Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla: Graphs, Ads, VR and Python 3

Filed under
Moz/FF
  • Some More Very Satisfying Graphs

    The power of cleaning up old code: removing 150kb from the average “main” ping sent multiple times per day by each and every Firefox Nightly user.

  • Ad-blocker-blockers hit a new low. What's the solution?

    It may be the wrong day to slam the local newspapers, but this was what greeted me trying to click through to a linked newspaper article this morning on Firefox Android. The link I was sent was from the Riverside Press-Enterprise, but this appears to be throughout the entire network of the P-E's owners, the Southern California News Group (which includes the Orange County Register, San Bernardino Sun and Los Angeles Daily News):

  • This week in Mixed Reality: Issue 11

    This week, we're making great strides in adding new features and making a wide range of improvements and our new contributors are also helping us fix bugs.

  • Python unit tests now running with Python 3 at Mozilla

Firefox: Widmer Brothers, Mozilla Firefox 62 and More

Filed under
Moz/FF
  • Widmer Brothers and Firefox Collaborate on Open Source IPA

    Firefox is one of the world’s most successful open source software projects. This means we make the code that runs Firefox available for anyone to modify and use so long as it adheres to our licence policy. Developers and anyone else who understands code can play with Firefox code, for free.

    This approach to creation is not something that started with the internet. So long as humans have been making things there have been gearheads, chefs, quilters, crafters, brewers and all other kinds of people rebuilding, remixing, crafting and tinkering.

  • Mozilla Firefox 62 Web Browser Enters Development with New Privacy Features

    Now that Firefox 61 is out, Mozilla kicked off development on the next release of its popular open-source and free web browser, Firefox 62, which is now available for public beta testing.

    Firefox 62 promises to enhance the overall privacy of users by implementing a few new options starting with a “Clear Site Data and Cookie” button in the identity pop-up found next to the address bar. Mozilla says that this would make it easier for users to delete local browsing data for visited sites, including history, cookies, etc.

  • happy bmo push day!

Mozilla: HaveIBeenPwned and Privacy in Firefox Pre-Release

Filed under
Moz/FF
  • Firefox hooks up with HaveIBeenPwned for account pwnage probe

    Firefox has started testing an easier way for users to check whether they're using an online service that has been hacked, through integration with Troy Hunt's HaveIBeenPwned database.

    The hookup will work like this: part of a user's email address is hashed, and this hash is used to check if the address appears in HaveIBeenPwned's database of 5.1 billion email addresses linked to compromised internet accounts.

    The “Firefox Monitor” test will start with 250,000 users, mostly in the US, according to Mozilla's announcement this week.

  • Firefox Nightly: Protecting Your Privacy in Firefox Pre-Release

    As a matter of principle, we’ve built Firefox to work without collecting information about the people who use it and their browsing habits. Operating in this way is the right thing to do, but it makes it hard to infer what Firefox users do and want so that we can make improvements to the browser and its features. We need this information to compete effectively, but we have to do it in a way that respects our users’ privacy. That is why experimentation in our pre-release channels like Nightly, Beta and Developer Edition is so critical.

Mozilla: Firefox 62.0 Beta, Firefox 62.1 Stable, and More

Filed under
Moz/FF
  • Firefox 62.0 Beta Brings CSS Variable Fonts, "Clear Site Data & Cookies" Option

    Following yesterday's release of Firefox 61, Mozilla pumped Firefox 62 into the beta channel.

    Firefox 62 adds a "Clear Site Data & Cookies" button to the popup next to the address bar for making it easy to delete a site's local data for the current web-site. Firefox 62.0 beta also adds a button to the hamburger menu for toggling tracking protection, more customization options for the new tab page sections, and now supports CSS Variable Fonts.

  • Firefox 61 Makes Switching Tabs Faster on Linux

    A new version of the venerable Mozilla Firefox web browser has been released.

    Firefox 61 is a modest update. Performance improvements and bug fixes make up the bulk of the changes on offer, along with a set of tweaks to the user experience and interface.

  • Firefox 61 Released for Windows, Mac, and Linux

    Mozilla will release Firefox 61 later today. The new browser version includes new features, bugfixes, security fixes, and modifications to the Firefox UI.

  • L10N Report: June Edition
  • Chris H-C: When, Exactly, does a Firefox User Update, Anyway?

    There’s a brand new Firefox version coming. There always is, since we adopted the Rapid Release scheme way back in 2011 for Firefox 5. Every 6-8 weeks we instantly update every Firefox user in the wild with the latest security and performance…

  • If you can't do it in a day, you can't do it

    I was talking with Mark Reid about some of the problems with Coding in a GUI.

