Why some Firefox users choose not to update

The best way for users to stay safe online is to use an updated browser. While most Firefox users get updated quickly, some fall behind for various reasons. We’re looking for ways to increase uptake while still preserving user choice.

Ken Kovash and Eric Hergenrader surveyed users who have update-checking enabled but repeatedly chose not to update from Firefox 2 to Firefox 3. Read their posts: Why People Don’t Upgrade Their Browser – Part I and Part II. It’s great to understand why these people continue to use Firefox 2 even when it is no longer receiving security updates.

32 comments on “Why some Firefox users choose not to update”

  1. JB wrote on

    One way I see people not updating to Firefox 3 or later is people stuck on older PCs with older OSes, like Mac OS X 10.3 Panther for example.

  2. Tyler wrote on

    The number of people with such old computers (a mac is not a PC) is extremely low.

  3. Larry Seltzer wrote on

    Next logical question: Why are you running OS X 10.3? No OS updates, no browser updates…

  4. Daniel Veditz wrote on

    It looks like only 4 or 5% of Firefox 2 users at most are on an OS version that doesn’t support Firefox 3. Statistics are murky, but if that was the only reason holding people back we wouldn’t have a problem worth talking about.

  5. Rick Leir wrote on

    People who use psi.secunia.com (free) will be more likely to update actively, so let’s promote psi. It’s an excellent tool. (I am not related to Secunia, just a user.)

  6. Terry wrote on

    “Why are you running OS X 10.3 ?”

    Some older Macintosh laptops do not take any OS
    more advanced than OS 10.2. I have one.

    “The number of people with such old computers (a mac is not a PC) is extremely low.”

    And the number of people going broke trying to have a computer that operates for more than several years (ie does not get outdated & become electro-trash pollution, leaving the person without adequate communicating / info-accessing capability) must be extremely high. THERE MUST BE A RIGHT ESTABLISHED TO HAVE ONGOING ACCESS TO PARTS, SUPPLIES, SUPPORT, WARRANTIES, ETC, FOR OLD COMPUTERS! OR, BETTER YET, COMPUTER MANUFACTURERS MUST BE REQUIRED TO PROVIDE LOW-COST COMPUTER HARDWARE UPGRADES FOR AT LEAST A DECADE, UNDER A TRANSFERABLE WARRANTY PURCHASED AT THE TIME OF THE ORIGINAL COMPUTER PURCHASE. And then the companies must take back the old ones and recycle the “ingredients”.
    Otherwise, both electronic equipment AND PEOPLE are getting trashed!

    UNFORTUNATELY, accurate knowledge as citizens in a democracy has come to REQUIRE a home computer and knowledge in how to use it. (Libraries have limits: there are too many people trying to use too few computers for too little time each.) It has become pretty essential for everyone capable of computer-operation to have a computer AND A DECADE OF TECH SUPPORT. BECAUSE A DEMOCRACY SAYS 1 VOTE FOR 1 PERSON, RICH OR POOR OR IN-BETWEEN, THERE ARE HUGE NUMBERS OF SPECTACULARLY IGNORANT VOTERS BELIEVING INACCURATE OR INCOMPLETE INFORMATION IN THE MEDIA. So who gets elected? The result. Sometimes worthy, too often not. WE ALL SUFFER FROM AN UNINFORMED ELECTORATE. MUCH much of the most important news / information is not on the mainstream media at all.

    I hope – even believe – that we are on the verge of an end to that pattern. How? Via media that makes a practice of getting to the truth and publishing it — ON THE INTERNET.
    AS A DISABLED PERSON IN POVERTY, I KNOW THIS FIRST HAND. I HAD TO SPEND MORE THAN I COULD REALLY AFFORD TO GET A NEW COMPUTER & AND A NEW PRINTER COMPATIBLE WITH IT & NOW to RENEW THE 1-YR WARRANTY – with a $100 penalty because I was too sick & hassled for 7 month to renew it on time. I WAS LUCKY: I SOMEHOW MANAGED IT,
    BY THE GRACE OF GOD.

