Language Selection

English French German Italian Portuguese Spanish

Mozilla: Facebook Container for Firefox, Issue Trackers, Securing Firefox with WebAssembly and Ad Hoc Profiling

Filed under
Moz/FF
  • The Facebook Container for Firefox

    Even with the ongoing #deletefacebook movement, not everyone is willing to completely walk away from the connections they’ve made on the social platform. After all, Facebook — and its subsidiary Instagram — is where the mountain biking club organizes rides, people post pet pics, dance moves catch on and life’s moments get shared with friends and family, near and far. Since the Cambridge Analytica scandal broke, Facebook has been greeted with more skepticism as it’s been under a hot spotlight on how it gathers, uses and gives access to our personal data for targeted advertising and manipulation, both on and off Facebook platforms. With recent news about their policy not to block false political ads, this targeting gets ever malicious.

  • Jira, Bugzilla, and Tales of Issue Trackers Past

    It seems as though Mozilla is never not in a period of transition. The distributed nature of the organization and community means that teams and offices and any informal or formal group is its own tiny experimental plot tended by gardeners with radically different tastes.

    And if there’s one thing that unites gardeners and tech workers is that both have Feelings about their tools.

    Tools are personal things: they’re the only thing that allows us to express ourselves in our craft. I can’t code without an editor. I can’t prune without shears. They’re the part of our work that we actually touch. The code lives Out There, the garden is Outside… but the tools are in our hands.

    But tools can also be group things. A shed is a tool for everyone’s tools. A workshop is a tool that others share. An Issue Tracker is a tool that helps us all coordinate work.

    And group things require cooperation, agreement, and compromise.

    While I was on the Browser team at BlackBerry I used a variety of different Issue Trackers. We started with an outdated version of FogBugz, then we had a Bugzilla fork for the WebKit porting work and MKS Integrity for everything else across the entire company, and then we all standardized on Jira.

  • Securing Firefox with WebAssembly

    Protecting the security and privacy of individuals is a central tenet of Mozilla’s mission, and so we constantly endeavor to make our users safer online. With a complex and highly-optimized system like Firefox, memory safety is one of the biggest security challenges. Firefox is mostly written in C and C++. These languages are notoriously difficult to use safely, since any mistake can lead to complete compromise of the program. We work hard to find and eliminate memory hazards, but we’re also evolving the Firefox codebase to address these attack vectors at a deeper level. Thus far, we’ve focused primarily on two techniques...

    [...]

    So today, we’re adding a third approach to our arsenal. RLBox, a new sandboxing technology developed by researchers at the University of California, San Diego, the University of Texas, Austin, and Stanford University, allows us to quickly and efficiently convert existing Firefox components to run inside a WebAssembly sandbox. Thanks to the tireless efforts of Shravan Narayan, Deian Stefan, Tal Garfinkel, and Hovav Shacham, we’ve successfully integrated this technology into our codebase and used it to sandbox Graphite.

    This isolation will ship to Linux users in Firefox 74 and to Mac users in Firefox 75, with Windows support following soon after. You can read more about this work in the press releases from UCSD and UT Austin along with the joint research paper. Read on for a technical overview of how we integrated it into Firefox.

  • Nicholas Nethercote: Ad Hoc Profiling

    I have used a variety of profiling tools over the years, including several I wrote myself.

    But there is one profiling tool I have used more than any other. It is capable of providing invaluable, domain-specific profiling data of a kind not obtainable by any general-purpose profiler.

    It’s a simple text processor implemented in a few dozen lines of code. I use it in combination with logging print statements in the programs I am profiling. No joke.

Firefox Browser On Linux And Mac Gets New Security Technology

  • Firefox Browser On Linux And Mac Gets New Security Technology

    Along with rolling out the latest security update to the Firefox browser, Mozilla has now introduced a new approach to secure the Firefox web browser on Linux and Mac operating systems.

