Language Selection

English French German Italian Portuguese Spanish


Mozilla News and Development

Filed under
  • Test Pilot No More 404s Graduation Report

    Last winter, some folks from the Test Pilot team got together with some folks from the Internet Archive and hatched a plan. On the Test Pilot side of things, we were busy building our platform and getting experiments out into the wild. Meanwhile, the team at the Internet Archive was prototyping an add-on to help users avoid dead ends on the Web by checking if they had archived versions of sites available in the Wayback Machine for users who encountered 404 errors.

  • Firefox Nightlies
  • Firefox Performance Update #2

    So I’ve had my eyes out, watching for bugfixes that are landing in the Firefox code base that will speed it up for our users.

  • Fun with Themes in Firefox

    Last year, I started work on a new Test Pilot experiment playing with themes in Firefox.

    So far, we’ve been calling it ThemesRFun - though we’re in the process of coming up with an official name.

  • Announcing Rust 1.24.1

    The Rust team is happy to announce a new version of Rust, 1.24.1. Rust is a systems programming language focused on safety, speed, and concurrency.

  • March’s Featured Extensions

Mozilla Firefox 59 Web Browser Promises New Privacy and Security Features

Filed under

Firefox is known as one of the most secure browsers on the market, but Mozilla wants it to be more privacy-aware and secure than ever before. That's why it looks like Firefox 59 will be coming with new privacy settings that won't allow intrusive sites to access your camera, microphone or location, nor to ask you if you want to receive any notifications.

In Firefox's Preferences panel, under Privacy & Security, there's a Permissions section that lets users choose which websites will have access tp location, camera, microphone, and notification and which won't. These settings are already present in the current stable Firefox version and are essential for protecting your privacy and keep your online presence secure from hackers.

Read more

Mozilla News/Development

Filed under
  • Analysis of the Alexa Top 1M Sites

    Prior to the release of the Mozilla Observatory in June of 2016, I ran a scan of the Alexa Top 1M websites. Despite being available for years, the usage rates of modern defensive security technologies was frustratingly low. A lack of tooling combined with poor and scattered documentation had led to minimal awareness around countermeasures such as Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and Subresource Integrity (SRI).

  • Things Gateway, Part 4
  • Discontinuing support for beta versions (AMO) has supported a way for developers to upload beta versions of their add-ons. This allowed power users to test upcoming features and fixes before they are published to all users. It has been a useful feature to have for some developers.

  • Dear Mick Mulvaney: Don’t Let Equifax Off Easy

    Today, Mozilla is visiting the Consumer Financial Protection Bureau (CFPB) in Washington, D.C. with 27,052 signatures and a loud message: “Mick Mulvaney, don’t let Equifax off easy.”

    Last year’s Equifax data breach was a seismic event: Tens of millions of Americans had their personal information — from Social Security numbers to home addresses — pilfered by hackers, exposing them to fraud and identity theft. Equifax customers in other countries, like the UK and Canada, were also affected.

    Then, earlier this month, we learned the breach may have been worse than expected, with Americans’ tax IDs and driver’s license numbers swept up in the hack, too.

    This bad news broke just days after an astonishing development: The CFPB is not pursuing an investigation into the 2017 breach.

  • The 5 Stages of Experiment Analysis

    I've been thinking about experimentation a lot recently. Our team is spending a lot of effort trying to make Firefox experimentation feel easy. But what happens after the experiment's been run? There's not a clear process for taking experimental data and turning it into a decision.

    I noted the importance of Decision Reports in Desirable features for experimentation tools. This post outlines the process needed to get to a solid decision report. I'm hoping that outlining this process will help us disambiguate what our tools are meant to do and identify gaps in our tooling.

  • How to Try Firefox CSD on Linux, Right Now

    Firefox support for client-side decorations (better known as CSD) is coming to its Linux app — but if you can’t live without it, we’re gonna show you how to enable it.

    As we’ve mentioned before, a CSD toggle is present in nightly builds of the browser. When enabled on GTK3 desktop it merges the title bar and tab bar into one unified bar.