    Time for enabling all economic levels. (Note: I do not have TV. I get better more complete info on the net.)

    I suggest you google “alternative news sites” or such, & be discriminating as to where to find what is real.

    Modern world — modern problems? WE NEED TO GET STRONG WITH SECURING MODERN SOLUTIONS THAT WORK FOR ALL VOTERS, WHO THEN WORK FOR ALL CITIZENS, no matter what their economic status. THAT’S DEMOCRACY ON THE INFO SUPER-HIGHWAY!

    Want to know where to get news that is established in truth, with a newsbreak every few minutes? Google “alternative news sites” or some such, & check them out. Vast range of quality & bias, and be discriminative about them AND the controlled networks.

  7. Brandon Sterne wrote on

    @Terry

    I sympathize with users who have a hard time staying updated due to the high cost of new hardware and operating systems. Supporting software, however, on platforms which no longer receive security updates isn’t a good use of resources. OS X 10.2, for example, hasn’t received a security update for more than 5 years. Have you looked lately at any of the free alternative operating systems such as Linux? My primary workstation is Linux and virtually all the software I use is also free and receiving regular updates. Linux runs extremely well on old hardware, too, so it is a great option for those of us who don’t want to have to buy a new OS every couple of years.

    (I totally agree, by the way, about alternative news sites.)

  8. bournel wrote on

    bonjour modzilla firefox,tout d’abord bravo pour avoir creer firefox et etre d’une performance considerable!j’ai firefox avec un windoxs xp familiale un acer d’origine!j’ai le firefox 3.5.2 qui fonctionne parfaitement mais le fait de rajouter des gadjet met ils les securité du firefox en danger car leurs gadjet ne sont pas tous anodins comme les players flasch,les plug ings sont t’il de nature a rendre firefox modzilla faible et capable d’etre infiltrer!!par des virus ou autre saletes,pourquoi des recommandation venant de vous les createur ne serai pas ajouter au menus firefox ce qui permettrer de mettre en garde vos fidéle utilisateurs et les conseiller sur la facon de parametrer firefox,en french serais un mieux!merci de me lire et je souhaite long vie a firefox”le petit va devenir grand!!by by

  9. Daniel Veditz wrote on

    @bournel

    Please forgive me if I’m misunderstanding you, but I believe you’re raising two issues. First, you’re saying that Acer is shipping a plugin (“gadjet”?) with their laptops that may compromise the security of Firefox. The only thing I’ve seen recently is the following report
    http://www.kb.cert.org/vuls/id/485961 — that is an ActiveX security flaw which won’t affect Firefox browsing. Most hardware vendors ship extra software beyond the base operating system (unfortunately not Firefox, though). That software inevitably has bugs as all software does, and sometimes those bugs result in security problems.

    Not much to say except choose your hardware in part on the reputation of the vendor, not just price, and in particular on their reputation for quickly fixing the inevitable issues that will get discovered. And disable or uninstall any software you don’t need, especially browser plugins (or ActiveX controls in IE), and make sure you keep the rest updated regularly.

    I didn’t really understand your second point about someone (who?) objecting to adding things to the menus (adding what?). We do have a support site dedicated to helping people with configuration issues, and a lot of it is available in French: http://support.mozilla.com/fr/

    The site can also be reached from the first item on the Firefox help menu.

  10. Laura Mulvaney wrote on

    Can’t log into capitalone.com because of security update. However capitalone security certificate does not expire until 10/15/2009. Today’s date is 9/01/2009. Their certificate is still valid.

  11. Daniel Veditz wrote on

    @Laura please visit http://support.mozilla.com for help with your login problem. It could be failing for several reasons and they’ll be able to help figure it out.

  12. Mele wrote on

    I just had the capitalone problem…two of them. Fx 3 said the cert was out of date but it was the bookmark that had the wrong webpage for servicing.capitalone.com. Fx3 had service.capitalone.com for the bookmark. Fx 1.5 has the correct bookmark so it did not have this problem. The strange thing is that I imported bookmarks to Fx3 from 1.5 so how did the bookmark get changed to be incorrect?

