This sounds suspiciously like it might be related: https://www.scientificlinux.org/category/sl-errata/slsa-20182834-1/
On Thu, Oct 4, 2018 at 6:20 AM Ben Koenig <techkoe...@gmail.com> wrote: > Deleting user data without warning is bad. There are a number of decisions > in firefox that concern me as well, and if there really is a situation in > which it automagically overwrites user data, then that must be fixed. > > The idea that it works "fine for me" but not everyone is not applicable > here. While a feature may be less popular, that does not excuse the > unexpected deletion of user data. It doesn't matter if a feature was > changed or updated. Deleting data on a user's computer WITHOUT WARNING is > unacceptable and that is all there is to it. > > If you can reproduce the behavior then fixing it in the code is the only > acceptable answer. > Or maybe those of us on the use-case fringe deserve the discrimination > being dished out by the Twitter birds. > > > On Tue, Oct 2, 2018 at 9:04 PM Tomas Kuchta <tomas.kuchta.li...@gmail.com> > wrote: > > > FWIWI, I have seen no Firefox issues whatsoever on both openSuse and > 16/18 > > LTS Ubuntu branches. > > > > Release notes would most likely mention settings location change and how > to > > proceed with the upgrade. I'd guess. > > > > -T > > > > > > On Tue, Oct 2, 2018, 1:37 PM Russell Senior <russ...@personaltelco.net> > > wrote: > > > > > In my brief investigation, it might result from the location of > profiles > > > moving from one version to another. I can say that I, on firefox 62.0 > > from > > > Ubuntu, have not seen this behavior. Since distributions often tweak > > > builds, it's not beyond the realm of possibility that your > distribution's > > > packagers are at fault here. > > > > > > On Tue, Oct 2, 2018 at 12:37 PM Keith Lofstrom <kei...@kl-ic.com> > wrote: > > > > > > > > On Sun, Sep 30, 2018 at 06:53:06PM -0700, Keith Lofstrom wrote: > > > > > > Sometime in the last two days, automatic updates on my > > > > > > older 32 bit laptops "upgraded" to Firefox Quantum > > > > > > 60.2.1.esr, and my saved logins stopped working. I have > > > > > > backups, and I can restore a previous version of Firefox > > > > > > and my old .mozilla configuration files, then turn off > > > > > > updates, but perhaps there is a way to make this > > > > > > "upgrade" work. > > > > > > > > > > I'm running an old 32 bit distro on the laptops, which > > > > > will get upgraded to a recent 64 bit distro Real Soon Now. > > > > > Then I will upgrade myself to Chromium as John suggested. > > > > > > > > On Mon, Oct 01, 2018 at 10:14:42PM -0700, Russell Senior wrote: > > > > > Did you report the bug? > > > > > > > > Not yet - I need to ponder my use-case a bit, and think > > > > about how it differs from their (minimal) likely testing. > > > > > > > > My WAG is that this happened because we had browser windows > > > > open when updates are scheduled, and their user-neglecting > > > > code treats unlocked login/password files as "unencrypted". > > > > > > > > However, the fact that they would even conceive of deleting > > > > /any/ user-generated file without warning or permission > > > > suggests that their design goals are sociopathic and > > > > arrogant. I'll send them a bug report when I develop an > > > > easy-to-reproduce use case, but I expect it to be rejected. > > > > It won't be the first time they've done that to my reports. > > > > > > > > I hope the Chromium development team is more humane. If > > > > there is less code, there are fewer insecure interactions. > > > > Code evaluated by two different groups (Google developers > > > > and outsider repackagers) may be better tested. Many eyes > > > > make all bugs shallow; two sets of eyes makes bugs ever so > > > > slightly less deep. > > > > > > > > ----- > > > > > > > > As an aside, my original reason for becoming involved with > > > > "open-source" (long before Chris Peterson named it) was > > > > that even a non-programmer like me could understand it and > > > > find bugs. I found the Y2K error in BSD, and my suggested > > > > improvement was coded by Real Programmer(tm). When most of > > > > us become mere "code consumers", we eat whatever the "cooks > > > > in the fast food code kitchen" churn out. Some is great, > > > > some is absolutely awful, but the quantity of code is huge, > > > > and the combinatorial number of possible interactions is > > > > literally astronomical, more than the baryon count for the > > > > universe. That makes secure, high-reliability software > > > > impossible, even with "perfect" programmers and methods. > > > > > > > > Web browsers are vulnerable to their innate flaws, but > > > > also to the flaws and exploits in every scrap of active > > > > web content on the internet. Perhaps we need a two-stage > > > > process; our personal computers use plain-vanilla html > > > > browsers and external proxies that process all the varied > > > > crap out there into maximally simple html, with very few > > > > local extensions. That simplifies code on our machines, > > > > though admittedly it helps big brother snoop the external > > > > proxies. I'd rather not have video codecs on the same > > > > machine accessing the same memory as my password files. > > > > > > > > ---- > > > > > > > > I wonder how many of you read down this far? In the > > > > twitter age, most can't read a page of plain English, > > > > much less software code. > > > > > > > > Keith > > > > > > > > -- > > > > Keith Lofstrom kei...@keithl.com > > > > > > > _______________________________________________ > > > PLUG mailing list > > > PLUG@pdxlinux.org > > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > > > _______________________________________________ > > PLUG mailing list > > PLUG@pdxlinux.org > > http://lists.pdxlinux.org/mailman/listinfo/plug > > > _______________________________________________ > PLUG mailing list > PLUG@pdxlinux.org > http://lists.pdxlinux.org/mailman/listinfo/plug > _______________________________________________ PLUG mailing list PLUG@pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug