Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Mozilla

Mozilla Has Stopped All Commercial Development On Firefox OS -- Explains What It Plans To Do With Code Base (google.com) 96

Mozilla announced last year that Firefox OS initiative of shipping phones with commercial partners did not bring the returns it sought. The company earlier this year hinted that it intends to shut the project. It is now sharing how it will deal with Firefox OS code base going forward. From their post: We would stop our efforts to build and ship smartphones through carrier partners and pivot our efforts with Firefox OS to explore opportunities for new use cases in the world of connected devices. Firefox OS was transitioned to a Tier 3 platform from the perspective of support by Mozilla's Platform Engineering organization. That meant as of January 31, 2016 no Mozilla Platform Engineering resources would be engaged to provide ongoing support and all such work would be done by other contributors. For some period of time that work would be done by Mozillaâ(TM)s Connected Devices team. We had ideas for other opportunities for Firefox OS, perhaps as a platform for explorations in the world of connected devices, and perhaps for continued evolution of Firefox OS TV. To allow for those possibilities, and to provide a stable release for commercial TV partners, development would continue on a Firefox OS 2.6 release. In parallel with continued explorations by the Connected Devices team, we recognized there was interest within the Mozilla community in carrying forward work on Firefox OS as a smartphone platform, and perhaps even for other purposes. A Firefox OS Transition Project was launched to perform a major clean-up of the B2G code bringing it to a stable end state so it could be passed into the hands of the community as an open source project. In the spring and summer of 2016 the Connected Devices team dug deeper into opportunities for Firefox OS. They concluded that Firefox OS TV was a project to be run by our commercial partner and not a project to be led by Mozilla. Further, Firefox OS was determined to not be sufficiently useful for ongoing Connected Devices work to justify the effort to maintain it. This meant that development of the Firefox OS stack was no longer a part of Connected Devices, or Mozilla at all. Firefox OS 2.6 would be the last release from Mozilla. Today we are announcing the next phase in that evolution. While work at Mozilla on Firefox OS has ceased, we very much need to continue to evolve the underlying code that comprises Gecko, our web platform engine, as part of the ongoing development of Firefox. In order to evolve quickly and enable substantial new architectural changes in Gecko, Mozilla's Platform Engineering organization needs to remove all B2G-related code from mozilla-central. This certainly has consequences for B2G OS. For the community to continue working on B2G OS they will have to maintain a code base that includes a full version of Gecko, so will need to fork Gecko and proceed with development on their own, separate branch.
Mozilla

Mozilla's Proposed Conclusion: Game Over For WoSign and Startcom? (google.com) 111

Reader Zocalo writes: Over the last several months Mozilla has been investigating a large number of breaches of what Mozilla deems to be acceptable CA protocols by the Chinese root CA WoSign and their perhaps better known subsidiary StartCom, whose acquisition by WoSign is one of the issues in question. Mozilla has now published their proposed solution (GoogleDocs link), and it's not looking good for WoSign and Startcom. Mozilla's position is that they have lost trust in WoSign and, by association StartCom, with a proposed action to give WoSign and StartCom a "timeout" by distrusting any certificates issued after a date to be determined in the near future for a period of one year, essentially preventing them issuing any certificates that will be trusted by Mozilla. Attempts to circumvent this by back-dating the valid-from date will result in an immediate and permanent revocation of trust, and there are some major actions required to re-establish that trust at the end of the time out as well.
This seems like a rather elegant, if somewhat draconian, solution to the issue of what to do when a CA steps out of line. Revoking trust for certificates issued after a given date does not invalidate existing certificates and thereby inconvenience their owners, but it does put a severe -- and potentially business-ending -- penalty on the CA in question. Basically, WoSign and StartCom will have a year where they cannot issue any new certificates that Mozilla will trust, and will also have to inform any existing customers that have certificate renewals due within that period they cannot do so and they will need to go else where -- hardly good PR!

What does Slashdot think? Is Mozilla going too far here, or is their proposal justified and reasonable given WoSign's actions, making a good template for potential future breaches of trust by root CAs, particularly in the wake of other CA trust breaches by the likes of CNNIC, DigiNotar, and Symantec?

