Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla's Privacy Words/Promises

Filed under
Moz/FF
  • Creating privacy-centric virtual spaces

    We now live in a world with instantaneous communication unrestrained by geography. While a generation ago, we would be limited by the speed of the post, now we’re limited by the speed of information on the Internet. This has changed how we connect with other people.

    As immersive devices become more affordable, social spaces in virtual reality (VR) will become more integrated into our daily lives and interactions with friends, family, and strangers. Social media has enabled rapid pseudonymous communication, which can be directed at both a single person and large groups. If social VR is the next evolution of this, what approaches will result in spaces that respect user identities, autonomy, and safety?

    We need spaces that reflect how we interact with others on a daily basis.

  • Mozilla previews Firefox VPN, will charge for service at some point

    Mozilla has not hidden its desire to branch into new revenue territories to divest from the more-or-less-single-source of search engine royalties. In June, CEO Chris Beard and other Mozilla officials said that paid service subscriptions would roll out this fall, but assured users that the browser itself would remain free of charge. The VPN could be the first of several paid services pitched to Firefox users, or part of a larger all-in-one package; Mozilla hasn't been clear about the form(s) this new revenue stream may take.

    Nor did Wood say how long her team will test Firefox Private Network. However, she did position this iteration of Test Pilot differently than before. "The difference with the newly relaunched Test Pilot program is that these products and services may be outside the Firefox browser, and will be far more polished, and just one step shy of general public release," she said.

  • Encrypted DNS could help close the biggest privacy gap on the Internet. Why are some groups fighting against it?

    Thanks to the success of projects like Let’s Encrypt and recent UX changes in the browsers, most page-loads are now encrypted with TLS. But DNS, the system that looks up a site’s IP address when you type the site’s name into your browser, remains unprotected by encryption.

    Because of this, anyone along the path from your network to your DNS resolver (where domain names are converted to IP addresses) can collect information about which sites you visit. This means that certain eavesdroppers can still profile your online activity by making a list of sites you visited, or a list of who visits a particular site. Malicious DNS resolvers or on-path routers can also tamper with your DNS request, blocking you from accessing sites or even routing you to fake versions of the sites you requested.

Mozilla: Firefox Sending DNS Traffic to Cloudflare, Shepherds 3.0

Filed under
Moz/FF
    Turn off DoH, Firefox. Now.

    DoH means that Firefox will concentrate all DNS traffic on Cloudflare, and they send traffic from all their users to one entity. So what does that mean? It means people outside the US can now be fully tracked by US government: now some of you might wonder if this is actually in line with GDPR (The EU General Data Protection Regulation). It is indeed very questionable if DoH is rolled out as default, since users do NOT opt in, but have to opt out.

  • DoH disabled by default in Firefox

    Disable DoH by default. While encrypting DNS might be a good thing, sending all DNS traffic to Cloudflare by default is not a good idea. Applications should respect OS configured settings. The DoH settings still can be overriden if needed. ok landry@ job@

  • Niko Matsakis: AiC: Shepherds 3.0

    What I’m proposing, at its heart, is very simple. I want to better document the “agenda” of the lang-team. Specifically, if we are going to be moving a feature forward1, then it should have a shepherd (or multiple) who is in charge of doing that.

    In order to avoid unbounded queues, the number of things that any individual can shepherd should be limited. Ideally, each person should only shepherd one thing at a time, though I don’t think we need to make a firm rule about it.

    Becoming a shepherd is a commitment on the part of the shepherd. The first part of the lang team meeting should be to review the items that are being actively shepherded and get any updates. If we haven’t seen any movement in a while, we should consider changing the shepherd, or officially acknowleding that something is stalled and removing the shepherd altogether.

    Assigning a shepherd is a commitment on the part of the rest of the lang-team as well. Before assigning a shepherd, we should discuss if this agenda item is a priority. In particular, if someone is shepherding something, that means we all agree to help that item move towards some kind of completion. This means giving feedback, when feedback is requested. It means doing the work to resolve concerns and conflicts. And, sometimes, it will mean giving way. I’ll talk more about this in a bit.

