
uBlock Origin Maintainer on Chrome vs. Firefox WebExtensions - nachtigall
https://discourse.mozilla.org/t/support-ublock-origin/6746/451
======
bad_user
After being a Chrome user for several years, I've switched back to Firefox for
the past two years or so and I'm really, really happy with it.

Latest version does multi-processing, e10s is finally here (though it might
still get disabled by usage of certain add-ons, I remember I had to force it
to stay enabled).

On performance, in the past it felt sluggish, but now Firefox is fast and for
my usage patterns it uses less memory than Chrome.

And one thing I really love is the Awesome Bar, which is a pain point every
single time I open Chrome. I have a lot of websites I need to return to and in
Chrome I end up searching on Google far more than I should. I guess that's the
biggest difference between Firefox and Chrome, as Mozilla does not feel
obligated to shareholders to extract ads clicks from you (although I hope that
whatever they do keeps them afloat).

Also, tab management. I installed "Tab Center" from the Test Pilot and it's
awesome. The experiment is now over unfortunately and the code itself for Tab
Center isn't compatible with WebExtensions, but there's work going on to port
it and that highlights that Firefox's WebExtensions will be more flexible than
Chrome, if they aren't already.

But in the end I actually care more about trusting my browser and its maker to
protect my interests. I actually trust Google more than I trust other
companies, but something feels very wrong for a company to have so much
leverage on me. Which is why, as long as I have a choice, I'll always prefer
Firefox over Chrome, or Safari, or Edge.

~~~
exDM69
To me, the best feature of Firefox compared to Chromium (both out of the box,
no extensions. not sure if there are extensions that could help) is the
address bar. Firefox does a fuzzy search into your browsing history and if you
visit the same sites often, the suggestions are quite good.

Contrast this with Chrome, where the idea behind address bar user experience
seems to be maximizing the number of Google searches done.

But the one that really keeps me on Firefox is Vimperator. It's the best
keyboard oriented browser UI in mainstream browsers. The extensions available
for Chrome are nowhere near as good (last time I tried).

The worst part of Firefox is the terribly long startup time. It can take up to
10 seconds after a reboot and takes quite a long time even with warm caches.
Chromium startup is near instantaneous.

~~~
vanderZwan
> The worst part of Firefox is the terribly long startup time. It can take up
> to 10 seconds after a reboot and takes quite a long time even with warm
> caches.

If you're the type with a lot of tabs open, that should improve a lot in the
next few releases.

[https://metafluff.com/2017/07/21/i-am-a-tab-
hoarder/index.ht...](https://metafluff.com/2017/07/21/i-am-a-tab-
hoarder/index.html)

~~~
exDM69
> If you're the type with a lot of tabs open

I'm not and I don't store/restore tabs on close, so that's not the case here.
It's just Firefox + Vimperator + uBlock origin with about:blank as home page.

I'm on Linux/X11 if that matters.

~~~
bovine3dom
This is probably a good place to plug the fact that Vimperator is going to die
with FF57 [1].

If anyone wants to help with making an alternative, look through that thread.
I'm particularly invested in Tridactyl [2] but other people are working on
others.

[1] [https://github.com/vimperator/vimperator-
labs/issues/705](https://github.com/vimperator/vimperator-labs/issues/705)

[2]
[https://github.com/cmcaine/tridactyl](https://github.com/cmcaine/tridactyl)

~~~
StevePerkins
I've been using VimFX all along, which is actively maintained and already
compatible with multiprocess.

It's a web browser, not an _actual_ text editor. 99% of the time, you're just
wanting familiar keyboard commands for navigation. It feels like Vimperator
does so many impractical things almost tongue-in-cheek, just to show how cool
it is that they're theoretically possible.

~~~
ronjouch
VimFx is _not_ compatible with multiprocess, it will stop working soon.

See
[https://github.com/akhodakivskiy/VimFx/issues/860](https://github.com/akhodakivskiy/VimFx/issues/860)
:

    
    
        - You can use the current VimFx for the rest of 2017.
        - Then, Vimium is your best bet: philc/vimium#2425
        - VimFx is free software, so if somebody feels like converting it to a WebExtension they're totally free to do so! (But you're probably going to spend your time more wisely on Vimium.)
        - I hope to create a new add-on with the best parts from VimFx some day.
        - Firefox will become a better browser! It’s sad but worth the sacrifice.
    

