- Open new windows more quickly. Firefox feels sluggish (on Mac) even though it isn't, simply because it opens new windows far more slowly than Safari or Chrome.
- Use the platform native key store. I don't want my passwords stored unencrypted on disk. But I don't want to enter a separate master password either. I do want to use fingerprint/face unlock on mobile to reveal passwords.
- Give me a setting to autoconfirm all cookie consent requests and lobby for a legally binding do-not-track header. Cookie consent was well meaning, but it has turned out to make things worse. Let's move on.
Oh that's very nice. In iOS 7 we had a jailbreak tweak called NoSlowAnimations[0]. It was amazing how much a simple thing increased the perceived speed and responsiveness of the OS.
Don't have an iphone handy but I think so. There are lots of options there to explore, there's also one to increase contrast and another to make buttons more evident. There's some cool stuff there in accessibility options
> - Give me a setting to autoconfirm all cookie consent requests and lobby for a legally binding do-not-track header. Cookie consent was well meaning, but it has turned out to make things worse. Let's move on.
This can be done with uBlock Origin and an "annoyances" filter list such as EasyList Cookie. It doesn't actually give websites consent to use of cookies, only hides the consent form.
> lobby for a legally binding do-not-track header.
DNT is pretty dead, and IMHO was never a good idea in the first place. Opt-outing of invasive and unethical tracking is just weird. What about people who don't know about it? Or don't fully understand what it means?
It's almost like the Hitchhiker's Guide: "Well, you should have visited the planning department in the disused lavatory with a sign 'beware of the leopard".
I always thought the point of DNT wasn’t technical, but to make it impossible to argue either (a) that users don’t really care (many opted in), or (b) that Google et al respect user’s wishes without regulation or technical barriers (they are aware of DNT and its specific meaning and they ignore it). In other words, political maneuvering towards getting the entire industry to accept implementing that technical solution.
Well, if you're going to lobby for a change to the law then you might as well lobby for a change that's actually a good one, instead of a half-baked one that barely works.
I would say it depends on how good any alternative solution is and how realistic it is to pass.
Edit: Having read your blog post, I want to say that I'm not necessarily asking for the original definition of DNT to be reused. What I want is for the DNT header to have the same effect as if I had said no to all optional categories of cookies.
The status quo is that we are asked a "yes or manage" question where "manage" means something horribly complicated that no one does. If we redefine DNT to mean "no to everything optional" then it becomes a matter of local law to define what is and isn't optional. This allows for the sort of minimum level of consumer protection that you're asking for.
The law could also require that this DNT header is opt-out. A per-site overridable DT header if you will.
I'm not going to claim that I have thought this through properly. It's just something that I wish Mozilla did some work on.
>- Give me a setting to autoconfirm all cookie consent requests and lobby for a legally binding do-not-track header. Cookie consent was well meaning, but it has turned out to make things worse. Let's move on.
Maybe there should be standardized interface for accepting privacy policy and cookies, all managed in browser UI so you could set default settings and give exceptions for specific sites without cluttering website with various popups... oh wait https://en.wikipedia.org/wiki/P3P
> - Give me a setting to autoconfirm all cookie consent requests and lobby for a legally binding do-not-track header. Cookie consent was well meaning, but it has turned out to make things worse. Let's move on.
Most of those are implemented in JS, so NoScript goes a pretty long way to fixing this. It would be nice if Firefox somehow auto-detected them, and other useless pop-overs, and nuked them.
Unfortunately, browsing with JavaScript disabled on mobile, I've noticed quite a large number of sites (usually WordPress blogs) that have the opt out button in the HTML, controlled server-side, so you have to enable JavaScript at least once to get rid of it.
Given that I prefer brave or bromite custom tabs (via Lynket) for short sessions on mobile (and prefer not to have long sessions on mobile at all), I generally just deal with it.
Windows open more quickly now than before. A few versions ago, it had become unbearably slow (I'm an FF user since Camino died), and I stuck to using tabs only, but 72 seems to have caught up again. I estimate that it's around 0.3s slower than Chrome on my machine.
Confirming the window opening speedup! Previously FF spent a lot of time compiling shaders when opening a new window. Perhaps these are now been cached.
> Open new windows more quickly. Firefox feels sluggish (on Mac)
I assume you mean new tabs?
That's very quick on Windows using FF 72. Interestingly that's been a long-time annoyance of mine when using Chrome on Mac - when compared to Safari which shines here.
Many of my workflows begin by opening an new empty browser window. I also tend to open links in new windows instead of tabs. I'm not a huge fan of tabs generally.
Whilst there are the "every tab in o e window open forever" people, there are plenty of "window for task" people.
Personally, I have been a window for task person 'since forever' (tabs are context depth in said task, hence "close tabs to right" being one of the most useful features).
Regarding the native key store, why not just use full disk encryption? The session-specific encryption never made much sense to me, unless you share the computer with others. How many processes do you really have that are not running under your user or root?
I do use full disk encryption, but when I'm logged in, any program that runs as me can access my files (subject to some partial restrictions that Apple introduced a while ago). And anyone gaining access to my unlocked computer can easily copy that password file.
You could say once malware is executed with my credentials it's game over anyway. But I disagree with that. Having a file full of passwords stolen is far worse than than anything else, including key loggers, because it's maximum damage in a minimum amount of time.
I want to make that as difficult as possible for any attacker.
> when I'm logged in, any program that runs as me can access my files
On Windows, the same is true of the encrypted data; any program that runs as you can decrypt it. Is it different on macOS? How does the system authenticate a specific program?
On the Mac, Safari and Chrome store passwords in a key chain. To reveal any of those passwords you have to re-enter your macOS login password or whatever authentication method was used to log into the device (fingerprint, face ID, ...).
So it's not the program that is authenticated. The system simply makes sure that any program accessing that particularly sensitive data is really controlled by the logged in user.
This is entirely separate from protections for other files that may or may not be encrypted.
That's interesting and I wonder how they do it. Nevertheless this isn't good as it offers a false security sense since the end result is similar to using a master password which is the same as the login password.
You are more likely to lose your data while the computer is on and drives decrypted than when it is off. The threat model for FDE is thieves or government physically stealing your drive. Much more people get pwned in software than physically. I mean you don't just leave root shells laying around do you?
The question was whether the keychain really protects from those software attacks. I wondered mostly because I know that Windows will allow any process running as a certain user to decrypt data stored by any other process (at least if it's stored using the Data Protection API, like Chrome does for its passwords), so it only really protects your data from other users and their malware.
It seems that macOS authenticates each process, so that might provide some extra security.
As a long time Chrome user, and someone who (admittedly) said to a FF fan about an year ago, that it's too late for FF to catch up to Chrome now. I gave FF another shot about 6 months ago, and I'm liking it more every month since then.
It has been my primary browser outside of work, the major reason I use Chrome now is for Chrome Dev Tools.
Also, some websites don't behave well in FF and I find that most of the time it's because of the site tracking being blocked. So not a big deal
Posts like this always come up in these threads and they're really great, but it's worth adding that 'switching to Firefox' isn't something anyone actually has to do. Just start using it for one thing or another and any complete change will happen naturally if it makes any sense. It's a process that involves no effort and no risk
The only thing I use Chrome for is gaming, graphics perf is still miles better than Firefox. But I'd never trust Chrome with anything as much as a private URL or a username or password, for much the same reason I wouldn't stick my hand through the bars of a cage while visiting the zoo. Did they ever get around to fixing that opt-out password sync crap?
> 'switching to Firefox' isn't something anyone actually has to do. Just start using it for one thing or another and any complete change will happen naturally
This is going to vary with different people. Have you heard the phrase "Default is destiny"? This is especially true for less technical people (the majority of web users).
Personally I'm not going to dabble, rather keeping to the safe and familiar, so I have to intentionally trial run something as my goto/default.
It is on chrome notebooks. And every search on google.com prompts you to install chrome for 'a better user experience'. Soon, just by plain nagging, it ends up becoming default
Sure it isn't. Had to set up a Windows 10 laptop recently, and the amount of hoops I had to jump through, just to wrestle the default browser from Edge...!
I've been using web browsers since the mid 1990's and with the exception of when I first started using them I have never only used one. These days I regularly use Chrome, FF and Safari every day for different tasks.
I'm not alone in this. When I peak at other people's computers I regularly see multiple browsers being used there as well. Even the less computer savy people know to use different browers for different websites depending on what works.
This is all to say I don't quite grasp naive understandings of the browser horse races. There is likely little actual switching going on, and the concept of market share in browsers needs to be reexamined.
Before this, the last time I tried FF was when Servo was in it's early days, it was full of bugs and crappy performance. Couldn't use it for more than a few days and had to switch to Chrome.