Firefox Reality 1.4

Filed under
Moz/FF

With this release, we’re excited to announce that users can enjoy browsing in multiple windows side-by-side. Each window can be set to the size and position of your choice, for a super customizable experience.

And, by popular demand, we’ve enabled local browsing history, so you can get back to sites you've visited before without typing. Sites in your history will also appear as you type in the search bar, so you can complete the address quickly and easily. You can clear your history or turn it off anytime from within Settings.

The Content Feed also has a new and improved menu of hand-curated “Best of WebVR” content for you to explore. You can look forward to monthly updates featuring a selection of new content across different categories including Animation, Extreme (sports/adrenaline/adventure), Music, Art & Experimental and our personal favorite way to wind down a day, 360 Chill.

Read more

Internet: New Curl, Chrome and Firefox Features

Filed under
Google
Moz/FF
Web
  • Daniel Stenberg: curl 7.66.0 – the parallel HTTP/3 future is here

    I personally have not done this many commits to curl in a single month (August 2019) for over three years. This increased activity is of course primarily due to the merge of and work with the HTTP/3 code. And yet, that is still only in its infancy…

  • Chrome 77 Released With Serial API, WebVR 1.1 & Any Element Can Provide Form Data

    Google has rolled out Chrome 77 into their stable channel as the newest version of their lightning fast web browser for Linux.

    Chrome 77 now supports any HTML element providing form data via the "formdata" event, various security improvements, a Serial API for interacting with devices connected to physical or virtual serial ports, WebVR 1.1 support, tab sharing between devices, and a variety of other improvements.

  • Chrome for Android Update

    Hi, everyone! We've just released Chrome 77 (77.0.3865.73) for Android: it'll become available on Google Play over the next few weeks.

  • Chrome 77 for Mac, Windows rolling out: ‘Send this page’ sharing, new favicon animation, more

    Google is rolling out the latest version of Chrome for Mac, Windows, and Linux. Chrome 77 more widely introduces the “Send this page” cross-device sharing...

  • Google Chrome 77 Is Out for Linux, Android, Windows & Mac with 52 Security Fixes

    Google has promoted the Chrome 77 web browser to the stable channel for all supported platforms, including Linux, Android, Windows, and Mac.
    Google Chrome 77 introduces several performance enhancements to speed up your browsing experience, including new performance metrics that helps web developers measure how fast the content of a web page loads so you can access it faster than ever, as well as new form capabilities to support custom form controls.

    "It has not always been easy for developers to measure how quickly the main content of a web page loads and is visible to users. The usefulness of existing metrics varies. Some metrics are only measurable in a lab, while others tell nothing about content that users care about. Consider the example below, taken from a DevTools performance audit," said Google.

    Additionally, Google Chrome 77 introduces new origin trials that lets you to try new Chrome features before they are released and give feedback to the web standards community on their usability, effectiveness, and practicality. Users will be able to register for the origin trials here.

  • Google Unveils DNS-over-HTTPS (DoH) Plan, Mozilla's Faces Criticism

    Google has announced that they would soon be performing a trial of utilizing DNS-over-HTTPS (DoH) in the Google Chrome browser. This experiment will be conducted in Chrome 78 and will attempt to upgrade a user's DNS server to a corresponding DoH server, and if available, use that for DNS resolution.

    For those unfamiliar with DoH, it allows DNS resolution to be conducted over encrypted HTTPS connections rather than through the normal plain text DNS lookups.

  • Mozilla Reps Community: Rep of the Month – July 2019

    Please join us in congratulating Bhuvana Meenakshi Koteeswaran, Rep of the Month for July 2019!

    Bhuvana is from Salem, India. She joined the Reps program at the end of 2017 and since then she has been involved with Virtual and Augmented Reality projects.

Mozilla: Copyright Alternative in Small Claims Enforcement (CASE), VR, Security and Privacy

Filed under
Moz/FF
  • Mozilla Open Policy & Advocacy Blog: CASE Act Threatens User Rights in the United States

    This week, the House Judiciary Committee is expected to mark up the Copyright Alternative in Small Claims Enforcement (CASE) Act of 2019 (H.R. 2426). While the bill is designed to streamline the litigation process, it will impose severe costs upon users and the broader internet ecosystem. More specifically, the legislation would create a new administrative tribunal for claims with limited legal recourse for users, incentivizing copyright trolling and violating constitutional principles. Mozilla has always worked for copyright reform that supports businesses and internet users, and we believe that the CASE Act will stunt innovation and chill free expression online. With this in mind, we urge members to oppose passage of H.R. 2426.

