Language Selection

English French German Italian Portuguese Spanish

Mozilla

Syndicate content
Planet Mozilla - https://planet.mozilla.org/
Updated: 1 day 23 hours ago

Niko Matsakis: Stability without stressing the !@#! out

Monday 18th of September 2023 03:04:00 PM

One of Rust’s core principles is “stability without stagnation”. This is embodied by our use of a “release train” model, in which we issue a new release every 6 weeks. Release trains make releasing a new release a “non-event”. Feature-based releases, in contrast, are super stressful! Since they occur infrequently, people try to cram everything into that release, which inevitably makes the release late. In contrast, with a release train, it’s not so important to make any particular release – if you miss one deadline, you can always catch the next one six weeks later. That’s the theory, anyway: but I’ve observed that, in practice, stabilizing a feature in Rust can still be a pretty stressful process. And the more important the feature, the more stress. This blog post talks over my theories as to why this is the case, and how we can tweak our processes (and our habits) to address it.

TL;DR

I like to write, and sometimes my posts get long. Sorry! Let me summarize for you:

  • Stabilization designs in Rust are stressful because they are conflating two distinct things: “does the feature do what it is supposed to do” (semver-stability) and “is the feature ready for general use for all its intended use cases” (recommended-for-use).
  • Open source works incrementally: to complete the polish we want, we need users to encounter the feature; incremental milestones help us do that.
  • Nightly is effective for getting some kinds of feedback, but not all; in particular, production users and library authors often won’t touch it. This gives us less data to work with when making high stakes decisions, and it’s a problem.
  • We should modify our process to distinguish four phases
    • Accepted RFC – The team agrees idea is worth implementing, but it may yet be changed or removed. Use at your own risk. (Nightly today)
    • Preview – Team agrees feature is ready for use, but wishes more feedback before committing. We reserve the right to tweak the details, but will not remove functionality without some migration path or workaround. (No equivalent today)
    • Stable – Team agrees feature is done. Semantics will no longer change. Implementation may lack polish and may not yet meet all its intended use cases (but should meet some). (Stable today)
    • Recommended – everyone should use this, it rocks. :guitar: (No equivalent today, though some would say stable)
  • I have an initial proposal for how we could implement these phases for Rust, but I’m not sure on the details. The point is more to identify this as a problem and start a discussion on potential solutions, rather than to drive a particular proposal.
Context

This post is inspired by years of experience trying to stabilize features. I’ve been meaning to write it for a while, but I was influenced most recently by the discussion on the PR to stabilize async fn in trait and return-position impl trait. I’m not intending this blog post to be an argument either way on that particular discussion, although I will be explaining my POV, which certainly has bearing on the outcome.

I will zoom out though and say that I think the Rust project needs to think about the whole “feature design lifecycle”. This has been a topic for me for years – just search for “adventures in consensus” on this blog. I think in the past I’ve been a bit too ambitious in my proposals1, so I’m thinking now about how we can move more incrementally. This blog post is one such example.

Summary of Rust’s process today

Let me briefly summarize the “feature lifecycle” for Rust today. I’ll focus on language features since that’s what I know best: this material is also published on the “How do I propose a change to the language” page for the lang-team, which I suspect most people don’t know exists2.

The path is roughly like this:

  • Author an RFC that outlines the problem to be solved and the key aspects of your solution. The RFC doesn’t have to have everything figured out, especially when it comes to the implementation – but it should describe most everything that a user of the language would have to know. The RFC can include “unresolved questions” that lay out corner cases or things where we need more experience to figure out the right answer.
    • Generally speaking, to avoid undue maintenance burden, we don’t allow code to land until there is an accepted RFC. There is an exception though for experienced Rust contributors, who can create an experimental feature gate to do some initial hacking. That’s sometimes useful to prove out designs.3
  • Complete the implementation on master. This should force you to work out answers to the all unresolved questions that came up in the RFC. Often, having an implementation to work with also leads to other changes in the design. Presuming these are relatively minor, these changes are discussed and approved by the lang team on issues on the rust-lang repository.
  • Author a stabilization report, describing precisely what is being stabilized along with how each unresolved question was resolved.
Observation: Stabilization means different things to different people.

In a technical sense, stabilization means exactly one thing: the feature is now available on the stable release, and hence we can no longer make breaking changes to it4.

But, of course, stabilization also means that the feature is going to be encountered by users. Rust has always prided itself on holding a high bar for polish and quality, as reflected in how easy cargo is to use, our quality error messages, etc. There is always a concern when stabilizing a long-awaited feature that users are going to get excited, try it out, encounter rough edges, and conclude from this that Rust is impossible to use.

Observation: Open source works incrementally

Something I’ve come to appreciate over time is that open source is most effective if you work incrementally. If you want people to contribute or to provide meaningful feedback, you have to give them something to play with. Once you do that, the pace of progress and polish increases dramatically. It’s not magic, it’s just people “scratching their own itch” – once people have a chance to use the feature, if there is a confusing diagnostic or other similar issue, there’s a good chance that somebody will take a shot at addressing it.

In fact, speaking of diagnostics, it’s pretty hard to write a good diagnostic until you’ve thrown the feature at users. Often it’s not obvious up front what is going to be confusing. If you’ve ever watched Esteban at work, you’ll know that he scans all kinds of sources (github issues, twitter or whatever it’s called now, etc) to see the kinds of confusions that people are having and to look for ideas on how to explain them better.

Observation: Incremental progress boosts morale

The other big impact of working incrementally is for morale. If you’ve ever tried to push a big feature over the line, you’ll know that achieving milestones along the way is crucial. There’s a huge difference between trying to get everything perfect before you can ship and saying: “ok, this part is done, let’s get it in people’s hands, and then go focus on the next one”. This is both because it’s good to have the satisfaction of a job well done, and because stabilization is the only point at which we can truly end discussion. Up until stabilization is done, it’s always possible to stop and revisit old decisions.5

Observation: Working incrementally has a cost

Obviously, I am a big of working incrementally, but I won’t deny that it has a cost. For every person who encounters a bad diagnostic and gets inspired to open a PR, there are a lot more who will get confused. Some portion of them will walk away, concluding “Rust is too confusing”. That’s a problem.

Observation: A polished feature has a lot of moving parts

A polished feature in Rust today has a lot of moving parts…

  • a thoughtful design
  • a stable, bug free implementation
  • documentation in the Rust reference
  • quality error messages
  • tooling support, such as rustfmt, rustdoc, IDE, etc

…and we’d like to add more. For example, we are working on various Rust formalizations (MiniRust, a-mir-formality) and talking about upgrading the Rust reference into a normative specification.

Observation: Distinct skillsets are required to polish a feature

One interesting detail is that, often, completeing a polished feature requires the work of different people with different skillsets, which in turn means the involvement of many distinct Rust teams – in fact, when it comes to development tooling, this can mean the involvement of distinct projects that aren’t even part of the Rust org!

Just looking at language features, the design, for example, belongs to the lang-team, and often completes relatively early through the RFC process. The implementation is (typically) the compiler team, but often also more specialized teams and groups, like the types team or the diagnostics working group; RFCs can sometimes languish for a long time before being implemented. Documentation meanwhile is driven by the lang-docs team (for language features, anyway). Once that is done, the rustfmt, rustdoc, and IDE vendors also have work to do incorporating the new feature.

One of the challenges to open-source development is coordinating all of these different aspects. Open source development tends to be opportunistic – you don’t have dedicated resources available, so you have to do a balancing act where you adapt the work that needs to get done to the people that are available to do it. In my experience, it’s neither top down nor bottom up, but a strange mixture of the two.6

Because of the opportunistic nature of open-source development, some parts of a feature move more quickly than others – often, the basic design gets hammered out early, but implementation can take a long time. Sadly, the reference is often the hardest thing to catch up, in part because the rather heroic Eric Huss does not implement the Clone trait.

