Overclock.net › Forums › Software, Programming and Coding › Other Software › Waterfox 55.0.2: 22 August [Firefox 64-Bit]
New Posts  All Forums:Forum Nav:

Waterfox 55.0.2: 22 August [Firefox 64-Bit] - Page 632

post #6311 of 7359
Quote:
Originally Posted by malcomX View Post

not twice work firefox 34 not Nov 24 firefox 34 dec 1st this 2 week plent time for update fix large memory leak fix bugs fix security waterfox not safe in current state
or does alex not care user saftey ?? just skip build ?? frown.gif
Waterfox is maintained by one person, MrAlex. He only has so much spare time and does this as a hobby, not a job.

He's seen and acknowledged your points regarding security issues, but has already said it's unlikely that there will a Waterfox update until Firefox 34 has been released.

In my opinion, that's fair enough - if you're going to spend your spare time doing something, you should probably make sure that it makes sense before you do it - and with the Firefox 33 branch MrAlex would have wasted a lot of his spare time if he tried to keep up with every update.

So yes, I'm sure he cares, but no, he does not have an infinite amount of spare time to dedicate to working on Waterfox.

If you have an issue with that, then I would advise you not to use Waterfox until whenever MrAlex releases version 34.

For the record, I've been using Waterfox for years and have never had any problems from potential security issues it may have had.
Edited by BMT - 11/21/14 at 11:29am
Core i7 Rig
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 930 @ 2.93 GHz Gigabyte X58A-UD3R (Rev. 1.0) PALIT GTX 760 Jetstream 12GB DDR3 1600 Mhz (6x2GB) 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 Samsung HD103UJ Samsung HD103SJ Samsung HD204UI 
Optical DriveOSMonitorPower
LiteOn iHAS524 DVD RW Windows 7 Ultimate 64bit SP1 ViewSonic VX2260WM Seasonic X-Series 650W SS-650KM3 
Case
Cooler Master 690 II Advanced RC-692A-KKN5 
  hide details  
Reply
Core i7 Rig
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 930 @ 2.93 GHz Gigabyte X58A-UD3R (Rev. 1.0) PALIT GTX 760 Jetstream 12GB DDR3 1600 Mhz (6x2GB) 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 Samsung HD103UJ Samsung HD103SJ Samsung HD204UI 
Optical DriveOSMonitorPower
LiteOn iHAS524 DVD RW Windows 7 Ultimate 64bit SP1 ViewSonic VX2260WM Seasonic X-Series 650W SS-650KM3 
Case
Cooler Master 690 II Advanced RC-692A-KKN5 
  hide details  
Reply
post #6312 of 7359
malcomX

Maybe you could contact MrAlex and offer him some help!
As stated multiple time in these posts, he is mainly working on WF by himself.
post #6313 of 7359
Quote:
Originally Posted by MrAlex View Post


Hmm that shouldn't be happening at all. Nothing this article can help with? https://support.mozilla.org/en-US/kb/firefox-sync-troubleshooting-and-tips



no, i've created new profiles etc and while the profile that syncs if i run ff, it will not sync when i run wf.
the sync button wont show activity, just does nothing - but i can close wf, open ff and sync works

clean installs, new profiles etc across devices and still no change
My Rig
(29 items)
 
