The secrets of about:config

Ever since its début, Firefox has garnered a reputation for being an enormously customizable program, both through its add-on architecture and its internal settings. In this article, we’ll explore some of the most useful Firefox settings that you can change on your own, which aren’t normally available through the program’s graphical user interface…

Read more | Digg story

Mozilla released updates for Firefox 1.5 and 2.0 earlier this week. Both versions include major security and stability fixes/patches. The Mozilla foundation also extended the support period for Firefox 1.5 from 24th April to June.

The security vulnerabilities fixed are the same for both browser generations.

According to Secunia the most severe issue is related to the JavaScript engine which can be exploited to cause memory corruption and potentially to execute arbitrary code.

Furthermore an error in the “addEventListener” method can be exploited to inject script into another site, circumventing the browser’s same-origin policy. This could be used to access or modify sensitive information from the other site.

Finally an error in the handling of XUL popups can be exploited to spoof parts of the browser such as the location bar.

Most FF 2.0 users will get the option to update automatically. If you are running an older version upgrade to Firefox 2.0.0.4 here, or Firefox 1.5.12 here. As always it’s better to be safe than sorry…

Visit Mozilla for more information and downloads/links concerning the 1.5.0.12 and 2.0.0.4 releases.

A couple of months ago I created a simple PHP script to show the “Help Desk” comic on the sidebar. This time I’ve rewritten the code in order to show more comics (only today’s) and added a caching system that updates the links every 5 hours. Except during the update procedure the add-on should load much faster, and by combining it with my Lightbox Media add-on browsing the comics is sweet and easy.

I’m not sure if I’m allowed to distribute the code yet, as there seams to be some copyright issues. On the other hand Netvibes and others are doing it already through their 3rd party modules. Thus, for the time being I’ll just keep it running during an undefined testing period.

That said, I would be happy to get some feedback on this little add-on.

P.S. Just noticed from the stats that Blogvaria passed another milestone. More than 100.000 page views since New Year, and it’s not that long ago when it turned 50.000 hits/views. Furthermore, the average visitor is flipping through approximately 8 pages a visit which means some of you actually find the stuff I write about interesting - thank you!