< [[Deployment]]
= temporary Preface/Background info - Work in Progress - all Help needed and most parts if restarted documentation have currently moved to:http://wiki.dwroot.de/wakka.php?wakka=ff3start&v=v1z see also: https://bugzilla.mozilla.org/show_bug.cgi?id=231062 as well as: "xxxx 2008-02-28 04:04:28 PDT Created an attachment (id=306248) [details]WiX-based XULRunner msi/msm With this patch, 'make installer' produces xulrunner.msm and a cfg file for it,which can be included in wix configuration for applications. WIX_FLAGS and MSI_EXTRA makefile variables allow to add dependencies toapplication's main wix file. After building msm for xulrunner-1.9b3 with thispatch, I was able to create msi packages for my application with one commandper package:make -f check.mk installermake -f check.mk installer AB_CD=ru Application configuration is available here:http://repo.or.cz/w/abstract.git?a=tree;f=installer/windowshttp://repo.or.cz/w/abstract.git?a=blob;f=check.mk" === open tasks ===* fix text errors: language and format * shrink sections/ sentences * research and review resources on the web, especially on:** official mozilla position** position of other companies, even if unstated but apparent from current/future products and plans.** articles in online media, blogs, magazines etc. * using the requirements list and scratched design of the toolkit: ** research, review addons that provide required functions and add them to requirements list as well as the toolkit structure tia,dwe = Deploying Firefox = == Why is a 'new' article needed? ==Though there are numerous sites about the deployment of firefox in a company, they mostly just scratch on the surface, are outdated/not verified to work with the actual version, pointing to extensions and tools mostly created for older firefox versions which were not developed further and are obsolete today. There are Groups like the FireFox Enterprise Working Group, but i`m unable to find a site and project that focuses on the basics and provides reliable, verified information. If someone has links etc. of actual project, please drop me a mail and/or add them here, preferable with a short description. The group mentioned above has some interesting information, but the scope of the case studies are installations with thousends of pc`s and partly very highlevel requirements. Corporate demands often result from the requirement to implement certain management systems or to comply with standards - even in the it department. The increasing usage of it-management process-modells, with ITIL beeing one of the most widespread, forces more and more the companies to implement them, requiring software, configuration and processes to comply. Currently just one single individual installations using the internet for updates and as source for the installation of updates simply bypasses and violates eg. the ITIL change-management process as well as security. Microsoft internet explorer can be updated using a company operated wsus or softwaremanagement server, how can this be done with firefox and extensions? With the browser evolving to the most important platform directly following the os, microsoft beeing in a strong position with the bundle of os and browser as well as providing all the tools and concepts to maintain ie installations in corporate networks, mozilla firefox is required to catch up - and do it fast. === large group of possible users left out due to missing tools === === Ignoring the demands of users with influence and possible results=== The browser is one of the most widespread, daily used, important/critical tool used at work as well as private in similar ways for similar or different tasks.It is expected 'to be aviable' and 'to just work' by the end-user. But what about the people tasked with installation, management and support? ====== loosing possible customers by the lot ==== The lack of tools and concepts to manage a distributed firefox installation, as well as a missing official position, makes it nearly impossible for an it-person to propose or support a decision to switch to firefox. One might think: Ok ,who cares? That`s just a few people... "dad, why don`t you use firefox? Everyone uses firefox!" "Well, son, it`s certainly a good browser, our company even thought about switching to it. Our it department then had a closer look and in their opinion it`s lacking professionality, so we stayed with IE. And since i don`t want to switch between different software for the same purpose but different functions, i`m going to stay with IE as well". Next thing happening might be a windows homeserver, nicely integrating ie and a father telling his son: "Look, our it-guys were right!" or "Sorry, i can`t helop you with your firefox problem. I never had that one with ie. Why don`t you switch?" Knowing or unknowingly the user influences the view the family and friends have on firefox - and this father won`t advocate firefox. That`s it, case closed for a couple of users on family level. Now, just assuming that the hypothetical father mentioned above belongs to a group of 50 users, and also assuming that just 10% of these actually influence a negative decision on firefox of two people in the family as well as one additional, this would mean 20 users lost to firefox. ====== possible effects on end-users by a corporate contra-firefox decision ====== A decision made by the corporation pro/contra a product can easely - form the personal impression and opinion - stick - last for a long time - be an 'authorative', 'lead-example' for private decisions on similar matters And will allways have influence on private decisions of employees on the same matter. A normal user will rarely install a product at home his company has evaluated and found 'flawed' or 'risky' and 'unprofessional', even if the factors leading to these finds will never arise or be important in personal use, the corporate position will be normally unquestioned accepted. No one will blame an user who decides to stick with IE following the advise of the corporate it (the same guys who eg. rescued his data in the past) which takes the position that firefox is a 'toy browser noone in a sane state of mind would ever set free on a company network'. From the users view, the decision pro/contra firefox is normally made and supported by people with known and accepted authority. The fact that the results affect a personally, daily used and important application, that the user is personally 'involved' or at least 'affected'adds to the importance of the result. ====== buzzwords and phrases are sticky... 'professional use'====== A decision might in broad explaine all the reasons, background etc, but the essential information transported is this: '2008,june,evaluation, use of firefox in company network,NOGO, reasons: unprofessional,risky, flawed' ======= excerpt: phrases to exchange of information and knowledge between parties with incompatible knwoledge systems ======= Sometimes a fact can not be explained using synonyms but nevertheless has to be explained or stated in understandable way. One reason can be that the information is the result of a process specifically for and defined in knowledge-system that is unique for a certain area. The knowledge required to assign a meaning to an information and it`s relations to other information already known on that area are defined in that knowledge system itself, (certain area: any 'area' of interest that might have information: eg, sky as part of world, day etc. An area can consist of one or several fields of interest .A field of interest is one of more information interconnected with other information. Information is interconnected between each other, the interconnection defined and agreed on by one or more parties. The agreement is a denominator acting as Tag to mark interconnections and their connectionpoints. The sum of all informations interconnected by a tag defines the primary area of information for this tag. This sum is the first channel of information for that tag, and none, one or more other channels from other tags which can be combined in every possible way (eg.:supportive, adverse) and type (eg. qualities like: good, bad etc.) and with the combination becoming a relevant 'focus' of the attention of one or more interested parties. :=) Which in short contains all relevant information and uses phrases and/or buzzwords to translate information and it`s meanings into a term easely understandable by others. The process converts an often complex information or knowledge (= minimal: information + context of subject, objects + meaning. ) from their own, field-specific 'information system' into a common term or phrase. Each term has at least one common (plain-language) meaning, definition and examples to describe them, which can add additional information (eg, time, as well as qualities to them term.) Common terms are the result of language and culture development, they normally change slowly, have many examples of which some are popular which describe the most common accepted definition and meaning. The examples also transport additional information and qualities (eg. examples describing the 'borders' between terms and are commonly aggreed on: eg. when to use 'risk', 'danger' amd 'mortal danger': 'there might be a bear in that cave', 'seen that? there is a bear in the cave' and 'oh shit, there`s a bear running to us')and others.. The terms definitions, examples to describe it, and processes whose results. but the inoffical 'fit for professional use' made by known people with accepted authority has a huge impact. The opinion that 'not fit for corporate use' equals 'lack of profession' which results in 'use a SERIOUS tool, not a TOY' is widely spread. Even in the 