Firefox27.0.1 Rev. F

Browsers, email, chat, etc.
Message
Author
User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Firefox27.0.1 Rev. F

#1 Post by 8Geee »

*** Originally posted 2016/08/12 9PM EDT ***

FF27 that I put in the updates to slacko5.7 spins still works a treat with TLS1.2 and foreward secrecy. Its a root only package, everything installs to root, and the desktop icon must be linked to root/.mozilla/firefox/firefox. That which resides in usr needs to be removed. One might say its a modular approach... don't like it, just remove the dot mozilla file in root and the root/dot cache/dot mozilla folders. Voila!, gone.

Sept. 11, 2018 12Noon Revision F

Linux 32-bit edition of FireFox27-revF with privacy and security addons. About config delta towards security and privacy. See about:support for a long list of changes.

Adblock Edge 2.1.9
Better Privacy 1.68
Download YouTube Video as mp4 1.8.10
FireFTP 2.19 (Optional)
Redirect Cleaner 2.4.0
Searchonymous 1.0.3.1 --> this can/should be removed no longer functional June 2019
YouTube All HTML5 3.0.1

This revision shrinks all needed caches for operation down to a value of 512 for Atom-powered netbooks. Check your L2 cache size and adjust to that amount in Kb. 1Mb = 1024Kb, 2Mb = 2048, etc.
This setting is in about:config using search term cache. Any entry with a default 512 setting can be altered.

*** 9/11/2018 UPDATE all JavaScript caches have now been changed to zero. There are additional addresses blocked in AdBlock Edge. ***

sha256 sum of Rev.F f6586698281189d003d95a0d9e0aa33129fa381a4200d5650675f4acccd89ae5

Regards
8Geee
Last edited by 8Geee on Thu 06 Jun 2019, 22:03, edited 11 times in total.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

FF45.9esr1

#2 Post by 8Geee »

I have uploaded a preconfigured version of FF45.9 This is also 32-bit, and is a bit more friendly to modern webpages. Nonetheless, Security and privacy are maintained. HTML5 is better handled and google_redirect_fixer has been added to AdBlock Ultimate. The default install is to root to make it easy to remove. Of course, the firefox folder can be moved or symlinked to usr once installed. This update 12-14-17 has additional items in about config falsed or blanked without apparant effect.

Thanks to all who have tested

Regards
8Geee
Last edited by 8Geee on Thu 06 Jun 2019, 22:01, edited 5 times in total.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

UPDATE

#3 Post by 8Geee »

The FireFox 27 update for March 2017 is ready, see first post.
Just a few settings in about:config changed.

Regards
8Geee
Last edited by 8Geee on Sun 20 Aug 2017, 18:07, edited 1 time in total.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Aug 2017 update

#4 Post by 8Geee »

The aug. 2017 update is ready. See first post. the SHA256 sum is
02f0ed12c05e5e3677cfd491d299062d0c889784af247c4ce48d72f97f4e265c

*** edit: I tossed the YouTube ALL HTML5 v. 2.1.3 and upgraded to 3.0.1. Testing this now. ***

Regards
8Geee/900Aeee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

2018 edition

#5 Post by 8Geee »

A few bugs and a typo are fixed, further clean-up and leak-plugging, and YouTube still functions OK. A reminder here that some websites still hiccup at these security settings, and using the SSL Server test link will clarify. NOTE that Symantic has been harshly reprimanded for their lazy enforcement/oversight of certs and such process. One may see the expiration in less than a year.

For those still using the August 2017 version there is a bug/typo in about:config and its an important one...

Change the "4" value in security.tls.version.max to a "3" w/o quotes. It appears that the 4 value DOES NOT imply TLS1.3, but rather recycles to a ZERO setting allowing TLS 1.0 (not secure). And it appears in Edit --> Preferences I left the popup blocker on... thats a nuissance here, and elsewhere when internally re-directing to another page.

Carry on
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

FF45.9esr

#6 Post by 8Geee »

The 2nd post in this thread "reserved" will shortly change, as I have found a fairly decent upgrade FF27 --> FF45.9esr. The upgrade is configured, and plays nicer with modern web-pages and HTML5.