    Fx 1.5 has a different problem now at servicing.captialone.com. It logs in fine with the correct cert but on logout it says the cert issuer for http://www.capitalone.com is unknown. That’s weird for two reasons (1) the issuer is Verisign and Fx just accepted a Verisign cert when I logged onto servicing.capitalone.com and (2) http://www.capitalone.com is not a secure page so why does Fx1.5 think it is? This just started happening. I’ve used Fx 1.5 at capitalone for years with no problems until now.

    As to why I still use Fx 1.5? TBE. That is the main reason. Piro’s new little extensions for Fx3 are not very good but TBE is magnificent and is the reason I got Mozilla and Phoenix/Firebird/Firefox so very many years ago. I have Fx3 on virtual machines but Fx 1.5 remains the finest Firefox version. Fx 2 was horrible even though I got TBE working on it. Fx 2 and 3 have too many privacy problems for my taste. I have to spend so much time fixing Fx 2 and 3 so that my privacy is not grossly violated. Fx 1.5 is the last privacy conscious version and that is the second main reason I still use it on my host computer. The third main reason I remain with 1.5 is because of the horrible piece of junk that replaced the address bar in Fx 3. The attempts to mitigate the problems in 3.5 are not in any way sufficient. Until Fx allows me to have a normal, simple address bar again I will stay with 1.5.

    The only thing I wish 1.5 has that is in ver 2 and 3 is the ability to not loose text in a form field if it crashes, etc.

    I will be turning off any attempts by Fx (assuming I upgrade Fx on my virtual machines beyond 3.0) to tell me I have an outdated Flash Player or anything else. I don’t have Flash Player installed on any browser on any of my computers (as it is a huge privacy risk and security risk) but if I did I would not appreciate my browser bugging me about the version. I am perfectly capable of keeping things updated if I want them to be updated. It is not my browser’s responsibility to play nanny and nag me about things.

  13. Daniel Veditz wrote on

    @Mele

    Continuing to use Firefox 1.5 is extremely dangerous. If you’re that unhappy with newer versions of Firefox please switch to some other browser you’re willing to update. Seriously. I’d rather have you safe using some other browser than end up blaming a virus infection on Firefox.

    In what way do later versions of Firefox “grossly” violate your privacy? The only change I can think of between 1.5 and 2 that comes even close to that description is the anti-phishing database updates from Google, which we worked very hard on to preserve user privacy and which can be easily turned off on top of that.

    If you don’t have Flash player then we would never tell you it’s out of date. And while an extremely small minority might have legitimate reasons for using an old version of a plugin, when 80% of our users are vulnerable to widespread active attacks we need to do something to help if we can. Hopefully that minority will have the charity to say “thanks for helping to keep my less-savvy family and friends safe” and ignore the warning without getting too worked up about it.

  14. engin wrote on

    i love mozilla..i think its the fastest and safest.for long time , i didnt upgrade..why? because i had no problem with the old version , finally i couldnt resist pressure of mozilla warning to upgrade :S

    the most annoying when i upgrade my browser is : the change in apperance..Whatever you do in background working does not bother me , but the change in appearance (all) is really annoying for me.

  15. James Dashner Jr. wrote on

    I’m still running Ubuntu Hardy 8.04 because it works very well with my hardware. The Firefox version hasn’t reached end of life yet, but it will be around on the desktop until April 2011. Will the Firefox 3 end of life effect Hardy if I wait till 10.04.1 LTS is released?

  16. Mele wrote on

    Daniel,

    I will upgrade Fx to the latest version if and when Mozilla pulls the Comodo root certs. Until then, I think the entire notion of security for Fx is laughable. You made some excellent points, and suggestions, back last Dec/Jan in the mozilla.dev.tech.crypto NG. I had high hopes that Mozilla would do the right thing even though I realize pulling the Comodo certs is a blunt weapon and would cause harm also partly since Mozilla has no way to pull a cert without issuing a new version of Mozilla, partly because of the threat of lawsuits, etc.