The Talospace Project: Partial ppc64le JIT available again for Firefox 115ESR

Sunday 17th of September 2023 08:58:22 PM
I've been rehabilitating the old ppc64le JIT against more current Firefoxes and there is now available a set of patches you can apply to the current 115ESR. This does not yet include support for Ion or Wasm; the first still has some regressions, and the second has multiple outright crashes. Still, even with just the Baseline Interpreter and Baseline Compiler it is several times faster on benchmarks than the interpreter-only 115. I've included also the relevant LTO-PGO and WebRTC patches so you can just apply the changesets numerically and build. The patches and the needed .mozconfigs for either building an optimized browser or a debug JS shell (should you want to poke around) are in this Github issue.

While this passes everything that is expected to pass, you may still experience issues using it, and you should not consider it supported. Always backup your profile first. But it's now an option for those of you who were using the previous set of patches against 91ESR.

Patrick Cloke: Celery architecture breakdown

Friday 15th of September 2023 07:28:00 PM

The Celery project, which is often used Python library to run “background tasks” for synchronous web frameworks, describes itself as:

Celery is a simple, flexible, and reliable distributed system to process vast amounts of messages , while providing operations with the tools required to maintain such a system.

It’s a task queue with focus on real-time processing, while also supporting task scheduling.

The documentation goes into great detail about how to configure Celery with its plethora of options, but it does not focus much on the high level architecture or how messages pass between the components. Celery is extremely flexible (almost every component can be easily replaced!) but this can make it hard to understand. I attempt to break it down to the best of my understanding below. [1]

High Level Architecture

Celery has a few main components [2]:

  1. Your application code, including any Task objects you’ve defined. (Usually called the “client” in Celery’s documentation.)
  2. A broker or message transport.
  3. One or more Celery workers.
  4. A (results) backend.

A simplified view of Celery components.

In order to use Celery you need to:

  1. Instantiate a Celery application (which includes configuration, such as which broker and backend to use and how to connect to them) and define one or more Task definitions.
  2. Run a broker.
  3. Run one or more Celery workers.
  4. (Maybe) run a backend.

If you’re unfamiliar with Celery, below is an example. It declares a simple add task using the @task decorator and will request the task to be executed in the background twice (add.delay(...)). [3] The results are then fetched (asyncresult_1.get()) and printed. Place this in a file named my_app.py:

from celery import Celery app = Celery( "my_app", backend="rpc://", broker="amqp://guest@localhost//", ) @app.task() def add(a: int, b: int) -> int: return a + b if __name__ == "__main__": # Request that the tasks run and capture their async results. asyncresult_1 = add.delay(1, 2) asyncresult_2 = add.delay(3, 4) result_1 = asyncresult_1.get() result_2 = asyncresult_2.get() # Should result in 3, 7. print(f"Results: {result_1}, {result_2}")

Usually you don’t care where (which worker) the task runs on it, or how it gets there but sometimes you need! We can break down the components more to reveal more detail:

The Celery components broken into sub-components.

Broker

The message broker is a piece of off-the-shelf software which takes task requests and queues them until a worker is ready to process them. Common options include RabbitMQ, or Redis, although your cloud provider might have a custom one.

The broker may have some sub-components, including an exchange and one or more queues. (Note that Celery tends to use AMQP terminology and sometimes emulates features which do not exist on other brokers.)

Configuring your broker is beyond the scope of this article (and depends heavily on workload). The Celery routing documentation has more information on how and why you might route tasks to different queues.

Workers

Celery workers fetch queued tasks from the broker and then run the code defined in your task, they can optionally return a value via the results backend.

Celery workers have a “consumer” which fetches tasks from the broker: by default it requests many tasks at once, equivalent to “prefetch multiplier x concurrency“. (If your prefetch multiplier is 5 and your concurrency is 4, it attempts to fetch up to 20 queued tasks from the broker.) Once fetched it places them into an in-memory buffer. The task pool then runs each task via its Strategy — for a normal Celery Task the task pool essentially executes tasks from the consumer’s buffer.

The worker also handles scheduling tasks to run in future (by queueing them in-memory), but we will not go deeper into that here.

Using the “prefork” pool, the consumer and task pool are separate processes, while the “gevent”/”eventlet” pool uses coroutines, and the “threads” pool uses threads. There’s also a “solo” pool which can be useful for testing (everything is run in the same process: a single task runs at a time and blocks the consumer from fetching more tasks.)

Backend

The backend is another piece of off-the-shelf software which is used to store the results of your task. It provides a key-value store and is commonly Redis, although there are many options depending on how durable and large your results are. The results backend can be queried by using the AsyncResult object which is returned to your application code. [4]

Much like for brokers, how you configure results backends is beyond the scope of this article.

Dataflow

You might have observed that the above components discussed at least several different processes (client, broker, worker, worker pool, backend) which may also exist on different computers. How does this all work to pass the task between them? Usually this level of detail isn’t necessary to understand what it means to “run a task in the background”, but it can be useful for diagnosing performance or configuring brokers and backends.

The main thing to understand is that there’s lots of serialization happening across each process boundary:

A task message traversing from application code to the broker to a worker, and a result traversing from a worker to a backend to application code.

Request Serialization

When a client requests for a task to be run the information needs to be passed to the broker in a form it understands. The necessary data includes:

  • The task identifier (e.g. my_app.add).
  • Any arguments (e.g. (1, 2)) and keyword arguments.
  • A request ID.
  • Routing information.
  • …and a bunch of other metadata.

Exactly what is included is defined by the message protocol (of which Celery has two, although they’re fairly similar).

Most of the metadata gets placed in the headers while the task arguments, which might be any Python class, need to be serialized into the body. Celery supports many serializers and uses JSON by default (pickle, YAML, and msgpack, as well as custom schemes can be used as well).

After serialization, Celery also supports compressing the message or signing the message for additional security.

An example AMQP message containing the details of a task request (from RabbitMQ’s management interface) is shown below:

The example Celery task wrapped in a RabbitMQ message

When a worker fetches a task from the broker it deserializes it into a Request and executes it (as discussed above). In the case of a “prefork” worker pool the Request is serialized again using pickle when passed to task pool [5].

The worker pool then unpickles the request, loads the task code, and executes it with the requested arguments. Finally your task code is running! Note that the task code itself is not contained in the serialized request, that is loaded separately by the worker.

Result Serialization

When a task returns a value it gets stored in the results backend with enough information for the original client to find it:

  • The result ID.
  • The result.
  • …and some other metadata.

Similarly to tasks this information must be serialized before being placed in the results backend (and gets split between the headers and body). Celery provides configuration options to customize this serialization. [6]

An example AMQP message containing the details of a result is shown below:

The example Celery result wrapped in a RabbitMQ message

Once the result is fetched by the client it can deserialized the true (Python) return value and provide it to the application code.

Final thoughts

Since the Celery protocol is a public, documented API it allows you to create task requests externally to Celery! As long as you can interface to the Celery broker (and have some shared configuration) you can use a different application (or programming language) to publish and/or consume tasks. This is exactly what others have done:

Note that I haven’t used any of the above projects (and can’t vouch for them).

[1]Part of this started out as an explanation of how celery-batches works. [2]Celery beat is another common component used to run scheduled or periodic tasks. Architecture wise it takes the same place as your application code, i.e. it runs forever and requests for tasks to be executed based on the time. [3]There’s a bunch of ways to do this, apply_async and delay are the most common, but don’t impact the contents of this article. [4]As a quick aside — AsyncResult does not refer to async/await in Python. AsyncResult.get() is synchronous. A previous article has some more information on this. [5]This is not configurable. The Celery security guide recommends not using pickle for serializers (and it is well known that pickle can be a security flaw), but it does not seem documented anywhere that pickle will be used with the prefork pool. If you are using JSON to initially serialize to the broker then your task should only be left with “simple” types (strings, integers, floats, null, lists, and dictionaries) so this should not be an issue. [6]Tasks and results can be configured to have different serializers (or different compression settings) via the task_ vs. result_ configuration options.