'home-office', the typical user want`s to work 'professional' using 'proffessinal' tools. (This is easely proven by the thousends copies of proffesional/enterprise software products like operating systems,office and other products eg. photoshop (enterprise/CS3 preferred, even if the other products will never be used).A re-evaluation will rarely happen: neither on private nor on corporate level. - Corporate use = professional use - Who want`s to use a toy browser at home? - Be unable to ask colleguas or corporate it-staff on private it-problems? - Have colleguas and/or friends making fun of one? - Have to explain or even defend the private use of a product officially found unfit for corporate usage? And this might happen (and acutally IS) right now, just because a simple thing like eg. a package - builder is missing and the corporate has not the time and capabilities to research and evaluate the existing extensions. === The largest group are: One of the in my opinion most important group of users appears to be left out: the sometimes self-learned, part- or even free-time working operators managing networks with roughly 5-20 systems up to administrators of networks with 50-500 systems or more. These guys won`t do a custom build of firefox to meet the companies requirements ever. Typically they are also very reluctant of fiddling with a bunch of different tools. Quite often these operators and admins already have had a hard time to explain to dubious superiors that 'It`s Opensource - we don`t pay licence fees - it`s free' as well as 'No we can`t buy a support contract from mozilla, but we won`t need one', often promised 'it`ll work like the other browser' and finally gotten a cautious approval with typically either none or a very small time budget, also beeing often expected to do unpaid overtime once the approved time budget is excessed. Knowing they`ll be the one pointed at if something later breaks or just appears to be broken, they prefer to play it safe: minimal configuration and settings, none or just a few small extensions (eg. duplicate tab but avoiding Mozbackup), unwilling to search the web for non-standard tools and to read several tutorials on 'how to repackage firefox', they just want and need 'tools that work'. With firefox lacking these 'official', easy to use tools to customize, reconfigure, repack and deploy via standard distribution methods as well as no means to remotely maintain already deployed configurations, extensions and their settings, these operators and admins have to choices: * leave it * go for it, despite the lacking tools The later are those still eager to do almost everything to avoid the 'other' browser, and instead of giving up and cancelling the project (perhaps with a smirking superior commenting the apparent defizits of opensource software), they try to meet the company requirements, but are often forced by small or non-existing time-budgets to deploy firefox in a way that not only leads to diverging software revisions, patchlevels, installed extensions, settings and configuration settings, bus also sooner or later resuls in unmaintable setups which finally become security risks. This group is especially in need of tools, reference / example solutions etc. ==== different positions: mozilla, users - comments==== Source: http://it.slashdot.org/article.pl?sid=08/01/11/0913207 Excerpt posted on slashdot: ricatcw brings us an article describing some of the obstacles Firefox is facing while competing with Internet Explorer for business use. Quoting Computerworld: "Now nearly three-and-a-half years old and nearing the release of Version 3, Firefox no longer can be accused of being callow. And while many IE-only apps remain, plenty of others have been overhauled to support Firefox as well. However, other obstacles to broader adoption have emerged. Mozilla thus far has neglected to develop tools to help IT departments deploy and manage Firefox, and it doesn't offer paid technical support services to risk-averse corporate users. Janco Associates Inc. in Park City, Utah, currently gives Firefox a 16% usage share among visitors to 17 business-to-business Web sites that it monitors. Janco puts IE's share at 67% while giving 9% to Netscape and 3% to Google Desktop Mozilla position: Kuo added that he doesn't think Mozilla will suddenly change its attitude and develop a browser deployment tool that could render FrontMotion obsolete. Mozilla "could create it themselves," he said. "But it's obviously not their priority."http://www.computerworld.com/action/article.do?command=printArticleBasic&articleId=9056780 User reponses /comments That's great information; but at the same time it's actually a really good example of lack of support contributing to so many corporations /not/ willing to use FF. After all, it's not really practical for organizations that rely on NTLM for multiple servers to manually configure several hundred or thousand firefox installations to accept those specific servers -- never mind if the list of servers changes. Too, it's even more unlikely that they'll be able to trust the users to properly maintain and configure those settings themselves. http://it.slashdot.org/comments.pl?sid=414746&cid=21999592 You've minimized the amount of testing you need to do for alternate browsers. Just make the applications work with IE and you've satisfied almost all of your users needs. Fewer browsers is actually a good thing for web developers--especially if they are targeting a limited niche of working in the real world of constrained budgets. The more browsers/configurations you need to develop and test for the more it will cost (or the less features you can include). From the article : The big downside is the difficulty of managing Firefox, especially in comparison to administering IE, according to the CIO. For example, he said that the IT department can patch IE via automated central updates. On the other hand, "we have to send an e-mail and have users manually download Firefox updates, which is not ideal," he said. Granted using an internal repository might be more rational in a large organisation (although that's presumably hackable) but from what I've seen Firefox just updates itself (In Windows and Mac OS at least IIRC). IME medium and upwards sized firms are used to a certain way of working and if anything doesn't fit the model, it has zero chance of being used.1. Is it secure? TICK2. Does it work in our environment? TICK3. Do they have guaranteed response times on support calls? CROSSOK, forget that one. Next? Mozilla thus far has neglected to develop tools to help IT departments deploy and manage Firefox, That, right there, is probably the number one reason more folks in the corporate world don't deploy FF. As far as I know, there is no easy way to push FF out to a desktop regardless if it's Windows, Mac or Linux. I currently deploy Firefox to our corporate workstations, however there are definitely things that Mozilla could do to make Firefox more corporate friendly. 2. Management through group policy, or some other way to lock it down. IE does this very well, Mozilla's default install really doesn't offer anything, Frontmotion's build has some options, but it's not as good. 3. Better support for restricted users and roaming profiles. We turn auto updates off, but our users still manage to try to run it occasionally. If they do Firefox downloads the update, fails to install due to lack of permissions, and then gives them an error until someone goes into the user's profile and deletes it. There can be some wackiness for people moving around between workstations as well. Yet, the corporate adoption problem still remains. I am now a division manager over IT development and deployment for a 1,200-person department in a large County organization. Our official policy is "IE-Only." Do I run Firefox? Yes. Do I have staff which runs firefox? Yes. Are they officially allowed to run Firefox from the CIO? No. The problem is - Firefox doesn't come bundled with Windows XP/Vista and therefore isn't even on the minds of most non-IT folks in my organization. As it is, recent applications I've overseen are more Firefox-compliant, but still run "better" with IE or at least the IE-tab. Corporate users (well me, anyway) want a tool to make it easy to deploy and I haven't found anything all-inclusive. Sad to say that a lot of hosted business apps run as active X controls or other BS that needs IE. What I need is a way to deploy firefox with specific settings, deploy ie tab with it, then have a list of sites that are always used for ietab. I need to configure this through group policy at least. I could have firefox on 500 machines tomorrow if I had this and I knew it worked perfectly. It should also be easy to deploy upgrades. I have been tinkering with this myself but.. busybusy and I haven't made much progress. However, in a posting on his personal blog last September, Kaply lamented that the number of participants on Firefox Enterprise Working Group conference calls had "dwindled." And in an earlier posting, he said that he thought most of the large companies that had adopted Firefox were using it "as a secondary browser" only. == Deploying Firefox - from original article ==
Many people are using Firefox at home, and many also want to use it at work or see it on public computers such as at libraries or Internet Cafes. This article provides links and references to issues that might come up when considering or executing a Firefox deployment plan. It describes a wide variety of tools and features available that can be to deploy Firefox and centrally manage and control the use of Firefox in enterprise, business, education, and a variety of large and small organizational settings.
