dead software

>>58701035

Only if you run windows.

And if you run windows your opinion really doesn't mean shit.

>>58701236
nah, WebExtensions are the nail in the coffin for Mozilla.

You could just, you know, not upgrade to 57.

>>58701035

Windows.

>>58701035
>declining marketshare
>no XUL extensions
>only neutered Chrome-like extensions
>spend all the money funding SJWs, faggots, trannies, feminism
RIP Cuckzilla!

>>58701035
>$0.01 has been deposited into your Googlesoft account

>>58701409
>muh outdated software
Why is /g/ this retarded? Why is their solution always to use old software (µTorrent 2.2.1, Windows 7) instead of switching to an alternative and using an up-to-date version?

>>58701549
there will always be hangerons

>>58701549
botnets + lazy

will use icecat

>>58701549
There is literally nothing wrong with using "outdated" software

>>58701612
Vulnerabilities
Compatibility issues

There's two things wrong right there.

>>58701035
what happened now?

I've seen this meme for quite some time, what actually happened?

What is everyone running then? Chrome?

>>58701662
Updated software has these issues also

File: 64-bit.png (84KB, 811x410px) Image search: [Google]

84KB, 811x410px

>>58701720
>32-bit
Why?

>>58701728
Palemoon and Chromium, probably.

I've been chilling on FF 39.0 and I'd say I'm still fairly happy.

Any reason I should be looking to update?

>>58701549
Because the up-to-date alternative is worse.

File: linux.jpg (187KB, 1344x742px) Image search: [Google]

187KB, 1344x742px

>>58701035

less qq

>>58701761
Chromium is a Google product so I would never use it. Palemoon on the other hand is such a small project and a fork of FF anyway I don't see a problem.

What really is killing Firefox though is that a couple of years back, people were still tech savvy enough to be able to install new browsers, and everyone knew IE needed to be changed. So everyone did. But in the recent years, with Android and all that, Google has really grown, and people have gotten used to their ecosystem, and since a ton of devices already come with Chrome pre-installed, that's what people also choose for their desktops (in Europe at least, Windows has to provide a browser choice dialog when you first start using it.) Its a similar issue to the one of GNU/Linux on the desktop - it doesn't come pre-installed, it doesn't get used.

64 bit firefox on windows 10 runs great

File: 1485640472171.jpg (61KB, 519x253px) Image search: [Google]

61KB, 519x253px

>>58701759

>>58701662
I wouldn't have ANY compatibility issues if the botnet let me keep using Windows XP.

>>58701549
Because the out-dated version is often better than the up-to-date alternatives.

>>58701702
Mozilla is killing off their add-on system to use something similar to Chrome's instead. Add-on developers are getting tired of it and jumping ship. Hell, it's impossible for a good number of add-ons to even work under then new system.

>>58701728
Palemoon. It still runs the extensions that no longer run in FF.

>>58701900
The problem is that FF was always going to be niche, while Google can use their power to edge out internet explorer, especially since M$ was trying to force Edge anyway.

FF should have never tried to be #1; it should have marketed itself as the power user alternative.

>>58701755
>>58701612
>>58701409

Using old software with KNOWN security vulnerabilities is freaking fucking retarded for anyone on a "tech" board to recommend. It is beyond fucking stupid. It is a hundred times more important to use up-to-date software than it is to use anti-virus/malware software. You are literally asking, begging to be infected with malware and/or be hacked. I can't even.....


Why am I on /g/.. this isn't a god damn tech board, people are worse than normies in here. even my mom knows updating software is an important security defense.

>>58702534
If you're storing critical information on your machine that you cannot afford to get "hacked" and your only line of defense is Firefox being version 48 not 47, you're doing it really, really fucking wrong.

I mean seriously, what is your threat model here? What are you trying to protect yourself from? "Being hacked"? By who? How? The people who actually give a shit about using an exploit against you could just as well use a zero day, or use something much more effective like phishing. The scenario you are trying to shield yourself against is basically someone hijacking a site you'd have reason to visit (because everything else would be blocked by your adblocker and malicious domain filters to begin with), then deliberately targeting versions of Firefox that are several months/years old to perform a complex memory corruption attack that MIGHT let them execute something without admin permissions. What then? What do they do? Steal the cat pictures from your downloads folder? Get the password to your WoW account which they won't be able to use because of two factor authentication? Install a botnet client that somehow remains invisible to all antivirus software out there and hides itself by also being a rootkit, then assign someone to constantly monitor your computer usage for the precise moment at which you're logged into your banking website from your end so they can quickly hijack the mouse and send an easily reversible transaction to an account in China?