    Firefox uses various external libraries to render the audio, videos, and images that can be exploited by the attackers to introduce malicious code. Hence, Firefox includes a new lightweight sandboxing architecture, RLBox, that uses a WebAssembly sandbox to tackle the vulnerabilities posed by the third-party libraries.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Ubuntu/Canonical: The State of Robotics and Buzzwords

  • The State of Robotics – March 2020

    Damn it March. 2020 was doing so well. The biggest news last month was the dramatic escalation of COVID-19. We won’t go into any detail, I’m sure you’re seeing enough of that. But due to the outbreak, the state of robotics this March has been, heartwarming. We have seen a surge in online learning platforms, companies, startups and communities rising to the challenge. Members of open-source communities across the world are doing great things, with and without robotics, to support whoever they can. In this blog, we first want to highlight at a few responses to COVID-19 using robotics. And then it’s back to usual programming, highlighting robotics work and projects we have seen or done in March. If we have missed something in particular, please reach out to robotics.community@canonical.com and let us know.

  • Edge AI in a 5G world – part 3: Why ‘smart cell towers’ matter to AI

    In part 1 we talked about the industrial applications and benefits that 5G and fast compute at the edge will bring to AI products. In part 2 we went deeper into how you can benefit from this new opportunity. In this part we will focus on the key technical barriers that 5G and Edge compute remove for AI applications.

  • Edge AI in a 5G world – part 4: How your business can benefit from ‘smart cell towers’

    In part 1 we talked about the industrial applications and benefits that 5G and fast compute at the edge will bring to AI products. In part 2 we went deeper into how you can benefit from this new opportunity. In part 3 we focused on the key technical barriers that 5G and Edge compute remove for AI applications. In this part we will summarise the IoT use cases that can benefit from smart cell towers and how they will help businesses focus their efforts on their key differentiating advantage.

How to Upgrade to Ubuntu 20.04 From Ubuntu 18.04 and 19.10

Here are the steps for you to Upgrade to Ubuntu 20.04 From Ubuntu 18.04 and 19.10. Read more

Ubuntu 20.04 LTS Beta is Available. Download Now.

The beta release of Ubuntu 20.04 LTS is here and it is available for download immediately. The final release is planned on Apr 23, 2020, and this beta release gives early adopters, testers a quick preview on what to expect on the final product. Read more

The cataloging of free software

The Free Software Directory is a collaborative catalog of software aimed to be the primary source for representing all free software. Each free program has its own page in the Directory from which it is possible to study the evolution it has undergone in both technological and legal terms through a chronological system similar to that of Wikipedia. Each catalogued program is distinguished by one or more aliases, and accompanied by a huge amount of information, which goes beyond the pure needs of the end user. Snapshots of the graphic interface, detailed descriptions, change logs, links to social pages, and lists of licenses and dependencies are examples of all the useful information which can be carefully attached by users to each page. Everyone can freely subscribe to the Directory and create new pages, but only the pages reviewed and approved by administrators become visible and indexable. Administrative approvals are always made according to strict rules aimed at preventing the spread of proprietary content. As on Wikipedia, each user can have a self-approved personal page, where they can define their identity and discuss with other users. Users can also include sub-pages on which to publish their thematic articles, and any tools useful for the daily life of the Directory. User access rights are assigned to active users, and all those who demonstrate that they have the necessary technical skills and wish to devote themselves daily to the care of the pages have a chance to be welcomed onto the staff. This serene and flexible organization, based on bonds of trust built on facts and adherence to well-defined common ideals, guarantees that the technological and social development produced by the project is gradual but unstoppable. Thus, any investment of time by volunteers is amply repaid. The project has proved to be a clear success, so much that over the years it has received funding from UNESCO, and is still supported by the Free Software Foundation. The portal boasts the participation of more than 3,000 users from all over the world. Since its creation, it has accumulated more than 80,000 verified and recorded revisions for posterity in the chronology of the MediaWiki pages, all of which are dedicated to facilitating the essential freedoms in more than 16,000 free programs. The portal's ability to adapt and survive was possible not only because of the technical creativity of the staff, but also by the solid ideal at its base. By guaranteeing maximum visibility to free software, it has thus rewarded developers who freely employ their knowledge for the good of humanity. The transition to free licenses is indeed a moral duty of every developer, and the Free Software Directory is deployed at the forefront to facilitate it with great benefit to the world's cultural heritage. Read more