    First, the tribunal created by the legislation conflicts with well-established separation of powers principles and limits due process for potential defendants. Under the CASE Act, a new administrative board would be created within the Copyright Office to review claims of infringement. However, as Professor Pamela Samuelson and Kathryn Hashimoto of Berkeley Law point out, it is not clear that Congress has the authority under Article I of the Constitution to create this tribunal. Although Congress can create tribunals that adjudicate “public rights” matters between the government and others, the creation of a board to decide infringement disputes between two private parties would represent an overextension of its authority into an area traditionally governed by independent Article III courts.

  • Mozilla VR Blog: WebXR emulator extension

    We are happy to announce the release of our WebXR emulator browser extension which helps WebXR content creation.

  • Firefox security tips: Understand how hackers work

    Forget about those hackers in movies trying to crack the code on someone’s computer to get their top secret files. The hackers responsible for data breaches usually start by targeting companies, rather than specific individuals. They want to get data from as many people as possible so they can use, resell or leverage it to make money.

  • Firefox’s Test Pilot Program Returns with Firefox Private Network Beta

    Like a cat, the Test Pilot program has had many lives. It originally started as an Add-on before we relaunched it three years ago. Then in January, we announced that we were evolving our culture of experimentation, and as a result we closed the Test Pilot program to give us time to further explore what was next.

    We learned a lot from the Test Pilot program. First, we had a loyal group of users who provided us feedback on projects that weren’t polished or ready for general consumption. Based on that input we refined and revamped various features and services, and in some cases shelved projects altogether because they didn’t meet the needs of our users. The feedback we received helped us evaluate a variety of potential Firefox features, some of which are in the Firefox browser today.

    If you haven’t heard, third time’s the charm. We’re turning to our loyal and faithful users, specifically the ones who signed up for a Firefox account and opted-in to be in the know about new products testing, and are giving them a first crack to test-drive new, privacy-centric products as part of the relaunched Test Pilot program. The difference with the newly relaunched Test Pilot program is that these products and services may be outside the Firefox browser, and we will be far more polished, and just one step shy of general public release.

  • In the US? You Can Try Firefox’s New VPN Feature

    Not only has Mozilla suddenly revived its (much missed) Test Pilot program, but it’s using it to check the tyres on a really interesting new feature: a VPN.

    The new Test Pilot site is currently home to ‘Firefox Private Network’, a beta product that, the company says, is near release.

Mozilla: DNS, Chrome Web Store and MDN

Filed under
Moz/FF
  • Firefox will soon 401 your URL with DNS

    There are no specific rollout details for this feature, though Mozilla says it'll be live for US users by the end of this month. When we'll see it in Blighty? We'll let you know when we do. Mozilla is staging the rollout to bug bash any problems it comes across.

  • State of the art protection in Chrome Web Store

    All of you certainly know already that Google is guarding its Chrome Web Store vigilantly and making sure that no bad apples get in. So when you hit “Report abuse” your report will certainly be read carefully by another human being and acted upon ASAP. Well, eventually… maybe… when it hits the news. If it doesn’t, then it probably wasn’t important anyway and these extensions might stay up despite being taken down by Mozilla three months ago.

    As to your legitimate extensions, these will be occasionally taken down as collateral damage in this fierce fight. Like my extension which was taken down due to missing a screenshot because of not having any user interface whatsoever. It’s not possible to give an advance warning either, like asking the developer to upload a screenshot within a week. This kind of lax policies would only encourage the bad guys to upload more malicious extensions without screenshots of course.

    And the short downtime of a few weeks and a few hours of developer time spent trying to find anybody capable of fixing the problem are surely a small price to pay for a legitimate extension in order to defend the privilege of staying in the exclusive club of Chrome extension developers. So I am actually proud that this time my other browser extension, PfP: Pain-free Passwords, was taken down by Google in its relentless fight against the bad actors.