== The Rational for Deploying Firefox inside Organizations and Institutions - from original article ==
*It is interesting to note that Firefox market share in corporate environments appears to be pretty closely tracking with the increased use of Firefox in the general internet population. Firefox use inside many organization often starts with IT, web development teams, and engineering departments and then spreads to other departments and individual users.
* <b>Firefox can also be customized and extended to meet specific needs of an organization by creating addon extensions or building on the Firefox platform.</b>
== Marketshare in the Enterprise and Business ==
== Company vs. Enterprise - shared, different and opposite requirements == === major differences and their influence on decision ===Though the usage of firefox in corporations is generally labeled as 'enterprise usage', the group of corporate users is split into at least to parties with opposite positions and different requirements and priorities but sharing some basic requirements July 06 Marketshare among IT workers visiting JancoEnterprisehttp:'Enterprise' is almost allways connected with large corporations having more than a couple of thousend employes, remote locations and usually a sophisticated it-infrastrukture neccessary to provide reliable it services to thousands of users. Enterprise it-departments typically have the capability to develop applications, tools, interfaces and other kinds of software neccessary to integrate applications into the company infrastructure as well as ensure that requirements are met. Company: Even a a small shop with eg. 10 employes and 5 pc is a company, needing the same access to common it services and products like an enterprise though on a much smaller scale.Depending on the type of business, they also might have to comply with laws, current jurisdiction as well as be required to implement standard business-processes at least for some processes (eg. the requirement to implement risk-management system etc.). Companies of these sizes typically have very small to medium sized it-departments, sometimes backuped up by external consultants, with the admin often performing additional duties or working on a half-time base. === ultimate factors which influence "GO/NOGO - decision" === In the end,it all boils down to one simple, ultimate decision factor: "the amount of human resources aviable in terms of time and capabilities aviable " - for the project itself - for lifecycle management and user support of the productive solution - to gain knowledge on operational issues to manage normal, daily tasks - to build up backgropund knowledge with a broader scope to manage administrative tasks, develop new addons etc. ===== "amount of time aviable" and "capabilities aviable ====(slow - time: suddenly or known time slots aviable for background tasks like reasearch, documentation etc. as soon The amount of time aviable in combination with the amount of 'slow time' aviable for knowledge-building, usually defines areas and fields, depth and broadth, type, etc. of internal knowledge - and finally defines or at influences the amount, kind, quality , generell orientation etc. of in-house aviable it - capabilities. (for an even more honest calculation, skipp every second or third hour of aviable slow - time per week...) The simple question of amount and quality of aviable time and knowledge results in opposite positions and capabilities: enterprises:- are able to throw much manpower and have aviable knowledge onto a problem - have a longer project runtime - use process-modells - often have an actively followed corporate policy/mentality to buy required resources not aviable in-house (eg: second opinion) in a short time and often from longtime partners, seldom on the pen market market - use tools for software distribution and management -- customizion, repackaging are already common tasks - are used to central configuration of distributed applications-- not expecting to have one single tool suitable to manage all distributed aplications, administrative 'means to manage' are expected. Either as administrative interfaces to common management solutions or by administration and management tools provided by the application itself the vendor is expected. companies- the same problem can be the one unsolvable blocking problem orleading to cancellation the (pre)evaluation for smaller companies because of missing knowledge and/or, pressing time - especially for smaller companies (->100 Pc) the amount of time and/or knowledge required for daily operational taks might deemed too high, resulting in a negative decision and/or reviews and cancellation of existing solutions. - central management solutions are rare, if they exists, then mostly isolated for just some applications. -- a seamless integration/support of existing solution is not expected. - rely on tools the application provides itself for tasks like deployment, management etc. as well as those resulting from its use.-- If problems/needs arise from using the application, the application is expected and even required to provide a solution since others don`t existwww.(fiddling with adm e- integration can be a NOGO, ticking a checkbox and providing common details to enable it on all installations is notjanco.) == list of requirements == ====general aggreement ====on:- interface definition for functions every module and ff-extension in a corporate network should support to allow: - unified acls defining access to addon function groups or single items (eg. user may run some addon - function, and can see but is not allowed to make changes, eg. a the lue of a backup-path. possible approach: labeling of functions or gui elements/functions with security permissions and/or unique identifier (something like a sec-guid) as pointer to permission definitions stored in a sqlite database (what is official mozdev approach? - support global security and configuration policys ==== common mandatory requirements ==== * operational tasks completely aviable via interfacecom/console * predictable amount of time required for operational tasks for calculation of the time required in productive use * customziation and redeployment of customized package * silent installation, upgrade and removal of the package using common software management toolsbrowser. (the 'big picture'...) * preconfiguration of settings at install time, such as update- and addon-source, security settings and configaritions like custom CA`S and certificates, default profile, etc. * protection of basic application settings against changes on at least two levels: global se, affecting all firefox users on a machine and per-profile settings. * controlled deployment of updates, using a company-owned update source, ( Change-management anyone?... we`d whack the whole process if we allowed the installation of updates from a website, not knowing/caring wether it was successfull or not, without tests and verification in the company software environment and without an informed decision to deploy the update at a certain time or to delay it...) * reporting success and failure of all post-installation changes that are not controlled by common software management systems made to the package itself, addons as well as configuration settings, to a central collection point, acting as source to feed other management or monitoring systems.(It does not help to know just the release number - we need to know wether eg. custom certificates were properly installed, a certain addon is installed, the configuration is protected etc. of each installation) ==== common optional requirements ==== Either extending existing requirements or new ones: * granular protection of settings 'per - item' * whiteliste of sites allowed to install updates and addons * requiring a custom certificate for updates and installation of addons + split -configuration: global, and user * concept for loading /storing configuration via https, webdavs etc. a * concept how settings& configurations of addons can be maintained the same way as the firefox configs. * generic, operatingsystem independent, interface to enforce configurations via policys. connectors to the different systems like MS ads-based grouppolicys as well as linux, mac-os specific ones - not everyone has an ads running, policyfiles loaded from a share would make life a lot easier. * best-practice, cookbook, real-world examples ==== typical enterprise requirements ==== common roles: operator, administrator, developer Enterprise requirements for applications typically are: - deployment and update/upgrade management possible with the existing software management systems - configuration settings controllable on a per-item level - configuration at deep level, settings hidden or not accessable by default firefox configuration interfaces - support and maintenance contract covering the application lifecycle - security and access conrolled via interface with MS group - policies ==== typical small to medium sized demands ==== common roles: operator, administrator A small to medium sized company might have the following requirements: - easy customization (eg freeze of existing installation and use as base as well as profiles, creation of custom package, easy deployment - centralized management interface for: firefox + addons lifecycle and to all items additionally required . - secure access amd usage, integrated into firefox, error checking/input validation, logical strucure of functions and application behaviour, - wizards for common tasks Which all are related to the management of firefox itself, do not exist, are in high demand and therefore a reasonable developer task :) === the list of questions === Apparent and usefull points to think about and questions to answer on'how to make employees use and get used to it as common tool which is daily and actively used. are. Functions and features probable or already known to be needed and/or demanded currently or in the near future: === feature and functions - questions to define the general corporate requirements === - what functions/features expects a corporate user as: -- usefull for daily work or tasks -- easely aviable -- in common use - what are the expectations on aviability, interface ergonomy, even look, design and style. - what are functions which could be grouped/combined/replaced and how are they currently provided -what are functions officilly known as missing, wished, in need for improvement, logical when eplained etc. - needed: how are the existing features connected to business processes as well as other applications - how would these functions/features be expected/or aggreed on to be provided on application level? - what features may be required in the near time resulting from general development or projects?htm
<br>October 30, 2006 - The New Browser Wars: Firefox vs. Internet Explorer<br>http://www.newsfactor.com/story.xhtml?story_id=== initial research and evaluation 13200C4PLUMO "Jupiter survey showed that 26 percent of possible solutions and suppliers - checklist === companies with more than 250 employees allowed their employees to install Firefox in 2005. By 2006, that number had jumped to 44 percent."
