Mozilla will start Firefox silent updates in June
Patches Pwn2Own bug; also announces end of updates for Firefox 3.6
Computerworld - Mozilla yesterday reiterated that it's still working on silent updates for Firefox, and said it should have the Chrome-like service in place by early June.
In a sweeping summary of 2011's accomplishments and an outline of plans for 2012, Robert Nyman, a Mozilla technical evangelist, listed silent updates as one the projects the company will finish this year. "Updates will now be downloaded and installed silently in the background," wrote Nyman in a Wednesday post to the Hacks Mozilla blog. "Silent updates are currently planned to land in Firefox 13."
Mozilla unloads a Firefox upgrade every six weeks -- it launched Firefox 11 just two days ago -- and has Firefox 13's release on the calendar for June 5, 2012.
Mozilla has been working on silent updating for about 17 months. At one point, it thought it could add the feature to Firefox 4, which shipped in March 2011, but abandoned that work when the upgrade was delayed several times for other reasons.
Late last year, it said it was shooting for silent updating in Firefox 10, which debuted in January. Those plans were also revised, and Firefox 13 was tagged as the new goal.
Some of the components of silent updating have already made it into Firefox: Version 10 debuted automatic add-on compatibility marking, for example.
Implementing silent updating would make Firefox only the second browser to offer the feature. Google's Chrome has used automatic, in-the-background updates since its September 2008 debut.
Firefox silent updating would let Mozilla deploy emergency security fixes -- it calls those "chem spills" -- without bothering users, and potentially push more users to each new version.
Microsoft has also jumped on the silent update bandwagon: In December 2011, it announced it would automatically upgrade Internet Explorer (IE) to the newest browser suitable for each version of Windows. Before the scheme's January debut, Microsoft had asked users for their permission before upgrading IE from one version to the next, even if Windows' automatic update service was enabled.
Also this week, Mozilla released Firefox 11 with patches for 12 vulnerabilities, nine of them rated "critical."
For a short time, Firefox 11 faced a launch delay that would have broken Mozilla's perfect record of meeting release deadlines since it switched to an every-six-week pace last year.
The delay, which Mozilla announced last Monday morning and nixed later the same day, was necessary, said Mozilla, to patch a Firefox bug unveiled at the Pwn2Own hacking contest.
It turned out that Mozilla already knew of the vulnerability exploited by researchers Vincenzo Iozzo and Willem Pinckaers on Pwn2Own's last day, March 9. Iozzo and Pinckaers rode that exploit to take Pwn2Own's $30,000 second-place prize.
Mozilla also released Firefox 3.6.28, the latest security update for the two-year-old browser, to patch five or six vulnerabilities. Mozilla's advisories were unclear on the exact number.
Firefox 3.6 is on the verge of support retirement. Yesterday, in notes from a Wednesday planning meeting, Mozilla said, "Firefox 3.6.28 is our last planned 3.6 update (emphasis in original)."
Between now and April 24 -- the scheduled ship date for Firefox 12 -- Mozilla will only release fixes to 3.6 if it uncovers critical issues, said Johnathan Nightingale, senior director of Firefox engineering, in an email reply to questions. Mozilla calls such unexpected updates of critical bugs "chemspills."
"We don't plan to make further updates to the Firefox 3.6 product ... [and] we encourage our remaining Firefox 3.6 users to upgrade to a modern Firefox," said Nightingale.
To replace Firefox 3.6 -- which many enterprises retained when they balked at upgrading every six weeks -- the company has rolled out Firefox ESR, or Extended Support Release, a version that receives only security updates during its 54-week lifespan.
Windows, Mac and Linux editions of Firefox 11 can be downloaded manually from Mozilla's site. Users running Firefox 4 or later will be offered the upgrade through the browser's own update mechanism.
The next version of Firefox is scheduled to ship April 24.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is email@example.com.
- Google reverses field, promises to restore Chrome's scrollbar arrows
- Update: Google ships Chrome 33, patches 28 bugs
- Mozilla's top exec defends in-Firefox ads, revenue search
- Mozilla taps in-Firefox ads as it searches for more revenue
- Mozilla ships Metro Firefox beta for Windows 8
- Mozilla defers Firefox's new 'Australis' UI to April
- Mozilla resets Metro Firefox ship date to mid-March
- Mozilla ships Firefox 26 with opening click-to-play move
- Mozilla banked $274M in '12 from Google-Firefox search deal
- Google trumpets Chrome's SPDY gains
Read more about Desktop Apps in Computerworld's Desktop Apps Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Desktop Apps White Papers | Webcasts