Mozilla Update

Mozilla Update is a website to get add-ons for the Mozilla Foundation's flagship products: Mozilla Firefox, Mozilla Thunderbird and Mozilla Application Suite. These add-ons include extensions, themes and plugins. It is the official place to get Mozilla add-ons. The site is also informally known as UMO or u.m.o (and now AMO), an abbreviation of its URL: update.mozilla.org (and now addons.mozilla.org).

The site has undergone several changes after the first launch, and a second version would be launched around June 17, 2005.

In contrast to mozdev.org which provides free hosting for Mozilla-related project, this website is targeted to the end-users, not just software developers.

Mozilla Organization

The Mozilla Organization (mozilla.org) was an informal group formed and funded by Netscape Communications Corporation to co-ordinate the development of the open source Mozilla web browser. Founded on February 23, 1998, the organization consisted mostly of Netscape employees, but in theory operated independently.

When Netscape's now-parent AOL disbanded Netscape on July 15, 2003, a formally-registered not-for-profit organization, the Mozilla Foundation, was founded to ensure that the Mozilla project could continue without Netscape's support. The Foundation effectively replaced mozilla.org (though as mozilla.org was always an informal group, there was no official closure of it). Today, the terms Mozilla Organization and mozilla.org can be taken as synonyms for the Mozilla Foundation.

Mozilla Foundation

The Mozilla Foundation is a non-profit organization that exists to support and provide leadership for the open source Mozilla project. The organization sets the policies that govern development, operates key infrastructure and controls trademarks and other intellectual property. It owns a taxable subsidiary called the Mozilla Corporation, which employs several Mozilla developers and coordinates releases of the Mozilla Firefox web browser and the Mozilla Thunderbird email client. The Mozilla Foundation is based in Mountain View, California.

The Mozilla Foundation describes itself as "a non-profit organization dedicated to preserving choice and promoting innovation on the Internet".

History

The Mozilla Foundation was launched on July 15, 2003 as America Online (AOL) drastically scaled back its involvement with Mozilla, laying off or reassigning most of the Netscape browser developers and announcing that it would no longer finance the day-to-day running of the project. The Mozilla Foundation essentially replaces mozilla.org (also known as the Mozilla Organization), a much looser and more informal group that was established as an autonomous division of Netscape in 1998. AOL assisted in the initial creation of the Mozilla Foundation, transferring hardware and intellectual property to the organization and employing a three-person team for the first three months of its existence to help with the transition. AOL promised to donate $2 million to the foundation over two years.

Mozilla Corporation

Main article: Mozilla Corporation

On August 3, 2005, the Mozilla Foundation launched a wholly-owned subsidiary called the Mozilla Corporation to continue the development and delivery of Mozilla Firefox and Mozilla Thunderbird. The Mozilla Corporation takes responsibility for release planning, marketing and a range of distribution-related activities. It also handles relationships with businesses, many of which generate income. Unlike the Mozilla Foundation, the Mozilla Corporation is a taxable entity, which gives it much greater freedom in the revenue and business activities it can pursue.

Operations

Initially, the remit of the Mozilla Foundation grew to become much wider than that of mozilla.org, with the organization taking on many tasks that were traditionally left to Netscape and other vendors of Mozilla technology. As part of a wider move to target end-users, the foundation made deals with commercial companies to sell CDs containing Mozilla software and provide telephone support. In both cases, the group chose the same suppliers as Netscape for these services. The Mozilla Foundation also became more assertive over its intellectual property, with policies put in place for the use of Mozilla trademarks and logos. New projects such as marketing were also launched.

With the formation of the Mozilla Corporation, the Mozilla Foundation delegated all their development and business-related activities to the new subsidiary. The Mozilla Foundation now focuses solely on governance and policy issues, though it also continues to oversee the projects that have not been "productized", such as Camino and SeaMonkey. The Mozilla Foundation owns the Mozilla trademarks and other intellectual property, which it licenses to the Mozilla Corporation. It also controls the Mozilla source code repository and decides who is allowed to check code in.

The Mozilla Foundation accepts donations as a source of funding. As well as AOL's initial $2 million donation, Mitch Kapor gave $300,000 to the organization at its launch. The group has tax-exempt status under IRC 501(c)3 of the US tax code, though the Mozilla Corporation subsidiary is taxable.

People

The Mozilla Foundation Board of Directors has five members:

• Mitch Kapor (Chair)
• Mitchell Baker
• Brian Behlendorf
• Brendan Eich
• Joichi Ito

Originally, Christopher Blizzard had a seat on the board but he moved to the Mozilla Corporation Board of Directors when it was established. Joichi Ito joined the Mozilla Foundation board at this time.

The foundation also has a number of paid employees, who focus on project and policy issues:

• Frank Hecker — Director of Public Policy
• Gervase Markham
• Zak Greant

The Mozilla Corporation also has a number of employees, many of whom worked for the foundation before the establishment of the corporation.

The committee that runs the Mozilla Foundation is known as mozilla.org staff and is composed of a mixture of foundation employees and volunteers.

References

• Mozilla Foundation Forms New Organization to Further the Creation of Free, Open Source Internet Software, Including the Award-Winning Mozilla Firefox Browser. Mozilla Press Center. URL accessed on August 3, 2005.

Features of Mozilla Firefox

Mozilla Firefox has some features that distinguish it from other browsers like Internet Explorer. However, it lacks many features found in other browsers, in an effort to combat interface bloat and to allow the browser to be shipped as a small, pared-down core easily customizable to meet individual users' needs. Instead of providing all features in the standard distribution, Firefox relies on the extension system to allow users to modify the browser according to their requirements.

Tabbed browsing

Firefox supports tabbed browsing, which allows users to open multiple pages in the same window. This feature was carried over from the Mozilla Application Suite, which in turn had borrowed the feature from the popular MultiZilla extension for SeaMonkey. Until version 1.0, Firefox did not support automatic single window mode, in which all links that would normally open in a new window were instead opened in a new tab. This feature was introduced in 1.0 after complaints from users migrating from other browsers such as Opera, Avant Browser or Maxthon. However, there were a number of problems with this policy, and as a result it has been disabled by default. Before 1.0, most users who preferred single window mode used extensions such as Tabbrowser Preferences or Tabbrowser Extensions to solve their quandary.

Firefox also permits the "homepage" to be a list of URLs delimited with vertical bars (), which are automatically opened in separate tabs, rather than a single page. This can be a mixed blessing, since clicking the home page opens another set of tabs, instead of resetting the current set (though the proper way to solve this isn't entirely clear), and since it is slightly more difficult to open a browser quickly for a single web page retrieval when this is necessary.

Pop-up blocking

Firefox also includes integrated customizable pop-up blocking. Firefox was given this feature early in beta development, and it was a major comparative selling point of the browser until Internet Explorer gained the capability in the Windows XP Service Pack 2 beta. This blocks pop-ups from all web sites by default, but can be configured to allow individual sites to show pop-ups. It can also be turned off entirely to allow pop-ups from all sites. Firefox's pop-up blocking can be inconvenient at times — it prevents JavaScript-based links opening a new window while a page is loading unless the site is added to a "safe list" found in the options menu.

