Language Selection

English French German Italian Portuguese Spanish

Mozilla/Firefox: CRLite, Firefox 83 and TenFourFox

Filed under
  • Querying CRLite for WebPKI Revocations • Insufficient.Coffee

    Firefox Nightly is now using CRLite to determine if websites’ certificates are revoked — e.g., if the Certificate Authority published that web browsers shouldn’t trust that website certificate. Telemetry shows that querying the local CRLite dataset is much faster than making a network connection for OCSP, which makes intuitive sense. It also avoids sending the website’s certificate information in cleartext over the network to check the revocation status: solving one of the remaining cleartext browsing data leakages in Firefox.

    Mozilla is currently publishing CRLite data to Remote Settings four times per day, keeping a very fresh set of revocation information for the public Web. I’ve provided some direct details on how to get at that data from the CRLite FAQ, and I want to introduce one of my command-line tools I’ve used to analyze and play with the dataset: moz_crlite_query. I’ll introduce crlite_status in a later post.

  • Firefox 83 Introduces HTTPS-Only Mode

    According to Mozilla, “the web contains millions of legacy HTTP links that point to insecure versions of websites. When you click on such a link, browsers traditionally connect to the website using the insecure HTTP protocol.”

    With HTTPS-Only Mode enabled, Firefox will attempt to establish HTTPS connections to every website and will ask for permission before connecting to a site that doesn’t support secure connections. Even if you click on an HTTP link or manually enter an HTTP address, Firefox will use HTTPS instead.

  • TenFourFox Development: TenFourFox FPR30b1 available

    TenFourFox Feature Parity Release 30 beta 1 is now available (downloads, hashes, release notes). I managed to make some good progress on backporting later improvements to the network and URL handling code, so there are no UI-facing features in this release, but the browser should use a bit less memory and run a little quicker especially on pages that reference a lot of resources (which, admittedly, is a lot of sites these days). There is also a minor update to the host database for basic adblock. Assuming all goes well, this release will come out parallel with Firefox 84 on or around December 15. I'll probably do an SPR-only build for the release immediately following to give myself a break; this will contain just needed security fixes, and there will most likely not be a beta.

More in Tux Machines

Today in Techrights

Shows/Videos: GNU/Linux News, ONLYOFFICE, LibreWolf, and AwesomeWM

Linux 5.10.8 Kernel Released - Finally Fixes That Btrfs Performance Regression

Linux 5.10.8 is out today as the latest stable release for the Linux 5.10 LTS series. Making this point release notable is that it finally addresses the 5.10 Btrfs performance regression. As noted back on Christmas, Linux 5.10 was seeing significant slowdowns on Btrfs. For simply unpacking a Linux kernel source .tar.zst file it could easily take multiple times longer on this stable kernel version. While patches for addressing this poor Btrfs behavior on Linux 5.10 were floating around since before the end of the year, it's taken until now to get them tested and queued up for mainline integration. Linux 5.11 meanwhile has a plethora of Btrfs improvements. Read more Also: Better Microsoft Surface Support Is On The Way With Linux 5.12

Youtubedl-gui: New Graphical YouTube Downloader based on Youtube-DL

Youtubedl-gui is a simple new graphical interface for the popular command-line YouTube downloader youtube-dl. The tool is quite simple to use, just paste the video URL, select audio quality and format, video resolution and format, and click download! And of course, there’s an option to change the destination folder of your downloads. Once you click download, a small dialog will pop up with the process bar. Read more