The Curious Case of The Translink Go Card

The Translink Go Card is the preferred choice for public transport in South East Queensland. An RFID touch-on/touch-off card and a series of card readers on train station platforms, buses, City Cycle and ferries.

Originally plagued with implementation issues that almost saw provider Cubic sued for the delays and widespread problems the Go Card rollout faced, the network is in a much more stable state these days.

With paper tickets costing for some zones almost costing double the cost in comparison to a Go Card fare, the incentive to own and use a Go Card is very high.

As you will read the Go Card is actually quite interesting, especially from a security perspective.

Translink Go Cards

Details on the card itself

The card itself is a rebranded MIFARE Classic 1K smart-card created by a company called NXP Semiconductors. It just so happens that the MIFARE Classic 1k is incredibly insecure and susceptible to numerous security issues.

title

Almost every major transportation network in the world that has an RFID reader/card setup uses an NXP Semiconductor RFID card, mostly the MIFARE series of cards. However, not all MIFARE cards have been “cracked” like the 1k variant has.

To quote Wikipedia’s information on the card:

The MIFARE Classic 1K offers 1024 bytes of data storage, split into 16 sectors; each sector is protected by two different keys, called A and B. Each key can be programmed to allow operations such as reading, writing, increasing value blocks, etc. It uses an NXP proprietary security protocol (Crypto-1) for authentication and ciphering.

As you can see the Go Card is nothing more than a dumbed down USB key. The readers on at the train station, on the bus or ferry can read and write to your Go Card when they need too.

The encryption that secures your balance, trips and other pieces of information like where you tap on and off is apparently only protected by a key that is 50bits. This means the card can theoretically be cracked by a modern PC in a matter of minutes (we’ll get into that later too).

Presumably the Go Card uses the cheaper MIFARE Classic 1k because it was cheaper and they’re willing to take the risk of potentially small amounts of fraud over replacing all of commuters cards or buying the more expensive and fancier MIFARE cards that NXP produce.

Given my card doesn’t expire until 2022, issuing new cards would be impossible for the moment at least. Although some of the more secure MIFARE cards do offer backwards compatibility.

Strangely enough Sydney’s Opal card uses the much more secure MIFARE DESFire EV1 as does the Adelaide Metro metroCard and in Victoria the Myki card uses the MIFARE DESFire (non EV1 variant).

Go Card’s infrastructure

The Go Card uses a distributed settlement network meaning all transactions take place between the card and the reader. To contrary belief, when you tap on and off, the information is not being communicated instantly with Translink’s servers.

Rather the readers store the data and sporadically communicate with the servers to ensure they are up-to-date. This is how London’s Oyster Card network works as do most RFID transportation networks like the Go Card system.

This means for a brief period of time, the only entity that knows what your balance is, is just your card. For a small window of time, the reader trusts the balance on your card (at least until the reader syncs with the network).

The benefits of a sentiment network are obvious and similar to how credit card transactions are processed. Have you ever noticed that when you purchase something using your credit card, the money doesn’t always come out of your account?

The cost of a secure and stable realtime network just wouldn’t be worth the amount of money it would take to maintain & scale such a large network like the Go Card system would require for tracking realtime reader communication.

The downside however with this kind of network and manually topping up online is it can take up to 48 hours for your payment. But it usually only takes a couple of hours

The best time to topup your Go Card?

If you need the funds on your Go Card for the same day and you topup online, do it in the morning. In most cases the funds will be added to your account by the end of the day.

When you touch on at a reader, the balance is written to your cards chip and stored temporarily until the network syncs up and compares balances are legitimate

This is a handshake that is performed between the network and the card. Basically the readers are notified of your transaction once they are updated within the period of time the network syncs itself and the balance is written to your cards memory.

Hacking the Go Card

I do NOT advise under any circumstances that you attempt to hack the Go Card network or the Go Card itself. You might find yourself in serious trouble if you do, while the network might be settlement based, there are ways you can be caught (CCTV footage, etc). A cheap fare isn’t worth jail time.

