Mozilla yesterday released Firefox 31, patching 14 vulnerabilities, debuting a search box on the new tab page and adding a Google-provided service that detects and blocks known malicious files before they're downloaded.
The new tab page change was easily the most noticeable to users.
Along with the nine thumbnails representing the user's most-frequently-visited websites, the new tab page in Firefox 31 now sports a search field above those thumbnails. Typing a search string in the box initiates a search on Google, unless the user has changed the default search engine. If the Firefox user has changed the search engine -- say, to Yahoo or Bing -- that choice is also used in the new tab page's search box.
Mozilla's decision to add a search field to the new tab page -- which appears when users press Ctrl-T (Windows) or Cmd-T (OS X), or when they click on the "+" symbol in the tab bar -- followed a similar move by Google in September 2013. Mozilla first deployed the changed new tab page last month in the beta channel of Firefox 31.
With the introduction of a search field in the new tab page, Mozilla users now have three different places in the browser's UI (user interface) where they can begin a search: In the address bar (called "Awesome Bar" by Mozilla) and the separate search field, both at the top of the window; and on the new tab page.
Behind the scenes, Firefox 31 also got a beefed up implementation of Google's "Safe Browsing," the Mountain View, Calif. company's umbrella API (application programming interface) for sniffing out, then blocking malicious websites.
Safe Browsing has long been used by Google's Chrome, but it has also been tapped by Firefox and Apple's Safari to warn users of risky sites before they actually visited them.
Chrome, however, has always had a big advantage, as Google has never documented the API for outsiders, and thus has been able to leverage Safe Browsing to more effectively block rogue sites and incipient downloads than either Firefox or Safari.
According to Mozilla, Google has "offered an application reputation feature to detect malicious downloads as part of Google Safe Browsing since 2012," but still has not documented the API. That meant Mozilla had to experiment with the API. The open-source developer published its findings on its site.
Mozilla admitted that it would not be able to match Chrome's effectiveness in detecting and blocking potentially-malicious files from making it onto a user's system, in part because of a higher incidence of false positives. "Using Google's API, we can never do better than Chrome," the company acknowledged.
Sign up for CIO Asia eNewsletters.