Mozilla

Firefox 49 Arrives With Improvements (venturebeat.com) 129

An anonymous reader writes: Mozilla today launched Firefox 49 for Windows, Mac, Linux, and Android. The new version includes expanded multi-process support, improvements to Reader Mode, and offline page viewing on Android. The built-in voice and video calling feature Firefox Hello, meanwhile, has been removed from the browser. First up, Firefox 49 brings two improvements to Reader Mode. You can now adjust the text (width and line spacing), fonts, and even change the theme from light to dark. There is also a new Narrate option that reads the content of the page aloud. Next is the Mozilla's crusade to enable multi-process support, a feature that has been in development for years as part of the Electrolysis project. With the release of Firefox 48, Mozilla enabled multi-process support for 1 percent of users, slowly ramping up to nearly half of the Firefox Release channel. Initial tests showed a 400 percent improvement in overall responsiveness.Mozilla says at least "half a billion people around the world" use its Firefox browser.
Mozilla

Mozilla Checks If Firefox Is Affected By Same Malware Vulnerability As Tor (arstechnica.com) 45

Mozilla is investigating whether the fully patched version of Firefox is affected by the same cross-platform, malicious code-execution vulnerability patched on Friday in the Tor browser. Dan Goodin, reporting for ArsTechnica: The vulnerability allows an attacker who has a man-in-the-middle position and is able to obtain a forged certificate to impersonate Mozilla servers, Tor officials warned in an advisory. From there, the attacker could deliver a malicious update for NoScript or any other Firefox extension installed on a targeted computer. The fraudulent certificate would have to be issued by any one of several hundred Firefox-trusted certificate authorities (CA). While it probably would be challenging to hack a CA or trick one into issuing the necessary certificate for addons.mozilla.org, such a capability is well within reach of nation-sponsored attackers, who are precisely the sort of adversaries included in the Tor threat model. In 2011, for instance, hackers tied to Iran compromised Dutch CA DigiNotar and minted counterfeit certificates for more than 200 addresses, including Gmail and the Mozilla addons subdomain.
Firefox

Firefox 49 Postponed One Week Due To Unexpected Bugs (softpedia.com) 208

An anonymous Slashdot reader quotes Softpedia: Mozilla has announced this week that it is delaying the release of Firefox 49 for one week to address two unexpected bugs. Firefox 49, which was set for release on Tuesday, September 13, will now launch the following Tuesday, on September 20... Firefox 49 is an important release in Mozilla's grand scheme of things when it comes to Firefox. This is the version when Mozilla will finish multi-process support rollout (a.k.a. e10s, or Electrolysis), and the version when Firefox launches the new WebExtensions API that replaces the old Add-ons API, making Firefox compatible with Chromium extensions.
Firefox's release manager explained the delays as "two blocking issues and the need for a bit more time to evaluate the results of their fixes/backouts" -- one of which apparently involves opening Giphy GIFS on Twitter.
Software

Microsoft Is Bringing WebVR To Microsoft Edge On Windows 10 (mspoweruser.com) 30

An anonymous reader quotes a report from MSPoweruser: Microsoft today announced that the company is bringing support for WebVR to Microsoft Edge on Windows 10. With WebVR, users can experience Virtual Reality content from their web browser on a virtual reality headset such as the Oculus Rift. WebVR support on Microsoft Edge may also be useful for the Windows Holographic Shell on Windows 10, which is expected to arrive sometime later this year. For those unfamiliar, Microsoft will be allowing virtual reality headset owners to use Windows Holographic on their Windows 10 PC -- therefore, Microsoft Edge supporting WebVR can turn out to be very useful. WebVR is already supported in browsers like Google Chrome and Firefox, but it'll be coming to Microsoft Edge in the near-future. At the moment, Microsoft isn't sharing many details about WebVR on Microsoft Edge. While there isn't any official info on when the company plans to release this feature, we suspect it'll be coming with Windows 10 Redstone 2 which is expected to arrive in early 2017.
Microsoft

Google, Apple, Mozilla, and the EFF Support Microsoft's Fight Against Gag Orders (betanews.com) 55

An anonymous Slashdot reader quotes BetaNews about new legal documents filed Friday: Microsoft is fighting the US Justice Department in an attempt to quash a law that prevents companies informing customers that the government is requesting their data. The technology giant has the backing of other tech companies as well as media outlets. Amazon, Apple, Google, Fox News, Electronic Frontier Foundation and Mozilla are among those offering their support to Microsoft. The lawsuit says that blocking companies from keeping their customers informed is unconstitutional, and it comes at a time when tech companies in particular are keen to be as open and transparent as possible about government requests for data....