    Eddy Nigg has a thread in the group about Comodo’s business ethics. His post has been widely quoted on security forums. Many of us who are interested in computer security, and who spend time in security forums, are very concerned about Comodo. I have had Comodo root certs disabled in all my browsers long before I read Eddie Nigg’s post on Christmas Eve. The world has not stopped and my browsing experience has not suffered much by doing this. Although both 1.5 and 3 are buggy regarding temporary disabling of certs so I permanently disable.

    There has been more and more blog and security forum reports in the last few months regarding Comodo continuing to issue certs to known malware sites and the situation becomes more acute and intolerable every day.
    I have been waiting for Mozilla to do the right thing but I don’t think Mozilla has the courage. The entire issue of certificates in Mozilla browsers is a rotten can of worms. There has been little discussion in this area in the NG over the past several months. Did the discussion go underground or is it forgotten? Frank has never even made a comment in Bug 470897 and it is assigned to him.

  17. Rainy wrote on

    One reason I shudder at all the updates is that they often cause problems, esp with previous settings etc….

  18. Achim wrote on

    The developer says: “You should update to a new version to avoid security issues.” This is like cheese to catch a mouse. If you update you will get additional security issues because there are new features you do not need or are implemented deliberately in order to compromise your privacy. To make things worse, new features are enabled by default without telling you. After updating you have a very hard job to find out and understand all the new risks and how to disable them in the “about:config” list (if it is possible). An example are the super cookies supported by FF2.

    I suggest you break up this strong connexion: Fix security issues (maybe by a major new version) but enable a new feature only if the user does this explicitly while understanding that he is going into a new risk. Then the user can try new risks just when he is prepared to do so.

    I use FF 1.5.0.12 taking old risks but avoiding new risks. In this way, I am not in a rat-race hurrying for the next version, with new risks, hurrying for the next version, with new risks, hurrying for the next version, with new risks, …

  19. Daniel Veditz wrote on

    1.5.0.12? really?!

    It’s true that new software has new bugs that might be exploitable, but the old software has bugs that are definitely exploitable, known to be so by web criminals, actively used on the web by criminals, and even cataloged for the script kiddies (with working sample payloads) at places like milw0rm and metasploit.

    Your assertion that Mozilla has implemented anything to deliberately compromise user privacy is offensive.

  20. Daniel Veditz wrote on

    In fact, the “awesome bar” feature that appears to have prompted many people to avoid upgrading to Firefox 3 was a deliberate attempt to _enhance_ user privacy. We found that many searches users perform are to find pages they remembered having read before. If we can find those pages for the user locally then we can save the user from giving more data about themselves to a search engine (and save them some time). We did this even knowing it costs us money when people search less.
    http://www.webmonkey.com/blog/Mozilla_Execs_on_Firefox_3__iPhone_and_Ten_Years_of_Growth

  21. Mele20 wrote on

    Here’s an example of how Fx exploits my privacy that i just encountered on Fx3 on Vista. Fx1.5 does not do this and thus is more privacy oriented. I clicked on a site that uses a cert from Comodo. I have all Comodo certs blocked so I got that ridiculous page wanting “to get me out of there” when all I want to do is IMMEDIATELY look at the cert which is what Fx 1.5 lets me do. I need to see if it is from Comodo or GoDaddy as I block those certs also because I want to be alerted to any site using GoDaddy as I probably won’t want to do business with a site that uses GoDaddy certs. Plus, this particular cert was using MD5 algorithm and I use the SSL Blacklist extension for Fx so I had that alert also.

