DOCSLIB.ORG

Mozilla Firefox 1.0 Reviewer’S Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Mozilla Firefox 1.0 Reviewer’S Guide Mozilla Firefox 1.0 Reviewer’s Guide PR Contact:Rafael Ebron– (510) 220-6800 Table of Contents 1. INTRODUCING MOZILLA FIREFOX 1.0 ............................................... 3 2. FIREFOX - THE BROWSER YOU CAN TRUST ........................................ 4 3. SECURITY AND PRIVACY FEATURES .................................................. 7 4. FASTER IN EVERY WAY .................................................................... 8 5. BETTER BROWSER EXPERIENCE ..................................................... 11 6. SUMMARY OF FEATURES............................................................... 14 7. APPENDIX.................................................................................... 15 Firefox Reviewer’s Guide Page 2 1. Introducing Mozilla Firefox 1.0 Rediscover the Web The new Firefox 1.0 is fast, free, and fun to use – helping users rediscover the Web. Firefox is the simple but powerful Web browser from the Mozilla Foundation that is designed to showcase the Web without all of today’s nuisances like pop-ups and spyware. Innovative new features include: enhanced privacy controls, live bookmarks, pop-up blocking, tabbed browsing, integrated Google search, and over 100 different extensions to make Firefox even more powerful. Firefox sits on top of the Gecko rendering engine – the browser engine that leads the industry in support of Web standards. A simplified user-interface, cross-platform support, open source collaboration, and developer extensions, make Firefox the perfect canvas for today and next generation’s web site and web applications. Firefox is available for Windows, Mac OS X, Linux and many different languages. Firefox 1.0 Key Features: High grade security Integrated search Anti-spoofing protection Live Bookmarks Privacy controls Download manager Tabbed browsing Themes and extensions Pop-up blocker Streamlined interface Download Firefox 1.0 now at http://GetFirefox.com. Firefox Reviewer’s Guide Page 3 2. Firefox - The browser you can trust Security Overview In the Mozilla project, we understand the importance of privacy and security. The importance of good computer security is demonstrated by the series of recent security exploits (known as "download.ject "or "scob"), in which vulnerabilities in Internet Explorer were used to allow malicious computer programs to be secretly installed and executed on machines running Internet Explorer. Browser software must include both good security design and good security practices to maximize the amount of protection available. No piece of browser software can provide 100% protection, just as no set of locks and keys for our homes can be 100% effective. But browser design and implementation can make an enormous difference in the level of protection available to users. In addition, management practices in the way software problems are addressed can also dramatically affect the level of protection consumers enjoy. Recent security failings in Internet Explorer have caused experts (Including the United States Department of Homeland Security's Computer Emergency Readiness Team) to recommend that consumers stop using Internet Explorer and switch to other browsers. Firefox and other Mozilla browsers use fundamentally different security architecture than does Internet Explorer. As a result, Mozilla browsers are not affected by a range of security problems that compromise Internet Explorer. For more detail on exploits leading to the suggestion to switch see: http://www.kb.cert.org/vuls/id/713878 http://secunia.com/advisories/12048/ The Mozilla design approach is to provide multiple layers of defense so that if one protection mechanism performs imperfectly, another protection mechanism (or two or three) will act as a safety net, thus strengthening the system's ability to defeat attacks. Security benefits of Mozilla browsers include: 1. Firefox and other Mozilla browsers do not allow a website to download onto, install onto, or execute code on a user's computer without the user's agreement. 2. Firefox and Mozilla browsers do not designate content as "local." An architecture that includes the concept of "local" content and then gives such content upgraded security permissions and allows it greater access to the user's machines, means that content which is mistakenly treated as local has vastly more potential to do damage. Indeed we saw this type of problem in the recent Internet Explorer vulnerabilities, in which malicious content was secretly sent to users machines, managed to falsely identify itself as "local" content to Internet Explorer, was then granted enhanced access to Firefox Reviewer’s Guide Page 4 machines running Internet Explorer, and used that access to install a program which logged keystrokes, including credit card numbers. Mozilla users were not affected. A more detailed description can be found at: http://www.kb.cert.org/vuls/id/713878 It should be noted that these security policies can result in some loss of convenience to the user. We all make these trade-offs in many areas of life. For example, needing a key to open the front door of our homes means we all have to get keys, find them in the morning and make sure not to lose them during the day, which is far less convenient than leaving the door unlocked. Most of us choose to trade the inconvenience of locks on our front door for the greater security this provides. For users who want increased security, Mozilla browsers are a great choice. 