If a potential attacker can do significant damage by simply running an executable on your computer, you have ALREADY lost. A really fucking obvious countermeasure like running your web browser in a sandbox or not storing critical documents and passwords on the same computer you browse shady porn websites from would help you a lot more than your copy of Firefox being exploitable with 3 less attacks. "Security updates" matter jack fucking shit for anyone who isn't running a server, they're a minor step.

>firefox
supports flac
>chrom
doesn't


get rekd

Why is firefox the only decent browser?

I want to use another browser, but they all fucking sucks just slightly more than firefox.

File: angery.gif (538KB, 318x400px) Image search: [Google]

538KB, 318x400px

How the FUCK do I disable add-on signature checking

This is so fucking retarded

>>58702833
watch more animes manchild.

>>58702865
No thanks, most is shit

>>58702721
Want to know what the "threat model" for a private citizen is, online and off? A crime of opportunity. Left your car window open? Someone's going to steal your valuables. Leave your front door unlocked in a bad neighborhood? Your HDTV is as good as gone. Browsing porn with a practical, unpatched CVE? Someone's going to try and infect you with ransomware. They're not going to spend the energy to 0day you for it, but any idiot could use an arbitrary payload with something like CVE-2016-9079.

Also, have some imagination (and read news), there are plenty of reasons to infect a random person with malware. I mentioned ransomware, and there are all kinds of botnets for spam, ad fraud, ddos, and general purpose ones for rental. Also helps to do your hacking through someone else's internet connection so that the feds go knocking on the door of some poor idiot who probably doesn't have the logs to trace back much further.

>>58703040
The people you are talking about are also the ones who would run a random .EXE they found on the internet. Any danger they would be exposed to by an unpatched browser is also present when they install or run practically anything on their computer. Ransomware is defeated by a backup or an AV, being part of a botnet is a minor inconvenience at worst.

>>58703117
>The people you are talking about are also the ones who would run a random .EXE they found on the internet
Nope, I specifically mentioned CVE-2016-9079, which is driveby. Another driveby from last year that was definitely used for ransomware infections was CVE-2016-1019.

>Ransomware is defeated by a backup or an AV
depends on how fresh the ransomware is, but of course backups are essential

>being part of a botnet is a minor inconvenience at worst
I don't share your indifference. My internet connection is mine, I don't want some teenager with the russian mafia using it for his spam operation

>>58702534

How exactly are you going to get hacked or infected by using old utorrent 2.2.1??

>>58703155
>Nope, I specifically mentioned CVE-2016-9079, which is driveby.
And that relates to what I said... how? All a browser exploit will ever be capable of doing is the equivalent of running an executable with or without admin permissions. It essentially forces you to run untrustworthy code on your computer without realizing it. My point was that the same people you advise to be aware of such attacks ALREADY run untrustworthy code on their computers, and they do it fucking daily. It's not the biggest issue to address.

>I don't share your indifference.
That's fine and I take no issue with your precautions, but that doesn't make it some kind of universal problem that everybody else should worry about. I seriously doubt anyone has suffered any serious harm from being part of a botnet before.

Also, if you truly care about your security, I sincerely hope that you run your web browser in a sandbox at the very least, and use secure, encrypted, offline backups to store your data.

>>58703184
Someone might trick you into manually inserting a maliciously formatted 3000 character long magnet link which will trigger a buffer overflow.

>>58703237
>the same people you advise to be aware of such attacks ALREADY run untrustworthy code on their computers, and they do it fucking daily
Am I misunderstanding this? "People who might intentionally or unintentionally click on a shady link sometime this year" is a subset of "people likely to get infected because they run shady EXEs"? Most people who are security professionals or sysadmins (well, hopefully), for example, are in the first category but not the second. They don't usually get infected from the shady links either, in part because they keep their software up to date.

>>58703286
You were addressing /g/. I'm not sure I'd class them as "security professionals". Most people here are neckbeards who use Linux because they're wannabe hackers. To rephrase it once again:

- If you're a casual user, you don't need to worry about exploits more than you need to worry about the Photoshop crack or the closed source software or the script from Google you used yesterday, there are much more important measures that help way more which you should do before you worry about your Firefox version, such as two factor authentication and backups.
- If you're a sysadmin with secure information on his computer that he can't afford to be stolen or damaged, you shouldn't BE in a position where the up-to-date-ness of your web browser affects that in any way, and you shouldn't be using anything that isn't a throwaway computer to browse the public web with Firefox.

