Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla Firefox 59 Web Browser Promises New Privacy and Security Features

Filed under
Moz/FF
Web

Firefox is known as one of the most secure browsers on the market, but Mozilla wants it to be more privacy-aware and secure than ever before. That's why it looks like Firefox 59 will be coming with new privacy settings that won't allow intrusive sites to access your camera, microphone or location, nor to ask you if you want to receive any notifications.

In Firefox's Preferences panel, under Privacy & Security, there's a Permissions section that lets users choose which websites will have access tp location, camera, microphone, and notification and which won't. These settings are already present in the current stable Firefox version and are essential for protecting your privacy and keep your online presence secure from hackers.

Read more

Mozilla News/Development

Filed under
Moz/FF
  • Analysis of the Alexa Top 1M Sites

    Prior to the release of the Mozilla Observatory in June of 2016, I ran a scan of the Alexa Top 1M websites. Despite being available for years, the usage rates of modern defensive security technologies was frustratingly low. A lack of tooling combined with poor and scattered documentation had led to minimal awareness around countermeasures such as Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and Subresource Integrity (SRI).

  • Things Gateway, Part 4
  • Discontinuing support for beta versions

    addons.mozilla.org (AMO) has supported a way for developers to upload beta versions of their add-ons. This allowed power users to test upcoming features and fixes before they are published to all users. It has been a useful feature to have for some developers.

  • Dear Mick Mulvaney: Don’t Let Equifax Off Easy

    Today, Mozilla is visiting the Consumer Financial Protection Bureau (CFPB) in Washington, D.C. with 27,052 signatures and a loud message: “Mick Mulvaney, don’t let Equifax off easy.”

    Last year’s Equifax data breach was a seismic event: Tens of millions of Americans had their personal information — from Social Security numbers to home addresses — pilfered by hackers, exposing them to fraud and identity theft. Equifax customers in other countries, like the UK and Canada, were also affected.

    Then, earlier this month, we learned the breach may have been worse than expected, with Americans’ tax IDs and driver’s license numbers swept up in the hack, too.

    This bad news broke just days after an astonishing development: The CFPB is not pursuing an investigation into the 2017 breach.

  • The 5 Stages of Experiment Analysis

    I've been thinking about experimentation a lot recently. Our team is spending a lot of effort trying to make Firefox experimentation feel easy. But what happens after the experiment's been run? There's not a clear process for taking experimental data and turning it into a decision.

    I noted the importance of Decision Reports in Desirable features for experimentation tools. This post outlines the process needed to get to a solid decision report. I'm hoping that outlining this process will help us disambiguate what our tools are meant to do and identify gaps in our tooling.

  • How to Try Firefox CSD on Linux, Right Now

    Firefox support for client-side decorations (better known as CSD) is coming to its Linux app — but if you can’t live without it, we’re gonna show you how to enable it.

    As we’ve mentioned before, a CSD toggle is present in nightly builds of the browser. When enabled on GTK3 desktop it merges the title bar and tab bar into one unified bar.

    This gives the browser a neat, compact look, and is in keeping with other GTK3 apps that use header bars (like, basically, all of them).

Mozilla News Leftovers

Filed under
Moz/FF
  • Introduction to Neutrino

    If you want to learn more about Neutrino, Eli Perelman (original author of the project) wrote about Neutrino at hacks.mozilla.org. You can find the official documentation at https://neutrino.js.org.

  • Firefox 59 new contributors

    With the upcoming release of Firefox 59, we are pleased to welcome the 53 developers who contributed their first code change to Firefox in this release, 49 of whom were brand new volunteers!

  • 5 Ways to Take Screenshots Further

    If you’re a veteran of using old-style screenshot tactics, you know it used to involve a lot of saving to the desktop or cloud, re-finding the image files in a mass of similar file names, then having to crop or otherwise “fix up” the images before re-saving them and getting them into a google doc, presentation, or other platform.

  • Come Join the Rust and WebAssembly Working Group!
  • This Week in Rust 223

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed.

  • Django, K8s, and ELB Health checks

    As you may have seen in several of our SRE status reports, we’re moving all of our webapp hosting from Deis to Kubernetes (k8s). As part of that we’ve also been doing some additional thinking about the security of our deployments. One thing we’ve not done as good a job as we should is with Django’s ALLOWED_HOSTS setting. We should have been adding all possible hosts to that list, but it seems we used to occasionally leave it set to ['*']. This isn’t great, but also isn’t the end-of-the-world since we don’t knowingly construct URLs using the info sent via the Host header. In an effort to cover all bases we’ve decided to improve this. Unfortunately our particular combination of technologies doesn’t make this as easy as we thought it would (story of our lives).