Vimium-FF does works right now: [https://addons.mozilla.org/en-
US/firefox/addon/vimium-ff/](https://addons.mozilla.org/en-
US/firefox/addon/vimium-ff/)

~~~
nemetroid
VimFx _is_ perfectly compatible with multiprocess, as stated in the issue you
linked:

[https://github.com/akhodakivskiy/VimFx/issues/860#issuecomme...](https://github.com/akhodakivskiy/VimFx/issues/860#issuecomment-308726645)

The issue is that VimFx is not feasible to convert into a WebExtension.

------
AdmiralAsshat
> It baffles me that some people thinks Firefox is becoming a “Chrome clone”,
> it’s just not the case, it’s just plain silly to make such statement.

That's probably the single most reassuring statement about Firefox that I've
heard in some time, coming from a serious dev who makes a popular cross-
platform addon for both Firefox and Chrome.

~~~
NewEntryHN
I think as an extension developer he is particularly sensitive to the tech
behind Firefox, which makes him understand some of Mozilla's decisions. For
example, the move from legacy add-ons to WebExtensions is surely one less
maintenance burden for Mozilla.

As a user who doesn't think about such issues, it terribly looks like it's
becoming a Chrome clone. I think it's Mozilla's responsibility to have a
clearer communication if that's not the case.

~~~
Paul-ish
Also, the move to WebExtensions is a move to a more secure extension model.
Traditional XUL extensions were comparable to the extension developer
compiling their own code into the browser. Yikes.

WebExtensions should be better sandboxed and have better permissions
management.

You can't get those security benefits if you allow older XUL extensions to
stick around. You have to sunset XUL extension at some point.

~~~
Karunamon
To be perfectly honest I'm not at all interested in "better permissions" for
plugins when it comes with the removal of flexibility that you get for free.
If I've got plugin-installing malware on my system, I've got worse problems
than a rogue plugin.

Give me more useful over more secure any day of the week.

~~~
smkdtr
As someone worried about security; I hope that is not the majority opinion.

~~~
Silhouette
It's not entirely unreasonable. We use software because it's useful. If you
make it so secure that it is no longer useful, what have you got left?

In the case of Firefox extensions, I'm aware of the risks of the old model,
but the fact is that the only observable difference it has made to me so far
is that when I accidentally hit back on a page with an unsubmitted form the
other day I lost about 20 minutes' worth of work, because the extension I used
to use that would have saved everything automatically no longer works. This is
not progress.

~~~
pcwalton
The idea that the XUL extension model is necessary for a browser to be useful
is obviously false. The majority of Web users use browsers that do not have a
XUL extension model.

(And, of course, I don't believe your desired functionality is incompatible
with Web Extensions anyhow.)

~~~
Silhouette
With respect, that doesn't really matter.

I used to have a useful feature that worked.

Now I don't.

That was the practical result of the change we're talking about for this user,
regardless of any theoretical benefits elsewhere or any theoretical ability to
provide equivalent functionality within the new architecture.

Other people are welcome to use other browsers, but I was using Firefox, and a
big reason I was still using Firefox despite various other changes I didn't
particularly want was the range of useful extensions I could choose from.

~~~
jabl
> I used to have a useful feature that worked.

> Now I don't.

Well, imagine for a moment that you're whoever is in charge of firefox
development at mozilla:

\- You want to take advantage of modern hardware such as multiple cores, GPU's
etc.

\- You want to get rid of XUL which is an evolutionary dead end.

\- You have an existing extension model which basically allows extensions to
more or less freely poke about in the internals of the browser

\- You want to improve security for users, both against malicious sites and
(to a lesser extent, I suppose, but still) malicious browser extensions.

Now, what would YOU do if the constraint is that you can never ever break
existing extensions?

~~~
michaelmrose
I guess you would lose some of your remaining market share to chrome and
wonder how much smaller your revenue is going to be when the yahoo deal
expires?

~~~
littlestymaar
> I guess you would lose some of your remaining market share to chrome

So, you're saying that:

\- some people kept using Firefox because it had more powerful extensions than
Google Chrome.

\- these people are upset because mozilla is breaking the old extensions in
favor of a less powerful alternative (still better than Chrome's, that the
main point of the OP)

\- then people are going to move to Google Chrome which still is the worst
browser for extensions

Who reasons this way ? There are legitimate reasons for being upset (my
favorite addon disapeared and that makes me sad / I need to rewrite all my
addons, depending if you're a user or an addon dev), but I don't think anyone
will shoot himself in the foot and use a worse (addon-wise at least)
alternative just because mozilla's people are mean !

