what to do, then those people shouldn't be using the internet.

[citation][nom]jackt[/nom]Firefox gonna lose share being security paranoid, stuf like this and the https ...[/citation]

I think it would gain market share instead. Not only is it more secure, it's going to be faster because it doesn't load the plugins.

[citation][nom]sykozis[/nom]So, we inconvenience the user....for the sake of security.... Why don't they just stop releasing new browser "versions" now while people still have fond memories of Firefox....[/citation]

I find it a convenience. Most casual users use Chrome.

 

[spectrewind]

[citation][nom]digiex[/nom]Many casual not "tech savvy" users can't comprehend this changes.[/citation]

Actually, you're correct. This feature fails the "grandma test". A lot of the techies in here will not recognize that (hence the - votes you receive). Most users are more concern with usability than security. Moreover, even after getting their computers hacked, I have still seen them remain this way.

The casual user will not see this as a feature. They will see it as a roadblock of just one more thing that doesn't work as they expect it (per their experience) to. Too many things to left click on... Or octuple right click on... etc.

 

[martel80]

Does it mean that I will have to explicitly enable adblock and flashblock for each site? I guess I'm going to disable the FF auto-updates until they wake up.

 

[trumpeter1994]

So when is this more serious implementation of the feature gonna get rolled out, say it was in FF17 and I'm running 18 right now

 

[juan83]

Since i've installed adblock plus, i just don't remember when was the last time i saw firefox crash.

And thanks to that the days of the annoying adds which play loud sounds are over, and the CPU utilization is pretty lower as well as memory consumption. At least, using linux i saw this very helpful. And my laptop with and old dual core, the cpu responsiveness improved a lot and also works cooler than before when ads put a burden bigger than 50% of cpu.

 

[susyque747]

What about Ubuntu, Firefox is the default browser for it.

 

[john15v16]

Look, I'm all for security but the "Fix" for this issue is NOT the plugins...the issue is Mozilla's browser sandbox model and how it handles access requests...blocking plugins by default degrades the users experience and adds an extra step (or maybe two) to view the web as it is designed...that's the easy way out Mozilla, block everything cause you're too lazy or it takes to much time and $$$ to get the sandbox right...

 

[tarzan2001]

Well, hopefully this feature will at least prevent those annoying auto-play ads (with sound) for users that don't have AdBlock Plus installed.