But this time, the experience was a lot smoother. So it's not a natural switch which happens with time :)
feature-wise firefox dev tools are pretty close to chrome's. However, if you have a large number (thousands) of sources and try to set a breakpoint, performance slows to a crawl. This probably doesn't impact a lot of web developers, but when you develop a large complicated web app and want to debug unobfuscated/unminimized code, this is a big pain point.
FF still has some difficulties with some stuff (I've had issues with sourcemaps in particular, they would always work in Chrome but sometimes don't in FF)
I get most of my stuff working in FF so don't need to jump to Chrome most of the time but for some gnarly stuff I end up in Chrome
The mere fact that login into Google logs me in Chrome as well made me decide to switch to another browser. It's as simple as that. Google doesn't care about user's privacy.
I switched to Firefox from Chrome a couple of months ago. The sole motivation was the fiasco that ensued after Google decided to mingle Chrome Sync login with accounts.google.com cookies - there is simply no way to sign in to Chrome Sync without creating browser cookies for the same account. I wanted the benefit of saving and syncing bookmarks and extensions across my chrome installations, but I did not want to be tracked across the web with my logged in Google identity and the Chrome changes for "Identity consistency between browser and cookie jar" made it impossible. It was time to move on from Chrome.
And I have been very pleased with the new Firefox. Highly recommend it to everyone!
Netscape (1994) -> IE -> Firefox (for a long time) -> Opera (briefly, but never liked it) -> Safari (a return to the Mac platform) -> Chrome (for a long time) -> Firefox (2 months ago)
I never thought I'd return to Firefox but here I am. Browser preferences can certainly shift over time.
There are definitely preference changes over time. Another factor is how quickly the internet and browsers change... Even if your preferences remained the same, your needs will inevitably change too. It's wild to think of how much the internet and browsers have changed in the last 20 years.
Yet they still have the same basic back, forward, refresh, address bar, and bookmark components. I wonder if that'll ever change. Address bars have certainly come a long way.
As someone who's been using FF since the Netscape Navigator days, I remember when people were saying similar things about Chrome and IE. Never say never.
Both Chrome and Firefox doesn't work for me.
I am sad how tab management isn't given priority on both. Chrome is especially annoying with it hiding the tabs after certain number of them and Firefox takes too much space and crashes often. There is no tab stacking, auto closing, sorting, filtering and multi previews built in.
I switched to vilvadi last year and it has been a breeze.
On mobile, I don't have any preference but I avoid firefox preview now that it has been crashing on top ranking Alexa sites. I would appreciate better tab management here too because I have to switch between 5 browsers to just manage them all without them crashing.
> It has been my primary browser outside of work, the major reason I use Chrome now is for Chrome Dev Tools.
That's pretty much what I do in the past few years. Firefox is my primary personal browser, while Chrome is strictly for work only. Hopefully I can fully transition to Firefox for work stuff this year as almost all debugging features I used are available on Firefox. It's mostly just muscle memory that holding me back after years of using Chrome dev tools.
"Firefox replaces annoying notification request pop-ups with a more delightful experience, by default for all users. The pop-ups no longer interrupt your browsing, in its place, a speech bubble will appear in the address bar when you interact with the site."
That should pretty much kill off a lot of the notification request crap, especially if Chrome follows suit. I can envision the conversion rate massively falling off when it's no longer something right in your face.
Slack has started disabling unrelated features if you disallow notifications. For instance, you can’t add channels to the “ignore @here” list if notifications are off. I’m sure this’ll get worse over time.
FF needs a “disable notifications, but lie to the website and say they’re enabled” button.
I feel like a good extension to make would be a lying extension. Make it able to lie to a site about any API and have set configurations to deal with specific types of behavior.
I feel like if a specific browser, ie. Firefox went down this path, it wouldn't take long until websites stopped supporting that browser. It'd take browser wide action to take on big players such as Slack imo.
This is a common error people make. It’s transferring their emotions to inform what some (often companies or countries) should do.
In the specific example, it makes no sense for any single website to forgo, say, 5% of revenue to “teach browsers a lesson”, especially since any change would benefit them accrue mostly with their competitors.
See also: “Google/FB/... should leave the EU to protest these privacy laws...”
It may not; you'll just get fake notification prompts from the page that will morph intro instructions on how to enable notifications when you click "accept".
"OneSignal Prompts are a 'soft request', meaning that they are not invoking the 'hard request' of the browser's Native Permission Prompt. This is important because if a user denies the native prompt, the developer is unable to prompt the user again, unless the user goes through a multi-step process to re-enable these permissions. On the other hand, if a user dismisses a Soft Prompt, the app or website can still present them the option later on."
Speaking for myself, showing such prompts repeatedly is a very good way to ensure that I'll never visit your website ever again. No, I don't care about your mobile app, anymore so than I did two days ago.
To provide some context on this, we provide clients with 4 built-in prompting options and we do our best to encourage them to use the one that is best for their user experience.
We definitely want to discourage people from asking for notification permission in an obtrusive way. It's not good for anyone when that happens. We wrote a blog post with some recommendations here: https://onesignal.com/blog/web-push-permission-prompting-cha...
I'm not sure how to put this, but your product is "abused" to such an extent that I personally took the time to pop open the Web Inspector, find the CSS selector for the notification, and use it to look up your company and mentally blacklist it and make a point of bringing it up by name when relevant: https://news.ycombinator.com/item?id=21848866. Your product is seemingly fundamentally misaligned with how users want to interact with the web, to the point where browsers are implementing behaviors that specifically target your implementation. Your blog post gives me very little confidence in your commitment to making this experience better:
> OneSignal encourages all websites to adopt a two-step prompting system if they don't already do so. This will help prevent the website from being penalized and forced to show a quieter permission prompt if too many users have denied the traditional native prompt in Chrome.
Websites are being penalized for a reason, and you know this. Simply adding another modal is just making the problem worse.
> The easiest prompt to transition to is OneSignal's Slide Prompt. Ideally, however, we encourage users to use the Custom Link prompt.
The Slide Prompt should not even be offered as a transition. It's completely at odds with the intent of this browser change, which is all about user intent. Providing facilities to present annoyances that bypass user interaction is the complete opposite of this.
> Offering a coupon in exchange for users opting-in to notifications.
…no?
Please, please, please reconsider how you are implementing these. If you are genuinely unaware of the widespread misuse of your tools, I'd be more than happy to direct you to numerous examples of zero-click, near-immediate, largely irrelevant faux notification requests coming from websites using your product.
> Firefox replaces annoying notification request pop-ups with a more delightful experience, by default for all users. The pop-ups no longer interrupt your browsing, in its place, a speech bubble will appear in the address bar when you interact with the site.
This is fantastic! I had finally figured out I could turn this off in settings a while ago, glad it's now a default. I get so annoyed by this, annoying indeed!
In a webapp where you present user a button to activate notifiactions, when the user clicks the button seemingly nothing happens in FF72 (user is focussed on a big enable notifiactions button in the web app and may not notice that some tiny gray icon wiggled a little in the address bar).
On a big screen a button in the middle of the screen is so far away from the address bar, that you don't see any change in the address bar at all in the peripheral vision.
So yeah, web apps that don't try to force the user to enable notifications are now punished for good behavior again.
How about web apps too not show annoying pop-ups which are pretty useless in most cases? Websites which show two pop-ups (custom pop-up followed by browser pop-up) are worse.
My website doesn't show any popups. I have a settings dialog that user can open and setup email and other notifications.
This will just not work anymore. I'll have to add some long winded FF specific explanation on what to do after clicking the button.
Anyway the FF UI is broken if user physically can't see any reaction from the browser after he requests notifications by clicking anywhere on the page.
If your users are clicking a button then it should actually show the permission prompt, unless you're losing the user interaction somewhere in the callback (by doing something async first)
I guess this is then happening because I'm first checking if there's a subscription via `pushManager.getSubscription` before creating a new one in the event handler.
Yep, dropping getSubscription makes the popup appear again.
I receive these popups multiple times per day. It is rare that I actually want notifications from your web site (or mobile app). Messaging is one of the few use cases that comes to mind but even then I don't always want to be notified.
Do you mind me asking what your notifications are for?
I've been using Firefox for the last 10 or so years. (Used the "new Chrome-Opera" for a while but went back soon)
These recent developments are awesome. As a frontend developer, I also find the devtools absolutely competitive with Chrome's.
The default ad- and tracker blocking is nice, I only need to use uBblock Origin for Youtube (whitelisting only that), since Youtube became nearly unusable due to the massive amount of ads.
Edit: also, they are fortunately tackling two prominent annoyances of the "modern web" i.e. push notification popups (for those who don't turn the whole feature off outright in about:config) and video autoplay.