If you want to try this stuff out, do it at home. Don’t attempt to attack a Go Card reader or use a modified Go Card.

For less than $50 you can actually buy a MIFARE compatible reader/writer off of eBay which can read the Go Card. You can buy a stack of blank MIFARE Classic cards off of eBay as well (5 for around $5). Duplicating a Go Card would be a fairly easy task, but NOT recommended.

There are details on how to perform the attack on the Go Card here at this link.

 

Is Ruby On Rails Dying?

If you were a startup trying to get an MVP out the door in 2010, admittedly you probably used or considered Ruby on Rails. In 2015 you are probably more than likely going to opt for Node.js instead. But why?

Once upon a time it seemed as if Ruby on Rails was destined for global dominance. Twitter was originally built on-top of it before moving for scalability and performance reasons, but many companies still use Ruby on Rails.

Some notable companies still sporting the faded Rails band t-shirt include; Github, Shopify, Twitch.tv, Imgur, Airbnb and the list goes on.

Rails is definitely not dead, however you can’t deny the trends for Rails usage are going down, not up. It is no longer considered to be the only darling of the startup world like it once was.

So.. what happened?

While the appeal of Ruby on Rails was very much its plethora of generators and other CLI goodies that made it easy to scaffold an application in a matter of minutes: Node.js happened.

The appeal of Node.js was the fact that developers could apply their existing skillset and Javascript knowledge to the server side. The issue with Rails is even though you could use it with next to no knowledge of Ruby, to truly harness its power, you had to learn Ruby.

Then there is the history of well-documented performance problems plaguing the framework, more publicly Twitter’s move away from the framework.

Ruby on Rails was never marketed as a performance-first framework, it was marketed as a framework you chose when you wanted to get shit done and as quickly as possible. There is no denying that Rails delivered on that promise.

As you can see comparing Google Trends data for Ruby on Rails and Node.js paints a very clear picture:

The appeal of Rails was not only attributed to the fact there was nothing really like it at the time (unless you consider Django and Django has its own problems). PHP was the dominant language when Rails made its debut and people jumped ship because the PHP hate-train was speeding down the tracks.

Of course, there were other reasons that can be attributed to the early success of Rails. The inbuilt ORM, the scaffolding functionality and ability to generate an entire application using a few simple CLI commands appealed to many of us as developers.

Ruby on Rails isn’t dead

While RoR is alive and well, it just isn’t the flavour of the week like it used to be. It seems Node.js has won out, but that isn’t to say that Node itself won’t be replaced by something in the future.

There is still a community behind Ruby on Rails, albeit not as vocal or big as the Node.js community. It is far from dead, but we have to wonder if there will come a day when Rails falls behind even further.

The stats

It isn’t exactly a fair comparison to compare NPM modules and Ruby Gems, as Gems are not Rails specific but rather the package manager for the Ruby language itself.

The activity on the Gems stats page does give you insight into the number of downloads there have been of Rails though.

So lets compare the number of downloads of Express (a framework for Node.js) and Rails (both installable via their respective package managers). Both similar in that they are frameworks built on-top of an existing language/library.

In the last month (so February 2015) there were 2,171,225 downloads of Express. Compare that to the number of downloads via Ruby Gems for the latest version of Ruby on Rails released December 20th, 2015 which have only totaled 541,249 in a two month period since its release.

Express had four times the number of downloads in the last month compared than Rails has had in the last two months. The numbers paint a picture of a framework not nearly as popular as it once was.

For update stats on Ruby Gem packages click here. For Node Package Manager statistics, simply visit their site and they’re displayed at the top of the homepage, individual stats are available on a packages detail page.

Looking to the Github repositories of Rails and Node.js, you can quite clearly see that Rails is being updated on a regular basis. Comparing the two however is more difficult stat-wise as Joyent don’t adopt such an open community model like Rails does.

