Language Selection

English French German Italian Portuguese Spanish

Mozilla, Firefox and Security on the Net

Filed under
Moz/FF
Security
  • A Look Back at the History of Firefox

    In the early 1990s, a young man named Marc Andreessen was working on his bachelor’s degree in computer science at the University of Illinois. While there, he started working for the National Center for Supercomputing Applications. During that time Sir Tim Berners-Lee released an early form of the web standards that we know today. Marc was introduced to a very primitive web browser named ViolaWWW. Seeing that the technology had potential, Marc and Eric Bina created an easy to install browser for Unix named NCSA Mosaic). The first alpha was released in June 1993. By September, there were ports to Windows and Macintosh. Mosaic became very popular because it was easier to use than other browsing software.

    In 1994, Marc graduated and moved to California. He was approached by Jim Clark, who had made his money selling computer hardware and software. Clark had used Mosaic and saw the financial possibilities of the internet. Clark recruited Marc and Eric to start an internet software company. The company was originally named Mosaic Communications Corporation, however, the University of Illinois did not like their use of the name Mosaic. As a result, the company name was changed to Netscape Communications Corporation.

    The company’s first project was an online gaming network for the Nintendo 64, but that fell through. The first product they released was a web browser named Mosaic Netscape 0.9, subsequently renamed Netscape Navigator. Internally, the browser project was codenamed mozilla, which stood for “Mosaic killer”. An employee created a cartoon of a Godzilla like creature. They wanted to take out the competition.

  • Firefox Send – Securely Transfer Large Files for Free

    We have covered several file sharing applications over time with apps like Wormhole, EasyJoin, and Android File Transfer For Linux. Today, we introduce you to Firefox’s recently released file sharing service, Firefox Send.

    Firefox Send is a free, encrypted file sharing service that enables you to privately share files up to 1GB (and files up to 2GB using a Firefox account) with privileged parties. How does it work? Upload the files that you want to share and send the link to the recipients who just have to click the download button.

    Send uses end-to-end encryption coupled with an extra layer of security that you can advantage of by password-protecting the links. That way, people who are able to access the download link will not be able to use.

  • Why is no one signing their emails?

     

    It seems to me that there is a fairly easy solution to verify the author of an email: sign it with a digital signature. Either S/MIME or PGP will do. I don’t even care about encryption here, just signing to prevent phishing.

Firefox Send is a Free, Encrypted File Sharing Service

  • Firefox Send is a Free, Encrypted File Sharing Service

    It just got easier (and more secure) to share files with your friends and family online — all thanks to Mozilla, makers of Firefox.

    The free-web advocating non-profit has announced that its ‘Firefox Send‘ feature has graduated from (the now axed) test pilot programme to fully fledged service in its own right.

    And the best bit? You don’t even need Firefox to use it.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Programming/Development Leftovers

Openwashing Leftovers/New Examples

Kernel and Linux Foundation in Pockets of Proprietary Software Vendors

  • AT&T, Nokia open up the radio’s edge to third party apps [Ed: Openwashing to dominate the standards and interfaces (with patents) through the "Linux" Foundation]
    AT&T and Nokia have developed a radio edge cloud (REC) appliance that the two companies plan to release into open source via the Linux Foundation. The REC will make it possible for third parties to develop apps and get access to the radio access network (RAN). [...] Murphy said that it is not easy to predict all the use cases for REC but added that having an open source edge cloud with open interfaces to the RAN control will allow operators to have more options.
  • Accord Project to develop open source framework for smart legal contracts [Ed: They're promoting and spreading proprietary software and proprietary formats of Microsoft]
    One of the main purposes of Accord Project is, therefore, to provide a vendor-neutral “.doc” format for smart legal agreements.
  • Apple joins the open-source Cloud Native Computing Foundation
    Apple, in typical fashion, isn’t commenting on the announcement, but the CNCF notes that end-user memberships are meant for organizations that are “heavy users of open source cloud native technologies” and that are looking to give back to the community. By becoming a CNCF end-user member, companies also join the Linux Foundation .
  • Linux stable tree mirror at github [Ed: Greg Kroah-Hartman giving Microsoft more control over Linux]
    It differs from Linus’s tree at: https://github.com/torvalds/linux in that it contains all of the different stable tree branches and stable releases and tags, which many devices end up building on top of. So, mirror away! Also note, this is a read-only mirror, any pull requests created on it will be gleefully ignored, just like happens on Linus’s github mirror. If people think this is needed on any other git hosting site, just let me know and I will be glad to push to other places as well.