In many cases it is possible to view the pop-up's URL by clicking the dialogue that appears when one is blocked. This makes it easier to decide if the pop-up should be displayed.

Download manager

An integrated customizable download manager is also included. Downloads can be opened automatically depending on the file type, or saved directly to disk. By default, Firefox downloads all files to a user's desktop on Windows or to the user's home directory on Linux, but it can be configured to prompt for a specific download location. The download manager currently does not support cross-session resuming (stopping a download and resuming it after closing the browser). Another issue with the download manager is that it fails to close if small files or files already in the cache are downloaded. One advantage of the Firefox download manager is that the user can view the full source URL and destination path of the file being downloaded via the Properties box; Internet Explorer only shows the file name and source domain name.

When the download manager was first introduced around version 0.8, there was an uproar among users who preferred the old style of individual windows for downloads, akin to that used by Internet Explorer. Initially there was a great demand for an extension to address the issue but this desire quickly diminished.

Live Bookmarks

Powered by RSS or Atom feeds, "Live Bookmarks", another feature of Firefox, allow users to dynamically monitor changes to their favorite news sources. When this feature was first introduced in version 1.0 PR, there were a few worries that Firefox was beginning to include non-essential features and that it was beginning to bloat the browser much like the Mozilla Suite. However, these worries have largely abated.

Live Bookmarks have surprised many users with their simplicity. Instead of treating RSS-feeds as HTML pages like most news aggregators do, they are treated as bookmarks that are updated in real-time with a link to the appropriate source.

Page Information Box

The Firefox browser also includes the Page Info dialog (accessible via the right-click context menu) which displays various information on the current web page, such as:

• Page encoding method, referrer, MIME type and metadata


• Form input methods and fields for the current page


• Links on the page - link text, target and type


• Media elements and their properties, such as images and the Favicon


• Security and encryption details

Font size/style

Firefox allows users to force web pages to render in a certain font and size, even if the web site themselves set the font sizes in pixels. This can be useful for viewing sites with small fonts.

Add-ons

The main page of Mozilla Update

Mozilla Firefox showing several extensions and a custom theme

There are 3 types of add-ons in Firefox: extensions, themes, and plugins. All themes and extensions available on the Mozilla Update site may be upgraded through the browser interface itself.

Extensions

A typical XPInstall confirmation dialog

An often-touted feature of Firefox is its extensibility. Extensions allow the addition of new features such as mouse gestures, advertisement blocking, proxy server switcher, debugger tools, and others through the installation of XPInstall modules. Many former Mozilla features such as IRC chat (ChatZilla), calendar, etc. have become extensions. Although several private sites have sprung up offering extensions for download, the Mozilla Foundation offers a variety of extensions for download on the Mozilla Update site. Most extensions are no more than a few kilobytes in size, making them easily accessible to anyone regardless of connection speed.

The extension system can be viewed as a ground for experiment where new functionalities are being tested. From time to time an extension would be pulled back into the project and made part of the product. An example is MultiZilla, an extension which provided tabbed browsing when Mozilla lacked that feature. The first implementation of tabbed browsing for Mozilla was a complete rewrite of a stripped version of MultiZilla, but the author of MultiZilla (H.J. van Rantwijk) agreed that it was better to use the new <tabbrowser> widget written for Mozilla, for support and compatibility reasons only. Note that MultiZilla is still being worked on, even today.

There has been some concern about extension security, as it is possible to install a malicious extension that may gather information about the user, or worse, compromise his or her computer's security. The developers responded by letting users whitelist the sites they trust to download extensions from, and by providing a preference to disable extension installation altogether. In addition, Firefox prevents users from clicking the button to install the extension for three seconds to ensure that users are not tricked into clicking it accidentally. Blogger Jesse Ruderman filed the bug report that explained why the last measure is necessary, giving examples of how users could be manipulated into installing extensions without knowing it in versions without the three-second delay.

Firefox must be restarted before extensions are fully installed, uninstalled or disabled. This is one of the criticisms of Firefox themes and extensions although the Firefox development team plan for functionability to allow extensions and themes to be installed without restarting in version 1.5.

Note that MultiZilla introduced a color scheme (for protection) and a context menu that can be used to download the XPI file (instead of installing it) It can also be used to bookmark or copy the URI of the XPI file to the clipboard for later use. Another feature that might end in Mozilla Firefox one day.

Themes

Firefox also supports a variety of themes/skins for changing its appearance. Themes are simply packages of CSS and image files. Many themes can be downloaded from the Mozilla Update web site.

The change of default theme from Qute to Winstripe in Firefox 0.9 was subject to mass debate. The Winstripe theme was created by heavily modifying Pinstripe, a theme designed with Mac OS X in mind. Prior to that, Firefox and its predecessors had used the Qute theme, designed by Arvid Axelsson. Due to licensing issues, the theme was prevented from being released under the Mozilla Public License. Axelsson was upset about being notified about the theme change only a few days before it took place, and posted the transcript of his dialogue with Ben Goodger, who had informed him of the change, on the MozillaZine forums, breaking the news before it was formally announced. Although many people criticized the new theme when it was rolled out, eventually the tension subsided. Axelsson continues to produce Qute privately. Axelsson still makes Mozilla Thunderbird's default theme.

Plugins

Firefox supports plugins based on Netscape Plugin Application Program Interface (NPAPI), i.e. Netscape-style plugins. As a side note, Opera and Internet Explorer 3.0 to 5.0 also supports NPAPI.

On June 30, 2004, the Mozilla Foundation, in partnership with Adobe, Apple, Macromedia, Opera, and Sun Microsystems, announced a series of changes to web browser plugins. The new API will allow web developers to offer richer web browsing experiences, helping to maintain innovation and standards. The new plugin technologies are expected to be implemented in the future versions of the Mozilla applications.

Preferences and privacy

Firefox's toolbars and interface are customizable; users can move and manipulate the various buttons, fields, and menus on the toolbars, and also add new toolbars or delete existing ones.

The feature of password manager and form manager that save login and form information can be helpful to user, especially home users. Firefox offers a one-click system for deleting trails of activity on the Web. Cookies, history, saved passwords, cache, saved form information, and download manager history can all be cleared with one button or individually.

Using the built-in software security device, users can set a master password to encrypt all saved password and personal certificates, preventing an intruder from easily compromising sensitive information. Users will then be prompted for this password when a saved password or personal certificate would be required. The user can set how often they will be asked this password in the browser preferences.

Additionally, Firefox stores many hidden preferences that are accessed by typing about:config in the address bar. This is used to enable features such as single-window mode and error-pages, or to speed up page rendering by various tweaks. Experimental features like HTTP pipelining are often hidden in the about:config menu.

Standards support

The Mozilla Foundation takes pride in Firefox's compliance with W3C web standards. Firefox has extensive support for most basic Web standards including HTML, XML, XHTML, CSS, JavaScript, DOM, MathML, XSL and XPath. As of December 2005, however, Firefox's latest stable release, Firefox 1.5, does not pass the rigorous Acid2 standards-compliance test, which has been passed so far only by the browsers Safari, Konqueror, and iCab.

