MozillaZine

FF 52ESR---FF57

Discussion of general topics about Mozilla Firefox
bob c
 
Posts: 125
Joined: September 7th, 2003, 10:09 am

Post Posted October 19th, 2017, 10:46 am

So--can I have 52 ESR (and Seamonkey) on the same (drive)machine, and load at that time FF 57 to see what it's like, without it destroying in anyway-anything of my FF52 or Seamonkey.

Thanks


therube

User avatar
 
Posts: 19194
Joined: March 10th, 2004, 9:59 pm
Location: Maryland USA

Post Posted October 19th, 2017, 8:08 pm

SeaMonkey / FF or FF / SeaMonkey, one will not affect the other at all.

To run two (or more) SeaMonkey / FF (or combinations thereof) generally all you need to be aware of is to use separate Profiles for each browser version.

If you're going to run simultaneous instances of SeaMonkey's (or simultaneous instances of FF's) you'll need to open (any instance after the first) with the -no-remote switch. (Again SeaMonkey & FF don't interact, so you can run 1 instance of SeaMonkey & 1 instance of FF without needing a -no-remote switch.)
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript

c627627

User avatar
 
Posts: 562
Joined: April 3rd, 2005, 12:58 pm
Location: Kansas

Post Posted October 19th, 2017, 10:31 pm

Make sure you backup your user profile, if possible you don't want it touched by Fx55/56/57 or higher.
I just did exactly what you asked, just now with Fx57 Beta10.
Holy smokes.... *nothing* works, vast majority of all my extensions have no replacements and as far as user interface modifications are concerned, forget about it, it's back to default and you're basically caged in [in comparison to mods you used to be able to do.]

Firefox 57 and later will be great for someone just starting out / people who haven't been exposed to all the extensions and modifications that worked on Firefox versions before v57.

But if you modded somewhat, let alone for 10+ years, I don't see how people would want to give up what they built all these years...
ESR until July 2018 for me, and then probably stay on ESR and give up browser security patches and rely solely on Antivirus/Firewall software for security after that.

I wonder what will kill Firefox ESR 52 functionality for browsing and how many years it will take?


Once again, backup your profile. Going back to Fx56 was not 100% possible until I deleted, copy/pasted back my backed up profile since some UI changes remained after going back from Fx57 to Fx56.
Open the pod bay doors, Cortana.

Brummelchen
 
Posts: 3894
Joined: March 19th, 2005, 10:51 am

Post Posted October 20th, 2017, 3:36 am

how many years it will take?

quite a while - but will last longer as 3.6 and web pages. it started around v35/36 when getting compatible with modern web pages. but as delicacy1 in this forum always point out that v44 lacks also functionality - in special for extensions ^^
but the major problem is not compatibility more the fixed vulnerabilities and those concern much more.

c627627

User avatar
 
Posts: 562
Joined: April 3rd, 2005, 12:58 pm
Location: Kansas

Post Posted October 20th, 2017, 7:01 am

I tried to get more information on that, unsuccessfully in several threads here.
If we take a relatively old version of Firefox today and its actual known critical vulnerabilities, what is the scenario and for which vulnerability, that would result in both exploitation of that vulnerability AND a fully updated quality Antivirus / Firewall combo not being able to intercept that exploit, which was triggered by an unpatched old version of Firefox?
Open the pod bay doors, Cortana.

Brummelchen
 
Posts: 3894
Joined: March 19th, 2005, 10:51 am

Post Posted October 20th, 2017, 8:32 am

what is the scenario and for which vulnerability

the older the firefox the more attack vectors for any current payload free exploit. in fact pure javascript is able to trigger plugins through firefox and can cause an attack from behind - and no current antivirus is able to detect it - because such exploit were tested on each antivirus to work perfectly.

http://malware.dontneedcoffee.com/

c627627

User avatar
 
Posts: 562
Joined: April 3rd, 2005, 12:58 pm
Location: Kansas

Post Posted October 20th, 2017, 9:41 am

Hm. And if Java SE Runtime Environment is not installed on the system, would that address that particular threat?
Open the pod bay doors, Cortana.

flaneurb
 
Posts: 619
Joined: December 10th, 2011, 3:50 am

Post Posted October 20th, 2017, 9:52 am

Java SE Runtime Environment has nothing to do with javascript.

c627627

User avatar
 
Posts: 562
Joined: April 3rd, 2005, 12:58 pm
Location: Kansas

Post Posted October 20th, 2017, 1:17 pm

Okay.
When he says trigger plugins, does that mean you have to have specific plugins installed for "pure" javascript to take you down, even if you have updated antivirus/firewall protecting you?
Open the pod bay doors, Cortana.

Brummelchen
 
Posts: 3894
Joined: March 19th, 2005, 10:51 am

Post Posted October 20th, 2017, 1:46 pm

exactly - in most javascript attacks a plugin is concerned (flash, pdf, java) - when enabled in firefox or allowed to run ("ask" confirmed). and common security software is not involved. thats why flash and other environments get so many updates because they offer attack vectors, stack overflow or else.

c627627

User avatar
 
Posts: 562
Joined: April 3rd, 2005, 12:58 pm
Location: Kansas

Post Posted October 20th, 2017, 5:05 pm

I mean, this is a conscious decision to give up security just to keep using Firefox as it is now. So even if the security issues were more serious, that wouldn't sway people who make a conscious decision to do this. You mentioned Flash, but Flash will be updatable on pre-Fx57 versions...
So it sounds like you would have to have a pretty specific old extension in order for it to trigger a major disaster.
Open the pod bay doors, Cortana.

Frank Lion

User avatar
 
Posts: 20102
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom

Post Posted October 20th, 2017, 5:59 pm

c627627 wrote:...and then probably stay on ESR and give up browser security patches and rely solely on Antivirus/Firewall software for security after that.

Firewalls are usually in the router and a good Sandbox program is a better route than anti-virus stuff in these circumstances.
Metal Lion latest SeaMonkey & Thunderbird Themes - Sea Monkey and Silver Sea Monkey
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)

c627627

User avatar
 
Posts: 562
Joined: April 3rd, 2005, 12:58 pm
Location: Kansas

Post Posted October 20th, 2017, 6:51 pm

Is Comodo Firewall okay?
Open the pod bay doors, Cortana.

Frank Lion

User avatar
 
Posts: 20102
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom

Post Posted October 21st, 2017, 3:19 am

c627627 wrote:Is Comodo Firewall okay?

It's not bad and I notice the Comodo promo stuff makes the point that is often overlooked - antivirus software only detects what is known, not the unknown. Although, I would add, they are updated often.

Here's a useful overview - http://www.techradar.com/news/the-best-free-firewall

With the exception of OpenDNS (which is not a software firewall) the usual rules apply - like with The Highlander and anti-virus programs - 'There can only be one'.

In general terms, sandboxes (and also good firewalls) are not without their pain points at times, especially in the early stages of use, as limiting easy access to everything on your PC/device and at the same time giving you free roam can 'require patience'.

This is an area where a user cannot get away with the usual catch all of 'Oh, I'm a non-techie (and thus incapable of ever learning anything, other than how to play Call of Duty)' and some personal effort and responsibility is required.

However, getting whacked by ransomware or something is a far bigger pain point than the above, in my view.
Metal Lion latest SeaMonkey & Thunderbird Themes - Sea Monkey and Silver Sea Monkey
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)

Return to Firefox General


Who is online

Users browsing this forum: No registered users and 4 guests