In SM 1.1.x, there was a non-UI pref to have about:SeaMonkey display in a
modal window (IMO, *not* stupid, but useful; YMMV):
browser.show_about_as_stupid_modal_window. This pref is no longer functioning
in SM 2.
Can we look for a return of this option in SM 2? Currently, about:SeaMonkey
is displayed in a tab, dependent on a user's tab settings, or a wholly
separate browser window. Not to bang the "Firefox does it, why can't SM" drum
too loudly, but FF does display its about in a very nice modal window, and I
think it works well. Better than the current SM 2 behavior, IMO.
TIA for any feedback --
--
/\ /\ | "Even if you have just destroyed a
^o o^ D.K. "Cat" Kraft | Ming vase, purr. Usually all will
->T<- | be forgiven."
~ Lynnwood, WA |
___oOO___OOo___ | -- Lenny Rubenstein
Useful? What for?
Martin
--
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - http://www.gerstbach.at/2004/ascii
Personal preference? I happen to like the modal dialog as well.
On a previous occasion I did ask, but I got the impression from the
negative reactions that even if I wrote a patch, it would be
unceremoniously turned down.
Phil
--
Philip Chee <phi...@aleytys.pc.my>, <phili...@gmail.com>
http://flashblock.mozdev.org/ http://xsidebar.mozdev.org
Guard us from the she-wolf and the wolf, and guard us from the thief,
oh Night, and so be good for us to pass.
Well, I won't lose any sleep over it, but I did prefer it.
Best Regards,
SeaMonkey 2.0 changes:
- missing plugin notification uses infobar instead of a modal dialog
- password manager uses input field dropdown instead of a modal dialog
- download progress dialog was apparently intentionally hobbled (and a
patch to improve it rejected)
- About SeaMonkey opens in a window only
Out of curiosity, what is the problem that some of the developers have
with modal dialogs anyway ? Is this a Linux/Unix thing ?
They get in our way even in cases when you don't need them.
Robert Kaiser
To expand on that somewhat short statement: I think the most prominent
case is a modal dialog that is triggered by a page that is loaded in a
background tab or other window.
HTH
Jens
--
Jens Hatlak <http://jens.hatlak.de/>
SeaMonkey Trunk Tracker <http://smtt.blogspot.com/>
> In SM 1.1.x, there was a non-UI pref to have about:SeaMonkey display
> in a modal window (IMO, *not* stupid, but useful; YMMV):
> browser.show_about_as_stupid_modal_window. This pref is no longer
> functioning in SM 2.
This dialog was provided as part of XPFE. The new toolkit did not
provide an equivalent, and at the time we didn't think it was worth our
while writing a replacement dialog along the lines of the
Firefox/Thunderbird dialogs. There is also the problem that links in the
about: dialog didn't work very well.
Of course, SeaMonkey 2.0 makes it very easy for some enterprising
extension author to write an "About Dialog" extension.
--
Warning: May contain traces of nuts.
I've honestly never had that happen. I would think that if you goto a
site which does something that requires user interaction (i.e.
password, missing plugins, etc.) then you would see this fairly
quickly before you had a chance to switch to another window. In this
case of password entry this would be expected and for things like
about:seamonkey this is due to user input so your point doesn't apply.
I'm definitely not saying that you personally should like modal
dialogs, I'm only saying that not everyone has a problem with them as
you do and that you should give users a choice to work the way that
suits them. For example I absolutely despise infobars as I find moving
the content area down an extremely unwelcome distraction.
Forcing your own personal UI likes and dislikes upon everyone without
a choice is definitely not a good way to go.
>> To expand on that somewhat short statement: I think the most prominent
>> case is a modal dialog that is triggered by a page that is loaded in a
>> background tab or other window.
>
> I've honestly never had that happen. I would think that if you goto a
> site which does something that requires user interaction (i.e.
> password, missing plugins, etc.) then you would see this fairly
> quickly before you had a chance to switch to another window. In this
> case of password entry this would be expected and for things like
> about:seamonkey this is due to user input so your point doesn't apply.
I'll always open links in the background, no need for a chance to
switch. Just a middle click with my mouse so i can open a lot of them if
they are near by -like on newspages. When a modal Dialog comes up i
don't know to which page it belongs.
Also there are some areas of the world which are realy slow with page
loading - try the asus webpage *g*-, so there is a delay in which i
could change the page.
I don't like modal dialogs in most cases, but in some cases they are
good. But most ppl. don't care about them, put them in the background
and wonder why SM dosn't respond and blame the program. Also I'm not
happy about the infobar but i get used to it.
> Forcing your own personal UI likes and dislikes upon everyone without
> a choice is definitely not a good way to go.
SM 2 is young, be patient. There is a lot to do which is IMHO more
important. File a Bug, submit a patch and get your feature.