    This gives the browser a neat, compact look, and is in keeping with other GTK3 apps that use header bars (like, basically, all of them).

Mozilla News Leftovers

Filed under
  • Introduction to Neutrino

    If you want to learn more about Neutrino, Eli Perelman (original author of the project) wrote about Neutrino at You can find the official documentation at

  • Firefox 59 new contributors

    With the upcoming release of Firefox 59, we are pleased to welcome the 53 developers who contributed their first code change to Firefox in this release, 49 of whom were brand new volunteers!

  • 5 Ways to Take Screenshots Further

    If you’re a veteran of using old-style screenshot tactics, you know it used to involve a lot of saving to the desktop or cloud, re-finding the image files in a mass of similar file names, then having to crop or otherwise “fix up” the images before re-saving them and getting them into a google doc, presentation, or other platform.

  • Come Join the Rust and WebAssembly Working Group!
  • This Week in Rust 223

    Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed.

  • Django, K8s, and ELB Health checks

    As you may have seen in several of our SRE status reports, we’re moving all of our webapp hosting from Deis to Kubernetes (k8s). As part of that we’ve also been doing some additional thinking about the security of our deployments. One thing we’ve not done as good a job as we should is with Django’s ALLOWED_HOSTS setting. We should have been adding all possible hosts to that list, but it seems we used to occasionally leave it set to ['*']. This isn’t great, but also isn’t the end-of-the-world since we don’t knowingly construct URLs using the info sent via the Host header. In an effort to cover all bases we’ve decided to improve this. Unfortunately our particular combination of technologies doesn’t make this as easy as we thought it would (story of our lives).



    That was a long way to go to get to some simple health checking, but we believe it was the right move for the reliability and security of our Django apps hosted in our k8s infrastructure on AWS. Please check out the repo for django-allow-cidr on Github if you’re interested in the code. Our hope is that releasing this as a general use package will help others that find themselves in our situation, as well as helping ourselves to do less copypasta coding around our various web projects.

Mozilla: Resilient CSS Week, Speed Without Wizardry, Rust, Servo, Firefox and Extensions

Filed under
  • It’s Resilient CSS Week

    Writing code that works in all web browsers at the same time is one of the most important things we do. New technology is coming out all the time. Yet many of the people visiting the websites we build are using old browsers. How can we use new CSS if it’s not supported in every browser — especially when users keep using old, crufty browsers? Do we have to wait until 100% of people have a browsers with the new feature? Don’t we have to wait until Internet Explorer is dead before we can use the new stuff?

  • Speed Without Wizardry

    Most of the improvements that mraleph implemented are desirable regardless of the programming language that is our medium. Excessive allocation rates make any garbage collector (or malloc and free implementation) a bottleneck. Monomorphization and inlining are crucial to eking out performance in both Rust and JavaScript. Algorithms transcend programming languages.

  • This Week In Servo 105

    Welcome back to This Week in Servo, and apologies for the long delay since the last update! Servo has continued making progress throughout that time, including shipping the Stylo CSS engine in Firefox among many other things. We’re resuming weekly updates now that the pressure has let up a bit!

    In the last week, we landed 87 PRs in the Servo organization’s repositories.

  • Mozilla removes individual cookie management in Firefox 60

    The most recent version of Firefox Nightly, currently at version 60, comes with changes to Firefox's cookie management. Mozilla merged cookie settings with site data in the web browser which impacts how you configure and manage cookie options.

    If you run Firefox 59 or earlier, you can load about:preferences#privacy to manage privacy related settings in Firefox. If you set the history to "use custom settings for history" or "remember history", you get an option manage cookie settings and to remove individual cookies from Firefox.

  • Using Permissions to Establish Trust

    I used to work in an industry where being ISO 9001 certified was necessary in order to remain competitive. If you are unfamiliar with ISO 9001, it is a set of standards that requires a business to document each process, and then follow those documented processes. And every autumn, sure as the leaves falling from the trees, an independent auditor would show up to verify we were indeed documenting and following our processes. It’s like a tax audit you impose on yourself (and about as unpleasant).