February 13, 2006 - what are currentDeployments at IBM, competing Boeing and future solution concepts and are Fidelity Investmentshttp://www.computerworld.com/softwaretopics/software/story/0,10801,108622p3,00.htmlhttp://www.computerworld.com.au/index.php/id;453717301;fp;2;fpid;214% of Surveyed IT Managers had multi browser deployments going on in there companies. alternatives?
- when searched: how are March 22, 2005 Firefox explorersThis expansive article covers the advantages of using open source and Firefox software for business. When Bill Robertson decided last year to switch 450 workers and 100 desktops at De Bortoli Wines to the results ratedopen source Firefox web browser, how many referenced by other sources, etche had the company's future in mind.http://www.theage.com.au/articles/2005/03/21/1111253920087.html?oneclick=true
Qustions on aviable solutions
- are there commercial products already providing all or parts of the functions, if so, how ?
Opensource - are there opensource products and projects providing all or parts of the functions, if so, how?== Security ==
Opensource Projects:<br>Independent Security Research teams such as US- are there dying or dead produkts or projects, with the last change CERT (US Dept. of site more than 1 Homeland Security) have for several years suggested supporting and 2 years ago, - if so: what were the reasons?- What where the major points of trouble, what the smaller ones? - Do current solutions for the using Firefox and other browsers as protection measure and response to critical problems with Internet Explorer. Here are a variety of earlier projects exist, have concepts, approaches changed?references:
License <br>June 2004 https://www.kb.cert.org/vuls/id/713878<br>http://www.cert.org/tech_tips/patentssecuring_browser/lockouts - Are there concecpts covering or related to the functions<br>http://www.cbsnews.com/stories/2004/07/05/scitech/pcanswer/features etcmain627500. currently locked by patents or other ipo, shtml<br>http://news.zdnet.com/2100- Are there patents already filed and pending, 1009_22-5250697.html<br>http://www.washingtonpost.com/wp- Are the patents for sale, been recently traded, been recently discussed on the internet anddyn/or in common media?- if patentsarticles/ipo: when filed, who is the holder, his position on oss, what is planned to do with the patents, reason for patent if known?A6746- What already known proposed or developed alternate concepts do exists and are these also in danger? 2004Jun25.html
Platform - Provider<br>http: Mozilla, mozdev etc//www.sans.org/top20/?portal=1563ee22b1a8bd138f0f420caec8d02c - what is - "...Exploit code for many of the official mozilla point of viewcritical Internet Explorer flaws are publicly available. In addition, declared position, current or announced or expectable interest? - what the inofficial one of Internet Explorer has been leveraged to exploit vulnerabilities in other core developers as well Windows components such as moziilla HTML Help and firefox core related communities, are there discussions, is it actual Graphics Rendering Engine. Vulnerabilities in the community ActiveX controls installed by Microsoft or group?- what specs, actual need/demand, expectations/requirements, concepts, approaches and discussion already exist?- what other interested parties that might or already demands the feature and function? == actual situation: firefox and corporate use : what a possible customer searching the web currently sees == From the position of a company considering deployment and use of firefox, for everyone starting a research on vendor software are also being exploited via Internet Explorer... "firefox" combined with "corporate network" or their sysnonyms. Searches like these are used How to verify the project, backup/ support decision process as well as to select candidates for further evaluation from exisitng projects, vendpors,Protect against These Vulnerabilities?. suplpliers. general 'knock-out' indicators are: first class:- no dedicated website provided by project, supplier, vendor- no current, outdated or irrelevant information (like the previous text here - see obsolete section)- no current development and releases covering at least firefox 1,5 -2.x- no current downloads, site hits- no identifiable userbase or size of actuall installations unknown or very low- no mailinglists, forums etc. or Consider using other browsers such as Mozilla Firefox that do not returned by results - no active community of users and developers - no active community support - no active bug-tracking- concept proven as not practical, logical approch or obsoleted by current different ones second class:- no or bad online and/or common media coverage- current unfixed security problems- solution provided as oss is part of larger, commercial application The decision wether the project itself is reasonable as well wether a vendor or supplier is a candidate is made quickly, not showing up in a general query on the projects target mostly results in not beeing pre-evaluated and therefore not beeing considered as solution providerActiveX technology.... "
<br>November 6, 2006 - Attackers dig into [IE] zero-day flaw
<br>http://news.com.com/Attackers+dig+into+zero-day+flaw/2100-1002_3-6133028.html
==== Overall picture based on results ====03 Jan 2006 Open source's speed, Firefox's security wows Fidelityhttp://searchopensource.techtarget.com/originalContent/0,289142,sid39_gci1155599,00.htmlUsing google as 'eyes'<br> "The Mozilla Firefox browser was an eye-opener, added Mike Askew, who also works in the results returned were linked technology center. A head-to resources with felt ~90% -head comparison of Firefox and Internet Explorer showed that both had about the checked ones having same level of security vulnerability, but ''the following general problems: - time needed to fix vulnerabilities in Firefox was much less,'' Askew said. That experience led Fidelity to old / obsolete: the date last changed is look at open source more than 1 or 2 years- unaccessable/unaviable - documentation etcintently." - downloads unaviable - sourcecode was unaviablealso prediction of Open Source used in 25% of business software investments by 2010
- development stopped: no active developmend planned, no plan published, active bug-management. - no new users: project has had no new users (downloads, comments, reviews) - no current information, active, dedicated community or a board or even current related thread,- few or no interlinking between projects, not mentioned <b>Evaluating days of Vulnerability as the best metric for assessing risk in current, related results, no reviewsbrowsers.</b>
Several independent studies have shown that Firefox keeps users at risk of serious browser exploits a smaller amount of time than with Internet Explorer. For more than 3 years Mozilla and Firefox have a consistent track record for delivering security fixes faster than other browser vendors and reducing the risk to users.
After a surge in interest and many corporate use related projects on tools, functions etc. in 2004, 2005 and 2006, most projectswere closed or died after an average time of 1-1,5 years existence for mostly unknwon, not offically stated reasons.
There are very few related projects which can mostly be found only by references in other documents.
These are also not showing up in google.