--
Phillip M. Jones, C.E.T. "If it's Fixed, Don't Break it"
http://www.phillipmjones.net http://www.vpea.org
mailto:pjo...@kimbanet.com
Then it's good that SeaMonkey is being developed by users.
Or did you complain that different users have different opinions about
what they want?
Robert Kaiser
To be fair, it was rejected based on review criteria instead of
developer opinion. Neil (who reviewed my patch) doesn't like the new
download progress dialog either.
Its being being developed by developers not users. Typical Users have no
or very little knowledge of code. All they know is how they want the way
something should work. If a great design comes along that all users
like, then the code designers can't stand it, and want it to work make
it like they want it.
SeaMonkey, Thunderbird, and FireFox are open source, answerable to
users. For Pay Products (example MS Office) is designed for the
shareholders and the BOD. Not the users. Users have no input.
I prefer modal windows. I hate tabs and to this day refuse to use them.
despite being designed into SM FF for last 4-5 years. Tabs waste
resources. Each page in a tab as cache and use memory to store. While I
have 2 GB Memory in current Laptop with today's web pages that can be
easily filled up is I have a bunch of Tabs open. I'd love to get one of
the new ones with 4 or more GB RAM but takes money. Money I don't have
now. As far as being faster. Its not one whit better than forward or
Back button. takes every bit as long one way or the other I've tried it.
I have one thing that was improved. Finally you can adjust the size of
the preference window. Drag the length longer. Just as sure as I mention
this one of the designer will come along and say Oh that fellow loved
how this adjustable. It doesn't need to be let us make it preset.
If the major of people love the way something works, make it work that way.
Good God, have you a bone to pick or something? I am a developer and I
certainly do listen to what end users want - they are my customers after all!
Don't you think you might be over-generalizing here a bit?
Perhaps you're just having a bad moment?
This doesn't quite make sense. If SM 2 is using Toolkit, why would it be so
difficult to port FF's about modal window to SM 2? I realize I have no
program writing background to understand the idiosyncrasies that would have to
be worked around between SM 2 and FF, but on the surface, for this one
purpose, it doesn't appear that it should be so convoluted to execute. Is
there such a radical difference between FF and SM 2, regardless of the
commonality of Toolkit, that would make this a huge task? Not trying to be
obtuse, but it seems like such a simple, isolated function.
Just to get in my digs, and yes, whine a bit, from a practical standpoint, I
think the presentation of SM 2's about info in a tab is unwieldy, since I
often have to find the tab among a group of others when many tabs are open.
The modal window is short, to the point, on top of all else, and for this
purpose alone, a cleaner execution IMO. SM 2 isn't FF, I know, but in this
case alone, I think emulating FF's execution would be just--I don't
know--nicer?
Yeah, it's just my user opinion, but looking for the about info in a buried
tab really is a bit of a PITA.
For what it's worth --
> If SM 2 is using Toolkit, why would it be so difficult to port FF's
> about modal window to SM 2?
Sorry, but I can't really answer this because I've never seen FF's about
dialog, but at the time we were preparing to make the switchover from
XPFE to toolkit and we were busy trying to fix up things that weren't
working.
No it seem with Mozilla when user are happy with function, it always
seems that that irritates the heck out of the developers. It seems if
users like it too much, its a target to be removed.
For example I've always thought Tabs was not what most users wanted,
because it was a gee-whiz-bang feature that was in IE. we had to have it.
The way I work I have no desire, nor no need to have 8 or ten tabs open
at one time. I look at one thing at a time. Although I've using
personal computers since the early. I just never id desire have pages
filled up with cached pages of multiple websites.
WE don't need to any shape of fashion need to be an IE clone. If we look
and, act so much like IE what's the point in trying out something
different if it all works and looks the same. I don't want to be even
reminded of IE , much less look like like it.
This modal thing is another example. OR, how about killing javascript,
in Thunderbird. There was a Feature in Communicator that was great, you
could check for dead links and then ask it to delete them. It never saw
the light of day in Mozilla. I could think of other things.
But developers keep think up things, possibly ask (not always), get
negative responses then put it in anyway.
One thing you have resisted the temptation of doing is using Active-X.
I salute you for that. Now That I have bragged on that, there probably
will be an announcement next month that Active-X will be built-in.
Active-X is the reason now for bout 98% of all the malware floating on
the internet. The other 2 percent is Phishing attempts. If Active-X was
killed dead, at least for a while Windows machines wouldn't need virus
and Malware detection programs.
Phillip, lets look at this. SeamMonkey is not Firefox. It is a
volunteer effort. The developers *are* users.
Actually, I think that's true for Firefox as well, or at least I would
hope so.