~~~
michaelmrose
Most users aren't developers they aren't judging the relative power of
extension systems they just are liable to notice useful extensions going away.

Firefox on Linux seems to me to be slower and crappier save for interesting
extensions.

Enough so that I've just decided to ditch Firefox even before interesting
extensions go south.

------
yborg
I found this disturbing:

"Chromium-based browsers are being “infested” by Instart Logic tech which
works around blockers and worst, around browser privacy settings (they may
start “infecting” Firefox eventually, but that is not happening now)."

From his linked post:

"Instart Logic will detect when the developer console opens, and cleanup
everything then to hide what it does"

Is this implemented via a CDN-delivered script? Why would Chromium-based
browsers be more susceptible?

~~~
ehaughee
This actually made me try switching to Firefox again. There's some minor
things missing, but for the most part all the features I want are there.

~~~
abandonliberty
Firefox is maybe 80% of the way there. Just like in the IE Anitrust days,
firefox suffers from sites that do not design with it in mind.

Still better than Google Creep. Change to a search engine that protects
privacy too.

~~~
timlyo
Can you recommend a search engine? I'm trying DuckDuckGo, but it's just not as
good.

~~~
JoshTriplett
> I'm trying DuckDuckGo, but it's just not as good.

It took me a while of using DDG before I realized how much I had equated
"good" with "looks like Google".

What finally hit me, hard, was that I switched the DDG theme to a color scheme
designed to look like Google search results, and all of a sudden the results
"felt better". _Markedly_ better.

So, I started regularly comparing results, every time I found something that I
felt I didn't get the results I expected for. I would search, and then search
again with !g. And almost every time I ran into something that I didn't like
the DDG results for, the Google results weren't actually any better. (The rare
times they were, I reported that, and often it got fixed.)

~~~
weaksauce
!sp will give you the google results without the google tracking as it's a
proxy of google results.

~~~
newscracker
I use "!s" in DDG to get to Startpage [1] search results. One letter shorter
to access the same - no need to type "!sp" when one can just type "!s"
instead. :)

This does not work for replacing "!spi" (image search on Startpage) though.
Using "!si" does a search on a non-existent subdomain
sportsillustrated.cnn.com.

[1]: [https://www.startpage.com](https://www.startpage.com)

------
nachtigall
To add to the list:

* You can run the uBlock Origin on Firefox for Android: [https://addons.mozilla.org/EN-US/android/addon/ublock-origin...](https://addons.mozilla.org/EN-US/android/addon/ublock-origin/)

Afaik there's no ad-blocking extension for Chrome for Android which I find
pretty telling. I'm using Firefox on Android and the ad-blocking (less
traffic, less blink-blink animations and less CPU consumption) make mobile
browsing a night-day difference

~~~
majani
There's no extensions on Android Chrome, and the reason is simple: if they
enable extensions, people will mostly install ad blockers and that's bad for
business at Google

~~~
kingnothing
Google is in the process of allowing some adblocking in Android Chrome.

[https://arstechnica.com/gadgets/2017/04/report-google-
will-a...](https://arstechnica.com/gadgets/2017/04/report-google-will-add-an-
ad-blocker-to-all-versions-of-chrome-web-browser/)

------
penpapersw
Huh. These actually sound like good arguments to switch to Firefox, arguments
I've never heard before until now.

~~~
INTPenis
One thing I learned several years ago when I decided to jump on the bandwagon
and try Chrome was that Chrome was unable to safely block javascript the way
NoScript does because the plugin framework doesn't allow a plugin to block
Javascript before it's loaded.

So all the noscript equivalent for Chrome could offer was to block Javascript
after it had loaded. Which seemed unreal and pointless.

So I stayed on Firefox. Because I've been convinced for many years now that
Javascript plays a major role in malware delivery through the browser.

And along with email the browser is the major delivery platform for malware.

