Language Selection

English French German Italian Portuguese Spanish

Mozilla: Localisation, DNS over HTTPs (DoH) and Restricting Notification Permission Prompts in Firefox

Filed under
Moz/FF
  • Mozilla Reps Community: Rep of the Month – October 2019

    Shina is from Pune, Maharashtra, India. Her journey started with the Mozilla Pune community while she was in college in 2017, with Localization in Hindi and quality assurance bugs.

    She’s been an active contributor to the community and since then has helped a lot of newcomers in their onboarding and helping them understand better what the Mozilla Community is all about.

  • Asking Congress to Examine the Data Practices of Internet Service Providers

    At Mozilla, we work hard to ensure our users’ browsing activity is protected when they use Firefox. That is why we launched enhanced tracking protection this year – to safeguard users from the pervasive online tracking of personal data by ad networks and companies. And over the last two years, Mozilla, in partnership with other industry stakeholders, has been working to develop, standardize, and deploy DNS over HTTPs (DoH). Our goal with DoH is to protect essentially that same browsing activity from interception, manipulation, and collection in the middle of the network.

    This dedication to protecting your browsing activity is why today we’ve also asked Congress to examine the privacy and security practices of internet service providers (ISPs), particularly as they relate to the domain name services (DNS) provided to American consumers. Right now these companies have access to a stream of a user’s browsing history. This is particularly concerning in light of to the rollback of the broadband privacy rules, which removed guardrails for how ISPs can use your data. The same ISPs are now fighting to prevent the deployment of DoH.

  • Mozilla Future Releases Blog: Restricting Notification Permission Prompts in Firefox

    In April we announced our intent to reduce the amount of annoying permission prompts for receiving desktop notifications that our users are seeing on a daily basis. To that effect, we ran a series of studies and experiments around restricting these prompts.

    [...]

    Most of the heavy lifting here was done by Felix Lawrence, who performed a thorough analysis of the data we collected. You can read his full report for our Firefox Release study. I will highlight some of the key takeaways:

    Notification prompts are very unpopular. On Release, about 99% of notification prompts go unaccepted, with 48% being actively denied by the user. This is even worse than what we’ve seen on Nightly, and it paints a dire picture of the user experience on the web. To add from related telemetry data, during a single month of the Firefox 63 Release, a total of 1.45 Billion prompts were shown to users, of which only 23.66 Million were accepted. I.e, for each prompt that is accepted, sixty are denied or ignored. In about 500 Million cases during that month, users actually spent the time to click on “Not Now”.

    Users are unlikely to accept a prompt when it is shown more than once for the same site. We had previously given websites the ability to ask users for notification every time they visit a site in a new tab. The underlying assumption that users would want to take several visits to make up their minds turns out to be wrong. As Felix notes, around 85% of prompts were accepted without the user ever having previously clicked “Not Now”.

    Most notification prompts don’t follow user interaction. Especially on Release, the overall number of prompts that are already compatible with this intervention is very low.

    Prompts that are shown as a result of user interaction have significantly better interaction metrics. This is an important takeaway. Along with the significant decrease in overall volume, we can see a significantly better rate of first-time allow decisions (52%) after enforcing user interaction on Nightly. The same can be observed for prompts with user interaction in our Release study, where existing users will accept 24% of first-time prompts with user interaction and new users would accept a whopping 56% of first-time prompts with user interaction.

Tracking Diaries with Matt Navarra

  • Tracking Diaries with Matt Navarra

    In Tracking Diaries, we invited people from all walks of life to share how they spent a day online while using Firefox’s privacy protections to keep count of the trackers that tried to follow them.

    Whenever you’re online, a multitude of third parties attempt to record what you’re doing, largely without your knowledge or consent. Creepy! That’s why Firefox has turned the tables, letting you block and see the trackers. Read on to find out how many trackers tried to trail Matt Navarra throughout his day, and how he felt about it.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

The world's fastest supercomputers hit higher speeds than ever with Linux

Yes, there's a lot of talk now about how quantum computers can do jobs in 200 seconds that would take the world's fastest supercomputers 10,000 years. That's nice. But the simple truth is, for almost all jobs, supercomputers are faster than anything else on the planet. And, in the latest Top 500 supercomputer ratings, the average speed of these Linux-powered racers is now an astonishing 1.14 petaflops. The fastest of the fast machines haven't changed since the June 2019 Top 500 supercomputer list. Leading the way is Oak Ridge National Laboratory's Summit system, which holds top honors with an HPL result of 148.6 petaflops. This is an IBM-built supercomputer using Power9 CPUs and NVIDIA Tesla V100 GPUs. Read more

Programming: Django, Python and Qt

  • Introducing DjangoCon Africa

    Following the huge success of PyCon Africa, the Django community in Africa is ready to bring a new major software event to the continent - the very first DjangoCon Africa! The Django Software Foundation is excited to endorse and support this initiative. Plans are already in motion for a DjangoCon Africa to be held in Addis Ababa, Ethiopia in November 2020. Actual dates to be announced as soon as key details are in place. DjangoCon Africa will include 3 days of single-track talks, 1 day of workshops and sprints, and another day for touring for international visitors. The event will also include a Django Girls workshop to be held the weekend before DjangoCon Africa. To make the conference as inclusive as possible, the event will offer financial aid to members of under-represented communities in software to ensure they can also attend.