Conclusion

Rumours of Ruby on Rails’ demise have been greatly exaggerated. Rails isn’t dying, you just forgot about it along with most of the other trend-riding chumps. Or your needs outgrew what Rails could provide you.

The stats quite clearly prove that Rails is not dying, but they also prove that it isn’t growing as much as Node.js is (or to be more specific and fair, Express). The community is still contributing to it and people are still using it.

You are only as good as your community and while Rails has a chance to turn things around in V5, for the moment, the low barrier to entry for Node.js thanks to Javascript makes it more appealing.

At the end of the day, use whatever works for you. Don’t believe the hype around a framework or language, if you like it and it meets your needs, then there is no wrong choice.

 

Don’t Be An Asshole: Be A Polite Ad Blocker

I have been doing some development work in the online advertising space lately and as a result of it, I have become more mindful of which sites I block advertisements on and which sites I do not block advertisements on.

Nobody likes advertisements and while I still use Adblock Plus to block ads for a lot of sites, I do it in a more polite manner than most. If a site offers value to me, I find the content great and it is free, I disable Adblock on the site. It is a small gesture that goes a long way.

Whether you realise it or not, blocking ads can have flow-on effects for people who rely on advertisements. This isn’t some bullshit Hollywood corporate speak about how you are stealing from copyright holders and sending the entertainment industry broke. Blocking ads can have some financial implications for many though.

When you block advertisements you’re not just sticking it to “the man” you are hurting the websites that rely on the advertisements to help pay server expenses and you are also hurting the people who work for these companies who are paying for advertising. And believe it or not, there are ad networks out there who aren’t Google who employe people to maintain their ad serving technology.

I am not saying you should turn off Adblock completely because lets face it, some sites out there don’t deserve ad revenue because they distastefully display advertisements and/or have shit content – I am looking at you news.com.au.

It is easy to forget that ads on the Internet even exist if you have an ad blocker installed. But we have to realise if a site is offering us value, is it really that much of an inconvenience or annoyance seeing a couple of ads? (especially if they’re tasteful ones).

So next time you visit your favourite website that you didn’t have to pay for, consider NOT being an asshole and disabling Adblock (or whatever ad blocker you use) on the website to say thanks to the site owners for offering great free content or services. It costs you nothing to a decent person.

I think we all owe it to ourselves to be polite ad blockers.

 

Developing React.js Components Using ES6

React.js is the greatest thing to happen to front-end development in a long time. It is fast, it allows us to break our application into bite-sized chunks and has a tiny learning curve.

In this article we will be using ECMAScript 6 classes to write our React.js components. This means they will be easier to read and look nicer, even if they are prototypical inheritance syntactical sugar.

For the moment, the only version of React.js that supports ES6 syntax is 0.13.0. At the time of writing this article, the 0.13 branch is still in beta (currently version 2).

For the purposes of this article, React.js 0.13 beta 2 will be fine. We aren’t building a production application here, just playing around with some ES6 goodness.

Before we begin

I want to preface this article with: this is not a crash course on how to use React.js.

This article assumes you are familiar with basic React.js concepts and you’re curious about writing React components using ES6. So be aware certain aspects of this article will be foreign to you if you have not used React.js before nor read the documentation.

There are tonnes of great resources out there for getting started with React. So, I do not recommend diving right into ES6 if you’re not familiar with the basic concepts first.

The getting started page on React’s website is a great resource I recommend reading.

Installing React

Because we are using a beta version of React (0.13.0), we will be installing it using NPM (Node Package Manager). However, this article will not detail the process for setting up NPM. I am assuming you have it and you are comfortable bringing up a command line window.

Create a new folder anywhere of your choosing and provided you have NPM installed on your machine, run this command on the command line: npm install react@0.13.0-beta.2

Screen Shot 2015-02-18 at 12.38.06 pm

What are we building?