~~~
transposed
I found uMatrix to be an adequate substitute once figured out
([http://adamantine.me/index.php/2015/11/18/umatrix-
desperatel...](http://adamantine.me/index.php/2015/11/18/umatrix-desperately-
needed-guide/))

~~~
forapurpose
It's important to know that NoScript does far more than block JavaScript; just
look up its ABE component, for example.

For technical users, uMatrix' interface is an amazing achievement in,
effectively, managing application firewall rules. It's breathtakingly
efficient in both communicating active settings to the user and in configuring
new rules. I wish my actual firewalls used that interface.

------
Hasknewbie
Slightly OT: is that what a 'Discourse' page looks like? It's pretty awful: it
will automatically update the URL as you scroll past each post in any
direction, while breaking the Back button, so good luck getting back to the
original post, since neither clicking on Back nor reloading the page will get
you there. Basic UX failure.

~~~
eridius
What browser are you using? Because when I scroll on that page and the URL
changes, it doesn't affect my Back stack (this is in Safari).

~~~
Hasknewbie
Using Firefox for Android.

I can't not notice the irony that this is happening with FF on the mozilla.org
Web site.

------
wyc
Keep in mind that it's not within Google's incentives to facilitate ad-
blocking and prevention of tracking. After all, that's where the lion's share
of their revenue comes from. However, Mozilla is free to actively support such
efforts.

~~~
fabrice_d
If that was that clear cut, they would ship tracking protection enabled by
default, not just in Private Browsing mode.

The default configuration of Safari is actually protecting you better than
Firefox's and most users don't have an ad blocker installed.

~~~
wyc
Good point. Mozilla made most of their money from Google, and other
advertisers, iirc. "More free" might've been prudent.

You make a good observation about Safari too. Apple doesn't make much money
from advertising--they still sell hardware. They can provide privacy to users
at little expense to their core business.

~~~
482794793792894
> Mozilla made most of their money from Google, and other advertisers, iirc.

The much bigger problem is webpage owners which lose almost all incentive to
support Firefox, if it blocks their ads. You'd have broken webpages all over
the place.

------
albertgoeswoof
Firefox is coming back, finally- I think their market share is at the bottom
and we'll see a big uptake over the next couple of years.

~~~
alt2501
Here's hoping! We need a privacy oriented browser that's kickass for dev work
as well.

------
kasabali
uBlock Origin on Firefox would be more powerful than uBlock Origin on Chrome,
but does it mean that uBlock Origin webextension on Firefox will be as
powerful as uBlock Origin "legacy" Firefox extension ?

This is a post of gorhill from the last months Firefox - Google Analytics
fiasco:

> Legacy uBlock Origin can block the network request to GA.

> However webext-hybrid uBO as per Network pane in dev tools does not block
> it. Same for pure webext Ghostery, the network request to GA was not
> blocked, again as per Network pane in dev tools.

> What is concerning is that both uBO webext-hybrid and Ghostery report the
> network request to GA as being blocked, while it is really not as per
> Network pane in dev tools. It's as if the order to block/redirect the
> network request was silently ignored by the webRequest API, and this causes
> webext-based blockers to incorrectly and misleadingly report to users what
> is really happening internally, GA was not really blocked on about:addons,
> but there is no way for the webext blockers to know this and report properly
> to users.

[https://github.com/mozilla/addons-
frontend/issues/2785#issue...](https://github.com/mozilla/addons-
frontend/issues/2785#issuecomment-314807534)

~~~
agrahul
The issue you linked is specific to the `about:` pseudo-protocol. uBO's
WebExtensions version works as intended on the web.

~~~
kasabali
I know that, thanks. I posted it as a real life example of where webextensions
are still not as powerful as the so called legacy extensions and wonder if
that specific case still applies, is it fixed, planning to be fixed, or are
there other specific examples where webextensions fall short.

~~~
agrahul
Yeah, that specific case wasn't fixed; it appears that Mozilla doesn't intend
to let addons run on `about:`. However, they did make `about:` respect DNT by
disabling GA.

