Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Ubuntu 20.04.1 LTS is Available for Download

Ubuntu 20.04.1 LTS the first point release is available now and you can immediately download or upgrade. Read more

Audiocasts/Shows: Unfettered Freedom, BSD Now, TLLTS, Ubuntu Podcast and Bad Voltage

Mozilla VR, Security, Surveillance and More

  • Virtual Tours of the Museum of the Fossilized Internet

    In March 2020, Michelle Thorne and I announced office tours of the Museum of the Fossilized Internet as part of our new Sustainability programme. Then the pandemic hit, and we teamed up with the Mozilla Mixed Reality team to make it more accessible while also demonstrating the capabilities of social VR with Hubs. We now welcome visitors to explore the museum at home through their browsers.

  • Review of the year so far, and looking forward to the next 6 months.

    In 2019 we started looking into our experiences and 2020 saw us release the new responsive redesign, a new AAQ flow, a finalized Firefox Accounts migration, and a few other minor tweaks. We have also performed a Python and Django upgrade carrying on with the foundational work that will allow us to grow and expand our support platform. This was a huge win for our team and the first time we have improved our experience in years! The team is working on tracking the impact and improvement to our overall user experience. We also know that contributors in Support have had to deal with an old, sometimes very broken, toolset, and so we wanted to work on that this year. You may have already heard the updates from Kiki and Giulia through their monthly strategy updates. The research and opportunity identification the team did was hugely valuable, and the team identified onboarding as an immediate area for improvement. We are currently working through an improved onboarding process and look forward to implementing and launching ongoing work.

  •        
  • What's new in ECSY 0.4 and ECSY-THREE v0.1

    Since the initial release of ECSY we have been focusing on API stability and bug fixing as well as providing some features (such as components’ schemas) to improve the developer experience and provide better validation and descriptive errors when working in development mode.

  •        
  • Understanding Web Security Checks in Firefox (Part 2)

    This is the second and final part of a blog post series that explains how Firefox implements Web Security fundamentals, like the Same-Origin Policy and Content-Security-Policy. While the first post explained Firefox security terminology and theoretical foundations, this second post covers how to log internal security information to the console in a human readable format. Ultimately, we hope to inspire new security research in the area of web security checks and to empower participants in our bug bounty program to do better, deeper work. Generally, we encourage everyone to do their security testing in Firefox Nightly. That being said, the logging mechanisms described in this post, work in all versions of Firefox – from self-build, to versions of Nightly, Beta, Developer Edition, Release and ESR you may have installed locally already. [...] An attacker could use a CSP bypass like this and target users on web pages that are susceptible to XSS or content injections. However, this bug was identified in a previous version of Firefox and has been fixed for all of our users since. To summarize, using the provided logging mechanism allows us to effectively detect security problems by visual inspection. One could take it even further and generate graph structures for nested page loads. Using these graphs to observe where the security context (e.g., the CSP) changes can be a very powerful tool for runtime security analysis. Going Forward We have explained how to enable logging mechanisms within Firefox which allows for visual inspection of every web security check performed. We would like to point out that finding security flaws might be eligible for a bug bounty. Finally, we hope the provided instructions foster security research and in turn allow researchers, bug bounty hunters and generally everyone interested in web security to contribute to Mozilla and the Security of the Open Web.

  •        
  • What’s new in Perfherder?

    Perfherder is one of the primary tools used by our performance sheriffs to triage and investigate regression (and improvement) alerts. It’s also a key part of the workflow any Firefox engineer may experience when working on performance, either responding to a regression, or proactively measuring the impact of their changes. This post will cover the various improvements that have been made to Perfherder so far in 2020.