As EFF Senior Staff Attorney Lee Tien puts it: "Whether the government has a warrant to rifle through our mail, safety deposit boxes, or emails stored in the cloud, it must notify people about the searches. When electronic searches are done in secret, we lose our right to challenge the legality of law enforcement invasions of privacy. The Fourth Amendment doesn't allow that, and it's time for the government to step up and respect the Constitution."

Mozilla argues transparency "is critical to our vision of an open, trusted, secure web that places users in control of their experience online," in a blog post announcing that they'd joined a brief filed by Apple, Twilio, and Lithium Technologies.

And a statement from an EFF staff attorney argues that notifying the targets of searches "provides a free society with a crucial means of government accountability."
Media

The Slashdot Interview With VideoLAN President and Lead VLC Developer Jean-Baptiste Kempf 40

You asked, he answered!

VideoLan President and Lead Developer of VLC Jean-Baptiste Kempf has responded to questions submitted by Slashdot readers. Read on to find out about the upcoming VideoLAN projects; how they keep VLC sustainable; what are some mistakes they wish they hadn't made; and what security challenges they face, among others!
Mozilla

Mozilla Is Changing Its Look -- and Asking the Internet For Feedback (arstechnica.com) 226

Megan Geuss, writing for ArsTechnica: Mozilla is trying a rebranding. Back in June, the browser developer announced that it would freshen up its logo and enlist the Internet's help in reaching a final decision. The company hired British design company Johnson Banks to come up with seven new "concepts" to illustrate the company's work. The logos rely on vibrant colors, and several of them recall '80s and '90s style. In pure, nearly-unintelligible marketing speak, Mozilla writes that each new design reflects a story about the company. "From paying homage to our paleotechnic origins to rendering us as part of an ever-expanding digital ecosystem, from highlighting our global community ethos to giving us a lift from the quotidian elevator open button, the concepts express ideas about Mozilla in clever and unexpected ways," Mozilla's Creative Director Tim Murray writes in a blog post. Mozilla is soliciting comment and criticism on the seven new designs for the next two weeks, but this is no Boaty McBoatface situation. Mozilla is clear that it's not crowdsourcing a design, asking anyone to work on spec, or holding a vote over which logo the Internet prefers. It's just asking for comments.
KDE

KDE Edition Beta Released For Linux Mint 18 'Sarah' (fossbytes.com) 36

An anonymous Slashdot reader quotes a report from fossBytes: Linux Mint 18 'Sarah' KDE Edition Beta is now available for download and testing. This release is based on the long-term supported Linux 4.4 kernel and KDE Plasma 5.6 desktop environment. The final release of this widely popular distro is expected to arrive in September... Just like MATE, Cinnamon, and Xfce releases, the KDE release is a long term release that will remain supported until 2021.

Linux Mint 18 'Sarah' KDE Edition ships with Mozilla Firefox as default web browser and LibreOffice as the default office suite. The Linux distro also features a wide range of popular KDE apps like Kontact, Dolphin, Gwenview, KMail, digiKam, KTorrent, Skanlite, Konversation, K3b, Konsole, Amarok, Ark, Kate, Okular, and Dragon Player.

"Unlike other Linux Mint editions, the KDE edition will ship with the SDDM display manager," reports the Linux Mint blog. Distrowatch notes that it's based on Ubuntu 16.04, and suggests "Mint's 'KDE' flavour might turn out to be the most interesting of the bunch, especially if the project's usually excellent quality assurance is applied to this edition in the same manner as in its 'MATE' and 'Cinnamon' variants."
Firefox

Mozilla To Add Screenshot Sharing Feature To Firefox Test Pilot Program (softpedia.com) 75

An anonymous reader writes: [Softpedia reports:] "Mozilla plans to include a webpage screenshot sharing feature to Firefox as part of the Test Pilot program, a spokesperson confirmed to Softpedia. The new feature is called Page Shot, and will initially roll out on Firefox Test Pilot in late-Q3 of this year. The Firefox Test Pilot program allows users to test experimental Firefox features using a special add-on. Based on user feedback, those features will end up as built-in Firefox features, or self-standing add-ons." The pageshot.net website is now offline as Mozilla prepares to launch the add-on via Test Pilot, but Softpedia has the screenshots. You can view the screenshots here.
Bug