It also supports PNG images and variable transparency, something Internet Explorer does not do fully. Indeed, Firefox's support of PNG images has caused much debate around Internet Explorer's standards compliance, as it is a standard that web developers want to use instead of the old GIF format, which does not have the same capabilities. GIF was also patent-encumbered until recently.

Mozilla contributors are constantly improving Firefox's support for existing standards. Most of CSS Level 2 and some of the not-yet-completed CSS Level 3 standard have been implemented in Firefox. Work is also being done on implementing standards that are currently missing, including SVG, APNG, and XForms. The latest Firefox 1.4 nightlies are built with SVG, but disabled by default. It is expected to have partial SVG 1.1 support, as shown in the SVG status page.

Firefox and other Mozilla applications are built with XPToolkit, which reuses some of the existing standards (CSS, DTD, JavaScript and RDF) and introduces a collection of proprietary standards (XUL, XBL, and XTF). Some of the Mozilla standards like XBL is also making its way to open standards (via WHATWG).

Cross-platform support

Mozilla Firefox runs on a wide variety of platforms. Releases available on the primary distribution site support the following operating systems:

• Various versions of Microsoft Windows, including 98, 98SE, Me, NT 4.0, 2000, XP, and Server 2003


• Mac OS X


• Linux-based operating systems using X.Org Server or XFree86

Mozilla Firefox installation on Windows 95 requires a few additional steps.

Since the source code is available, it can also be compiled and run on a variety of other architectures and operating systems. Thus, Firefox is also available for many other systems. This includes Solaris (x86 and SPARC), OS/2, AIX, and FreeBSD. Builds for Windows XP Professional x64 Edition are also available.

Firefox uses the same profile format on the different platforms, so a profile may be used on multiple platforms, if all of the platforms can access the same profile (e.g., profile stored on a FAT32 partition accessible from both Windows and Linux). This is useful for users who dual-boot their machines. However, it may cause a few problems, especially with extensions.

Other features

Screenshot of performing "Find as you type". "ency" was being typed and the first matched text was highlighted in green.

Firefox also has an incremental find feature known as "find as you type", invoked by the slash (/) key. When a user types a word while on a web page, Firefox will automatically search for it in the page and highlight the first instance found.

There is also a built-in Mycroft Web search function with extensible search engine listing; by default, Firefox includes plugins for Google and Yahoo!, and also includes plugins for looking up a word on dictionary.com and browsing through Amazon.com listings. Other popular Mycroft search engines include Wikipedia, eBay, and IMDb. Mycroft is named after Mycroft Holmes, the fictional older and smarter brother of Sherlock Holmes. The Macintosh OS's built-in search system is named after Sherlock Holmes.

It should be noted that most of the aforementioned features are not unique to Firefox. Opera, for example, also supports many of these features, but lacks similar extensibility; also, until recently it was supported by advertisements — users had to pay a fee to remove the advertisements.

Security

Secured by design

Firefox was designed with security in mind. Some of the key features include the use of the sandbox security model, same origin policy and external protocol whitelisting.

One key characteristic of Firefox security is based on the fact that it is open source software, and thus, its source code is visible to everyone. Proposed software changes are reviewed by at least one other person, and typically "super-reviewed" by yet another, and once placed in the software is visible for anyone else to consider or protest.

Security bug bounty

In addition, Mozilla (including Firefox) has a security "bug bounty" system: people who report a valid critical security bug receive a $500 (US) cash reward (for each report) and a Mozilla T-shirt. The purpose of this "bug bounty" system is, according to the Mozilla Foundation, to "encourage more people to find and report security bugs in our products, so that we can make our products even more secure than they already are." Note that these reporters can be anyone in the world, and that these potential reporters have access to the source code of Mozilla Firefox, internal design documentation, forum discussions, and other materials they can use to aid them in finding security flaws.

However, the bug bounty does not always succeed in maintaining the secrecy of Firefox vulnerabilities. On May 8, 2005, two serious security issues (and their proofs of concept) that allow arbitrary code execution had been leaked onto the Internet. The vulnerability was originally discovered by Paul of Greyhats Security Group and Michael "mikx" Krax. Paul and mikx reported the vulnerability to the Mozilla Foundation and bug 292691 was filed on Monday (May 2, 2005). However, somebody else found out and leaked the details of the exploit. This was against the security bugs policy and the will of both the reporters and the community. An official security advisory was published, includes various workarounds to the vulnerabilities. This was fixed in 1.0.4, which was released on May 11, 2005 (9 days after the initial bug report).

Vulnerabilities

As of May 2005, the security firm Secunia reports 4 security flaws not yet fixed for Mozilla Firefox, as opposed to 19 security flaws not yet fixed for Microsoft Internet Explorer. In addition, according to Secunia, Firefox's vulnerabilities tend to be less critical than Internet Explorer's. While Internet Explorer users who have installed Windows XP Service Pack 2 are only affected by seven of these vulnerabilities, users of older versions of Windows are potentially affected by all of them as Service Pack 2 is only available for Windows XP.

On the whole, Firefox security vulnerabilities have been patched relatively quickly. Most occurred during the beta phase of the project. One notable exception is the XUL spoofing vulnerability that was found in 1999, marked confidential in the Mozilla bugtracker until July 21, 2004, and fixed finally before the first official release of the product for end-users (the 1.0 release). In late February 2005 a security update, Firefox 1.0.1, was released which addresses several more security issues found since the release of 1.0, in particular preventing a new class of internationalized domain name spoofing attacks.

A line of reasoning used by critics to explain Firefox's low number of security vulnerabilities is that since Firefox's market share is quite low, attackers may have less incentive to develop and release exploit code, and so vulnerabilities of the same kind may be less likely to be exploited. However, it was argued that this is not the full story; the Apache HTTP Server has a much larger market share than Microsoft IIS, yet Apache has had fewer (and generally less serious) security vulnerabilities than IIS.

A list of fixed security vulnerabilities can also be found in Mozilla Foundation's security advisories.

Media coverage

The count of pro-Firefox security reports and press articles took a notable upswing after the Download.ject attack on Internet Explorer on June 23, 2004. This was bolstered by numerous media reports on the subject around the same time that representative Art Manion of the United States Computer Emergency Readiness Team (US-CERT) suggested that using a web browser other than Internet Explorer would mitigate security risks. On June 6, 2004, before the release of Windows XP Service Pack 2, CERT Vulnerability Note (VU#713878) stated as one of seven solutions that switching to an alternate browser would avoid this vulnerability, and possibly others.

Some security experts, including Bruce Schneier and David A. Wheeler, recommended that users should stop using Internet Explorer for normal browsing, and switch to a different browser instead; Wheeler specifically recommended Firefox. Several technology columnists have suggested the same, including highly regarded Wall Street Journal columnist Walter S. Mossberg, Washington Post columnist Rob Pegoraro, USA Today's Byron Acohido and Jon Swartz, Forbes' Arik Hesseldahl, eWEEK.com Senior Editor Steven J. Vaughan-Nichols, and Desktop Pipeline's Scot Finnie. Microsoft's Craig Mundie admitted that Microsoft's products were "less secure than they could have been" because they were "designing with features in mind rather than security" — even though most people didn't use those new features.