So sad that Firefox's market share is still just 9-10%. :(
> I only need to use uBblock Origin for Youtube (whitelisting only that), since Youtube became nearly unusable due to the massive amount of ads.
Depends how much you're using it, but as it's pretty much become the primary source of entertainment in our household I decided the most practical and ethical option was to just pay for it.
Yeah... I'm doing the same for Deezer (paying for listening to streaming music) but I only use Youtube occasionally.
Got fed up when YT showed 2 ads every 20 minutes in the middle of a classical music concert. I'm not expecting it to be ad-free, but expecting it to be less intrusive/annoying.
I enjoy ads-free YouTube experience as I’m located in Sudan. It always surprise me the amount of ads I get when I access the internet from a different location!
No doubt it's not possible everywhere, but many countries offer YouTube Red (or whatever it's called now), been paying for it bundled with Google Play Music for years (in Australia).
> [gripe:] - Dragging tabs [in Firefox] didn't immediately drag out a window like in Chrome
Luckily (for me) this still holds and I see it as an advantage over Chrome; this pulling effect is amusing to look at (and I must admit that Chrome does great job when it comes to perceived speed and "snappiness" of it) but absolutely terrible feature when it comes to usability. For example it prevents transfer of tab between two full screen windows, making this task a multi steps chore. (Even for non-fullscreen windows it's quite complicated; I've summarized it some time ago in https://news.ycombinator.com/item?id=19663744)
Hmm. I’d like the option. I use BetterSnapTool on Mac and very often tear off chrome tabs and immediately try to snap them to a side. This doesn’t work on Firefox.
With notification spam fixed, how about tackling cookie banners spam next? Let's work on a standard to allow user to set their preferred cookie settings level once in browser UI and keep websites clean.
I don't remember the website, but I ran across one on hacker news a while ago that had the best cookie popover I've ever seen. It floated over from the left hand side of the page. Had simple and clean UX allowing for user configuration of cookies. Felt a little more like a cookie control panel than a popup disclaimer. Allowed the user to select which cookies to allow with a small description of what they did.
Sounds like something users want. Unfortunately, that’s not what most website owners want. They want to be as annoying as possible so that you smash “agree” just to get it over with.
What users want?
GDPR allows you explicitly to serve strictly necessary cookies without asking for consent. You only have to ask if you track people or don’t know what cookies your site stores with your users.
It is 2020 and totally possible to create websites without cookies or with only functionally needed cookies. You do your users a favour and your site will look better.
The very idea of the GDPR wasn’t to force websites to display cookie banners. It was to clarify that cookies can contain identifyable personal data and can be used for tracking, which is why we should avoid using them in that way or ask for consent if it really must be used.
On that of that, a lot of websites do not allow the user to use the website if they do not give consent to allow the non-functional cookies. Which is against the GDPR.
I heard a talk by Ulrich Kelber, the German federal data protection officer, two months ago. He admitted that it does not make much sense right now to encourage more people to report GDPR violations. As it stands, data protection agencies are already drowning in reports and most of them are horrendously underfunded. (Especially in EU countries that are not Germany. Germany has had strong data protection laws for a long time, so the staffing situation in our data protection agencies is slightly better.)
As a user, I want it in the User Agent. I don't even know what the point of the bloody notification is. Set a cookie and redirect and see if you get it back if you want to know if I'm going to preserve your shit. Don't ask me this crap.
If this is the gold standard, the our standards are very low. It should be just as easy for me to say "no" as it is to say "yes", and Metomic has the same dark pattern as everybody else that saying "no" requires a lot of clicking and careful reading, while click "yes" is easy. Seriously, in Metomic it's even multiple panels! And every single one has multiple paragraphs I have to read! Whereas "yes" is a single click and the panel is out of my face. It's crap and it's intellectually insulting.
There's no law anywhere that says you need to ask permission for storing cookies. You can perfectly well make a cookie-based login without a cookie banner. This bullshit about un-uncheckable "essential cookies" toggles has to go, you don't need permission for those, they don't need to be in the dialog. The GDPR even specifies this, albeit too vaguely: it should be as easy to accept tracking as it is to reject it, and in practice even a startup 100% focused on solving this problem gives that rule the middle finger.
Seriously, fuck this shit. The banner should say "We'd like to track your behavior so we can improve our service / sell better ads / whatever¹. [Ok] [Rather not]". It's not that hard. Only give Metomic your money if you think your visitors are idiots.
Fandom (wikia) is pretty good. It's a big popup in the center of the page, with Yes and No buttons at the bottom, styled with equal importance. One click and it's out of my way, just as easy to decline as allow.
Of course, the gold standard is no tracking and no popup.
> Let's work on a standard to allow user to set their preferred cookie settings level once in browser UI and keep websites clean.
Bring back P3P, with GDPR acting as the enforcement part (which was quite lacking when P3P was first proposed)? Might work quite nicely, and the support is in browsers already, it just tends to be ignored.
I've thought exactly the same and I think now might exactly be the right time to bring it back. However can the client tell to the server if it consents or not? Second problem is of course that malicious or lazy site admins won't use P3P just that they can annoy users to click Accept.
How would you detect if something is a cookie dialog in a standardized way? It's pretty much impossible as all of them are custom code with different layouts / selectors / sequence of actions you need to take to opt out.
The "I don't care about cookies" addon[0] seems to do a pretty good job of it, I've not seen a banner in ages. I assume it works on a mixture of detecting popular cookie popup js libraries, and user feedback for the rest (although I can't seem to find a github or any code for it so it's hard to say). I think ublock also has a filter list for it built-in.
I can't find the source repo either (source must be made available, can be on-demand to the author, hell the author could send it to you on CD-ROMs if they felt like it and still be compliant).
That said, it makes an ABP-compatible filter list available. This works with ublock origin:
Unfortunately, they are required by law (at least in Europe) and we can't do much about it. You can't say use a browser API to set a global setting for them, because GDPR explicitly requires that every website must get the user consent for them.
Of course the real solution (and the reason why GDPR introduced the banner) is for website to stop using cookies for tracking their users and thus have no reason to put the banner (you don't need the banner for technical cookies, such as the one used for logins, but only for third party profiling cookies).
A minor nitpick, but the "Cookie Law" that introduced these banners was way before GDPR, although the GDPR does have articles that also talk also about cookies.
The intent of the parts of GDPR which mention cookies (or, at least, what I assume the intent was) was to essentially "upgrade" the banner from a simple and largely useless notification (i.e "By using this site you agree to our use of cookies") to one of informed consent (i.e "Please click accept or deny the use of cookies to continue using this site").
Interestingly, as far as I am aware, no site or company has ever been taken to court or even fined for not using a cookie banner, despite some websites publically declaring they won't use it[0].
Important point: GDPR allows you to use strictly necessary cookies without asking for consent.
So if you hate to put cookie banners onto a site, just stick with storing only strictly necessary cookies without data that identifies your users and you are fine.
The problem is, many people don’t even know what cookies their own site stores with their users and they store a ton of tracking cookies on their user’s devices.
Isn't the whole point of cookies to identify users (for session persistence and the like, not just ads)? If you're not identifying users what are you achieving?
For some sites it could be enough to store the state of the site (e.g. display settings, language, etc) instead of a profile.
When I visit a random wordpress blog I shouldn’t need any cookie from them — why would I?
When I visit an online shop it should be my choice if they remember me (which is precisely what the GDPR demands). This could be a little toggle switch labled “Remember me” that is off by default and that would be it.
But people seem to prefer forcing their cookies onto users.
Since most websites seem to prefer slapping banners and modals on their pages as opposed to actually ridding their sites of tracking cookie usage I've found that just blocking the elements using a filterlist[0] is a nice solution.
> You can't say use a browser API to set a global setting for them, because GDPR explicitly requires that every website must get the user consent for them.
I can see why that prevents a browser from auto-accepting all cookies, but how in the world does this logic apply to me if I want to deny consent to 100% of the websites to use cookies?
Set the default on the browser to deny all consent, and show the cookie notification somewhere unobtrusive, the same way it was done for notifications.
The browser already has logic/settings controlling which cookies are accepted (first party, all, none). These settings have existed in most browsers for years. It's unfortunate that the cookie law didn't build on this in some way.
The cookie law is very flexible. It considers any and all ways in which the user makes their intent explicit as good enough.
The issue is that websites want to annoy users until they finally maybe actually say yes to get the site to shut up.
Legally, tracking has to be off by default, tracking may not change the usability of the site, and tracking has to be purely optional, and the "no" has to be simpler, larger, and easier to use than the "yes".
The point of the GDPR, over the course of the next years, is to utterly destroy online advertising as a business model, and any and all tracking solutions with it.