    The idea behind ISO 9001, though, is that a certified business can be trusted, both in its business dealings and its delivered products. It is meant to convey a sense of quality and security to customers.

  • Firefox 59 Beta 14 DevEdition Testday, March 2nd

    We are happy to let you know that Friday, 2nd of March, we are organizing Firefox 59 .0b14 DevEdition Testday. We’ll be focusing our testing on the following features: Toolbars & window controls and Default & custom theme support.

Mozilla: Wireless Innovation for a Networked Society, New AirMozilla Audience Demo, Firefox Telemetry

Filed under
  • Net Neutrality, NSF and Mozilla's WINS Challenge Winners, openSUSE Updates and More

    The National Science Foundation and Mozilla recently announced the first round of winners from their Wireless Innovation for a Networked Society (WINS) challenges—$2 million in prizes for "big ideas to connect the unconnected across the US". According to the press release, the winners "are building mesh networks, solar-powered Wi-Fi, and network infrastructure that fits inside a single backpack" and that the common denominator for all of them is "they're affordable, scalable, open-source and secure."

  • New AirMozilla Audience Demo

    The legacy AirMozilla platform will be decommissioned later this year. The reasons for the change are multiple; however, the urgency of the change is driven by deprecated support of both the complex back-end infrastructure by IT and the user interface by Firefox engineering teams in 2016. Additional reasons include a complex user workflow resulting in a poor user experience, no self-service model, poor usability metrics and a lack of integrated, required features.

  • Perplexing Graphs: The Case of the 0KB Virtual Memory Allocations

    Every Monday and Thursday around 3pm I check dev-telemetry-alerts to see if there have been any changes detected in the distribution of any of the 1500-or-so pieces of anonymous usage statistics we record in Firefox using Firefox Telemetry.

Mozilla: Code of Conduct, Kelly Davis, Celebrate Firefox Internet Champions

Filed under
  • ow We’re Making Code of Conduct Enforcement Real — and Scaling it

    This is the first line of our Community Participation Guidelines — and an nudge to keep empathy at center when designing response processes. Who are you designing for? Who is impacted? What are their needs, expectations, dependencies, potential bias and limitations?

  • Role Models in AI: Kelly Davis

    Meet Kelly Davis, the Manager/Technical Lead of the machine learning group at Mozilla. His work at Mozilla includes developing an open speech recognition system with projects like Common Voice and Deep Speech (which you can help contribute to). Beyond his passion for physics and machine learning, read on to learn about how he envisions the future of AI, and advice he offers to young people looking to enter the field.

  • Celebrate Firefox Internet Champions

    While the world celebrates athletic excellence, we’re taking a moment to share some of the amazing Internet champions that help build, support and share Firefox.

Mozilla Development and News

Filed under
  • Removing Support for Unpacked Extensions

    With the release of Firefox 62 (currently scheduled for August 21, 2018) Mozilla will discontinue support for unpacked sideloaded extensions. You will no longer be able to load an extension via the Windows registry by creating an entry with an extension’s directory (i.e. unpacked) after Firefox 61. Starting with Firefox 62, extensions sideloaded via the Windows registry must be complete XPI files (i.e. packed).

  • Making a Clap-Sensing Web Thing

    The Project Things Gateway exists as a platform to bring all of your IoT devices together under a unified umbrella, using a standardized HTTP-based API. We recently announced the Things Gateway and we’ve started a series of hands-on project posts for people who want to set up a Gateway and start playing around with the Web of Things. Earlier this month we began with a high-level overview of how to build a Gateway add-on.

  • Trying Mozilla's Things Gateway

    I have an old Raspberry Pi 1 Model B with a RaZberry Z-Wave Daughterboard which I had soldered a larger external antenna on to last year. I used to run OpenHAB on it to control some z-wave devices before I moved last year and since then it's just been in a box. Let's fire it up!