On December 8, 2004, Pennsylvania State University Information Technology Services suggested that students avoid using Internet Explorer and recommended a number of alternative browsers including Firefox.

Comparisons

Firefox's security is usually contrasted with that of Internet Explorer, since Internet Explorer is Firefox's primary competition.

The United States Computer Emergency Readiness Team (US-CERT) did state that Internet Explorer's design makes it very difficult to secure. In contrast, almost none of their concerns apply to Firefox. The US-CERT noted that:

"There are a number of significant vulnerabilities in technologies relating to the IE domain/zone security model, local file system (Local Machine Zone) trust, the Dynamic HTML (DHTML) document object model (in particular, proprietary DHTML features), the HTML Help system, MIME type determination, the graphical user interface (GUI), and ActiveX... IE is integrated into Windows to such an extent that vulnerabilities in IE frequently provide an attacker significant access to the operating system."

Firefox and Internet Explorer both employ graphical user interfaces (GUIs), and in both cases there is the risk that a user may be fooled by misunderstanding the interface or the displayed information in a way that puts them at risk (this is a general risk of GUI-based web browsers). However, in all other ways Firefox is different from Internet Explorer:

• Firefox does not use a domain/zone security model or local machine zone trust for accessing web pages (common ways to fool Internet Explorer into granting excess privileges).


• Firefox does not support many of Microsoft's proprietary DHTML features, which create those risks for vulnerabilities


• Firefox is not part of Microsoft's HTML Help system


• Firefox does not ignore the MIME type of a file unless it's a binary file sent with a text/plain MIME type


• Firefox does not support ActiveX (though plugins for ActiveX exist in some form; once an ActiveX component is run, it runs with the full privileges of the user, instead of having limited privileges like a Java or JavaScript applet). Signed remote script that uses XPCOM (short for cross platform COM) is in some ways similar to ActiveX. However, XPCOM cannot be used silently in this way because every use of XPCOM components need to be confirmed by the user (with a timeout dialog). Therefore, usually XPCOM is only used within the browser chrome.


• Firefox is not deeply integrated into the operating system. Thus, any defects in Firefox are less likely to have catastrophic effects, major new versions of Firefox can be installed without installing a new operating system, and Firefox can be uninstalled later without difficulty. However, since Firefox is cross-platform, any defects in the browser may affect all platforms. In addition, defects in the browser may potentially allow a hacker access to all the system resources made accessible by vulnerabilities in Internet Explorer.

Firefox 1.5 Features

There are several new features in Firefox 1.5 including:

• 'Sanitize Settings' which automatically removes privacy information with a keyboard shortcut or when closing firefox.


• Options Window UI Update


• New Cookie Controls per site


• Extension Manager upgrades:
  
  
  
  • Command Line Installation/Uninstallation
  
  
  • Server-Side GUID Blacklist
  
  
  • Enhanced Global Registration
  
  
  
  


• Mac Profile Migrators for:
  
  
  
  • Apple Safari
  
  
  • Mozilla Camino
  
  
  • Microsoft Internet Explorer 5.x
  
  
  • Omniweb 5
  
  
  
  


• Searchable download actions manager (now with integrated full page plugin support)


• Possible Accessibilites options


• Drag-and-drop reordering of tabs


• Instant Back and forward navigation


• Native SVG Support


• Support for Always Storing Cache on Local Filesystem


• Provide utility for incremental download (Key part for patches instead of full releases for updates)


• Reporter Tool (To report broken websites)


• Support for the <canvas> tag

History of Mozilla Firefox

Early beginnings: a pared-down browser

Hyatt and Ross's mozilla/browser (later Phoenix, Firebird and finally Firefox) browser was created to combat the perceived software bloat of the Mozilla Suite (codenamed and internally referred to as Seamonkey), which integrated features such as IRC, mail and news, and WYSIWYG HTML editing into one software suite.

Firefox retains the cross-platform nature of the original Mozilla browser, using the XUL user interface markup language. The use of XUL makes it possible to extend the browser's capabilities through the use of extensions and themes. The development and installation processes of these add-ons raised security concerns, and with the release of Firefox 0.9, the Mozilla Foundation opened a Mozilla Update website containing "approved" themes and extensions. The use of XUL sets Firefox apart from other browsers, including projects based on Mozilla's Gecko layout engine and most other browsers, which use interfaces native to their respective platforms (Galeon and Epiphany use GTK+; K-Meleon uses MFC; and Camino uses Cocoa). Many of these projects were started before Firefox, and probably served as inspiration.

The first sign of a Firefox-like project was a small application sample (presumably to demonstrate how to embed Gecko in another application) shipped with early milestone builds of Mozilla. Featuring only "back", "forward", and "stop" buttons and a URL field (no cache, no stored history, etc.), it was minimalistic and thus a lot lighter than Mozilla itself. Eventually, it was no longer shipped with Mozilla's binary builds.

Although the Mozilla Foundation had intended to make the Mozilla Suite obsolete and to replace it with Firefox, the Foundation continues to maintain the suite because it has many corporate users, as well as being bundled with other software. In an attempt to combat software bloat, the Mozilla Suite developers stripped out several features and much of the interface. Further, many Mozilla Suite features (such as the IRC client) are now available as optional Firefox extensions.

On February 5, 2004 the business and IT consulting company AMS categorized Mozilla Firefox (then Firebird) as a "Tier 1" (meaning "Best of Breed") open source product (Keating, 2004). This meant that AMS considered Firebird (as it was called at the time) to be virtually risk-free and technically strong.

Naming

The project which became Firefox started as an experimental branch of the Mozilla Suite called m/b (or mozilla/browser). When sufficiently developed, binaries for public testing appeared in September 2002 under the name Phoenix.

The Phoenix name was retained until April 14, 2003 when it was changed (after a short stint as Phoenix Browser) due to trademark issues with the BIOS manufacturer, Phoenix Technologies (who produce a BIOS-based browser called Phoenix FirstWare Connect). The new name, Firebird, was met with mixed reactions, particularly as the Firebird database server already carried the name. In late April, following an apparent name change to Firebird browser for a few hours, the Mozilla Foundation issued an official statement which stated that the browser should be referred to as Mozilla Firebird (as opposed to just Firebird). Continuing pressure from the Firebird community forced another change, and on February 9, 2004 the project was renamed Mozilla Firefox (or Firefox for short).

The name, "Firefox", was chosen for its similarity to "Firebird", but also for its uniqueness in the computing industry. To ensure that no further name changes would be necessary, the Mozilla Foundation began the process of registering Firefox as a trademark with the United States Patent and Trademark Office in December 2003. This trademark process led to a delay of several months in the release of Firefox 0.8 when the foundation discovered that in the UK Firefox had already been registered as a trademark for browsers by The Charlton Company. The situation was resolved when the foundation was given a license to use Charlton's European trademark.