I keep trying Chrome out every so often, but there's little usability issues that keep bringing me back to Firefox. For example, Chrome never wants to bring me to the correct sites when you start typing letters. It's always a site I maybe visited once (like nypost instead of news.ycombinator.com)
That's because one of Chrome team's KPIs is how many Google searches are performed through the Omnibar, and better tab search would decrease that KPI and decrease Google ad revenue.
Think about it: it's a web browser literally built by the biggest search company in the world. The latest version of Chrome will even add Google Drive files to the omnibar search for G Suite users.
There is no excuse that they have a worse omnnibox search than Firefox.
I know the hacks blog tends to stick to "what web technologies changed" but 72 also introduces "Experimental support for using client certificates from the OS certificate store can be enabled by setting the preference security.osclientcerts.autoload to true (Windows only)." which has always been a huge PITA for me while testing and many interested in these technology changes are probably interested in this flag (though maybe moreso when Mac/Linux get supported).
Safari is terrible with client certs - it seems to store the default on a per page basis rather than per domain. Changing that involves diving deep into keychain.
Chrome usually works but yesterday a colleague had problems where the dialog asking which cert to use wouldn’t respond.
Firefox just works.
It’s a shame that certificates aren’t used more widely. They don’t work at all in captive portal pages on OS X or iphones :(
I love the Picture in Picture feature. There are too many web sites which leave you only the choice between a rather small video or full screen. With PIP I can choose the size which works best for my screen. Also, as it floats on top, it is never covered by other applications.
One thing would make this even more increadible: is there a way to set the default size and position? If the PIP feature would always start in my preferred size and position, this would be just so great.
With my preferred setup, I play videos in the upper left corner, so with the current Firefox behavior, I always have to drag the PiP video around. Not the end of the world, but it would be a huge improvement, if it remembered video positions.
Can't wait to find out if this release fixes a bug (https://bugzilla.mozilla.org/show_bug.cgi?id=1557160) that was preventing correct rendering of extension popup windows/context menus when the APZ zooming was enabled (which allows pinch-to-zoom gestures, e.g. on the MS Surface).
Update: Just got to try it out, seems like it indeed works now. Yay Firefox 72!
I'm honestly surprised that we aren't talking about tab behavior here. Literally the only reason I keep using Chrome is that no matter how many tabs I have open, they're all visible at the top.
There's visual persistence of state. On Firefox, even with the trick of reducing minimum tab width, my tabs overflow and I have to click through to get different groups of tabs. It is utterly maddening and I don't know why every other browser refuses to do Chrome like tabs.
Why the continued choice to violate the first rule of UI design which is to keep things in the same place?
I'm completely opposite. I can't use Chrome once my tabs shrink down to this: |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
With Firefox no matter how many tabs I have open, they all remain usable. There's also "% name" keyword search in address bar that finds open tabs, and check out Tree Style Tabs extension.
> Chrome fixed that a few months ago.
>
> There's no tab scrolling, but the many tabs that are visible don't break any more.
Not really. Resize your window to 1920x1080 and open 150 new tabs. In the last tab, open any site you want. Now switch back to the next to the last tab. Hover over the tab bar. That pop-up doesn't show you the last tab.
> Hover over the tab bar. That pop-up doesn't show you the last tab.
I'm not sure I follow. The popup shows you the tab you're hovering over. You wouldn't be hovering over the last tab because it's not in the visible area.
But that's unrelated to the problem they fixed. Right now, when you open a large amount of tabs, it always shows favicons. What it used to do, when tabs got smaller than about 30 pixels, was this: https://www.technorms.com/wp-content/uploads/2010/06/TooMany...
>I'm not sure I follow. The popup shows you the tab you're hovering over. You wouldn't be hovering over the last tab because it's not in the visible area.
That was my point.
>But that's unrelated to the problem they fixed. Right now, when you open a large amount of tabs, it always shows favicons. What it used to do, when tabs got smaller than about 30 pixels, was this...
I mean, I guess it is better, but I wouldn't consider that "fixed".
The person you replied to said "with Firefox no matter how many tabs I have open, they all remain usable" -- you then said "Chrome fixed that a few months ago."
I understood that to mean that all tabs would remain usable.
Being able to see a sliver of a favicon when I may have another 200 tabs that I can't get to isn't really fixed in my book.
Different people use tabs for different things. I have had browser sessions with 100+ tabs before as it can be a "spatial organization" tool more interesting than the History or Favorites lists because while I have to scroll through the tab bar, there are recognizable "neighborhoods" of tabs.
Firefox has a lot of options for tab extensions if you wanted to explore for something more to your liking.
I'm always surprised when I find out more people don't know about this (or other vertical-tabs addons). I typically have dozens of tabs and keep them open for weeks at a time (ff is set to restore previous session. So most are usually unloaded, but I also have an addon to unload tabs at-will if it's ever a problem). Horizontal tabs feel so arcane after getting used to it, I'm surprised it's not a standard feature yet.
Still the primary reason why I use Firefox. It allows me to have effectively an infinite number of tabs open, grouped, organized, and opened based on what I'm actually trying to get done now, or what I need to get back to later.
I for one prefer tab overflow (ans thus scrolling) over the Chrome nightmare that becomes /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ where I have to mouseover to try and find the tab I want rather than being able to visually identify it with a glance.
My other bugbear with Chrome tabs is the inability to make all new tabs get added to the end of the list rather than after the active tab, in FF it's just a simple `about:config` option: `browser.tabs.insertRelatedAfterCurrent=false`
Personally, I like the firefox way. Even if I have hundreds of tabs open I can just scroll tabs by hovering mouse and using wheels alternatively there is a popup menu which works for some.
The most sane solution would be to show tabs in multiple rows. Every other piece of software (notably including OSs) does this, but somehow it's an alien concept in browser land.
Are they doing anything about floating videos? It's annoying on desktop, but on mobile it's so bad I just don't bother. Typically it's "news" sites that use it.
Open in new window. Resize window. Right-click title bar, select "Always on Top".
App developers spend a lot of their time making up for the poor decisions of OS developers. A good window manager would give you tabs for free, PiP (aka an always-on-top window) for free, dark mode for free. Instead OS devs go overboard in simplifying things to the point that app devs have to pay the cost of delivering what users want.
Agreed. I use it all the time. There is an issue where the video in the pop-up can be slightly "laggy" for some reason, not sure why that is. Otherwise great feature.
Firefox keeps getting better. I really want to switch. The only thing that’s holding me back is the design. It just doesn’t look as modern as Chrome or Brave. The back button is a different height than the search bar; the tab container doesn’t line up with the search from the left side of the window. And it has a weird mix of slightly-square and rounded buttons, which makes it feel like a second-class browser.
I know that the average person isn’t concerned with these things, but I spend almost all of my day in a browser, and I want it to look as good (or better) than the competition.
You like what you like, but I just want to point out that as a Firefox-first user, when I switch to Chrome to check that whatever I'm working on is cross-browser functional, I am struck with how bad Chrome looks. So I think some of what you perceive as "modern" is just what you're used to, and a short time after switching it will not bother you.
This is actually amazing! Completely changes the feel of the browser. It makes much more of a difference than I imagined it would. It feels so so much better on Mac.
Unfortunately userchrome.css breaks frequently with firefox updates and is a pain to maintain since it is outside of the extension ecosystem.
There used to be a great addon called ClassicThemeRestorer that got killed during firefox's terrible web extension debacle. It lives on in https://github.com/Aris-t2/CustomCSSforFx but different parts break everytime the fickle designers at mozilla change their mind on what a tab should look like.
I also don't like the UI, but it's only a default. After installing, right click anywhere on the top UI to pull up "Customize...", then in the tab that appears, select "Density" and change it from Normal to "Compact".
The compact UI has back/forward buttons being the same size. The UI also takes up less space and is generally nicer IMO
I find the notification permission change (requiring it to be after a user gesture) really annoying. It doesn't do almost anything to combat permission spam (if you're visiting a clickbait site, you'll probably click or scroll at least once, especially on mobile where sites usually have a giant header so you need to scroll past the fold to even see that the article is clickbait), and just inconveniences developers who have to special-case Firefox's divergence from the spec when trying to legitimately use the gated features.
If anyone from Mozilla is reading, is it too much to ask to host apk's for the mobile version on your site and provide other update mechanisms apart from google app store? Like what Signal are doing.
What we really need in these permission popups is the ability to say "no to all permissions from Gawker Media brands" and the problem would be mostly solved.
* Websites with notifications that are frequently denied by users, will lose the ability to request web notifications permissions. Users must manually enable it through Domain Settings.
It seems like even adding it as a feature was a terrible idea, it's an example of how users needs are no longer the driving force behind web browsers. Was it supposed to replace RSS or something?
