Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla Thunderbird and Enigmail Patching

Filed under
Moz/FF
Security
Debian
  • Mozilla Thunderbird 60.5.3 Released for Linux, Windows, and Mac

    Mozilla Thunderbird has just received another update, the second in just a few days, as the parent company is working on refining the experience with the app.

    Now at version 60.5.3, Mozilla Thunderbird comes with a fix for Windows clients, though it’s worth knowing that this update is available not only on Microsoft’s operating system, but also on Linux and macOS.

    According to the official changelog, this update resolves one of the known issues in the previous version and affecting Windows. Mozilla says it managed to fix the bug experienced when using Send to > Mail recipient in Thunderbird on Windows.

    This problem was originally introduced in version 60.5.2, the previous release, and it was included in the known issues section of the changelog.

  • Anarcat: February 2019 report: LTS, HTML mail, new phone and new job

    Finally, Enigmail was finally taken off the official support list in jessie when the debian-security-support proposed update was approved.

Brave and Mozilla Firefox

Filed under
Google
Moz/FF
Web
  • Why I chose Brave as my Chrome browser replacement

     

    This year, I’m pretty sure I’ve found the ideal Chrome alternative in the Brave browser. If your reasons for sticking with Chrome have been (a) extensions, (Cool compatibility, (c) syncing across devices, or (d, unlikely) speed, Brave checks all of those boxes. What’s more, it’s just one of a growing number of really good options that aren’t made by Google.

  • Firefox Nightly: These Weeks in Firefox: Issue 54

    Firefox Account is experimenting with putting an avatar next to the hamburger menu. It will give users visibility on their account, sync status as well as links to manage the account. Targeting landing & beta uplift this week!

  • QMO: DevEdition 66 Beta 14 Friday, March 8th

    We are happy to let you know that Friday, March 8th, we are organizing DevEdition 66 Beta 14 Testday. We’ll be focusing our testing on: Firefox Screenshots, Search, Build installation & uninstallation.

    Check out the detailed instructions via this etherpad.

  • Mozilla Open Policy & Advocacy Blog: Indian government allows expanded private sector use of Aadhaar through ordinance (but still no movement on data protection law)

    The Court had placed fundamental limits to the otherwise ubiquitous use of Aadhaar, India’s biometric ID system, including the requirement of an authorizing law for any private sector use. While the ordinance purports to provide this legal backing, its broad scope could dilute both the letter and intent of the judgment. As per the ordinance, companies will now be able to authenticate using Aadhaar as long as the Unique Identification Authority of India (UIDAI) is satisfied that “certain standards of privacy and security” are met. These standards remain undefined, and especially in the absence of a data protection law, this raises serious concerns.

    The swift movement to foster expanded use of Aadhaar is in stark contrast to the lack of progress on advancing a data protection bill that would safeguard the rights of Indians whose data is implicated in this system. Aadhaar continues to be effectively mandatory for a vast majority of Indian residents, given its requirement for the payment of income tax and various government welfare schemes. Mozilla has repeatedly warned of the dangers of a centralized database of biometric information and authentication logs.

Mozilla: More on Mozilla's Common Voice and Australia's Threat to Mozilla's Code

Filed under
Moz/FF
  • Mozilla updates Common Voice dataset with 1,400 hours of speech across 18 languages

    Mozilla's updated Common Voice dataset contains more than 1400 hours of speech data from 42000 contributors across more than 18 languages.

  • Mozilla Argues Australia's Encryption Busting Legislation Needs To be Repealed

    Mozilla has added its voice to criticism of Australia's recently enacted anti-encryption laws, warning that they could effectively force companies to treat Australian employees as potential saboteurs.

