Language Selection

English French German Italian Portuguese Spanish

Mozilla: Thunderbird Rebuts EFF, Debugging Modern Web Applications, Firefox Performance, Rust Turning 3

Filed under
Moz/FF
  • Mozilla Thunderbird: EFail and Thunderbird, What You Need To Know

    DO NOT DISABLE ENCRYPTION. We’ve seen recommendations from some outlets to stop using encrypted Email altogether. If you are sending sensitive data via Email, Thunderbird still recommends using encryption to keep those messages safe. You should, however, check the configuration of the applications you use to view encrypted EMail. For Thunderbird, follow our guidelines below to protect yourself.

  • Debugging Modern Web Applications

    Building and debugging modern JavaScript applications in Firefox DevTools just took a quantum leap forward. In collaboration with Logan Smyth, Tech Lead for Babel, we leveled up the debugger’s source map support to let you inspect the code that you actually wrote. Combined with the ongoing initiative to offer first-class JS framework support across all our devtools, this will boost productivity for modern web app developers.

    Modern JS frameworks and build tools play a critical role today. Frameworks like React, Angular, and Ember let developers build declarative user interfaces with JSX, directives, and templates. Tools like Webpack, Babel, and PostCSS let developers use new JS and CSS features before they are supported by browser vendors. These tools help developers write simpler code, but generate more complicated code to debug.

  • Firefox Performance Update #8

    Talos is a framework that we use to measure various aspects of Firefox performance as part of our continuous integration pipeline.

    There are a number of Talos “suites”, where each suite contains some number of tests. These tests, in turn, report some set of numbers that are then stored and graphable via our graph viewer here.

    Here’s a full list of the Talos tests, including their purpose, the sorts of measurements they take, and who’s currently a good person to ask about them if you have questions.

    A lot of work has been done to reduce the amount of noise in our Talos tests, but they’re still quite sensitive and noisy. This is why it’s often necessary to do 5-10 retriggers of Talos test runs in order to do meaningful comparisons.

    Sometimes Talos detects regressions that aren’t actually real regressions1, and that can be a pain. However, for the times where real regressions are caught, Talos usually lets us know much faster than Telemetry or user reports.

    Did you know that you can get profiles from Try for Talos runs? This makes it much simpler to diagnose Talos regressions. Also, we now have Talos profiles being generated on our Nightly builds for added convenience!

  • This Week in Rust 234
  • Thoughts on retiring from a team

    The Rust Community Team has recently been having a conversation about what a team member’s “retirement” can or should look like. I used to be quite active on the team but now find myself without the time to contribute much, so I’m helping pioneer the “retirement” process. I’ve been talking with our subteam lead extensively about how to best do this, in a way that sets the right expectations and keeps the team membership experience great for everyone.

  • Rust turns three

    Three years ago today, the Rust community released Rust 1.0 to the world, with our initial vision of fearless systems programming. As per tradition, we’ll celebrate Rust’s birthday by taking stock of the people and the product, and especially of what’s happened in the last year.

    [...]

    Finally, the Rust community continues to work on inclusivity, through outreach programs like Rust Reach and RustBridge, as well as structured mentoring and investments in documentation to ease contribution. For 2018, a major goal is to connect and empower Rust’s global community, which we’re doing both through conference launches in multiple new continents, as well as work toward internationalization throughout the project.

More in Tux Machines

Ubuntu MATE - Pimp your desktop to perfection

Ubuntu MATE has made a quantum leap of innovation in the past several months, offering a wealth of visual and functional changes and a mindblowing level of flexibility when it comes to customization. You really have the ability to implement anything and everything, and all of it natively, from within the system's interface. The list of options is so long that it can be overwhelming. Hopefully, this little pimping guide puts some order into this fine and rich chaos. Ubuntu Bionic isn't the most refined distro, but it sure has the almost infinite possibilities to make it appear and behave how you want it. You can have a classic desktop one day and then a MAC-like thing the next and then Ubuntu Unity the day after that. It's all there, very slick, very elegant. Well, it's time for you to do some exploring. See you. Read more

Games: Atari VCS, NEC, Pillars of Eternity II: Deadfire – Beast of Winter, State of Mind