  
CPUMotherboardGraphicsRAM
2600K  GA-Z68X-UD5-B3 ASUS HD7970 DCii TOP 3GB G.Skill Ripjaws X F3-1600C9D-16GXM 16GB (2x8GB)... 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 128GB Samsung 830 256GB Western Digital WD Green 1TB WD10EZRX  Western Digital WD Blue 1TB WD10EZEX  
Optical DriveOptical DriveCoolingCooling
Silverstone FP58B 5.25in Cover Bay for Slot loa... Silverstone SOD02 Slim DVDRW Optical Drive  EK Supremacy CPU Waterblock Clean CSQ Acetal  EK-FB KIT GA P67A (UD7) - Acetal + Nickel  
CoolingCoolingCoolingCooling
EK Full Cover VGA Block EK-FC7970 DCII Acetal N... Koolance RP-452X2 Reservoir for PMP-450/S Pumps... Alphacool VPP655 Single Edition 12V Variable Sp... Alphacool NexXxoS UT60 Full Copper 120mm 
CoolingCoolingCoolingOS
Alphacool NexXxoS XT45 Full Copper 360mm  4 x Noctua NF-F12 PWM 120mm Fan  Noctua NF-A15 PWM 140mm Fan Windows 7 Pro 64 Bit 
MonitorKeyboardPowerCase
4 x Dell U2412M Logitech G710+ Mechanical Gaming Keyboard  Seasonic XP-660 Platinum 660W Power Supply V2 Silverstone FT02 
MouseMouse PadAudioAudio
Logitech G600 MMO Gaming Mouse  Roccat SOTA Xonar STX with APA2107 opamp AudioEngine AE2 
  hide details  
Reply
My Rig
(29 items)
 
  
CPUMotherboardGraphicsRAM
2600K  GA-Z68X-UD5-B3 ASUS HD7970 DCii TOP 3GB G.Skill Ripjaws X F3-1600C9D-16GXM 16GB (2x8GB)... 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 128GB Samsung 830 256GB Western Digital WD Green 1TB WD10EZRX  Western Digital WD Blue 1TB WD10EZEX  
Optical DriveOptical DriveCoolingCooling
Silverstone FP58B 5.25in Cover Bay for Slot loa... Silverstone SOD02 Slim DVDRW Optical Drive  EK Supremacy CPU Waterblock Clean CSQ Acetal  EK-FB KIT GA P67A (UD7) - Acetal + Nickel  
CoolingCoolingCoolingCooling
EK Full Cover VGA Block EK-FC7970 DCII Acetal N... Koolance RP-452X2 Reservoir for PMP-450/S Pumps... Alphacool VPP655 Single Edition 12V Variable Sp... Alphacool NexXxoS UT60 Full Copper 120mm 
CoolingCoolingCoolingOS
Alphacool NexXxoS XT45 Full Copper 360mm  4 x Noctua NF-F12 PWM 120mm Fan  Noctua NF-A15 PWM 140mm Fan Windows 7 Pro 64 Bit 
MonitorKeyboardPowerCase
4 x Dell U2412M Logitech G710+ Mechanical Gaming Keyboard  Seasonic XP-660 Platinum 660W Power Supply V2 Silverstone FT02 
MouseMouse PadAudioAudio
Logitech G600 MMO Gaming Mouse  Roccat SOTA Xonar STX with APA2107 opamp AudioEngine AE2 
  hide details  
Reply
post #6314 of 7359
MalcomX...Alex answered your question...I don't know if he could have been any clearer that with all the fixes that come out for Firefox between builds...Alex has decided for Waterfox to not jump and make a new build at the same pace as Firefox, so he opts to do Waterfox updates in a manner that several patches are done at once. In this instance...he will skip 33.x.x and do this with release 34. That is how it has been done for some time now as far as I know and in all this time there are very few that have had issue with this process. However, for those that can't wait or don't subscribe to Mr Alex's methods...they are free to take the source for Waterfox and go at it according to their own wishes. So feel free to go that route if Waterfox is in such a dire state in its current form that you cannot wait.

I also wanted to tip my hat to you Mr. Alex for doing such a great job at addressing so many question here on the forum. My gosh it is good to see your posts, but I feel for ya when they are a page long answering questions. However, that is the kind of person you are...helpful and devoted to Waterfox...which I know many people appreciate. Thanks for all the hard work.
post #6315 of 7359
For a couple of months now, waterfox updater has failed for me because libiomp5md.dll is missing.
post #6316 of 7359
Quote:
Originally Posted by BMT View Post

Waterfox is maintained by one person, MrAlex. He only has so much spare time and does this as a hobby, not a job.

He's seen and acknowledged your points regarding security issues, but has already said it's unlikely that there will a Waterfox update until Firefox 34 has been released.