***EDIT*** Job completed.

Note that this is still a 32-bit version. Testing appreciated.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
Galbi
Posts: 1098
Joined: Wed 21 Sep 2011, 22:32
Location: Bs.As. - Argentina.

#7 Post by Galbi »

Posting from it in LxpupSC (Slacko derived).

Works fine.

What I like, is not having to install apulse, the problem is that if I go to About Firefox, automatically updates to (:Edit 52.x.x) that asks for apulse.

Not a big problem at least.

Thanks.
Remember: [b][i]"pecunia pecuniam parere non potest"[/i][/b]

User avatar
Galbi
Posts: 1098
Joined: Wed 21 Sep 2011, 22:32
Location: Bs.As. - Argentina.

#8 Post by Galbi »

For the moment, while searching for a better solution, to prevent updating to an apulse dependant version, I added this:

Code: Select all

127.0.0.1 www.mozilla.org 
127.0.0.1 download.cdn.mozilla.net 
127.0.0.1 aus5.mozilla.org 
127.0.0.1 download.mozilla.org 
to my /etc/hosts file, so it tries to update but it fails.
Source:
https://support.mozilla.org/en-US/questions/1157765

Saludos.
Remember: [b][i]"pecunia pecuniam parere non potest"[/i][/b]

watchdog
Posts: 2021
Joined: Fri 28 Sep 2012, 18:04
Location: Italy

#9 Post by watchdog »

Is this Firefox27 to recommend for CPUs without sse support?

To prevent app updating I use a user.js file in the profile with the following content:

Code: Select all

// turn off application and extensions updates: 
user_pref("app.update.enabled", false);
user_pref("extensions.blocklist.enabled", false);
// turn off sync and minimize use of cache
user_pref("services.sync.enabled", false);
user_pref("browser.sessionstore.interval", 1800000);

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

updated 45.9esr

#10 Post by 8Geee »

Added a few more falses and blanks and uploaded.
Essentially all services.sync entries are now falsed and a few more phone-homes blanked.
I think screensharing entries were falsed originally, but I now see then falsed.

As reference, one can print-out the about:support page. Handy if tweaking the browser to one's taste.

Note to sailor enceladus: this is the patched version if you want to use it in s57 5.7.1_9653

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#11 Post by 8Geee »

Recently, I had a chance to review some of the Firefox problems recently encountered. Two problems stand out, and are sometimes used together.

The first is 'workers' that fetch data among other things. These have historically been a nuisance, but with the recent Meltdown/Spectre problems, their usefullness has ended on these older builds like FF27.

The second is 'indexed DB (database)', Again, its been a nuisance that is now in need of an off button.

So, about:config needs a few changes.

Disconnect from internet and open FF27.
In the address bar type about:config and be careful.
In the search bar type worker
Four entries will appear in FF27,
'FALSE' three of them, and change the numeric entry to 1.

OK, in the search bar type index
There will be numerous entries, but two of them are important right now...

dom.indexedDB.enabled
dom.indexedDB.experimental

Both of these two must be set to false (experimental 'should be' false by default)

Now that these are done, close the browser, wait 5-10 seconds and Goto MENU --> Shutdown --> Restart Graphical Server and click. (This step prevents a hang on normal re-starts of the browser).

Other things related to Meltdown/Spectre usually involve autocomplete, or autofill (because they involve caching predicted data). I have already (for a long time) mitigated these in about:config. Consider resetting them to false if you have enabled these 'conveniences'.

At this point, reconnect to internet as usual.

Regards
8Geee
=============================================================

@watchdog

No SSE? I dunno maybe not.

As for scripting the APP updates... In the tool bar is a place for TOOLS --> Add-ons.
One can select the app in question and set updating to OFF.
Certain APPS like an AdBlocker or such need to be ON to get the latest.
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Remastering or reloading

#12 Post by 8Geee »

Since I do remastering for publishing a spin on Slacko5.7, two things need some explaining.