The repeated renaming of the program prompted the development of the tongue-in-cheek extension "Firesomething", which allowed users to randomize the name on startup, giving it such satirical soubriquets as "Firegiraffe" or "Moonbadger".

Branding and visual identity

One of the most visible enhancements is the new visual identity of Firefox and Thunderbird. It has often been argued that free software is typically designed only by programmers - rather than graphic designers or usability gurus - and that it frequently suffers from poor icon and GUI design and lacks a strong visual identity. The early Firebird and Phoenix releases of Firefox were considered to have had reasonable visual designs, but were not up to the same standard as many professionally released software packages.

In October 2003, professional interface designer, Steven Garrity, wrote an article covering everything he considered to be wrong with Mozilla's visual identity. The page received a great deal of attention (it was slashdotted). The majority of the criticisms levelled at the article were along the lines of "where's the patch?", an open source way of saying "if you don't like it, you can fix it yourself."

Shortly afterwards, Garrity was invited by the Mozilla Foundation to head up the new visual identity team. The release of Firefox 0.8 in February 2004 saw the introduction of the new branding efforts, including new icons designed by Jon Hicks, who had previously worked on Camino. The logo was revised and updated later, fixing some flaws found when the logo was enlarged.

The animal shown in the logo is a stylized fox, although "firefox" is considered to be a common name for the red panda (despite its name, the red panda is more closely related to the raccoon family then the panda family). The panda, according to Hicks, "didn't really conjure up the right imagery", besides not being widely known. The logo was chosen for the purpose of making an impression, while not shouting out with overdone artwork. The logo had to stand out in the user's mind, be easy for others to remember and stand out while not causing too much distraction when among other icons. It was expected to be the final logo for the product.

The Firefox icon is a trademark used to designate the official Mozilla build of the Firefox software. Although the core software is open source, the artwork (along with the quality feedback agent and parts of the installer) is not freely licensed. For this reason, Debian and other software distributors who distribute patched or modified versions of Firefox are not allowed to use the icon. Debian's mozilla-firefox package uses a globe icon without the fox.

Delicious delicacies

A screenshot showing the "cookies are delicious delicacies" line

Early Firefox releases featured an options menu that described cookies in the following way: "Cookies are delicious delicacies".

The phrase was representative of the programmers' quirky sense of humor and a general reflection of the open source movement's unconventional approach. The phrase became something of a cult legend and was even featured in an O'Reilly computer book.

However, in reflection of the growing acceptance and use of the Firefox browser in the Internet mainstream, the text now reads "Cookies are pieces of information stored by web pages on your computer. They are used to remember login information and other data". The revision was regarded as more likely to be helpful for the less technically-oriented computer users who were now using Firefox - representing Mozilla's desire to appeal to mainstream users.

The original text was inserted by Blake Ross, one of the lead developers of Firefox, because, he says, "describing something so complicated in such a small space was quite frankly the last thing I wanted to worry about after rewriting the cookie manager". This was considered a bug and was fixed by Mike Connor.

The text became a popular in-joke and on August 2004, the Delicious Delicacies extension was released by Jesse Ruderman. This extension restores the old description of cookies, available in several languages.

The road to 1.5

"Deer Park", the codename of the Firefox 1.1 Alphas, do not include Firefox branding.

On June 23, 2005, the Mozilla Foundation announced that Firefox 1.1 (which became Firefox 1.5) and other new Mozilla products will no longer support Mac OS X v10.1. This is intended to improve the quality of Firefox releases on Mac OS X v10.2 and above. Users of 10.1 may still use Firefox versions from the 1.0.x branch (e.g. Firefox 1.0.7).

New options window from Firefox 1.5 ("Deer Park")

Firefox 1.5 was released on November 30, 2005. After the first two alpha builds, which were destined to become Firefox 1.1, Mozilla Foundation raised the version number of the next major release from "1.1" to "1.5" because the new version contained more changes than originally planned. The new version resynchronised the code-base of the release builds (as opposed to nightly builds) with the core "trunk" which contains additional features not available in 1.0, as it branched from the trunk around the 0.9 release. As such, there has been a backlog of bug fixes between 0.9 and the release of 1.0, which are now available in 1.5. Version 1.5 implements a new Mac-like options interface, which has been the subject of much criticism from Windows and Linux users, with a "Sanitize" action to allow a person to clear their privacy related information without manually clicking the "Clear All" button. A user can clear all privacy-related settings simply by exiting the browser or using a keyboard shortcut, depending on their settings. Moreover, the software update system will be improved (with binary patch possible). There are also be improvements in the extension management system, with a number of new developer features.

Also, Firefox 1.5 has (partial) SVG 1.1 support, as shown in Mozilla's Bugzilla database. This unplanned movement may be due to the release of Opera 8.0 on April 19, 2005, which supports SVG Tiny.

Alpha builds of Firefox 1.5 (1.1a1 and 1.1a2) did not contain Firefox branding. They were labeled "Deer Park" (which was Firefox 1.5's internal codename) and contained a different program icon (see installation screenshot, right). This was done to dissuade end-users from downloading preview versions, which are intended for developers only.

Mozilla Firefox

Mozilla Firefox is a free, cross-platform, graphical web browser developed by the Mozilla Corporation and hundreds of volunteers.^[1] The browser began as a fork of the Navigator component of the Mozilla Application Suite; Firefox has since become the foundation's main development focus (along with its Thunderbird mail and news client), and has replaced the Mozilla Suite as their official main software release.

Before its 1.0 release, Firefox had already gained acclaim from numerous media outlets, including Forbes^[2] and the Wall Street Journal.^[3] With over 25 million downloads in the 99 days after the initial 1.0 release, Firefox became one of the most downloaded free and open source applications, especially among home users.^[4] On October 19, 2005, Firefox had its 100 millionth download, just 344 days after the release of version 1.0.^[5] Firefox 1.5 was released on November 29, 2005, with more than 2 million downloads within the first 36 hours.

Firefox includes an integrated pop-up blocker, tabbed browsing, live bookmarks, support for open standards, and an extension mechanism for adding functionality. Although other browsers have introduced these features, Firefox became the first such browser to achieve wide adoption.

Firefox has attracted attention as an alternative to other browsers such as Microsoft Internet Explorer. As of November 2005, estimates suggest that Firefox's usage share is around 9.4% of overall browser usage (See market adoption), with its highest usage in Finland (about 30%).

Branding and visual identity of firefox

Dave Hyatt and Blake Ross began working on the Firefox project as an experimental branch of the Mozilla project. They believed that the commercial requirements of Netscape's sponsorship and developer-driven feature creep compromised the utility of the Mozilla browser. To combat what they saw as the Mozilla Suite's software bloat, they created a pared-down browser, with which they intended to replace the Mozilla Suite.

Mozilla Firefox retains the cross-platform nature of the original Mozilla browser by using the XUL user interface markup language. Through Firefox's support of XUL, users may extend their browser's capabilities by applying themes and extensions. Initially, these add-ons raised security concerns, so with the release of Firefox 0.9, the Mozilla Foundation opened Mozilla Update, a website containing themes and extensions "approved" as not harmful.