3. Internet Explorer uses a technology known as ActiveX. ActiveX, particularly in combination with the "local" concept described above, has been very fertile ground for those designing security exploits. Here's how Slate summarized the problem with Active X (see http://slate.msn.com/id/2103152 for the complete article): “The problem is that hackers continue to find and exploit security holes in Explorer. Many of them take advantage of Explorer's ActiveX system, which lets Web sites download and install software onto visitors' computers, sometimes without users' knowledge. ActiveX was meant to make it easy to add the latest interactive multimedia and other features to sites, but instead it's become a tool for sneaking spyware onto unsuspecting PCs.” 4. Mozilla browsers maintain a separation between the application and the operating system. IE browsing functionality is becoming increasingly integrated into Windows; a security problem in browsing functionality may therefore affect services which are shared with, or relied on by, other parts of the operating system. This makes a multi- layered defensive strategy complex to design and implement effectively. The convergence of Internet Explorer and the Windows operating system has provided fertile ground for malicious programmers. Switching to Mozilla -- Managing the Project for Consumer Security As noted above, it's virtually impossible to provide a web browser that is absolutely secure against all possible attacks. Effective security also requires focused attention to early identification and effective resolution of potential problems. Complacency or a "business as usual" attitude regarding security issues does not serve the consumer well. Finding potential security holes is tricky and requires people with expertise and focus. The Mozilla project has developed a community of people who are passionate about computer security and put the protection of consumers and their data above business and revenue considerations. We value this community highly and actively encourage their involvement. We provide a "bounty" to those who find and report potentially serious security flaws, to encourage security experts to help improve Mozilla products. This community promotes the Firefox Reviewer’s Guide Page 5 identification of potential problems before exploits are developed and before consumers suffer. Once a security hole has been identified and verified, it is often possible to develop a fix for Mozilla products very quickly. It's a bit counter-intuitive, but fixing the problem in Mozilla browsers is often easier than finding it in the first place. Developing fixes may be more complex for browsers which are deeply integrated into, and thus share services with, the operating system because fixing the problem could affect aspects of the operation system that rely on the browser. After a fix is created it needs to be tested. Then the new version of the software needs to be distributed to the public, and the public encouraged to upgrade to the new software. These activities can be very inconvenient to the software developer. They are time- consuming and disruptive. They require software vendors to place user protection above business convenience and predetermined release cycles. The Mozilla project has shown strength in this regard. For example, we recently completed the entire process in just under 36 hours in order to make sure that we had a fix ready and updated products available as soon as the exploit became known to the public. We proactively informed our users of the problem and provided a choice of mechanisms to encourage users to upgrade immediately. We take these actions because we do not believe that a "business as usual" attitude about security is appropriate. We have also created a system of checks and balances to guard against complacency. The set of experts who care about security are not all employees of the Mozilla Foundation. They participate in the open source Mozilla project because they care passionately about security, and because they want a browser that meets their security standards. These participants
Load more

Recommended publications
  • How-To Gnome-Look Guide
    HHOOWW--TTOO Written by David D Lowe GGNNOOMMEE--LLOOOOKK GGUUIIDDEE hen I first joined the harddisk, say, ~/Pictures/Wallpapers. right-clicking on your desktop Ubuntu community, I and selecting the appropriate You may have noticed that gnome- button (you know which one!). Wwas extremely look.org separates wallpapers into impressed with the amount of different categories, according to the customization Ubuntu had to size of the wallpaper in pixels. For Don't let acronyms intimidate offer. People posted impressive the best quality, you want this to you; you don't have to know screenshots, and mentioned the match your screen resolution. If you what the letters stand for to themes they were using. They don't know what your screen know what it is. Basically, GTK is soon led me to gnome-look.org, resolution is, click System > the system GNOME uses to the number one place for GNOME Preferences > Screen Resolution. display things like buttons and visual customization. The However, Ubuntu stretches controls. GNOME is Ubuntu's screenshots there looked just as wallpapers quite nicely if you picked default desktop environment. I impressive, but I was very the wrong size, so you needn't fret will only be dealing with GNOME confused as to what the headings about it. on the sidebar meant, and I had customization here--sorry no idea how to use the files I SVG is a special image format that Kubuntu and Xubuntu folks! downloaded. Hopefully, this guide doesn't use pixels; it uses shapes Gnome-look.org distinguishes will help you learn what I found called vectors, which means you can between two versions of GTK: out the slow way.
    [Show full text]
  • Free Theme Images for Windows Xp to Download 55 Most Beautiful Free Window XP Themes and Visual Styles
    free theme images for windows xp to download 55 most Beautiful free Window XP Themes and Visual Styles. Windows XP is one of the best and most usable Operating System launched by Microsoft on August 24, 2001. it is the second most popular version of Windows, based on the installed user base. The operating system is specially designed for personal computers, including home and business desktops, laptops, and media centers. One thing I don’t like about Windows XP is It’s blue and green User Interface, but Now so many 3rd parties websites offer a Free desktop theme for window XP. which you can download and apply to your windows using Style XP installed to apply these themes. This will help you in customizing your Windows with new themes. Here are some beautiful visual styles and free window themes for Windows XP. Dark Fusion Themes Windows Xp. Crystal XP Theme is one of the best themes for Windows XP to be found at the moment. Attractive, elegant, functional, stable. Crystal XP Theme has it all. You don`t need any additional program to install it nor run it, simply download the program and install it, which is also completely. License: Freeware Size: 1024 B Download (14238): Crystal XP Theme Download. Ubuntu is one of the most popular and used GNU/Linux distributions, and its best virtue is its surprisingly easy to manage desktop. If you want to transform your Windows XP desktop into that used by Ubuntu, now you can thanks to this desktop theme.Ubuntu XP is a desktop theme that transforms your.
    [Show full text]
  • Firefox Hacks Is Ideal for Power Users Who Want to Maximize The
    Firefox Hacks By Nigel McFarlane Publisher: O'Reilly Pub Date: March 2005 ISBN: 0-596-00928-3 Pages: 398 Table of • Contents • Index • Reviews Reader Firefox Hacks is ideal for power users who want to maximize the • Reviews effectiveness of Firefox, the next-generation web browser that is quickly • Errata gaining in popularity. This highly-focused book offers all the valuable tips • Academic and tools you need to enjoy a superior and safer browsing experience. Learn how to customize its deployment, appearance, features, and functionality. Firefox Hacks By Nigel McFarlane Publisher: O'Reilly Pub Date: March 2005 ISBN: 0-596-00928-3 Pages: 398 Table of • Contents • Index • Reviews Reader • Reviews • Errata • Academic Copyright Credits About the Author Contributors Acknowledgments Preface Why Firefox Hacks? How to Use This Book How This Book Is Organized Conventions Used in This Book Using Code Examples Safari® Enabled How to Contact Us Got a Hack? Chapter 1. Firefox Basics Section 1.1. Hacks 1-10 Section 1.2. Get Oriented Hack 1. Ten Ways to Display a Web Page Hack 2. Ten Ways to Navigate to a Web Page Hack 3. Find Stuff Hack 4. Identify and Use Toolbar Icons Hack 5. Use Keyboard Shortcuts Hack 6. Make Firefox Look Different Hack 7. Stop Once-Only Dialogs Safely Hack 8. Flush and Clear Absolutely Everything Hack 9. Make Firefox Go Fast Hack 10. Start Up from the Command Line Chapter 2. Security Section 2.1. Hacks 11-21 Hack 11. Drop Miscellaneous Security Blocks Hack 12. Raise Security to Protect Dummies Hack 13. Stop All Secret Network Activity Hack 14.
