Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla Security

Filed under
Moz/FF
  • Mozilla Releases Thunderbird 38.5 with Address Book Improvements, Security Fixes

    Today, January 7, 2016, Mozilla has announced the immediate availability for download of the Mozilla Thunderbird 38.5.0 email, news and chat client for all supported platforms, including Microsoft Windows, Mac OS X, and GNU/Linux.

  • Mozilla Re-enables SHA-1 Certificate Support in Firefox

    SHA-1 does still matter as Mozilla backtracks on support. However, don't expect the company to support SHA-1 for the long term.

  • Man-in-the-Middle Interfering with Increased Security

    According to the plan we published earlier for deprecating SHA-1, on January 1, 2016, Firefox 43 began rejecting new certificates signed with the SHA-1 digest algorithm. For Firefox users with unfiltered access to the Internet, this change probably went unnoticed, since there simply aren’t that many new SHA-1 certs being used. However, for Firefox users who are behind certain “man-in-the-middle” devices (including some security scanners and antivirus products), this change removed their ability to access HTTPS web sites. When a user tries to connect to an HTTPS site, the man-in-the-middle device sends Firefox a new SHA-1 certificate instead of the server’s real certificate. Since Firefox rejects new SHA-1 certificates, it can’t connect to the server.

Meet Chirimen, a Firefox OS-Powered IoT Single-Board Computer Developed by Mozilla

Filed under
Moz/FF

Today we would like to introduce you guys to an upcoming development SBC (Single-board computer) called Chirimen, which is currently developed by Mozilla, the company behind the world's famous Firefox and Thunderbird software products.

Read more

Mozilla Firefox News

Filed under
Moz/FF
  • Mozilla hastily backpedals on SHA-1 ban after impact larger than thought

    The impact of Mozilla's decision to depreciate SHA-1 at the start of 2016 with the release of Firefox 43 turned out to be larger than it anticipated. As a result, Mozilla hastily released an update on Wednesday that re-enabled support for SHA-1 certificates as it seeks to better evaluate how many users might be affected.

    Firefox 43 was supposed to ratchet up security for its users as part of Mozilla's roadmap by dropping support only for new SHA-1 certificates, while continuing to support older SHA-1. The rationale behind this move was to present a clear disincentive for certificate providers to move away from SHA-1 without penalizing – as yet – existing SHA-1 certificates that are already in use.

  • Firefox’s ban of SHA-1 certs causing some security issues, Mozilla warns

    Mozilla has warned Firefox users that its decision to reject SHA-1 certificates has caused an unfortunate side effect: some man-in-the-middle devices, such as security scanners and antivirus products, are failing to connect to HTTPS sites.

    The browser maker advised any netizens affected by the interference to install the latest version of Firefox, which reinstates support for SHA-1.

  • Firefox 43.0.4 Fixes Folder Creation on Linux and Brings Back SHA-1

    Mozilla has released a new version of Firefox, 43.0.4, which is just a maintenance release that happens to have an important fix for the Linux platform.

  • Mozilla: 40 Percent of Firefox Users Don't Have Add-Ons Installed

    According to an internal analysis, Mozilla staff estimates, based on anonymous telemetry data, that around 40% of its userbase does not have add-ons installed on their browser.

CES 2016: Firefox OS Still Alive, Powering New Panasonic UHD TV

Filed under
Moz/FF

The open source Firefox OS will be used to power new Panasonic DX900 UHD TVs, Mozilla and Panasonic have announced.

Read more

Firefox OS will Power New Panasonic UHD TVs Unveiled at CES

Filed under
Linux
Moz/FF

Panasonic announced that Firefox OS will power the new Panasonic DX900 UHD TVs, the first LED LCD TVs in the world with Ultra HD Premium specification, unveiled today at CES 2016.

Panasonic TVs powered by Firefox OS are already available globally, enabling consumers to find their favorite channels, apps, videos, websites and content quickly and pin content and apps to their TV’s home screen.

Read more

Mozilla News

Filed under
Moz/FF
  • The Ghacks user.js Firefox privacy and security list has been updated

    Pants has created a light and dark version, and both are included in the archive that you can download so that you can access both HTML documents locally on your system.

  • News: Tutorials with node.js and jpm.
  • OpenBSD and Nightly Mozilla Firefox security.

    W^X ("Write XOR Execute"; spoken as W xor X[1]) is the name of a security feature present in the OpenBSD operating system. It is a memory protection policy whereby every page in a process' address space is either writable or executable, but not both simultaneously. from wikipedia.