The Mozilla Foundation had intended to make the Mozilla Suite obsolete and to replace it with Firefox. On March 10, 2005, the Foundation announced that official releases of Mozilla would cease with the 1.7.x series. The Foundation continues to maintain the 1.7.x branch because of its continued use by many corporate users, and because makers of other software still often bundle the product. The Mozilla community (as opposed to the Foundation) will release the next version. These community releases will be called SeaMonkey, and will start out at version 1.0 to avoid any possible confusion for organizations or people still wanting to use the original Mozilla Suite. The Mozilla Foundation will continue giving support (such as CVS hosting) for the Mozilla community developers.

Naming

The project which became Firefox started as an experimental branch of the Mozilla Suite called m/b (or mozilla/browser). When sufficiently developed, binaries for public testing appeared in September 2002 under the name Phoenix.

The Phoenix name survived until April 14, 2003, when it changed due to trademark issues with the BIOS manufacturer, Phoenix Technologies (who produce a BIOS-based browser called Phoenix FirstWare Connect). The new name, Firebird, provoked mixed reactions, particularly since the free database software Firebird uses the same name. In late April, following an apparent name change to Firebird browser for a few hours, the Mozilla Foundation stated that the browser should always bear the name Mozilla Firebird in order to avoid confusion with the Firebird database server. However, continuing pressure from the FLOSS community forced another change, and on February 9, 2004, Mozilla Firebird became Mozilla Firefox (or Firefox for short).

The Mozilla Foundation chose the name "Firefox" for its similarity to "Firebird", but also for its uniqueness in the computing industry. To avoid any potential further name changes, the Mozilla Foundation began the process of registering Firefox as a trademark with the United States Patent and Trademark Office in December 2003.^[6] As "Firefox" already existed as a registered trademark in the United Kingdom, the Mozilla Foundation licensed the name from the trademark's owner.

Branding and visual identity

The adoption of a new visual identity marks one of Firefox's most visible enhancements from its previous versions. Some people have noted that free software frequently suffers from poor icon and user interface design and from a lack of a strong visual identity. Such opinion held that the early releases of Firefox sported "reasonable" visual designs, but did not regard them as of a standard equivalent to many "professionally" released software packages. The release of Firefox 0.8 in February 2004 saw the introduction of new branding efforts, including new icons. Jon Hicks designed the icon for Firefox 0.8 and up.

The logo depicts a stylized fox, since the Red Panda (to which the term "Firefox" was originally referred^[7]) did not "conjure up the right imagery" for Hicks.^[8] The specific logo won selection because it makes an impression, while still not "shouting" with overdone artwork.

The Firefox icon functions as a trademark used to designate the official Mozilla build of the Firefox software. Although Firefox uses open source core software, free licensing does not extend to the artwork. For this reason, software distributors who distribute patched or modified versions of Firefox cannot use the Firefox icon.

Release history

New options window from Firefox 1.5

Firefox has developed considerably since its first release as Phoenix on September 23, 2002. Pre-1.0 releases suffered many issues with extensions, as the code for handling them changed from version to version.

Throughout its development, Firefox versions have had internal codenames. These have a basis in real locations, with codenames such as Three Kings, Royal Oak, One Tree Hill, Mission Bay, and Greenlane all referencing suburbs in Auckland, New Zealand, and the name Whangamata coming from a small seaside town on the Coromandel Peninsula, southeast of Auckland in New Zealand. Ben Goodger, the lead developer of Firefox, who grew up in Auckland, chose these codenames. The other codenames included in the Firefox roadmap derive from an actual roadmap of a journey through California to Phoenix, Arizona.^[9]

Several builds codenamed "Deer Park" were released in 2005. According to Goodger, "Deer Park is not Deer Park, Victoria, but just a symbolic name. I was riding LIRR a few weeks ago and saw the name go by and I thought it sounded nice." Therefore, this name probably references Deer Park, New York, a CDP on Long Island.

"Deer Park" was originally destined to become Firefox 1.1. However, Mozilla Foundation decided to change the version number of the next major release from "1.1" to "1.5", since it contained more new features than originally planned. In an attempt to dissuade end-users from downloading the preview versions, "Deer Park" versions do not use the standard Mozilla Firefox branding. On November 29, 2005, Firefox 1.5 was officially released. Some of the changes:

• An improved Software Update System that will ease distribution of important security patches and help keep users up-to-date.^[10]


• Partial support for SVG 1.1 Full Specification. This move makes Firefox the second major browser to support some form of SVG natively (Opera 8.0, released on April 19, 2005 supports most of the SVG 1.1 Tiny Specification). See Firefox 1.5's SVG status page, or to see SVG in action visit the SVG repository.


• Support for the non-standard HTML canvas element.


• A new, reorganized options dialog box for changing settings of the browser.


• A "Clear Private Data" action to allow a person to clear their privacy related information without manually clicking the "Clear All" button. Users will have the option of clearing all privacy-related settings simply by exiting the browser or by using a keyboard shortcut, depending on their settings.


• Gecko 1.8, an updated version of Firefox's rendering engine


• Firefox 1.5 also includes a backlog of bug fixes that were fixed between the 0.9 and the 1.0 release which were previously unavailable due to branching from the trunk around the 0.9 release.

Future development

According to the roadmap, future Firefox development will include version 2.0 and version 3.0. Development for version 2.0 will occur on the 1.8 branch from which version 1.5 was released, with release coming off of the yet-to-be-created 1.8.1 branch, while development on version 3.0 occurs simultaneously on the Mozilla trunk. Mozilla is developing versions 2.0 and 3.0 simultaneously in order to ship front-end innovation in version 2.0 built on a more stable back-end, while completing major architectural changes for version 3.0. ^[11]

Likely goals for Firefox include:^[12]

• New "Places" interface for Bookmark and History


• Tabbed Browsing improvements


• Specific options per site


• Extension system enhancements


• Find Toolbar, Software Update, Search enhancements


• Accessibility compliance


• Download resuming across browser sessions, detection of signed executables


• Improvements to the search service


• Anti-phishing features

Mozilla Firefox 1.5 and future releases of Camino will also include the Java Embedding plugin,^[13] which allow Mac OS X users to run Java applets with the latest 1.4 and 5.0 versions of Java (the default Java software shipped by Apple is not compatible with any browser, except its own Safari).

Features of Mozilla Firefox:Usability and accessibility Support for software standards

Usability and accessibility

Screenshot of performing "Find as you type". The user typed "ency" and the browser highlighted the first matched text found with green.

Developers put in a large amount of work towards simplifying Firefox's user interface. As a result, the interface appears less cluttered than that of many other internet suites. The design of Firefox's option panels leaves many of the infrequently used options found in the Mozilla Suite not visible in Firefox.

Firefox supports tabbed browsing, which allows users to open multiple web pages in the same browser window. This feature originated in the Mozilla Suite, which in turn had borrowed the feature from the popular MultiZilla extension for Mozilla. Firefox also belongs in the group of browsers which were first to adopt customizable pop-up blocking. It also supports various forms of keyboard navigation such as tabbing navigation and caret navigation (and in some builds, spatial navigation).