Mozilla Thunderbird: Thunderbird for Android / K-9 Mail: August 2023 Progress Report

Friday 15th of September 2023 03:11:03 PM

A Quiet Yet Productive Month

August was a relatively calm month for the K-9 Mail team, with many taking well-deserved summer vacations and attending our first Mozilla All-Hands event. Despite the quieter pace, we managed to hit a significant milestone on our journey to Thunderbird for Android: the beta release of our new account setup interface.

Beta Release with New Account Setup: We Want Your Feedback!

We’re thrilled to announce that we rolled out a beta version featuring the new account setup UI. This has been a long-awaited feature, and even though the team was partially on vacation, we managed to get it out for user testing. The initial feedback has been encouraging, and we’re eager to hear your thoughts.

<figcaption class="wp-element-caption">Add your email address</figcaption> <figcaption class="wp-element-caption">Configuration found through autoconfig</figcaption> <figcaption class="wp-element-caption">Authenticate with your OAuth provider</figcaption> <figcaption class="wp-element-caption">Addjust your account options</figcaption>

You can find the K9-Mail v6.710 beta version here:

If you’ve tried the beta, we’d love to get your feedback. What did you like? What could be improved? Your insights will help us refine the feature for its official release.

How to Provide Feedback

You can provide feedback through the following channels:

Community contributions

In August we merged the following pull requests by these awesome contributors:

Releases

In August 2023 we published the following beta versions:

If you want to help shape future versions of the app, become a beta tester and provide feedback on new features while they are still in development.

The post Thunderbird for Android / K-9 Mail: August 2023 Progress Report appeared first on The Thunderbird Blog.

The Servo Blog: This month in Servo: upcoming events, new browser UI, and more!

Friday 15th of September 2023 12:00:00 AM

Servo has had some exciting changes land in our nightly builds over the last month:

  • as of 2023-08-09, we now use rustls instead of OpenSSL (#30025)
  • as of 2023-08-21, our experimental WebGPU support was updated (#29795, #30359)
  • as of 2023-08-26, we can now build on ARM32 in addition to ARM64 (#30204)
  • as of 2023-09-01, CSS floats are now supported again (#30243 et al)
  • as of 2023-09-05, ‘white-space: nowrap’ is now supported again (#30259)
  • as of 2023-09-07, we have an improved crash error page (#30290)
  • as of 2023-09-15, our new browser UI is enabled by default (#30049)

While our WebGPU support is still very much experimental (--pref dom.webgpu.enabled), it now passes over 5000 more tests in the Conformance Test Suite, after an upgrade from wgpu 0.6 (2020) to 0.16 (2023) and the addition of GPUSupportedFeatures. A few WebGPU demos now run too, notably those that don’t require changing the width or height on the fly, such as the Conway’s Game of Life built in Your first WebGPU app.

Both of these were contributed by Samson @sagudev, who has also done a lot of work on our DOM bindings, SpiderMonkey integration, and CI workflows, and we’re pleased to now have them join Servo as a reviewer too!

On the CSS front, floats and ‘white-space: nowrap’ were previously only supported in our legacy layout engine (--legacy-layout), but now they are supported again, and better than ever before! Floats in particular are one of the trickiest parts of CSS2, and our legacy version had many bugs that were essentially unfixable due to the legacy layout architecture.

Sometimes Servo crashes due to bugs or unimplemented features, and Rust helps us ensure that they almost always happen safely by panicking, but there’s still a lot we can do to improve the user experience while surfacing those panics, especially on platforms without stdio like Windows.

Our new crash error page shows the panic message and stack trace, instead of a confusing “unexpected scheme” error, and allows the user to reload the page. Note that not all crashes are handled gracefully yet — more work is needed to allow recovery from crashes in style and layout.

Servo’s example browser — the nightly version of Servo you can download and run — now has a location bar! This new browser UI, or “minibrowser” mode, is now enabled by default, though you can disable it with --no-minibrowser if you run into any problems. See also #30049 for known issues with the minibrowser.

Upcoming events

September is also a big month for Servo as a project! We have joined Linux Foundation Europe, and we’re also attending several events in Bilbao, Spain, and Shanghai, China.

Servo will be at the LF Europe Member Summit in Bilbao, with a brief project update on 18 September at 10:45 local time (08:45 UTC), and the Open Source Summit Europe, with Manuel Rego speaking about Servo on 21 September at 11:55 local time (09:55 UTC).

At both events, we will also have a booth where you can play with Servo on a real device and ask us questions about the project, all day from 18 September through 21 September.

The following week, you can find us at the GOSIM workshop and conference in Shanghai, with Martin Robinson presenting one workshop and one talk:

The Mozilla Blog: Seeing a Firefox IRL

Thursday 14th of September 2023 03:00:00 PM

Did you know that the red panda is also known as a firefox? Sept. 16 is International Red Panda Day, so we thought it would be a good time to visit a Firefox, ahem red panda, in real life and talk to their caretakers at zoos across the U.S.

Red pandas are the first panda — discovered nearly 50 years before the giant panda. Unfortunately, they are also endangered with as few as 2,500 remaining in the wild. Founded in 2007, Red Panda Network (RPN) responds to threats to the species with community-based programs that empower local people to conserve red pandas and their habitat. You can learn about RPN’s work here

Additionally, across the world, there are several zoos that participate in a breeding program to help grow the red panda population. Now is a great time to visit the red pandas at your nearest zoo.

Before you go, let us tell you more about the red pandas and the people who care for those adorable red cat-bears (another moniker they go by). We reached out to five zoos who participate in the special red panda program, and sent questions to learn from the zookeepers and the red pandas they care for.

Click on the links below to read more about the red pandas and their caretakers:

<figcaption class="wp-element-caption">Potter Park Zoo’s zookeeper Carolyn with Wilson. (Photo credit: Heath Thurman)</figcaption>

Thank you so much to the zookeepers who spent time to share their knowledge with us. We’d love to learn more about other red pandas in the world, so if you happen to be at your local zoo, share your photos with us on Twitter, Instagram or TikTok. We can’t wait to see more firefoxes!

Get Firefox Get the browser that protects what’s important

The post Seeing a Firefox IRL appeared first on The Mozilla Blog.

The Mozilla Blog: Firefox IRL: Meet Seattle’s Carson, the Woodland Park Zoo’s feisty red panda

Thursday 14th of September 2023 02:58:41 PM
<figcaption class="wp-element-caption">Megan Blandford, the animal keeper at the Woodland Park Zoo, feeds a red panda. (Photo credit: Woodland Park Zoo.)</figcaption>

Did you know that the red panda is also known as a firefox? Sept. 16 is International Red Panda Day, so we thought it would be a good time to visit a Firefox, ahem red panda, in real life and talk to their caretakers at zoos across the U.S. See our full series of interviews here.

Situated in the Pacific Northwest, the Woodland Park Zoo in Seattle offers a temperate forest that provides cooler temperatures where animals like the red panda can thrive. There, you’ll meet Carson, an 8-year-old red panda. 

Carson’s caretaker is Megan Blandford, the animal keeper at the Woodland Park Zoo. Megan describes Carson’s personality as feisty, and from what we’ve heard, you can either find him looking for food scraps or napping at the top of his tree. We love naps, too!

We caught up with Megan where she tells us more about Carson, shares her first foray in the zoo world (you’ll never guess, it involved building a piano for a killer whale) and how caring for a red panda provides job security. 

Tell us about the red pandas you care for:

“…currently has one 8-year-old Himalayan red panda named Carson that you can see daily in Woodland Park Zoo’s temperate forest [habitat]. He’s got a very feisty personality and never hesitates to let you know his strong opinions and feelings about things. He will move heaven and earth for a few bites of grapes and apples, and is sure to assist the keepers every afternoon when we aren’t giving him his daily allotment of bamboo fast enough. When he’s not cruising around on the ground for potentially missed food scraps, you can usually find him curled up in his favorite snooze spot towards the top of the tree in front of his exhibit.”

<figcaption class="wp-element-caption">Woodland Park Zoo’s 8-year-old Himalayan red panda, Carson. (Photo credit: Jeremy Dwyer-Lindgren/Woodland Park Zoo)</figcaption> What’s the coolest part about working with red pandas?

