Feeds

Firefox 3.6.4 debuts with Flash flak jacket

OOPP it up (unless you're a fanboi)

SANS - Survey on application security programs

Mozilla has released a stable build of Firefox 3.6.4, the first incarnation of the open source browser that seeks to minimize crashes by running plug-ins as processes separate from the core browser.

The processes-separate release is available for Windows and Linux.

In a blog post, lead Firefox developer Mike Beltzner says that according to Mozilla's beta tests, the latest Firefox would "significantly reduce" the number of crashes experienced while watching online videos or playing games. Firefox 3.6.4 offers crash protection for Adobe Flash, Apple Quicktime, and Microsoft Silverlight.

Mozilla calls these "out of process plug-ins," or OOPP. When you're down with OOPP, a shim layer executes the Firefox plug-in API, keeping it separate from the browser itself. When a plug-in crashes, Firefox loads a page that says so and sends a crash report back to Mozilla. If you then reload the page, the plug-in relaunches.

Firefox 3.6.4 also includes a "hang detector" that automatically terminates plug-ins that stop responding to calls from the browser. If a plug-in process takes more than 10 seconds to respond, Firefox will terminate the process and display the OOPP "crash" UI, which gives you the chance to reload the plug-in. This is the same UI that pops up when the plug-in, yes, crashes.

What's more, Firefox 3.6.4 will automatically notify you when your plug-ins need updating.

Crash protection is in the works for plug-ins beyond Flash, Quicktime, and Silverlight, and Mozilla is working on an OOPPed Firefox for Mac as well. The open sourcers say that this requires "major changes" and that OOPP should arrive on Macs with Firefox 4, due this fall. ®

3 Big data security analytics techniques

More from The Register

next story
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
Plus: iThings and desktops at risk of NEW SSL attack flaw
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.