    [...]

    Conclusion

    That was a long way to go to get to some simple health checking, but we believe it was the right move for the reliability and security of our Django apps hosted in our k8s infrastructure on AWS. Please check out the repo for django-allow-cidr on Github if you’re interested in the code. Our hope is that releasing this as a general use package will help others that find themselves in our situation, as well as helping ourselves to do less copypasta coding around our various web projects.

Mozilla: Resilient CSS Week, Speed Without Wizardry, Rust, Servo, Firefox and Extensions

Filed under
Moz/FF
  • It’s Resilient CSS Week

    Writing code that works in all web browsers at the same time is one of the most important things we do. New technology is coming out all the time. Yet many of the people visiting the websites we build are using old browsers. How can we use new CSS if it’s not supported in every browser — especially when users keep using old, crufty browsers? Do we have to wait until 100% of people have a browsers with the new feature? Don’t we have to wait until Internet Explorer is dead before we can use the new stuff?

  • Speed Without Wizardry

    Most of the improvements that mraleph implemented are desirable regardless of the programming language that is our medium. Excessive allocation rates make any garbage collector (or malloc and free implementation) a bottleneck. Monomorphization and inlining are crucial to eking out performance in both Rust and JavaScript. Algorithms transcend programming languages.

  • This Week In Servo 105

    Welcome back to This Week in Servo, and apologies for the long delay since the last update! Servo has continued making progress throughout that time, including shipping the Stylo CSS engine in Firefox among many other things. We’re resuming weekly updates now that the pressure has let up a bit!

    In the last week, we landed 87 PRs in the Servo organization’s repositories.

  • Mozilla removes individual cookie management in Firefox 60

    The most recent version of Firefox Nightly, currently at version 60, comes with changes to Firefox's cookie management. Mozilla merged cookie settings with site data in the web browser which impacts how you configure and manage cookie options.

    If you run Firefox 59 or earlier, you can load about:preferences#privacy to manage privacy related settings in Firefox. If you set the history to "use custom settings for history" or "remember history", you get an option manage cookie settings and to remove individual cookies from Firefox.

  • Using Permissions to Establish Trust

    I used to work in an industry where being ISO 9001 certified was necessary in order to remain competitive. If you are unfamiliar with ISO 9001, it is a set of standards that requires a business to document each process, and then follow those documented processes. And every autumn, sure as the leaves falling from the trees, an independent auditor would show up to verify we were indeed documenting and following our processes. It’s like a tax audit you impose on yourself (and about as unpleasant).

    The idea behind ISO 9001, though, is that a certified business can be trusted, both in its business dealings and its delivered products. It is meant to convey a sense of quality and security to customers.

  • Firefox 59 Beta 14 DevEdition Testday, March 2nd

    We are happy to let you know that Friday, 2nd of March, we are organizing Firefox 59 .0b14 DevEdition Testday. We’ll be focusing our testing on the following features: Toolbars & window controls and Default & custom theme support.

Mozilla: Wireless Innovation for a Networked Society, New AirMozilla Audience Demo, Firefox Telemetry

Filed under
Moz/FF
  • Net Neutrality, NSF and Mozilla's WINS Challenge Winners, openSUSE Updates and More

    The National Science Foundation and Mozilla recently announced the first round of winners from their Wireless Innovation for a Networked Society (WINS) challenges—$2 million in prizes for "big ideas to connect the unconnected across the US". According to the press release, the winners "are building mesh networks, solar-powered Wi-Fi, and network infrastructure that fits inside a single backpack" and that the common denominator for all of them is "they're affordable, scalable, open-source and secure."

  • New AirMozilla Audience Demo

    The legacy AirMozilla platform will be decommissioned later this year. The reasons for the change are multiple; however, the urgency of the change is driven by deprecated support of both the complex back-end infrastructure by IT and the user interface by Firefox engineering teams in 2016. Additional reasons include a complex user workflow resulting in a poor user experience, no self-service model, poor usability metrics and a lack of integrated, required features.

  • Perplexing Graphs: The Case of the 0KB Virtual Memory Allocations

    Every Monday and Thursday around 3pm I check dev-telemetry-alerts to see if there have been any changes detected in the distribution of any of the 1500-or-so pieces of anonymous usage statistics we record in Firefox using Firefox Telemetry.