    Fx3 makes a hassle just to examine the cert! Anyhow, I examine it finally (after jumping through unnecessary hoops that are not in 1.5). I don’t want to go to the site after I look at the cert and I guess this was the first time I actually clicked on “get me out of here” instead of just closing out that window. I got taken to

    http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official

    That really irritates me. Google tracks users and Mozilla tracks users and the earlier marriage of Google and Mozilla was an unholy alliance. I know it gave a lot needed money to Mozilla but it was dirty money in my book. There is no need for Fx to take me to that page or any page other than back to where I was when I got the suspect cert. I especially resent it taking me to a Google page. Yeah, I have every possible way I can covered to stop any Google tracking of me but even so Fx 3 should not have so little regard for my privacy. Fx 1.5 doesn’t ever take me to a Google page.

    So, I tried to add that url to my hosts file using HostsMan and it won’t add for some reason. Then I tried to see what entry in about:config is for that so I can kill it there. I can’t see what entry that would be. But while I was in about:config I was really struck by how many user entries I have there…most of them due to privacy problems in Fx3. I have very few user entries/changes in about:config for 1.5. I have had to spend so much time trying to make Fx3 decent privacy wise. I experienced the same problem with Fx2. It took too much time to make any version past 1.5 respect my privacy.

    Since I couldn’t find the entry to fix this current privacy problem, I had to take more time and post it at mozillazine forums which are not up to par currently and I don’t know why but the activity there is really sparse now so who knows if I’ll get the answer I need.

  22. jesse Ruderman wrote on

    Mele20, https://bugzilla.mozilla.org/show_bug.cgi?id=442839 explains why “get me out of here” sends you to the default home page (Google) rather than your home page. A future version of Firefox will make the default home page local, mostly for speed reasons, but also to improve privacy for its use as the home page.

    As for SSL error messages, I hope you agree that stopping MITM attacks improves privacy for the vast majority of users! The dialogs in Firefox 1.5 just didn’t accomplish that; see http://blog.johnath.com/2007/10/11/todo-break-internet/. You might consider using Johnath’s extension to streamline the process of adding certificate exceptions (https://addons.mozilla.org/en-US/firefox/addon/6843) or looking for another extension that makes it easy to “greylist” CAs you distrust without blocking them completely.

  23. Mele20 wrote on

    Thank you, Jesse, for pointing me to that bug report. Jonathan’s decision just proves my point. Fx is developed now only for the ignorant users as he says it should be a rare occurance” that one gets that “get me out of here message”. That is not true if you are not an ignorant user who never works with the certs. At any rate, I have installed Jonathan’s extension. As for the dialogs in Fx 1.5 not doing their job regarding MITM attacks that is true only for the ignorant masses. You are making Fx the browser for those folks and forgetting all about all of us who had such high hopes for Fx way back when it was Phoenix and Firebird.

    Today, I found another excellent reason to never upgrade Fx and there are going to be a lot of folks who agree with me on this. That is Firefox developers plans to ribbonize the Fx GUI. I love Word 2002, and prior versions, but that is my last Word. I will not use Microsoft’s ribbon crap that is in Word 2007 and Office 2007. (And I will deny Microsoft’s attempts later this year to “upgrade” my Vista Ultimate to the ribbonization of Word Pad and Paint). And yes, I had Word 2007 and Office 2007 for six months and had greater hatred every day I tried to use them. I also felt very ripped off that later there was a $50 addon that supposedly put back the proper menus. That should have been free or Microsoft should have never rammed that down user’s throats but offered whichever you wanted. Many folks are classic folks and we don’t want the latest junk where change occurs only for the sake of change to satiate the teenagers.

    I am sure that I would hate any major changes to Fx GUI that removes the absolutely necessary Menu bar and places a lot of oversized junk and unnecessary icons taking up tons of space on my Fx. And that requires me to go back and forth to do anything like it is in Word 2007 which makes it very cumbersome and makes it take three times as long to accomplish anything.

    “So the menubar generally ends up with a lot of stuff that isn’t used very often, if at all, and yet is reproduced on every window and takes up a significant amount of real estate.”