We are building an example application that allows us to supply a persons name and put a styled hat on them. Original, right?

We will be defining two separate files: one for the person and one for the hat. It is a good habit to get into by breaking your application up into small managed chunks. This is the entire premise of which React.js operates upon.

We are not going to be building anything interactive. I am just showing you a quick silly example of how you can use ES6 classes to develop React.js components. This article assumes you are familiar with React.js already, remember?

Firstly, lets define our components

Every new React component that you create will extend React.Component. This is a requirement or your components will not work.

The in-browser transformer will take care of ensuring that our classes work for older browsers and with React itself by transpiling it on the fly (unless of course you pre-compiled your classes).

// components/Hat.js
class Hat extends React.Component {
    constructor(props) {
        super(props);
    }

    render() {
        var hatClass = 'hat ' + this.props.type;
        return (
            <div className={hatClass}></div>
        );
    }
}
// components/Person.js
class Person extends React.Component {
    // Constructor
    constructor(props) {
        super(props);
        this.state = {name: props.name};
    }

    // This method will allow us to change the current name of the person
    setName(name) {
        this.setState({name: name});
    }

    render() {
        var hat = this.props.hat;
        var hatLabel;

        if (hat === 'none') {
            hatLabel = 'I am not wearing a hat.';
        } else {
            hatLabel = 'I am wearing a '+hat+' style hat.';
        }

        return (
            <div className="person">
                <Hat hatType={hat} />
                <div className="personLabel">My name is {this.state.name} and {hatLabel}</div>
            </div>
        );
    }
}
Person.defaultProps = { name: 'anonymous', hat: 'none'};

Now that we have our two separate component files, we need to create our main application file which will “Reactify” our DOM.

For brevity we will be calling this file app.js.

// app.js
(function() {
    'use strict';

    React.render(<Person name='Dwayne' />, document.getElementById('app'));
})();

Before any of this does anything, we need some basic HTML for this example to even work.

<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
        <title>Hat Wearing App</title>
        <script src="node_modules/react/dist/react.js"></script>
        <script src="node_modules/react/dist/JSXTransformer.js"></script>
        <meta name="viewport" content="width=device-width">
    </head>

    <body>
        <div id="app"></div>
        <script type="text/jsx;harmony=true" src="components/Hat.js"></script>
        <script type="text/jsx;harmony=true" src="components/Person.js"></script>
        <script type="text/jsx" src="app.js"></script>
    </body>
</html>

A note on using ES6 with the in-browser JSXTransformer

Using ES6 syntax with the in-browser transformer requires enabling a flag in the type attribute called: harmony

As you can see in the above example we specify: type="text/jsx;harmony=true". Without this flag, the compiler will throw an error. The value must be true, otherwise it will default to false.

This is the number one mistake first-timers attempting to use ES6 syntax with React.js will make. The harmony flag is not documented particularly well, so it is easy to get caught out by not including it.

While the in-browser transformer is great for prototyping purposes, it is not advisable for you to use it in production. Always compile your code before deploying to production.

A note on mixins

If you do decide to use ES6 syntax for writing your React.js applications, keep in mind that you cannot use mixins. This is a limitation with ES6 itself and lack of native support for mixins and not React.js.

Keep this limitation in mind before you go writing your React.js components the ES6 way. If you need to use mixins there are alternative workarounds you can pursue (not covered here).

Differences between using ES6 and non-ES6

Besides the above downside of not being able to use mixins with ES6 classes, there are only a couple of differences to be aware of if you are going down the ES6 path.

When using classes, getInitialState is replaced in favour of using an instance property on the class itself called state. The getDefaultProps and propTypes values are merely properties of the constructor (as you can see at the bottom of Person.js).

With exception of the above slight API changes, everything else is essentially the same as it previously was, you just write the methods in context of a class.