    This original Raspberry Pi is a single core 700mhz CPU, so I'm planning on running it headless and doing everything remotely over SSH to save on GUI resources.

  • Lando Demo

    Lando is so close now that I can practically smell the tibanna. Israel put together a quick demo of Phabricator/BMO/Lando/hg running on his local system, which is only a few patches away from being a deployed reality.

  • Snips Uses Rust to Build an Embedded Voice Assistant

    The team at Paris-based Snips has created a voice assistant that can be embedded in a single device or used in a home network to control lights, thermostat, music, and more. You can build a home hub on a Raspberry Pi and ask it for a weather report, to play your favorite song, or to brew up a double espresso. Manufacturers like Keecker are adding Snips’ technology to products like multimedia home robots. And Snips works closely with leaders across the value chain, like NVIDIA, EBV, and Analog Devices, in order to voice-enable an increasingly wider range of device types, from speakers to home automation systems to cars.

  • Mozilla v FCC: Mozilla Re-files Suit Against FCC to Protect Net Neutrality

    This morning, the Federal Communications Commission officially published its order overturning net neutrality rules in the Federal Register. We had originally filed suit early while simultaneously urging the court that the correct date was after this publication. We did this in an abundance of caution because we’re not taking any chances with an issue of this importance. That is why today, immediately after the order was published, Mozilla re-filed our suit challenging the FCC net neutrality order. We won’t waste a minute in our fight to protect net neutrality because it’s our mission to ensure the internet is a global public resource, open and accessible to all. An internet that truly puts people first, where individuals can shape their own experience and are empowered, safe and independent.

  • The Death Of Net Neutrality Will Be Official In April (Cue The Lawsuits)

    Of course that's really just the beginning of an entirely new chapter in the fight to prevent broadband monopolies from abusing a lack of competition in the broadband space (remember: net neutrality violations are just a symptom of a lack of competition, a problem nobody wants to seriously address for fear of upsetting campaign contributors).

    The publication in the Federal Register opens the door to the myriad lawsuits that will be filed against the agency. Those lawsuits range from suits by Mozilla and consumer groups, to the 22 state attorneys general who say they're also suing the agency for ignoring the public interest. These lawsuits must be filed within the next 60 days. Expect the court battle to quickly begin heating up in March.

Browsers: Mozilla and Iridium

Filed under
  • Best Web Browser

    When the Firefox team released Quantum in November 2017, they boasted it was "over twice as fast as Firefox from 6 months ago", and Linux Journal readers generally agreed, going as far as to name it their favorite web browser. A direct response to Google Chrome, Firefox Quantum also boasts decreased RAM usage and a more streamlined user interface.

  • Share Exactly What You See On-Screen With Firefox Screenshots

    A “screenshot” is created when you capture what’s on your computer screen, so you can save it as a reference, put it in a document, or send it as an image file for others to see exactly what you see.

  • What Happens when you Contribute, revisited

    I sat down to write a post about my students' experiences this term contributing to open source, and apparently I've written this before (and almost exactly a year ago to the day!) The thing about teaching is that it's cyclic, so you'll have to forgive me as I give a similar lecture here today.

    I'm teaching two classes on open source development right now, two sections in an introductory course, and another two in a follow-up intermediate course. The students are just starting to get some releases submitted, and I've been going through their blogs, pull requests, videos (apparently this generation likes making videos, which is something new for me), tweets, and the like. I learn a lot from my students, and I wanted to share some of what I'm seeing.

  • Iridium Browser: A Browser for the Privacy Conscience

    Iridium is a web browser based on Chromium project. It has been customized to not share your data and thus keeping your privacy intact.

Chrome and Firefox

Filed under
  • The False Teeth of Chrome's Ad Filter.

    Today Google launched a new version of its Chrome browser with what they call an "ad filter"—which means that it sometimes blocks ads but is not an "ad blocker." EFF welcomes the elimination of the worst ad formats. But Google's approach here is a band-aid response to the crisis of trust in advertising that leaves massive user privacy issues unaddressed.