“There are so many great things about working with red pandas that it’s hard to say what the best part is! I think personally my favorite part is when Carson sees me first thing in the morning and gets SO excited. He will run along the fence to greet me and is equally excited to come in and eat/train when I come back over a few minutes later. Fun fact! Picture what you would imagine a unicorn sounds like, and that’s one of the primary vocalizations the red pandas make. It’s like an extremely high-pitched rapid neighing. I also love being able to do keeper talks and talk to the public about them and how special they are, and let them know that there are actions that they can take to help protect these unique animals that are endangered in the wild.”  

How did you get your start as a zookeeper?

I’ve been an animal keeper since 2011 and have been working with red pandas since 2020. When I was in college, I initially wanted to become a veterinarian but learned through my university that I HATED performing surgery and needed to change my goals. After working in a herpetology and parrot cognition lab on campus, I thought I might try my hand at zookeeping. I first dipped my toe into the zoo world as an intern at Six Flags Discovery Kingdom in California, where I produced ideas and then built enrichment items for an orca they had at the time (I ended up working with an engineering team to build a Simon-says killer whale piano for her.) It can be very competitive to break into the zoo world, so after I graduated and was unable to land another zoo internship or job, I worked as a freelance photographer specializing in human rights violations in Africa, specifically the Gambaga outcast witch colony and the black markets around Ghana. When I got back to the U.S. I was lucky enough to get a full-time internship in Toledo, Ohio working with elephants. From there I was hired on, and the rest is history. I eventually started working at Woodland Park Zoo; the red pandas are always the highlight of my day.”

What does your typical day look like?

My typical day starts with life checking all the animals on my unit to make sure no one had any issues overnight (e.g. HVAC going out, branch falling on a fence, tragically uninformed mallards wandering into predator areas, etc), which for me includes the maned wolves, red pandas, southern pudu and jaguars. Then I’ll prep their diets in the morning and start their morning feedings. After everyone is happy and satiated, I’ll start cleaning, and red pandas make up a large part of that because red pandas defecate a lot! Like, an alarming amount if you aren’t expecting it. Their diets consist of lots of items like bamboo that are very low in nutritional value and take lots of energy to digest. As a result, they both sleep and poop a staggering amount. If you imagine the amount a typical golden retriever might produce in a day, each red panda produces about five times as much as that per day, it’s fantastic job security. I’ll also train all the animals throughout the day so that they can participate in their own husbandry and veterinary care; it allows us the flexibility to give them choice and control regarding their care. For example, we do voluntary blood draws on Carson every few months. The male red panda is trained to sit on a platform and is reinforced with his favorite snacks while our talented veterinary staff draw blood from his tail. He’s great at other behaviors as well, like allowing voluntary injections and standing on a scale to obtain his weight. After feeding, training and cleaning, I then start to feed out their diets for overnight and check on them one last time (I like to think of it as tucking them in) before leaving for the day.”

Thank you, Megan, for sharing your stories about being a zookeeper and Carson. One of these days we’ll have to get an audio recording of Carson doing his impression of a unicorn with his “extremely high-pitched rapid neighing.”  

Get Firefox Get the browser that protects what’s important

The post Firefox IRL: Meet Seattle’s Carson, the Woodland Park Zoo’s feisty red panda appeared first on The Mozilla Blog.

The Mozilla Blog: Firefox IRL: Meet Amaya, Basu, Takeo and Pili, Sacramento Zoo’s fantastic four red pandas

Thursday 14th of September 2023 02:58:23 PM

Did you know that the red panda is also known as a firefox? Sept. 16 is International Red Panda Day, so we thought it would be a good time to visit a Firefox, ahem red panda, in real life and talk to their caretakers at zoos across the U.S. See our full series of interviews here.

Sacramento Zoo has a full house with four red pandas: Amaya, Basu, Takeo and Pili. Just like people, each red panda has a unique personality. Their caretaker, Rachel Winkler, animal care supervisor at the Sacramento Zoo, shares her stories about this foursome.

Originally a math major, Rachel volunteered at the Sacramento Zoo when she discovered how much she liked caring for animals. From there, she went on to other zoos to learn more about becoming a zookeeper. Now, she’s back at Sacramento Zoo. She tells about the resident red pandas’ favorite snacks, sleeping spots and more. 

Tell us about the red pandas you care for.

“…we have four red pandas: one breeding pair (Amaya and Basu) and one pair of roommates (Takeo and Pili). Amaya is 6 years old and is our breeding female. She is pretty shy, only being comfortable with her regular keepers. She loves grapes and bamboo! Basu is 9 years old and is our breeding male. We call him the “golden boy” because of his yellow tinted fur, plus he’s super sweet. He loves strangers and always comes over when someone new comes to the area. Takeo is 14 years old and is the sweetest old man. Despite not having many teeth left in his old age, he loves craisins (cranberry raisins). He likes to sleep a lot, but usually loses his sleeping spot to Pili, since it’s her favorite spot too. Pili is 11 years old and is a sassy lady.  She likes to get what she wants, even if that means bumping Takeo out of somewhere he’s already asleep. Being on the older side hasn’t slowed her down, and she’s still very spunky!”

<figcaption class="wp-element-caption">Sacramento Zoo’s 14-year-old Takeo stills still loves to eat craisins despite not having many teeth left. (Photo credit: Sacramento Zoo)</figcaption> What’s the coolest part about working with red pandas?

“The best part about working with red pandas is knowing I get to take care of an endangered species; there are less than 10,000 red pandas left in the wild. While it’s sad to know their population is struggling in the wild, it is exciting to be privileged to work with such a rare animal, and help raise awareness about conservation efforts to guests to help them in the wild. Here at the Sacramento Zoo, we support the Red Panda Network, who works hard to protect native panda habitat in Nepal as well as conduct research studies to better understand and save the pandas. I also love working with the red pandas because they are charismatic fluff balls who love their grapes.”

<figcaption class="wp-element-caption">Sacramento Zoo’s 9-year-old Basu is called the “golden boy” because of his yellow tinted fur. (Photo credit: Sacramento Zoo)</figcaption> How did you get your start as a zookeeper?

“I started volunteering at Sacramento Zoo when I was an undergrad at UC Davis.  I was actually a math major on track to be a teacher when I realized how much I liked the animal care field and helping with conservation. Through volunteering, I was able to get enough experience to get an internship at the Oakland Zoo over the summer of my junior year of college. After graduation, through my experience at the Oakland Zoo, I applied and was hired as a paid apprentice (full-time temporary learning position) at Oakland. While at Oakland, I got to work with a variety of taxa from tiny tenrecs all the way up to giraffes! After about two years at Oakland, I was able to get a full-time permanent position at the Santa Barbara Zoo, where I worked primarily with gorillas, giraffes and meerkats, as well as being cross-trained in all other mammal areas. After about four years in Santa Barbara, I took a primary ungulate keeper position at Sacramento and moved back. After three years, I was promoted to animal care supervisor, where I oversaw the ungulate department, and recently have moved to oversee the commissary and carnivore department (which includes the red pandas!).”

<figcaption class="wp-element-caption">Sacramento Zoo’s Rachel with red panda Takeo. (Photo credit: Sacramento Zoo)</figcaption> What does your typical day look like?

“Every morning animal care staff has a morning meeting where we go over important tasks for the day, the veterinary schedule for the day and share anything within sections that the whole department should know about. From there, we gather our diets for the day from the commissary and break into the section teams for the day and hash out section goals/needs. Once we have planned out the day, we go and do life checks on the animals to make sure everyone is okay to start our day. Mornings include the majority of cleaning of animal areas and habitats and feeding out a.m. diets. The rest of the day varies based on animals or sections you’re in, but some animals get midday feeds as well as p.m. feedings. After lunch usually lends free time for projects like creating enrichment, training or habitat upkeep.  At the end of the day, making sure everyone is fed, closed into appropriate areas/given access to off-habitat areas as needed, and we’re good to go until tomorrow when we do it all again.”