Still, with SeaMonkey, lets step back and remember that these people
walked the extra mile, and kept the suite alive for us. Questioning the
decisions is fine, developer bashing here is not really appropriate.
For what its worth, I like the current About:SeaMonkey behaior.
Lee
1) Tabs were not in IE until very recently (IE7) while Mozilla has had
them for ages (Opera was the first tabbed browser, though).
2) The vast majority of users love tabs, please accept that while you
might be one of our users, you are not the majority and can't speak for
them.
3) The majority of satisfied users doesn't speak out loudly, a part of
the minority of unsatisfied ones does. It's hard to find out from a
strange subsection like those doing lots of posts what the opinion of
the general audience is.
4) As in any open source project, those who actually give time and work
to the project have the most influence of what's happening. Nobody can
change that, it's the very nature of how things work, and an increasing
amount of people seems to be happier with that than with the alternatives.
5) Accept that you are not always in the majority or target audience
group among users.
Robert Kaiser
I don't like tabs either and see them as a pointless waste of screen
space when the OS already has window management and its own taskbar
which can be hidden but I don't care that tabs are supported because I
have the choice not to use them. Tabs also seem to use more resources
and essentially duplicate functionality already in the OS.
> 4) As in any open source project, those who actually give time and work
> to the project have the most influence of what's happening. Nobody can
> change that, it's the very nature of how things work, and an increasing
> amount of people seems to be happier with that than with the alternatives.
Granted but why do things like change the download progress dialog UI
to be less usable because you don't like dialogs (Your words:
"Download progress dialogs ? Eww!"). There really is no reason why
this can't look more or less the same as SeaMonkey 1.x
> 5) Accept that you are not always in the majority or target audience
> group among users.
Does this mean that people who like the SeaMonkey 1.x UI aren't the
target audience for SeaMonkey 2.0 ??
I'd love to get one of the older ones, the ones that had 2GBytes of Memory.
My current one only has about 750MBytes.
> Money I don't have
> now. As far as being faster. Its not one whit better than forward or
> Back button. takes every bit as long one way or the other I've tried it.
>
> I have one thing that was improved. Finally you can adjust the size of
> the preference window. Drag the length longer. Just as sure as I mention
> this one of the designer will come along and say Oh that fellow loved
> how this adjustable. It doesn't need to be let us make it preset.
>
> If the major of people love the way something works, make it work that way.
>
Phillip, if you painted your house Green, because you liked Green, would
it matter to you if someone suggested you should have painted it Blue??
Or even a slightly different shade of Green??
The Guys that are doing the development are the guys that are doing the
development, so their preference must count for something. If you, or I,
want something different, you, or I, can either do the development of
just endure with what we're given, or we can move to something
different, Safari or Opera maybe!!
Daniel
Phillip, if I am to believe your message header, you are using Win98!
SeaMonkey 2.0 is not supposed to work on Win98, so are you complaining
about something you haven't even tried yet?? Or have you found a way for
getting SM 2.0 to work on Win98 (Please, oh please, Phillip, you'll be
my friend forever!!)??
Hang on, Phillip, you almost got away with that, Phillip.....but then,
just before I hit sent I remembered that you use Mac OSX or whatever, so
you must have your SM prefs munged!!
You almost got away with that, Phillip!
Daniel
If you love ugly, then you your own extension to make it ugly again.
And thanks for turning a joke after hours of hard work against me.
Robert Kaiser
In the for pay community they have an excuse they design strictly for
the Board of Directors and shareholders. The users are not in the
equation. In open source community they should be beholden to the users.
However because its open source most likely that have second jobs, and
this a second job, and and self-aggrandizement is the pay off.
But I've spoken more than I should. I really was just going to post
specifically about the SM RC candidates. Once the it goes Gold I will
stay away from the Group.
Problem I tried and have installed:
Safari 4
FireFox 3.5.3
SeaMonkey 1.1.8
SeaMonkey 2.0.rc.2
Camino
Opera
OmniWeb
iCab
I find SeaMonkey the best fit for me.
I don't even like the design of FireFox as much as the design of SeaMonkey.
And if I were to use Thunderbird I actually like Postbox better because
the last one I downloaded still allowed javascript in email.
There is no modal window in SM2 for Mac. As for the Active -X Comments
its combination or Reading various internet news feed, plus helping some
of my relatives that use Windows machines and Friends. I suggest they
turn off active-x and the malware attacks seem to disappear.
See exactly what I am talking about. You think it looks ugly. Other of
us love it. Most of the silent Majority folks are not going to have the
courage to speak up. Most say to themselves, Gee something else I am
going to have to endure , oh well I can't do anything about, so why
bother saying anything.
What are you talking about? I only have 160 MB of RAM, and I can easily
use a bunch of tabs without running out of physical memory. Maybe your
problem is Flash or Java, not tabs themselves.