Firefox 1.5 (Windows version) is also the first browser to meet US federal government requirements that software be easily accessible to users with physical impairments.

The browser has a number of features which help users find information. First, Firefox has an incremental find feature known as "find as you type". With this feature enabled, a user can simply begin typing a word while viewing a web page, and Firefox automatically searches for it and highlights the first instance found. As the user types more of the word, Firefox refines its search. Also, if your search appears nowhere on the page, the "Find" box turns red.

Firefox also sports a built-in search toolbar with an extensible search engine listing. By default, Firefox allows users to search Google, Yahoo!, Amazon.com, Creative Commons, Dictionary.com, and eBay. Users may download more search plugins (including one for Wikipedia) from the Mycroft project or remove any unwanted ones.

Additionally, Firefox supports the "custom keyword" feature introduced by the Mozilla Suite. This feature allows users to access their bookmarks from the location bar using keywords (and an optional query parameter). For example, using a custom keyword, a user can type "google apple" into the address bar and be redirected to the results of a Google search for "apple". Custom keywords are provided "out of the box" for Google Search, Google Stock Search, Dictionary.com, Urban Dictionary and Wikipedia. When a user enters a keyword into the address bar that is not recognized by Firefox (for example, simply typing "apple"), it automatically redirects the user to the first result yielded by a Google search for the word (or words).

Customizability

Mozilla Firefox's Software Install confirmation dialog

The design of Firefox aims at high extensibility. Through extensions (installed via XPInstall modules), users may activate new features, such as mouse gestures, advertisement blocking, proxy server switching, and debugging tools. Wikipedia editors using Firefox v0.8-1.0.7 can even download a customised toolbar. Many features formerly part of the Mozilla Suite, such as the ChatZilla IRC client and a calendar, have become Firefox extensions.

One can view the extension system as a ground for experimentation, where one can test new functionalities. Occasionally, an extension becomes part of the official product (for example tabbed browsing, a feature which proved popular through the MultiZilla extension, eventually became part of standard Mozilla).

Firefox with the popular Noia eXtreme theme

Firefox also supports a variety of themes/skins, which change its appearance. Themes consist of packages of CSS and image files. The Mozilla Update web site offers many themes for downloading. Beyond adding a new theme, users can customize Firefox's interface by moving and manipulating its various buttons, fields, and menus, and likewise by adding and deleting entire toolbars.

A Firefox installation can keep all extensions and themes available on the Mozilla Update site up-to-date through Firefox's interface, which periodically checks for updates to installed themes and extensions.

Additionally, Firefox stores many hidden preferences that users can access by typing about:config in the address bar. This mechanism enables features such as single-window mode and error pages, or speeding up page rendering by various tweaks. Experimental features like HTTP pipelining often lurk hidden in the about:config menu.

Support for software standards

The Mozilla Foundation takes pride in Firefox's compliance with existing standards, especially W3C web standards. Firefox has extensive support for most basic standards including HTML, XML, XHTML, CSS, ECMAScript (JavaScript), DOM, MathML, DTD, XSL and XPath.

Firefox also supports PNG images and variable transparency as opposed to Internet Explorer, which will not support it fully until the not-yet-released version 7.^[14] Indeed, Internet Explorer's lack of support for PNG images has occasioned much debate, as many web developers want to move away from the old GIF format, which does not have the same capabilities and image quality as PNG.

Mozilla contributors constantly improve Firefox's support for existing standards. Firefox has already implemented most of CSS Level 2 and some of the not-yet-completed CSS Level 3 standard. Also, work continues on implementing standards currently missing such as APNG and XForms and improving support for SVG. Some of the Mozilla standards like XBL are also making their way to open standards (via WHATWG).

Cross-platform support

Firefox, running under the GNU/Linux operating system

Mozilla Firefox runs on a wide variety of platforms. Releases available on the primary distribution site support the following operating systems^[15]:

• Various versions of Microsoft Windows, including 98, 98SE, Me, NT 4.0, 2000, XP, and Server 2003. A version for USB Smart Drives exists (see "Portable Firefox" below).


• Mac OS X. At the 2005 WWDC, Apple programmers created a Firefox version for Mac OS X on the Intel platform, which worked well.


• Linux-based operating systems using X.Org Server or XFree86. Many Linux distributions come with Mozilla Firefox already installed.

Firefox does not officially support Windows 95, but reportedly functions properly after the application of a few tweaks.^[16]

Since the Mozilla Foundation makes the Firefox source code available, users can also compile and run Firefox on a variety of other architectures and operating systems. Operating systems not officially supported by the Mozilla developers, but known to run the browser include:

• Solaris (x86 and SPARC)


• OS/2 and its successor, eComStation


• AIX^[17]


• FreeBSD^[18]


• PC-BSD


• NetBSD


• OpenBSD


• BeOS


• SkyOS


• RISC OS (ARM)^[19]

Builds for Windows XP Professional x64 Edition also exist.

Firefox uses the same format to store users' profiles (which contain their personal browser settings) even on different operating systems. Therefore, a profile may be used on multiple platforms, so long as all of the platforms can access the profile (e.g., the profile is stored on a FAT32 partition accessible from both Windows and GNU/Linux). This functionality is useful for users who dual-boot their machines. However, it may occasionally cause problems, especially with extensions.

Web development tools Security Criticisms of firefox

ationalization and localization

Contributors throughout the world have collaborated in translating the Firefox browser into many frequently used languages/locales, including some of the least often supported locales, such as Chichewa, but excluding Latvian, Malay, Arabic, Thai, Vietnamese, Hindi and Persian. Because of the use of DTD and property files for storing the string literals displayed to users, even users without a programming background can easily complete part of the internationalization and localization process, requiring only a simple text editor.

Web development tools

DOM Inspector inspecting Wikipedia's main page

Like the Mozilla Suite, Firefox comes with two web-development tools: a DOM Inspector and a JavaScript Console. Firefox aficionados claim that no other browser includes the DOM Inspector, and that Firefox's JavaScript Console surpasses the consoles available in other browsers. While not installed by default, the tools become available via a "custom" install.

Firefox supports a number of extensions that assist in web development, including the powerful Venkman JavaScript debugger.

Other features

Powered by RSS or Atom feeds, "Live Bookmarks", another feature of Firefox, allow users to dynamically monitor changes to their favorite news sources. When this feature was first introduced in version 1.0 PR, some users worried that Firefox was beginning to include non-essential features, and succumb to bloat, much like the Mozilla Suite. However, use of web feeds (RSS/Atom) has grown tremendously recently, making RSS-support an essential feature for a growing number of people.

Firefox also includes a customizable download manager. Users can configure the browser to either open downloaded files automatically or save them directly to the disk. By default, Firefox downloads all files to a user's desktop on Windows and Mac OS X or to the user's home directory on GNU/Linux, but users can easily configure it to prompt for a specific download location.

Security

Some of Firefox's key security features include the use of the sandbox security model^[20], same origin policy and external protocol whitelisting ^[21].

