Language Selection

English French German Italian Portuguese Spanish

Mozilla: Six-Year Moziversary, Thomas Park/Codepip, and Weak Response to Critics of Firefox Spyware

Filed under
Moz/FF
  • Chris H-C: Six-Year Moziversary

    I’ve been working at Mozilla for six years today. Wow.

    Okay, so what’s happened… I’ve been promoted to Staff Software Engineer. Georg and I’d been working on that before he left, and then, well *gestures at everything*. This means it doesn’t really _feel_ that different to be a Staff instead of a Senior since I’ve been operating at the latter level for over a year now, but the it’s nice that the title caught up. Next stop: well, actually, I think Staff’s a good place for now.

    Firefox On Glean did indeed take my entire 2020 at work, and did complete on time and on budget. Glean is now available to be used in Firefox Desktop.

  • Hacks.Mozilla.Org: Hacks Decoded: Thomas Park, Founder of Codepip

    Thomas Park is a software developer based in the U.S. (Philadelphia, specifically). Previously, he was a teacher and researcher at Drexel University and even worked at Mozilla Foundation for a stint. Now, he’s the founder of Codepip, a platform that offers games that teach players how to code. Park has made a couple games himself: Flexbox Froggy and Grid Garden.

  • Mark Surman: Exploring better data stewardship at Mozilla [Ed: Mozilla fails to admit that spying on Firefox users is wrong; now it's misframing the criticism and responds to a straw man]

    Over the last few years, Mozilla has increasingly turned its attention to the question of ‘how we build more trustworthy AI?’ Data is at the core of this question. Who has our data? What are they using it for? Do they have my interests in mind, or only their own? Do I trust them?

    We decided earlier this year that ‘better data stewardship’ should be one of the three big areas of focus for our trustworthy AI work.

    One part of this focus is supporting the growing field of people working on data trusts, data cooperatives and other efforts to build trust and shift power dynamics around data. In partnership with Luminate and Siegel, we launched the Mozilla Data Futures Lab in March as a way to drive this part of the work.

More in Tux Machines

Kubernetes Leftovers

  • How to Tackle the Cloud Native Trends of 2022 | SUSE Communities

    At SUSE, we partner with several top-notch managed service providers to deliver the whole enterprise package — our open, interoperable offerings backed by their proven ops teams. We help MSPs more easily and securely deliver objectives despite the increasing complexity of the cloud and Kubernetes, while they help our enterprises get up and stay up, running faster, while cutting costs. We provide that much needed abstraction layer so they can focus on your enterprise modernizing securely.

  • Securing Kubernetes at the Infrastructure Level

    Infrastructure security is important to get right so that attacks can be prevented—or, in the case of a successful attack, damage can be minimized. It is especially important in a Kubernetes environment because, by default, a large number of Kubernetes configurations are not secure. Securing Kubernetes at the infrastructure level requires a combination of host hardening, cluster hardening and network security. [...] I have listed 10 best practices for securing Kubernetes at the infrastructure level. While this is certainly not an exhaustive list by any means, it should give you the foundation to make a good start. I recommend reading chapter two of Kubernetes security and observability: A holistic approach to securing containers and cloud-native applications, an O’Reilly book I co-authored, to learn about these best practices in further detail and to discover additional best practices for infrastructure security.

  • Should You Learn Kubernetes? – CloudSavvy IT

    Kubernetes has seen a surge of adoption over the past few years as companies have pivoted towards containers and cloud-native deployment methods. The platform’s become the leading orchestration solution for running containers in production. This means people who are skilled in using and managing Kubernetes clusters are now in-demand across the industry. In this article, we’ll look at whether you should learn Kubernetes based on your current role and future objectives. If you’re not being tasked with managing a cluster, the decision ultimately comes down to the skill set you want to acquire and the areas you might move into down the line.

  • Declarative vs Imperative Kubernetes Object Management – CloudSavvy IT

    Kubernetes is usually described as a declarative system. Most of the time you work with YAML that defines what the end state of the system should look like. Kubernetes supports imperative APIs too though, where you issue a command and get an immediate output. In this article, we’ll explore the differences between these two forms of object management. The chances are you’ve already used both even if you don’t recognize the terms.

Security Leftovers

  • Security updates for Friday [LWN.net]

    Security updates have been issued by CentOS (java-1.8.0-openjdk), Debian (graphicsmagick), Fedora (grafana), Mageia (aom and roundcubemail), openSUSE (log4j and qemu), Oracle (parfait:0.5), Red Hat (java-1.7.1-ibm and java-1.8.0-openjdk), Slackware (expat), SUSE (containerd, docker, log4j, and strongswan), and Ubuntu (cpio, shadow, and webkit2gtk).

  • Reproducible Builds (diffoscope): diffoscope 202 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 202. This version includes the following changes:

    [ Chris Lamb ]
    * Don't fail if comparing a nonexistent file with a .pyc file (and add test).
      (Closes: #1004312)
    * Drop a reference in the manual page which claims the ability to compare
      non-existent files on the command-line. This has not been possible since
      version 32 which was released in September 2015. (Closes: #1004182)
    * Add experimental support for incremental output support with a timeout.
      Passing, for example, --timeout=60 will mean that diffoscope will not
      recurse into any sub-archives after 60 seconds total execution time has
      elapsed and mark the diff as being incomplete. (Note that this is not a
      fixed/strict timeout due to implementation issues.)
      (Closes: reproducible-builds/diffoscope#301)
    * Don't return with an exit code of 0 if we encounter device file such as
      /dev/stdin with human-readable metadata that matches literal, non-device,
      file contents. (Closes: #1004198)
    * Correct a "recompile" typo.
    
