Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla: WebAssembly Interface Type, Bryce and Brady, FPR16

Filed under
Moz/FF
  • WebAssembly Interface Types: Interoperate with All the Things!

    People are excited about running WebAssembly outside the browser.

    That excitement isn’t just about WebAssembly running in its own standalone runtime. People are also excited about running WebAssembly from languages like Python, Ruby, and Rust.

  • Support.Mozilla.Org: Introducing Bryce and Brady

    I’m thrilled to share this update with you today. Bryce and Brady have joined us last week and will be able to help out on Support for some of the new efforts Mozilla are working on towards creating a connected and integrated Firefox experience.

    They are going to be involved with new products, but also they won’t forget to put extra effort in providing support on forums and as well as serving as an escalation point for hard to solve issues.

  • FPR16 delays

    FPR16 was supposed to reach you in beta sometime tomorrow but I found a reproducible crash in the optimized build, probably due to one of my vain attempts to fix JavaScript bugs. I'm still investigating exactly which change(s) were responsible. We should still make the deadline (September 3) to be concurrent with the 60.9/68.1 ESRs, but there will not be much of a beta testing period and I don't anticipate it being available until probably at least Friday or Saturday. More later.

Mozilla Firefox in Kazakhstan

Filed under
Moz/FF
  • Mozilla takes action to protect users in Kazakhstan

    Today, Mozilla and Google took action to protect the online security and privacy of individuals in Kazakhstan. Together the companies deployed technical solutions within Firefox and Chrome to block the Kazakhstan government’s ability to intercept internet traffic within the country.

    The response comes after credible reports that internet service providers in Kazakhstan have required people in the country to download and install a government-issued certificate on all devices and in every browser in order to access the internet. This certificate is not trusted by either of the companies, and once installed, allowed the government to decrypt and read anything a user types or posts, including intercepting their account information and passwords. This targeted people visiting popular sites Facebook, Twitter and Google, among others.

    “People around the world trust Firefox to protect them as they navigate the internet, especially when it comes to keeping them safe from attacks like this that undermine their security. We don’t take actions like this lightly, but protecting our users and the integrity of the web is the reason Firefox exists.” — Marshall Erwin, Senior Director of Trust and Security, Mozilla

  • Protecting our Users in Kazakhstan

    In July, a Firefox user informed Mozilla of a security issue impacting Firefox users in Kazakhstan: They stated that Internet Service Providers (ISPs) in Kazakhstan had begun telling their customers that they must install a government-issued root certificate on their devices. What the ISPs didn’t tell their customers was that the certificate was being used to intercept network communications. Other users and researchers confirmed these claims, and listed 3 dozen popular social media and communications sites that were affected.

    The security and privacy of HTTPS encrypted communications in Firefox and other browsers relies on trusted Certificate Authorities (CAs) to issue website certificates only to someone that controls the domain name or website. For example, you and I can’t obtain a trusted certificate for www.facebook.com because Mozilla has strict policies for all CAs trusted by Firefox which only allow an authorized person to get a certificate for that domain. However, when a user in Kazakhstan installs the root certificate provided by their ISP, they are choosing to trust a CA that doesn’t have to follow any rules and can issue a certificate for any website to anyone. This enables the interception and decryption of network communications between Firefox and the website, sometimes referred to as a Monster-in-the-Middle (MITM) attack.

    We believe this act undermines the security of our users and the web, and it directly contradicts Principle 4 of the Mozilla Manifesto that states, “Individuals’ security and privacy on the internet are fundamental and must not be treated as optional.”

Using WebThings Gateway notifications as a warning system for your home

Filed under
Moz/FF

Ever wonder if that leaky pipe you fixed is holding up? With a trip to the hardware store and a Mozilla WebThings Gateway you can set up a cheap leak sensor to keep an eye on the situation, whether you’re home or away. Although you can look up detector status easily on the web-based dashboard, it would be better to not need to pay attention unless a leak actually occurs. In the WebThings Gateway 0.9 release, a number of different notification mechanisms can be set up, including emails, apps, and text messages.

Read more

Announcing Rust 1.37.0

Filed under
Development
Moz/FF

The Rust team is happy to announce a new version of Rust, 1.37.0. Rust is a programming language that is empowering everyone to build reliable and efficient software.

Read more

Mozilla's WebThings Gateway now available for Turris Omnia router

Filed under
Moz/FF

The first step for adding devices is to put them in a mode that is receptive to a new pairing, one at a time, then to tell the Gateway web application to scan for them. Once they are recognized (and renamed to something that makes more sense to the user), there are a number of different options. The device state can be queried (e.g. is a door open or a light on) or changed, for example; some devices may require an add-on in order to access them. Users can also create a floor plan of their house to place icons of the devices in the right locations.

Beyond that, there is a rules engine where automated changes can be programmed. So if the user wants a certain light to go on or off at a specific time, for example, that can be done. The interface is icon oriented, which should make it easier for less technical users. There is also an experimental Smart Assistant feature that allows voice or typed commands like "turn on the kitchen light" to be handled. The voice data is sent to Google's voice assistant API; the text commands are handled locally on the Gateway device. It is not clear why the assistant is not using Mozilla's speech-processing engine.

New for version 0.9 is a Notifier add-on that will send an email or SMS text message based on rules that the user specifies, so motion sensor activity could trigger a text message, for example. Accompanying the Gateway release is the 0.12 release of the WebThings Framework. It has made some changes to the Web Thing API to more closely align it with the recent W3C WoT Thing Description draft.

Centralizing IoT handling on a system controlled by the user is an admirable goal. The IoT world has so far proven to be an insecure morass of competing lock-in plays, or so it seems to this cynical observer. Wresting control of the devices from the manufacturers and placing it in the hands of their owners seems like an excellent step forward. Hopefully Mozilla sticks with this project for the long haul and that it gets the community support that it surely deserves—and needs.

Read more

Mozilla: Secure Connections, Localisation and Latest on Rust

Filed under
Moz/FF
  • Mozilla revamps Firefox's HTTPS address bar information

    Mozilla plans to make changes to the information that the organization's Firefox browser displays in its address bar when it connects to sites.

    Firefox displays an i-icon and a lock symbol currently when connecting to sites. The i-icon displays information about the security of the connection, content blocking, and permissions, the lock icon indicates the security state of the connection visually. A green lock indicates a secure connection and if a site has an Extended Validation certificate, the name of the company is displayed in the address bar as well.

    Mozilla plans to make changes to the information that is displayed in the browser's address bar that all Firefox users need to be aware of.

  • Mozilla Localization (L10N): L10n Report: August Edition

    We’re quickly approaching the deadline for Firefox 69. The last day to ship your changes in this version is August 20, less than a week away.

    A lot of content targeting Firefox 70 already landed and it’s available in Pontoon for translation, with more to come in the following days. Here are a few of the areas where you should focus your testing on.

  • This Week In Rust: This Week in Rust 299

Mozilla, OSS and Development

Filed under
Development
Moz/FF
OSS
  • Mozilla VR Blog: Custom elements for the immersive web

    From the Mixed Reality team, we keep working on improving the content creator experience, building new frameworks, tools, APIs, performance tuning and so on.
    Most of these projects are based on the assumption that the users have a basic knowledge of 3D graphics and want to go deep on fully customizing their WebXR experience, (eg: using A-Frame or three.js).
    But there are still a lot of use cases where content creators just want very simple interactions and don’t have the knowledge or time to create and maintain a custom application built on top of a WebXR framework.

    With this project we aim to address the problems these content creators have by providing custom elements with simple, yet polished features. One could be just a simple 360 image or video viewer, another one could be a tour allowing the user to jump from one image to another.

  • Mozilla Reps Community: Reps OKRs for second half of 2019

    Here is the list of the OKRs (objective and Key Results) that the Reps Council has set for the second half of 2019

  • Building a non-breaking breakpoint for Python debugging

    This is the story of how our team at Rookout built non-breaking breakpoints for Python and some of the lessons we learned along the way. I'll be presenting all about the nuts and bolts of debugging in Python at PyBay 2019 in San Francisco this month. Let's dig in.

  • Excellent Free Books to Learn X86 Assembly

    An assembly language is a low-level programming language for a computer, or other programmable device. Assembly language is used by almost all modern desktop and laptop computers. It is as close to writing machine code without writing in pure hexadecimal. It is converted into executable machine code by a utility program referred to as an assembler.

  • A comprehensive guide to agile project management

    With a focus on continuous improvements, agile project management upends the traditional linear way of developing products and services. Increasingly, organizations are adopting agile project management because it utilizes a series of shorter development cycles to deliver features and improve continually. This management style allows for rapid development, continuous integration (CI), and continuous delivery (CD).

    Agile project management allows cross-functional teams to work on chunks of projects, solving problems and moving projects forward in shorter phases. This enables them to iterate more quickly and deliver more frequent updates.

    The agile methodology provides a higher level of quality improvements on an incremental basis instead of waiting to distribute finished projects. And agile project management works. For example, PWC reports agile projects are 28% more successful than traditional project methodologies.

Mozilla: SUMO, CPU Spikes in Firefox and Data Collection (Surveillance)

Filed under
Moz/FF
  • Community Management Update

    I have a couple announcements for today. I’d like you all to welcome our two new community managers.

    First off Kiki has officially joined the SUMO team as a community manager. Kiki has been filling in with Konstantina and Ruben on our social support activities. We had an opportunity to bring her onto the SUMO team full time starting last week. She will be transitioning out of her responsibilities at the Community Development Team and will be continuing her work on the social program as well as managing SUMO days going forward.

    In addition, we have hired a new SUMO community manager to join the team. Please welcome Giulia Guizzardi to the SUMO team.

  • Mike Hoye: Ten More Simple Rules

    The Public Library of Science‘s Ten Simple Rules series can be fun reading; they’re introductory papers intended to provide novices or non-domain-experts with a set of quick, evidence-based guidelines for dealing with common problems in and around various fields, and it’s become a pretty popular, accessible format as far as scientific publication goes.

  • Henrik Skupin: Example in how to investigate CPU spikes in Firefox

    So a couple of months ago when I was looking for some new interesting and challenging sport events, which I could participate in to reach my own limits, I was made aware of the Mega Hike event. It sounded like fun and it was also good to see that one particular event is annually organized in my own city since 2018. As such I accepted it together with a friend, and we had an amazing day. But hey… that’s not what I actually want to talk about in this post!

    The thing I was actually more interested in while reading content on this web site, was the high CPU load of Firefox while the page was open in my browser. Once the tab got closed the CPU load dropped back to normal numbers, and went up again once I reopened the tab. Given that I haven’t had that much time to further investigate this behavior, I simply logged bug 1530071 to make people aware of the problem. Sadly the bug got lost in my incoming queue of daily bug mail, and I missed to respond, which itself lead in no further progress been made.

    Yesterday I stumbled over the website again, and by any change have been made aware of the problem again. Nothing seemed to have been changed, and Firefox Nightly (70.0a1) was still using around 70% of CPU even with the tab’s content not visible; means moved to a background tab. Given that this is a serious performance and power related issue I thought that investigation might be pretty helpful for developers.

    In the following sections I want to lay out the steps I did to nail down this problem.

  • My StarCon 2019 Talk: Collecting Data Responsibly and at Scale

    Back in January I was privileged to speak at StarCon 2019 at the University of Waterloo about responsible data collection. It was a bitterly-cold weekend with beautiful sun dogs ringing the morning sun. I spent it inside talking about good ways to collect data and how Mozilla serves as a concrete example. It’s 15 minutes short and aimed at a general audience. I hope you like it.

Mozilla: Firefox 69, Revamping Firefox’s Reader Mode, MDN Ramble

Filed under
Moz/FF
  • Extensions in Firefox 69

    In our last post for Firefox 68, we’ve introduced a great number of new features. In contrast, Firefox 69 only has a few new additions. Still, we are proud to present this round of changes to extensions in Firefox.