WebExtensions currently fall short when it comes to any addon that modifies
the UI significantly (tree-style tabs etc), though it's been mentioned in some
other comments here that they're talking to addon devs to extend the API where
possible.

~~~
snakeanus
> However, they did make `about:` respect DNT by disabling GA.

The irony is that since most people have DNT disabled having it enabled would
make it easier for you to be tracked.

> it appears that Mozilla doesn't intend to let addons run on `about:`.

Why is that?

------
jancsika
Couldn't the devtools listener shenanigans be solved merely by putting a
"pause" button in the browser chrome (possibly through an extension)? Browsers
are already throttling CPU usage when the tab isn't visible, so it doesn't
seem like it would be too difficult to just throttle to 0 with a toggle.

Even better-- have the pause button _in_ devtools window, "pause" by default
when you open devtools, and then unpause once something gets mutated/re-
layout'd.

I guess you'd still need to protect the devtools shortcut key so that any DOM
shenanigans are guaranteed to get invoked _after_ the devtools listener. But
browsers already have all kinds of crazy edge-cases in the name of security
(e.g., no manual triggering of <select> menu). Keeping polymorphic worms from
corrupting the devtools state seems rather important by comparison.

------
mnarayan01
> It baffles me that some people thinks Firefox is becoming a “Chrome clone”,
> it’s just not the case, it’s just plain silly to make such statement.

If you use a much narrower definition of "clone" than is typically used in
this context, then sure. If, however, you use "clone" a bit more flexibly, and
note the word "becoming", then it's a different story. That's not to say that
Firefox won't be better than Chrome, and it's certainly not to say that it
won't have _any_ advantages over Chrome, but it is giving up some of its major
current advantages.

------
NormenKD
I am considering going back to FF, but it seems FIDO U2F still isn't done
completely and the U2F Extension for FF is not working anymore since the
WebExtension switch.

Please correct me if missed something, but i think i have to hold off for a
little bit longer.

~~~
coffee--
Just today someone posted that they're about to get U2F in the main browser:

[https://bugzilla.mozilla.org/show_bug.cgi?id=1245527](https://bugzilla.mozilla.org/show_bug.cgi?id=1245527)

~~~
coffee--
Actually, here's the U2F patch
[https://bugzilla.mozilla.org/show_bug.cgi?id=1388843](https://bugzilla.mozilla.org/show_bug.cgi?id=1388843)

------
pmoriarty
I've been really disappointed with the direction Firefox has been moving since
they decided to make changes that would permanently break some of their most
powerful and useful extensions, like Pentadactyl.

------
inglor
As someone who uses WebRTC to deliver real value (I'm an engineer @ Peer5 YC
W17) - this abuse of WebRTC is awful.

I think WebRTC related tooling should get a lot better - and extensions should
be able to hook into WebRTC calls just as easily as they do to regular
functions.

Websites can just grab a fresh copy of RTCPeerConnection from a different
realm anyway (an iFrame in this case) - it looks like uBlock is mostly stuck
(unless it prevents sites from opening said realms).

------
pawadu
I still think Chrome has some advantages. For example you can disable a lot of
things like location services in the settings. In Firefox you can decline
access to location once a site asks for it but I would rather disable it once
and for all if I am setting up a machine for a less tech-savvy person.

Also, firefox comes with tons of built in features you cannot disable. In past
they have caused security issues (e.g. the pdf.js exploit).

~~~
baby
> the pdf.js exploit

Overall having pdf.js is a benefit to internet browsing. Should we not
innovate and try to improve our tools just to preserve security?

~~~
snakeanus
> Overall having pdf.js is a benefit to internet browsing

I would doubt it. The experience that pdf.js provides is inferior to dedicated
programs like xpdf.

> Should we not innovate and try to improve our tools just to preserve
> security?

We should, but we should not make such things like pdf.js unable to be
disabled by the user.

~~~
baby
> I would doubt it. The experience that pdf.js provides is inferior to
> dedicated programs like xpdf.

That's not the point, I open dozens of PDF daily and I don't want to have to
switch programs all the time. An integrated light PDF viewer is one of the
best new feature of modern browsers.

PS: You can set the pdfjs.disabled pref to true on the about:config page to
disable the build-in PDF viewer

PS2: Not sure this still works.

~~~
snakeanus
I will admit that I just took pawadu's word for it. I personally had no idea
if it is possible to disable pdfjs or not.

That being said, I will also agree that it is convenient sometimes but it is
much slower and much less compatible than native viewers, making it useless
for me about half the time. Still, I see no reason why it needs to be
integrated into firefox instead of being just an addon (even if it is
installed by default).

------
Aissen
> I am not aware of any anti-fingerprinting initiative taken up with Chromium

Brave is Chromium-based and has anti-fingerprinting tech (which it was the
first to include IIRC): [https://github.com/brave/browser-
laptop/wiki/Fingerprinting-...](https://github.com/brave/browser-
laptop/wiki/Fingerprinting-Protection-Mode)

It also works on Brave for Android.