Security Leftovers

  • Industry Watch: Of open source, data breaches and speed [Ed: And proprietary software is a lot less suitable for security and privacy purposes because there are surveillance 'features' disguised and back doors too]
    Open-source software helps developers work faster and smarter, as they don’t have to ‘re-invent the wheel’ every time create an application. They just need to be sure the license attached to that software allows them to use the component the way they want. They also need to stay on top of that application, so if the component changes, or an API changes, their application isn’t affected and they are still in compliance. Data protection is also something organizations must get serious about. While the GDPR only affects users in the European Union, it’s only a matter of time before those or similar regulations are in place in the U.S. and elsewhere. Companies should get a jump on that by doing a thorough audit of their data, to know they are prepared to be compliant with whatever comes down from the statehouses or from Washington, D.C. On the speed side, the benefits of Agile and DevOps are clear. These methodologies enable companies to bring new software products to market faster, with the result of getting a jump on the competition, working more efficiently and ultimately serving your customers. Unfortunately, these efforts are usually done by different teams of developers, database administrators and security experts. If the Equifax and Facebook breaches have taught us anything, it’s that you can’t expect developers to be security experts, and you can’t expect DB admins to understand the ramifications on the business when data is misunderstood. It will take a coordinated approach to IT to achieve business goals while not leaving the company — and its IP and PII data — exposed.
  • VLC patches critical flaws through EU open source bug bounty program
    More than 30 security issues have been fixed in VLC, the popular open source media player, with developers praising an EU-funded bug bounty program for helping produce its most secure update yet. VLC media player, created by the software non-profit VideoLAN, was found to have 33 vulnerabilities within various versions, including two that were considered critical. An out-of-bounds write was one of the severe vulnerabilities found to affect all VLC versions, and a stack buffer overflow was also discovered in VLC 4.0. Less severe vulnerabilities consisted of out-of-band reads, heap overflows, NULL-dereference, and use-after-free bugs. An updated version, VLC 3.0.7, has since been released for users to download.
  • VLC Player Gets Patched for Two High Severity Bugs
  • Asigra FreeNAS plugin brings open source data protection [Ed: Some openwashing of proprietary software]
    Asigra is trying to capture FreeNAS users with a free-to-try plugin version of its backup software. The Asigra FreeNAS plugin released this week allows customers to turn their iXsystems FreeNAS storage systems into backup targets. It encrypts and deduplicates data before it is sent to the FreeNAS system. The plugin also detects and quarantines malware and ransomware so that it doesn't get backed up.
  • TrueCommand Brings Single Pane of Glass Management to TrueNAS and FreeNAS Fleets
  • WSO2 and Ping Identity Partner to Provide Comprehensive, AI-Powered Cyber-Attack Protection for APIs
  • The Open Source Cookbook: A Baker’s Guide to Modern Application Development
    Let’s begin our cookbook by selecting our recipe. I’ve had some phenomenal baked goods, and I’ve had some not-so-phenomenal baked goods (there is rarely a bad baked good). But I’ve been surprised before, by a croissant from a diner that didn’t taste like the one from the local French bakery, or by a buttercream frosting at a supermarket that just didn’t have the same delicate touch as the one I make at home. In each case, I expected the same as I had before – by title – yet encountered a much different experience. When selecting your recipes, it’s important to understand which type of a particular food you are expecting to make, or you may be met with a different taste when you finish than you were hoping for when you began. [...] As with cooking, when incorporating open source components into applications, it’s important to understand origin and evolution of what you’re baking into your software. Carefully review your open source component versions, and evaluate the community’s activity in order to have the greatest chance possible to predict the possible technical debt you may inherit.