    Austrailia's controversial legislation is known as TOLA, the Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018. A draft bill was presented in August 2018 and it was enacted in December 2018, just before the Australian Parliament rose for its Christmas break. It sets out to tackle the problem posed by end-to-end encryption, used by services such as What's App, which allows only the sender and recipient to view a message, enhancing privacy and security. However, by preventing a message from being unscrambled by the service provider, end-to-end encryption provides the opportunity for avoiding surveillance.

Software: Yarock, Proxmox VE, Wireshark, HandBrake, Mozilla Firefox, and GPT-2

Filed under
Software
Moz/FF
  • Yarock – excellent Qt music player with browsing based on cover art

    Yarock is billed as “a modern looking music player, packed with features, that doesn’t depend on any specific desktop environment”.

    Yarock is designed to provide an easy and pretty music browser based on cover art. Yarock is easy to build with a minimal set of dependencies, and offers the choice of different audio backends (Phonon, vlc, and mpv).

  • Proxmox VE Virtualization Software

    Proxmox may not be familiar to many outside of central Europe. But it is gaining traction due to its smart combination of open-source KVM-based virtualization, software defined storage and containers.

    Potential buyers need to decide: are we focusing on open source virtualization? If so, Proxmox is a suitable choice, for the company is focused in this area. As such, it is suitable for enterprise buyers or SMB on a budget, as long as that SMB has some open source experts in-house.

  • Wireshark 3 Released with New Npcap Windows Packet Capturing Driver
  • HandBrake 1.2.2

    HandBrake is an open-source, GPL-licensed, multiplatform, multithreaded video transcoder, available for MacOS X, Linux and Windows. Handbrake can process most common multimedia files and any DVD or BluRay sources that do not contain any kind of copy protection.

  • Mozilla Firefox 65.0.2 Released for Linux, Windows, and macOS

    Mozilla Firefox has recently received a new update on all supported desktop platforms, as the parent company makes another step towards the next major browser release.
    Firefox 65.0.2 is thus available for download on Windows, Linux, and macOS, but the ones getting more love this time are those running Microsoft’s operating system.

    While users on all these platforms should install the new Firefox build as soon as possible, version 65.0.2 resolves a geolocation issue on Windows, as per the official changelog.

  • Implications of Rewriting a Browser Component in Rust

    The style component is the part of a browser that applies CSS rules to a page. This is a top-down process on the DOM tree: given the parent style, the styles of children can be calculated independently—a perfect use-case for parallel computation. By 2017, Mozilla had made two previous attempts to parallelize the style system using C++. Both had failed.

    Quantum CSS resulted from a need to improve page performance. Improving security is a happy byproduct.

  • How To Train Open Source Artificial Neural Network GPT-2 To Do Your Language Homework For You

    Clever boy Donny Ferguson took advantage of the GPT-2 artificial neural network model to do the homework for him. Tasked with describing the reasons for the Civil War in the US, all he had to do was give “Geeppy” the prompt and let it give it a few tries.

Mozilla and Mycroft: WebRender and Voice Recognition

Filed under
Moz/FF
  • Mozilla GFX: WebRender newsletter #41

    Welcome to episode 41 of WebRender’s newsletter.

    WebRender is a GPU based 2D rendering engine for web written in Rust, currently powering Mozilla’s research web browser Servo and on its way to becoming Firefox‘s rendering engine.

    Today’s highlights are two big performance improvements by Kvark and Sotaro. I’ll let you follow the links below if you are interested in the technical details.
    I think that Sotaro’s fix illustrates well the importance of progressively rolling out this type of project a hardware/OS configuration at a time, giving us the time and opportunity to observe and address each configuration’s strengths and quirks.

  • Sharing our Common Voices – Mozilla releases the largest to-date public domain transcribed voice dataset

    Mozilla crowdsources the largest dataset of human voices available for use, including 18 different languages, adding up to almost 1,400 hours of recorded voice data from more than 42,000 contributors.

    From the onset, our vision for Common Voice has been to build the world’s most diverse voice dataset, optimized for building voice technologies. We also made a promise of openness: we would make the high quality, transcribed voice data that was collected publicly available to startups, researchers, and anyone interested in voice-enabled technologies.