Mozilla: Code of Conduct, Kelly Davis, Celebrate Firefox Internet Champions

Filed under
Moz/FF
  • ow We’re Making Code of Conduct Enforcement Real — and Scaling it

    This is the first line of our Community Participation Guidelines — and an nudge to keep empathy at center when designing response processes. Who are you designing for? Who is impacted? What are their needs, expectations, dependencies, potential bias and limitations?

  • Role Models in AI: Kelly Davis

    Meet Kelly Davis, the Manager/Technical Lead of the machine learning group at Mozilla. His work at Mozilla includes developing an open speech recognition system with projects like Common Voice and Deep Speech (which you can help contribute to). Beyond his passion for physics and machine learning, read on to learn about how he envisions the future of AI, and advice he offers to young people looking to enter the field.

  • Celebrate Firefox Internet Champions

    While the world celebrates athletic excellence, we’re taking a moment to share some of the amazing Internet champions that help build, support and share Firefox.

Mozilla Development and News

Filed under
Moz/FF
  • Removing Support for Unpacked Extensions

    With the release of Firefox 62 (currently scheduled for August 21, 2018) Mozilla will discontinue support for unpacked sideloaded extensions. You will no longer be able to load an extension via the Windows registry by creating an entry with an extension’s directory (i.e. unpacked) after Firefox 61. Starting with Firefox 62, extensions sideloaded via the Windows registry must be complete XPI files (i.e. packed).

  • Making a Clap-Sensing Web Thing

    The Project Things Gateway exists as a platform to bring all of your IoT devices together under a unified umbrella, using a standardized HTTP-based API. We recently announced the Things Gateway and we’ve started a series of hands-on project posts for people who want to set up a Gateway and start playing around with the Web of Things. Earlier this month we began with a high-level overview of how to build a Gateway add-on.

  • Trying Mozilla's Things Gateway

    I have an old Raspberry Pi 1 Model B with a RaZberry Z-Wave Daughterboard which I had soldered a larger external antenna on to last year. I used to run OpenHAB on it to control some z-wave devices before I moved last year and since then it's just been in a box. Let's fire it up!

    This original Raspberry Pi is a single core 700mhz CPU, so I'm planning on running it headless and doing everything remotely over SSH to save on GUI resources.

  • Lando Demo

    Lando is so close now that I can practically smell the tibanna. Israel put together a quick demo of Phabricator/BMO/Lando/hg running on his local system, which is only a few patches away from being a deployed reality.

  • Snips Uses Rust to Build an Embedded Voice Assistant

    The team at Paris-based Snips has created a voice assistant that can be embedded in a single device or used in a home network to control lights, thermostat, music, and more. You can build a home hub on a Raspberry Pi and ask it for a weather report, to play your favorite song, or to brew up a double espresso. Manufacturers like Keecker are adding Snips’ technology to products like multimedia home robots. And Snips works closely with leaders across the value chain, like NVIDIA, EBV, and Analog Devices, in order to voice-enable an increasingly wider range of device types, from speakers to home automation systems to cars.

  • Mozilla v FCC: Mozilla Re-files Suit Against FCC to Protect Net Neutrality

    This morning, the Federal Communications Commission officially published its order overturning net neutrality rules in the Federal Register. We had originally filed suit early while simultaneously urging the court that the correct date was after this publication. We did this in an abundance of caution because we’re not taking any chances with an issue of this importance. That is why today, immediately after the order was published, Mozilla re-filed our suit challenging the FCC net neutrality order. We won’t waste a minute in our fight to protect net neutrality because it’s our mission to ensure the internet is a global public resource, open and accessible to all. An internet that truly puts people first, where individuals can shape their own experience and are empowered, safe and independent.

  • The Death Of Net Neutrality Will Be Official In April (Cue The Lawsuits)

    Of course that's really just the beginning of an entirely new chapter in the fight to prevent broadband monopolies from abusing a lack of competition in the broadband space (remember: net neutrality violations are just a symptom of a lack of competition, a problem nobody wants to seriously address for fear of upsetting campaign contributors).

    The publication in the Federal Register opens the door to the myriad lawsuits that will be filed against the agency. Those lawsuits range from suits by Mozilla and consumer groups, to the 22 state attorneys general who say they're also suing the agency for ignoring the public interest. These lawsuits must be filed within the next 60 days. Expect the court battle to quickly begin heating up in March.