In my opinion, that's fair enough - if you're going to spend your spare time doing something, you should probably make sure that it makes sense before you do it - and with the Firefox 33 branch MrAlex would have wasted a lot of his spare time if he tried to keep up with every update.

So yes, I'm sure he cares, but no, he does not have an infinite amount of spare time to dedicate to working on Waterfox.

If you have an issue with that, then I would advise you not to use Waterfox until whenever MrAlex releases version 34.

For the record, I've been using Waterfox for years and have never had any problems from potential security issues it may have had.

Quote:
Originally Posted by WetLook View Post

malcomX

Maybe you could contact MrAlex and offer him some help!
As stated multiple time in these posts, he is mainly working on WF by himself.

Quote:
Originally Posted by seti View Post

MalcomX...Alex answered your question...I don't know if he could have been any clearer that with all the fixes that come out for Firefox between builds...Alex has decided for Waterfox to not jump and make a new build at the same pace as Firefox, so he opts to do Waterfox updates in a manner that several patches are done at once. In this instance...he will skip 33.x.x and do this with release 34. That is how it has been done for some time now as far as I know and in all this time there are very few that have had issue with this process. However, for those that can't wait or don't subscribe to Mr Alex's methods...they are free to take the source for Waterfox and go at it according to their own wishes. So feel free to go that route if Waterfox is in such a dire state in its current form that you cannot wait.

I also wanted to tip my hat to you Mr. Alex for doing such a great job at addressing so many question here on the forum. My gosh it is good to see your posts, but I feel for ya when they are a page long answering questions. However, that is the kind of person you are...helpful and devoted to Waterfox...which I know many people appreciate. Thanks for all the hard work.

when report security issue most update fix program he could warned users unsafe not let use but no

quote my tech friend

i find it rather funny when people go i have used an outdated version on XXXX product for year with no security issues, i
laugh because most of these attacks are unseen and unknown its not like an attacker wants to have big bright red warnings saying
hay i am stealing your personal data and your passwords, no they in most attacks just collect your data then store it for later, most of these
exploits are most likely to have been fixed in a newer version so when the arbitrary code is executed on an outdated browser with the current flaw
the attacker is able to steal or remote execute code on the users computer, now if they used the newer patched version when the arbitrary code is
executed the attack is null and void has no affect because the flaw was fixed.

think of your web browser as an anti-virus and the browser updates as virus definitions you don't visit websites and install software with outdated anti-virus
you could say i have been using a outdated anti-virus and never had and viruses or issues why should i update or care now, in the mean time a rat was installed
letting the attacker just take there time slowly collecting your data, you don't walk around a nuclear power station without a radiation tag or suit in the radiation areas just because
you can't see the radiation does not mean you have not been affected ?

Warning: Spoiler! (Click to show)

most cases when using an outdated browser on the internet you have encounter one or more threats to your browser security and have lost personal
data as a result that would not have happened if running the newer version, when you look at the case studies you can see in most attacks they are automated
by scripts, bots and other means there sole purpose is to find a weak spot then exploit it, if its personal data its archived if its executed code remotely to download a
file that lays dormant until activated like a root kit you wont know as they don't want to you to know there stealing your data because you will change that information
before they can use it, when you get a letter from your financial institution saying your late on the house loan, car load and the boat loan but your thinking to your self
i don't have any of these loans right then right there you realize your computer was compromised by a Romanian hacker that stole your personal information which they
then used to create a fake identity for financial gain, most of these new age exploits are just for your personal data this information is gold and can be sole many times over
for the purpose of identity freud.

look malcom i have done my part i have emailed the developer about 11 major security issues with waterfox with the information how to produce the issues and potential fix them
i have done my part to help you out its up to the developer to fix these issues, personally i would stop using the browser as its clean the developer just mashes compiler command
together and hopes for the best with little to no regards to user safety which is outline in the emails sent clearly shown by the profile guided linking of the library's leaving undefined symbols
allowing an entry point created, i have shared these exploits to jorge and a few forum members for further analysis so they are public knowledge and if not fixed they will be exploited,
malcom in future if your not going to listen to my advisement then please don't ask for it.