1.) When remastering SLacko5.7 NEVER just click the OK button when tmp/root dialog appears. Anything changed since the last shutdown will not be copied to the tmp/root folder. As a precaution, the .mozilla file should ALWAYS migrate from root --> tmp/root. That means two windows, delete the tmp/root version and copy the /root version to tmp/root. (repeat for .packages folder also)

2.) Immediately after step 1 is done, and before pressing that OK button in the dialog box in the tmp/root window
a.) Go to .mozilla --> firefox --> something.default
b.) Delete places.sqlite (3 of them sometimes), cookies.sqlite (3 of them sometimes), and sessionstore.js (also .bak).

This browser migration/cleanup is necessary if sharing the distro or copying it for friends. Of course if its a personal version, it might not be needed, but if stuff gets changed, step 1 of this proceedure will keep the browser the way you tweaked it.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

ff27-revE

#13 Post by 8Geee »

Revision E is now ready... see first post

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

zero JS caches

#14 Post by 8Geee »

I'm presently testing FF27 with javascript caches zeroed. There are numerous entries, some of which imply a cap or a load. All of these got zeroed. So far no harm no foul, even with JS allowed (just don't cache it in my 'puter).
Its OK on youtube and yahoo, and the shopping sites like ebay and alibaba. If this goes well I might make a "f" revision.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

Revision F available

#15 Post by 8Geee »

The newest revision "F" is ready.

JavaScript caches have a value of zero
AdBlock Edge has additional site-paths blocked

See first post for link and sha256sum.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

ixquick ---> startpage

#16 Post by 8Geee »

I have noticed that the default login page for my FF27 spin no longer connects to ixquick dot com.

Click on Edit --> Preferences --> General
In the address box in that tab, change the word ixquick to startpage. Its the same page without forwarding.

This will also be posted in the AtomicPup-XIX thread.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

webgl falsed

#17 Post by 8Geee »

Two security items are needed to be False

webgl.disable-extensions
webgl.disabled

If any are true, just double-click on that entry to change.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

Jose A. Senna
Posts: 43
Joined: Tue 20 Dec 2016, 23:16

FF27 under Racy 5.5

#18 Post by Jose A. Senna »

@8Geee

--> Its a root only package, everything installs to root, and the
--> desktop icon must be linked to root/.mozilla/firefox/firefox.
--> That which resides in usr needs to be removed.
--> One might say its a modular approach... don't like it, just
--> remove the dot mozilla file in root and the root/dot
--> cache/dot mozilla folders. Voila!, gone.

One problem is that /root is hardlinked to the savefile
/initrd/pup_rw/root , so either Firefox fills up the savefile
almost at the beginning of a session, or, if one simlinks
the /root/.mozilla to a directory in HD, there is almost
nonstop disk activity and operation becomes very slow.
In lynx under DOS, the configuration data was in a file
which, among other things, contained paths to separate
cache, cookie, history and bookmark files. This allowed
putting the cache and cookie files in a ramdisk, so
speed would not ne impaired and information that
needed permanent storage could be stored in HD.
Firefox seems to store everything in the same profile
directory and I do not know how to automatically keep
volatile data in RAM and save pemanent data to the HD.

Computer: 300 MHz Pentium II with 288 MB of RAM,
alternating between Racy 5.5 and Windows 98SE.

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#19 Post by 8Geee »

I do not have that problem using slacko5.7 based puppy. My 256Mb save file shows 210Mb free, for a few weeks.

Perhaps you are using an ext2 save, or Puppy Event Manager needs tweaking.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

ECDSA compromise

#20 Post by 8Geee »

Recently, Slackware published an update to OpenSSL. Within that update was a very troubling patch for ANY TLS security using the ECDSA method. Although the full patch borqued AtomicPup-XIX, this one patch is the most important update.

Firefox27 as provided here, and in AtomicPup-XIX need to 'False' two TLS1.2 security methods.

1.) Disconnect from the internet.
2.) Open Firefox27
3.) After warnings clear, type about:config in the address bar
4.) Be careful, and type ECDSA in the search box
5.) Make False all security methods with ECDSA (double-click any that are True)
6.) close the browser
7.) MENU --> Shutdown --> Restart graphical server
8.) reconnet to internet as needed.

This curve-family has been successfully compromised by a timing attack when Hyper-Threading is used.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."

Post Reply