If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#16
|
|||
|
|||
No Google
VanguardLH wrote in :
For ANY software that incorporates its own certificate, and to use Firefox with that software, it must install its cert into Firefox's private cert store. Mozilla has set a bad precedent: if other programs did the same, it would be a huge mess for one program to get its cert installed into the private cert store of many other programs. Current Firefox problem seems to be corrected. I was not aware of this. Perhaps I should be thinking of another browser before this happens again. Any suggestions? TIA -- You know it's time to clean the refrigerator when something closes the door from the inside. |
Ads |
#17
|
|||
|
|||
No Google
|
#18
|
|||
|
|||
No Google
KenK wrote:
VanguardLH wrote: For ANY software that incorporates its own certificate, and to use Firefox with that software, it must install its cert into Firefox's private cert store. Mozilla has set a bad precedent: if other programs did the same, it would be a huge mess for one program to get its cert installed into the private cert store of many other programs. Current Firefox problem seems to be corrected. I was not aware of this. Perhaps I should be thinking of another browser before this happens again. Any suggestions? Warning: A long reply follows. For those with short attention spans, move on to another post. The nuisance of Mozilla using a private certificate store in Firefox has pushed me to near over the edge of moving to a different web browser (a Chromium-based one but definitely not Google's version). So far, the anti-virus and video stream capture software that I have can be made to work with Firefox (sometimes with a reinstall of them with Firefox present or with an option to get them to reinsert their cert into Firefox's private certificate store). When I first got hit by Mozilla's abnormal practice of use a private certificate store, it took me awhile to figure out what was the problem. Some software authors didn't know what it was. I had to learn by being Mozilla's involuntary guinea pig. I had trialed Google Chrome several times but each time the trial lasted only 1 to 6 hours before I eradicated the beast. So I stuck with Firefox. Now when Firefox starts puking about about not connecting to an HTTPS web site, I start thinking about what might've wanted to install cert into Firefox's private cert store. I've found that the AV programs that install their cert into Firefox will often required a different cert (different hash value) with a new version of their program. Their old cert is unusable with their new software. Either their update had better install the new cert (and delete the old one) or have an option to insert their new cert into Firefox. I'm not going to figure out how to manuall install a cert into Firefox. I could figure that out but I don't want to do it. Too much effort caused by what I see as an egomaniacal choice by Mozilla. Internet Explorer can use the global certificate store (the one managed by the operating system). All Chromium-based web browsers can use the global (OS-managed) cert store. So why did Mozilla decide to use a private cert store? I really don't care about their reasons, only about the nuisance they caused their users. Imagine if EVERY program (involved in encrypting content or network traffic) had its own private certificate store. Chaos and massive nuisance. It's the slipper slope concept: they made a bad choice but luckily no one en masse has followed their lead. For now I will continue using Firefox but a few more insults regarding certs would make me rethink my choice of primary web browser. As for a Chromium-based web browser, I had trialed Opera (the new version that changed away from the Presto to the Blink rendering engine). Forget now why I decided not to go with that one. As I recall, I discovered that they were still redirecting searches through their proxy server. As an option, they have HTTP requests go through their proxy server which will compress the target host's traffic sent back to you. That reduces bandwidth to you, they incur the overhead of compressing the traffic to you, so pages supposedly pop up faster in Opera. However, it also means you allow their server to see to where you surf. They can make all the claims about privacy and security but we've all heard those promises before and yet data breaches still happen. So I disabled their compression proxy feature so Opera would supposedly connect direct to the target host. Then I poked into some of its config files and found they were still redirecting some online search requests through their proxy server. You thought you submitted a search request to one site but it actually went to Opera's server to query the target search site and then Opera's proxy server returned the results to you. Naughty naughty. That's spying regarding of what they say they do or won't do with that information. So no Opera for me. No Google Chrome crap for me, either. No experimental noobie variants, either. I settled on using Slimjet as my secondary web browser but only as a backup. It is for use when I encounter unfathomable problems with Firefox to see if those problems are absent in another web browser or to circumvent some anomalies in Firefox that I don't have to research. Slimjet is too simplistic and not as user-configurable as I enjoy with Firefox. I am NOT into adding add-on after add-on to Firefox to make up for its deficiencies, anomalies, or Mozilla deciding to yank away features previously available. Of course, to get equivalent features that are native in Firefox into Google Chrome meant that I had to install over half a dozen add-ons at the start (I think the total number of equivalencing add-ons went up to 9 or 10 at one point). Just too many piglets hanging on the teats for my taste. Webcentric apps that need to use certs can be problematic with Firefox. If it gets worse, and just as with Thunderbird whose trial failed for me after around 6 months, I will search for something better. I might be able to mold Slimjet into something that I like. Personally I dislike all this minimalism engendered by web browser authors. If the price of a no-frills car was the same price as the same car with lots of frills, would you still get the no-frills car? Yeah, I know, the cliche of "more to go wrong" but then there is "more to enjoy". Besides with all the problems that I've encountered with Firefox, I've become way more of an expert than should be expected to just be as a user. Ignorance is bliss. A little knowledge can lead you into wasting lots of time. The Chromium-based web browsers not only isolate each tab into its own process to isolate crashes and for security but they also isolate each add-on into that tab process. So an add-on that ****s up for one tab process won't effect failure on other tab processes. Alas, that also means you are loading N copies of your M add-ons for every X tabs you open. The security model means eating up memory faster. That is probably why Mozilla has stuck with one process (firefox.exe) running both the chrome and all tabs. They are planning on an E10s (Electrolysis) release that copies the Chromium solution of using a separate process for each tab but its memory footprint is horrendous. With the same number of tabs open in Google Chrome and Firefox E10s, the memory footprint of Firefox E10s is more than twice that of Google Chrome. It will be a memory pig when it gets released. Mozilla will also limit the number of tab processes (to share them with more tabs) at a smaller number of open tabs than does Google Chrome. That is, Firefox will throttle itself faster as to the total number of tab processes sooner than does Google Chrome (who uses much less memory than Firefox E10s to start with). The future of Firefox is not promising. So I haven't quite made up my choice other than when I leave Firefox that I will be moving to a Chromium-based web browser but not Google's! I'll probably take another look at Opera and hope my prior analysis was incorrect about their redirection for some search sites. However, Opera is a bit too "commercial" for my present taste. I don't how to put it concretely but something about Opera (the company, not the web browser) that twerks my comfort level. The years of Mozilla being in bed with Google made me squirmy, too. If I do re-trial Opera, twould be nice if they provided a natively portable version, not one that relies on the PortableApps platform (see http://portableapps.com/apps/internet/opera_portable). I'd want Opera to make its own portable version instead of relying on code from a 3rd party. I've read that you can elect a custom install (something like "Standalone/USB") but already read that moving the target location for that portable "installation" resulted in problems, like config files or profiles could not be found. If true, my guess is the program is using absolute pathing to its installation path rather than relative pathing. Besides, a truly portable version does not require an installer but just require copying files or unzipping to a specified location, and you can move that anywhere (different drive, different media type, networked media, etc). |
|
Thread Tools | |
Display Modes | |
|
|