  • Workshop experience at Smashing Conf

    I hope you found something interesting out of this post. It’s not my tipical programming related post. I’m very grateful to SmashingConf for having lined up such great speakers and very practical workshops and for Mozilla to support my learning.

Mozilla: Firefox 61, Data Science, and Trust

Filed under
Moz/FF
  • Mozilla Improves Web Browser Security With Firefox 61 Update

    Mozilla announced the release of Firefox 61 on June 26, providing users of the open-source web browser with new features and patches for 18 security vulnerabilities.

    The Firefox 61 milestone comes just over a month since Firefox 60 was released on May 9 and is the fourth major update of Mozilla's flagship browser thus far in 2018. Among the new features in Firefox 61 are improved performance capabilities that continue to build on the speed gains that the Firefox 57 Quantum release boasted in November 2017. In addition, tab management gets a boost in Firefox 61, enabling power users to manage browser tabs more effectively.

  • Cracking the Code — how Mozilla is helping university students contribute to Open Source

    After a year of research, Mozilla’s Open Source Student Network (OSSN), is launching a pilot program to tackle the challenges around how Open Source projects effectively support university students as they work towards their first code contribution.

    Despite an abundance of evidence that the most valuable contributions to a project often come from people under the age of 30, Open Source projects often struggle to onboard and maintain university students as new code contributors.

    Students who have expressed interest in contributing often feel intimidated, that they don’t have the appropriate skills or aren’t able to find a project, to begin with.

  • Planning Data Science is hard: EDA

    I've run into this problem a bunch of times when trying to set OKRs for major analyses. It's nearly impossible to scope a project if I haven't already done some exploratory analysis. I didn't have this problem when I was doing engineering work. If I had a rough idea of what pieces I needed to stitch together, I could at least come up with an order-of-magnitude estimate of how long a project would take to complete. Not so with Data Science: I have a hard time differentiating between analyses that are going to take two weeks and analyses that are going to take two quarters.

  • You can't do data science in a GUI

    I came across You can't do data science in a GUI by Hadley Wickham a little while ago. He hits on a lot of the same problems I mentioned in Don't make me code in your text box.

  • This Week in Rust 240

Mozilla: Release of Firefox 61, Retained Display Lists, and a New Security Tool

Filed under
Moz/FF
  • New Firefox Releases Now Available

    Even though summer is here in the northern hemisphere, we’re not taking any breaks. Firefox continues our focus on making a browser that is smarter and faster than any other, so you can get stuff done before you take that much needed outdoor stroll.

  • Firefox 61 – Quantum of Solstice

    Firefox 61 is now available, and with it come new performance improvements that make the fox faster than ever!

  • Firefox 61 Releasing Today With Performance Improvements, Accessibility Inspector

    Mozilla is on schedule with releasing Firefox 61.0 today and can already be found via their FTP mirrors.

    Firefox 61.0 has us excited due to performance improvements: This new web-browser update has furthered Quantum CSS to offer faster page rendering times with the parsing being parallelized, other rendering speed optimizations, and faster tab switching on Linux/Windows are among the performance enhancements.

  • Retained Display Lists for improved page performance

    Continuing Firefox Quantum’s investment in a high-performance engine, the Firefox 61 release will boost responsiveness of modern interfaces with an optimization that we call Retained Display Lists. Similar to Quantum’s Stylo and WebRender features, developers don’t need to change anything on their sites to reap the benefits of these improvements.

  • Scanning for breached accounts with k-Anonymity

    The new Firefox Monitor service will use anonymized range query API endpoints from Have I Been Pwned (HIBP). This new Firefox feature allows users to check for compromised online accounts while preserving their privacy.

  • Testing Firefox Monitor, a New Security Tool

    From shopping to social media, the average online user will have hundreds of accounts requiring passwords. At the same time, the number of user data breaches occurring each year continues to rise dramatically. Understandably, people are now more worried about internet-related crimes involving personal and financial information theft than conventional crimes. In order to help keep personal information and accounts safe, we will be testing user interest in a security tool that lets users check if one of their accounts has been compromised in a data breach.

Mozilla's 'All Hands' Meeting and Remarks on Public Policy

Filed under
Moz/FF
  • State of Mozilla Support: 2018 Mid-year Update – Part 1

    As you may have heard, Mozilla held one of its All Hands biannual meetings, this time in San Francisco. The support.mozilla.org Admin team was there as well, along with several members of the support community.

