[GoLUG] If firefox really cared about security

Ron ron at bclug.ca
Wed Aug 27 04:44:15 EDT 2025 

kc-golug at chadwicks.me.uk wrote on 2025-08-20 01:18:

> If firefox really cared about security

When Mozilla changed the way add-ons work for better security, half
their users set their hair on fire, whined incessantly, and threatened
to leave for ... Chromium? A less secure fork of Firefox maybe?

Per a Firefox developer's blog:

https://yoric.github.io/post/why-did-mozilla-remove-xul-addons/

> One of the topics that came back a few times was the removal of
> XUL- based add-ons during the move to Firefox Quantum. I was very 
> surprised to see that, years after it happened, some community 
> members still felt hurt by this choice.
> 
> I realized that we still haven’t taken the time to explain in-depth 
> why we had no choice but to remove XUL-based add-ons.

So, they made a change to enhance security and speed and got pilloried
for it. People were still mad years later.


> they would make a secure version perhaps called tortoise with a
> slower js engine

As said elsewhere, users won't stand for that. From the link above:

> while Chrome was initially slower than Firefox on pretty much all
> benchmarks, it relied on numerous design tricks that made it feel
> faster – and users loved that.

Yeah, Chrome used more memory, performed worse on benchmarks, but was 
highly multi-threaded so *felt* fast.  And the rest is history - they 
took over.


> ... in Ada SPARK or more likely Rust because
> they're clueless

I don't know why they didn't choose Ada.

Maybe Ada was lacking features needed for a browser and they didn't want 
to have their merge requests at the mercy of upstream.

But with Rust, being new and with some solid design principles - written 
by someone who works on browsers for a living, and being in on the 
ground floor, maybe they thought they could shape it to their needs?



It's kinda funny to see a bunch of browser developers called clueless 
though. I guess when the peanut gallery knows nothing, everything looks 
simple.


 From the link above:

 > Note: Having read in comments that some users apparently do not care
 > about security, let me add that being secure is a really, really
 > important point for Mozilla and has been since the first day.
 >
 > Firefox developers fight this threat daily by all sorts of means,
 > including code reviews, defensive programming, crash scene
 > investigations, several types of sandboxing, static analysis,
 > memory-safe languages, … Consequently, for Mozilla, if a feature
 > prevents us from achieving great security, we always pick security
 > over features.

More information about the GoLUG mailing list