Separate windows use even more resources. Or are you saying that you use
one window all the time?
You do realise that JavaScript in mail is a big security risk, right? It
doesn't have a place in e-mail messages in the first place. It's a
message, not a web page.
The taskbar becomes less efficient the more buttons it has. Having tabs
means that your taskbar is not cluttered with tons of windows. Windows
XP has a band-aid for this, but it doesn't work that well because it
doesn't know the context of each window.
Plus, with tabs, I can rearrange them with drag&drop. Something that
Windows couldn't do with its taskbar until Windows 7!
> Tabs also seem to use more resources
This is wrong. A tab is one more instance of a viewport, and that's it.
With an additional window, much more needs to be duplicated.
If I remember correctly, Maxthon was first with tabs, but that was a
shell for IE. Opera was the first web browser to be shipped with tabs
built-in.
You're wrong.
> OR, how about killing javascript, in Thunderbird.
Security risk, as pointed out above.
> There was a Feature in Communicator that was great, you could check
> for dead links and then ask it to delete them. It never saw the light
> of day in Mozilla.
Another security (and privacy) risk. Imagine getting some spam with
links. If SeaMonkey would check those for you, the spammer would get
notified that your e-mail address exists, along with other data that's
part of the HTTP request. Then you'd get even more spam.
> One thing you have resisted the temptation of doing is using Active-X. I
> salute you for that. Now That I have bragged on that, there probably
> will be an announcement next month that Active-X will be built-in.
There will never be ActiveX, as it's a proprietary technology that's
done more bad than good.
> Active-X is the reason now for bout 98% of all the malware floating on
> the internet.
Most malware these days comes from social engineering, not ActiveX.
He meant how the dialog's code looks, not how the dialog itself looks.
>Granted but why do things like change the download progress dialog UI to be less usable
>
As with the loss of the About dialog, this was fallout from the
conversion from XPFE to Toolkit, which (surprise) has no progress
dialogs either, so from my point of view you should be lucky that any
sort of progress dialog exists, because that means that somebody
actually had to step up and write some new code to implement it.
> On Oct 24, 5:40 pm, Robert Kaiser <ka...@kairo.at> wrote:
>
>> 1) Tabs were not in IE until very recently (IE7) while Mozilla has
>> had them for ages (Opera was the first tabbed browser, though).
>>
>> 2) The vast majority of users love tabs, please accept that while
>> you might be one of our users, you are not the majority and can't
>> speak for them.
>
> I don't like tabs either and see them as a pointless waste of screen
> space when the OS already has window management and its own taskbar
> which can be hidden but I don't care that tabs are supported because
> I have the choice not to use them. Tabs also seem to use more
> resources and essentially duplicate functionality already in the OS.
> ...
Well, count me as a user who does like tabs. I can't prove it out to you
logically because it's a question of taste.
I know I can set Windows to combine taskbar entries from the same
application, but that doesn't help much if you have five apps running,
and I /really/ don't like having 10 or 12 little boxes in the taskbar
that say "SeaM..." because that's useless (I have to mouse over them
one... at... a... time... to see what they are).
It does help to make the taskbar two rows high; sometimes I wish I could
do that with SM's tabs. ;-)
--
War doesn't determine who's right, just who's left.
--
Paul B. Gallagher
> Robert Kaiser wrote:
>
>> asmpgmr wrote:
>>
>>> Granted but why do things like change the download progress
>>> dialog UI to be less usable because you don't like dialogs (Your
>>> words: "Download progress dialogs ? Eww!"). There really is no
>>> reason why this can't look more or less the same as SeaMonkey 1.x
>>>
>>
>> If you love ugly, then you your own extension to make it ugly
>> again.
>>
>> And thanks for turning a joke after hours of hard work against me.
>>
>> Robert Kaiser
>
> See exactly what I am talking about. You think it looks ugly. Other
> of us love it. Most of the silent Majority folks are not going to
> have the courage to speak up. Most say to themselves, Gee something
> else I am going to have to endure , oh well I can't do anything
> about, so why bother saying anything.
If the developers come up with something they think is pretty/elegant
and gives me the feedback I need, that would be fine.
I think it's dysfunctional to have a download process complete silently
without telling me it succeeded, or worse yet, stall silently without
telling me there's a problem. I don't know when I can go open the file,
or if it's even there.
> Plus, with tabs, I can rearrange them with drag&drop. Something that
> Windows couldn't do with its taskbar until Windows 7!
For this I'm using Taskbar Shuffle
<http://www.freewebs.com/nerdcave/> - very handy.
--
Stanimir
I agree that the new design has problems, and I'm open to suggestions,
but not to just go back to the also bad design it was before.
