The main differences between Firefox 78 and Firefox ESR 78
Mozilla released Firefox 78.0 Stable and Firefox 78.0 ESR today. The new version of the Firefox web browser is a major release for both stable and ESR; ESR, Extended Support Release, because it moves the version from Firefox 68.x to 78.x.
A major Firefox ESR version increase includes lots of changes as minor ESR versions don't get all the new features that stable versions of the browser get every four weeks. New major ESR versions introduce these features.
Firefox administrators can stay on Firefox ESR 68.x for the time being. Mozilla will release additional updates for that particular version of the browser. The older version will run out of support in eight weeks, however when Firefox ESR 78.2 and Firefox 80 are released.
While Firefox 78 Stable and Firefox ESR 78 share most features, there are some differences between both versions.
Firefox ESR 78: No WebRender
Mozilla introduced support for WebRender in Firefox 67 but only for a small part of the installation base. The organization started to enable WebRender on additional devices but has not yet rolled it out to all Firefox installations.
WebRender is used to render webpages and applications with the help of the video card. The main advantage of WebRender is that it improves performance significantly when it is used.
WebRender is not enabled in Firefox ESR 78.
Firefox ESR 78: MITM Detection is disabled
Firefox may detect if software on a device uses MITM (Man in the Middle) implementations. Security software may use it and this may lead to security and loading issues on the Internet.
Firefox 78 Stable supports the detection of MITM if it is causing connection issues, whereas Firefox ESR 78 does not by default. If the stable version of Firefox suspects a connection issue caused by MITM, it sets the preference security.enterprise_roots.enabled to True, and tries the connection again.
The setting is reset to False if the connection does fail, or kept set to True if it does not fail.
Firefox administrators may enable the feature by setting security.certerrors.mitm.auto_enable_enterprise_roots to true.
Firefox ESR 78: Use of client certificates enabled by default
Firefox supports its own certificate store and it is the default store for all non-ESR versions. Firefox ESR on the other hand supports the use of client certificates by default.
Administrators may disable the feature by setting security.enterprise_roots.enabled to false.
Firefox ESR 78: Option to deactivate the add-on signature requirement
Mozilla introduced mandatory extension signatures in Firefox 43. Add-ons that users want to install in Firefox need to be signed.
Firefox Nightly, Developer, and Firefox ESR are the only Firefox channels that allow users to deactivate that requirement.
Administrators need to change the value of xpinstall.signatures.required to False to do so.
Firefox ESR 78: Additional Enterprise policies and updates
The following policies are new or updated in Firefox ESR 78:
- (New) Handlers policy - Configure default application handlers. See here.
- (New) MasterPassword policy -- Configure whether a master password is required, or prevent it from being set. See here.
- (New) PDFjs policy -- Disable or configure PDF.js, Firefox's built-in PDf viewer. See here.
- (New) DisableDefaultBrowserAgent policy -- Only on Windows. Prevent the default browser agent from taking any actions. See here.
- (Updated) ExtensionSettings policy -- New restricted domains option to prevent extension access. See here.
- (Updated) DisabledCiphers policy -- Option to enable ciphers that Firefox has disabled. See here.
Now You: do you run Firefox? If so, which edition? (via Sören Hentzschel)
I only use the ESR version for the slower feature release cadence, primary focus on stability and security fixes as well as policy templates that can be used with Windows Group policy to control various browser settings. A big one is to disable updates so I have full control over the process as I don’t like software checking for updates without my explicit consent. Instead when I’m ready to update I download the full exe file from Mozilla then always choose a custom install unchecking the maintenance service (not wanted nor needed since updates are disabled).
I have experience with most browsers except Google Chrome, Microsoft Edge and Opera (e.g. Iridium browser, Ungoogled Chromium browser, Otter Browser, etc).
However, my favorite browser to use exclusively is “Firefox ESR”.
I use “Firefox DeveloperEdition” to support AMO development, and also use “Firefox Nightly” for testing new features and such.
In the others, Pale Moon, Tor Browser, Brave and Iridium browser are implemented too.
I prefer “RSS subscriptions”, so I prefer to use Thunderbird to “check RSS along with email” rather than Browser.
As an aid to this, “ThunderbirdTray” is useful.
TheGuardianWolf/ThunderbirdTray: Minimise thunderbird to tray with a Windows tray app. | GitHub
https://github.com/TheGuardianWolf/ThunderbirdTray
Minimize Thunderbird to the system tray with ThunderBirdTray | gHacks Tech News
https://www.ghacks.net/2019/12/30/minimize-thunderbird-to-the-system-tray-with-thunderbirdtray/
I run both on the same computer.
Thanks Martin and Sören for the infos.
Been waiting for this so I can use Picture In Picture on my work PC ðŸ‘
Martin, thanks for the news and the comparison.
â€Firefox administrators may enable the feature by setting security.certerrors.mitm.auto_enable_enterprise_roots to true.â€
I had version 77, then I installed 78 esr with same profile. That setting (true) is now default.
I disabled only those older cipher suites that recommended.
â€750 /** CIPHERS [WARNING: do not meddle with your cipher suite: see the section 1200 intro]â€
â€639 Your cipher and other settings can be used in server side fingerprintingâ€
â€766 /* 1264: disable the remaining non-modern cipher suites as of FF78 (in order of preferred by FF) ***/â€
https://github.com/ghacksuserjs/ghacks-user.js/blob/master/user.js