    [Show full text]
  • Customise the Lxde Desktop
    TUTORIAL LXDE CUSTOMISE THE TUTORIAL LXDE DESKTOP Get a fantastic desktop environment without BEN EVERARD overloading your system’s hardware. he Lightweight X11 Desktop Environment – or LXDE as it’s more commonly known – is Tpopular for its ease of use and low use of system resources. It’s the desktop of choice for the Raspberry Pi, and is an excellent option for replacing Windows XP on older machines. However, in its default form it is a little ugly. Everything works as you expect it to, but it doesn’t show off the Linux desktop experience as well as it could. Fortunately, it’s quite easy to whip the default configuration into something that looks good and is a little more user friendly. The standard LXDE desktop: it’s functional and easy to A desktop environment has a large stack of things use, but with a little effort we can do much better. that are really just images. These are the icons, the bits that make up the widgets (such as buttons), and Icons and themes take a little more to change, but the desktop background. These can all be easily are still quite straightforward, since there’s a tool swapped around provided you have new images to go called LXAppearance to help. First you need to in their place. download the theme. We started with the Elementary icons at www.gnome-look.org/content/show.php/ Get new wallpaper elementary+Icons?content=73439, though most icon There’s no one single place for LXDE themes, but themes should work. there is for Gnome, and they’re mostly compatible.
    [Show full text]
  • 335-2010: SAS® Gets Flexy: Themes You Can't Resist
    SAS Global Forum 2010 SAS Presents Paper 335-2010 SAS® Gets Flexy: Themes You Can’t Resist Amy Dull and Sherry Parisi, SAS Institute, Inc., Cary, NC ABSTRACT Have you heard the news? SAS® made a strategic decision to create its next generation of Web applications using the Adobe Flex platform. Flex is an open source platform designed for building rich Internet applications. There is also a Flex theme framework for coordinating colors, images, and text styling. Flex themes are integral to enhancing the overall SAS user experience. This paper explores how we developed a SAS corporate theme to create a stronger visual identity for the SAS product line. Two additional base themes allow customers to customize the SAS product line to meet branding needs, ensuring a unified look across the SAS suite. INTRODUCTION This paper will briefly discuss why Flex was chosen as the technology for all future Web-based product development at SAS. Along with this decision came the opportunity to theme our products consistently from the start! A theme in a general sense defines the overall look and feel of an application. It is designed using colors and graphics that are applied to common user interface components and layout containers. Standardization of icons, fonts, and to a lesser extent, effects, can also bring value when creating a theme, as it provides even stronger visual identity across a product or suite of products. As SAS introduces more and more solution-based products to the market, we recognize that our customers will often be using more than one SAS application in their daily work.
    [Show full text]
  • EFL a UI Toolkit Designed for the Embedded World
    EFL A UI Toolkit Designed for the Embedded World stosb.com/talks Tom Hacohen [email protected] Samsung Open Source Group @TomHacohen Where We Come From The Enlightenment project is old (1996) - predating GNOME, KDE, etc. Initially a window manager - split to a set of libraries EFL as we know it dates back to at least 2000 Targeted the embedded world since the beginning Where We Come From (image circa 2001) General Information Used in many places, and supported by big industry players Focus on embedded devices A mix of LGPL 2.1 and BSD Three months release cycle Ever improving CI and static analysis (coverity) API/ABI checks before every release Zero compiler warnings with -Wall -Wextra Development Statistics Latest version (1.18.0): 105 unique contributors 3,364 commits Overall: 587 unique contributors 50,000 commits What Does the EFL Provide? What Does the EFL Provide? General Purpose Library Stringshares for reducing memory footprint In-line lists/arrays for reducing memory usage and fragmentation Copy-on-write support for C structures and unions Magic checks for structures Many others - list, hash, rb-tree and more What Does the EFL Provide? Binary Serialization Library Serialize, de-serialize C structures and unions Decompile to text, and re-compile from text Reduces memory usage (mmap) Faster to load Supports compression and signing What Does the EFL Provide? Mainloop and General-Glue Library Animators - Timers that tick at most on every frame Easy support for thread-workers Execute, monitor and pipe input/output of executables Integrates with other main loop implementations Networking, IPC, HTTP and etc.