My problem was to come up with a good base for an improved version as
nobody wanted to take up the work of rewriting it (the old version was
written for a backend we didn't have at all any more and the patch for
the new backend only had an empty dialog come up with "please use the
download manager" written in it, so I had to create _something_ new).
I'm very unsatisfied with the situation of the functionality of context
menus on the source and target labels being completely hidden, but the
row of buttons in the old dialog was bad as well, even though it was
more discoverable.
I made sure no functionality of the old dialog was actuall lost, but I
know good parts of it are not as discoverable as they should be.
As I said, suggestions are welcome as long as they don't mean just
reverting to the old design.
Robert Kaiser
That means there should be a better separation between the backend and
frontend code. Of course the Firefox developers are even more guilty
of pushing their personal UI choices so this is likely intentional. I
understand the backend switch is the reason the password manager was
changed as well. Unfortunately there is a definite anti-modal dialog
bias here (and having the old about dialog pref be called
"browser.show_about_as_stupid_modal_window" certainly supports this).
The problem is the developers aren't developing stuff just for
themselves, they're developing for a general audience with varied
tastes and varied ways of working. The developers seem to not get this
or not to care.
Well the tiny round buttons aren't good. I've never seen any app have
buttons like that, it needs normal buttons. Also what do you perceive
as wrong with the 1.x design ? It looks perfectly fine to me. People
who don't like dialogs can use the download manager and that's great,
there's a choice. Why make the dialog unusable to those who prefer
dialogs ?
The "tiny round buttons" are IMHO one of the better designs in that
progress window. It's no dialog anyhow, it's a progess window.
But perhaps we should have just remove them altogether, would have saved
me lots of work and us all lots of discussions.
Robert Kaiser
Yes. I have set up unless the website doesn't allow for it, set so that
the window used is the same window, but the contents is replaced by the
contents of the updated information. Some websites open new windows and
I'd like to smack the back of their hand (of the designer) for doing so.
Its like a slide show or PP presentation (sort of).
Why is it a security risk? I used Netscape Navigator 3.0.1.a Gold,
Communicator, Mozilla, and Thunderbird until it was removed, and not
once in all those years had any javascript attacks in email. Not once.
let's see Navigator 3.0.1.a Gold came out sometime in early 90's or
maybe even in late 80's let say roughly 15-20 years.
each of those instances require the use of cache to maintain that
instance (or page) in memory. That amount of memory to go to that page
is added to cache then you click to go somewhere else, that add to a
tab, okay that pages contents text graphics everything is added to piece
of cache memory, and so on. Taking a snap shot if you will takes memory
In general it looks too busy compared to the 1.x download progress
dialog, those buttons are too small and easily missed and the menu
dropdowns seem out of place on a dialog. Even when you requested
feedback about this on your blog most of the comments were negative.
Now I realize this is subjective and that you think "progress dialogs
are soo backwards, only really old software uses such a thing". Also I
know you have done a lot of work on SeaMonkey but you obviously hate
dialogs and anything resembling them to the point that you have no
objectivity when it comes to this area.
See what I am saying people come up with a discussion about something
and you want to remove them just because your tired of dissenting
opinions.
OK, I'll take the courage to speak up myself. :-) I love tabs, I
strongly think they don't waste resources (if any, they save
resources, since tabs don't create menu, menu items, toolbars, toolbar
contents and status bars that are part of new windows), I think they
add value to standard OS window management because they can be created
without grabbing focus (it may be possible now to do that with
windows, too, but it wasn't when tabs were first introduced in Mozilla
Suite), and I think new download progress windows are not so bad vs.
SeaMonkey 1.1.x (in fact, although I prefer dialogs vs. download
manager window, I find new dialogs more useful than SM 1.1.x ones).
And, despite above, I like more a separate dialog (whether modal or
not) for About SeaMonkey vs. the current tab behaviour. These are my
reasons:
- Most "About..." programs are presented as dialogs, so SM digress
from them here.
- Usually, when I want to launch About... dialog, I want to see it.
However, due to my preferences, the About... tab is open in
background, forcing me to switch to it to access the data presented in
it. I think my preferences are not too unusual, though.
- If I have the mail and browser components open, with the mail
component having focus, and I launch About..., I have to switch to
browser component and probably switch to another tab.
Still, I think this is not a priority issue, although if a patch
already exists and works, it could worth considering it.
My 0.02 cents.
Ricardo
I think neither the Download Manager nor download progress windows are
the best way to address that, but YMMV (i.e. it shouldn't stop anyone
from improving download progress windows). For me Download Statusbar has
always been the best way to visualize downloads (including progress and
status) and to open/show them. Since SM2 now supports the back-end that
newer versions of DSB require it was quite easy to port it; should be
available shortly.