<figcaption class="wp-element-caption">Sacramento Zoo’s 11-year-old Pili is a sassy lady who likes to get what she wants. (Photo credit: Sacramento Zoo)</figcaption>

Thank you, Rachel, for sharing your stories about this foursome. Sounds like there are more fun adventures in store for this group.

Get Firefox Get the browser that protects what’s important

The post Firefox IRL: Meet Amaya, Basu, Takeo and Pili, Sacramento Zoo’s fantastic four red pandas  appeared first on The Mozilla Blog.

The Mozilla Blog: Firefox IRL: Meet Linda and Saffron, Idaho Falls Zoo’s mother-daughter red panda duo

Thursday 14th of September 2023 02:57:53 PM

Did you know that the red panda is also known as a firefox? Sept. 16 is International Red Panda Day, so we thought it would be a good time to visit a Firefox, ahem red panda, in real life and talk to their caretakers at zoos across the U.S. See our full series of interviews here.

Forget “Gilmore Girls.” The best mother-and-daughter show to watch is right at Idaho Falls Zoo. We’re talking about red panda Linda and her little one, Saffron. 

In 2021, Saffron was born at Idaho Falls Zoo and since then, she’s been at her mother’s side. Katie Barry, general curator at the zoo, tells us that Saffron recently discovered how yummy grapes taste and is always looking for treats along with her mom. We chatted with Katie, who shared a fun fact about how red pandas are able to go head first down a tree.

Tell us about the red pandas you care for.

“Linda is very much a nosey panda, wanting to be right up in your business as we clean the enclosure. She is always looking for handouts and loves bamboo and grapes. Saffron is a little more cautious and will keep her distance until the food comes out. Linda always hogs the grapes, so growing up Saffron never knew how good they were until late last year when she had her first one. Now she will be right up with Linda waiting when keepers come in with treats.”

<figcaption class="wp-element-caption">Idaho Falls Zoo mother and daughter, Linda and Saffron. (Photo credit: Idaho Falls Zoo)</figcaption> What’s the coolest part about working with red pandas?

“Red pandas are very curious, smart and playful animals. Being able to work with them is just amazing. They are fun to watch move the enclosure, over logs, ropes, ladders and tree branches. Their adaptation of the thumb-like bone to help grip the stocks of bamboo and cool ankle bone structure that allows them to turn their foot so they can go head first down a tree.” 

How did you get your start as a zookeeper?

Beginning my career in zookeeping, I first obtained a biology degree with an emphasis in zoology. From there, I took the time searching for internships and other available opportunities to get work experience in the zoo field. For me, I did a yearlong program at a facility in Washington that had exotic, big cats and learned animal husbandry basics. My peers and I had classes going over USDA regulations, nutrition and diet prep to proper cleaning and care for the animals. After completing the program, I was fortunate enough to get a job at a zoo in Mississippi as a zookeeper. Through my career, I have had the privilege to work with a variety of animals, from reptiles to primates and just about everything in between. Though I did enjoy the carnivores best; the red pandas are part of the small carnivore group.”

What does your typical day look like?

 “A typical day consists of a morning meeting where as a team we discuss what is going on, any meetings, trainings, tours, etc. that may be happening that we need to know about and schedule for. From there, our top priority is to check all the animals in our areas making sure they are all in good health, followed by a.m. feedings, any medications that need to be given out and moving on to clean. Exhibits are cleaned and checked before animals are put back out for the day and once out, holding areas are cleaned and checked over as well as giving out enrichment. The day is finished up with making diets for the night and next morning followed by p.m. feedings, shifting of any animals per protocols and end-of-the-day health checks. During the middle of the day, as time allows, we do various projects around our respective areas, fill out the day’s paperwork and work with the animals on specific behaviors to help promote better veterinary care and overall animal management. While the zoo is open, the animal care staff provides educational encounters with the public throughout the day.”

For visitors to the Idaho Falls Zoo, you can meet the zookeeper at the red panda exhibit on Saturdays to learn more about the mother-daughter duo. 

Thank you, Katie, for sharing your stories about Linda and Saffron. It sounds like just the perfect show to watch this summer!

Get Firefox Get the browser that protects what’s important

The post Firefox IRL: Meet Linda and Saffron, Idaho Falls Zoo’s mother-daughter red panda duo appeared first on The Mozilla Blog.

The Mozilla Blog: Firefox IRL: Meet Deagan, Maliha and Wilson, Michigan Potter Park Zoo’s red panda family

Thursday 14th of September 2023 02:57:13 PM

Did you know that the red panda is also known as a firefox? Sept. 16 is International Red Panda Day, so we thought it would be a good time to visit a Firefox, ahem red panda, in real life and talk to their caretakers at zoos across the U.S. See our full series of interviews here.

This past July marked the first birthday of Potter Park Zoo’s newest red panda, Wilson. His birth last year is part of the Association of Zoos and Aquariums (AZA)’s red panda Species Survival Plan Program. To maintain genetic diversity in the red panda population, the Michigan zoo’s female red panda Maliha was paired with Deagan Reid, and together they brought Wilson into this world.

The family’s caretaker is Carolyn Schulte, carnivore and primate keeper at Potter Park Zoo. Carolyn grew up loving animals and is close to celebrating 10 years at the zoo. Carolyn tells us the advantages of having a solo cub to help care for, as well as how she and others on the team are able to deepen their relationship with the cub through close contact. 

Tell us about the red pandas you care for.

We currently house three red pandas: Deagan Reid (dad), Maliha (mom) and Wilson (son). Deagan Reid is a great panda but prefers to do his own thing. He is willing to work with keepers for his favorite treat (pear) but more often prefers napping in a high spot in his habitat. Maliha is a very keeper-oriented panda, even when her favorite treat (grapes) is not involved, although she will never turn one down. This affinity for her caretakers means we have been able to train some helpful behaviors, including awake voluntary ultrasound, which we have used to confirm each of her three pregnancies. Wilson is our newest addition, born last July, and he had quickly become a staff favorite. Red pandas can have litters of one to four, with two being the most common, but Wilson was born as a solo cub. This means he got our undivided attention while still in the nest box, and he quickly learned that keepers usually mean snacks. He is a playful, inquisitive and intelligent panda and is a joy to work with.”

<figcaption class="wp-element-caption">Potter Park Zoo’s newest addition, Wilson, will be celebrating his first birthday in July. (Photo credit: Heath Thurman)</figcaption> What’s the coolest part about working with red pandas?

 “Unlike most of the other animals in my department, red pandas are not protected contact, but free contact, meaning we can share space. This makes caring for them and training them much simpler and means it is easier to develop close relationships. Due to this close relationship, we also get to be more involved when cubs are born since our female Maliha allows us to check in on the cubs’ progress almost daily without getting stressed. We can also start forming relationships with the cubs at a young age while they are still in the nest box, which makes caring for them and training behaviors much easier.”

How did you get your start as a zookeeper?

I always loved animals and knew I would work with them someday, I just didn’t know what that looked like. It wasn’t until I went to MSU and found out they had a degree in zoology with a concentration in zoo and aquarium science that I realized zookeeping was a real career pathway worth pursuing. I interned at John Ball Zoo in Grand Rapids during college and worked there as a keeper aide the summer after graduating. I heard Potter Park Zoo had a paid internship available, so I applied and got it! After the internship I applied twice to open full-time keeper positions here before being hired on. I’m now almost to my 10-year work anniversary.”

<figcaption class="wp-element-caption">Potter Park Zoo’s zookeeper Carolyn with Wilson. (Photo credit: Heath Thurman)</figcaption> What does your typical day look like?

A typical day is busy. It begins with checking on and feeding all the animals I’m responsible for that day. The zoo is divided up into three animal departments, and each department is divided among two or three keepers on a given day. Most of the animals I work with require protected contact (humans and animals never share space), so feeding usually happens in off-exhibit spaces, giving me a chance to clean and check exhibits before sending animals back out for the day. This is also a good time to place enrichment (anything that encourages an animal to exhibit natural behaviors) in the exhibit. The middle of the day involves cleaning off-exhibit spaces and doing any projects that need to get done. The end of the day involves another round of checking on animals and feeding before leaving for the night.”

