
Mozilla Firefox and silent updates - mbrubeck
http://www.brianbondy.com/blog/id/125/
======
calvin
Summary: "People want silent updates for Firefox; we're working on it."

~~~
brianbondy
Based on a lot of feedback we're also going to only start the service when it
is doing an update to ensure no overhead.

~~~
jigs_up
Why would you do it any other way? Laziness?

~~~
huhtenberg
Why should a user program require an updater that needs to run with the root
privileges? If it were on a #nix box that is locked down comparably to
Windows/UAC, Firefox would've been sitting in ~/bin together with all other
stuff that the user installs for himself. Windows remains the only mainstream
OS that does not even have a notion of user-installed software and mandates
(through its guidelines) that all software to be installed into
%ProgramFiles%. There _is_ an UAC, but there is no %UserProgramFiles%. This is
truly idiotic, if you pardon my late night French, but not a bit surprising.

~~~
darklajid
What is a 'user program'?

If you're on a Linux machine the vast majority of people are going to use a
package manager to install their software. It ends up in /usr not /home.

I don't get your argument. Sure, you ~can~ install to ~/bin (and I'd guess you
could change the FF install path to something outside of UAC
protection/virtual folder redirection, maybe even now), but the majority
doesn't. Not on Windows, not on Linux. Or are you going to tell me that the
gazillion Ubuntu users install FF to ~/bin? How are they updating their
packages?

Right.. With a process that runs as root.

------
nextparadigms
That's great news. Firefox needs this if they're going to stick with the 6
week update schedule. But this is just one of the features where they catch-
up. They need more features where they differentiate/stay ahead of the
competition in a big way, if they _really_ want to get people's attention.

~~~
notatoad
they don't need to differentiate or get people's attention. they need to do
what they're doing: provide a solid product, adhere to standards, and stay
quiet and out of the way. a browser isn't supposed to grab attention, it's
just supposed to be a tool to view websites on.

~~~
dailycavalier
Mozilla full-time contributor here. I agree they need to do what they're doing
- silent updates are super important for the product right now given the new
release cycle.

It's important that Mozilla does differentiate though. Firefox is the only
browser that's made by a non-profit organization and puts your interests
before business interests. Other browsers can't say that - they all have
financial incentives and other agendas for you to use their product. Firefox
provides choice so you have full control over your browsing experience.

~~~
jmathai
I wish more people understood the importance of what you just said. Not even
the tech community seems to.

Also, I presume the performance issues on OSX are a known issue. I'd love to
read a plan for resolution for that. It can take 6 months, I'd feel better
knowing it's a tangible goal that's being worked towards as opposed to "we're
making improvements as we can".

Lastly, thanks for contributing to Firefox.

------
lini
Call me paranoid, but after I read about this service I immediately started
thinking what would happen if the browser was compromised - no UAC prompt and
elevated privileges through the service...

~~~
ars
I should hope the service does not use the browser to configure itself. It
should directly contact mozilla servers including verifying some kind of
encryption signature.

So if anything it could mitigate a compromised browser by overwriting it with
a good one.