  • Revamping Firefox’s Reader Mode this Summer

    For me, getting all set to read a book would mean spending hours hopping between stores to find the right lighting and mood to get started. But with Firefox’s Reader Mode it’s now much more convenient to get reading on the go. And this summer, I have been fortunate to shift roles from a user to a developer for the Reader Mode . As I write this blog, I have completed two months as a Google Summer of Code student developer with Mozilla. It has been a really enriching experience and thus I would like to share some glimpses of the project and my journey so far.

  • The Tall-Tale Clock: The myth of task estimates

    On the MDN team, we have begun over the past year to use a time unit we call the hypothetical ideal day or simply ideal day. This is a theoretical time unit in which you are able to work, uninterrupted, on a project for an entire 8-hour work day. A given task may take any appropriate number of ideal days to complete, depending on its size and complexity. Some tasks may take less than a single ideal day, or may otherwise require a fractional number of ideal days (like 0.5 ideal days, or 1.25 ideal days). We generally round to a quarter of a day.

5 open-source Firefox alternatives for Linux users

Filed under
Moz/FF
Web

Mozilla Firefox is an excellent open-source web browser, perhaps one of the best tools on the entire Linux platform. Still, the Firefox browser is adding more and more features, and these new additions aren’t for everyone. If you’re looking for an open-source alternative to Firefox on Linux, we’ve got you covered. Here are 5 open-source Firefox alternatives for Linux users.

Read more

Syndicate content

More in Tux Machines

Events: Linux Fest Northwest and OSCON, Intel's OSTS, LibreOffice Hackfests and Debian at ICFP 2019

  • GNOME on the Road: Linux Fest Northwest and OSCON

    Linux Fest Northwest took place back in April, and we were there! Sri Ramkrishna and I hung out in Bellingham, Washington (USA), meeting GNOMEies, free software contributors, and open source enthusiasts.

  • Intel Shares Highlights From Their 2019 Open-Source Technology Summit

    Taking place back in May at the beautiful Skamania Lodge in Washington was Intel's OSTS 2019 for their annual Open-Source Technology Summit that traditionally was internal-only but has begun opening up including allowing external participants this year. I was at OSTS 2019 and it's by far my highlight of the year with many really great sessions and a lot of useful networking at the event. Intel's open-source team has now shared some video recordings from this open-source/Linux event. 

  • Annual Report 2018: LibreOffice Hackfests

    Most LibreOffice developers are working from their home offices, so hackfests provide a unique opportunity to spend some time working shoulder-to-shoulder with their peers. In 2018, LibreOffice developers and community members met at four hackfests in Brussels, Hamburg, Tirana and Munich.

  • ICFP 2019

    ICFP 2019 in Berlin ended yesterday, and it was – as always – a great pleasure. This year was particularly noteworthy for the quite affordable conference hotel and the absolutely amazing food during the coffee breaks.

OSS Leftovers

  • How open source is benefitting SUSE, its channel partners and customers

    Open source technology is being talked about even more rampantly today. Phillip Cockrell, Vice President of Global Channels, SUSE articulates, “More than anything, open source is the core of innovation. It is by all and for all and propelling all aspects of technology development today.” SUSE, a native open source software company, which provides reliable, software-defined infrastructure and application delivery solutions that give organisations greater control and flexibility, is a seasoned 25-year-old player in the domain.

  • What is AOSP? Android Open Source Project, the ‘Android without Google’

    AOSP is the acronym for Android Open Supply Challenge ; that’s, ‘Android Open Source Project’. So it's simply the supply code of Android, the cellular working system of the Mountain View firm. However what’s it for? Its fundamental software is by OEMs; cellular producers obtain AOSP and make their 'ROM inventory', but additionally serves as the premise for customized ROMs and forks. AOSP, or Android Open Supply Challenge, isn’t the identical as Android Inventory . Whereas AOSP is the supply code of the working system, Android Inventory is the 'pure model' with out bloatware of any sort and solely with apps and Google providers, in addition to the native launcher. AOSP, nevertheless, is the premise of Android Vanilla , which is the model that’s distributed to smartphone producers and is topic to modifications. On it, the producer's personal purposes and providers are launched, and naturally the customization layer and the variations which can be essential for particular elements to work.