BlogsInternet Explorer Unsafe for 284 Days in 2006 v. 9 days for Firefox, articles etc. covering the field mostly show concern about the neglectance or 98 of this theme and/or link actual exposure days where known exploits were running to old/obsolete resources. zero for Firefox
=== Conclusions baesd "...For a total 284 days in 2006 (or more than nine months out of the year), exploit code for known, unpatched critical flaws in pre-IE7 versions of the browser was publicly available on actual situation ==== the Internet. Likewise, there were at least 98 days last year in which no software fixes from Microsoft were available to fix IE flaws that criminals were actively using to steal personal and financial data from users."
An it In contrast, Internet Explorer's closest competitor in terms of market share - staff/employee asked today to check "wether it would be reasonable and responsible - Mozilla's Firefox browser -- experienced a single period lasting just nine days last year in which exploit code for a serious security hole was posted online before Mozilla shipped a patch to switch remedy the whole company to firefoxproblem."based on search engine results would almost certainly decide that he never would bear the risk.
Main reasons arehttp: //blog.washingtonpost.com/securityfix/2007/01/internet_explorer_unsafe_for_2.html
There is no common definition all interested parties aggree on forhttp://www.washingtonpost.com/wp-srv/technology/daily/graphics/index20070104.htmlMozilla's Firefox browser -one or more usage scenarios -list of requirements resulting from usage scenarioexperienced a single period lasting just nine days last year in which exploit code for a serious security hole was posted online before Mozilla shipped a patch to remedy the problem.
There seems to be no red thread for future development, no or few
articipients etc.
- groups with equal or related interests are not connected with each other
- commonly expected 'community' of people interested in the matter
Corporate usage of firefox does not seem to be of much general interest.
The need is only seen by several, mostly not-connected groups and individual people but not by mozilla itself.
There is an opensource/commercial product with strucutre and functions as well as modules drsigned similar to the concept described here, but the user base exstimated from teh number of regisered users in theor forum appears to be small, but at least their community lives... 2005
Media coverage is lowMozilla averaged about 21 days before it issued fixes for flaws in Firefox, compared with current articles mostly pointing out, again and again the need 135 days it took for corporate specific concepts and functionsMicrosoft to address problems in Internet Explorer. Older articles mostly relate to Web Browser Vulnerabilities CalendarClick the image for a look at the sudden rise length of corporate installation around 2004-2006time Firefox and IE were vulnerable to known flaws in 2005.
There are several groups For at least 38 days in 2005, IE was vulnerable to unpatched critical security flaws that were being exploited actively by viruses, worms and projects with objectives related to this field of interestspyware. For at least 256 days last year, Internet Explorer contained unpatched vulnerabilities where the exploit method had been publicly disclosed but theire scope is quite differentwas not necessarily being used.http: from just single tool oriented (package builder), some (mostly dead and/or without a first release) enterprise focused general projects/blog.washingtonpost.com/securityfix/2006/02/2005_patch_times_for_firefox_a.htmlhttp://www.washingtonpost.com/wp-srv/technology/interactives/browsers/
There are a couple tools aviable to at least build an xpi - package2004
There are already aviable addons providing most featuresA Year Of Bugs http:/functions on the user side, but without the requirements of corporate use/bcheck.scanit.be/bcheck/page.php?name=STATS2004&page=1
Some functions in the current default settings violate management Executive Summaryhttp://bcheck.scanit.be/bcheck/page.php?name=STATS2004&page=5004 was pretty hard for Internet Explorer users. The domination of Internet Explorer made it a preferred target for both malware writers and security standardsresearchers, creating a steady stream of vulnerabilities. Windows XP Service Pack 2 released on August 9, 2004 did not seem to alter this trend.
=== Possible 'way out?' ==== In 2004 Mozilla had the shortest "exposure period" of the three browsers compared. The growing popularity of Mozilla and Firefox was at least to some extent due to better security it currently provides to its users. However as Mozilla browsers become more common they are bound to attract attention of malware writers. It would be interesting to see how well Mozilla will do security-wise when its user base approaches that of Internet Explorer.
With the upstream disributor not interested and only little public attention to the matter at hand, no big fish having announced to claim that area, the time should http://bcheck.scanit.be/bcheck/page.php?name=stats2004http://bcheck.scanit.be/bcheck/page.php?name=STATS2004&page=3http://bcheck.scanit.be ideal to combine efforts/bcheck/page. php?name=STATS2004&page=4
The several interested parties should define<b>Security Features</aggree on:b>
a) a framework that provides unifiedDatamation’s readers have taken notice, cvontrolled access choosing Firefox – narrowly – to features/functions neccessary win its Product of the Year award in corporate networks rpovided by firefox or extensionsthe Anti-Spam category.
b) definiton of common corporate functions required,like software management, access controll, protection against changes etchttp://itmanagement. and reference implementationsearthweb.com/article.php/3662741
c) definition of an interface to extensions, plugins, applications to enforce corporate wide policies == Extending Firefox for access, configuration settings, default values etc. on a per-addon as well as per-addon-per-item level.Enhanced Productivity ==
c) gain argumtative weight by the combined support of cinterested groups and users <br>The Very Best Firefox Extensions for Entrepreneurs<br>http://www.greatbigpodcast.com/2006/10/05/very-best-firefox-extensions-for-entrepreneurs/
To aid collaboration things missing are:- a central, dedicated == Firefox Customization (CCK and living website providing initial information, faq, existing solutions, similar or related projects - said website rated within the first 5-10 results returned by queries like the ones decribed here. - a definition of corporate use and the resulting requirements - possible concepts - corporate usage scenarios- resourcesRepackaging Tools) ==
=== ´software evaluation - first quick glance` - methodThe Firefox Client Customization Kit (CCK) was designed as a successor to two Netscape products, results CCK, and Mission Control Desktop (MCD). These two products were used to customize Netscape browsers for deployment for ISPs (CCK) and ratings in detail ===enterprises (MCD).
This method is focused on the scenario 'corporate software project`and meant to be used for for initial eveluation of The goal of aviable sources and possible candidates and selecting candidates and suppliers for further evaluation, as well as meta-information providing static ratings based on the results of this process.. . Using one or two popular searchengines Firefox CCK is to crawl the web for a list of questions to ask, facts to check, points to consider, this first evaluation gives, apart from the mere technical facts, am impression and feelingm especially wether software is fit for production usage and the vemdor is reliable, even before having a further look at the other information and spending provide an average of 5- 15 minutes on each query, questions answered by results average total: eg. 10 comp / -5stdextension that can be deployed with Firefox that does most basic customizations.
More information is available at http://www.mozilla.org/projects/cck/firefox.