What do people use for “Profiles”. I need ability to switch easily between profiles (different identities) without going to command line. I also don’t want to install a third party extension for that if possible
Firefox has a Container Tabs extension which does just this - the defaults are profiles for Work, Personal, Banking, and Social, and you can add more. You do have to install it but I think the extension is from Mozilla itself, so it's not exactly third-party. It's just features that are already in the nightly builds as I understand it [0]. Personally I've really enjoyed it so far!
The extension also allows you to set that a particular site be assigned to, and automatically open in, a given container. I don't believe this particular feature is built into Firefox.
Indeed, it's just the containerisation functionality and assigning a tab to open in a Container that's built in; actually initiating the opening is done by the extension, e.g. when you navigate to a specific origin.
On macOS, instead of running Firefox via the app icon, I run a an AppleScript[0] that forces Firefox to launch with the Profile Manager window. I have it bundled as a one-step Automator application, which I run from Spotlight but which can easily be added to the Dock or whatever.
I used to have this script built as an app bundle via Platypus, but that stopped working somewhere between Yosemite and Mojave (likely due to increasingly strict OS file permissions or something). The Automator app doesn't seem to suffer from this issue...I think I just had to grant it a couple permissions the first time I ran it.
I wasn't able to figure out how to set a custom icon from within Automator, but it's not too hard to do if you're comfortable mucking around inside app bundles. The icon file is stored under <app-bundle-root>/Contents/Resources/, and its name (sans extension) is referenced in <app-bundle-root>/Info.plist.
We're currently rewriting most of the graphics rendering of Firefox (with what is called the WebRender project). This is the first time Linux users will have hardware accelerated rendering by default, and is a pre-requisite to take real advantage of hardware-accelerated video decoding. It's enabled on some configuration in Nightly builds [0], and it's being worked on actively. If you want to know more, the graphics teams has a blog where updates are periodically posted about what is happening, often with interesting insight about the innards of a web browser rendering stack [1].
Once rendering is hardware accelerated, it makes sense to look into hardware video decoding. Doing hardware video decoding without hardware rendering roughly means we need to read back from GPU memory into main memory, composite the image in software, and then upload back to the GPU to display, which is super super inefficient.
TLDR: if js gets direct control of GPU, it can read/modify present and past screens.
Maybe after Wayland implementations get good enough, distributions will make hw acceleration work securely with wayland compositors, probably years? Just guessing.
Playing video on youtube is easy, but performance sucks due to bloated youtube website. Performance of the same video URL in empty page with video player is much better, close to that in video player with CPU only.
If you need GPU acceleration, you can use something like youtube-dl or mpv to play videos on a URL in a video player.
I do wonder how much could be saved on energy bills for one of the most common uses of the net (watching videos), especially for folk in developing nations.
Oh dear. Video acceleration means GPU is doing what CPU would be else doing. Which means user threads get less indirect access to GPU. Which is a potential security risk, because GPUs and GL are designed to perform, not to secure data.
VA-API is not mentioned in the question at all. It is the most common api for video acceleration, but there are others - direct vdpau, or nvdec.
I'm a huge fan of the picture-in-picture, though I wish for a few enhancements:
I wish clicking anywhere on the box would act as "play/pause", instead of requiring me to hunt down the button. And of course I wish for some visible/interactable buffer-bar, though I realize that might not be standardized across webplayers, so maybe not possible.
I find Firefox and Thunderbird amazing, I just miss being able to customize keyboard shortcuts. Thunderbird ones are especially evil (they don’t use any modifier like Ctrl, so I often mess my inbox up when I don’t notice Thunderbird is the focused window). Also, while Firefox for iOS is leagues ahead of e.g. Brave, it still has many issues.
Has firefox fixed video playback on sites like instagram and gfycat yet? Their mp4 playback was broken for a significant number of videos last time I attempted to update. I'm still on an FF version 10 versions back because of their atrocious compatibility with mp4s (which is still incompatible, but less so).
What have you noticed about mp4 video playback that is broken? I've used Firefox as my daily driver for many, many years (even before the Quantum updates) and have never noticed any playback errors.
It simply doesn't work for some non-trivial amount of videos, e.g. some instagram stories or gfycat mp4s. If you load the link directly in the browser it will say the file is corrupt. Loading the same link in chrome plays fine.
Would you mind filing a bug at [0] with the content of about:support and maybe a link or two where it doesn't work? Happy to have an initial look into this (I work on the media team at Mozilla).
This sounds like a problem with your system. I've been using Firefox for years and have never had problems playing MP4s or anything from Instagram or Gfycat.
Okay, so I don't really post to HN and this may seem like a silly complaint but Firefox's management of theming just seems off to me. I use macOS, I don't fiddle about with my wallpaper very much and so this stains Firefox's top bar with an ugly brown tint. I could switch to the light theme, however when I do so Firefox no longer respects my system change to dark mode.
Does anyone else get bothered by this? Is there any way around this? I'm not an aesthetics person by any means but this is quite annoying. It's a fantastic browser other than this, I've been a user for as long as I can remember.
I'm sure you can probably modify userChrome and all this and I've not really tried because I'm not THAT bothered by it, but surely there should be a way to set your preferred themes for light & dark?
If I'm reading your correctly you'd like to set FF to the light theme (or any theme) but continue to have dark mode pages? about:config browser.in-content.dark-mode true should do that.
Basically if you have an external screen (possibly related to it being low-DPI and main screen being Retina), context menus don't work properly, if at all.
It seems it got even worse in 72 than it was in 71 - now I'm not even getting a context menu in the wrong place, it's invisible (maybe off-screen?).
Hopefully someone who works on Firefox can see this and fix it - it's making Firefox nearly unusable as is :(
Wow, that’s strange. I’m using a similar (but not identical MBP13) setup but I don’t see this happening. Of course :(
I have had trouble with menu bar items where the pull-down menu will not appear on one screen but will appear on the other. That seems to be a Catalina bug.
Firefox's killer feature was generating sync keys locally and letting you self-host a compatible sync host.
Chrome generates the sync keys on server and has proprietary sync software.
That's it. That's all it took for me to switch. I know FF eats almost double the CPU compared to Chrome. I know 1 out of every 10 webapps will just not work in it. That's fine. I will take the security and privacy over convenience.
This gets a little hard when the device you want to run FF on is a old laptop that doesn't need replacing and where battery life is more important than raw speed.
Just recently I discovered DoH was activated by default now and bypassing my /etc/hosts block list without any warning. This opened me up to tracking from sites I thought I had blocked.
In all above cases the failure-modes are insecure. It's like a firewall that suddenly switches its enforcement policy from a deny-all+whitelisting to allow-all+blacklisting without properly informing users.
Some rather sensationalist claims there. Other than infringing on the DFSG, I don’t really see the problem with those binaries.
If you’re downloading compiled software from anyone, you’re trusting them to not have put nasty things in the binary. There could be lots of interesting things injected to the binaries that are not part of the open source code.
As for the safe browsing thing, that looks to be a bug specific to Debian’s Firefox-distribution, not FF itself.
And as for DoH, it’s not exactly a secret, it’s been widely reported on and featured in the release notes. If you’re technically competent to play around with `/etc/hosts`, you should be capable of reading the release notes, too.
Firefox is great on desktop. I use it 95+% of time. But it is not so good on Android. Ebay is great example. Most of the time, go to page 2 of search results and you get no listings. I want to use Firefox on mobile as it syncs my bookmarks and passwords but things like this are frustrating.
I appreciate all the upgrades, but I keep finding that Firefox is abysmal for battery life, even the versions that supposedly have focused on this issue. Have folks found ways to reduce it's power consumption on OSX?
I too would like to join the bandwagon of people happily switching from Chrome to Firefox (mainly for ethical reasons at this point). However, I am on Linux (Ubuntu 19.04 on a desktop machine) and last time I tried (around FF 70 I believe, maybe 2 months ago), I experienced horrible system-wide lockups, requiring hard reboots (I was surprised to discover that it's even still possible, nowadays). It probably doesn't help that I'm doing web development with React, and thus I'm heavily using some dev tools, but still.. Anyone would have any clue about this?
Can anybody share some insight as to why the PiP mode is implemented non-natively? Both macOs and Windows have a system PiP mode that should be usable?
Re: picture in picture - anyone else here think that this feature doesn't belong to a browser? It just seems so... erm... random, basically.
Looks like something that was cloned from some other product and rather crudely shoehorned in. At the very least it should have been introduced after an update and given an option to opt-in to using it, rather than automatically enabling it without any notice.
I absolutely love this feature and the fact that I don't have to use a 3rd party extension is even better. It's also practical for websites that autopause videos as soon as you switch to another tab which I find ridiculous.
I'd love for them to add a progress bar and subtitle (think youtube, netflix or prime video) in the PIP window.
