Firefox starts reining in Flash, Silverlight, QuickTime


Download Mozilla Firefox 3.6.4 public beta for Windows from Fileforum now.


Actual Beta News feature bannerStarting today, an ambitious project from the Mozilla Foundation called "Lorentz" makes its first public, experimental debut, with the release of a public beta of Firefox 3.6.4. Mozilla doesn't often promote a public beta of a point release, but this time, the organization needs data from the field regarding the stability of a critical new feature that could help it regain lost traction against competitors Google, Opera, and Apple.

The one major problem with the Mozilla Firefox Web browser -- what makes users, including myself, keep an eye on the competition for a better alternative -- is how often it crashes. According to Mozilla's live statistics, the latest stable version 3.6.3 crashed at least once for every two active users whose browsers reported their telemetry to Mozilla's servers by default, on April 5 and again on April 11.

Advertisement

Judging from the signature data delivered to Mozilla's servers by its crash reporter system, in recent months, most of those crashes have actually been triggered by plug-ins. For instance, engineers believe as many as half the crashes over the last four weeks that were responsible for 189,762 crashes (as of the time of this writing Tuesday afternoon) may have been caused by a non-updated version of Adobe Reader or Acrobat. Some 90,134 crashes (about 2.7% of the total) are caused by Skype. In previous months, Adobe Flash has tallied as much as 25% of live reported crashes.

The Lorentz project is step two in Mozilla's bid to remodel Firefox architecture to take better control of its plug-ins. Step one came last November, with the introduction of Firefox 3.6 and its hardening of policies with regard to running just any binary component. With Firefox 3.6.4, Adobe Flash, Apple QuickTime, and Microsoft Silverlight -- three of the most used plug-ins in the browser user's arsenal -- will be run as protected processes. When they crash, they should no longer bring down Firefox with them.

"This version of Firefox will offer uninterrupted browsing for Windows and Linux users when there is a crash in the Adobe Flash, Apple QuickTime, or Microsoft Silverlight plugins," writes Firefox product director Mike Beltzner this afternoon. "If a crash in one of these plugins happens, Firefox will continue to run and users will be able to submit a crash report before reloading the page to try again."

The first, very early, Betanews tests on the new public beta were...well, inconclusive, at least at the moment. We tried several Silverlight pages that we knew were old, and that caused problems with more recent versions in the past. But with the new Silverlight 4, the runtime's own process control kicks in, evidently precluding situations which used to cause the browser to crash. As we get more time to test, we'll let you know what we find.

A quick check this afternoon of the latest crash reports from Mozilla show that nearly half of the crashes reported by testers of version 3.6.4 (including daily alpha builds) over the past week, come not from a plug-in but from a Windows kernel call related to multithreading. That could be the first big sign of real improvement to Firefox...something the browser sorely needs.

25 Responses to Firefox starts reining in Flash, Silverlight, QuickTime

  1. mjm01010101 says:

    How does one disable this useless feature? My firefox doesn't crash, period, so I really don't need it.

    Reminds me of the many times on an old vista build did I saw "End task "shutting down windows?""

    • GhoS says:

      Regardless of whether it is needed for you, I'm sure it won't impact the performance of Firefox. If anything, don't upgrade and you won't have to deal with it. But I don't believe it will be possible to "turn it off", its going to be built into the program. All browsers seem to be heading this way, and I think its helpful to have there even if I don't get crashes.

    • teohhanhui says:

      It's far from useless but you can disable it in about:config. Just set dom.ipc.plugins.enabled to false.

  2. preinterpost says:

    Cool. I hope they spend the other half of their resources on making it responsive.

  3. psycros says:

    Firefox did something I'd never seen before today - it disabled Java Deployment Toolkit, saying it was known to cause problems. I wonder if this is connected somehow.

    • LakotaElf says:

      Hello 'psycros" and all, Mozilla has done this before and not too long ago, maybe a year. They have disabled other plugins. As to the Java, it has been causing a problem I find after I searched it out on the search engines and so I assume do to security risks etc. the people of Firefox decided to disable it, which in my estimation is a good thing. No software maker wants his software to be labled junk, so Firefox is doing the best they can I assume.

      I know many think they should do more, but that is allot easier said than done. One step to a time and going slow is best, and as they go, they too learn. We all could also learn, that patience is a virtue ........

  4. irdepesca572 says:

    Better late than never I guess.

  5. IT advisor says:

    Time to get rid of both Flash and Silverlight, and stick to W3C standards, like HTML5.

    Time to get rid of Skype, and switch to an open standard like SIP.

    Avoid the crashes by avoiding vendor lock-in.

    • Markkus says:

      Thanks for jumping blindly on bandwagon, IT advisor.

      Flash and Silverlight do so much MORE than HTML5. Skype does more than SIP, such as work when both parties are behind NAT& firewalls.

      It's not a conspiracy that these other apps are out there--it's a shortcoming of the standards.

      • smist08 says:

        This is just crashes, another report was that 80% of security exploits were through Adobe plugins. If we get rid of Silverlight and Flash, browsing will be way more stable and way more SECURE.

      • Flash and Silverlight teams have had years to add the extras you speak of. Give the HTML 5 team that same amount of time. Then would be a better time to make your comparison.

