Wednesday, February 05, 2014

What's happened to Firefox?

Lots happening in Largo lately and I will get to a proper blog update in the next few days.  I have been working heavily on infrastructure changes to accommodate stateless GNOME sessions and BYOD devices.  Good progress, and interesting things to report.  Very busy hours of the day.

So it was an inopportune time that I have had to work a bug report with the current Firefox.  With all of these new versions, it seems like there is a strong culture now to get it out the door regardless of impact to long time users.  It seems like there is a horse race with IE and Chrome to pack in as much stuff as possible and this seems to be at the expense of less understood features that are critical.

We have been using this technology forever, riding the Netscape wave and jumping over to Firefox around the 1.5 era.  Firefox is very fast and stable for us, even over remote X and thin clients.  Everything just works.  It takes me just minutes to do an upgrade and it's something that just churns for hundreds of concurrent users.  Our email is now web based and this is the backbone of the City.  Most new software and all cloud based solutions work with it...that's just awesomeness.

With a constant barrage of security exploits, it's critical that upgrades come in a timely manner.  And then came the problem:  Somewhere around Firefox 24 the whole download infrastructure was rewritten and now all downloaded files no longer honor umask.  It's been a disaster for us when this code was pushed live.  It was patched in Firefox 25 and now is not working again in both Firefox 26 and 27.  This is horrible for Linux and Mac users that want downloaded files that are world readable, they all default to 644 regardless of umask.

Here is a comparison of the older version vs FF 27:

-rw-r--r-- 1 drichard drichard 30169644 2014-02-05 13:33 ffirefox-27.0.tar.bz2
-rw-rw-rw- 1 drichard drichard 30169644 2014-02-05 13:30 firefox-27.0.tar.bz2

Maybe some of the developers have never seen Firefox running in the enterprise, or on multi-user servers, or in a VM or on a Mac with multiple users and don't realize the importance of this working correctly.  Please come and visit us anytime and we'd be happy to demonstrate these types of deployments!

So we are left now on a version two old with no solution in sight.  Do I need to start testing Chrome?

7 comments:

Anonymous said...

IE is free. :)

liam said...

Have you filed a bug?

Dave Richards said...

Bugs filed and hard fought :)


https://bugzilla.mozilla.org/show_bug.cgi?id=919076

https://bugzilla.mozilla.org/show_bug.cgi?id=961080

Anonymous said...

I think in general Mozilla really doesn't really care that much about Linux anymore.

They justify it by saying that Windows is where the bulk of the users are.

My Firefox has been crashing a lot since about 24 too.

Anonymous said...

It may make sense to transition to Firefox's Extended Support Release (ESR) version, available at https://www.mozilla.org/en-US/firefox/organizations/

ESR builds are supported for one year and receive regular security updates, so you have a stable development / testing / certification target.

Dave Richards said...

Always appreciate feedback. ESR was reviewed in the past and is not a fit for us. The trend that we are seeing now is that browsers need security patches, new features and bug fixes. If we had an intranet web application that was more static ESR would be perfect. But we are seeing that cloud based apps are continually requesting the latest version of browser and even our intranet vendors are patching so much and requesting upgrades to the latest browser as well. In fact, our users are struggling with a bug right now in some intranet software because we have not been able to upgrade.

Anonymous said...

"Do I need to start testing Chrome?"

Why would something that releases even faster than Firefox and has a black hole bug tracker be a better choice?

https://support.google.com/chrome/answer/95315?hl=en

"We appreciate your help! In most cases we won't be able to send you an individualized response, but we'll investigate your report and use the information you provide to improve Google Chrome."

-adamw, blogger comment authentication is a disaster zone.