    The above is utter BS. I use the Menu bar constantly. I would be lost without it. I hate a lot of icons on my Fx GUI. I use the menu bar instead and have very few icons and only the Navigation Toolbar (tabs are tree style down the left side vertically) so I have a very neat and small real estate area used for the GUI. Plus, the menu bar does NOT take up a significant amount of real estate! It takes up extremely little real estate. What are you guys smoking? You are not on the same planet as many of your users. First you introduce that horrific “awesome” bar that is anything but awesome and that claims TONS of real estate space and is extremely messy and ugly completely forgetting that the address bar is just that: an address bar and has no business being anything else.

    Now you apparently plan to ruin the NICEST GUI OF ALL BROWSERS. Why do you think I use Fx more than any other browser? The GUI is why. I have a very sleek and beautiful GUI and I don’t want it messed with. Safari has the most awful GUI I have seen. (Besides, I can’t use Safari because it doesn’t allow me to use Classic Windows view so I can’t read the tiny font used for the GUI and nothing is bolded. In Fx, I have bolded the naviagation bar so I can read the address. I can’t read the address in IE8 as I cannot bold it so I use IE6 on my main machine where I can still bold it. I bold the menu bar also and all drop down menus in Fx so that I can read them and I can’t do that in Safari as its GUI is not controlled by Windows Classic view.

    Chrome, I wouldn’t touch with a ten foot pole as Google has it only so they can spy more on users than they already do. Opera 1010, with Opera Unite, I love but I detest Opera’s GUI and there are no decent themes. I keep coming back to Fx because of the GUI and my fabulous theme (red cats green flavor) and if you mess with that theme and take away the incredible thruster for that theme because you think thrusters are old fashioned …well, I’m going to be angry and I will never upgrade Fx.

    You say need to hide the Menu bar because you want to use Aero I read. I don’t use Aero on Vista Ultimate or Windows 7 and never will. I use classic view for Windows which means no Aero which is just irritating fluffed up junk. So, to me that is a very poor reason to take away the Menu bar. It appears to me that Accessiblity issues are going to be ignored in Fx4 if you take away the Menu bar and expect everyone to use Aero which anyone with less than perfect eyesight won’t use as they need Classic view in Windows.

    I have the menu bar on IE8 and would never use IE8 without it. I use the menu bar on IE8 all the time. Folks are saying “Well, go use SeaMonkey instead of Fx 4”, but SeaMonkey can’t use my Red Cats theme and that is the main reason I use Fx. Besides SeaMonkey is rapidly becoming another Fx with the only difference being that it has a mail client. It was a much better browser when it was Mozilla and actually different from Fx and the only reason I stopped using it back then was that it didn’t have my Red Cats theme and the only themes it had (or has today) were/are especially ugly.

    So, you see there are lots of reasons people stay with older versions of Fx and they generally have to do with developers adding stupid things to newer versions and removing the tried and true simply because some pimply faced teenager gets off only on rapid and vapid changes and that, sadly, is who Fx is now aimed at.

  24. Mele20 wrote on

    Two more reasons why I don’t upgrade. Google is not experimenting on Fx 1.5 users from the USA with their Ajax engine. I can’t use Google at all on Fx3 on Vista because they are experimenting on Fx3 USA users only. I get a loop url that redirects to Google when I click on a url in a Google search. If NoScript is installed or I turn off scripting in Fx Options then I can search on Google and actually get the page I click on in the Google results. Why did Mozilla allow Google to experiment like this ONLY on Fx3 and ONLY on USA users?

    The second reason I don’t upgrade is that history in Fx3 is so pathetic that 90% of my history is not in history. Most of what is there is not even history. It is PIECES of a web page, not even the page itself and why would I want to keep history of some little thing on a web page that I did there but not have the url from the main webpage? I have almost all urls that I visit missing in history. History, contrary to what you developers think, is extremely important in a browser and you have progressively, with each version of Fx, made history worse and worse. Not all Fx users are vapid headed idiots who obsessively delete their history every few minutes with CCleaner. Not all of us are obsessed with porn sites. Some of us actually value our history, plus, since we never let anyone else touch our personal computers there is no need to delete history out of fear of someone else seeing that we visited a porn or whatever site some fear others should not know was visited. I keep history forever except in Fx3 there is no history to keep.