    The All Hands meetings are meant to be gatherings summarizing the work done and the challenges ahead. San Francisco was no different from that model. The four days of the All Hands were full of things to experience and participate in. Aside from all the plenary and “big stage” sessions – most of which you should be able to find at Air Mozilla soon – we also took part in many smaller (formal and informal) meetings, workshops, and chats.

  • This Week in Mixed Reality: Issue 10

    Last week, the team was in San Francisco for an all-Mozilla company meeting.

    This week the team is focusing on adding new features, making improvements and fixing bugs.

  • Parliament adopts dangerous copyright proposal – but the battle continues

    n 20 June the European Parliament’s legal affairs committee (JURI) approved its report on the copyright directive, sending the controversial and dangerous copyright reform into its final stages of lawmaking.

  • Data localization: bad for users, business, and security

    Mozilla is deeply concerned by news reports that India’s first data protection law may include data localization requirements. Recent leaks suggest that the Justice Srikrishna Committee, the group charged by the Government of India with developing the country’s first data protection law, is considering requiring companies subject to the law to store critical personal data within India’s borders. A data localization mandate would undermine user security, harm the growth and competitiveness of Indian industry, and potentially burden relations between India and other countries. We urge the Srikrishna Committee and the Government of India to exclude this in the forthcoming legislative proposal.

Mozilla: Openwashing, Things Gateway, and San Francisco All Hands Meeting

Filed under
Moz/FF

Brave/Mozilla News

Filed under
Moz/FF
  • Deterministic Firefox Builds

    As of Firefox 60, the build environment for official Firefox Linux builds switched from CentOS to Debian.

    As part of the transition, we overhauled how the build environment for Firefox is constructed. We now populate the environment from deterministic package snapshots and are much more stringent about dependencies and operations being deterministic and reproducible. The end result is that the build environment for Firefox is deterministic enough to enable Firefox itself to be built deterministically.

  • Brave Launches User Trials for Opt-In Ads That Reward Viewers

    We’ve been busy building our new Basic Attention Token (BAT) platform, which includes a new consent-based digital advertising model that benefits users, publishers, and advertisers. Our first phase started last Fall with the integration of BAT into Brave Payments, and enabled users to anonymously distribute contributions to their favorite publishers and creators.

  • Get Paid For Watching Ads: Brave Browser Announces Opt-in Trials

    Brave, the web browser which garnered a huge fan following, predominantly for its ad blocking feature, and depriving advertisers of confiscating private data by blocking trackers is in the news again. And this time, users can earn some cash.

    In a blog post, Brave announced that it will be conducting voluntary testing of their new ad model in which they will showcase at least 250 pre-packaged ads to users who will sign up for their early access version. Thus, offering a small amount of money in the form of micropayments.

Mozilla: Diversity & Inclusion in Open Source, VR, Phabricator, Rust and WebRender

Filed under
Moz/FF
  • Call for Feedback! Draft of Goal-Metrics for Diversity & Inclusion in Open Source (CHAOSS)

    In the last few months, Mozilla has invested in collaboration with other open source project leaders and academics who care about improving diversity & inclusion in Open Source through the CHAOSS D&I working group. Contributors so far include:

    Alexander Serebrenik (Eindhoven University of Technology) , Akshita Gupta (Outreachy), Amy Marrich (OpenStack), Anita Sarma (Oregon State University), Bhagashree Uday (Fedora), Daniel Izquierdo (Bitergia), Emma Irwin (Mozilla), Georg Link (University of Nebraska at Omaha), Gina Helfrich (NumFOCUS), Nicole Huesman (Intel) and Sean Goggins ((University of Missouri).

  • Introducing A-Terrain - a cartography component for A-Frame

    Have you ever wanted to make a small web app to share your favorite places with your friends? For example your favorite photographs attached to a hike, or just a view of your favorite peak, or your favorite places downtown, or a suggested itinerary for friends visiting?

  • Setting up Arcanist for Mozilla development on Windows
  • Taming Phabricator

    So Mozilla is going all-in on Phabricator and Differential as a code review tool. I have mixed feelings on this, not least because it’s support for patch series is more manual than I’d like. But since this is the choice Mozilla has made I might as well start to get used to it. One of the first things you see when you log into Phabricator is a default view full of information.

  • This Week in Rust 239

    This week's crate is SIMDNoise, a crate to use modern CPU vector instructions to generate various types of noise really fast. Thanks to gregwtmtno for the suggestion!