he help fix waterfox i help fix but code broken outdate like browser
one for 32 https://waterfox.codeplex.com/SourceControl/latest#browser/config/version.txt
one for 15 http://sourceforge.net/p/waterfoxproj/code/ci/master/tree/browser/config/version.txt
not build missing files contaminated with old files
forgive english not good i try more better
post #6317 of 7359
@MalcomX: I think if you want to be completely up to date with Firefox then you should stay with Firefox or Nightlies. I appreciate your concerns, but Waterfox will probably always lag Firefox. It's up to you to decide whether the delay is an acceptable risk or not. Personally I am still on waterfox v32, and will happily wait for WF 34 before I upgrade.

In reality if your connected to the Internet you are at risk, whether it's the browser, OS, or some other vulnerability. Waterfox will always lag a few weeks behind Firefox, for me that's not an issue, but I can understand if it's an issue for you. If this is the case, Waterfox is probably not the browser for you.

Just my two cents worth.
post #6318 of 7359
Quote:
Originally Posted by malcomX View Post

quote my tech friend

i find it rather funny when people go i have used an outdated version on XXXX product for year with no security issues, i
laugh because most of these attacks are unseen and unknown its not like an attacker wants to have big bright red warnings saying
hay i am stealing your personal data and your passwords, no they in most attacks just collect your data then store it for later, most of these
exploits are most likely to have been fixed in a newer version so when the arbitrary code is executed on an outdated browser with the current flaw
the attacker is able to steal or remote execute code on the users computer, now if they used the newer patched version when the arbitrary code is
executed the attack is null and void has no affect because the flaw was fixed.

think of your web browser as an anti-virus and the browser updates as virus definitions you don't visit websites and install software with outdated anti-virus
you could say i have been using a outdated anti-virus and never had and viruses or issues why should i update or care now, in the mean time a rat was installed
letting the attacker just take there time slowly collecting your data, you don't walk around a nuclear power station without a radiation tag or suit in the radiation areas just because
you can't see the radiation does not mean you have not been affected ?
I find it funny when people like 'your friend' make generalised comments without taking into consideration things like the fact that someone may be running their browser in a sandbox, that people wouldn't know how to check if a RAT etc. had been installed on their PC and so on.

Not to mention that I highly doubt Waterfox is anywhere near popular enough to be targeted for exploits on a big scale. People would be much better of trying to find vulnerabilities that have been present in Windows for years. Or a vulnerability in Firefox (and therefore Waterfox) so that it can be exploited on a much wider scale.

Any PC connected to the internet is at risk, full stop. There are things that can make it less at risk, or more at risk, but if you want to use the internet it's the game you play assuming that it can't be compromised in some way is idiotic. All you need is one 0-day exploit to come along.

Don't get me wrong, I appreciate that you're taking the time to report security issues. I just wanted to point out the above.
Edited by BMT - 11/24/14 at 10:58am
Core i7 Rig
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 930 @ 2.93 GHz Gigabyte X58A-UD3R (Rev. 1.0) PALIT GTX 760 Jetstream 12GB DDR3 1600 Mhz (6x2GB) 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 Samsung HD103UJ Samsung HD103SJ Samsung HD204UI 
Optical DriveOSMonitorPower
LiteOn iHAS524 DVD RW Windows 7 Ultimate 64bit SP1 ViewSonic VX2260WM Seasonic X-Series 650W SS-650KM3 
Case
Cooler Master 690 II Advanced RC-692A-KKN5 
  hide details  
Reply
Core i7 Rig
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 930 @ 2.93 GHz Gigabyte X58A-UD3R (Rev. 1.0) PALIT GTX 760 Jetstream 12GB DDR3 1600 Mhz (6x2GB) 
Hard DriveHard DriveHard DriveHard Drive
Samsung 830 Samsung HD103UJ Samsung HD103SJ Samsung HD204UI 
Optical DriveOSMonitorPower
LiteOn iHAS524 DVD RW Windows 7 Ultimate 64bit SP1 ViewSonic VX2260WM Seasonic X-Series 650W SS-650KM3 
Case
Cooler Master 690 II Advanced RC-692A-KKN5 
  hide details  
Reply
post #6319 of 7359
Quote:
Originally Posted by msuguy71 View Post