  •        
  • Mozilla Performance Blog: Improving Firefox Startup Time With The about:home Startup Cache

    For the past year or so, the Firefox Desktop Front-End Performance team has been concentrating on making improvements to browser startup performance. The launching of an application like Firefox is quite complex. Meticulous profiling of Firefox startup in various conditions has, thankfully, helped reveal a number of opportunities where we can make improvements. We’ve been evaluating and addressing these opportunities, and several have made it into the past few Firefox releases. This blog post is about one of those improvements that is currently in the later stages of development. I’m going to describe the improvement, and how we went about integrating it. In a default installation of Firefox, the first (and only) tab that loads is about:home. (Note: this is only true if the user hasn’t just restarted after applying an update, and if they haven’t set a custom home page or configured Firefox to restore their previous session on start.)

  • How to use git branch aliases with Mozilla Central

    I just set up Mozilla Central with a git wrapper so I can contribute to the main Gecko codebase using Git. It works great, but the default branch has an unusual name compared to what I’m used to.

  •        
  • Automated end-to-end tests for Glean

    Last year at the Mozilla All-Hands in Whistler, Canada I went for a walk with my colleague Mark Reid who manages our Data Platform team. We caught up on personal stuff and discussed ongoing projects as well as shared objectives for the next half-year. These in-person conversations with colleagues are my favorite activity at our semi-annual gatherings and are helpful in ensuring that my team is working on the most impactful projects and that our tests create value for the teams we support.  [...] For Mozilla, getting reliable data from our products is critical to inform our decision making. Glean is a new product analytics and telemetry solution that provides a consistent experience and behavior across all of our products. Mark and I agreed that it would be fantastic if we had automated end-to-end tests to complement existing test suites and alert us of potential issues with the system as quickly as possible.

  • Data@Mozilla: Experimental integration Glean with Unity applications [Ed: Mozilla fusing together its Microsoft-hosted surveillance project with Microsoft Mono]

    As we know, Glean SDK has provided language bindings for different programming language requirements that include Kotlin, Swift, and Python. However, when we are talking about supporting applications that use Unity as their development toolkit, there are no existing bindings available to help us achieve it. Unity allows users using a Python interpreter to embed Python scripts in a Unity project; however, due to Unity’s technology being based on the Mono framework, that is not the same as our familiar Python runtime for running Python scripts. So, the alternative way we need to find out is how to run Python on .Net Framework or exactly on Mono framework. If we are discussing possible approaches to run Python script in the main process, using IronPython is the only solution. However, it is only available for Python 2.7, and the Glean SDK Python language binding needs Python 3.6. Hence, we start our plans to develop a new Glean binding for C#.

  • Google, nobody asked for a new Blogger interface

    I'm writing this post in what Google is euphemistically referring to as an improvement. I don't understand this. I managed to ignore New Blogger for a few weeks but Google's ability to fark stuff up has the same air of inevitability as rotting corpses. Perhaps on mobile devices it's better, and even that is a matter of preference, but it's space-inefficient on desktop due to larger buttons and fonts, it's noticeably slower, it's buggy, and very soon it's going to be your only choice. My biggest objection, however, is what they've done to the HTML editor. I'm probably the last person on earth to do so, but I write my posts in raw HTML. This was fine in the old Blogger interface which was basically a big freeform textbox you typed tags into manually. There was some means to intercept tags you didn't close, which was handy, and when you added elements from the toolbar you saw the HTML as it went in. Otherwise, WYTIWYG (what you typed is what you got). Since I personally use fairly limited markup and rely on the stylesheet for most everything, this worked well.

Linux-driven Home Assistant smart hub starts at $219

zPoint Products has gone to Indiegogo to pitch an open source, cloudless “BaHa Box” smart hub starting at $219 that runs Linux and Home Assistant on an Allwinner H2+ or i.MX6 ULL with 2x USB, 10/100 LAN, WiFi/BT, and optional Zigbee and Z-Wave. Delta, Canada based zPoint Products, a spin-off of TechSol (Technical Solutions Inc), has informed us of its Indiegogo campaign for a Cortex-A7-powered home automation hub pre-loaded with a Linux BSP and the popular, open source Home Assistant smart hub stack. The 115 x 90 x 451mm BaHa Box is available in a Residential model with an Allwinner H2+ and a pricier Commercial model with an NXP i.MX6ULL. Read more