Greetings,
Jens
--
Jens Hatlak <http://jens.hatlak.de/>
SeaMonkey Trunk Tracker <http://smtt.blogspot.com/>
You may cross the road when the ligths are red ... without any trouble
... until the bad day !
So did you just forget to re-set your header info last time??? (Now it
is correctly showing you are using a Mac!)
Daniel
I don't know about this "Dead Link" feature being in Communicator, but
maybe it was. I've used AM-Deadlink for the last ten years or so, and,
as far as I can see, there would only be a link to a Spammer page in my
address book if I put it there.
So AM-Deadlink (or the Communicator feature from years ago) could only
report me to a Spammer site if *I* had added the site first.
How was that a security risk in Communicator??
Daniel
That's not what I think but you seem to be so convinced that I do that
you ignore anything I'm saying anyhow, it seems.
Robert Kaiser
Sorry but I copied the quoted text from your own blog. Now if that's
your opinion then I don't fault you for it, everyone has their own
likes and disklies and everyone is entitled to their own opinion. All
I'm saying is that for software that is used by a wide audience front
end elements shouldn't be locked into a particular method based only
upon developer's POV especially when this involves a major change from
previous releases. Better in regards to UI is almost always subjective.
Because the backend was rewritten (several times) between NN3.0.1 and
Gecko 1.9.1, the javascript code paths changed significantly and the old
security checks that sanitized the javascript in mail could not be
guaranteed to catch all the new paths. At least without an intense
effort to audit all the current attack vectors[1] and without a
significant rewrite of the Mozilla security model. I understand that the
latter is being done but would take some time to be completed.
[1] The vulnerability model for a browser like application is well
understood by the Mozilla security team and we are pretty sure that we
have javascript properly locked down in the browser component. The
attack surfaces in a mail/news like application are far less understood
so Mozilla have taken a conservative approached and disabled javascript
in mail/news until the necessary security models have been developed and
implemented.
Phil
--
Philip Chee <phi...@aleytys.pc.my>, <phili...@gmail.com>
http://flashblock.mozdev.org/ http://xsidebar.mozdev.org
Guard us from the she-wolf and the wolf, and guard us from the thief,
oh Night, and so be good for us to pass.
[ ]I had a handle on life, but it broke.
* TagZilla 0.066.6
Hell, that was a joke! Am I the only person in the world who uses some
humor in blog posts now and then?
Robert Kaiser
It would seem that you poorly communicated that it was a joke, as
asmpgmr isn't the only one who thought you were being serious.
Holy ****! I never thought an utility to do this was possible. It even
works as far back as Windows 95!
Thanks for the link! :D
How would Communicator know that it was a dead link? It can only know by
checking it.
Or is this some feature that disabled all links unless it matched a
whitelist?
As it stands I'm going to stick with SeaMonkey 1.1.x, for me there are
several show stoppers in SeaMonkey 2.0: awfulbar, extremely intrusive
infobars, bad password manager, bad download progress dialog. Also if
the new tabmail feature can't be turned off then that would be a major
show stopper for me. While it would be nice to have the newer and
faster Gecko 1.9.1 rendering engine, Gecko 1.8.1 still handles
websites just fine and these new features are just too undesirable to
me and clearly there is no concern for longtime users who like things
the way they have been from Mozilla Suite through SeaMonkey 1.1.x.
Perhaps someone will take an old pre-alpha 1 build of SeaMonkey 2.0
which supported early Gecko 1.9.1 before any of these UI changes were
added, drop in the current version of Gecko 1.9.1 and release that as
a user-supported custom build, a sort of SeaMonkey 1.5.
After reading these threads, I decided against SeaMonkey, for now.
I'm perfectly happy with Firefox 3.5.3 and Thunderbird 2.0.x and see no
benefit to switching, but I have noticed a few things I enjoy now are
missing in SeaMonkey.
Innovation is wonderful, but I like options and tweaks, and buttons, and
progress bars, and the ability to turn various bells and whistles on or
off as I prefer.
--
KristleBawl
Daniel, I've looked at several of Phillip's full headers, and I have not
seen one that indicates anything other then Mac OSX. I suspect you may
have looked at someone else's post by mistake.
Since this is getting off topic, I've set a followup to mozilla.general.
Lee
Yep! Everyone is too serious these days. You ought visit the the adobe
forums. You'd think you were in a Hospital.
What it did was go to the site and try to get in as soon as it got a
response it would mark it as active or dead. then it listed the dead
links you could then delete the dead links. I can't remember exact
process but it worked well. Worked kind of like a Whois utility.
> Or did you complain that different users have different opinions about
> what they want?
>
No, I think the complaint is lack of option to do things in a way people other
than developers find productive. I don't listen very hard to complaints about
default settings, they can be tuned. But forcing one mode of operation by
everyone because a developer likes it does seem to be pretty elitist.