  • Caniuse and MDN compatibility data collaboration

    Web developers spend a good amount of time making web compatibility decisions. Deciding whether or not to use a web platform feature often depends on its availability in web browsers.

    [...]

    We’ve been asked why the datasets are treated differently. Why didn’t we merge them in the first place? We discussed and considered this option. However, due to the intrinsic differences between our two projects, we decided not to. Here’s why:

    MDN’s support data is very broad and covers feature support at a very granular level. This allows MDN to provide as much detailed information as possible across all web technologies, supplementing the reference information provided by MDN Web Docs.

    Caniuse, on the other hand, often looks at larger features as a whole (e.g. CSS Grid, WebGL, specific file format support). The caniuse approach provides developers with higher level at-a-glance information on whether the feature’s supported. Sometimes detail is missing. Each individual feature is added manually to caniuse, with a primary focus on browser support coverage rather than on feature coverage overall.

    Because of these and other differences in implementation, we don’t plan on merging the source data repositories or matching the data schema at this time. Instead, the integration works by matching the search query to the feature’s description on caniuse.com. Then, caniuse generates an appropriate feature table, and converts MDN support data to the caniuse format on the fly.

Firefox 69 available in Fedora

Filed under
Moz/FF

When you install the Fedora Workstation, you’ll find the world-renowned Firefox browser included. The Mozilla Foundation underwrites work on Firefox, as well as other projects that promote an open, safe, and privacy respecting Internet. Firefox already features a fast browsing engine and numerous privacy features.

A community of developers continues to improve and enhance Firefox. The latest version, Firefox 69, was released recently and you can get it for your stable Fedora system (29 and later). Read on for more details.

Read more

Why Use Firefox Portable?

Filed under
Moz/FF

The portable edition of Mozilla Firefox is commonly referred to as ‘Firefox Portable’. This is just a repacked version of Mozilla Firefox created by J. T. Haller. The software is designed to allow Firefox to operate from a CD-ROM, USB flash drive or any other portable device on Windows computer or UNIX/Linux computer running Wine.

One unique thing about this program is that it doesn’t need Firefox to get installed on a computer. Also, it doesn’t leave behind your private information on an interface or computer with pre-installed versions of Firefox. However, you can install this software on a hard drive without any problem.

Read more

Mozilla: DNS-over-HTTPS (DoH) and Communications

Filed under
Moz/FF
  • What’s next in making Encrypted DNS-over-HTTPS the Default

    In 2017, Mozilla began working on the DNS-over-HTTPS (DoH) protocol, and since June 2018 we’ve been running experiments in Firefox to ensure the performance and user experience are great. We’ve also been surprised and excited by the more than 70,000 users who have already chosen on their own to explicitly enable DoH in Firefox Release edition. We are close to releasing DoH in the USA, and we have a few updates to share.

    After many experiments, we’ve demonstrated that we have a reliable service whose performance is good, that we can detect and mitigate key deployment problems, and that most of our users will benefit from the greater protections of encrypted DNS traffic. We feel confident that enabling DoH by default is the right next step. When DoH is enabled, users will be notified and given the opportunity to opt out.

    This post includes results of our latest experiment, configuration recommendations for systems administrators and parental controls providers, and our plans for enabling DoH for some users in the USA.

  • Mike Hoye: Forward Motion

    This has been a while coming; thank you for your patience. I’m very happy to be able to share the final four candidates for Mozilla’s new community-facing synchronous messaging system.

    [...]

    We’ve been spoiled for choice here – there were a bunch of good-looking options that didn’t make it to the final four – but these are the choices that generally seem to meet our current institutional needs and organizational goals.

    We haven’t stood up a test instance for Slack, on the theory that Mozilla already has a surprising number of volunteer-focused Slack instances running already – Common Voice, Devtools and A-Frame, for example, among many others – but we’re standing up official test instances of each of the other candidates shortly, and they’ll be available for open testing soon.

