Is Mozilla Making the Same Mistakes as Microsoft?

Monday Jul 2nd 2007 by Adrian Kingsley-Hughes
Share:

Feature bloat, among other concerns, is causing the open source browser to lose some of its charm.

There was a time when I had high hopes for Firefox. The idea of having a small, lightweight, swift, secure, low memory/CPU-footprint browser appealed to me a lot. I’ve always been a default Internet Explorer user but I can’t say that I’ve ever really been thrilled by it (or even mildly jazzed) and if something better, faster, more secure and less hassle came along, I’d make the leap. For a long while I thought that it would be Firefox that I’d be making the leap to, but I’m now doubtful that Firefox will ever be more than a curiosity to me. I’ll experiment with it, but I don’t really get to the point where I really use it any more.

My browser needs are pretty simple. I need something fast and secure that I can use to view web pages, and something that makes it easy to store and organize bookmarks. It would also be cool if the browser could be loaded onto a USB flash drive and used when on the move, and it would be really cool if there was a simple way to sync bookmarks between different systems, but these are dream features. Ultimately, what I want it speed and security.

The Firefox project is interesting because it is an example of what goes wrong with anything designed by committee. There’s an old saying that a camel is a horse that was designed by committee, well, Firefox is a web browser designed by committee. The early goals of the Mozilla team were to come up with an “open-source web browser, designed for standards compliance, performance and portability” (this quote dates back to Nov. 1999, via the Internet Archive Wayback Machine). Add security to that and you got me hooked! That sounds just like the kind of browser I want to be running. But there’s a problem with developing a browser that’s standards compliant, fast and portable – it’s just not sexy.

So the Mozilla development team came up with a way to make Firefox sexy without adding too much bulk to the code – add-ons. This enabled users to add additional functionality to the browser but kept the overall download small and the base browser relatively simple to use. The problem with add-ons, in particular browser extensions, is that they become addictive. You start off by tentatively installing one and pretty soon you have a dozen installed. This does nothing to improve performance, and if you’re like me it’s also real pain making sure that several different Firefox installs all have the same extensions fitted.

Another downside of extensions is that the more you have installed, the more you have to keep them updated. It’s not a major pain to update add-ons because it’s done automatically and you only have to click a couple of buttons, but it does interfere with the workflow. The times when Firefox extensions have caused me a lot of grief is when upgrading to a new major build of Firefox. For security reasons I update Firefox with a new version as soon as it’s out but every time I’ve done this I’ve had problems, ranging from losing add-ons which had become a vital part of my workflow to add-ons behaving badly after an update. It’s important to bear in mind that add-ons are transient and a Firefox update can spell the end of the line for them, especially if the developer has lost interest in the project. Realizing that they’re possibly short-lived makes me wary of integrating them into any workflow process. That’s a real deal-breaker as far as I’m concerned.

The sinister side of add-ons is that it presents an additional attack surface for hackers trying to get into your system. There’s no requirement in Firefox that add-ons have to be downloaded and installed over a secure connection (HTTPS) and this leads to potential hijacking scenarios. Also, when you install an add-on, you taking a gamble that the code is clean. Even if you trust the developer, unless the code is digitally signed and downloaded over a secure connection, there’s no guarantee that it’s not been tampered with.

But it didn’t end with add-ons and extensions. We’ve now got spell checkers, phishing filters, live bookmarks, RSS readers, integrated search and more. Firefox is not a browser any more but an integrated suite of web applications.

So what are the mistakes that both Mozilla and Microsoft made with their browsers? It’s the mistake of using an ever increasing number of features to encourage people to adopt or keep on using that browser. A features war has, almost always, only resulted in three things – overly bloated code, poor performance and security vulnerabilities. Mozilla as an open source movement was in the perfect position to put aside a drive for big user numbers and concentrate on the basics. That’s a real shame and a missed opportunity.

Not only is Mozilla adding more features to Firefox (a whole raft of new features are slated for version 3) but development has stalled on fixing (or at least alleviating) current issues of poor performance and massive memory footprint. Ask the Mozilla team for a comment on the huge amount of RAM that Firefox can consume, and the reply you get is that it’s not a bug but a feature. When you need a system with 1GB of RAM just to run a browser well, you know that the project has steered far away from the original goal of developing an “open-source web browser, designed for standards compliance, performance and portability.”

Or maybe performance just doesn’t mean what it used to.

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved