Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla Leftovers

Filed under
Moz/FF
  • Jan-Erik Rediger: Fenix Physical Device Testing

    The Firefox for Android (Fenix) project runs extensive tests on every pull request and when merging code back into the main branch.

    While many tests run within an isolated Java environment, Fenix also contains a multitude of UI tests. They allow testing the full application, interaction with the UI and other events. Running these requires the Android emulator running or a physical Android device connected. To run these tests in the CI environment the Fenix team relies on the Firebase test lab, a cloud-based testing service offering access to a range of physical and virtual devices to run Android applications on.

    To speed up development, the automatically scheduled tests associated with a pull request are only run on virtual devices. These are quick to spin up, there is basically no upper limit of devices that can spawn on the cloud infrastructure and they usually produce the same result as running the test on a physical device.

  • CTCFT 2021-10-18 Agenda

    After the CTCFT this week, we are going to try an experimental social hour. The hour will be coordinated in the #ctcft stream of the rust-lang Zulip. The idea is to create breakout rooms where people can gather to talk, hack together, or just chill.

  • Hacked! Unravelling a data breach

    The bottom line: If you get snagged in a data breach, tie up any loose threads quickly to protect yourself, and stay on top of monitoring your accounts for suspicious activity.

  • Dyn async traits, part 5

    If you’re willing to use nightly, you can already model async functions in traits by using GATs and impl Trait — this is what the Embassy async runtime does, and it’s also what the real-async-trait crate does. One shortcoming, though, is that your trait doesn’t support dynamic dispatch. In the previous posts of this series, I have been exploring some of the reasons for that limitation, and what kind of primitive capabilities need to be exposed in the language to overcome it. My thought was that we could try to stabilize those primitive capabilities with the plan of enabling experimentation. I am still in favor of this plan, but I realized something yesterday: using procedural macros, you can ALMOST do this experimentation today! Unfortunately, it doesn’t quite work owing to some relatively obscure rules in the Rust type system (perhaps some clever readers will find a workaround; that said, these are rules I have wanted to change for a while).

OSCAL, Open Labs, Mozilla & grooming women for Outreachy

Filed under
Software
Moz/FF

Monday, 11 October is the UN's International Day for the Girl Child. The definition of Girl Child varies from country to country. In the law of Albania, the age of consent can be as low as 14 if you can convince (bribe) a judge that a 14 year old girl has achieved sexual maturity. Legal text.

What does it look like when children aged 16 and 17 make software for big corporations to use?

Today we find out

Here is a team photo from Ura Design, one of the Albanian companies using the hackerspace as a front for people trafficking. In the team we see a former Outreachy, Renata Gegaj beside a future Outreachy, Anja Xhakani.

Read more

Mozilla Thunderbird 91.2 Finally Allows OTA Upgrades from Thunderbird 78 or Earlier

Filed under
News
Moz/FF

Thunderbird 91 was launched two months ago, but it wasn’t offered as an OTA (Over-the-Air) upgrade from Thunderbird 78 and earlier releases. After three minor point releases, Thunderbird 91.2 is here and enables support for OTA upgrades from earlier Thunderbird versions.

Thunderbird 91.2 is also a minor update, bringing only the ability to use a unique filename when saving a single message in the .eml file format, as well as a bunch of bug fixes. But the major change in this release is the ability to upgrade from Thunderbird 78 and earlier versions without from within the app.

Read more

Mozilla and Programming Leftovers

Filed under
Development
Moz/FF
  • Reducing the Overhead of Profiling Firefox Sleeping Threads – Mozilla Performance

    Firefox includes its own profiler: Visit profiler.firefox.com to enable it, and the user documentation is available from there.

    The main advantages compared with using a third-party profiler, are that it’s supplied with Firefox, it can capture screenshots, it understands JavaScript stacks, and Firefox is adding “markers” to indicate important events that may be useful to developers.

    Its most visible function is to capture periodic “samples” of function call stacks from a number of threads in each process. Threads are selected during configuration in about:profiling, and can range from a handful of the most important threads, to all known threads.

    This sampling is performed at regular intervals, by going through all selected threads and suspending each one temporarily while a sample of its current stack is captured (this is known as “stack walking”). This costly sampling operation can have a non-negligible impact on how the rest of the Firefox code runs, this is the “overhead” of the Profiler. In order to be able to sample as many threads as possible with the smallest impact, there is ongoing work to reduce this overhead.

  • Lots to see in Firefox 93! - Mozilla Hacks - the Web developer blog

    Firefox 93 comes with lots of lovely updates including AVIF image format support, filling of XFA-based forms in its PDF viewer and protection against insecure downloads by blocking downloads relying on insecure connections.

    Web developers are now able to use static initialization blocks within JavaScript classes, and there are some Shadow DOM and Custom Elements updates. The SHA-256 algorithm is now supported for HTTP Authentication using digests. This allows much more secure authentication than previously available using the MD5 algorithm.

  • GCC, Clang[d], LSP client, Kate and variadic macro warnings, a short story

    Kate has had an LSP plugin for sometime now, which uses Clangd. It's a great plugin that brings many code navigation/validation features, akin to those available in Qt Creator and KDevelop.

    So naturally since I got it to work, I've been using it. At some point I found out about the Diagnostics tab in the LSP Client tool view in Kate, which displays useful information; however I also saw that it was plagued by a spam of the following warnings...

  • GCC 12 Enables Auto-Vectorization For -O2 Optimization Level - Phoronix

    The change merged today is enabling the auto-vectorizer at the -O2 optimization level rather than only at -O3 and above. The auto-vectorizer is enabled by default with -O2 and using its "very cheap" cost model. The very cheap model enables vectorization if the scalar iteration count is a multiple of four, it is the "cheapest" of these cost models. Meanwhile the default cost model for vectorization at -O3 is "dynamic" for having more checks to try to determine if a vectorized code path will be faster.

  • Jon Chiappetta: Reddit Refresher Javascript Bookmark
  • Dirk Eddelbuettel: RcppGSL 0.3.10: Small Updatex

    A new release 0.3.10 of RcppGSL is now on CRAN. upload](https://dirk.eddelbuettel.com/blog/2020/06/21#rcppgsl_0.3.8). The RcppGSL package provides an interface from R to the GNU GSL by relying on the Rcpp package.

    This release brings a requested configure.ac update (just like RQuantLib yesterday and littler two days ago, along with the at-work tiledb update today). It also adds a small testing improvement. No user-visible changes, no new features. Details follow from the NEWS file.

  • Lang team October update

    This week the lang team held its October planning meeting (minutes). We hold these meetings on the first Wednesday of every month.

  • This Week In Rust: This Week in Rust 411

Old Thunderbird installations will be upgraded to Thunderbird 91 via automatic updates now

Filed under
Moz/FF

The Thunderbird team released two new versions of the open source desktop email client in the past two weeks. Thunderbird 91.1.2 was a smaller bug fix update for all client versions, Thunderbird 91.2.0, a security update that also included bug fixes.

Particularly of note for Thunderbird users who are still using Thunderbird 78.x is that the team has lifted the upgrade block. Previous releases of Thunderbird 91 were not offered to devices running Thunderbird 78.x via the email client's automatic update feature.

Read more

Mozilla: CISA, Rust, Rally, and SUMO

Filed under
Moz/FF
  • Mozilla Releases Security Updates for Firefox and Firefox ESR | CISA

    Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR . An attacker could exploit some of these vulnerabilities to take control of an affected system.

    CISA encourages users and administrators to review the Mozilla security advisories for Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2.

  • Baby Steps

    In the previous “dyn async traits” posts, I talked about how we can think about the compiler as synthesizing an impl that performed the dynamic dispatch. In this post, I wanted to start explore a theoretical future in which this impl was written manually by the Rust programmer. This is in part a thought exercise, but it’s also a possible ingredient for a future design: if we could give programmers more control over the “impl Trait for dyn Trait” impl, then we could enable a lot of use cases.

  • Control your data for good with Rally - Mozilla Hacks - the Web developer blog

    Let’s face it, if you have ever used the internet or signed up for an online account, or even read a blog post like this one, chances are that your data has left a permanent mark on the interwebs and online services have exploited your data without your awareness for a very long time.

    The Fight for Privacy

    The fight for privacy is compounded by the rise in misinformation and platforms like Facebook willingly sharing information that is untrustworthy, shutting down platforms like Crowdtangle and recently terminating the accounts of New York University researchers that built Ad Observer, an extension dedicated to bringing greater transparency to political advertising. We think a better internet is one where people have more control over their data.

  • Introducing Abby Parise – The Mozilla Support Blog

    It’s with great pleasure that I introduce Abby Parise, who is the latest addition to the Customer Experience team. Abby is taking the role of Support Content Manager, so you’ll definitely see more of her in SUMO. If you were with us or have watched September’s community call, you might’ve seen her there.

93.0 Firefox Release

Filed under
Moz/FF

  • 93.0 Firefox Release
  • Firefox 93.0

    Firefox 93.0 has been released. With this version Firefox supports the new AVIF image format, which is based on the modern and royalty free AV1 video codec. The PDF viewer supports filling more forms, such as XFA-based forms used by multiple governments and banks. Downloads that rely on insecure connections are blocked, protecting against potentially malicious or unsafe downloads. Details on these features and more can be found in the release notes.

  • Firefox 93 features an improved SmartBlock and new Referrer Tracking Protections

    We are happy to announce that the Firefox 93 release brings two exciting privacy improvements for users of Strict Tracking Protection and Private Browsing. With a more comprehensive SmartBlock 3.0, we combine a great browsing experience with strong tracker blocking. In addition, our new and enhanced referrer tracking protection prevents sites from colluding to share sensitive user data via HTTP referrers.

  • Tab Unloading in Firefox 93 - Mozilla Hacks - the Web developer blog

    Starting with Firefox 93, Firefox will monitor available system memory and, should it ever become so critically low that a crash is imminent, Firefox will respond by unloading memory-heavy but not actively used tabs. This feature is currently enabled on Windows and will be deployed later for macOS and Linux as well. When a tab is unloaded, the tab remains in the tab bar and will be automatically reloaded when it is next selected. The tab’s scroll position and form data are restored just like when the browser is restarted with the restore previous windows browser option.

    On Windows, out-of-memory (OOM) situations are responsible for a significant number of the browser and content process crashes reported by our users. Unloading tabs allows Firefox to save memory leading to fewer crashes and avoids the associated interruption in using the browser.

    We believe this may especially benefit people who are doing heavy browsing work with many tabs on resource-constrained machines. Or perhaps those users simply trying to play a memory-intensive game or using a website that goes a little crazy. And of course, there are the tab hoarders, (no judgement here). Firefox is now better at surviving these situations.

    We have experimented with tab unloading on Windows in the past, but a problem we could not get past was that finding a balance between decreasing the browser’s memory usage and annoying the user because there’s a slight delay as the tab gets reloaded, is a rather difficult exercise, and we never got satisfactory results.

  • Firefox 93.0 Released! Adds AVIF Support & Blocks Insecure Downloads | UbuntuHandbook

    Mozilla Firefox 93.0 was officially released today. The release features AVIF image support and further security improvements.

    The AV1 image format (AVIF) is an image file format for storing images or image sequences compressed with AV1 in the HEIF file format. It offers significant file size reduction compare to JPEG, PNG and WebP. Google Chrome added it support since version 85. By releasing v93.0, Firefox now has AVIF image support.