So previously for the render method you would write render: function() {}code> because a class was defined in object curly braces for the createClass method. Now you can just write render() {} which is the same thing, but nicer to look at.

Conclusion

I hope this opens up new opportunities for you to write React.js components in future projects using React. You cannot deny that the ES6 syntax is definitely cleaner and easier to write. If you are lazy like me, all of the above example code is available for download here on Github.

While this might not have been an overly in-depth article on using ES6 syntax with React.js, you can see how how easy it is to develop React.js components using ES6 syntax.

I have no doubt we will see greater ES6 support added into future versions of React, but for now, this is a great start. Happy coding.

 

The Anti-Vaccination Movement Needs To Be Vaccinated

If you don’t vaccinate your kids you should be given two choices and these two choices only:

1) Have your kids taken off of you and put into custody of the state. You should then attend a court hearing where you might face numerous charges ranging from jeopardising the health of your children and the health of other children to abuse.

Or…

2) You can vaccinate your children, not be fined/sent to jail, keep your children and stop being a fucking idiot.

The arguments of some of these “anti-vaccination” loonies range from; the vaccination will give my kid a disability, vaccinations are against my religious beliefs, we have immune systems that can fight things like this and the really crazy: the Government are putting things in vaccines to try and control us because of a New World Order conspiracy to reduce the population.

If you don’t vaccinate your children, you are a piece of shit and you don’t deserve to have kids. There is absolutely no excuse NOT to vaccinate your children, not one single valid excuse (unless your child is allergic).

Ever heard of Smallpox, perhaps you know someone who might have had it once, no? Well aren’t you lucky. That’s because Smallpox was 100% eradicated by a vaccine years ago… This virus killed close to 500 million people in the early 20th century, now it doesn’t exist. Vaccines, amazing, right?

Hundreds of millions of people died before they even got the chance to get saved by a vaccine. And yet here you are, sipping on your fair trade organic coffee, most likely smoking pot snd lurking on conspiracy websites about how unsafe or unethical vaccines are. If it wasn’t for a vaccine being discovered, who knows what would have happened if Smallpox got worse than it actually did.

What is it going to take for people who are a part of the anti-vaccination movement to realise how stupid they are? Are they just going to let their kids possibly die or end up really sick, potentially making other people near them sick in the process?

I think tried and tested essential vaccines for things like whooping cough, measles and anything else that has a vaccine should be mandatory and enforced by law.

Unless your child has a legitimate medical reason not to have a vaccine (a small subset of the population can’t actually have certain vaccines), your beliefs should not matter, your children get vaccinated whether you like it or not.

If you don’t vaccinate your children, you aren’t fit to be a parent and you deserve to have your children taken off of you. It’s such a shame they haven’t come up with a vaccine for stupidity (yet).

 

Trouble Signing Into Twitter On Firefox?

Recently I encountered an issue in Firefox whilst attempting to login into my Twitter. Even though my login details were correct, I was not able to login. No error message, nothing. My first thought was Twitter was to blame, but it turns out it was my Firefox.

I also noticed on other sites this weird login issue was happening as well. When I would try and login to 99designs, I encountered a strange redirection loop.

The solution to fix your Firefox login woes:

Deleting your browser cookies is the easiest way to fix the login issues. You can delete specific cookies or you can delete them all. I opted for the second solution as it required the least effort.

I have no idea what caused the issue, but it seems cookies in my Firefox somehow corrupted. I did recently start using Firefox Sync, so it might have something to do with the problem. But I have no idea what the real cause was.

Hope this helps.

 

So My Bank (ANZ) Just Cancelled My Card For No Reason

ANZ bank have fraud protection that they call Falcon. Essentially the goal of it is to prevent fraudulent transactions taking place on your credit cards and in my case, my Visa debit card connected to my savings account. Nice idea in theory, but in my case, annoying and wrong.