      • preinterpost says:

        The HTML5 team? Now who would that be..?

      • bopb99 says:

        @Markkus
        SIP is a protocol.
        It has nothing to do if the software that works with it can be used if both parties are behind NAT&firewalls.

  6. Tridus says:

    This isn't really a new problem for programs that support plugins, or drivers. The #1 cause of all BSODs in Vista was actually Nvidia's terrible driver support during the first 6 months of Vista's release. On a similar vein, MIcrosoft removed hardware DirectX sound acceleration entirely because Creative's drivers have ALWAYS been crash prone garbage.

    Same problem in Firefox. If Flash either crashes or goes into runaway process mode and chews up the entire CPU, it's Firefox that gets blamed for it. I notice yesterday that Firefox offered to disable some Java thing for me because it's known to crash.

    Glad to see they're doing something to fix the problem.

    • LakotaElf says:

      Very well said "Tridus". Too often Firefox gets the blame for something they did not create. I got the same thing you did about Java, so not only did I disable it, I removed it entirely from the plugins folder. While plugins and extensions are nice, they are often the ones that cause the problems with the browser. My browser crashed yesterday, I am still trying to find which plugin did it, so I laid it on the news ones and took some out. I blamed it on foxy tab this time, but am not entirely sure on that.

      For sure, as I said, while plugins and extensions are handy and nice and many insist they must have them, they often corrupt and crash the browser.

      • Maymne says:

        Personally I'm a fan of Crash Report Helper for that... automatically lets you know what module crashed. My last 5-10 were caused by a JS Wait issue, and updating from Java 1.6.18 to 1.6.20 made it stop.

        Just nice to know wtf is screwing with your browsing enjoyment. Or at least get a hint towards it...

  7. TomasF says:

    What I don't get is if all those Firefox crashes (and yes I agree it crashes too often, that and the memory leaks is the reason I don't use it as my primary browser) are caused by plugins, how come my Opera virtually never crashes, even with Flash, Acrobat, Silverlight and Media Player? Is it just that it's *old* versions of the plugins that accounts for all the crashes? Considering many of these apps have autoupdate functionality, that's an awful high % if that's the sole cause.

  8. bigsexy022870 says:

    So it's not the browsers, but the plugins. Glad we solved that issue. What needs to be done now is making the plugins actually work and not crash. Running the plugins as protected processes makes the browser look good, but does nothing regarding the actual issue. Bad plugins should be banned by the browsers period. The browsers should all agree to not allow a plugin to be installed if it has known issues. Some sort of percent rule should be put in place. If a plugin crashes 10 percent of the time it should be banned. I of course am just tossing out a number to make a point.

    Only when plugin makers are forced out of the browser will they have incentive to properly make there products.

  9. I have had no crashing with Firefox 3.6.3 on Windows Home Premium 64-bit. I'm sure that the reason is that I only use new and/or updated addons. I never use the Nightly Tester addon to bypass security. I keep Netscape 9 installed to run some of the older addons that I still like to use occasionally. I believe a lot of the crashes people experience are caused by aging computer components and drive errors.

  10. AnthonySPT says:

    Kudos to the Firefox team, this looks to maybe even one up what Microsoft does with IE8's crash recovery and isolation of add-in technology.

    Microsoft tries to contain the add-in and if not, tries to recover gracefully. It looks like the additional plug-in code isolation layer Firefox is trying should help prevent the need for graceful recovery.

  11. timetracker says:

    I'm not sure who has all these crashes with Firefox but it's sure not me. I've been a loyal user now for the past three years and I've always found Firefox to be far more stable and safe than IE and sure haven't found a reason to give Google any more of my business by using Chrome. Anyway I really can't believe these numbers as from my experience they are way too high. But maybe I'm just lucky or don't go to the sites causing the problems. Anyway Firefox will certainly be much safer and more stable with this improved control.

  12. Hellcat_M says:

    I run Firfox 3.6.3 Portable on my computer (just put it on my C: Drive) and I have no issues, I use 12 addons too. It just loads in a little slower.

    That'll be good though that Firefox will run Flash, Silverlight and Quacktime (I meant to say Quacktime because Quicktime sucks) as a protected process.

  13. Ryusennin says:

    Namoroka 3.6.5 beta still has many stability issues when MT is enabled. In that domain, I haven't noticed much improvement in the past two point releases.

  14. Calc_Yolatuh says:

    I'm sorry, it crashes this often and you still use it? Symantec's catalogue of threats listed 169 new Firefox vulnerabilities in 2009, with the second-highest number of attack instances. This compares to 45 new issues in IE8 (most attacked), 45 in Safari, 35 in Chrome, 25 in Opera.

    The next time you get pwned while cruising Facebook, please don't give me a call.

  15. Calc_Yolatuh says:

    Sorry. Here's a quote from page 17 of the PDF: " Mozilla Firefox was affected by 169 new vulnerabilities in 2009, more than any other browser; there were 94 new vulnerabilities identified in Apple® Safari®, 45 in Microsoft internet Explorer, 41 in Google® Chrome and 25 in Opera™."

    Makes for some good reading. They address plug-in vulnerabilities also.

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.