Firefox 27: Faster, more secure and more social
Mozilla has released Firefox version 27.
As detailed in the release notes, the major new feature is support for the Firefox SocialAPI. Mozilla describes the SocialAPI as "a new API to make it easier for web browsers to integrate with social media services. Once a social service provider is implemented for Firefox, it becomes possible for the browser to display in-chrome user controls and information related to that service."
Three SocialAPI plugins are available today: Facebook Messenger for Firefox, Cliqz, and Mixi (Japan only). In the screen grab below of Facebook messenger for Firefox, you can see how the Facebook Messenger pane stays up and running while the main browser window is on another site.
Another take on SocialAPI is expressed in the release notes: "You can now run more than one service at a time with Firefox SocialAPI, allowing you to receive notifications, chat and more from multiple integrated services." There are plugins, web sites and apps that attempt to consolidate social networking systems for the client; now SocialAPI puts it into the browser.
The new version turns on TLS (Transport Layer Security, the successor to SSL) versions 1.1 and 1.2 by default. Like many browsers, Firefox has supported these standards for a while, but has not turned them on by default because of potential problems they might cause with web sites which don't support modern standards. By now, the level of support and the security benefit are such that it makes sense to turn the feature on.
Even viewing this setting is inconvenient and unobvious. There is no UI in the Settings dialog for TLS support levels. Users must go to about:config and look for the securty.tls.version.min and securty.tls.version.max values. The min value lists the oldest standard Firefox will support and max the newest one. 0 is SSL 3.0 (the last version before TLS), 1 is TLS 1.0, 2 is TLS 1.1, etc. The new values are min=0 and max=3; in Firefox 26 max=1.
Firefox 27 adds support for the SPDY 3.1 protocol. According to the documentation, SPDY "...adds a framing layer for multiplexing multiple, concurrent streams across a single TCP connection (or any reliable transport stream)." The standard is designed so as to require little or no change in web application development.
The new version also adds numerous developer features described in the release notes.
Finally, Firefox 27 also fixes 15 security vulnerabilities, five of them critical.