Now that is what I call continental drift! laughingsmiley.gif

lachen.gif nice one
4770K
(17 items)
 
  
CPUMotherboardGraphicsGraphics
i7 4770k Gigabyte Z87x D3H Sapphire R9 290 CFX Sapphire R9 290 CFX 
RAMHard DriveCoolingMonitor
G-Skill 8 GB Crucial M500 240GB H100i + H55,G10 for GPUs Qnix 2710 1440p 
KeyboardPowerCaseMouse
QFR MX Blue / Poker ll MX Clear Corsair AX760 Corsair C70 black Roccat Savu 
Mouse PadAudioAudioAudio
Perixx XXL Audio Engine D1 Beyerdymamic DT990 Pro Asus Xonar DGX 
Audio
Samson SR-850 
  hide details  
Reply
4770K
(17 items)
 
  
CPUMotherboardGraphicsGraphics
i7 4770k Gigabyte Z87x D3H Sapphire R9 290 CFX Sapphire R9 290 CFX 
RAMHard DriveCoolingMonitor
G-Skill 8 GB Crucial M500 240GB H100i + H55,G10 for GPUs Qnix 2710 1440p 
KeyboardPowerCaseMouse
QFR MX Blue / Poker ll MX Clear Corsair AX760 Corsair C70 black Roccat Savu 
Mouse PadAudioAudioAudio
Perixx XXL Audio Engine D1 Beyerdymamic DT990 Pro Asus Xonar DGX 
Audio
Samson SR-850 
  hide details  
Reply
post #6320 of 7359
false
Quote:
Originally Posted by BMT View Post

I find it funny when people like 'your friend' make generalised comments without taking into consideration things like the fact that someone may be running their browser in a sandbox, that people wouldn't know how to check if a RAT etc. had been installed on their PC and so on.

Not to mention that I highly doubt Waterfox is anywhere near popular enough to be targeted for exploits on a big scale. People would be much better of trying to find vulnerabilities that have been present in Windows for years. Or a vulnerability in Firefox (and therefore Waterfox) so that it can be exploited on a much wider scale.

Any PC connected to the internet is at risk, full stop. There are things that can make it less at risk, or more at risk, but if you want to use the internet it's the game you play assuming that it can't be compromised in some way is idiotic. All you need is one 0-day exploit to come along.

Don't get me wrong, I appreciate that you're taking the time to report security issues. I just wanted to point out the above.

ask my tech friend i did

when sandboxing a web browser they are never meant to run on a system without patches, browser update, firewalls, or anti-virus software.
the sandbox phad simply adds another layer of protection and has never been claimed to be full-proof, but could improve security of a fully patched system with all patches
applied including the sandbox web browser .

think of a virtual sandbox as a fish tank with no lids, fish have tendency to jump out and flip flop on the floor no ?

waterfox was brought to my attention by malcom which has been around for a few year now no, with claims of over 3 millions download this would appear popular no.
for 10 years i have worked as a security advisor i have not seen many programs, website and other at some stage in there cycle not have had or have been a target in
one form or another, take xxxx program has 1000 users the program gets weather updates then shows as a desktop widget someone decides to make a program that changes
the check for weather updates to download a password stealer but makes it self replicate and send its self to everyone in the infected users email list just because that someone could,
take someone decides to take everyones personal and credit card information from apples server just because someone could, it matters not the size or popularity of the website, company, program.

malcom recap on previous words i am not a person in the middle any more questions asked will result in no reply, its clear your not listening, unless you have questions not relating to the browser then
please not pm me.

he say sandbox not full safe
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Other Software
Overclock.net › Forums › Software, Programming and Coding › Other Software › Waterfox 55.0.2: 22 August [Firefox 64-Bit]