    [Show full text]
  • Table of Contents Ventrilo 4 Theme Development
    Table of Contents Ventrilo 4 Theme Development. ................................................................................................................... 3 Production vs. Development environments: ................................................................................................ 4 Settings.ini file ............................................................................................................................................... 6 How to use ................................................................................................................................................ 6 Properties .............................................................................................................................................. 8 Colors .................................................................................................................................................... 9 Macro string substitution ...................................................................................................................... 9 Sequentially numbered key names ..................................................................................................... 11 Predefined topic names ...................................................................................................................... 11 [General] ................................................................................................................................................. 13 [Main] .....................................................................................................................................................
    [Show full text]
  • Stronger NYC Communities Organizational Digital Security Guide
    Stronger NYC Communities Organizational Digital Security Guide For Trainers and Participants Build Power - not Paranoia! NYC Stronger Communities | Toolkit 1 Creative Commons Attribution-ShareAlike 4.0 International, July 2018 This work supported by Mozilla Foundation, the NYC Mayor’s Office of Immigrant Affairs, NYC Mayor’s Office of the CTO, and Research Action Design. CREDITS Project designed and lead by Sarah Aoun and Bex Hong Hurwitz. Curriculum lead writing by Rory Allen. Workshops, activities, and worksheets were developed by Nasma Ahmed, Rory Allen, Sarah Aoun, Rebecca Chowdhury, Hadassah Damien, Harlo Holmes, Bex Hong Hurwitz, David Huerta, Palika Makam (WITNESS), Kyla Massey, Sonya Reynolds, and Xtian Rodriguez. This Guide was arranged and edited by Hadassah Damien, and designed by Fridah Oyaro, Summer 2018. More at: https://strongercommunities.info NYC Stronger Communities | Toolkit 2 Table of Contents ORGANIZATIONAL DIGITAL SECURITY GUIDE This guide provides tools and ideas to help organizational digital security workshop leaders approach the work including a full facilitator’s guide with agendas and activities; for learners find a participant guide with homework, exercises, and a resource section. 01 03 INTRODUCTION ............................................ 4 PARTICIPANT WORKBOOK ........................................ 110 • Organizational Digital Security Right Now Introduction to the Stronger Communities • Roadmap Workshop series Self-assessment: Digital • Workshop Overview Security Bingo • Series Story • How to coordinate and plan a Stronger Workshop Participant Guides Communities workshop series • Design and facilitation tools 1. Stronger NYC Communities Workshop: • Evaluate and assess Our work is political. • Handout and activity glossary 2. Stronger Communities Workshop: Our work is both individual and collective. 3. Stronger Communities Workshop: Our 02 work is about learning from and taking care of each other.
    [Show full text]
  • Awoken Icon Theme - Installation & Customizing Instructions 1
    Awoken Icon Theme - Installation & Customizing Instructions 1 AWOKEN ICON THEME Installation & Customizing Instructions Alessandro Roncone mail: [email protected] homepage: http://alecive.deviantart.com/ Awoken homepage (GNOME Version): link kAwoken homepage (KDE Version): link Contents 1 Iconset Credits 3 2 Copyright 3 3 Installation 3 3.1 GNOME........................................................3 3.2 KDE..........................................................4 4 Customizing Instructions 4 4.1 GNOME........................................................4 4.2 KDE..........................................................5 5 Overview of the customization script6 5.1 How to customize a single iconset..........................................7 6 Customization options 8 6.1 Folder types......................................................8 6.2 Color-NoColor.................................................... 11 6.3 Distributor Logos................................................... 11 6.4 Trash types...................................................... 11 6.5 Other Options.................................................... 11 6.5.1 Gedit icon................................................... 11 6.5.2 Computer icon................................................ 11 6.5.3 Home icon................................................... 11 6.6 Deprecated...................................................... 12 7 How to colorize the iconset 13 8 Icons that don't want to change (but I've drawed) 14 9 Conclusions 15 9.1 Changelog......................................................