<figcaption class="wp-element-caption">Potter Park Zoo’s zookeper Carolyn with Maliha (mom) and Wilson (baby). (Photo credit: Heath Thurman)</figcaption>

For visitors to the Potter Park Zoo, there are daily keeper talks, where you can learn fascinating facts and insights about the red pandas. 

Thank you, Carolyn, for sharing your photos and stories about the red panda family. We wonder how Potter Park Zoo will celebrate Wilson’s first birthday. Is the traditional smash cake for the first birthday also a thing for red pandas? 

Get Firefox Get the browser that protects what’s important

The post Firefox IRL: Meet Deagan, Maliha and Wilson, Michigan Potter Park Zoo’s red panda family   appeared first on The Mozilla Blog.

The Mozilla Blog: Firefox IRL: Meet Rose and Ruby, Zoo Atlanta’s red panda sisters

Thursday 14th of September 2023 02:56:42 PM

Did you know that the red panda is also known as a firefox? Sept. 16 is International Red Panda Day, so we thought it would be a good time to visit a Firefox, ahem red panda, in real life and talk to their caretakers at zoos across the U.S. See our full series of interviews here.

Do you remember the story, “Little Women”? It’s a classic tale about sisters who experience the ups and downs of life. Well, here’s another sister story to follow right at Zoo Atlanta, where a “Little Women” tale of red panda sisters is unfolding this summer.

Recently, Zoo Atlanta welcomed red panda sisters, Rose and Ruby from Zoo Knoxville. Their caretaker Michelle Elliott, Senior Keeper in Mammals at the Zoo Atlanta, shares fun facts about their red fur and her inspiration for becoming a zookeeper. 

Tell us about the red pandas you care for:

We recently welcomed sisters Rose and Ruby to Zoo Atlanta from Zoo Knoxville, and they are still living in a special area for newly-arrived animals while their habitat receives some upgrades to make it a better fit for two red pandas (we previously had just one). While there, they are taken care of by an animal care teammate who welcomes all of the Zoo’s new animals – she gets to care for wide variety of species! She reports that they are doing great and are really beginning to show their separate personalities. We can’t wait to meet them!”

<figcaption class="wp-element-caption">Zoo Atlanta’s Rose enjoying a bamboo for snack. (Photo credit: Zoo Atlanta)</figcaption> What’s the coolest part about working with red pandas?

I love that there’s always something more to learn about them! Did you know that red pandas have red fur to blend in with a moss that grows in the trees in their native habitat, or that they don’t actually have paw pads? Their fur on the underside of their paw is just super dense. They are really neat animals!”

How did you get your start as a zookeeper?

My inspiration to become an animal care professional came when I participated in an overnight program at Zoo Atlanta at 9 years old. I fell in love with the tigers, and when our instructor told us they were endangered, I decided to work in the conservation field so I could help save the species.”

<figcaption class="wp-element-caption">Zoo Atlanta’s Michelle has been busy with the new red pandas who will soon be making their public appearance this summer. (Photo credit: Zoo Atlanta)</figcaption> What does your typical day look like?

“We arrive a couple hours before the Zoo opens to give the animals their morning meals, set up the public habitats for the day with enrichment, and do positive reinforcement training sessions with the animals. Once the Zoo is open and the animals are in their habitats, we clean their behind-the-scenes areas and prepare those with fresh hay beds and even more enrichment for the evening. There are often Keeper Talks, midday feedings, behind-the-scenes tours, or meetings in the afternoon, and at the end of the day we give the animals access to come inside to eat their dinners and start making a new mess for us to clean tomorrow!”

Thank you, Michelle, for sharing your stories. We can’t wait to for Rose and Ruby to meet everyone who visits them in their new habitat.

Get Firefox Get the browser that protects what’s important

The post Firefox IRL: Meet Rose and Ruby, Zoo Atlanta’s red panda sisters  appeared first on The Mozilla Blog.

Nick Fitzgerald: My WasmCon 2023 Talk

Thursday 14th of September 2023 07:00:00 AM

I recently gave a talk at WasmCon 2023 about the measures we take to ensure security and correctness in Wasmtime and Cranelift. Very similar content to this blog post.

Here is the abstract:

WebAssembly programs are sandboxed and isolated from one another and from the host, so they can’t read or write external regions of memory, transfer control to arbitrary code in the process, or freely access the network and filesystem. This makes it safe to run untrusted WebAssembly programs: they cannot escape the sandbox to steal private data from elsewhere on your laptop or run a botnet on your servers. But these security properties only hold true if the WebAssembly runtime’s implementation is correct. This talk will explore the ways we are ensuring correctness in the Wasmtime WebAssembly runtime and in its compiler, Cranelift.

The slides are available here and the recording is up on YouTube, although unfortunately they missed the first 30 seconds or so:

Mozilla Thunderbird: ThunderCast Podcast #4: Will The Real Mozilla Please Stand Up?

Wednesday 13th of September 2023 08:26:30 PM

The Thunderbird team is back from Mozilla’s All-Hands event, and we’re overwhelmed in the most positive way. In addition to the happy and positive vibes we’re feeling from meeting our colleagues in person for the first time, we have a lot of thoughts and impressions to share. Ryan, Jason, and Alex talk about how Mozilla is building AI tools for the good of humanity, and how our perception of AI has changed dramatically. Plus, the problem with the “hey Mozilla, just build a browser” argument.

Today’s episode is light on actual Thunderbird talk, and more focused on Mozilla as an organization and the future of AI. We hope you enjoy it as much as we enjoyed discussing it!

Mozilla Security Blog: Version 2.9 of the Mozilla Root Store Policy

Wednesday 13th of September 2023 05:56:32 PM

Online security is constantly evolving, and thus we are excited to announce the publication of MRSP version 2.9, demonstrating that we are committed to keep up with the advancement of the web and further our commitment to a secure and trustworthy internet.

With each update to the Mozilla Root Store Policy (MRSP), we aim to address emerging challenges and enhance the integrity and reliability of our root store. Version 2.9 introduces several noteworthy changes and refinements, and within this blog post we provide an overview of key updates to the MRSP and their implications for the broader online community.

Managing the Effective Lifetimes of Root CA Certificates

One of the most crucial changes in this version of the MRSP is to limit the time that a root certificate may be in our root store. Often, a root certificate will be issued with a validity period of 25 or more years, but that is too long when one considers the rapid advances in computer processing strength. To address this concern and to make the web PKI more agile, we are implementing a schedule to remove trust bits and/or the root certificates themselves from our root store after they have been in use for more than a specified number of years.

Under the new section 7.4 of the MRSP, root certificates that are enabled with the website’s trust bit will have that bit removed when CA key material is 15 years old. Similarly, root certificates with the email trust bit will have a “Distrust for S/MIME After Date” set at 18 years from the CA’s key material generation date. A transition schedule has been established here, which phases this in for CA root certificates created before April 14, 2014. The transition schedule is subject to change if underlying algorithms become more susceptible to cryptanalytic attack or if other circumstances arise that make the schedule obsolete.

Compliance with CA/Browser Forum’s Baseline Requirements for S/MIME Certificates

The CA/Browser Forum released Baseline Requirements for S/MIME certificates (S/MIME BRs), with an effective date of September 1, 2023. Therefore, as of September 1, 2023, certificates issued for digitally signing or encrypting email messages must conform to the latest version of the S/MIME BRs, as stated in section 2.3 of the MRSP. Period-of-time audits to confirm compliance with the S/MIME BRs will be required for audit periods ending after October 30, 2023. Transition guidance is provided at the following wiki page: https://wiki.mozilla.org/CA/Transition_SMIME_BRs.

Security Incident and Vulnerability Disclosure

To enable swift response and resolution of security concerns impacting CAs, guidance for reporting security incidents and serious vulnerabilities has been added to section 2.4 of the MRSP. Additional guidance is provided in the following wiki page: https://wiki.mozilla.org/CA/Vulnerability_Disclosure.