  • WebRender newsletter #20
Syndicate content

More in Tux Machines

Oracle Yields GraphPipe

  • Oracle open sources Graphpipe to standardize machine learning model deployment
    Oracle, a company not exactly known for having the best relationship with the open source community, is releasing a new open source tool today called Graphpipe, which is designed to simplify and standardize the deployment of machine learning models. The tool consists of a set of libraries and tools for following the standard.
  • Oracle open-sources Graphpipe to make it easier to deploy machine learning models
    Oracle today open-sourced Graphpipe, a tool created to make it easy to serve machine learning models in the cloud made by popular frameworks like TensorFlow, MXNet, Caffe2, and PyTorch. Graphpipe was designed to simplify the deployment of machine learning for use on mobile apps and IoT devices, as well as web services for end users or AI for internal use at companies. “Graphpipe is an attempt to standardize the protocol by which you speak to a remotely deployed machine learning model, and it includes some reference servers that allow you to deploy machine learning models from existing frameworks very easily in an efficient way,” Oracle cloud architect Vish Abrams told VentureBeat in a phone interview. Prior to joining Oracle, Abrams led efforts at NASA to open-source the OpenStack cloud computing platform.
  • Oracle open sources GraphPipe, a new standard for machine learning models
    Machine learning is expected to transform industries. However, its adoption in the enterprise has been slower than some might expect because it's difficult for organizations to deploy and manage machine learning technology on their own. Part of the challenge is that machine learning models are often trained and deployed using bespoke techniques, making it difficult to deploy models across servers or within different departments.
  • Oracle offers GraphPipe spec for machine learning data transmission
    Oracle has developed an open source specification for transmitting tensor data, which the company wants to become a standard for machine learning. Called GraphPipe, the specification provides a protocol for network data transmission. GraphPipe is intended to bring the efficiency of a binary, memory-mapped format while being simple and light on dependencies. There also are clients and servers for deploying and querying machine learning models from any framework.
  • Oracle releases GraphPipe, an open-source tool for deploying AI models
    Major tech firms regularly open-source internal software projects, but it’s not often that Oracle Corp.’s name comes up in this context. Today marked one of those occasions. The database giant this morning released GraphPipe, a tool for easing the deployment of machine learning models. Development on the project was led by Oracle cloud architect Vish Abrams, an open-source veteran who previously worked at NASA as part of the team that created the OpenStack data center operating system.
  • Oracle Open Sources GraphPipe for 'Dead Simple' Machine Learning Deployment

A 'Bridge' for GNU/Linux Games

  • Valve seems to be working on tools to get Windows games running on Linux
    Valve appears to be working on a set of "compatibility tools," called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems. Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems."
  • Valve could be working on compatibility tools to make gaming on Linux easier than ever
    Something to look forward to: Gaming on Linux has never been the ideal experience, and the lack of AAA game compatibility is one of the main reasons for this. That's where Valve comes in, apparently - the company seems to be quietly working on a compatibility tool of its own, called "Steam Play." It seems Valve could be taking another shot at bringing Linux to the forefront of PC gaming if recently-discovered Steam GUI files are anything to go by. Curious Reddit users dug into Steam database files obtained by Steam Tracker. Recent updates to the database include numerous hints at something called "Steam Play," which is beginning to sound like a compatibility tool of sorts.
  • Steam may be getting tools that will enable Windows games to run in Linux
    Valve announced the Linux-based SteamOS in 2013, just prior to the reveal of the vaguely console-like Steam Machine PCs. It was a big, bold move that ultimately petered out: Valve ditched the Steam Machines section of its website in April, aalthough you can still hit it directly if you know the URL.
  • Looks like Steam’s getting built-in tools to run Windows games on Linux
    A few lines of code uncovered in Steam suggest that Valve is working on compatibility tools to allow users to play games regardless of operating system. Put another way, Steam’s going to let you run Windows games on Mac and Linux with a set of software built directly into the client. Uncovered strings all come under the “Steam_Settings_Compat” header, and all reference back to Steam Play. That’s currently the moniker Valve used to distinguish games that come as a single purchase playable across Windows, Mac, and Linux, but the strings suggest a new definition on the way.
  • Rumour: Valve May Be Adding Windows Steam Game Compatibility to Linux
    In a very interesting move, sleuths over at GamingOnLinux appear to unearthed evidence that Valve is experimenting with tools that could allow Windows Steam games to be playable on Linux operating systems. Up until this point, a game has to be specifically developed for Linux in order to be compatible with Unix-based operating systems. There are workarounds available right now, but it’s notoriously unreliable and a major hassle to get sorted. However, updates posted to the Steam Database github indicates Valve is at least testing an automatic method for running Windows games on Linux. Picking through the github notes, the tool appears to be called ‘Steam Play’, which the compatibility info says “Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems.”