  • Atari VCS RAM upgraded to 8GB and Atari confirm you can put a normal Linux distribution on it
    While I remain quite sceptical of the Atari VCS, I'm still pretty interested in it as a Linux gaming device. Atari recently did a Q&A blog post detailing some interesting information about it. The post is written by Rob Wyatt, the System Architect for the Atari VCS device. If the name Rob Wyatt doesn't ring a bell—they were the original Xbox system architect.
  • Atari VCS Product Q&A #1
    At this time the developer program is not open yet and it will come online in the coming months. If you have an application in mind you can start today, make sure it runs on Linux at HD resolution using standard runtime libraries, the changes from this to the AtariOS will be minimal and mostly related to application startup and application packaging. In the very near future we will release documentation on the AtariOS which will detail all the runtime components we support as well as libraries for Linux that mimic the AtariOS.
  • Is it worth $129 to relive your NES Duck Hunt glory days?

    But the folks behind the Modern Mallard Kickstarter campaign figured out a way to overcome this problem -- by using a speedy processor to rewrite the game's code in real time, counteracting the lag. The project includes a hardware mod for both the original Duck Hunt game cartridge and Zapper that makes it compatible with LCD, LED and OLED TVs. Note that the campaign doesn't include the game cartridge or Zapper, so you'll have to use your own.

    You can read more about how the mods work at the bottom of the Kickstarter page.

  • Pillars of Eternity II: Deadfire – Beast of Winter due out early next month
    The first piece of expansion content will be released 2 August. Expect to get caught up in a different realm, the Beyond, and face new enemies and puzzles.
  • Futuristic thriller 'State of Mind' has a new story trailer and releasing a day earlier than expected
    Daedalic Entertainment's futuristic thriller 'State of Mind' has a new story trailer out and a new release date. When we mentioned it last month, they gave us a release date of August 16th. However, they seem to have moved it forward as it's now going to release on August 15th. This will come with same-day Linux support!

Security Leftovers

  • Data breaches show we’re only three clicks away from anarchy
    An IT glitch afflicting BP petrol stations for three hours last Sunday evening might not sound like headline news. A ten-hour meltdown of Visa card payment systems in June was a bigger story — as was the notorious TSB computer upgrade cock-up that started on 20 April, which was still afflicting customers a month later and was reported this week to be causing ruptures between TSB and its Spanish parent Sabadell. Meanwhile, what do Fortnum & Mason, Dixons Carphone, Costa Coffee and its sister company Premier Inn have in common with various parts of the NHS? The answer is that they have all suffered recent large-scale ‘data breaches’ that may have put private individuals’ information at risk. IT Governance, a blog that monitors international news stories in this sphere, came up with a global figure of 145 million ‘records leaked’ last month alone. Such leaks are daily events everywhere — and a lesson of the TSB story was that cyber fraudsters are waiting to attack wherever private data becomes accessible, whether because of computer breakdown or lax data protection.
  • UK security researcher Hutchins makes renewed bid for freedom

    British security researcher Marcus Hutchins, who was arrested by the FBI last August over alleged charges of creating and distributing a banking trojan, has made a fresh bid to go free, claiming that the US has no territorial jurisdiction to file charges against him for alleged crimes committed elsewhere.

  • Common Ground: For Secure Elections and True National Security

    An open letter by Gloria Steinem, Noam Chomsky, John Dean, Governor Bill Richardson, Walter Mosley, Michael Moore, Valerie Plame, and others.

Containers or virtual machines: ​Which is more secure? The answer will surprise you

Are virtual machines (VM) more secure than containers? You may think you know the answer, but IBM Research has found containers can be as secure, or more secure, than VMs. James Bottomley, an IBM Research Distinguished Engineer and top Linux kernel developer, writes: "One of the biggest problems with the current debate about Container vs Hypervisor security is that no-one has actually developed a way of measuring security, so the debate is all in qualitative terms (hypervisors 'feel' more secure than containers because of the interface breadth) but no-one actually has done a quantitative comparison." To meet this need, Bottomley created Horizontal Attack Profile (HAP), designed to describe system security in a way that it can be objectively measured. Bottomley has discovered that "a Docker container with a well crafted seccomp profile (which blocks unexpected system calls) provides roughly equivalent security to a hypervisor." Read more