It all began when I received a suspicious text message claiming my card had been suspended due to a security concern to prevent unauthorised usage. At first I thought it was a scam, so I called ANZ and sure enough, it was the real deal (the number it came from was +61427042684).

They verified my details, then told me Visa international had detected a security concern (he couldn’t tell me what that concern actually was). The customer service guy by the name of Greg was very nice about it and went through my last 5 transactions over the phone with me to see if anything suspicious stood out.

He would list the name of the transaction and then the amount. I responded yes to all of them as my own transactions. Not one single transaction he mentioned was suspicious in the slightest. The last transaction I made was at a lunch place with a French sounding name called La Rotisserie that did fried chicken and whatnot.

Could it have been the French sounding name that rung alarm bells? Maybe Visa thought $18 for a chicken sandwich with a bottle of water was akin to fraud and suspended my card? It was a good sandwich though (and massive). Perhaps a little overpriced.

Anyway… After saying yes to all of the transactions and confirming nothing sounded suspicious I expected my card to be reactivated, no problem right? Nope. Greg informed me that I would be sent out a new card complete with a new card number, CVC code and a new pin number too, and to destroy my current card immediately.

WHAT. THE. FUCK.

No fraudulent transactions were made on my card, nor were there any attempts they told me of trying to make fraudulent purchases, so why suspend my card?

Now I have to wait 3 to 5 business days for a new card and then the pin number will follow 2 business days after I receive the card. Because my card number has changed I now have to go through all of my services and change my card details to match the new card.

This means having to change my Paypal details, the credit card details for my hosting, Playstation Network account and a plethora of other accounts online were I use my credit card.

As a result of my card getting cancelled, online services that I pay for using my credit card will now fail. I have already received an email from Github informing me my payment has failed. Luckily, I have two weeks to pay (my new card should arrive by then).

Who knows maybe one of those said providers were hacked and someone got my card details? ANZ didn’t give me any information as to why they are sending me out an entire new card with new pin number and card number.

It is very frustrating that I have to go to the bank if I need to withdraw any cash and I have to pray nothing that gets billed to my card before I get a new one and get online to change over the details.

If someone did get a hold of my details, I am grateful ANZ stopped them. However, there were no suspicious transactions and ANZ couldn’t even tell me what the security concern was with my card in the first place.

Fortunately my wife-to-be has a card for the account and that hasn’t been suspended, but it is a completely different number.

 

Firebug vs Firefox Development Tools

After switching over to Firefox from Chrome as my day-to-day browser about a month ago, I instinctively installed Firebug because when I used to use Firefox years ago, it was the essential development addon you installed, usually second only to Adblock Plus.

A lot has changed in Firefox over the years. The internal web development tools within Firefox are exceptionally great. In-fact, they are better than Firebug’s own provided tools and a whole lot more stable. If it weren’t for Firebug, the internal tools probably wouldn’t nearly be as good as they are today.

Sadly, the latest versions of Firebug I have used are pretty buggy. For the two or so weeks I used Firebug in Firefox, I encountered annoying issues ranging from inability to remove breakpoints in my scripts to full-blown unresponsiveness when inspecting heavy applications.

The profiling functionality in Firebug also appears to have grown considerably buggier all the while the native tools in Firefox have become a lot better than they were even a year ago. Being native, the Firefox Development Tools will of course be expected to be faster and more stable.

The native Firefox Development Tools also sport some highly useful features missing in Firebug (although these might be features you don’t care for)., designed to make your life easier and rely less on multiple addons to achieve different tasks.

A colour picker (I used to need a separate addon ColorZilla), canvas & WebGL debugging, ability to edit transitions/animations, ability to view objects, pause on exception, easily working with exception and best of all: Responsive Design Mode: this feature is handy for testing a media query laden website without needing to use a separate addon to do so.

The ability to also choose either a light or dark colour scheme is a nifty albeit cosmetic feature. I prefer working with darker UI’s, so I have the dark colour scheme enabled which is easier on my eyes.