  • Django 3.0 release candidate 1 released

    Django 3.0 release candidate 1 is the final opportunity for you to try out the raft of new features before Django 3.0 is released. The release candidate stage marks the string freeze and the call for translators to submit translations. Provided no major bugs are discovered that can't be solved in the next two weeks, Django 3.0 will be released on or around December 2. Any delays will be communicated on the django-developers mailing list thread.

  • Cyber Discovery - What it is all about

    Cyber Discovery is made of 4 rounds. The first one being CyberStart Assess. It ran from the 3rd September to the 25th October 2019. There are 10 challenges starting easy, getting much harder. The aim for most of the challenges are to use 'Inspect Element' to get into the website and find the flag. I completed all of these challenges and was invited onto the next round: CyberStart Game. CyberStart Game is much more about finding things out yourself. A useful tip if you are stuck is to search for help on Google. CyberStart Game has 3 'Bases': Headquarters where you get to take part in lots of varied challenges, Moon Base where you learn the basics of Python and Internet Tools that can be run in python e.g. FTP... You also learn how to use python to Brute Force password protected ZIP files and other securities. The Forensics Base is, well you can guess: Forensics. It teaches you about Cryptography and other hiding methods.

  • PyDev of the Week: Martin Uribe

    While taking some college courses I learned Java, but I didn’t like it much. I know enough of the following to get things done: HTML, CSS, JavaScript, Perl, SQL, and BASH. Python is my favorite; I use it pretty much every day even though my job doesn’t require me to code.

  • You can now hone your testing / pytest skills on our platform

    Writing test code is an essential skill. As PyBites we believe writing code is the only solution to becoming a master (Ninja) at programming. The same applies to test code. For that reason we extended our regular exercises with Test Bites. In this article you will read about the feature showcasing it on our first ever Test Bite. We also share some details around implementation and a challenge we hit getting it to work. Enjoy and start honing your testing skills today!

  • unu – Using Qt on embedded Linux

    Right from the start, unu wanted to add a stylish, first-class embedded high-res display to their second generation electric scooter. Like many top-class engineering companies, unu didn’t have in-house expertise for building a modern UI, so they decided to partner with KDAB to build a modern UI based on Qt. In this video you learn more about the development process in this project and why unu chose KDAB as a partner.

Google and fwupd sitting in a tree

I’ve been told by several sources (but not by Google directly, heh) that from Christmas onwards the “Designed for ChromeBook” sticker requires hardware vendors to use fwupd rather than random non-free binaries. This does make a lot of sense for Google, as all the firmware flash tools I’ve seen the source for are often decades old, contain layer-on-layers of abstractions, have dubious input sanitisation and are quite horrible to use. Many are setuid, which doesn’t make me sleep well at night, and I suspect the security team at Google also. Most vendor binaries are built for the specific ODM hardware device, and all of them but one doesn’t use any kind of source control or formal review process. The requirement from Google has caused mild panic among silicon suppliers and ODMs, as they’re having to actually interact with an open source upstream project and a slightly grumpy maintainer that wants to know lots of details about hardware that doesn’t implement one of the dozens of existing protocols that fwupd supports. These are companies that have never had to deal with working with “outside” people to develop software, and it probably comes as quite a shock to the system. To avoid repeating myself these are my basic rules when adding support for a device with a custom protocol in fwupd: I can give you advice on how to write the plugin if you give me the specifications without signing an NDA, and/or the existing code under a LGPLv2+ license. From experience, we’ll probably not end up using any of your old code in fwupd but the error defines and function names might be similar, and I don’t anyone to get “tainted” from looking at non-free code, so it’s safest all round if we have some reference code marked with the right license that actually compiles on Fedora 31. Yes, I know asking the legal team about releasing previously-nonfree code with a GPLish licence is difficult. Read more

Cumulus Networks unveils updates to its Linux OS and NetQ

Cumulus Networks announced on Monday that it has released Cumulus Linux 4.0, which is its network operating system (OS), and version 2.4 of its NetQ network operations toolset. Cumulus Networks' Partho Mishra, president and chief product officer, said Cumulus Linux 4.0 and NetQ 2.4 are key elements in the company's ongoing efforts to enable its customers' automation efforts across data centers and campus networks. "From a solutions standpoint, our focus has been on developing automation and the capabilities that our customers are going after to make their data centers run like an AWS or Google," Mishra said. "The biggest thing they focus on is automation and they've made big strides working with us and using their own resources." Read more