  • Write XOR Execute JIT Support Lands For Mozilla Firefox

    As another recent Firefox Nightly change besides enabling WebGL 2 by default is that Firefox's just-in-time compiler supports W^X protection.

    OpenBSD has been leading the charge on using W^X by default -- Write XOR Execute. As explained in that earlier article, W^X implies "a memory policy of W^X -- write xor execute where memory can be marked as writable or executable but not both, in order to fend off potential exploits." One of the biggest roadblocks that OpenBSD faced enabling W^X were JIT engines of web browsers.

Mozilla News

Filed under
Moz/FF
  • Exclusive: Mozilla working on a tablet a stickTV, an intelligent keyboard and a router

    We mentioned earlier that Mozilla’s Firefox os isn’t dead. Mozilla has some great plans for firefox os. These internal documents obtained by Hypertext shows the future of Mozilla Firefox preparing detailed OS beyond smartphones and include Panasonic TVs & these documents detail the new plans of Mozilla.

  • Adding Community-Driven Wayland Support to Servo

    It’s been some time since the last Servo article on the OSG blog, but this has no relation to the speed at which the browser engine’s development has been progressing.

    In the last post, the Offscreen Rendering (OSR) integration status was explored, culminating in both some code snippets as well as videos of an embedded browser application. That post can be considered the foundation for the recently-tweeted screenshot of Servo running with Wayland support.

  • The next 12 months will change Firefox’s add-on landscape fundamentally

    A lot is going on at Mozilla, makers of the popular Firefox web browser. In the next 12 months, the organization plans to make fundamental changes to the Firefox web browser which affect core features of the browser including its add-on ecosystem.

  • Divergent News on FirefoxOS

    I said good-bye to my FirefoxOS phone because of Mozilla's decision to stop the distribution of the devices.

Mozilla 2016 Outlook: Promising Despite Funding, Competitive Woes

Filed under
Moz/FF

For Mozilla, 2015 has been a year of large challenges, with a shift in funding sources and increasing competitive pressures across the desktop and mobile markets. The biggest challenges for Mozilla, however, are likely yet to come in 2016.

Read more

WebExtensions in Firefox 45

Filed under
Moz/FF

WebExtensions is currently in an alpha state, so while this is a great time to get involved, please keep in mind that things might change if you decide to use it in its current state. Since August, we’ve closed 77 bugs and ramped up the WebExtensions team at Mozilla. With the release of Firefox 45 in March 2016, we’ll have full support for the following APIs: alarms, contextMenus, pageAction and browserAction. Plus a bunch of partially supported APIs: bookmarks, cookies, extension, i18n, notifications, runtime, storage, tabs, webNavigation, webRequest, windows.

Read more

An open vision: Strategic planning is transparent at Mozilla

Filed under
Moz/FF

This month marks a milestone for me. It's been five years since I started working in—and learning from—an open organization.

But it also marks another important milestone. My organization, the Mozilla Foundation, just finished drafting a strategic plan for what the next five years may hold.

And we created that plan through open collaboration between our staff and community.

Read more

Ed: but now they support the evil which is DRM to support a rotten business model (opposite of transparency)

Syndicate content

More in Tux Machines

Android/Google Leftovers

3 open source alternatives to Office 365

It can be hard to get away from working and collaborating on the web. Doing that is incredibly convenient: as long as you have an internet connection, you can easily work and share from just about anywhere, on just about any device. The main problem with most web-based office suites—like Google Drive, Zoho Office, and Office365—is that they're closed source. Your data also exists at the whim of large corporations. I'm sure you've heard numerous stories of, say, Google locking or removing accounts without warning. If that happens to you, you lose what's yours. So what's an open source advocate who wants to work with web applications to do? You turn to an open source alternative, of course. Let's take a look at three of them. Read more

Hackable voice-controlled speaker and IoT controller hits KS

SeedStudio’s hackable, $49 and up “ReSpeaker” speaker system runs OpenWrt on a Mediatek MT7688 and offers voice control over home appliances. The ReSpeaker went live on Kickstarter today and has already reached 95 percent of its $40,000 funding goal with 29 days remaining. The device is billed by SeedStudio as an “open source, modular voice interface that allows us to hack things around us, just using our voices.” While it can be used as an Internet media player or a voice-activated IoT hub — especially when integrated with Seeed’s Wio Link IoT board — it’s designed to be paired with individual devices. For example, the campaign’s video shows the ReSpeaker being tucked inside a teddy bear or toy robot, or attached to plant, enabling voice control and voice synthesis. Yes, the plant actually asks to be watered. Read more

Security News