weamish wrote:Another response from my friend the FF user (much of this stuff is technically way beyond my pay grade, hope it adds something to the discussion) -
I will address your friend from more of an analytical side, rather then the appeal to authority. (E.g. because Google did, etc.)
weamish wrote:Signing and sandboxing is pretty much de facto for all web and mobile apps, and now all browser plugins for both Chrome and Mozilla, but the PM author seems confident that PM has achieved security without implementing those. I don't know enough about his implementation to judge one way or another.
1. As far as I know signing is only a Firefox thing. (You can add unsigned extensions to Chrome last time I checked.)
weamish wrote:Since Chrome and Firefox are both implementing tab isolation and sandboxing, and neither has the problems he describes, I think it is safe to assume that their respective engineers wouldn't move forward with those solutions if they were fundamentally broken and didn't offer significant advantages to those browsers. These changes have been a lot of work to implement, and I don't see why they would have dedicated the resources to reworking the core of their browsers if they didn't feel it to be well worth the investment. Why would the entire rest of the industry be moving in a direction that didn't offer any advantages AND made things worse - something doesn't sit right with that idea.
2. The usage of sandboxing for security is partially amusing. The sandbox is only as safe as it is, and does not provide fool proof safety. Circumventions to sandboxing software is common, for instance look at Java, it runs in a native sandbox however exploits are found early early release that lets code be elevated out of the sandbox. The same idea applies to the sandbox of Chrome, humans are not machines inevitably we will err, so learn good browsing skill habits. I would argue it offers significance to the fad culture of security, sandboxing has too few advantages to beat the negatives. (Not saying sandboxing is a failed idea, with proper implementation it can be great (for certain programs), but the limitations it would impose are not worth it, as security can be achieved in different routes.)
weamish wrote:All I know is that since those changes in both browsers, I can load as many tabs as I want without issue, a problematic tab doesn't slow or crash any of the other tabs, and resource usage has gone way down because tabs can be loaded and unloaded from memory so inactive tabs are unloaded until needed. I've personally found it to be a game changer for me.
3. If a single tab crashes in Firefox, all tabs crash. The implementation compared to Chrome is different. The thing you also need to understand is unloading tabs is painful to the work flow on slower machines, and you unload a tab from memory you are generally writing it to disk, the disk is substantially read slower than RAM. (You are also unloading more often because less resources are available.)
weamish wrote:Also, the new plugin frameworks/api's that both Chrome and Firefox now use, keep the plugins from accessing data that they shouldn't Their access permissions can be granular and revoked, and they cannot access each other. Finally, you can say this plugin can access my bookmarks or not, my browser history or not, my saved passwords or not.
4. You mean the new extension API that Firefox will implement, and has not yet? As far as I know there is no way to turn of certain permissions of an extension in Chrome either. All it does is notify the used permissions of an extension. (This would actually be neat to implement. XUL/XPCOM needs more development nurturing.)
weamish wrote:I personally am on board with the huge changes that the two major browsers are making under the hood, and think they are long overdue and offer significant benefits, but I respect other users' rights to choose alternative ideas/solutions.
5. Freedom exist, choose what you want. I think there is more harm being done for one major browser, that being Firefox. Nothing major has been going on for Chromium.