Particularly when something used to work one way and no developer can say that
"someone would have to write and test that code," and the code was working for
years on previous Seamonkey.
--
Bill Davidsen <davi...@tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
Another case of "big brother knows best" taking choice out of the hands of the
user. I happen to agree that it's a security risk, but I know that people use
mail in environments where the mailbox is not open to the world, anyone sending
something remotely evil would be identified and appropriately treated, and that
mailing links to pages which have the js doesn't make thing more secure, just
less convenient.
> The way I work I have no desire, nor no need to have 8 or ten tabs open
> at one time. I look at one thing at a time. Although I've using
> personal computers since the early. I just never id desire have pages
> filled up with cached pages of multiple websites.
>
> WE don't need to any shape of fashion need to be an IE clone. If we look
> and, act so much like IE what's the point in trying out something
> different if it all works and looks the same. I don't want to be even
> reminded of IE , much less look like like it.
> This modal thing is another example. OR, how about killing javascript,
> in Thunderbird. There was a Feature in Communicator that was great, you
> could check for dead links and then ask it to delete them. It never saw
> the light of day in Mozilla. I could think of other things.
>
The point about security is valid, but it's still MY computer, set the default
where you like and allow the choice if that's what the user wants. Call the
option 'allow.securityattacks.from.javascript' if you think you need the issue a
warning for legal reasons, but choice is good.
And no, I wouldn't turn it on unless I could do so in a message filter and trust
certain people.
> But developers keep think up things, possibly ask (not always), get
> negative responses then put it in anyway.
>
> One thing you have resisted the temptation of doing is using Active-X. I
> salute you for that. Now That I have bragged on that, there probably
> will be an announcement next month that Active-X will be built-in.
> Active-X is the reason now for bout 98% of all the malware floating on
> the internet. The other 2 percent is Phishing attempts. If Active-X was
> killed dead, at least for a while Windows machines wouldn't need virus
> and Malware detection programs.
>
Your estimate is unrelated to any estimate I have ever seen from people who who
have measured threat characteristics, perhaps you can cite a source? Perhaps you
pulled the number out of your... personal experience?
Try to remember that security is a moving target. In addition to points
that may be raised by others, consider that as time goes on, people learn
of the vulnerabilities that exist up until now.
So, for example, to say that when using last year's release *last year*,
it was safe, doesn't mean using it now is still safe.
The same holds true for JS. In the beginning, I'm sure many had no idea
how it could be manipulated in such nefarious ways. However, today people
sure know a lot more about how to exploit JS that anyone though possible
a few years ago.
But of course, that wasn't the point of Phillip's to which I was responding :-\
I'm sorry, Phillip, somehow I mis-read "asmpgmr" as your name! Must have
been a real bad day.
Again, I'm sorry, Phillip!!
Daniel
It does make it more secure. With no JavaScript in the e-mail message,
you can't get exposed to the JavaScript just by opening the message. You
have to choose to visit the page.
And just because we can't make both safe doesn't mean we shouldn't at
least try to make one of them safe.
>Perhaps someone will take an old pre-alpha 1 build of SeaMonkey 2.0 which supported early Gecko 1.9.1 before any of these UI changes were added, drop in the current version of Gecko 1.9.1 and release that as a user-supported custom build, a sort of SeaMonkey 1.5.
>
>
If you're referring to our XPFE builds, they only supported 1.9.0a5, so
you'd probably be able to compile it against Gecko 1.9.0.x, but of
course it wouldn't have the extension manager, form autocomplete, feed
preview, vista-compatible shell integration, fast location bar
autocomplete, etc.
--
Warning: May contain traces of nuts.
Isn't there an early build out there that supports Gecko 1.9.1.x but
still has the SeaMonkey 1.1.x UI ? I know 2.0 alpha 1 is close but has
the annoying infobars. Personally I don't care about any of the new
features, I only care about Gecko 1.9.1.x which processes JavaScript
faster and supports some newer web standards. As long as everything in
the SeaMonkey 1.1.x was still present then that would be great. So I
want the old location bar, old password manager, old form manager, old
download progress dialog and uses the old mork database format (I
don't care if it's old and archaic, it works while SQLite tends to
thrash). I would never use the RSS feeds or session saving and have no
intention of using bloated Win Vista or more bloated Win 7.
Active-X will never, ever be safe. Java-script could be is some would
take the time. They make Java work in Sandbox (whatever that is). Why
can't Java-script. Must not be too dangerous Adobe acrobat uses it
extensively.
> Active-X will never, ever be safe. Java-script could be is some would
> take the time. They make Java work in Sandbox (whatever that is). Why
> can't Java-script. Must not be too dangerous Adobe acrobat uses it
> extensively.
Acrobat also has a lot of security exploits (!).