    Last year, a new industry organization, the Coalition for Better Ads, published user research investigating ad formats responsible for "bad ad experiences." The Coalition examined 55 ad formats, of which 12 were deemed unacceptable. These included various full page takeovers (prestitial, postitial, rollover), autoplay videos with sound, pop-ups of all types, and ad density of more than 35% on mobile. Google is supposed to check sites for the forbidden formats and give offenders 30 days to reform or have all their ads blocked in Chrome. Censured sites can purge the offending ads and request reexamination.


    Some commentators have interpreted ad blocking as the "biggest boycott in history" against the abusive and intrusive nature of online advertising. Now the Coalition aims to slow the adoption of blockers by enacting minimal reforms. Pagefair, an adtech company that monitors adblocker use, estimates 600 million active users of blockers. Some see no ads at all, but most users of the two largest blockers, AdBlock and Adblock Plus, see ads "whitelisted" under the Acceptable Ads program. These companies leverage their position as gatekeepers to the user's eyeballs, obliging Google to buy back access to the "blocked" part of their user base through payments under Acceptable Ads. This is expensive (a German newspaper claims a figure as high as 25 million euros) and is viewed with disapproval by many advertisers and publishers.

  • Going Home
  • David Humphrey: Edge Cases
  • Experiments in productivity: the shared bug queue

    Over the next six months, Mozilla is planning to switch code review tools from mozreview/splinter to phabricator. Phabricator has more modern built-in tools like Herald that would have made setting up this shared queue a little easier, and that’s why I paused…briefly

  • Improving the web with small, composable tools

    Firefox Screenshots is the first Test Pilot experiment to graduate into Firefox, and it’s been surprisingly successful. You won’t see many people talking about it: it does what you expect, and it doesn’t cover new ground. Mozilla should do more of this.

Syndicate content

More in Tux Machines

Android Leftovers

today's leftovers

  • Purchased a PlayStation 3 Between 2006 and 2010? You May Be Entitled to $65
    PS3 owners first qualified to receive compensation from Sony following the settlement of a lawsuit in 2016. That case dealt with the "OtherOS" feature that came with the console when it debuted. With OtherOS, Sony promised a new PlayStation that would operate like a computer, allowing users to partition their hard drive and install third-party operating systems like the open-source Linux software.
  • Moro – A Command Line Productivity Tool For Tracking Work Hours
    Keeping track of your work hours will give you an insight about the amount of work you get done in a specific time frame. There are plenty of GUI-based productivity tools available on the Internet for tracking work hours. However, I couldn’t find a good CLI-based tool. Today, I stumbled upon a a simple, yet useful tool named “Moro” for tracking work hours. Moro is a Finnish word which means “Hello”. Using Moro, you can find how much time you take to complete a specific task. It is free, open source and written using NodeJS.
  • Twenty years, 1998 – 2018
    curl 4.0 was just a little more than 2000 lines of C code. It featured 23 command line options. curl 4.0 introduced support for the FTP PORT command and now it could do ftp uploads that append to the remote file. The version number was bumped up from the 3.12 which was the last version number used by the tool under the old name, urlget.
  • What’s New in ArchLabs 2018.03
    ArchLabs 2018.03 is the latest release of Linux distribution based on Arch Linux featuring the Openbox window manager as the primary desktop interface. The project’s latest release ArchLabs 2018.03 brings a few fixes and improvements and improve the user. Powered by Linux kernel 4.15 series and based-on latest version of Arch Linux. LUKS and encryption is now working, for those security concious users out there you should be all go on the encryption side. There have been a few installer updates, base-devel is included at install time. Also the mirrorlist is optimised at the same time.
  • [Older] openSUSE.Asia Summit 2018: Call for Host
    The openSUSE.Asia organization committee is accepting proposals to host the openSUSE.Asia Summit during the second half of 2018. The openSUSE.Asia Summit is the largest annual openSUSE conference in Asia, attended by contributors and enthusiasts from all over Asia.
  • TidalScale Software-Defined Servers Now Support SUSE Linux Enterprise Server
    TidalScale, the leader in Software-Defined Servers, announced today that working in partnership with SUSE, the world’s first provider of Enterprise Linux, TidalScale has achieved SUSE Ready certification to ensure full compatibility with SUSE Linux Enterprise Server. TidalScale’s breakthrough scaling platform allows multiple industry standard servers to be combined into a single Software-Defined Server running a single instance of SUSE Linux Enterprise Server.
  • 8 Best Radio Apps For Android To Stream Online Music In 2018