Open source advocates argue that an important characteristic of Firefox security lies in the fact that anyone can see its source code and that it therefore must rely upon sound security mechanisms rather than security through obscurity. At least one person besides the coder reviews proposed software changes, and typically yet another person carries out a "super-review". Once placed in the software, changes become visible for anyone else to consider, protest against, or improve.^[22]

In addition, the Mozilla Foundation operates a "bug bounty" scheme: people who report a valid critical security bug receive a US$500 cash reward (for each report) and a Mozilla T-shirt.^[23] According to the Mozilla Foundation, this "bug bounty" system aims to "encourage more people to find and report security bugs in our products, so that we can make our products even more secure than they already are."^[24] Also, all users can have access to the source code of Mozilla Firefox, to the internal design documentation, to forum discussions, and to other materials that can help in finding bugs.

The Mozilla Foundation has implemented a policy on security bugs in order to help contributors to deal with security vulnerabilities.^[25] The policy restricts access to a security-related bug report to members of the security team until after Mozilla has shipped a fix for the problem. This approach aims to minimize the exploitation of publicly known vulnerabilities and to give the developers time to issue a patch. While similar to other "responsible disclosure" policies operated by software vendors such as Microsoft, this policy falls short of the full disclosure principle favored by some security researchers.

As of December 2005, Secunia has reported 3 unpatched vulnerabilities in Firefox 1.x (with the most serious one marked "less critical"), versus 21 for Internet Explorer (with the most serious one marked "highly critical"). Another security source, SecurityFocus, reports none known vulnerability in Firefox 1.5, versus 65 unpatched vulnerabilities in Internet Explorer 6 on Microsoft Windows XP SP2. No publicly known attacks since its launch have been discovered.

Criticisms

Firefox has at times attracted criticism for lacking features found in some other browsers. Many users observe that the developers have not implemented frequently requested features. (The developers state in response that they intend for Firefox to be a fairly minimal browser in order to reduce software bloat and bugs, while retaining a high degree of extensibility.) Most of these features, and many others, exist as installable Firefox extensions, or third-party software. However, not all users wish to install extensions for the features they want, preferring to see them included in the official software package. This difference of opinion was one of the motivating factors behind the development of the Flock browser, which is a Firefox fork.

Some note that Firefox takes longer to launch than other browsers such as Internet Explorer or Opera. The non-platform-native XUL implementation of the user interface may be the cause of this perceived delay. Other Gecko-based browsers such as K-Meleon, which use platform-native user interface implementations, generally run faster than Firefox. IE also launches faster than Firefox as some of its components are loaded on Windows startup. Another mentioned criticism is that a small percentage of users complain of Firefox using much more memory than other browsers. This has been reported as memory leaks ^[26]; Mozilla developers claim it is sometimes at least partially an effect of blazing fast backwards and forwards (FastBack) feature. ^[27] Another known frequent cause of memory leaks is misbehaving extensions, most notably Adblock.

Users switching from Internet Explorer sometimes find that certain websites do not render as expected in Firefox. This is rarely a Firefox-specific problem, and is usually the fault of the respective websites using code that does not adhere to W3C standards—such as code specific to Internet Explorer's quirks—or utilizing ActiveX controls or VBScript scripts, which are electively not supported in Firefox for security reasons.

Spread Firefox campaigns and Organization adoption

Spread Firefox campaigns

The rapid adoption of Firefox apparently accelerated in part due to a series of aggressive community-marketing campaigns since 2004. For example, Blake Ross and Asa Dotzler organized a series of events dubbed "marketing week".

On September 14, 2004, a community-marketing portal dubbed "Spread Firefox" (SFX) debuted along with the Firefox Preview Release, creating a centralized space for the discussion of various marketing techniques. The portal enhanced the "Get Firefox" button program, giving users "referrer points" as an incentive. The site lists the top 250 referrers. From time to time, the SFX team or SFX members launch marketing events organized at the Spread Firefox website.

Organization adoption

During the FOSDEM 2005 conference, Tristan Nitot, the president of Mozilla Europe, said that he knew "a few companies" that had deployed the Firefox browser or the Thunderbird mail client across a million seats. Those companies remained reluctant to publicize the migration, due to in-house concerns that this might damage their relationship with Microsoft.^[28]

According to a CNET article published on May 12, 2005, about 30,000 of IBM's staff (about 10% of the total) already use Firefox. IBM encourages its employees to use Firefox as the company's standard web browser, with support from the company's help desk staff.

The Networking Services and Information Technology department of the University of Chicago started to include both Firefox and Thunderbird in its connectivity package for all incoming students on the third quarter of 2005.^[29]

In December 2005, it was announced that Dell UK were to start shipping the Firefox browser pre-installed on their PCs. ^[30]

Industry adoption

Since the pre-1.0 stages, a number of well-known websites and web applications, including Gmail, have supported (and in some cases, required) the use of Firefox. Since March 30, 2005, the Google search engine has utilized the link prefetching feature of Firefox for faster searching. (Link prefetching involves a standards-compliant optimization technique that utilizes the browser's idle time to download or prefetch documents that the user might visit in the near future.) Google, Inc. also recommends Firefox as the browser for its Blogger.com weblog service.^[31] On May 18, 2005, eBay announced support for Firefox for its eBay Picture Manager.^[32]

Search engine companies including Google, Yahoo! and A9.com now also offer Firefox extensions for accessing their services, in addition to their original Internet-Explorer add-ons. Google released two new Google Extensions for Firefox on December 14, 2005, further affirming the company's interest in Firefox.

A number of commercialized versions of the Firefox browser have developed outside the not-for-profit Mozilla Foundation. The current version of Netscape, known as Netscape Browser or Netscape 8, combines the functionalities of Firefox and Internet Explorer. And a start-up, Flock (formerly Round Two, MozSource and more formerly E-Flo), plans to build enhancements for Firefox.^[33] Firefox is also used by the 3B browser, which browses the web as a 3D city of web sites or a 3D store.

Portable Firefox

Portable Firefox is a repackaged version of Firefox designed to run from a USB flash drive, iPod, external hard drive or any other portable media. It arose out of a mozillaZine thread in June of 2004. John T. Haller released the first packaged version and then led development from there. It includes a specialized launcher that adjusts extensions and themes to work as they are moved from computer to computer. It also uses compression (courtesy of UPX and 7-Zip) to reduce the overall footprint and increase speed.

Haller has also started development work on Portable Firefox Live, which aims to run on CD-R or other read-only media. A number of applications are already using Portable Firefox Live to deliver a browser and HTML-based content from CD.

Opinions and responses

Despite Firefox's apparent gains on Internet Explorer, Microsoft head of Australian operations, Steve Vamos, stated that he did not see Firefox as a threat and that there was not significant demand for the featureset of Firefox amongst Microsoft's users. Vamos stated that he himself never used it personally.^[34] Even Microsoft Chairman Bill Gates has used Firefox, but he has commented that "so much software gets downloaded all the time, but do people actually use it?"^[35]

However, according to a Microsoft SEC Filing on June 30, 2005, it acknowledged that browsers such as Mozilla are competitive threats to Internet Explorer: "Competitors such as Mozilla offer software that competes with the Internet Explorer Web browsing capabilities of our Windows operating system products."^[36]