CCADB Compliance Self-Assessment

Previously, CAs were required to perform an annual self-assessment of compliance with Mozilla’s policies and the CA/Browser Forum’s Baseline Requirements for TLS, but the MRSP did not specifically require that the annual self-assessment be submitted. Beginning in January 2024, CA operators with root certificates enabled with the website’s trust bit must perform and submit the CCADB Compliance Self-Assessment annually (within 92 calendar days from the close of their audit period). This will provide transparency into each CA’s ongoing compliance with Mozilla policies and the CA/Browser Forum’s Baseline Requirements for TLS.

Elimination of SHA-1

With the release of Firefox 52 in 2017, Mozilla removed support for SHA-1 in TLS certificates. Version 2.9 of the MRSP takes further steps to eliminate the use of SHA-1, allowing it only for end entity certificates that are completely outside the scope of the MRSP, and for specific, limited circumstances involving duplication of an existing SHA-1 intermediate CA certificate. These efforts align with industry best practices to phase out the usage of SHA-1.

Conclusion

Several of these changes will require that CAs revise their practices, so we have sent CAs a CA Communication and Survey to alert them about these changes and to inquire about their ability to comply with the new requirements by the effective dates.

These updates to the MRSP underscore Mozilla’s unwavering commitment to provide our users with a secure and trustworthy experience. We encourage your participation in the Mozilla community and the CCADB community to contribute to these efforts to provide a secure online experience for our users.

The post Version 2.9 of the Mozilla Root Store Policy appeared first on Mozilla Security Blog.

Cameron Kaiser: WebP chemspill patch on Github

Wednesday 13th of September 2023 06:32:21 AM
A fix is in the TenFourFox tree for MFSA 2023-40, a/k/a CVE-2023-4863, which is a heap overflow in the WebP image decoder. Firefox 45 would not ordinarily be vulnerable to this but we have our own basic WebP decoder using Google's library, so we are technically exploitable as well. I was working on a fix of my own but the PM27 fix that roytam1 cherrypicked is cleaner, so I've added that patch and one more for correctness. Although this issue is currently being exploited in the wild, it would require a PowerPC-specific attack to be successful on a Power Mac. You do not need to clobber to update your build.

This Week In Rust: This Week in Rust 512

Wednesday 13th of September 2023 04:00:00 AM

Hello and welcome to another issue of This Week in Rust! Rust is a programming language empowering everyone to build reliable and efficient software. This is a weekly summary of its progress and community. Want something mentioned? Tag us at @ThisWeekInRust on Twitter or @ThisWeekinRust on mastodon.social, or send us a pull request. Want to get involved? We love contributions.

This Week in Rust is openly developed on GitHub and archives can be viewed at this-week-in-rust.org. If you find any errors in this week's issue, please submit a PR.

Updates from Rust Community OfficialNewslettersProject/Tooling Updates

The Mozilla Blog: How to easily switch from Chrome to Firefox

Tuesday 12th of September 2023 07:08:02 PM

There’s never been a better time to switch from Chrome to Firefox, if we do say so ourselves. 

Some of the internet’s most popular ad blockers, such as uBlock Origin — tools that save our digital sanity from video ads that auto-play, banners that take up half the screen and pop-up windows with infuriatingly tiny “x” buttons — will become less effective on Google’s web browser thanks to a set of changes in Chrome’s extensions platform

At Mozilla, we’re all about protecting your privacy and security – all while offering add-ons and features that enhance performance and functionality so you can experience the very best of the web. We know that content blockers are very important to Firefox users, so rest assured that despite changes to Chrome’s new extensions platform, we’ll continue to ensure access to the best privacy tools available – including content-blocking extensions that not only stop creepy ads from following you around the internet, but also allows for a faster and more seamless browsing experience. In addition, Firefox has recently enabled Total Cookie Protection as default for all users, making Firefox the most private and secure major browser available across Windows, Mac and Linux.  

Longtime Chrome user? We know change can be hard. But we’re here to help you make the move with any data you want to bring along, including your bookmarks, saved passwords and browsing history.  

Here’s how to easily switch from Chrome to Firefox as your desktop browser in five steps:

Step 1: Download and install Firefox from Mozilla’s download page

Step 2: If you have Chrome running, quit the app. But don’t delete it just yet.

Step 3: Open Firefox. The import tool should pop up. 

In case it doesn’t, click the menu button > Settings > Near “Import Browser Data,” click “Import Data.”

Step 4: Select what you want to import. If you have more than one type of data saved in Chrome, you would be able to expand the “Import all available data” section to choose what information you’d like to import to Firefox:

  • Saved Passwords: Usernames and passwords you saved in Chrome. Here’s why you can trust Firefox with your passwords.
  • Bookmarks: Web pages that you bookmarked in Chrome. 
  • Browsing History: A list of web pages you’ve visited. If there’s an article you didn’t quite finish last week, bring over your browsing history so you can find it later.
  • Saved Payment Methods: When you’re ordering something online, web forms can be populated with credit card information you’ve saved (except your CVV number, as a precaution). On Firefox, you can also use a password as an extra layer of protection for your credit card data.

We may be a little biased, but we truly believe that Mozilla’s commitment to privacy helps make the internet better and safer for everyone. We wouldn’t be able to do it without the support of our community of Firefox users, so we’d love for you to join us.  

Related stories:

The post How to easily switch from Chrome to Firefox appeared first on The Mozilla Blog.

The Mozilla Blog: Dani Chehak, Mozilla’s new chief people officer

Tuesday 12th of September 2023 01:00:00 PM

After having met with many different candidates over the past several months to fill the role of chief people officer — a significant role that contributes greatly to Mozilla’s culture and future — I am pleased to announce that Dani Chehak has joined Mozilla as chief people officer on a permanent basis.

It was a little less than a year ago that Dani came onboard as Mozilla’s interim chief people officer. The time working with her, and the search to date, made it clear to me that Dani is the right person for Mozilla. She brings with her decades of experience in leading high performing people teams, a keen strategic business focus, a deep understanding of our industry, and an extensive network and community in both the tech and human resource realms. 

“For the past 25 years, Mozilla has been the home to incredibly dedicated and talented teams of people who are pushing hard every day to make the internet a better place for everyone,” Dani said. “I feel deeply fortunate to play a part in building a welcoming and inclusive culture at Mozilla where everyone is engaged and empowered to meet the opportunities ahead of us for the next 25 years, with our mission as our guide.” 

As chief people officer, Dani will oversee all areas of HR and organizational development at Mozilla Corporation. With Dani in this role, Mozilla’s People Team will continue to support Mozilla in building a culture that is inclusive and collaborative, especially important as our organization and operations continue to grow and modernize.

I want to express my appreciation for Dani’s contributions over the last year, and I’m delighted that she will continue the work she is leading at Mozilla.

The post Dani Chehak, Mozilla’s new chief people officer appeared first on The Mozilla Blog.

Mozilla Thunderbird: Thunderbird Community Office Hours Schedule For September 2023

Saturday 9th of September 2023 04:39:25 PM

Hello Thunderbird community! We’re bringing back monthly Office Hours, now with a Saturday option to make attendance more convenient. Please read the details below to learn how and when you can meet with us to share your feedback and ask questions.

Now that Thunderbird 115 Supernova has been released, we have a lot to discuss, plan, and do! And we’re rolling out monthly Office Hours sessions so that you can:

  • Share your Thunderbird experiences with us
  • Share your ideas for the future of Thunderbird
  • Discuss ways to get involved with Thunderbird
  • Ask us questions about Thunderbird and the Thunderbird Project
  • Meet new team members, and meet your fellow Thunderbird users

This month we’re hosting these sessions using Zoom (in the future we plan to stand up a dedicated Jitsi instance). You can easily participate using video, dialing in by phone, or asking questions in our community Matrix channel at #thunderbird:mozilla.org.