I think it's a sensible feature but should have been added just as a button on the standard video controls and as part of the right click menu. If a website goes out of the way to abstract both of those things into site controls then the browser shouldn't be adding additional menus on top to try to get around it it should let the site decide to add the button or not.
A great example is Twitch (which I would have assumed was one of the prime use/test cases). Twitch has these things they call "extensions" that streamers can add to the player of anyone watching the stream... and they pop out on hover from the right when you want to access their main settings. So instead of clicking the button to modify the extension suddenly the video is in the corner of my monitor.
Meant to imply "just as a" for the right click and add to the standard video controls. For now I have media.videocontrols.picture-in-picture.video-toggle.enabled false which does half of this.
It's actually quite convenient to watch a video while you're browsing elsewhere (e.g., a passive video you aren't intentionally watching all of but also trying to do other things). I didn't think I'd use it but every once in a while it's nice.
I love it and use it multiple (25+) times per day. My only wish is that it kept the interface from whichever player the videos comes from (eg. YouTube's, Netflix's, etc., especially for subtitles & platform-specific controls like Speed)
That would be a tough one. There's no information which part of HTML is controls. Maybe they may hardcode this information for some popular players, but that would break as soon as for example Youtube decided to change the layout a bit.
It's built in because the browser is best equipped to provide this feature universally for HTML <video> elements and (if necessary) lie to the page about whether it's currently active.
I was kind of skeptical about it but given that in practice all it does is display a small popout icon on video mouse-over, it's not really that annoying.
I absolutely love the ability to do PIP. sometimes while working I'd want to view a stream in a small window (always on top) in a small corner of my screen without all the extra options the browser page has. Its a great feature and im happy FF gives me the option
I'm way into it. I was using the feature in Safari to have some low-key video game streams on while I work. I suppose it's not for everyone, but I'm stoked about Firefox having this feature.
I've been trying out the Firefox picture-in-picture feature for a few months now and its evolved into something I use every day.
I don't know whether it's right for a browser to add that feature rather than the OS, but Ubuntu doesn't have any plans to add similar functionality so I don't really care.
As far as making it opt-in I dont really understand your reasoning. If people want to use the feature then it's there, if not then they probably won't notice anything is even different. Do you feel similarly about things like reader mode?
I find this feature extremely useful in Chrome where I can run a YouTube video in PiP mode, then have it sitting nearly over a second terminal pane in my IDE while I'm developing.
The use case of PiP is legit but I agree it doesn't make a lot of sense for the browser. However, many users do not have proper native media players that would provide the same functionality so I can see why browsers might want to implement it for the casual users.
A native media player with youtube-dl is still king for power users.
This is a web standard thing (though I believe FF's implementation may be proprietary.) Safari, Chrome, etc. have it, why would you not expect Firefox to? It's very useful for browsing while you watch a video open in another tab.
I couldn't get it either then tried it with a Twitter video just yesterday.. which made me realise what use it might be, were it not for Twitter muting videos that are not in focus.
Check the network panel. See the Megabytes of html and js a browser needs to work with.
It’s a miracle that browsers can render all that in the seconds it usually takes them, and if Chrome is a second faster, it’s due to the billion $ company behind investing the GPD of a medium-sized country into optimizing it.
As a FF linux user both at home and at work I can't say I've ever noticed FF being consistently slower. Having said that I have used nothing but FF for the last 20odd years so maybe I'm just used to it...
Yep. On gnome you can set it. That doesn't appear to be the case on osx. And it seems that for PIP, being sticky should be the default. I'm currently keeping safari open just to have a pip sticky window of youtube.
It can create, for example, a pop-out video overlay, which can be moved around and resized. It then sits over top of the other content on the page (and remains over other tabs) and will remain fixed as you scroll down the page and similar. On a site like YouTube, you could pop the video out and proceed to scroll down and interact with comments while the video plays to the side or above.
Beware though - NextDNS is good but their servers being hosted in France the geolocation gets you IPs in france (when accessing Google properties for example) which slows things down a lot - 30-50ms vs 130+ in my case.
They should have thought about this - it is possible to force resolve the individual domains in the NextDNS UI but that gets problematic fast.
Did you create your personal configuration? When you do, their server should be detecting the geolocation of your IP and assign the nearest ones (what you see at "DNS Servers") to that configuration like how CDN works. You can also check the assigned region at https://ipv4.dns.nextdns.io/ping.
If you want it to just always use what you've configured and not have to follow the changes they make you can set network.trr.mode to 5 in about:config. 5 signifies "off by choice"
If you just want to know how to toggle it normally in case something goes weird with one of the changes it's in the network settings part of the settings page.
> User research commonly brings up permission prompt spam as a top user annoyance
What's user research?
Jokes aside, my favorite feature in Firefox is the good old-fashioned search box. I use Bing by default and repeat searches on Google or Duck Duck Go if I don't find results right away.
Have you found Bing more desirable than DuckDuckGo for a specific reason? (Uses DuckDuckGo and liberal use of the bangs when things don't come up as expected)
> Have you found Bing more desirable than DuckDuckGo for a specific reason?
No. I just wanted to diversify away from Google a bit and I started with Bing because of Microsoft Rewards. I've only been getting about 50 (USD) cents per month in points though, so it's not compelling.
I've used Yahoo since the early 2000s and never hopped on the Google bandwagon.
The times Ive tried to find things in Google because "people say it has better search", I've not had much luck. Possibly because they don't have extensive data on me and my search preferences?
I think Yahoo is backed by Bing these days? I always find its search results perfectly adequate.
Switched to Firefox recently on my desktop. I had the strangest problem with Chrome: Somehow it just kept forking more and more processes until the rlimit got filled (100k+ threads/processes).
Too much trouble to debug it so I opted to switch instead.
Looking forward to video decoding (and encoding) hardware acceleration through VAAPI in Firefox on Linux. Now that WebRender is already in the codebase, at least doing it for WebRender path would be very welcome.
The one-click search icons have been removed from the adress bar to the search bar? I cant tell if this is a hidden design feature that does not appear on the release notes, but it sure will bother me...
"Say goodbye to annoying notification requests (unless you want them)"
For a moment I thought they had done this for the cookie and privacy notices. Oh how that would be amazing to move that functionality into the browser.
Does fingerprint blocking just use a blacklist, like ad blockers? Seems like a pretty lame approach. Shouldn't they focus on approaches that work for all future scripts? I.e. making browsers seem less unique.
It's complicated. There is in fact a hidden option that makes the web browser less unique, but using it has side-effects such as retrieving pages in English with UTC timezone, noticeably reducing the browser view point size, breaking WebGL, break some JavaScript using <canvas> and most notably, making the web browser noticeably slower. It's not something that a web browser can afford to have without informing the user of the consequences. Not to mention without additional measures, this is unlikely to help much against fingerprinting.
Yes, it’s a blacklist. However, there is ongoing work to improve privacy.resistFingerprinting (enabled in about:config) which makes the browser more similar to other users with this setting enabled.
Unfortunately the font rendering is still not up to Chromes, a lot of sites look weird. Fastmail for instance is rendered with a visibly smaller font on FF, and it looks blurry on FF. (Win10).
The profiles are fine it's the lack of integrated GUI that kills it. Just need the ability to launch a different profile in a new window from an existing window and it'd be all set.
It drives me nuts because I have things in FF that can't easily be handled by containers and I have things in Chrome that can't easily be handled by profiles.
I made a bookmark for about:profiles so I can launch a different profile, but it is a bit more cumbersome than having it be part of the main interface.
I'm using the Mozilla binary. And it's not a crash, but it appears to be a focus problem (password field loses and gets back focus when typing, randomly).
It's also good marketing for regular users. When Chrome introduced this versioning style every other software was stuck in minor versions for years. Regular users started assuming that Chrome must be better since it gets major versions constantly. I don't mind either option but I would love to see some sort of date based version in there, like Firefox 72 (20.01).
I switched to ff a couples years ago and up until the last few months everything has been great. Now a lot of important sites don't work because the content security policy is completely inflexible. It should allow me to make exceptions on sites I chose. I've had to install chrome just for a couple sites and now its just easier to make chrome my daily driver again. The ff team should consider making the CSP flexible.
Out of curiosity, what sites did you have trouble with? I also switched to Firefox a year or two ago, and I haven't had anything noticeably break recently, so I'm curious if I'm just not going to the sites that have issues or if there's something else different in my config that solves it.
am slightly dismayed that to this day on macOS I can't use back and forward buttons even if I redefine them in karabiner. it works with other browsers, seems that autoscroll feature is no degrading gracefully when you disable it.
Haven't been paying attention or keeping up and noticed the version number is 72. One thought is "Wow - that's a lot" and another is "That doesn't sound like semantic versioning."
