Firefox finally gets sandboxing again to improve security, stability and performance

Posted 11 April 2016 18:56 CEST by Jan Willem Aldershoff

Mozilla has decided to add sandbox technology to Firefox again. This should improve security, stability and performance of the browser. Firefox is currently the only large browser that doesn’t feature sandbox technology.

FirefoxLogo

Sandboxing is considered an important security measure because it can prevent an exploit to abuse a vulnerability that provides direct access to the entire system. Last year Mozilla revived its Electrolysis (e10s) project. Thanks to this, Firefox uses multiple processes for the browser instead of a single one. This has multiple benefits, such as the fact that a single tab can’t crash the entire browser. Using multiple processes also makes it possible to separate processes for sandboxes for web content and performance should increase because multiple processes can use multiple cores.

Users might worry that sandboxes increase the memory usage of the browser, but according to Mozilla this isn’t the case. While multiple processes have a larger memory footprint, the impact should be limited, a recent test version shows a memory usage increase of 10-20%. However, according to Mozilla, this is still half the memory consumption of Google Chrome on the same page.

When the sandbox ends up in a final version of Firefox is unknown. “The move to multi-process is an investment in the future: we’re paying down technical debt and redesigning Firefox’s architecture at a fundamental level. Like any change of this magnitude, there are associated challenges”, according to Mozilla’s developer Dan Callahan. One challenge will be required changes to many add-ons.

Users that want to test the sandbox technology in Firefox can download Firefox Developers Edition.



beef barley
MyCE Resident
Posted on: 11 Apr 16 23:18
They needed something.
0 Agree

coolcolors
MyCE Resident
Posted on: 12 Apr 16 01:18
Hey better late then never....I like a Browser that wants to improve...not one that wants to give you toolbars/adware/stealth installs.
0 Agree

Wombler
Administrator & Reviewer
Posted on: 12 Apr 16 12:36
I've always run it in Sandboxie anyway as it protects my system.

Particularly important if I'm investigating potentially dodgy links posted on Myce.


Wombler
0 Agree

Xercus
MyCE Die Hard
Posted on: 12 Apr 16 12:57
^
0 Agree

TSJnachos117
MyCE Resident
Posted on: 23 Apr 16 02:46
I find myself concerned about the increased memory footprint. IMHO, Firefox uses too much memory as it is, so a 10%-20% increase is a step in the wrong direction. I know that Chrome uses more memory, but that doesn't make Firefox any better.

Also, the third-party addons aren't going to be changed my Mozilla. On the contrary, Mozilla is simply going to replace its entire addon API, leaving all pre-exsiting addons in the dust. The addon developers will be expected to either port their addons to the upcoming WebExtensions API, or get left behind. The developer of one of my favorite addons, DownThemAll, has express his/her concerns about the future of DownThemAll, as well as Firefox addons in general. "The new APIs would only allow for a severely limited in functionality, severely stripped down DownThemAll! at best", says an article posted to the DownThemAll website. The article continues: "Gone with DownThemAll! will be add-ons that e.g. let you change major bits about the Firefox user interface (e.g. tabs tree add-ons), add-ons that allow you to do more “advanced” stuff than just showing or slightly altering websites, such as e.g. restarting the browser upon click (unless mozilla kindly provides an API for that, which won’t be compatible with Chrome, of course). Add-ons like NoScript will be severely limited in their feature set as well." Hopefully, the new WebExtensions API won't be as limited as the developer fears. Even so, given the number of available addons inevitably being rendered useless, it could take years for rewrites and/or replacements to repopulate the addon ecosystem.
0 Agree

Reactions closed

Sorry, you can't comment on this item anymore. It's either too old or comments are disabled for this post.

Myce.com settings

Several settings at Myce.com can be changed, they are stored in cookies, which means they will be reset if you clear Myce.com cookies

Background

Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here

Layout

Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page

×