LocationSession 1 time conversion
10h-11h UTC
Monday, Sept 11


Zoom link
Session 2 time conversion
17h-18h UTC
Monday, Sept 11


Zoom linkSession 3 time conversion
17h-18h UTC
Saturday, Sept 16


Zoom linkLos Angeles, USA Mon 3am-4amMon 10am-12pmSat 10am-12pmNew York, USA Mon 6am-7amMon 1pm-2pmSat 1pm-2pmSão Paulo, Brazil Mon 07h-08hMon 14h-15hSat 14h-15hBerlin, Germany Mon 12h-13hMon 19h-20hSat 19h-20hTokyo, Japan Mon 19h-20hTue 02h-03hSun 02h-03hCanberra, AustraliaMon 8pm-9pmTue 3am-4amSun 3am-4amAuckland, NZMon 10pm-11pmTue 5am-6amSun 5am-6am

In the table above please click a session for meeting time converted to your local time. If you encounter difficulty joining please post in Matrix back channel #thunderbird:mozilla.org or email us.

Hosts Wayne (Thunderbird Community Manager) and Jason (Marketing & Communications Manager), plus special guests from the Thunderbird team look forward to meeting you! 

If you are unable to attend we hope you will submit your ideas or ask for assistance.  

PLEASE NOTE: We’ll be recording this call for internal use and distribution only. In the future, we may explore publishing these on video platforms.

How To Join Community Office Hours By Phone

Meeting ID: 981 2417 3850
Password: 647025

Dial by your location
+1 646 518 9805 US (New York)
+1 669 219 2599 US (San Jose)
+1 647 558 0588 Canada
+33 1 7095 0103 France
+49 69 7104 9922 Germany
+44 330 088 5830 United Kingdom
Find your local number: https://mozilla.zoom.us/u/adPpRGsVms

The post Thunderbird Community Office Hours Schedule For September 2023 appeared first on The Thunderbird Blog.

The Mozilla Blog: Advancing the future of the internet with new ways of defining our shared digital realities

Friday 8th of September 2023 03:42:41 PM
<figcaption class="wp-element-caption">Yoshiki Ohshima is the chief scientist and co-founder of Croquet, an organization building foundational technologies for future generations of communication and collaboration technologies. </figcaption>

More than ever, we need a movement to ensure the internet remains a force for good. The Mozilla Internet Ecosystem (MIECO) program fuels this movement by supporting people who are looking to advance a more human-centered internet. This week we’re highlighting Yoshiki Ohshima, a computer scientist and researcher with big ideas for how to shift the way that we think about building virtual worlds.

Software has always had the ability to shape the world around us, but the advent of spatial computing – brought about by the internet of things (IOT), virtual and augmented reality (VR/AR), and access to cloud computing technologies — is making those world-changing capabilities a little more literal. The growth of the “immersive web” brings new capabilities to the internet that allow us to interact with information, and each other, in new interactive ways — in some cases bringing us into entirely new worlds that are impossible to experience in our physical world. With such powerful new capabilities comes a need for new ways to build these experiences, and Yoshiki Ohshima has spent years thinking about new programming paradigms.

Yoshiki, who began his career at Walt Disney Imagineering, is now the chief scientist and co-founder of Croquet, an organization building foundational technologies for future generations of communication and collaboration tools. With over two decades of experience working at the forefront of collaborative technologies, Yoshiki has been helping realize the promise of technology to help us create and connect with others from the very beginning. 

Yoshiki’s work at Croquet focuses on real time synchronization applications that are designed to offer new ways of collaborating. Greenlight, which combines the functionality of whiteboards and screen shares with video and voice chat, provides a shared workspace for group communication and brainstorming. Croquet Microverse is another app that offers new ways to share information with multi-user virtual worlds.

While 3D virtual worlds aren’t new, advancements in computer graphics have led to their growing popularity in the past several years. Through his work in MIECO, Yoshiki is hoping to expand access to tools that help people shape the virtual environments around themselves in natural, intuitive ways.

“The unique feature of Croquet Microverse is that it allows developers and designers to work together in real time to create and improve contents in the live manner from within the 3D environment – and one can do this for complex programs, not just a small subset of features,” Yoshiki says.

Creating new ways to define behaviors in software beyond text-based programming languages is something that Yoshiki has been working on for years. By introducing visual, block-based programming into 3D environments, he sees an opportunity to improve our collaborative capabilities for co-creating virtual worlds.

Today, virtual worlds are being adopted for a wide range of use cases, which is being made possible by innovations and shifts in the way that we think about programming worlds. It is now easier than ever to build immersive educational experiences to explore the inside of the brain, or embed presentations and informational content into a shared world accessible from the browser. Croquet, which offers synchronization and simulation technology to make multi-user applications easier to build, is an ideal testing ground for 3D programming.  

Within these 3D worlds that Croquet offers, Yoshiki explains that his vision of collaborative, block-based programming would offer visitors capabilities that allow them to modify the digital world that they’re inhabiting. Croquet’s underlying “reflector” system enables perfectly synchronized simulations for everyone in the environment, which means that a change one person makes will be immediately seen by others. These capabilities, which build on top of principles found in other visual programming projects that Yoshiki has influenced, such as GP Blocks, open up the field of interactive programming for virtual worlds to a wider audience.

As the field of programming continues to evolve, Yoshiki sees a future that bridges between different skill sets to help people build together more collaboratively

“We are well-positioned to create a generally powerful, yet easy to use programming environment,” Yoshiki says.“An object created in one Croquet Microverse world is fully transportable to another world, and we hope to standardize the format for wider adoption by other platforms as well.” 

The post Advancing the future of the internet with new ways of defining our shared digital realities appeared first on The Mozilla Blog.

More in Tux Machines

digiKam 7.7.0 is released

After three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. Read more

Dilution and Misuse of the "Linux" Brand

Samsung, Red Hat to Work on Linux Drivers for Future Tech

The metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. Read more

today's howtos

  • How to install go1.19beta on Ubuntu 22.04 – NextGenTips

    In this tutorial, we are going to explore how to install go on Ubuntu 22.04 Golang is an open-source programming language that is easy to learn and use. It is built-in concurrency and has a robust standard library. It is reliable, builds fast, and efficient software that scales fast. Its concurrency mechanisms make it easy to write programs that get the most out of multicore and networked machines, while its novel-type systems enable flexible and modular program constructions. Go compiles quickly to machine code and has the convenience of garbage collection and the power of run-time reflection. In this guide, we are going to learn how to install golang 1.19beta on Ubuntu 22.04. Go 1.19beta1 is not yet released. There is so much work in progress with all the documentation.

  • molecule test: failed to connect to bus in systemd container - openQA bites

    Ansible Molecule is a project to help you test your ansible roles. I’m using molecule for automatically testing the ansible roles of geekoops.

  • How To Install MongoDB on AlmaLinux 9 - idroot

    In this tutorial, we will show you how to install MongoDB on AlmaLinux 9. For those of you who didn’t know, MongoDB is a high-performance, highly scalable document-oriented NoSQL database. Unlike in SQL databases where data is stored in rows and columns inside tables, in MongoDB, data is structured in JSON-like format inside records which are referred to as documents. The open-source attribute of MongoDB as a database software makes it an ideal candidate for almost any database-related project. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the MongoDB NoSQL database on AlmaLinux 9. You can follow the same instructions for CentOS and Rocky Linux.

  • An introduction (and how-to) to Plugin Loader for the Steam Deck. - Invidious
  • Self-host a Ghost Blog With Traefik

    Ghost is a very popular open-source content management system. Started as an alternative to WordPress and it went on to become an alternative to Substack by focusing on membership and newsletter. The creators of Ghost offer managed Pro hosting but it may not fit everyone's budget. Alternatively, you can self-host it on your own cloud servers. On Linux handbook, we already have a guide on deploying Ghost with Docker in a reverse proxy setup. Instead of Ngnix reverse proxy, you can also use another software called Traefik with Docker. It is a popular open-source cloud-native application proxy, API Gateway, Edge-router, and more. I use Traefik to secure my websites using an SSL certificate obtained from Let's Encrypt. Once deployed, Traefik can automatically manage your certificates and their renewals. In this tutorial, I'll share the necessary steps for deploying a Ghost blog with Docker and Traefik.