Semantic versioning doesn't make sense for user facing software. Maintaining API compatibility on the software -> user interface isn't really a problem/doesn't make sense compared to software -> software interfaces.
I really like Firefox, but I had to switch back to Chrome because of resource usage. After using it for some time it got up to 3GB RAM consumption for a single tab with no plugins.
Numbers aren't exactly a finite resource [1] and there's no particular reason that version numbers have to "stay small" other than aesthetics.
[1] Mathematically positive natural numbers are infinite. Realistically, most systems traditionally implement version numbers as sets of at least 16-bit numbers and there are 65,536 numbers to choose from, not just the first ten or so.
Just set "apz.allow_zooming" to true in about:config. Pinch zoom works for me on macOS at least, didn't try on Windows yet. Works smoothly, just like in Safari and Chrome.
Perhaps there are still some minor bugs and they don't enable it by default?
Nice try. It works by pinching but double tap and smart zoom to cursor.
And if you zoom in somehow, you cannot pan over the page because Firefox act like you are seeing full screen and trying to go back or forward in browser history.
> And if you zoom in somehow, you cannot pan over the page because Firefox act like you are seeing full screen and trying to go back or forward in browser history.
Need to first pan at least a bit vertically, then it allows horizontal panning. But yeah, clearly not a finished feature yet. Still nice to see there's progress, and it's already mostly usable with the mentioned caveats.
Thinking of it, it would even be a nice feature since we need to pan to the left of the page or zoom out completely to go back in history with touch pad in Chromium based browsers.
> Still nice to see there's progress, and it's already mostly usable with the mentioned caveats.
At least.
Next release should definitely have this double-tap and smart-zoom feature.
I actually mean double tap zoom that zooms to HTML element that your cursor on. Amazing feature for browsing experience. Chromium has this feature since a lot.
After the recent missteps by Chrome (mangling the display of URLs), I decided to switch to Firefox and DuckDuckGo a few months ago and I was pleasantly surprised at how fast Firefox is these days than what I found it to be 10 years ago.
While I still consider DuckDuckGo to be in the "not bad" category, Firefox is in the "seriously awesome" category now.
If you have been away from Firefox for a while like me, give it another shot. It won't disappoint you for sure.
I also gave Firefox another shot a couple months ago and I'm surprised at how much better it is nowadays. It's been such a good experience I'm also giving a go to the Firefox Preview[0] on my Android - even though it's still under heavy development, I like some of the changes to the mobile browser it makes and it'll make in a near future.
Firefox is definitely an amazing experience, especially if you use Firefox Containers[1]. My only gripe is that the UX of containers isn't quite ready for prime time yet (e.g. your container setup doesn't sync by default).
And there really needs to be an easy way to switch profiles. Firefox has had profiles for basically forever, but it's much easier to switch profiles in Chrome.
I currently go to about:profiles and click "open this profile in a new window", but this is very klutzy compared to Chrome's profile switcher next to the URL bar.
Of course you can also create launchers/shortcuts for Firefox with "firefox -P profilename" but again that's work you have to do on each machine you use.
A classic solution is just one shortcut of `firefox -no-remote -ProfileManager` which semi-replicates one of the old Netscape-feeling behaviors in that such a shortcut will always create a new instance of Firefox and first launch the select profile window.
The only thing I missed from the ordinary Firefox on Android was that Firefox used to have a brilliant hack with the sharing option where they would show the two most frequently used options (+ a sharing button to access the rest) instead of just one or just the sharing button.
This saved me a few seconds again and again and again.
Yeah, the sharing button thing is something I miss from the ordinary Firefox too. I usually share links with my friends through Whatsapp and its icon is hidden far to the right.
> After the recent missteps by Chrome (mangling the display of URLs)
Me too! I'm not as bothered by software-politics as many of the commentators on here (I don't hate Facebook, and worked there for four years; I don't hate ads; I don't worry too much about trafficking and privacy...) but Chrome fucking with the URL was a bridge too far. I switched to Firefox and when Google walked back their hiding-the-URL business, I never bothered switching back, because I didn't trust them anymore.
Companies take note: users' trust that you won't arbitrarily change their workflow in annoying ways is hard to win back.
The problem is it's impossible to separate "this changed it sucks" from "this is actually bad" since the messages are always the same. E.g. in this case you didn't even bother explaining why the new way works worse for you you just said "it changed, I left! Make note!" and I mean that's fine if that's what you actually wanted them to make note of but no company with competition is just going to keep every workflow the same for over a decade and wait for someone else to come out with a better product to replace them.
In general I prefer to use tools that show me real data rather than transforming it in “smart” ways that are poorly documented and not under my control.
If other people have different preferences, that’s fine! They can keep using Chrome.
Also, even if that weren’t true, change is a cost. It’s perfectly reasonable to complain about change as being intrinsically bad without giving any other reason.
- Do they really need to see* http:// or https:// if immediately to the left is the icon which indicates secure/insecure (which is more than just "protocol is https or not")?
- Do they really care to see* if they are at www.site.com or m.site.com or site.com or do they just want to know they are at site.com which they expect to be as they make their purchase or log in?
* noting that bookmarking, copying, or editing the URL operate on the full URL and this is just a visual change otherwise
And voila now the leftmost (first) text they read is not a bunch of jargon it's the thing people look at the URL for the most.
That you couldn't think of any reason tells me you didn't try not that you disagreed with the reasons and had an actual lesson to share about why. Again: "it changed, change bad" people impossible to distinguish from "it changed, actually bad".
While somewhat a bad form for general web browsing, its definitely possible for www.site.com and site.com to be entirely different hosts. In newer versions of Chrome, you would never know which one you were actually on unless you select in the address bar.
Maybe dropping the protocol definition in the URL is debatable, as probably 99.99% of the time in Chrome a user is going to be either http or https, but dropping a part of the hostname is unacceptable in my book.
Would dropping .com be acceptable? All a user wants to see is that they went to Google, to an average user the .com could be seen as redundant clutter as well. Might as well have the address bar show "google" or "cnn" or "facebook" in it, as clearly that's what a user cares about.
Possible and reasonable are different things. If www.google.com gave you gmail and google.com gave you search users were confused before www was hidden post load.
You can't really get rid of the TLD without breaking the security model of the web (e.g. a lock icon and google.com is different than a lock icon and google.gtld). Would it be nice to refactor that? Probably. Is it reasonably possible at this point? No.
> Do they really care to see* if they are at www.site.com or m.site.com or site.com or do they just want to know they are at site.com
www.example.com == example.com is an assumption that has never been true and I have seen it screw over regular users countless times. Quietly rewriting the URL and hiding that fact will just make that worse.
As for m.example.com, that is even further from standardized. Me and and at least one person I know have personal websites with short aliases like mike.lastname.tld == m.lastname.tld, not to mention the plethora of sites that don't have matching paths on mobile vs desktop. Even if copying the URL quietly switches it out for the real one (which is bad on its own), that break the surprisingly common workflow of writing down the URL you see on a piece of paper.
Thank you for talking about a real use case :). The m. causing a new workflow issue to be introduced is exactly why they decided "m." should not be treated as a trivial subdomain when they rolled it out, it was only that way during testing.
As you said www.example.com being functionally different from example.com was already a broken workflow, users weren't differentiating it. Continuing to display something users haven't understood for 20 years was not considered a strong enough reason to simplify the URL display now in a way that causes the same errors users were commonly making anyways.
You mean the strawman repeatedly trotted out by people defending shitty changes as justifications for why their shitty change is necessary? Ever wonder why so many things suck nowadays?
Nope, just mean "not the guy that writes the webapp who needs to see if he is currently connected via HTTP or HTTPS".
Can "the larger group" be used as an excuse for a bad change? Sure! But so far the only reason mentioned as to WHY this change is bad is "www.site.com and site.com could technically be different sites" and I'm not sure how that is supposed to be clear regardless if www shows post load or not or how that's supposed to outweigh the advantages.
> Nope, just mean "not the guy that writes the webapp who needs to see if he is currently connected via HTTP or HTTPS".
HTTP currently shows "Not secure" to the left of the URL. It's still easy to differentiate.
(I do think hiding www is stupid, but hiding http vs https is reasonable so long as they're still marked differently. Ideally http should be a more noticeable error, like it is if there's any user input box, or better yet a massive error like it is for self-signed certs and HTTPS.)
>While I still consider DuckDuckGo to be in the "not bad" category...
If you're into privacy-conscious search engines and want one that's not susceptible to blanket FISA warrants[0], check out either Qwant[1] or SwissCows[2].
[0] - DuckDuckGo's address is in Pennsylvania - 20 Paoli Pike, Paoli, PA 19301.