FalseCONNECT Vulnerability Affects Software From Apple, Microsoft, Oracle, More (softpedia.com) 32

An anonymous reader writes from a report via Softpedia: "Researcher Jerry Decime revealed details about a security vulnerability that allows an attacker to gain a Man-in-the-Middle position and intercept HTTPS traffic thanks to flaws in the implementation of proxy authentication procedures in various products," reports Softpedia. The flaw can be used to collect user credentials by tricking victims into re-authenticating, sending data to a third-party. Multiple software vendors deploy applications that can handle proxy connections. Until now, Apple, Microsoft, Oracle, and Opera have acknowledged their products are affected. Lenovo said this bug does not impact its software. Other software vendors that are still evaluating the FalseCONNECT bug and may be affected include multiple Linux distros, Cisco, Google, HP, IBM, Juniper, Mozilla, Nokia, OpenBSD, SAP, Sony, and others.
Mozilla

Firefox 49 For Linux Will Ship With Plug-in Free Netflix, Amazon Prime Video Support (mozilla.org) 134

Reader LichtSpektren writes: Widevine, the media protocol that allows users to watch videos on Netflix, is supported in Firefox for Windows and macOS. But until now, its users on Linux were required to use a plug-in. That changes with v49, which offers out-of-the-box support for Netflix.Mozilla plans to offer plug-in streaming for Netflix as well as Amazon Prime Video and other similar services. The v49 will be available on Linux in September. Mozilla adds that it will be removing support for NPAPI plugins from its browser in the near future, plugins that some video streaming sites rely on for playback. "Mozilla plan to support the Widevine CDM on Linux, letting users watch Netflix without plugins," the company said.
Firefox

Firefox Will Try To Show You Saved Archive Of a Page Instead Of 404 Error (ndtv.com) 119

Firefox has announced a new add-on dubbed No More 404s in its Test Pilot platform which aims to change the way we see 404 links on the web. The add-on, Firefox says, replaces the Error 404 from missing webpages, and replaces them with saved archives from the Wayback Machine. From a report on Gadgets 360: Normally, when presented with a missing link, the browser shows the 404 error. However, Mozilla's No More 404s add-on will give Firefox users the choice to see old Internet snapshots saved in the Internet Archive's Wayback Machine. This is especially handy for users trying to do research or just digging up some old graves out of curiosity. For now, this add-on is only available in Firefox's experimental Test Pilot platform, with no details on availability for regular Firefox users. Interested users can install the test version here. Apart from this, the Test Pilot platform also introduced improved search results through the Awesome Bar, redesigned the Tabs bar to the side, and even tweaked the history feed.
Firefox

Firefox 48 Released With Multi-Process Support, Mandatory Add-On Signing (softpedia.com) 236

Mozilla on Tuesday released Firefox v48, touted as one of the most important updates the browser has ever received. With the new version, Firefox starts migrating users to using mullti-process threads (e10s, Electrolysis), and it is also the first version to ship with Rust component. In addition, Firefox is now also making add-on signing mandatory. From a Softpedia article: Announced last year, Electrolysis, e10s, or multi-process support is Firefox's ability to process core browser operations separately from the content viewed on a Web page. Multi-process support allows a page to crash without bringing the entire browser down with it and improves the browser's overall performance. e10s rollout will take place in two phases, first in Firefox 48, and it will finish in Firefox 49, set for release on September 13, 2016. Mandatory add-on signing refers to Firefox preventing users from installing any add-ons that have not been approved by Mozilla's testers. This is something similar to what Chrome employs, but Firefox users have been spoiled all these years, always having the capability of installing any add-on they've desired. Rust is a programming language that's a revamped and improved version of C++ but that protects developers from accidentally including dangerous memory bugs in their code. It achieves this by how the language was constructed and by how developers write the code.
Firefox

Mozilla To Remove Hello In Firefox 49 (softpedia.com) 128

Firefox's voice and videoconferencing add-on was described as "the first global communications system built directly into a browser" -- but things change. An anonymous Slashdot reader writes: An entry on Mozilla's issue tracker opened on July 17 reveals ongoing efforts from Mozilla engineers to remove the Hello system add-on from default Firefox installations starting with version 49, set for public release on September 13, 2016. Mozilla added Hello to Firefox in version 34, released on December 1, 2014, and from the beginning, it was part of the browser's core code, but was moved in December 2015 into a separate add-on, one that came pre-installed with Firefox, making Hello its first ever system add-on.