Browsers: Mozilla and Iridium

Filed under
Moz/FF
Web
  • Best Web Browser

    When the Firefox team released Quantum in November 2017, they boasted it was "over twice as fast as Firefox from 6 months ago", and Linux Journal readers generally agreed, going as far as to name it their favorite web browser. A direct response to Google Chrome, Firefox Quantum also boasts decreased RAM usage and a more streamlined user interface.

  • Share Exactly What You See On-Screen With Firefox Screenshots

    A “screenshot” is created when you capture what’s on your computer screen, so you can save it as a reference, put it in a document, or send it as an image file for others to see exactly what you see.

  • What Happens when you Contribute, revisited

    I sat down to write a post about my students' experiences this term contributing to open source, and apparently I've written this before (and almost exactly a year ago to the day!) The thing about teaching is that it's cyclic, so you'll have to forgive me as I give a similar lecture here today.

    I'm teaching two classes on open source development right now, two sections in an introductory course, and another two in a follow-up intermediate course. The students are just starting to get some releases submitted, and I've been going through their blogs, pull requests, videos (apparently this generation likes making videos, which is something new for me), tweets, and the like. I learn a lot from my students, and I wanted to share some of what I'm seeing.

  • Iridium Browser: A Browser for the Privacy Conscience

    Iridium is a web browser based on Chromium project. It has been customized to not share your data and thus keeping your privacy intact.

Chrome and Firefox

Filed under
Google
Moz/FF
  • The False Teeth of Chrome's Ad Filter.

    Today Google launched a new version of its Chrome browser with what they call an "ad filter"—which means that it sometimes blocks ads but is not an "ad blocker." EFF welcomes the elimination of the worst ad formats. But Google's approach here is a band-aid response to the crisis of trust in advertising that leaves massive user privacy issues unaddressed.

    Last year, a new industry organization, the Coalition for Better Ads, published user research investigating ad formats responsible for "bad ad experiences." The Coalition examined 55 ad formats, of which 12 were deemed unacceptable. These included various full page takeovers (prestitial, postitial, rollover), autoplay videos with sound, pop-ups of all types, and ad density of more than 35% on mobile. Google is supposed to check sites for the forbidden formats and give offenders 30 days to reform or have all their ads blocked in Chrome. Censured sites can purge the offending ads and request reexamination.

    [...]

    Some commentators have interpreted ad blocking as the "biggest boycott in history" against the abusive and intrusive nature of online advertising. Now the Coalition aims to slow the adoption of blockers by enacting minimal reforms. Pagefair, an adtech company that monitors adblocker use, estimates 600 million active users of blockers. Some see no ads at all, but most users of the two largest blockers, AdBlock and Adblock Plus, see ads "whitelisted" under the Acceptable Ads program. These companies leverage their position as gatekeepers to the user's eyeballs, obliging Google to buy back access to the "blocked" part of their user base through payments under Acceptable Ads. This is expensive (a German newspaper claims a figure as high as 25 million euros) and is viewed with disapproval by many advertisers and publishers.

  • Going Home
  • David Humphrey: Edge Cases
  • Experiments in productivity: the shared bug queue

    Over the next six months, Mozilla is planning to switch code review tools from mozreview/splinter to phabricator. Phabricator has more modern built-in tools like Herald that would have made setting up this shared queue a little easier, and that’s why I paused…briefly

  • Improving the web with small, composable tools

    Firefox Screenshots is the first Test Pilot experiment to graduate into Firefox, and it’s been surprisingly successful. You won’t see many people talking about it: it does what you expect, and it doesn’t cover new ground. Mozilla should do more of this.

Mozilla: Sponsored Stories and New Release of Rust

Filed under
Moz/FF
  • Firefox, Pocket and Sponsored Stories

    Well, well, remember when I told you - the more desperate Mozilla gets vis-a-vis its market share, the more aggressive they will get with pushing "quality" content onto its users? I did, I did. Well, the bonfires of the Mr. Robot fiasco have hardly cooled, and now there's a new drama developing. Mozilla will start rolling a pilot that tests sponsored stories in the Pocket recommendations section on the New Tab page.

    Since I'm usually a blithely cheerful chap, I'm actively looking for stories to sour my mood, and so I was excited (this is sales lingo, we will get to that) to read this announcement. After all, writing about how everything is peachy and efficient and good in the tech world is boring, we need these little burdocks of greed to make things complicated. After me, pioneers.

    [...]