France has a more permissive surveillance regime than the US[0], and as a foreign (US) user I have no recourse if they spy on me.
Furthermore, here are some quotes from qwant:
>We do not use any cookies or other advertising tracers to create your profile for commercial purposes. This means that you can use Qwant with confidence, we will never try to establish your psychological or commercial profile to sell it to third parties, here or elsewhere. [1]
Note the "for commercial purposes" in the first sentence, and the "to sell it to third parties" in the second. These are weasel clauses.
Okay, fair point. Googles' business is literally selling access to all the data they have collected from you. So they are not selling your data, only the access to that data, that's right.
For some reason, your Firefox profile doesn't have a preferred language, but Qwant expects one. If you add one in the Preferences (option "Choose your preferred language for displaying pages"), it should work.
wow, those seem quite fantastic at first glance. If I search for my real name I get every single profile I've ever created since the beginning of time - as opposed to google listing a bunch of random garbage. Names there are like John Doe returns famous people named John OR Doe above the person(s) with the actual name.
EDIT: I right click the search box and make qw and sw keywords for them.
EDIT2: I'm just looking for a functional google alternative.
I tried Swiss Cows just now, it appears effective at first glance but a little longer and realized I’ve never seen a more sanitized and curated search.
I don’t necessarily mean that good or bad. Just interesting how... different it is. Seems good if you know your thug exists already and someone approved it for their results.
Downvoters care to explain? I was born and lived in France for 20+ years, I think I've a pretty good idea about the government, freedom and privacy in that country. I've seen Qwant being shilled countless times, starting from the french government pushing a "privacy focused search engine" a lot of school use this search engine by default. Despite all of that I have yet to see code or any actual proof they respect user privacy.
Are you a devtools user? How do the Firefox ones compare? I speak as someone who originally switched to Chrome (having been a Firefox user since the Phoenix days!) specifically for the devtools — it's pretty much the biggest factor in my browser choice.
You get used to it - UI is slightly different in some areas, but it lacks for no major features and performance is good, like firefox in general.
I've found it's extremely valuable to be developing sites in Firefox using the dev tools simply to help catch issues that the rest of the team ignores as they're all stuck on Chrome. Fights monocultures by default!
I remember Firefox being seriously lacking in some WebSocket dev tools that I needed. But I checked again and they're there. So it seems like they are actively improving the dev tools.
Sorry, I'm not that useful for your question. My experience is from the reverse switch. I'm used to Firefox (it's my daily driver) and had to get acquainted to Chrome.
I had to get used to Chrome devtools because javascript debugging is a lot better there. For completeness sake, CSS debugging is much better in Firefox. In time, I think both will converge.
there's some cool stuff in the works but it doesnt sound like there's a plan to internalize the work into devtools but to keep it as a web app and rely on a serviceworker for "localness" - not great, imo.
My impression as a web user is that if any devs actually use the performance inspector it's just to learn their site is slow and then not do anything about it.
Your devs might develop perfectly well behaving stuff just to see it get totally obliterated by loading 3 external tracking scripts through Tag Manager, three different pixels and 7 external contact form/chat bots/newsletter popover scripts from their CRM/ad platform/whatever crap marketing wants.
Sadly noone cares what the performance inspector says. Newspapers just get slower and slower. Our local newspaper takes 15 seconds to first visible paint and another 5-10 seconds to usefulness on my phone...
I’m a Firefox ddg user, and I would recommend Chrome for devtools still. As of last month, Firefox devtools didnt even recognize meta viewport tags which caused UI discrepancies between testing and production. Chrome devtools does have it.
That being said, I still switched back to Firefox and ddg after I close devtools.
Interesting then that this release enables meta viewport support in responsive design mode - from the link: "Firefox now supports simulation of meta viewport in Responsive Design Mode."
This has been a huge Pita, for my team. Good news is it has gotten some of them to switch to Firefox for debugging. It really is awful that bug slipped through.
I use Firefox as my default browser. But the dev tools is too slow, apparently someone thought it was a good idea to rewrite it in React, causing it to lag even on a few thousand console log messages on a fairly powerful workstation. And there is no search functionality, only filter. So I've started to prefix all my debug messages with whatever I'm working on just so that the logs can be found in the Firefox dev tools console. One good feature though is that you can filter on type of messages, like only show error messages, or warnings. Which is very annoying in Chrome dev tools where it will tell you there is an error, but you can't click on it, so there is no way to see the actual error.
DevTools member here. We have been working on performance over the past release – is there anything specific that you can point out as being slower for us to focus on?
I have not yet tested v72, I'm on v71. The Chrome dev tools Console feels (not measured) about 100x faster then the Console in Firefox. Even Chromium Console can be limiting though. Yeh, I probably should not use console.logs for debugging, but it's much faster forkflow then firing up the debugger. Even with the lag. With the Chromium Console the lag is not that bad, and it has a search function. Both console's have a bunch of cool features, like being able to inspect DOM nodes, explore objects, etc. Witch I think might be a reason for the lag. Most of the time I just want to search the logs to find out what happened. An idea is if you can just get the plain text from the console.logs somehow.
In chromium all console.logs get sent to stdout, so I can pipe the logs to a file, then use any editor to search it. But I prefer using the dev tools.
Maybe make a perf switch in the console, which dumps the text without formatting or other features. Something that can handle one million lines of logs and search in it. Being able to search the logs is critical. Filtering doesn't work as I need to see the surrounding logs, what happened after. I don't need to see all one million lines at the same time though, it can be buffered to only show 100 lines above it and 100 lines below it. Chromium has such an optimization. But search is a bit slow.
I am not OP but I'm a FF user. I haven't got around to learning FF's dev tools and still need Chrome(ium) to test that platform for compat anyway. So I just still use Chrome dev tools (which also work for NodeJS instances) but use FF for actual browsing.
How much better is it than Safari? I find the differences in browser performance so subtle nowadays that I lean towards whichever gives me the most seamless experience—-which, as a Mac/iPhone user, is safari.
For me it's mainly about synced history, open tabs on various devices (phone, tablet, computer), shared preferences, etc. The rendering engine is secondary to that in my list of priorities.
I stopped using Chrome about 2-months ago. It was difficult at first, simply because I was so used to it. But you are 100% right; I couldn't imagine going back to Chrome now that I've made the switch.
Any tips for transitioning? I've seen people recommend various stuff like containers and other stuff but I never saved their recommendation as I was happy with chrome at the time.
My favorite since the 2000's (idk when I started using it, mom didnt let me install it on the home computer for ages) I tried Chrome earlier on but (and I've said this on HN before) it didnt have adblock, then when it did, it was crippled. I never went back.
I used it since the betas. I'm early Mozilla user too. But I quit using it when Google Chrome shipped its first beta. Then, it was matter of time I started to use it. Remember FF was so slow between 2008-2015.
I really wish they'd add HDR support so my monitor would stop flickering but other than that I don't really miss much else from Chrome. Maybe the audio being better on sped up videos but that's about it.
You'll be happy to hear that we've recently dramatically improved the audio quality of sped up (and slowed down) videos, here is the ticket for the details: https://bugzilla.mozilla.org/show_bug.cgi?id=1427267. This will be release in Firefox 73, in about 4 weeks (give or take a few days maybe).
HDR is very much in the list of things we want to do (especially for videos), but as you can imagine, it's not particularly trivial, and will require platform specific work, and deep changes into Firefox. On the other hand, hardware is shipping (we got some devices so that developers can start assessing the situation), and HDR content is becoming increasingly available, so we're trying to figure out what it will take to do it properly.
I have been using it since 2005 (since 1.0.X), and while Firefox at times were slow during those years I always preferred its UI and its extensibility.
My biggest gripe with Firefox is how it opens tabs. If I open a new tab in Chrome, it opens just to the right of the current one which is nice because it keeps related tabs together. In Firefox it opens to the far right which is annoying. I tried installing an extension to fix this but it was buggy. Only recently did I discover that I could dig into about:config to enable the behavior I consider expected (and I'm sure most people agree with me given how many Chrome users there are).
You have a typo there, it's browser.tabs.insertAfterCurrent and browser.tabs.insertRelatedAfterCurrent (Current, not Content), just in case someone tries to copy and paste those into about:config
- Open new windows more quickly. Firefox feels sluggish (on Mac) even though it isn't, simply because it opens new windows far more slowly than Safari or Chrome.
- Use the platform native key store. I don't want my passwords stored unencrypted on disk. But I don't want to enter a separate master password either. I do want to use fingerprint/face unlock on mobile to reveal passwords.
- Give me a setting to autoconfirm all cookie consent requests and lobby for a legally binding do-not-track header. Cookie consent was well meaning, but it has turned out to make things worse. Let's move on.