    Some PDF files have interactive fields to fill in data. Since Firefox 83, the built-in PDF viewer supports filling fields such as text, check boxes, and radio buttons. In the new release, it adds more forms (XFA-based forms, used by multiple governments and banks) support.

Mozilla: Removing Things, Blocking Things, and Moving to Unsafe Platforms/Devices

Filed under
Moz/FF
  • Securing Connections: Disabling 3DES in Firefox 93

    As part of our continuing work to ensure that Firefox provides secure and private network connections, it periodically becomes necessary to disable configurations or even entire protocols that were once thought to be secure, but no longer provide adequate protection. For example, last year, early versions of the Transport Layer Security (TLS) protocol were disabled by default.

    One of the options that goes into configuring TLS is the choice of which encryption algorithms to enable. That is, which methods are available to use to encrypt and decrypt data when communicating with a web server?

  • Mozilla Security Blog: Firefox 93 protects against Insecure Downloads

    Downloading files on your device still exposes a major security risk and can ultimately lead to an entire system compromise by an attacker. Especially because the security risks are not apparent. To better protect you from the dangers of insecure, or even undesired downloads, we integrated the following two security enhancements which will increase security when you download files on your computer.

  • The Mozilla Blog: News from Firefox Focus and Firefox on Mobile

    One of our promises this year was to deliver ways that can help you navigate the web easily and get you quickly where you need to go. We took a giant step in that direction earlier this year when we shared a new Firefox experience. We were on a mission to save you time and streamline your everyday use of the browser. This month, we continue to deliver on that mission with new features in our Firefox on mobile products. For our Firefox Focus mobile users, we have a fresh redesign plus new features including shortcuts to get you faster to the things you want to get to. This Cybersecurity Awareness month, you can manage your passwords and take them wherever you go whenever you use your Firefox on Android mobile app.

Web Browsers Monopolisation

Filed under
Google
Microsoft
Moz/FF
Web
  • Brave and Firefox to intercept links that force-open in Microsoft Edge

    Microsoft has inadvertently re-heated the web browser wars with the company’s anti-competitive changes to Windows 11. It made it more difficult to change the default web browser and has expanded the use of links that force-opens Edge instead of the default browser.

    The latter issue is something I addressed in 2017 with the release of EdgeDeflector. Instead of using regular https: links, Microsoft began switching out links in the Windows shell and its apps with microsoft-edge: links. Only its Edge browser recognized these links, so it would open regardless of your default browser setting. I created EdgeDeflector to also recognizes them and rewrites them to regular https: links that would then open in your default web browser.

  • What if Chrome broke features of the web and Google forgot to tell anyone? Oh wait, that's exactly what happened

    "Browser monoculture" is often bemoaned as a threat to the web. According to Statscounter, which tracks browser use, over 70 per cent of the market is made up of people using Google Chrome or another browser based on the underlying Chromium project.

    What web advocates worry about when they say this is bad is that Google can effectively determine the future of the web by determining which features to support and which not to. That's a lot of power for a single company that also has an effective monopoly on search and advertising.

    What would happen if Chrome decided to break fundamental features of the web and didn't even feel the need to tell anyone?

    Well, we can answer that question because that's what Chrome did.

    Earlier this year Chrome developers decided that the browser should no longer support JavaScript dialogs and alert windows when they're called by third-party iframes.

Firefox 93 Is Now Available for Download, Finally Enables AVIF Support by Default

Filed under
Linux
News
Moz/FF

Finally, after numerous delays, support for the next-generation AV1 Image File Format (AVIF) image format, which is based on the modern and royalty free AV1 video codec, is now enabled by default. It was supposed to land in Firefox 86 first, but it’s finally here in the Firefox 93 release.

AVIF support in Firefox was in development for more than four years. The new feature landed since Firefox 86, but it wasn’t enabled by default until now due to various bugs and regressions. Firefox 93 is the first release of the popular web browser to enable it by default to help you save even more bandwidth.