    The trial period for these will last about a month. Once they’re spun up, we’ll be taking feedback in dedicated channels on each of those servers, as well as in #synchronicity on IRC.mozilla.org, and we’ll be creating a forum on Mozilla’s community Discourse instance as well. We’ll have the specifics for you at the same time as those servers will be opened up and, of course you can always email me.

Firefox 69 Released with Default Tracking Protection Enabled.

Filed under
Moz/FF

Firefox 69 Web Browser Released. Download Now. This release comes with Enhanced Tracking Protection enabled by default, stopping video autoplay features and many more.

Read more

Syndicate content

More in Tux Machines

Servers: Kubernetes, Red Hat, USENET and Solaris

  • HPE launches container platform, aims to be 100% open source Kubernetes

    Hewlett Packard Enterprise launched its HPE Container Platform, a Kubernetes container system designed to run both cloud and on-premises applications. On the surface, HPE Container Platform will face an uphill climb as all the top cloud providers have Kubernetes management tools and instances and IBM with Red Hat has a big foothold for hybrid cloud deployments and the container management that goes with it. HPE, which recently outlined a plan to make everything a service, is betting that the HPE Container Platform can differentiate itself based on two themes. First, HPE is pledging that its container platform will be 100% open source Kubernetes compared to other systems that have altered Kubernetes. In addition, HPE Container Platform will be able to run across multiple environments and provide one management layer.

  • Virtio-networking: first series finale and plans for 2020

    Let's take a short recap of the Virtio-networking series that we've been running the past few months. We've covered a lot of ground! Looking at this series from a high level, let's revisit some of the topics we covered: [...] For those who didn't crack and made it all the way here, we hope this series helped you clarify the dark magic of virtio and low-level networking both in the Linux kernel and in DPDK.

  • Inside the Book of Red Hat

    Shared stories are the cornerstone of community. And in open organizations like Red Hat—where community is paramount—shared stories are especially important to the collective identity that binds participants together. At Red Hat, we're quite fond of the stories that inform our shared history, purpose, and culture. We've just collected some of them in a new version of the Book of Red Hat, which is available now. Here are just three of the community-defining moments the book recounts.

  • The Early History of Usenet, Part III: File Format

    When we set out to design the over-the-wire file format, we were certain of one thing: we wouldn't get it perfectly right. That led to our first decision: the very first character of the transmitted file would be the letter "A" for the version. Why not a number on the first line, including perhaps a decimal point? If we ever considered that, I have no recollection of it. A more interesting question is why we didn't use email-style headers, a style later adopted for HTTP. The answer, I think, is that few, if any, of us had any experience with those protocols at that time. My own personal awareness of them started when I requested and received a copy of the Internet Protocol Transition Workbook a couple of years later — but I was only aware of it because of Usenet. (A few years earlier, I gained a fair amount of knowledge of the ARPANET from the user level, but I concentrated more on learning Multics.) Instead, we opted for the minimalist style epitomized by 7th Edition Unix. In fact, even if we had known of the Internet (in those days, ARPANET) style, we may have eschewed it anyway. Per a later discussion of implementation, the very first version of our code was a shell script. Dealing with entire lines as single units, and not trying to parse headers that allowed arbitrary case, optional white space, and continuation lines was certainly simpler! [...] Sending a date and an article title were obvious enough that these didn't even merit much discussion. The date and time line used the format generated by the ctime() or asctime() library routines. I do not recall if we normalized the date and time to UTC or just ignored the question; clearly, the former would have been the proper choice. (There is an interesting discrepancy here. A reproduction of the original announcement clearly shows a time zone. Neither the RFC nor the ctime() routine had one. I suspect that announcement was correct.) The most interesting question, though, was about what came to be called newsgroups. We decided, from the beginning, that we needed multiple categories of articles — newsgroups. For local use, there might be one for academic matters ("Doctoral orals start two weeks from tomorrow"), social activities ("Reminder: the spring picnic is Sunday!"), and more. But what about remote sites? The original design had one relayed newsgroup: NET. That is, there would be no distinction between different categories of non-local articles.

