Lewis' Blog Tales from the trenches of information technology

7Oct/110

Ramdom thoughts on the 2011 (and beyond?) Firefox release schedule

Download PDF

As I sit here at Panera Bread, catching up on some tech news, an article caught my eye concerning Mozilla's new approach to updates and, tangentially, the (revised) 2011 Firefox release schedule. This started my own wheels turning, as this has been a bit of an annoyance for me, so I thought I'd just jot down a few ideas...

Concerning Firefox's 2011 release schedule:

Why?

We (I say "we" because I do/have contribute(d) from time to time) have some bugs in Bugzilla which date back several years (some to the Netscape Communicator days, inherited by the Mozilla project - no kidding!). These have yet to be quashed, and all the while new "releases" just keep coming down the pike, bringing with them their own share of new insectoids. Wouldn't it make more sense to stay at a reasonable "release" level, and just fix it before adding new features (and after all, isn't the purpose of a new "release" to introduce new features)? We already have a mechanism in place for extending the functionality of the browser through plugins and extensions, anyway, so what's the point? (If Mozilla wants to emulate Redmond, then they should consider that under the hood, Windows 7 is NT 6.1, anyway, and Microsoft got a head start with NT growing out of OS/2 - NT started at version 3.)

The old adage, "If it ain't broke, don't fix it" should apply to software as well, appended with, "and if it's already broke, fix it before releasing a new version."

Extension developers

The rush to increment major version numbers also impacts extension developers, whose code may very well work just fine under the new release, but will not install due to the install.manifest (install.rdf) restricting installation to what may have at the time seemed quite a way into the future. Consider the following snippet:

<!-- Firefox -->
<em:targetApplication>
<Description>
<em:id>{ec8030f7-c20a-464f-9b0e-13a3a9e97384}</em:id>
<em:minVersion>3.5</em:minVersion>
<em:maxVersion>4.0</em:maxVersion>
</Description>
</em:targetApplication>

(The above was taken from an older version of Abduction!, the page saving extension.)

Without working around the installation version safeguard (and yes, I do know that it can be done, but that's not the point), this extension won't install under Firefox 7, even if it would ultimately work. Instead, the author must go back, update the install manifest to allow for installing on versions after 4.0, re-package, and everyone must then update the extension (which would have been automatically disabled upon upgrading the browser). Multiply this series of operations by the scores of extensions we have these days (some of which we all consider to be "deal-breakers" for using the product in the first place), and you'll soon see what a headache this whole new release number thing is.

Updating methodology

Well, this is an interesting one. The Register article mentions "One niggle for customers using Firefox with Windows is that they must update their User Account Controls (UAC) preferences in the Microsoft desktop with each new version of Firefox." <WARNING: WINDOWS REALISM AHEAD> LOL... For those who don't know, UAC is the bolted on "security" enhancement added to Windows Vista, in an effort to address the (perceived and real) lack of tight security in previous versions. The problem is that the UAC is a bolt-on, just like adding another deadbolt to one's front door: safer, perhaps, but a royal pain when you're rushing to get in to use the bathroom.

Supposedly, this new "silent update" strategy (shhhh....it's silent...) will install a component (trojan?) onto the Windows client which will act as a backdoor...er...concierge to allow updates to flow around (behind?) the UAC. Great security mechanism, there.

Some more Windows realism

Windows NT (which was supposed to stand for "New Technology," but which OS/2 aficionados will recall we used to describe as "Not There") was/is based on OS/2 (OS/2 1.1, mainly), which was a single-user OS. I'm not knocking single-user OSes (eComStation, without Security/2, is also a single-user OS, and so is DOS - and all single-user OSes have their strengths). In contrast, UNIX, Linux (by association, as well as design), and NetWare were all designed to be multi-user operating systems (someone possessing  either a longer history with or better recollection of UNIX than I please feel free to correct me concerning AT&T Bell Labs' OS for the PDP-7 and 11/20 - my dad's office in the mid-1970's was a Litton minicomputer operation, after a very brief and dismal foray into the world of Nixdorf, so I'm not all that familiar with DEC machines prior to or around that time). So, making Windows multi-user while still keeping it "Windows" meant bolting on security. To my mind, the failure is in the bolts, not the security itself, but that's something for another post. Suffice it to say that if one must resort to a backdoor approach to install updates so as not to confuse/bother/bewilder/frighten the user, there is a bigger problem at hand than popping up a box and asking permission (another topic for another time). On with our story...

Chrome does it, so why shouldn't we?

According to the Register article, Google's Chrome pushes down silent updates. How nice for Google. I spend all my time anonymizing my searches so that Google doesn't get any deeper into my life, and people allow Chrome to silently update. I uninstall/remove/banish Google Desktop Search (well, as of September 14, I no longer have to do that as Google pulled the plug on this piece of spyware...er...software), and yet I would allow Chrome to somehow silently update itself - on a Windows machine, no less? (Interesting side-note: If anyone has need of disabling Chrome's auto-update "feature," you might find this article of some use. The alternative - as mentioned there - would be to switch to Chromium, the open source project based on Chrome.)

Final thoughts

This whole rush-to-release thing is a bit absurd, like the kids are running the operation, and all of us oldsters (you know, the ones who might have actually gained some patience and wisdom over the years) seem to be sitting on the sidelines, watching it all happen. The other side-effect of pushing out new versions every six weeks (up from every 11-20 months, as recently as the release of Firefox 3) is that support for older versions by necessity falls by the wayside. So, if someone is running Firefox 4, for some legitimate purpose, and runs into a bug or a problem, the only real (officially supported, if this were purely commercial code) solution would be to upgrade. Seems more than a little silly to me.

Comments (0) Trackbacks (0)

No comments yet.


Leave a comment

No trackbacks yet.