    Today, we’re excited to share our first multi-language dataset with 18 languages represented, including English, French, German and Mandarin Chinese (Traditional), but also for example Welsh and Kabyle. Altogether, the new dataset includes approximately 1,400 hours of voice clips from more than 42,000 people.

  • Securing privacy with Mycroft, an Open AI voice assistant

    Voice-assisted technologies are extremely popular; already there are 2.5 billion such devices in use and that's expected to triple to 8 billion by 2023. This growth appears to be unstoppable—despite the privacy and security vulnerabilities in mainstream voice-assisted technology.

    One of these is the "open-window" vulnerability where, for example, a malicious person walks by an open window and shouts, "Hey, unlock the door!" and gains access to the house. Researchers have also identified thousands of false-positive wake words for Alexa and Google, potential attack vectors to inject malicious commands. Some people bring up the risk of subsonic commands injected over TV. Amazon may already be using frequency manipulations to keep Alexa from activating during its commercials. And, as with any web-connected computer device, there's the potential for backdoors and other common vulnerabilities.

Mozilla: Themes for Firefox, Thunderbird and More

Filed under
Moz/FF
  • Mozilla Addons Blog: Design and create themes for Firefox

    Last September, we announced the next major evolution in themes for Firefox. With the adoption of static themes, you can now go beyond customizing the header of the browser and easily modify the appearance of the browser’s tabs and toolbar, and choose to distribute your theme publicly or keep it private for your own personal use. If you would like to learn about how to take advantage of these new features or are looking for an updated tutorial on how to create themes, you have come to the right place!

  • Mozilla To Add Windows Hello Support In Firefox 66
  • Mozilla Thunderbird 60.5.2 Now Available on Linux, Windows, and macOS

    Mozilla has recently released a new update for its Thunderbird email client on all supported platforms, including Windows, Linux, and macOS.

    With this new release, Thunderbird reaches version 60.5.2, and although the bigger changes take place on Windows, all users are recommended to update as soon as possible.

    First and foremost, there’s one important refinement for Windows users. The Thunderbird team at Mozilla explains that in the previous builds of the email client, the application could crash when users tried to send an email to a specific recipient.

Mozilla: Ecma TC39, VR Jingle Smash Performance Work and Common Voice

Filed under
Moz/FF
  • Hacks.Mozilla.Org: Announcing a New Management Structure for Ecma TC39

    In 2019, Ecma’s TC39 (the standardizing body behind JavaScript/ECMAScript) will be trying something new. The committee has grown in the last few years. As a result, the requirements of running the meeting have grown. To give you an idea of the scale — between 40 and 60 delegates (and sometimes more) meet 6 times a year to discuss proposed changes to the ECMAScript specification. Since we have grown so much, we will be changing our management structure. We will move away from single-chair and vice-chair roles to a flat hierarchy with three chairs sharing the responsibility.

  • Mozilla VR Blog: Jingle Smash: Performance Work

    Performance was the final step to making Jingle Smash, my block tumbling VR game, ready to ship. WebVR on low-end mobile devices like the Oculus Go can be slow, but with a little work we can at least get over a consistent 30fps, and usually 45 or above. Here's the steps I used to get Jingle Smash working well.

  • Mozilla Open Innovation Team: Sustainable tech development needs local solutions: Voice tech ideation in Kigali

    Developers, researchers and startups around the globe working on voice-recognition technology face one problem alike: A lack of freely available voice data in their respective language to train AI-powered Speech-to-Text engines.

    Although machine-learning algorithms like Mozilla’s Deep Speech are in the public domain, training data is limited. Most of the voice data used by large corporations is not available to the majority of people, expensive to obtain or simply non-existent for languages not globally spread. The innovative potential of this technology is widely untapped. In providing open datasets, we aim to take away the onerous tasks of collecting and annotating data, which eventually reduces one of the main barriers to voice-based technologies and makes front-runner innovations accessible to more entrepreneurs. This is one of the major drivers behind our project Common Voice.