  • From humble Unix sysadmin to brutal separatist suppressor to president of Sri Lanka

    A former Unix sysadmin has been elected the new president of Sri Lanka, giving hope to all those IT workers who fear they are trapped in a role where the smallest of decisions can have catastrophic consequences if it goes wrong. Gotabaya Rajapaksa, younger brother of former president Mahindra, won the popular vote in an election held on Saturday (16 November). He is notable to The Register's readership for his stint working in America as a Solaris system integrator and later as a Unix sysadmin for a Los Angeles university.

Ubuntu and Debian Picks

  • Ubuntu Weekly Newsletter 605

    Welcome to the Ubuntu Weekly Newsletter, Issue 605 for the week of November 10 – 16, 2019. The full version of this issue is available here.

  • Russell Coker: 4K Monitors

    I like having lots of terminal windows on my desktop. For common tasks I might need a few terminals open at a time and if I get interrupted in a task I like to leave the terminal windows for it open so I can easily go back to it. Having more 80*25 terminal windows on screen increases my productivity. My previous monitor was 2560*1440 which for years had allowed me to have a 4*4 array of non-overlapping terminal windows as well as another 8 or 9 overlapping ones if I needed more. 16 terminals allows me to ssh to lots of systems and edit lots of files in vi. Earlier this year I had found it difficult to read the font size that previously worked well for me so I had to use a larger font that meant that only 3*3 terminals would fit on my screen. Going from 16 non-overlapping windows and an optional 8 overlapping to 9 non-overlapping and an optional 6 overlapping is a significant difference. I could get a second monitor, and I won’t rule out doing so at some future time. But it’s not ideal.

  • SCP Foundation needs you!

    SCP is a mind-blowing, diverse, high-quality collection of writings and illustrations, all released under the CC-BY-SA free license. If you never read horror stories written with scientific style -- have a try :) [obviously this has nothing to do with OpenSSH Secure CoPy ;)]

Proprietary: CrossOver 19, ycrash and SUSE Pushing HANA

  • CROSSOVER 19 IS PROGRESSING WELL AND IS NOW IN BETA!

    It's been two weeks; we feel we owe everyone an update on our efforts to support 32 bit Windows applications on macOS Catalina, despite Apple's decision to terminate support for 32 bit applications. I'm happy to announce that we have released the first beta version of CrossOver 19 on Friday, November 15, 2019 to our community of advocates and beta testers. Further, our alpha testing and other internal testing has gone well, so I am confident that we will have a final product ready before the end of the year.

  • CrossOver 19 Enters Beta With Better Microsoft Office Support On Linux

    CodeWeavers' Jeremy White has announced that CrossOver 19 is now in beta for existing customers of this Wine-based software for running Windows programs on Linux and macOS. The biggest benefactor of CrossOver 19 is Apple macOS users with there being initial support for macOS Catalina. CrossOver/Wine needed a lot of changes to enable support for this newest version of macOS particularly for 32-bit Windows programs with Apple aiming to end 32-bit application support on their operating system.

  • Overview of ycrash – finding the source of your problem

    Take a tour of ycrash in this article by Ram Lakshmanan. ycrash helps capture critical artifacts, including garbage collection logs, thread dumps, core dumps, heap dumps, disk usage, and more when the problem happens. It applies machine learning algorithms and generates a report which gives you a complete view of the problem, down to the lines of code that caused it. The industry has seen cutting edge application performance monitoring tools (AppDynamics, NewRelic, Dynatrace…), log analysis tools (DataDog, Splunk,…). These are great tools for detecting problems. i.e. they can detect CPU spiked by x%, memory degraded by y%, response time shot up by z seconds. But they don’t answer the question: Why has the CPU spiked up? Why has memory degraded? Why has the response time increased? You still need to engage developers/architects/vendors to troubleshoot the problem and identify the root cause of the problem. ycrash captures critical artifacts (GC logs, thread dumps, core dumps, heap dumps, netstat, vmstat, lsof, iostat, top, disk usage….) when the problem happens, applies machine learning algorithms, and generates one unified root cause analysis report. This report gives you a 360-degree view of the problem. The report points out the exact class, method, and line of code that caused the problem.

  • SAP HANA is now supported on SUSE Linux Enterprise Server for SAP Applications 15 SP1

today's howtos