    [Show full text]
  • UX & UI Theme 1
    Theme 1 UX & UI HOMEWORK BOOKLET Name 9IT Form Introduction Theme 1 is all about understanding the front-end of computer systems. We use user interfaces on a daily basis. How are they designed? What do designers think about when creating an interface? We will explore these questions. We will also take a look at Human Computer interaction. Towards then end of the theme we will undertake a creative project to plan and design a basic user interface considering the following: • Colours and font • Layout • Language used and information given At the bottom of each homework you will see an icon which will tell you how the homework will be assessed. See below to find out what the icons mean: Self Assessment: You will mark your work at the start of next lesson. ENSURE YOU COMPELTE HOMEWORK AS MARKS WILL BE COLLECTED IN! If you see this on a homework. There will be an Edmodo Quiz based on the homework next lesson. SO MAKE SURE YOU REVISE AND READ THE INFORMATION CAREFULLY! If you see this on a homework it means you will be peer assessing the homework next lesson with another student. MAKE SURE YOU HAVE YOUR HOMEWORK COMPLETED SO YOU CAN SWAP WITH ANOTHER PUPIL! Failure to submit homework on time will result in a 45-minute detention. If you lose your homework booklet you will be charged for a replacement and you MUST catch-up on any incomplete homework. Stuck? Got a question? Email your teacher. Mr Rifai (Head of Computing) [email protected] Miss Davison [email protected] Miss Pascoe [email protected] 2 Due Date: H/W1 User Interfaces What is an interface? What are the three types of user Research and find another interface? type of user interface: 1.
    [Show full text]
  • Tune up Your Spanish Rar
    Tune up your spanish rar Download Free eBook:Tune Up Your Spanish - Free chm, pdf ebooks Tune Up Your French with MP3 Disc (English and French Edition) Mary McVey Gill and Brenda Wegmann are experienced authors of Spanish and ESL language learning materials. You are also given a bit of background into the Spanish language and the people of Hispanic g: rar. Spanish | Medicina Incl. | MB | Windows 2K/XP/Vista/XP X64/Vista64/7/7 TuneUp Utilities ahora limpia más de programas, incluido iTunes®. Tune Up Your Spanish SECOND EDITION Mary McVey Gill & Brenda Wegmann Natalie Schorr, Series g: rar. Your browser does not currently recognize any of the video formats available. Click here to visit our frequently. The best part is that sometimes these students manage to turn up right when we about long after they are gone from your class and your school. The "Got It" kids often get bored and tune out as you try to help the "Almost. Then, a new window will pop up with the proper "Language and You can also type an accented vowel by typing ´ on your Spanish keyboard. It works by lining up the speakers of your device (like a phone) with the .. They have them in English and Spanish and they have audiobooks and movies for both .. If we tune in each radio in the house to the story, you can pretty much hear it. See Tweets about #rar on Twitter. New to Twitter? Sign up now to get your own personalized timeline! Sign up . Let us kickstart your Tuesday evening! Before students open up cases and get out instruments for the first time we .
    [Show full text]
  • Graphical Desktop Desktop Background • Right-Click Anywhere
    Graphic Desktop Graphical Desktop Each Linux distribution comes with its own set of desktop backgrounds. You can change the default by choosing a new wallpaper or selecting a custom picture to be set as the desktop background. If you do not want to use an image as the background, you can select a color to be displayed on the desktop instead. In addition, you can also change the desktop theme, which changes the look and feel of the Linux system. The theme also defines the appearance of application windows. Desktop Background If you do not like any of the installed wallpapers, you can use different shades of color as the background using the Colors and Gradients drop-down in the Appearance window. There are three types of color: solid, horizontal gradient, and vertical gradient. Click the box at the bottom and pick the effect between solid and the two gradients. In addition, you can also install packages that contain wallpapers by searching for packages using “wallpaper” as a keyword. Note: The next few screens cover the demonstrations and Try-It-Yourself activities of a member of each of the three Linux distribution families we cover in this course. You can view a demonstration for the distribution type of your choice and practice the procedure through the relevant Try-It-Yourself activity. Centos: Right-click anywhere on the CentOS desktop Click Change Desktop Background Choose the image as background by clicking on it Click close Changing the Theme The visual appearances of applications (the buttons, scroll bars, widgets, and other graphical components) are controlled by a theme.
    [Show full text]