When using limited time for each query to check results, select a candidate, do Information on the checks and documents results as well for the whole process makes for predictable use of time release repackaging tool is available here http://benjamin.smedbergs.us/release- resources.repackager/
Should be done simoultanously by two or more individual testers to reduce personal views of testers on results.== Centralized Settings Management and Control ==
Questions The core technology in Firefox and Thunderbird contains a feature called "Mission Control Desktop/Auto Config" that can be implemented with webbased query systems, even used to centrally manage Browser and Mail configuration settings for the client software that is deployed across an organization. More documentation on the free ones existingthis feature can be found at: * http://developer.mozilla.org/en/docs/MCD%2C_Mission_Control_Desktop_AKA_AutoConfig * http://developer.mozilla.org/en/docs/Automatic_Mozilla_Configurator:Locked_config_settings
Ratingmodell, queried facts and their rating, querylevel Most of the controls are templated and provided as listscarried out via the preference system. An overview of the this system can be found at Typical range would be 1* http://www.mozilla.org/catalog/end-5, 5-10 targets for evalution using this methoduser/customizing/briefprefs.html* http://www.xulplanet.com/tutorials/xulqa/q_prefs. html
Questions and the categories they belong to are those deemed to be typical and/or requiredThe decision wether to further evaluate or to skip a product is often based on this first impression and the feeling, especiall if the search has the additional purpose to check the general prakticability Extensive lists of the proposal. Now, let`s try that with queries combining "firefox" without version number with the words "customize" and "company" as well as their most common synonyms like "corporate" instead of "company". === initial evaluation: using firefox as corporate browser - googled results === "firefox 3 customization corporate usage" comes up with just one or two links from the year 2004 one of wich leads to an disabled account- "firefox custom company" as well as "firefox custom company version" come up without exact or even related matches "firefox customize company use" at least results in wiki.mozilla.org linking the CCK - Extension - grave as well as a todo - list and some archived conversations at the end of the page. CCK - Extension via wiki.mozilla.orgLast comment was added in 2005, this is also the last time something changed. wiki.mozilla.org:Searching for firefox and/or company,enterprise or similar keywords Typical non-related results were a lot of links on 'toolbar customization". Replacing firefox with internet explorer also results in few hits, but "internet explorer customization corporate usage" results in the ie administration kit showing up at third position. Overall impression: A couple years ago the distribution of customized firefox packages in a company was a high-level theme to which numerous projects were created to provide the neccessary tools. Current relevant information is nearly nonexistant. = design sketch: a 'Corporate Firefox' Toolkit = === design sketch: Toolkit module - Firefox and addon lifecylce management === The solution should provide functions for the following typical, reoccurring management tasks: Monitor:- monitor firefox and addon releases and aviable updates- detect and report installations with missing or still pending updates or errors, Manage:- Enable, disable, update, upgrade, remove or replace an application or addons based on policy or all managed installations. Update:- download updates from the original source, apply signature, redistribute them based on per-packet lock/free switch - state of lock/free switch depends on wether the preliminary required verification-process was completed and confirmed as successfull. - wizard to run the per-package verification - process: check the QA - policy assigned t, check changelogs, run tests and document results, finally sign the update package and make it aviable via an corporate run server.(this will be a common demand...) - create and provide notification for the user on the update, the reason, relevant changes and possible issues or use automatic notification for normal, small updates - this information can be provided by the verification-process. Rollback:- roll-back of any changes made to software, eg. switch down to a previous version. - document using an audit-trail: -- all actions and changes made by the user-- all changes made to configuration settings -- all changes made to a software package and provide a per-package history -- provide a datasource for reports - research the reason for errors from relations between errors, a raising application error rate,installed addons, last changes, with per-installation logdata made aviable by the distributed installations (flat files, eg. via webdav, smb etc.). A feature to provide information on current security threats for the applicaton as well as addons is missing. Ok, there is a tutorial on a custom update server, but nothing that coversthe other demands. - ---multiple usersproviding high quality existance and non-existance of 'official' administration tools === possible design of a toolkit providing life-cycle management for distributed firefox installations in corporate or similar networks=== Since requirements preferences can be bit abstract, the following sketch design describes possible structure based on expected and/or required configuration and management tools Functions and features are grouped into hypothetical packages or products, one would/could expect to find when searching for something like "Corporate firefox toolkit" or "corporate framework for firefox". The primary demand defined as conditio sine qqua non: The product can be installed, managed and usedwith only minor changes neccessary to be expected on the existing it infrastructure. Such a product could consist of eg.: - corporate firefox manager tookit: -- run as ff addon or xul app -- plugin interface and structure, plugins are addons -- access to main app, app manger and subtrees as well as moduls based on acl- common access controll lists providing typical acl - settings like 'per remote ip/net etc.' - provide functions and and interfaces:- required for lifecycle management of the main package, compliant with ITIL- to act as framework for other addons Possible category structure for modules: - configuration and settings: - policy - apply configuration settings to firefox installations assigned to groups, define and distribute mandatory settings, lockdown of user - read/write access to all or parts of the configuration - profile manager: manage firefox profils, backup/restore etc. policies etc - addons and addon - settings: policy controlled install/update addons, access addon - software manager: install, update, removal - distribution : - manage install/update/upgrade as well as rollback for firefox, addons - is primary (only) uodate and addonserver for all ff installations A 'security' page and other common functions of a function or feature could be provided by the main package but usesettings provided by the addon they`re configured for. possible structure and functions of a manager application: - corporate firefox manager: - manager - provide and manage distribution of: - configuration: - global, per group/user configurations and settings - global, per user/group policys for configuration and settings - profile: - per - user profile and per user settings, inheriting global configs and settings - profile backup/restore - distributor: - structure, security settings and the content of directories exported via ftp, ftps, smb, http, etc. - updates, provides addons and custom software - package builder: === design sketch: possible corporate user-level applications using the tookit as management framework === === functions and features possibly usefull in corporate networks === The following describes a possible solution to provide - functions/features neccessary or helpfull for the corporaton and it`s employees work.