While Firebug definitely once served a purpose when there was nothing like it, the native tools are arguably (in my opinion) so much better than Firebug currently offers. We have much to thank Firebug for, but I think it is time to let go and support Firefox’s native tools instead.

 

Introducing Jsdev.io

I am happy to reveal a little collaboration between myself and Jose Garcia called jsdev.io. Essentially it is another place on the interwebs to post front-end related links with an emphasis on Javascript.

We were aware of the fact that there are existing sites for this like Hacker News and Echojs both of which are great sites, but we wanted to take a stab at it ourselves. Not to mention, we managed to snap up a great short domain.

So feel free to post links, discussions and help the site grow. We will be listening to the community for suggestions and we have a few ideas already in the works for how we can make the site even better.

 

Why I Switched Back To Firefox

I actually have had a draft of this post in my ideas folder for about one month now and I have been constantly putting it off.

What actually prompted me to finish it was a popular article recently published on Gizmodo entitled: Fuck it, I’m Going Back to Firefox by Eric Limer.

The thoughts of Eric basically mirror those of my own. When Chrome originally hit the scene, Firefox wasn’t in a great state. The blatant memory leak issues that plagued Firefox for multiple versions until they admitted it was an issue in Firefox they needed to fix were one of many reasons for people like myself to jump ship.

We all made the switch because for a little period of time Chrome was a new breath of fresh air. It looked great, it was extremely fast and best of all: it integrated nicely with Google’s services. Things were sunshine and rainbows for a good while until Chrome started to get lazy and comfortable in the relationship.

Fast forward to now and Firefox is actually the better browser of the two. While Chrome was arguably faster when it arrived, it has gone the opposite way to the point where on my Windows 8.1 PC Chrome is basically unusable at times.

We are talking about a gaming PC with; 16gb RAM, an Intel i7 CPU with a dedicated SSD for the operating system and applications like my browser literally lagging and using 100% of my CPU for no reason. I have to literally CTRL + ALT + DEL to close down all instances of Chrome for it to be somewhat usable again for a few hours.

Leaving Chrome open without closing it down each time results in a steadily climbing rate of CPU and RAM usage. Sometimes I don’t even need to have many tabs open, memory usage and CPU utilisation are massive problems within Chrome.

I even formatted my PC recently. I removed all of my browsing history, I removed most plugins and still, Chrome has problems just doing basic browser tasks. I even disabled the auto suggestion stuff after reading it can speed up Chrome. Yet, I still get lag on my PC.

Besides the inherent and obvious issues in Chrome when it comes to poorly mismanaging CPU and memory, I’ve been using Firefox the last month and while it felt weird at the start, it was surprisingly easy to import all of my bookmarks and browsing history into the browser.

Obviously as a developer I will need to open up Chrome for testing, but as my go-to everyday browser it looks like Firefox has captured my heart again like it did in the early 2000’s.

Chrome as a browser is starting to feel like Firefox did in 2008; slow, sluggish and the arrogance of the development team appears to be holding back any kind of progress for resolving these obvious and widespread issues.

Besides the performance increase, there are other reasons that make me feel good for switching back. Mozilla are honestly committed to a better web, Firefox is the only truly 100% open source web browser. You can also get plugins that are forbidden on Google’s plugin repository like plugins for being able to download Youtube videos.

The developer tools in Firefox in my opinion are considerably better. Not just from a technical perspective, but the UI of the inspector. The great use of colours to differentiate parts of the DOM when you’re inspecting, the interface in which you access and use the tools looks and feels so much nicer than Chrome’s too.

The greatest thing of all about Firefox? The fact you can have more than 5 tabs open without your computer running out of memory or your CPU overheating because it is constantly at 100% utilisation.

I don’t actually miss Chrome at all. I dread every time I have to open it up and test something because it just doesn’t give me that same nice feeling that Firefox used too and does again.