Language Selection

English French German Italian Portuguese Spanish

Mozilla: Facebook Container for Firefox, Issue Trackers, Securing Firefox with WebAssembly and Ad Hoc Profiling

Filed under
Moz/FF
  • The Facebook Container for Firefox

    Even with the ongoing #deletefacebook movement, not everyone is willing to completely walk away from the connections they’ve made on the social platform. After all, Facebook — and its subsidiary Instagram — is where the mountain biking club organizes rides, people post pet pics, dance moves catch on and life’s moments get shared with friends and family, near and far. Since the Cambridge Analytica scandal broke, Facebook has been greeted with more skepticism as it’s been under a hot spotlight on how it gathers, uses and gives access to our personal data for targeted advertising and manipulation, both on and off Facebook platforms. With recent news about their policy not to block false political ads, this targeting gets ever malicious.

  • Jira, Bugzilla, and Tales of Issue Trackers Past

    It seems as though Mozilla is never not in a period of transition. The distributed nature of the organization and community means that teams and offices and any informal or formal group is its own tiny experimental plot tended by gardeners with radically different tastes.

    And if there’s one thing that unites gardeners and tech workers is that both have Feelings about their tools.

    Tools are personal things: they’re the only thing that allows us to express ourselves in our craft. I can’t code without an editor. I can’t prune without shears. They’re the part of our work that we actually touch. The code lives Out There, the garden is Outside… but the tools are in our hands.

    But tools can also be group things. A shed is a tool for everyone’s tools. A workshop is a tool that others share. An Issue Tracker is a tool that helps us all coordinate work.

    And group things require cooperation, agreement, and compromise.

    While I was on the Browser team at BlackBerry I used a variety of different Issue Trackers. We started with an outdated version of FogBugz, then we had a Bugzilla fork for the WebKit porting work and MKS Integrity for everything else across the entire company, and then we all standardized on Jira.

  • Securing Firefox with WebAssembly

    Protecting the security and privacy of individuals is a central tenet of Mozilla’s mission, and so we constantly endeavor to make our users safer online. With a complex and highly-optimized system like Firefox, memory safety is one of the biggest security challenges. Firefox is mostly written in C and C++. These languages are notoriously difficult to use safely, since any mistake can lead to complete compromise of the program. We work hard to find and eliminate memory hazards, but we’re also evolving the Firefox codebase to address these attack vectors at a deeper level. Thus far, we’ve focused primarily on two techniques...

    [...]

    So today, we’re adding a third approach to our arsenal. RLBox, a new sandboxing technology developed by researchers at the University of California, San Diego, the University of Texas, Austin, and Stanford University, allows us to quickly and efficiently convert existing Firefox components to run inside a WebAssembly sandbox. Thanks to the tireless efforts of Shravan Narayan, Deian Stefan, Tal Garfinkel, and Hovav Shacham, we’ve successfully integrated this technology into our codebase and used it to sandbox Graphite.

    This isolation will ship to Linux users in Firefox 74 and to Mac users in Firefox 75, with Windows support following soon after. You can read more about this work in the press releases from UCSD and UT Austin along with the joint research paper. Read on for a technical overview of how we integrated it into Firefox.

  • Nicholas Nethercote: Ad Hoc Profiling

    I have used a variety of profiling tools over the years, including several I wrote myself.

    But there is one profiling tool I have used more than any other. It is capable of providing invaluable, domain-specific profiling data of a kind not obtainable by any general-purpose profiler.

    It’s a simple text processor implemented in a few dozen lines of code. I use it in combination with logging print statements in the programs I am profiling. No joke.

Firefox Browser On Linux And Mac Gets New Security Technology

  • Firefox Browser On Linux And Mac Gets New Security Technology

    Along with rolling out the latest security update to the Firefox browser, Mozilla has now introduced a new approach to secure the Firefox web browser on Linux and Mac operating systems.

    Firefox uses various external libraries to render the audio, videos, and images that can be exploited by the attackers to introduce malicious code. Hence, Firefox includes a new lightweight sandboxing architecture, RLBox, that uses a WebAssembly sandbox to tackle the vulnerabilities posed by the third-party libraries.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Games: Estranged: Act II, Helltaker and Soldat

  • First person exploration adventure Estranged: Act II is out

    Acting as a standalone sequel to the free Estranged: Act I, solo developer Alan Edwardes has now released Estranged: Act II. It's a first-person adventure that mixes in plenty of exploration in different environments, a few puzzles and a little action and horror too. A thoroughly mixed bag of genres blended together. You assume the role of a lone fisherman, stranded on a mysterious island during a violent storm.

  • Free to Play Puzzle-Dating Sim Helltaker Now Available on Linux and Steam OS

    Vanripper (Lukasz Piskorz) has announced that free to play puzzle-dating sim Helltaker is now available on Linux, and Steam OS. Launching on May 11th, the game is a fusion of visual novel dating sim and puzzle game. You have entered hell for one purpose- to create a harem from cute demon girls. Play through navigation based puzzles with limited moves, and attempt to reach multiple demon girls at the end. These puzzles can be skipped if you desire.

  • Classic multiplayer action game Soldat is now open source

    Soldat, a side-scrolling multiplayer shooter that was ridiculously popular in the early 2000s is now open source. They're now working on Soldat 2, which will be a much upgraded Unity remake with all sorts of advanced features. To give back to the community though, the classic Soldat has been put up on GitHub under the MIT license. Interestingly, this is not the current live version but an in-progess 1.8 build with some key differences

Android Leftovers

Games: SamRewritten, ShellShock, What Never Was

  • Steam Achievement Manager 'SamRewritten' has a new release

    Need to tweak your Steam Achievements? Perhaps a game doesn't correctly unlock them or you want to start fresh again on a game - SamRewritten can help you do that. It's an open source Steam Achievements Manager for Linux and there's a new release out recently.

  • Strategic multiplayer artillery game ShellShock Live is out now

    ShellShock Live is an awesome tribute to games like Scorched Earth, Pocket Tanks, and Worms and after many years in development it's finally released. If you've never played either of those classics (madness), it's a side-scrolling game of artillery. Each player controls a tank they're able to position anywhere they can reach, and you take it in turns to pick a weapon and fire in the hopes of annihilating the other side. It's simple but ShellShock Live advances the classics in many great ways that makes it genuinely super fun. There's fully destructible terrain, upgrades and it can be played in single-player and online.

  • What Never Was: Chapter II gets a boost from an Epic MegaGrant

    What Never Was, a short story-driven adventure game from Acke Hallgren has been given a funding boost for What Never Was: Chapter II. Not played What Never Was? It's a first-person game focused on exploration and puzzle-solving about Sarah, having to shoulder the arduous task of clearing out her grandfathers attic, and soon finds that not everything about the attic is what it seems. The first part has been well received, showing that on a small budget some great experiences can be made and the developer had been planning a sequel. The developer announced on Steam recently, that Epic Games have approved them to get an Epic MegaGrant to help fund development. Hallgren also confirmed it's not going to be an EGS exclusive.

SHIFT13mi Linux-friendly tablet with replaceable mainboard scheduled for 2021 release

German smartphone maker Shift makes phones that are designed to be modular and easy to repair. And now the company has introduced a tablet with the same design ethos. The SHIFT13mi will be a 2-in-1 tablet with a 13.3 inch touchscreen display, a detachable keyboard, support for Windows 10 or Linux, and upgradeable, replaceable, and repairable components. Read more