Kernel and Graphics: Torvalds, Linux Foundation, Nouveau and libinput

  • Which Linux Distribution Does Linus Torvalds Use in 2018?
    We know a sizeable amount of his views on Linux distros, thanks to an interview he took long ago in 2007, but who knows – could he have changed his mind? In a 2007 interview, Linus professed that he didn’t use Debian because he found it hard to install, a statement I find interesting because he’s the guy who wrote GIT in C. Anyway, he buttressed his reason for not using Debian in a later interview from 2014, when he explained that because he is responsible for maintaining his computer and all the computers used by his household, he likes to use an OS with virtually no installation hassle. [...] As far as I know, he uses Fedora on most of his computers because of its fairly good support for PowerPC. He mentioned that he used OpenSuse at one point in time and complimented Ubuntu for making Debian accessible to the mass. So most of the flak on the internet about Linus disliking Ubuntu isn’t factual.
  • Linux Foundation, Intel launch open source IoT hypervisor
    The Linux Foundation has unveiled plans for a new open source project to provide streamlined embedded hypervisors for IoT devices. Called Acrn, the project has been assisted by Intel, which contributed code and engineering. The main thrust of the project is to create small, flexible virtual machines. ACRN comprises two main components: the hypervisor and its device model, complete with I/O mediators. The Linux-based hypervisor can run many ‘guest’ operating systems at the same time.
  • Nouveau NIR Support Appears Almost Baked, NV50 Support Added
    Karol Herbst at Red Hat started off this week by publishing his latest patches around Nouveau NIR support as part of the company's effort for getting SPIR-V/compute support up and running on this open-source NVIDIA driver. Red Hat's grand vision around open-source GPGPU compute still isn't entirely clear especially with Nouveau re-clocking not being suitable for delivering high performance at this point, but it must be grand given the number of developers they have working on improving the Linux GPU compute stack at the moment.
  • xf86-input-libinput 0.27.0 Released
    Aside from a few touchpad issues and other minor random issues with select hardware, libinput these days is mostly in great shape for being a generic input handling library that is working out well for both X.Org and Wayland users.

KDE: KDE Applications 18.04, KDE Connect, KMyMoney 5.0.1 and Qt Quick

  • KDE Applications 18.04 branches created
    Make sure you commit anything you want to end up in the KDE Applications 18.04 release to them :)
  • KDE Connect – State of the union
    We haven’t blogged about KDE Connect in a long time, but that doesn’t mean that we’ve been lazy. Some new people have joined the project and together we have implemented some exciting features. Our last post was about version 1.0, but recently we released version 1.8 of the Android app and 1.2.1 of the desktop component some time ago, which we did not blog about yet. Until now!
  • KMyMoney 5.0.1 released
    The KMyMoney development team is proud to present the first maintenance version 5.0.1 of its open source Personal Finance Manager. Although several members of the development team had been using the new version 5.0.0 in production for some time, a number of bugs and regressions slipped through testing, mainly in areas and features not used by them.
  • Qt Quick without a GPU: i.MX6 ULL
    With the introduction of the Qt Quick software renderer it became possible to use Qt Quick on devices without a GPU. We investigated how viable this option is on a lower end device, particularly the NXP i.MX6 ULL. It turns out that with some (partially not yet integrated) patches developed by KDAB and The Qt Company, the performance is very competitive. Even smooth video playback (with at least half-size VGA resolution) can be done by using the PXP engine on the i.MX6 ULL.