    Actually, it does not take a wizard to figure things out. Just look what happened in the past five years, ever since the mobile world exploded. For instance, thinking wildly about some rather common examples, Windows 7 to Windows 10, and the amount of pesky, online and telemetry stuff. Just compare Skype 7.40, the last classic version. and the toy factory moronity that is Skype 8. Windows Control Panel to Windows Settings. Gnome 2 to Gnome 3. Oh, Firefox 3.6 to Firefox whatever.

    What you see is that menus get deeper and deeper and deeper and more obfuscated, with focus on aesthetic minimalism (mobile) that goes directly against user intuition and efficiency. You need more and more actions and mouse clicks to achieve the same results you could half a decade before. Now imagine what will happen in five or even ten years. Consider yourself lucky you were there to witness the early days of the Internet, when it was still all naive and innocent and not just pure money.

    [...]

    Some people may assume that I have a personal problem with Mozilla and Firefox. Not really. It's just I don't like hypocrisy, and I do not like being herded toward the pen that reads IDIOTS. I fully understand that Mozilla needs quiche. Fine, state it upfront. Don't veil it in bullshit. The words privacy, freedom and similar slogans mean nothing when you put them side by side with sponsored stories. You want money, start charging money for your browser. There's nothing wrong with that. And I would gladly pay for a high-quality product - and when needed, I do.

    I also wish that we had alternatives - the more the merrier. Alas, the exact opposite is happening. As time goes by, it will become even more difficult to have (supposedly free) products that really cater to their users. The profit slope is a one-way direction. Once you make a margin, you need to make more margin and more margin and more margin. It never stops.

    Firefox is a completely different product than it was a decade ago. It's now a big boy, trying to compete in the big arena. There's no room for niceties anymore. The only thing you can do is try to prepare for the inevitable day when this salesy nonsense becomes too much, so when you do switch, you try to do it elegantly and smartly. I cannot guarantee there's actually going to be a nice and peaceful browser for you out there when that moment comes, so if you want to sleep all relaxed, don't. The old Internet is dying, and the future does not belong to you and me or anyone willing to read this entire article without skipping words. The best you can do is play the game, so at the very least, you will be a rich idealist one day rather than a poor user. Or better yet, a rich loser rather than a poor user.

  • These Weeks in Firefox: Issue 32
  • Reps On-boarding Team

    As you already know from our discourse topic, we have created an Onboarding Screening Team.

    The scope of this team is to help on evaluating the new applications to the Reps program by helping the Reps Council on this process.

  • Announcing Rust 1.24

    The Rust team is happy to announce a new version of Rust, 1.24.0. Rust is a systems programming language focused on safety, speed, and concurrency.

  • Rust 1.24 Released With "rustfmt" Preview & Incremental Compilation By Default

    A fairly notable update to the Rust programming language compiler and its components is available today.

    With Rust 1.24 first up is a preview release of rustfmt, an official utility for formatting Rust code. Rustfmt applies a standard style of formatting to existing Rustlang code and is similar to the other LLVM-based code formatters.

Syndicate content

More in Tux Machines

Canonical Releases Major Kernel Updates for Ubuntu 17.10, 16.04 LTS & 14.04 LTS

After releasing a kernel update for the Ubuntu 18.04 LTS (Bionic Beaver) operating system series to mitigate the recently disclosed Spectre Variant 4 (CVE-2018-3639) security vulnerability, Canonical now released new kernel versions for Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series and their official derivatives. Read more

Open source image recognition with Luminoth

Computer vision is a way to use artificial intelligence to automate image recognition—that is, to use computers to identify what's in a photograph, video, or another image type. The latest version of Luminoth (v. 0.1), an open source computer vision toolkit built in Python and using Tensorflow and Sonnet, offers several improvements over its predecessor. Read more

AsteroidOS and OpenWatch Aim to Open Up Smartwatch Market

The AsteroidOS project has released version 1.0 of its open source, Linux-based smartwatch distribution. Designed for after-market installation on “Wear OS by Google” (formerly Android Wear) watches, AsteroidOS can now be dual booted on seven different models. The release follows the late March announcement of an OpenWatch Project for building Android based open source custom ROMs on Wear OS watches. Read more

Best Linux Laptops of 2018

There was a time, not so long ago, when Linux was seen as an outcast operating system, and indeed one that was labelled as a ‘cancer’ by Microsoft’s former CEO Steve Ballmer. Times have now changed as the operating system - which launched in September 1991, has made some serious inroads in the server market, then in the cloud – not forgetting that it underpins the most popular ecosystem out there: Android on smartphones. Because none of the main notebook vendors – bar Dell – offer Linux as an OS option, this leaves other smaller companies the ability to carve a niche for themselves. Read more