    [ Sergei Trofimovich ]
    * Fix/update whitespace for Black 21.12.

  • CISA Adds Eight Known Exploited Vulnerabilities to Catalog | CISA

    CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise.

today's howtos

  • Single-command Docker environments on any machine with Multipass | Ubuntu

    Multipass has a new workflow tailored to run Docker containers on macOS, Windows or Linux. One single command, no dependencies, full flexibility. Multipass exists to bring Ubuntu-based development to the operating system of your choice. Whether you prefer the GUI of macOS (even on M1), Windows or any other Linux, the unmatched experience of developing software on Ubuntu is there at your fingertips, just one “multipass launch” away. Today, the Multipass team is delighted to enhance this experience for developers working with containerised applications!

  • How to create fillable forms in ONLYOFFICE Docs 7.0

    ONLYOFFICE Docs is an open-source office suite distributed under GNU AGPL v3.0. It comprises web-based viewers and collaborative editors for text documents, spreadsheets, and presentations highly compatible with OOXML formats. ONLYOFFICE Docs can be integrated with various cloud services such as Nextcloud, Seafile, Redmine, Alfresco, etc., as well as embedded into your own solution. The editors can also be used as a part of the complete productivity solution ONLYOFFICE Workspace. With the latest major update, the ONLYOFFICE developers added online form functionality allowing users to create, collaborate on and fill in forms to create documents from templates. Forms can be exported in fillable PDF and DOCX. In this tutorial, we’ll learn how to create a fillable form with ONLYOFFICE Docs.

  • 10 Funny Commands in Linux

    On Linux, the Terminal is used quite often to maintain the system. But besides doing serious work, there are also some funny commands, which I will show you below. Here, we are using Ubuntu 20.04, but you can basically use any other Linux operating system.

  • GNU Linux Debian – very fast and easy semi-automatic online install Debian 11 (non-free)

    given the fact – that once installed – GNU Linux Debian can boot (almost) anywhere, the fastest and easiest way to “install” it is to simply 1:1 copy it on whatever the user wants to boot from (harddisk or usb stick (some sticks can not be made bootable, try at least 3 different vendors)). So… this install script 1:1 copy installs Debian 11 (non-free) on any laptop/desktop/server (depending on internet speed) very fast & easy. The process can be automated (on similar hardware or on hardware where /dev/sda is always the device the user wants to 1:1 overwrite).

  • What to do when App Window is larger than Screen Height in Ubuntu | UbuntuHandbook

    For Ubuntu PC or laptop with a low resolution monitor, some app windows may be bigger than screen height, thus it’s NOT fully accessible especially for the bottom part. This usually happens in some Qt apps and Gnome Extension settings dialog in my Ubuntu laptop with 1366×768 screen resolution. A workaround is moving the app window above the top of the screen. Here’s how to do the trick in Ubuntu!

Audiocasts/Shows: Self-Hosted, Linuxfx, and More

  • Pulling the Rug Out | Self-Hosted 63

    Alex has a new high-quality self-hosted music setup, and Chris solves complicated Internet problems.

  • YouTube Shorts | Blathering – CubicleNate's Techpad

    YouTube Shorts are the response of the Video Giant to the Tik Tok. They are 1 minute in length or less and have to be in portrait format to be a “short.” I don’t have nor do I want a Tik Tok so this sort of intrigues me, but I do wonder if it will actually go anywhere. For fun, I thought I would do some YouTube Shorts in preparation for the next Linux Saloon live stream where we will be talking about Solus, an independent Linux distribution that has been known for its speed and efficiency. I haven’t given it a spin since late 2018 so it is well over due for me. It will be quite fun to try it out and see how things have changed. I have historically liked its flagship desktop environment, Budgie but it has been a while.

  • Hackaday Podcast 153: A 555 Teardown To Die For, Tetrabyte Is Not A Typo, DIY Injection Molding, And Using All The Parts Of The Trash Printer | Hackaday

    Join Hackaday Editor-in-Chief Elliot Williams and Managing Editor Tom Nardi on another whirlwind tour of the week’s top stories, hacks, and projects. We start off with some breaking Linux security news, and then marvel over impeccably designed pieces of hardware ranging from a thrifty Z table for the K40 laser cutter to a powerful homebrew injection molding rig. The finer technical points of a USB device that only stores 4 bytes at a time will be discussed, and after taking an interactive tour through the internals of the 555 timer, we come away even more impressed by the iconic 50 year old chip. We’ll wrap things up by speculating wildly about all the bad things that can happen to floating solar panels, and then recite some poetry that you can compile into a functional computer program should you feel so inclined.

  • Live - The Return to Arch Linux - Invidious
  • Linuxfx 11.1.1103 overview | Fast, stable and very safe - Invidious

    In this video, I am going to show an overview of Linuxfx 11.1.1103 and some of the applications pre-installed.