Read more

Syndicate content

More in Tux Machines

Today in Techrights

CuteFish – An Elegant, Beautiful and Easy-to-Use Linux Desktop

CutefishOS is a new free and open-source desktop environment for Linux operating systems with a focus on simplicity, beauty, and practicality. Its goal is to create a better computing experience for Linux users. Cutefish OS is among the newest kids on the block of desktop environments. And since it has been born at such a time when the KDE aesthetic leads in the UI/UX stand for Linux users, it features a design that is strikingly similar. Given its goal of making a better desktop experience, the team uses KDE Frameworks, KDE Plasma 5, and Qt. My guess is that Qt is the source of its “cute” name. They seem to have collaborated heavily with JingOS, a beautiful Linux OS targeted at Tablets. Read more

Former Microsoft Security Analyst Claims Office 365 Knowingly Hosted Malware For Years

Malware on Windows devices has become a real problem in the last few years, specifically with a recent uptick in ransomware. It appears that Microsoft has been trying to combat this issue, though, with updates to Microsoft Defender, so it has more teeth than ever before. However, what if Microsoft is part of the problem too? On Friday, cybersecurity researcher TheAnalyst explained on Twitter how BazarLoader malware leads to ransomware that can severely affect healthcare, among other industries. He then called out Microsoft, asking if the company has “any responsibility in this when they KNOWINGLY are hosting hundreds of files leading to this,” alongside an image of what appears to be malicious files being hosted in OneDrive. Read more

today's leftovers

  • pam-krb5 4.11

    The primary change in this release of my Kerberos PAM module is support for calling pam_end with PAM_DATA_SILENT. I had not known that the intent of this flag was to signal that only process resources were being cleaned up and external resources should not be (in part because an older version of the man page doesn't make this clear).

  • QB64 Hits Version 2.0, Gets Enhanced Debugging | Hackaday

    Despite the name, BASIC isn’t exactly a language recommended for beginners these days. Technology has moved on, and now most people would steer you towards Python if you wanted to get your feet wet with software development. But for those who got their first taste of programming by copying lines of BASIC out of a computer magazine, the language still holds a certain nostalgic appeal.

  • All Things Open: Diversity Event Today - Big Top Goes Up Monday! - FOSS Force

    By now things are going full tilt boogie in downtown Raleigh, as the All Things Open conference is well into its “pre” day. Keeping with the trend set by other conferences, All Things Open opens a day ahead of time, partially to stage free event’s that aren’t officially a part of the main show, but which offer attendees from out-of-town a reason to fly in a day early to settle in. This is good for the travelling attendees, because they don’t spend the first day suffering for jet lag or other forms of travel fatigue, and good for the event, because it means that more people are in place to fill seats and attend presentations, beginning with the opening keynote. [...] At ATO, the registration desks are open on Sunday from noon until 5:30 Eastern Time, and the pre-conference is a free Inclusion and Diversity Event that started at noon and will run until 5pm, emceed by Rikki Endsley, formally with Red Hat and now a community marketing manager at Amazon Web Services.

  • [Older] Arduino Nano Pros and Cons: Is the Cheapest Arduino Worth It?

    While there is quite an array of Arduino boards to choose from, the Nano is a versatile board suitable for almost all DIY electronic projects. These tiny micro controllers make compact DIY hardware development available to more people than ever before. In the past we have covered reasons you may not want to choose a genuine Arduino for your projects, but today lets take a look at the positives and negatives of the Arduino Nano.

  • Pnevmo-Capsula: Domiki rolls onto Windows, Mac and Linux

    Usually the term "on rails" refers to a highly linear experience over which the player has little control. But sometimes it's meant far more literally than that, as is the case in Pomeshkin Valentin Igorevich's recently released steampunk adventure, Pnevmo-Capsula: Domiki.

  • How to install Thinkorswim Desktop on a Chromebook in 2021

    Today we are looking at how to install Thinkorswim Desktop on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.