Comment Re:Disagree with the premise. (Score 1) 256
Please feel free to use a competing browser, all of which already include this root cert, to my knowledge.
Please feel free to use a competing browser, all of which already include this root cert, to my knowledge.
http://en.wikipedia.org/wiki/Lorentz_National_Park
Firefox codenames are always park names nowadays. This park happens to be in Indonesia, which (AFAIK) is the first country to pass 50% Firefox marketshare.
It's certainly possible, but we do have an extensive set of unit tests and performance tests these days, and we don't land new features without a test suite. Combined with our crash reporting infrastructure, I have pretty high confidence that the quality of the software is improving.
That's great, but there are lots of extensions that do in fact break. If users update to a new version of Firefox and their extensions don't work, or cause their browser to crash or otherwise malfunction (not a theoretical problem), they are not happy users.
The Jetpack project is working to create a stable (but admittedly more limited) API for extensions to use to make it possible to sidestep this problem.
Uh, the primary goal of the Lorentz branch is to merge the out-of-process plugins architecture back to the stable 1.9.2 branch that Firefox 3.6 was released from.
Uh, you can disable the blacklist, if you really want to. It's just enabled by default because we think it's the right thing to do. The vast majority of people do not know they even have these things installed, nevertheless how they would update them or otherwise mitigate their risk.
Also, if you read the original blog post, Mike Shaver spoke to Microsoft before making this decision. Mozilla does not employ the blacklist without consulting with the vendor in question first.
As for Firefox, you are basically running a series of stovepipes where it makes sense for each tab to have a separate process... why it has taken so freakin' long for this I don't know, but it's not a new idea
Because it's a large existing codebase and will require invasive changes to work in this model. Also, multi-core processors are a fairly new development, having been around for only a few years. Do you think that back in 2000 anyone would have predicted consumer-grade quad-core CPUs? Would anyone have thought that building a multi-process architecture (ala Chrome) was the right course of action at that time? Software is hard, and retrofitting large codebases to do things they weren't designed for takes a lot of time and engineering effort.
I would question whether "execute the JavaScript in this HTML page your server provided to me" really constitutes "decrypt without authorization".
You will have many recoverable tape errors.