Looks like you haven't understand open source work, then.
> Seamonkey is not like the Linux kernel, where a patch can be posted,
> people will test it, and it is likely to be accepted if it works and
> does something useful.
That's just wrong. You just need to go through Bugzilla, but else it's
pretty much the same. Oh, and we enforce code quality by requiring
reviews, while Linux people might just pull in patches without looking
at them a real lot, from what I understand. That's why some drivers are
that "stable". (Don't mistake me, I love using Linux.) I might have
misunderstood their process, though. I'm pretty sure things get lost on
a mailing list much more often than in Bugzilla.
Robert Kaiser
Not one that is nearly secure. And btw, now that wqe have a newer
release, 1.1.18 is badly insecure, 80% of all security holes fixed in
Gecko 1.9.1.1 to 1.9.1.4 do exist in SeaMonkey 1.1.18 but were never
fixed there.
Robert Kaiser
Of course you missed my point. The reason for getting such a release
would be to keep the SeaMonkey 1.1.x UI as is but easily drop in the
current version of Gecko 1.9.1.x and potentially keep Gecko updated.
But related not to Java-script.
You don't understand. The old UI and the backends it used had some of
the security problems right in them - and the old UI just doesn't work
with the 1.9.1.x platform, that's one reason for the large rewrites.
E.g. the old password manager was able to send the first password to a
website without you actually doing anything - at least in some hard to
reproduce cases.
Robert Kaiser
I've used Mozilla Suite/SeaMonkey 1.x for awhile and never once had a
security problem so I'm really not concerned about this.
SeaMonkey 2.0 alpha 1 and 2 still had much of the old UI including the
old location bar, download manager and I believe the old password
manager as well so would it be possible to get one of those, revert
the "fix" for bug 270443 (the bad infobars) and update Gecko to the
current version ?
I've never seen that volcano spit fire, so it surely must be perfectly
safe to wander its crater any day in the future as well, right?
And we never needed more than 640KB of RAM before, so we'll never need
more than that, right?
And nobody ever came up with the idea to fly a passenger jet into a
skyscraper, so you surely wouldn't ever be concerned about that, right?
> SeaMonkey 2.0 alpha 1 and 2 still had much of the old UI including the
> old location bar, download manager and I believe the old password
> manager as well so would it be possible to get one of those, revert
> the "fix" for bug 270443 (the bad infobars) and update Gecko to the
> current version ?
Feel free to try building this version, I'll try to continue our project
meanwhile, OK?
Robert Kaiser
> And nobody ever came up with the idea to fly a passenger jet into a
> skyscraper, so you surely wouldn't ever be concerned about that, right?
Actually Tom Clancy came up with exactly that idea in one of his novels
but (at that time) all the security experts dismissed that scenario as
"too far fetched".
Phil
--
Philip Chee <phi...@aleytys.pc.my>, <phili...@gmail.com>
http://flashblock.mozdev.org/ http://xsidebar.mozdev.org
Guard us from the she-wolf and the wolf, and guard us from the thief,
oh Night, and so be good for us to pass.
>>> Java-script. Must not be too dangerous Adobe acrobat uses it
>>> extensively.
>>
>> Acrobat also has a lot of security exploits (!).
>
> But related not to Java-script.
A quick Google search suggests otherwise:
http://www.404techsupport.com/2009/02/20/prevent-the-latest-exploit-in-adobe-acrobat-disable-javascript/
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36838
Uh, did you read the link you gave? for Acrobat 9.0. There has since
been versions 9.1.0, 9.1.1, 9.1.2, 9.1.3, and finally of recent 9.2.0
That's typical of a new version of any software.
On the last link the Update is up to 8.1.7 that was reported is almost
two years old
Did you read your own messages? You said Adobe used JavaScript to show
it doesn't have serious problems. Then it was pointed out that Adobe
also get a lot of exploits. You responded by saying that they were not
related to JavaScript. You are proved wrong, only to retort by saying
that they have been patched. That was not the point. The point was that
they do exist, which you wouldn't acknowledge.
Hell, just read the quoted messages above. It's pretty obvious.
Look up what a sandbox in the context of computers is first so you know
what you're talking about.
Why not? Why did you push a stable release that still contained known
security holes that were patched elsewhere (meaning the theorical
solution was at least known)?
Clearly you couldn't care less what anyone else thinks if they don't
agree with you. As SeaMonkey becomes more and more like Firefox +
Thunderbird users will either migrate to them as they are mainstream
and on the forefront of development or they will switch to something
else entirely so you're ultimately doing yourself no favor with this
attitude.
Oh and the 9/11 reference was *highly* inappropriate, a lot of people
died that day.
Never mind. I read why in another thread in the
mozilla.support.seamonkey newsgroup.