Security: Updates, IPSec, Elections, AWS and Surveillance

  • Security updates for Wednesday
  • Cisco, Huawei, ZyXel, and Huawei patch Cryptographic IPSEC IKE Vulnerability
  • 11-year-old shows it’s child’s play to mess with elections
    At the DefCon Voting Village in Las Vegas last year, participants proved it was child’s play to hack voting machines: As Wired reported, within two minutes, democracy-tech researcher Carsten Schürmann used a novel vulnerability to get remote access to a WinVote machine. This year, it was literally child’s play: the DefCon village this past weekend invited 50 kids between the ages of 8 and 16 to compromise replicas of states’ websites in the so-called “DEFCON Voting Machine Hacking Village.”
  • Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
    Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections. Two 11-year-old budding hackers last week at DEF CON in Las Vegas used SQL injection attack code to break into a replica of the Florida Secretary of State's website within 15 minutes, altering vote count reports on the site. Meanwhile, further down the hall in the adult Voting Machine Hacking Village at Caesars Palace, one unidentified hacker spent four hours trying to break into a replica database that housed the real, publicly available state of Ohio voter registration roll. He got as far as the secured server — penetrating two layers of firewalls with a Khali Linux pen testing tool — but in the end was unable to grab the data from the database, which included names and birthdates of registered voters.
  • How Netflix Secures AWS Cloud Credentials
    Netflix has long been the poster child for being an "all-in-the-cloud" organization. The streaming media service relies on Amazon Web Services (AWS) for infrastructure and computing resources that it uses to operate.
  • Researchers Reveal Security Vulnerabilities in Tracking Apps
    Millions of users around the world regularly install tracker apps on their Android devices to help them keep track of friends and loved ones. Some of those tracker apps, however, contain vulnerabilities that could potentially enable an attacker to track the users of the apps. Researchers from the Fraunhofer Institute for Secure Information Technology detailed 37 vulnerabilities found in 19 mobile tracking apps in a session at Defcon in Las Vegas on Aug. 11. The researchers responsibly disclosed the flaws to Google and noted that, as of the time of their presentation, 12 of the apps had been removed from the Google Play store, leaving seven still publicly available and vulnerable. "In this project it was very easy to find vulnerabilities," security researcher Siegfried Rasthofer said. "There were no sophisticated exploits."

L1TF/Foreshadow News and Benchmarks

  • Three More Intel Chip Exploits Surface
  • Spectre-like “Foreshadow” Flaw In Intel CPUs Can Leak Your Secrets
  • QEMU 3.0 Brings Spectre V4 Mitigation, OpenGL ES Support In SDL Front-End
    QEMU 3.0 is now officially available. This big version bump isn't due to some compatibility-breaking changes, but rather to simplify their versioning and begin doing major version bumps on an annual basis. As an added bonus, QEMU 3.0 comes at a time of the project marking its 15th year in existence. QEMU 3.0 does amount to being a big feature release with a lot of new functionality as well as many improvements. Changes in QEMU 3.0 include Spectre V4 mitigation for x86 Intel/AMD, improved support for nested KVM guests on Microsoft Hyper-V, block device support for active mirroring, improved support for AHCI and SCSI emulation, OpenGL ES support within the SDL front-end, improved latency for user-mode networking, various ARM improvements, some POWER9 / RISC-V / s390 improvements too, and various other new bits.
  • How the L1 Terminal Fault vulnerability affects Linux systems
    Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?
  • An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines
    Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.
  • Phoronix Test Suite 8.2 M2 Released With Offline Improvements, L1TF/Foreshadow Reporting
    The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers.
  • The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX
    While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD. I should have my initial BSD vs. Linux findings on Threadripper 2 out later today. There were about 24 hours worth of FreeBSD-based 2990WX tests going well albeit DragonFlyBSD currently bites the gun with my Threadripper 2 test platforms. More on that in the upcoming article as the rest of those tests finish. It's also been a madhouse with simultaneously benchmarking the new Level 1 Terminal Fault (L1TF) vulnerability and the performance impact of those Linux mitigations on Intel hardware will start to be published in the next few hours.