~~~
mccr8
The Tor Browser has some kind of antifingerprinting stuff in it. I don't know
how it compares to what Brave does.

~~~
confounded
Many of the Tor project's anti-fingerprinting measures are gradually being
merged into mainline Firefox.

------
fauigerzigerk
I would love to use Firefox for it's privacy credibility, the Awesome Bar and
to prevent monopolization of the Web.

Unfortunately 2017 is the year of the CPU usage apocalypse on the Web. Go to
this insane Guardian page, scroll down a page, and observe what happens for a
minute or two perhaps scrolling down some more:
[https://www.theguardian.com/news/2017/aug/10/adele-vocal-
cor...](https://www.theguardian.com/news/2017/aug/10/adele-vocal-cord-surgery-
why-stars-keep-losing-their-voices)

The numbers keep jumping around a lot, but very roughly what I'm seeing is
this:

    
    
      Safari: 2% - 8%
      Chrome 50% - 150%
      Firefox 150% - 250%
    

(100% is one CPU core. I'm not using any ad-blockers)

Obviously, these numbers are non-deterministic and depend on the individual
ads that are being displayed. But the numbers are roughly representative of
what I've been seeing over the last couple of months.

~~~
ycombinete
I tried this:

    
    
      1. With uBlock Origin running, I don't go above 11% CPU 
    
      2. I turned uBlock Origin off: reloading immediately sent my CPU to 80%, and it *stabilised* at a constant 30%.

~~~
fauigerzigerk
As I said, it's non-deterministic, so I'm not surprised if you're seeing
something different.

I have made it a habit to try resource hungry pages in all my browsers. The
variance is huge but the pattern is pretty clear when it comes to CPU usage,
especially between Safari and everyone else (excluding Edge and IE as I don't
use Windows).

------
yohui
> _Chromium-based browsers do not support user styles_

Does anyone know what gorhill means by this? Stylish for Chrome seems to work
fine: [https://chrome.google.com/webstore/detail/stylish-custom-
the...](https://chrome.google.com/webstore/detail/stylish-custom-themes-
for/fjnbnpbmkenffdnngjfgmeleoegfcffe)

Am I missing something? (Probably, but what?)

~~~
notatoad
IIRC, stylish for chrome converts userstyles into javascript, and runs the
scripts to add inline styles to elements on the page. stylish for firefox
changes the page's stylesheet.

~~~
jrimbault
Last time I checked stylish seemed to insert a link tag in the head linking to
the css file.

Edit: on Chrome Stylish inserts a <style> tag at the end with the css, it
seems stylish insert the css via javascript in Firefox though.

------
baby
Related: Can we have Tree Style Tabs implemented by default in Firefox?

~~~
NoGravitas
Currently, there aren't even the APIs needed by Tree Style Tabs in
WebExtensions. That's likely to change, but not until after Firefox 57.

~~~
baby
That's why I wish they would implement it as a default function of Firefox,
not as an extension.

------
RX14
I heard somewhere that Firefox's security showing was pretty dismal before
they introduces e10s with seccomp-bpf sandboxing. The anecdote I heard was
that in "hacking competitions" a Chrome vulnerability was worth a serious hunk
of cash, Firefox was worth almost nothing because it was too easy. After
sandboxing, Firefox RCEs are worth money again. Does anyone know whether this
claim is accurate or misleading? I know I've switched back to Firefox because
of it.