Mozilla plans to remove Hello from the codebases of Firefox Beta 49, Firefox Developer Edition 50, and Firefox Nightly 51. Based on the currently available information, the deadline for the Hello code removal operations is for this Monday, August 1, after which the first Firefox builds with no Hello integration will be available for testing, and will ship out in the fall with the stable release.

The article suggests this may have been a space-saving measure, "since Mozilla is focused on rebuilding Firefox's code from scratch to keep up with speedier competitors like Chrome, Opera, and Vivaldi."
Chrome

Ask Slashdot: Best Browser Extensions -- 2016 Edition 195

Reader LichtSpektren writes: Almost eleven years ago, Slashdot featured an Ask titled "Favorite Firefox Extensions?". I thought it might be worthwhile to ask the question again (Editor's note: we couldn't agree more!), but expand the query to all web browsers now that there's more choices available.

Right now my main browser is Firefox, which I use with uBlock Origin, Disconnect, HTTPS Everywhere, Privacy Badger, NoScript, Self-Destructing Cookies, Decentraleyes, Privacy Settings, and Clean Links. (N.B. the first four of these are also available in Chromium-based browsers.) I use Chrome as a secondary browser, with the first four of the aforementioned extensions, plus also Clear Cache and occasionally Flashcontrol.

This one has nothing to do with security or privacy, but Reedy on Chromium is a really nice tool for speed reading.

What do you use?
Let's get this going.
Programming

Programming Language Gurus Converge on 'Curry On' Conference (curry-on.org) 88

Videos are now online from this week's Curry On conference, which incuded talks by programming pioneers Larry Wall and Matthias Felleisen, as well as speakers from Google, Twitter, Facebook, Microsoft, and Oracle. Dave Herman from Mozilla Research also talked about building an open source research lab, while Larry Wall's keynote was titled "It's the End of the World as We Know It, and I Feel Fine."

Billing itself as a non-profit conference about programming languages and emerging computer-industry challenges, this year's installment included talks about Java, Rust, Scala, Perl, Racket, Clojure, Rascal, Go and Oden. Held in a different European city each year, the annual conference hopes to provoke an open conversation between academia and the larger technology industry.
Firefox

Firefox To Block Non-Essential Flash Content In August 2016, Require Click-To-Activate In 2017 (mozilla.org) 156

Mozilla has announced that it plans to discontinue support for Flash in Firefox. Starting next month, Firefox will block Flash content "that is not essential to the user experience." Also, starting sometime in 2017, the browser will require click-to-activate approval from users before a website activates the Flash plugin for any content. In a blogpost, the company writes:Mozilla and the Web as a whole have been taking steps to reduce the need for Flash content in everyday browsing. Over the past few years, Firefox has implemented Web APIs to replace functionality that was formerly provided only by plugins. This includes audio/video playback and streaming capabilities, clipboard integration, fast 2D and 3D graphics, WebSocket networking, and microphone/camera access. As websites have switched from Flash to other web technologies, the plugin crash rate in Firefox has dropped significantly. [...] We continue to work closely with Adobe to deliver the best possible Flash experience for our users.
Windows

Windows 10 Warns Chrome and Firefox Users About Battery Drain, Recommends Switching To Edge (venturebeat.com) 377

A month after Microsoft claimed that its Edge web browser is more power efficient than Google Chrome and Firefox, the company is now warning Windows 10 users about the same. VentureBeat reports: Microsoft has turned on a new set of Windows Tips that warn Windows 10 users that Google Chrome or Mozilla Firefox is draining their laptop's battery. The solution, according to the notification, is to use Microsoft Edge.In a statement to the publication, the company said: "These Windows Tips notifications were created to provide people with quick, easy information that can help them enhance their Windows 10 experience, including information that can help users extend battery life. That said, with Windows 10 you can easily choose the default browser and search engine of your choice."

Slashdot Top Deals