A good quality padlock is important, but maybe you should address the gaping fucking hole in your bedroom wall first.

>>58701035
dead memes

>>58703336
Lots of people have backups of important data (especially with cloud stuff). Ransomware is still fucking annoying to get. Maybe it goes back to the disagreement over botnets and I'm projecting my low tolerance for annoying things on everyone else. Out of the major ways people get ransomware, the *easiest* to stop is software vulnerabilities. On a corporate network, you can set policies and do various things to mitigate depending on OS. When giving advice on /g/, you can tell people to update their fucking browser (and disable flash).
Running untrusted programs is a problem, but I don't see it as a bigger one for some one out on the wild web with an outdated browser. And it's hard to make people quit their terrible ways. On a corporate network, you can restrict what people get to run. On /g/, you get called an Adobe shill for saying you'd never trust a torrented copy of Photoshop.

I only brought up sysadmins to say that a sysadmin using his personal machine will generally make good decisions, but will probably end up clicking on a few things that are trying to exploit browser vulnerabilities. The laptop I browse 4chan and watch chinese cartoons on is "throwaway" in that I could have all the data on it stolen and destroyed (including backups, even) and it wouldn't really matter, but would it be stupid to use an out of date firefox and possibly end up needing to reinstall the OS? I think so.

>>58703625
I think you're vastly overestimating the possibility of actually being the recipient of an exploit. They're the easiest vector to stop, but also the one least often used. I've been using a copy of Windows without any updates and a browser that is several months out of date for pretty much over a decade now, browsing every kind of shady popup there is. I have literally never EVER not once in my fucking life seen an exploit in the wild. Same with Flash being some kind of giant security vulnerability. It strikes me as the kind of advice one would give because it makes sense and "my friend said it happened to somebody", not because they themselves ever actually encountered it.

I mean think about it logically, exploits are really specific, targeted and hard to actually make any profit with unless you already have a target with a known setup in mind. Why would someone who intends to spread malware set up a site intending to target Chrome 23 or something, instead of just making people download an EXE or sending them a fake login page? The percentage of people running ancient software is too small to make them worth targeting over the much larger segment of the population. If I wanted to create a botnet, going out of my way to infect uTorrent 2.2.1 users would probably be the last thing I'd bother with. The people who open PDF/word documents with macros enabled and run .jpg.vbs files would be much easier victims.

There's also this assumption that wanting to stick to an older version for UX reasons couldn't possibly be justified, because the "latest and greatest" version is objectively better and you're just fucking stupid and ignorant if you think otherwise (ignoring the bugs and exploits that version may have introduced in turn). I'd be more than willing to sacrifice a 0.001% possibility of being infected than to put up with whatever stupid shit Google introduced in the latest update of their browser that makes my life a living hell for the next 17 versions.

>>58703821
My experience is of course biased due to seeing ransomware every day, so I probably inflate its possibility across the board. Still, I didn't call browser exploits a major vector for nothing. There were several new exploits last year that were used specifically for indiscriminately distributing ransomware, and anecdotally I see older exploits being used all the time, albeit as things people have to be stupid enough to click on a link in a shady email to encounter.

>>58701409
Doesn't matter since they completely fucked up the browser with 53. Grayscale text antialiasing everywhere instead of subpixel and Japanese text is no longer antialiased.

53 literally feels like I'm using Chrome.

>>58702833
Use Nightly or Dev Edition.

>>58701478
Why did Mozilla get rid of XUL?

>>58704019
because they want to replace most of the browser with new components written in Rust over time, but replacing just one would break hundreds of XUL addons. webextensions was an existing open standard so they somewhat questionably decided to go with that.

>>58704077
I'd ask you why you hate rust so much, but since you don't even know that it isn't for writing addons I won't bother, you probably don't even know what it is.

Hahahahaha no

Firefox is better than ever you stupid fuck

File: 1458673530451.jpg (31KB, 372x527px) Image search: [Google]

31KB, 372x527px

>>58701035
Propaganda

>>58702382
I still use XP in a VM, it works great.

Wow we really triggered a shill in this thread.

I'm still on Firefox 3.something and it works great. Much faster than new Firefox.

>>58701035
linux on desktop