~~~
dobin
The claim is correct. The security of IE9+, Edge and Chrome is far superior
than Firefox. As Geohot said, writing an exploit for Firefox is similar to a
harder CTF challenge (done in an day or two). While IE or Chrome Exploits cost
a lot. I can back it up with references, but
[https://www.zerodium.com/program.html](https://www.zerodium.com/program.html)
shows a pretty clear picture (Scroll down to Payout Ranges). It will take FF
like 3-5 years until they have a sandbox as good as the other Browsers, sadly.

~~~
RX14
I was viewing
[https://wiki.mozilla.org/Security/Sandbox](https://wiki.mozilla.org/Security/Sandbox)
and it appears that Firefox on Linux now has some kind of sandboxing. I
presume it's not as good as Chrome but I'm sure it's raised the security level
significantly. Realistically, how much danger am I in by using Firefox?

------
syshum
Web/browser Extensions is a terrible standard is it EXTREMELY limiting for
power users.

While that my not impact a ad blocker, there are countless extensions that can
not work with Web Extensions and will make Chrome err sorry Firefox far less
appealing to people.

For me, more than a few of the extensions I use regularly are not compatible
with Web Extensions, and a few of them that are critical to my productivity
are in limbo still

That is the Source of the "Chrome Clone". The switch to Web Extensions is
hated by many many firefox power users.

Sadly they feel the users that have stuck around all of these years, that did
not abandoned them for Chrome are worthless, and have chosen to attempt to
attract those users that did abandon FF for Chrome back. They are doing this
by making a browser that is unappealing to me (and many others actual FF
users, not Chrome Users who are the most vocal proponents of Firefox's current
direction), a user that has been a FF loyalist since FF version 1.

I am not 100% sure I will switch to another browser, the options are very thin
these days but it will be a sad day for me when FF57 is all that is left

~~~
zeep
Do you have one example of such extension that won't work with web extensions?

~~~
syshum
TreeStyleTabs

~~~
weaksauce
[https://github.com/piroor/treestyletab/issues/1224](https://github.com/piroor/treestyletab/issues/1224)

Seems they have all the APIs needed for it at the very least approved. It's
not like Mozilla just said screw everyone... Let's become chrome. They are
putting in the effort to make web extensions viable for even the more advanced
uses.

~~~
syshum
They are making to where a version of TreeTabs are possible, this new API will
enable functionality like in Chrome (see my other comment) but it will not be
the same.

if I wanted Chrome style Vertical tabs I would have moved to chrome years ago

~~~
weaksauce
Seeing as how there is an api in place to have a built in sidebar in firefox,
plenty of tab and window API methods available, a way to hide the horizontal
tabs at the top of the screen and the developer of treeStyleTabs saying that
they will be able to move to webextensions fine... I fail to see how this will
be inferior to an XUL extension. Can you elaborate on how the old tree style
tabs is different other than using XUL?

Unrelated, but the fact that the developer doesn't get the extension AMO
approved and uses eval() all over the place should give some pause as well.

~~~
baby
He uses eval in safe ways, according to the developer. So I think your
argument is mout unless you can point the unsafe uses.

Now, the real question is: "why isn't Firefox developing a default Tree Style
Tab?"

I think at this point enough people are using it, and it has proven to be a
better way to browse.

~~~
weaksauce
He may well be using it "safely" but it still is a string that is being
evaluated so it has many inherent drawbacks.

> Now, the real question is: "why isn't Firefox developing a default Tree
> Style Tab?" > > I think at this point enough people are using it, and it has
> proven to be a better way to browse.

Not sure there are enough users to justify taking actual mozilla engineers off
core problems that are everyone's problems. There is a maintenance burden and
associated cost for every feature that mozilla adds to their core product. I
think they would rather make the browser extension backend robust enough to
allow for those types of extensions without sacrificing stability,
performance, and security.

------
ckarlof
Tab Center Redux that is WebExtensions compatible:

[https://addons.mozilla.org/en-US/firefox/addon/tab-center-
re...](https://addons.mozilla.org/en-US/firefox/addon/tab-center-redux/)

------
tmaly
I was really impressed that ublock origin worked on mobile firefox on android.

I recently switched to an iphone, but sadly, the ios version of Firefox does
not support the extensions.

------
OOPMan
I tried switching to FF a while back but it didn't take.

Right now I'm using Vivaldi.

------
adrianlmm
I use Edge and looks like is blocking everything w/o problems.

------
williamle8300
Doesn't PrivacyBadger^1 solve the fingerprinting problem?

[1] [https://www.eff.org/privacybadger](https://www.eff.org/privacybadger)

------
Cryptoholic
An interesting quote from Hill, from the article linked to:

> It baffles me that some people thinks Firefox is becoming a “Chrome clone”,
> it’s just not the case, it’s just plain silly to make such statement.

He lists several ways in which FF is better, from a security standpoint.