- interfaces and usage easely accepted by users in a corporate network, using the application provided for the enduser as well as aviable source-code and documentation of existing, designed, planedfor: - firefox- addons- firefox - based applications as well as webpages and the framework of the previously described network toolkit The functions and features in this list are grouped into packages one would/could expect or agree to find and use , when searching for something like a "corporate community server" product containing: - bookmark server: with user, group, global lists, change monitor, fuzzy-able search for near matches, bookmark-list-sharing with public, custom group, user security definitions, also backup, import/export,loadbalancing and/or ha master-slave config for replication/syncing/backup/failover-hotstandby, bookmark lists between different bookmark servers, existing software: http://olbookmarks.sourceforge.net/download.phphttp://bookie.mozdev.org/ - contact /phonebook servercorporate phonebook, per - department, categories, groups, functions - central notice/info/alert - tool, to inform users of works like maintanance, (RSS, very simple one), aviable via undeletable button, a tray icon, displayed once at starttime, and a tray icon indicating new/unread info, alert after x min unread once brwoser was started as well as x numbers the brwoser was restarted within a specified time range. - corporate info tool: information about new documents etc. as well as categorie, audience, scope, desc. (RSS, very simple one), aviable via undeletable button as well asfound at starttime and a tray icon indicating new/unread info - corporate community server/clientper user current status/info, out-of-house, vacancy etc. as well as links to alternate user, online chat -client supporting jabber, irc etc. chat-servers for dev.: jabber, ircprotected streamsgroups, rooms etc. server: 1) corporate communitya) web tree, firefox acls, provides xul based chat client, default, b) runs locally installed chat client 2) corporate chat servera) in-house run chat server, external sw. required, jabber, irc, icq support, defaults to jabber, configuration package for linux provided, b) links to remote chat server =Resources on the web = === competing commercial products === FrontMotion, half-commercial, package building billed, http://www.frontmotion.com/FirefoxPackager/components.php === current === ==== actual news and discussions ==== Computerwoche: http://www.kaply.com/weblog/2008/01/11/firefox-enterprise-article-in-computerworld/ http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9056780&intsrc=hm_ts_head Slahdotdiscussion following the article:http://it.slashdot.org/article.pl?sid=08/01/11/0913207 - from people who"don’t really understand enterprise requirements." Communities: http://groups.google.com/group/mozilla.community.enterprise/topics http://groups.google.com/group/mozilla.community.enterprise/browse_thread/thread/8fe225a7e5c89e7c# https://bugzilla.mozilla.org/show_bug.cgi?id=231062 http://wiki.mozilla.org/Firefox3/Product_Requirements_Document#OS_platform_integration http://groups.google.com/group/mozilla.community.enterprise/browse_thread/thread/a887ebdc63ce99ed/bf71878afca22187#bf71878afca22187 http://www.kaply.com/weblog/2007/03/26/deploying-firefox-2-within-the-enterprise-part-5/ http://groups.google.com/group/mozilla.community.enterprise/browse_thread/thread/4ed8d27600b2d884 http://osdir.com/ml/mozilla.devel.xpinstall/2002-04/msg00013.html http://gemal.dk/mozilla/development.html === 'firefox in corporate networks': background and meta information === ==== projects and other resources ==== http://www.spreadfirefox.com/node/818 http://www.kaply.com/weblog/category/enterprise/ http://wiki.mozilla.org/Enterprise news://news.mozilla.org/mozilla.community.enterprise# http://www.frontmotion.com/ http://www.spreadfirefox.com/node/2292 http://www.mozdev.org/projects/active.html ==== mikes musings: enterprise section ==== http://www.kaply.com/weblog/category/enterprise/ http://www.kaply.com/weblog/2008/06/11/customizingfirefoxwiththecckwizard/ http://www.kaply.com/weblog/2008/01/24/firefoxgrouppolicyandactivedirectory/ http://www.kaply.com/weblog/2008/01/07/simplefirefoxcustomizationsusingthecckxpi/ http://www.kaply.com/weblog/2008/03/14/grouppolicyextensionforfirefox/ - Collection of other random thoughts, press, and other articles on Firefox Deployments in Enterprise and Large Organizations - <br>http://del.icio.us/chofmann/enterprise - <br>http://del.icio.us/chofmann/firefox-deployments - <br>http://mozillaenterprise.mozdev.org/information.html - <br>http://wiki.mozilla.org/Firefox:1.5_Institutional_Deployment - <br>http://www.sanduskycomputers.com/downloads/fxcorp/ - <br>http://fxcorp.sanduskycomputers.com/ - <br>http://corporatefirefox.blogspot.com/ - <br>http://firefox.dbltree.com/ - <br>http://varun21.blogspot.com/ - <br>http://www.frontmotion.com/Firefox/ - [[Category:Firefox]] ==== package management: concepts and existing tools ========= Concepts =====to customize, repack and build custom distribution releases http://developer.mozilla.org/en/docs/Repackaging_Firefox http://forums.mozillazine.org/viewtopic.php?p=2159534#2159534 http://developer.mozilla.org/en/docs/Image:Sample.xpi http://developer.mozilla.org/en/docs/Main_Page http://developer.mozilla.org/en/docs/Isp_Data http://developer.mozilla.org/en/docs/Signing_an_executable_with_Authenticode http://gemal.dk/mozilla/profile.html http://www.mozilla.org/unix/customizing.html * http://preferential.mozdev.org/preferences.html ===== existing solutions (opensource) ========== CCK - Toolkit =====Project: http://www.mozilla.org/projects/cck/firefox/ Latest release: CCK Wizard 1.1 - October 20, 2006 by Michael KaplyRelease notes: http://www.mozilla.org/projects/cck/firefox/relnote.html Description:The CCK Wizard can be used to create an extension that customizes Firefox. To access it, after installation, select Tools->CCK Wizard... estimated vitality: revived FAQ: http://www.mozilla.org/projects/cck/firefox/faqs.html Download current release/addon:https://addons.mozilla.org/en-US/firefox/addon/2553 Usage/Tutorial: http://www.kaply.com/weblog/2008/01/07/simple-firefox-customizations-using-the-cck-xpi/ Others resources: http://www.kaply.com/weblog/2008/06/11/customizing-firefox-with-the-cck-wizard/http://www.kaply.com/weblog/category/cck/ bugs: ===== Release-Repackager ===== http://benjamin.smedbergs.us/release-repackager/ Last release: Version 1.4 - 23-Feb-2006 estimated vitality: dead, bitrot ==== Mozptch ====http://mozptch.mozdev.org/ http://uib.de/www/produkte/osdesktop/mozptch/index.html === Development === ==== QA ====Support:Best Practices for Support Documentshttp://wiki.mozilla.org/MozillaQualityAssurance:Home_Pagehttp://wiki.mozilla.org/MozillaQualityAssurance:Home_Page:PB_TestPlan/Germanhttp://wiki.mozilla.org/QA==== common development tools ==== http://www.getfirebug.com/ http://developer.mozilla.org/en/docs/XUL_Explorerhttp://wiki.mozilla.org/Browser_Historyhttp://wiki.mozilla.org/Rolesandservices ==== basic technologies, methods and concepts, etc.====http://wiki.mozilla.org/Partnering:Resourceshttp://wiki.mozilla.org/Update:Home_Page http://developer.mozilla.org/en/docs/Category:Firefox_3 http://developer.mozilla.org/en/docs/Offline_resources_in_Firefox http://developer.mozilla.org/en/docs/Package_Filename_Convention http://mozillaenterprise.mozdev.org/information.html http://developer.mozilla.org/en/docs/XUL http://www.extensionsmirror.nl/index.php?showtopic=751 http://developer.mozilla.org/en/docs/XUL_improvements_in_Firefox_3 http://developer.mozilla.org/en/docs/Firefox_3_for_developers http://developer.mozilla.org/en/docs/XUL http://www.extensionsmirror.nl/index.php?showtopic=751 =====Plugins =====http://developer.mozilla.org/en/docs/Gecko_Plugin_API_Reference:Scripting_pluginshttp://developer.mozilla.org/en/docs/Gecko_SDK ===== Extensions ===== General:http://developer.mozilla.org/en/docs/Extensions http://developer.mozilla.org/en/docs/Updating_extensions_for_Firefox_3 http://developer.mozilla.org/en/docs/Category:Build_Documentation development methods: http://developer.mozilla.org/en/docs/Creating_Custom_Firefox_Extensions_with_the_Mozilla_Build_System http://kb.mozillazine.org/Extension_development http://forums.mozillazine.org/viewforum.php?f=19 security:https://www.mozdevgroup.com/docs/pete/Signing-an-XPI.html build - environment: http://developer.mozilla.org/en/docs/Setting_up_extension_development_environment sources: http://developer.mozilla.org/en/docs/Code_snippets http://groups.google.com/group/mozilla.dev.extensions/topics ==== extension development tools ==== http://ted.mielczarek.org/code/mozilla/extensiondev/ http://ted.mielczarek.org/code/mozilla/extensionwiz/ http://hyperstruct.net/projects/mozrepl http://developer.mozilla.org/en/docs/Venkman ==== others ==== X509 certficateshttp://mschuette.name/wp/2008/06/09/mozilla-x509-certificates-from-the-command-line/ silent install:http://www.msfn.org/board/lofiversion/index.php/t40082.html http://www.xulplanet.com/tutorials/xulqa/q_prefs.html Mozilla Firefox Corporate Rollout Mini-HOWTO - http://www.sungate.co.uk/?page_id=211 http://www.irvined.co.uk/firebird.shtml http://plugindoc.mozdev.org/faqs/phoenixwin.html
custom installer:Some customization ideas can be found here* http://howtowww.gumphmozilla.org/contentsupport/customize-firefox-installer/tips
==== Access This article also talks about controlling other features such as bookmarks and security ====history and an approach to "Securing Mozilla in the Public Library": * http://developer.mozillatln.org/en/docs/Using_nsILoginManagerhttp://developerlib.mozillami.org/en/docsus/Creating_a_Login_Manager_storage_modulehttp:~amutch/pro/www.mozilla.org/projects/security/components/ConfigPolicy.html
== Installer Options ==
==== Customitzation, configuration and settings ==== Large Oranizations have a variety of software deployment systems. In most cases the Firefox installation package can be wrapped inside these deployment systems.Some groups have packaged the firefox installer inside a MSI package to do their deployments. The firefox installation program can be wrapped inside these deployment systems. Two installer options are valuable in these set ups.