    Common Voice is our crowdsourcing initiative and platform to collect and verify voice data and to make it publicly available. But to get more people involved from around the world and to speed up the process of getting to data sets large enough for training purposes, we rely on partners — like-minded commercial and non-commercial organizations with an interest to make technology available and useful to all.

Mozilla: Rust, Mixed Reality, Spying (Ads) and Exercising Software Freedom on Firefox

Filed under
Moz/FF
  • The Rust Programming Language Blog: Changes in the core team

    With Rust 2018 having shipped, this is a natural time of transition. While we’ll miss Nick and Aaron’s contributions to the core team, we are very excited for them to be focusing on something new, and we’re very happy that they are still going to stay involved with Rust. We’re also looking into growing the core team to help with the work ahead.

  • Mozilla VR Blog: Bringing Firefox Reality to HoloLens 2

    Our Mixed Reality program at Mozilla is focused on bringing the best browsers, services, and tools for developers to ensure that users have a safe, private experience with open, accessible technology. Alongside our desktop and standalone VR browser efforts, this prototype of Firefox Reality for HoloLens 2 will ensure that the immersive web works for all users, regardless of device they are on.

  • Mozilla Future Releases Blog: Exploring alternative funding models for the web

    The online advertising ecosystem is broken. The majority of digital advertising revenue is going to a small handful of companies, leaving other publishers with scraps. Meanwhile users are on the receiving end of terrible experiences and pervasive tracking designed to get them to click on ads or share even more personal data.

    Earlier this month, we shared our perspective about the need to find a better web ecosystem balance that puts publishers and users at the center of the online value exchange. For users, we began our efforts with curbing pervasive tracking as we believe that this is necessary to protect privacy as a fundamental human right. For publishers, we believe that these same measures will help shift long-term ecosystem incentives which are currently stripping value from publishers and fueling rampant ad fraud. However, it is important to acknowledge that such change can take time and that publishers are hurting today.

    That’s why we’ve turned our attention toward finding a more sustainable ecosystem balance for publishers and users alike. But unlike other companies that would explore possible solutions behind closed doors, we’re transparent and experiment with new ideas in the open, especially when those ideas could have a significant impact on how the web ecosystems works, or fundamentally change the value exchange we have with the people who rely on our products and services. In 2019, we will continue to explore new product features and offerings, including our ongoing focus on identifying a more sustainable ecosystem balance for both publishers and users.

  • Exercising software freedom on Firefox

    I’m becoming a minority in another way: I use Firefox. And Firefox uses GTK+. That means I can use Emacs keybindings in Firefox.

    Ah, but there’s a rub. Firefox binds C-n (or as most people would call it, “ctrl-n”) to new window. This is probably okay for people who don’t have the intersectionality of Emacs keybindings everywhere and Firefox. But for me, it’s intolerable. If I want to move a cursor down, I have to instead perform a very unnatural-feeling motion of moving my right hand to the arrow keys and hit the arrow down button. For those accostumed to using arrow keys, imagine if every time you pressed the down arrow Firefox would open a new window. Imagine software reacting so at odds to your habituation.

    Up until Firefox 56 there was an easy workaround. You could download extensions that would let you configure Firefox’s keyboard shorcuts, including disable some of them. I used to do this. The world, however, marches on and so does Firefox. Many extensions cannot do what they once did and the easy fix was gone.

Mozilla: Rust Compiler (rustc), TenFourFox FPR13b1 and Keeping Add-Ons Safe for Users

Filed under
Moz/FF
  • How to speed up the Rust compiler in 2018

    18 months ago I wrote about some work I did to speed up the Rust compiler (rustc). I’ve recently taken this work up again. Also, in the meantime rustc’s build system has been replaced and its benchmark suite has been overhauled. So it’s a good time for an update.