  • How to Avoid Technical Debt in Open Source Projects
  • Introducing OpenDrop, an open-source implementation of Apple AirDrop written in Python

    A group of German researchers recently published a paper “A Billion Open Interfaces for Eve and Mallory: MitM, DoS, and Tracking Attacks on iOS and macOS Through Apple Wireless Direct Link”, at the 28th USENIX Security Symposium (August 14–16), USA. The paper reveals security and privacy vulnerabilities in Apple’s AirDrop file-sharing service as well as denial-of-service (DoS) attacks which leads to privacy leaks or simultaneous crashing of all neighboring devices. As part of the research, Milan Stute and Alexander Heinrich, two researchers have developed an open-source implementation of Apple AirDrop written in Python – OpenDrop. OpenDrop is like a FOSS implementation of AirDrop. It is an experimental software and is the result of reverse engineering efforts by the Open Wireless Link project (OWL). It is compatible with Apple AirDrop and used for sharing files among Apple devices such as iOS and macOS or on Linux systems running an open re-implementation of Apple Wireless Direct Link (AWDL).

  • The Top 13 Free and Open Source Storage Solutions

    In this article we will examine free and open source storage solutions by providing a brief overview of what to expect, as well as blurbs on each tool.

  • Open Source Origination Technology Platform for Online Lenders

    DigiFi was founded by Joshua Jersey and Bradley Vanderstarren in 2014. It started its life as Promise Financial, an online lender, and raised $110 million in credit capital. It built up its own proprietary tech as there was no solution provider in 2014 offering an end-to-end loan origination platform that could automate the entire process. They sold off the tech to a large lending institution in 2017 and pivoted to DigiFi, one of the world’s first open source loan origination systems (LOS) which equips the lenders with flexible and modern tools to create unique platforms and digital experiences.

  • IT favors open source networking over Cisco ACI, VMware NSX

    Companies trying to avoid or lessen the use of expensive network automation software from Cisco and VMware are turning to open source tools that are often good enough for many tasks associated with managing complex modern networks. Cisco's application-centric infrastructure (ACI) and VMware's NSX are powerful technologies for operating networks built on the vendors' respective products. But many large enterprises have data centers filled with perfectly good multivendor hardware and software that very few organizations are willing to swap for an all Cisco or VMware alternative. Therefore, companies are turning to open source networking products, such as Ansible, Chef, Puppet and SaltStack, for automating many network-related chores across as much of the data center as possible, while relegating ACI and NSX to Cisco- or VMware-only portions of the network.

  • What Attorneys Should Know About Open Source Software Licensing

    With the next waves of technological change, such as autonomous vehicles, blockchain, and IoT, newer, more complex OSS licenses may be drafted, and argued in the courts, to protect the interests of software innovators and the OSS community.

Open Data: Schlumberger and Waymo

  • Schlumberger open-sources data ecosystem, contributing to industrywide data development
  • Schlumberger Open Sources Data Ecosystem

    Oilfield services company Schlumberger said it will open source its data ecosystem and contribute to The Open Group Open Subsurface Data Universe (OSDU) Forum to accelerate the delivery of the OSDU Data Platform. The OSDU Forum is an international forum of oil and gas operators, cloud services companies, technology providers, suppliers of applications to oil and gas operators, academia and other standards organizations working together to develop an open, standards-based, data platform that will bring together exploration, development and wells data.

  • Waymo open-sources data set for autonomous vehicle multimodal sensors

    Waymo, the Alphabet subsidiary that hopes to someday pepper roads with self-driving taxis, today pulled back the curtains on a portion of the data used to train the algorithms underpinning its cars: The Waymo Open Dataset. Waymo principal scientist Dragomir Anguelov claims it’s the largest multimodal sensor sample corpus for autonomous driving released to date. “[W]e are inviting the research community to join us with the [debut] of the Waymo Open Dataset, [which is composed] of high-resolution sensor data collected by Waymo self-driving vehicles,” wrote Anguelov in a blog post published this morning. “Data is a critical ingredient for machine learning … [and] this rich and diverse set of real-world experiences has helped our engineers and researchers develop Waymo’s self-driving technology and innovative models and algorithms.”

Linux Foundation: Open Mainframe, Cloud Native Computing Foundation, IBM and More