Saturday, November 18, 2017

Firefox's Quantum stumble

Firefox Quantum was released this week to some excellent and some scathing reviews. The difference between them has to do with whether a user had addons that were broken. Addons that were not built using the new method, ceased to exist, and users who relied on them were furious. Several of the ones I used went away with the new implementation. I understand why Firefox made these changes. The old method of creating addons was inherently insecure. In addition, the new rendering engine (the software that changes the code from a web page into the pixels and actions on your screen) is significantly faster. Also, if one web page fails, the entire browser should not crash as it used to do. All of this is good.

What bothers me is the way Firefox rolled this entirely new browser out. First, this shouldn't be "Firefox 57.0", it should be "Firefox Quantum 1.0". That may seem a trivial distinction, but it is a warning to the user that they have an entirely new experience ahead of them. For many, this might have spurred them to do a bit more research on what this new browser was and what the update entailed and they might have decided to wait. Personally, I almost never use 1.0 software. I wait until the bugs have been worked out in versions 1.5 or later. The rollout as a simple version update was deceptive. Second, just as my instinct says about 1.0 software, it's not ready for prime time yet. Most of it works, but the cursor control was jerky, the browser hung and it wouldn't close. The latter problems I experienced in both the Windows and Linux versions of the browser. This is Beta software. Just because an arbitrary date was about to arrive didn't justify releasing buggy software. If Firefox wants to lose the small user base it still has, just release a few more buggy versions. I went back to their Extended Service Release software to keep a working version of Firefox on my computer.

Worst of all, the demise of Firefox could create an enormous security problem for the internet. This requires a bit of explanation. I previously mentioned the term "rendering engine". In the distant past, every browser had its own, unique rendering engine and web pages looked different on each. Over time, as HTML, CSS, XML, Javascript and other protocols for web pages became more complex, the number of browsers dropped and some browsers began using the rendering engines of others. When Google turned over its Blink rendering engine to an open source project, it rapidly became the rendering engine of choice for all browser makers. So if you're browsing the web using Chrome, Iron, Safari, Opera (one of the last to give up on its own rendering engine) or any of dozens of others, your browser is using the same rendering engine. Possibly a different version, but generally the same underlying software. Currently, I know of only three rendering engines: Blink, the Firefox engine and the one used for Edge (although some may still use the now defunct Trident engine from Internet Explorer). With the majority of browsers using the same rendering engine, any vulnerability in it could impact the entire web, and without an alternative browser to fall back on, the web could be rendered nearly useless. It is essential to have alternative browsers and not ones with security flaws like Internet Explorer had. For anyone running Windows 7 or earlier, Firefox is the only safe alternative. If it goes belly up, where do we turn? Firefox has done a distinct disservice to the world by foisting this brand new product on us while it's still in Beta form. I'm disappointed and disturbed about this development.

No comments:

Post a Comment