  • TenFourFox FPR13b1 available (now with WebP and AppleScript)

    TenFourFox Feature Parity Release 13 beta 1 is now available (downloads, hashes, release notes). I took a different tack on this release because I still don't have good solutions for the missing JavaScript features currently affecting Citibank, Github and a few other sites, so I've chosen to push out some side projects I've been working on in order not to make this a wasted release. Those features are support for WebP images and support for AppleScript automation.

    WebP images are an up-and-coming format based on the WebM VP8 codec, another way Google will consume the Web from the inside out, but they do have image size advantages and Firefox now supports them in Firefox 65. Google has two demonstration WebP galleries you can use to view some samples, and there are colour-managed examples in the Skia test suite. TenFourFox's WebP support currently can display lossy, lossless, transparent and colour-managed images, and will properly use any embedded colour profile. However, it is not currently AltiVec-accelerated (we do have some AltiVec VP8 code, so this should be possible at some point), and it does not yet support animated WebP images, which will appear blank. For this reason we don't pass an Accept: header indicating we accept WebP images like mainline Firefox and certain other browsers, though we will naturally try to display it if we get one. If you encounter issues related to WebP, you can try setting image.webp.enabled to false, but I'm planning to ship this support in FPR13 final, so it defaults to true.

  • Mozilla Future Releases Blog: Keeping Add-Ons Safe for our Users

    We’ve seen many changes in the tech landscape since we launched addons.mozilla.org (AMO) in 2005. A few add-ons have millions of users, while there are many add-ons that have smaller audiences with specific needs. One add-on I really like is AddToAny, which lets me share on social networks. It is similar to a feature we used to have in Firefox that we removed due to lack of use, and I’m sure the 5,000 Firefox users of AddToAny are happy to have it. Unfortunately, the same system that allows privacy and security extensions to work can also make people vulnerable to data mining and malicious activity. While our users love how they can make Firefox theirs, they also look to us to maintain their safety and privacy on the web.

    Now more than ever, we need to deliver on the trust our users place in us and the expectations we place on our users to understand the choices they make with regards to the software they install. In many ways, we’ve mitigated risks by adopting WebExtensions as our means for extending Firefox, but as more and more functionality migrates to the cloud, policing this ecosystem through code review and policy is impractical.

Fedora 30 Will Have Firefox Wayland By Default But Could Be Reverted If Too Buggy

Filed under
Red Hat
Moz/FF

The plan to use the Wayland-native version of Firefox by default for Fedora Workstation 30 atop GNOME has been tentatively approved by the Fedora Engineering and Steering Committee (FESCo).

At this morning's FESCo meeting, the Fedora stakeholders approved of this late change to ship the Wayland-enabled version of Firefox by default, after they've been carrying this spin of Firefox in their package repository for several cycles but haven't made use of it out-of-the-box. This Firefox Wayland version will be used by Fedora 30 straight-away when running on the GNOME Shell Wayland session.