http://www.alain.knaffFirefoxSetup.lu/howto/MozillaCustomizationexe /ms (for mode-silent)
or
http://developerFirefoxSetup.mozilla.org/en/docsexe /Category:Configuration_Managementma (auto-mode, hands-free but visible)
http:Another installation option ( //developerira ) might be useful in these scenarios as it keeps the program from running after the install has completed.mozilla.org/en/docs/Mozilla_Networking_Preferences
Some changes were made in Firefox 2 to modify installer command line options. Information on those changes is here: http://wiki.mozilla.org/Installer:Command_Line_Arguments
== Deployment Tools ==Automated deployment of Firefox with extensions, themes, and pre-configurationhttp://thegoldenearfirefox.org/toolbox/windows/docsdbltree.com/mozilla-pre-config.html
Firefox ADM (Active Directory deployment)Manage Firefox settings through Group Policy and Active Directory.http://wwwhomepages.it-sudparised.eu/mci/user/procacciac.uk/netscapemcs/enFirefoxADM/mozilla-autoconfig-enReadme.htmlhtm
== Software Update ==
Mozilla offers automated updates of security patches and bug fixes for Firefox and Thunderbird though its software update system. You can choose to use this system or modify the firefox configuration to turn software updates off and gain more control over the update process. An overview of the software update system can be found at http://webwiki.archivemozilla.org/web/20041011035737/Software_Update
http://www== Companies ==List of companies and contacts who can help with your evaluation, pilot projects, and deployment of Firefox or Thunderbird across your organization is provided below.cs.colorado.edu/~dowdy/netscape_cfg/readme.txt
[http://mitwww.wayforth.co.eduuk Wayforth] - London, UK<br>[http:/~firefox/www.browsergarage.com Browser Garage] - Mountain View, CA<br>[http:/maintainers/autoconfigwww.ibm.com IBM] - Austin, TX - contact [mailto:mkaply@us.ibm.htmlcom Michael Kaply]
http://developer.We are also interested in hearing about your success stories or problems at partners@mozilla.org/en/docs/Mozilla_Release_Checklist
http:== Licensing//ilias.ca/blog/2005/03/locking-mozilla-firefox-settings/#Distribution Terms and Conditions ==
The Firefox End User License can be found here:
http://www.mozilla.com/en-US/legal/eula/
and more information about logo and trademark use can be found here: http://www.mozilla.org/foundation/trademarks/
==Export Control Information = Examples / reference / scratch designs and corporate usage scenarios ===refernce design: corporate scenario ([[User:Dwe|Dwe]] 20:57, 23 June 2008 (PDT) just detected, matches the scenario this article covers, but in a very high - level: the avaerasge -> 100+ systems admin wo`t have the time...
http://developerCompanies looking to provide Mozilla Software outside the United States often ask about Export Control provisions.mozilla.org/en/docs/MCD%2C_Mission_Control_Desktop_AKA_AutoConfig
The '''Export Notice''' can be found at
http://ftp.mozilla.org/pub/mozilla.org/security/export-notice
In 2002, NSS 3.4 requested a '''CCATS''' commodity classification id '''G023895''' to make it easier for companies to file when they include NSS or Mozilla Applications such as Firefox which use NSS.
http://www.mozilla.org/projects/security/pki/nss/nss-3.4/nss-3.4-algorithms.html
This CCATS filing covered all the crypto operations used in the Mozilla code base, including SSL and S/MIME.
=== historicMore recent versions of NSS have not filed for further CCATS numbers, unverified, oboslete ===#http://wwwinstead claiming a TSU exemption via 740.linuxfocus13(3) of the EAR because the NSS crypto code is "''publicly available''" and the binaries are built from purely open source software.org/Deutsch/November2002/article262.shtmlhttp://www.linuxfocus.org/English/November2002/article262.shtmlhttp://www.mozdev.org/pipermail/mozillaenterprise/2005-January/000014.htmlhttp://www.mozillazine.org/talkback.html?article=4696http://searchenterpriselinux.techtarget.com/news/article/0,289142,sid39_gci956309,00.html
: ''NB : the associated '''ECCN''' for software packages that include NSS is likely to be 5D002.c.1 (TSU unrestricted, via EAR 740.13(e)). One could theoretically request a review of a specific set of binaries for authorization under 5D992.b.1 ("No License Required", but it's not known whether anyone has. See Frank Hecker's Jan 2005 post: http://safariftp.mozilla.informitorg/pub/mozilla.comorg/0131423436security/ch17export-notice )''
==== projects More information on exporting products made from Open Source can be found at https://www.bis.doc.gov/encryption/enc.htm and addons covering required functions ====http://www.access.gpo.gov/bis/ear/ear_data.html (Part 740. Section §740.13(e) is on page 30 of the PDF).
http://wwwWe strongly caution you not to act on your personal reading of export regulations.okob.net/projects/jabberc/ They are complex and loaded with history, xulprecedent, 1.2a Mozilla/5.0 and JRE v1.3context which often require interpretation from a qualified attorney.1 i
Most questions about features provided by Mozilla's security library are contained in this document:http://jabberzillawww.jabberstudiomozilla.org/, xul, 1projects/security/pki/nss/nss-3.x, lc: 2005"first off you should use a pretty recent version of Firefox (at least version 19/nss-3.02, previous versions have a bug), and open this current page with the browser9-algorithms. Don't have an updated version?"html
chatzilla:https://addons.mozilla.org/de/firefox/addon/16http://www.instantbird.com/http://www.spicebird.com/== Other Links ==
needfull things:update notifier: app + addCollection of other random thoughts, https://addons.mozilla.org/de/firefox/addon/2098press, and other articles on Firefox Deployments in Enterprise and Large Organizations
rss <br>http://del.icio.us/chofmann/enterprise<br>http://del.icio.us/chofmann/firefox- reader, httpsdeployments<br>http://addonsmozillaenterprise.mozdev.org/information.html<br>http://wiki.mozilla.org/deFirefox:1.5_Institutional_Deployment<br>http://www.sanduskycomputers.com/downloads/fxcorp/<br>http://fxcorp.sanduskycomputers.com/<br>http://corporatefirefox.blogspot.com/<br>http://firefox.dbltree.com/<br>http://varun21.blogspot.com/<br>http://www.frontmotion.com/addonFirefox/4578
reminder fox[[Category: erinnerungen - alarme: http://reminderfox.mozdev.org/faq.htmlFirefox]]