    I remember when Mozilla browser years ago had outstanding history and Fx had pitiful history even then and a lot of us couldn’t understand why the great history from Mozilla was never ported to Fx. Then along came Fx2 with even worse history and now there is Fx3 where history is totally worthless. I have Extended History extension for Fx 1.5 so I have a pretty good history there and it is beautifully organized thanks to that indispensable extension as Fx could care less even back then about giving its users outstanding history.

    We had to use an extension to get what should be a basic part of any browser. But with that extension, history was pretty good. It got very bad in Fx2 and almost non-existent in Fx3 and I can’t use Extended History extension in Fx3. Could a developer explain why you are so against giving Fx users a very basic thing which is history of visited urls saved by date in chronological order for as many months as I wish? You are aware that Fx3 is incapable of doing this? And simply saving my tabs in Session Manager is no substitute for a proper history.

  25. Brenda wrote on

    @Terry
    Thumbs up! I totally agree!

    The reason I don’t update is because not all of my firefox add-ons are compatible anymore. Period.

  26. Steph wrote on

    I usually update as soon as possible, but as Brenda pointed out, sometimes the add-ons aren’t compatible anymore. I’ve come to depend on a few, so if they’re not supported I’ll wait until the developer updates them.

  27. Elvin wrote on

    Forget about the latest version . I just use the portable one.No install needed.For the latest version, I have spend numbers of hour to re install the add on.And not all are compatible.

  28. video izle wrote on

    The developer says: “You should update to a new version to avoid security issues.” This is like cheese to catch a mouse. If you update you will get additional security issues because there are new features you do not need or are implemented deliberately in order to compromise your privacy. To make things worse, new features are enabled by default without telling you. video izle After updating you have a very hard job to find out and understand all the new risks and how to disable them in the “about:config” list (if it is possible). An example are the super cookies supported by FF2.

    I suggest you break up this strong connexion: Fix security issues (maybe by a major new version) but enable a new feature only if the user does this explicitly while understanding that he is going into a new risk. Then the user can try new risks just when he is prepared to do so.

    I use FF 1.5.0.12 taking old risks but avoiding new risks. In this way, I am not in a rat-race hurrying for the next version, with new risks, hurrying for the next version, with new risks, hurrying for the next version, with new risks, …

  29. Beth Budwig wrote on

    So, this is slightly off-topic: but I haven’t been able to find any FF2.x download on Mozilla’s site. I always upgrade to the latest, but as a web designer, I need to test on older browsers. The Mozilla site was always great about having those available? What’s the deal?

    There are plenty of third-party sites with a FF2 download available, but that seems like a risk, unless there’s one you recommend.

    Thanks!
    Beth

    1. Daniel Veditz wrote on

      We keep all our old releases at ftp://archive.mozilla.org/pub/mozilla.org/firefox/releases/

  30. sikiş wrote on

    I remember when Mozilla browser years ago had outstanding history and Fx had pitiful history even then and a lot of us couldn’t understand why the great history from Mozilla was never ported to Fx. Then along came Fx2 with even worse history and now there is Fx3 where history is totally worthless. I have Extended History extension for Fx 1.5 so I have a pretty good history there and it is beautifully organized thanks to that indispensable extension as Fx could care less even back then about giving its users outstanding history.

    We had to use an extension to get what should be a basic part of any browser. But with that extension, history was pretty good. It got very bad in Fx2 and almost non-existent in Fx3 and I can’t use Extended History extension in Fx3. Could a developer explain why you are so against giving Fx users a very basic thing which is history of visited urls saved by date in chronological order for as many months as I wish? You are aware that Fx3 is incapable of doing this? And simply saving my tabs in Session Manager is no substitute for a proper history.

  31. Beth Budwig wrote on

    Daniel: thanks! Unfortunately, I couldn’t find this through a google site search, but maybe this blog comment thread will help that. 😉