Read more

Also: Bodhi 3.13.1 released

Syndicate content

More in Tux Machines

Rob Szumski’s Keynote and Abby Kearns Interview at CloudNativeCon & KubeCon

GNOME: Theming, Mutter and Sprint 1

  • App Devs Ask Linux Distros to “Stop Theming Our Apps”
    A group of independent Linux app developers have written an open letter to ask wider GNOME community to ask: “stop theming our apps”. The letter is addressed to the maintainers of Linux distributions who elect to ship custom GTK and icons themes by default in lieu of upstream defaults. By publicising the issues they feel stem from the practice of “theming” it’s hoped that distros and developers might work together to create a “healthier GNOME third party app ecosystem”.
  • A Group of Independent Linux App Developers Has Asked Wider GNOME Community To 'Stop Theming' Its Apps
  • GNOME's Mutter Makes Another Step Towards X11-Less, Starting XWayland On-Demand
    GNOME 3.34 feature development continues at full-speed with a lot of interesting activity this cycle particularly on the Mutter front. On top of the performance/lag/stuttering improvements, today Mutter saw the merging of the "X11 excision" preparation patches. The Mutter patches by longtime GNOME developer Carlos Garnacho around preparing for X11 excision were merged minutes ago.
  • Georges Basile Stavracas Neto: New Background panel, Calendar search engine, GTK4 shortcut engine (Sprint 1)
    GNOME To Do is full GTK4 these days. Which means it’s both a testbed for new GTK4 features, and also a way to give feedback as an app developer for the GTK team. Unfortunately, it also means To Do is blocked on various areas where GTK4 is lacking. One of these areas is keyboard shortcut. Last year, Benjamin wrote a major revamp for keyboard shortcuts. As part of this cycle, I decided to rebase and finish it; and also make To Do use the new API. Unfortunately, I failed to achieve what I set myself to. Turns out, adding a shortcuts engine to GTK4 is more involving and requires way more context than I had when trying to get it up to speed. I failed to predict that one week would have not been enough to finish it all. However, that does not mean all the efforts were wasted! The rebasing of the shortcuts engine was a non-trivial task successfully completed (see gtk!842), and I also fixed a few bugs while working on it. I also got a working prototype of GNOME To Do with the new APIs, and confirmed that it’s well suited — at least for a simpler application such as To Do. In retrospect, I believe I should have been more realistic (and perhaps slightly pessimistic) about the length and requirements of this task.

Programming: SVE2, Graphical Interface, Guile, Python and More

  • Arm SVE2 Support Aligning For GCC 10, LLVM Clang 9.0
    Given the significant performance benefits to Arm's Scalable Vector Extension 2 (SVE2), they are working on ensuring the open-source Linux compiler toolchains support these new CPU instructions ahead of SoCs shipping that support this big addition. Arm announced Scalable Vector Extension 2 (SVE2) recently as their latest advancement around SIMD programming and increasing data-level parallelism in programs. SVE2 is designed to ultimately deliver better SIMD performance than their long-available Neon extensions and to scale the performance with vector length increases as well as enabling auto-vectorization techniques. More details in this post on SVE2.
  • Intake: Discovering and Exploring Data in a Graphical Interface
    Do you have data that you’d like people to be able to explore on their own? Are you always passing around snippets of code to load specific data files? These are problems that people encounter all the time when working in groups and using the same datasources or when trying to distribute data to the public. Some users are comfortable interacting with data entirely programatically, but often it is helpful to use a GUI (Graphical User Interface) instead. With that in mind we have reimplemented the Intake GUI so that in addition to working in a jupyter notebook, it can be served as a web application next to your data, or at any endpoint.
  • lightening run-time code generation
    The upcoming Guile 3 release will have just-in-time native code generation. Finally, amirite? There's lots that I'd like to share about that and I need to start somewhere, so this article is about one piece of it: Lightening, a library to generate machine code.
  • Python Language Creator: “Male Attitude” Is Hurting The Programming Space
    Guido van Rossum is a famous name in the programming world. He is the creator of the Python programming language which was developed back in 1989. It is only since the last few years when this general-purpose programming language started gaining popularity. The number of Python users has increased significantly and it was not only named as the best programming language by IEEE but also the most asked-about language on Stack Overflow, overthrowing JavaScript — the all-time winner for decades.
  • Avant-IDLE: an experiment

Dear Ubuntu: Please Stop Packaging Epiphany If You Won’t Do It Properly

When users try Epiphany on Ubuntu, they receive a sub-par, broken browser. If you’re not willing to do this right, please just remove Epiphany from your repositories. We’d all be happier this way. You are the most popular distributor of Epiphany by far, and your poor packaging is making the browser look bad. Read more