Language Selection

English French German Italian Portuguese Spanish

Mozilla Firefox: Firefox 68, Charsets and Grizzly Browser Fuzzing Framework

Filed under
Moz/FF
  • Mike Hommey: Reproducing the Linux builds of Firefox 68

    Starting with Firefox 68, the Linux builds shipped by Mozilla should be reproducible (it is not currently automatically validated that it definitely is, but 68.0 is). These builds are optimized with Profile Guided Optimization, and the profile data was not kept and published until recently, which is why they weren’t reproducible until now.

    The following instructions require running Docker on a Linux host (this may or may not work on a non-Linux host, I don’t know what e.g. Docker for Mac does, and if the docker support in the mach command works with it). I’ll try to make them generic enough that they may apply to any subsequent release of Firefox.

  • Mozilla Releases Firefox 68 as the Next ESR Series with Cryptomining Protection

    Mozilla officially released today the Firefox 68 web browser for all supported platforms, including Linux, Mac, and Windows, making it an ESR (Extended Support Release) version.
    The popular open-source and cross-platform Firefox web browser from Mozilla has been updated to version 68.0, a major release that expands the dark mode in the reader view to make the controls, toolbars, and sidebars on windows dark too. Additionally, Firefox 68 introduces new cryptomining and fingerprinting protections to strict content blocking settings.

    Firefox 68 also improves add-on security and discovery by introducing a Recommended Extensions program in about:addons to help users easily find high quality and secure add-ons and themes, a new reporting feature in about:addons to let users quickly report security and performance issues with add-ons, and revamp the extensions dashboard in about:addons.

  • Dave Townsend: Please watch your character encodings

    I started writing this as a newsgroup post for one of Mozilla’s mailing lists, but it turned out to be too long and since this part was mainly aimed at folks who either didn’t know about or wanted a quick refresher on character encodings I decided to blog it instead. Please let me know if there are errors in here, I am by no means an expert on this stuff either and I do get caught out sometimes!

    Text is tricky. Unicode supports the notion of 1,114,112 distinct characters, slightly more than a byte of memory can hold. So to store a character we have to use a way of encoding its value into bytes in memory. A straightforward encoding would just use three bytes per character. But (roughly) the larger the character value the less often it is used, and memory is precious, so often variable length encodings are used. These will use fewer bytes in memory for characters earlier in the range at the cost of using a little more memory for the rarer characters. Common encodings include UTF-8 (one byte for ASCII characters, up to four bytes for other characters) and UTF-16 (two bytes for most characters, four bytes for less used ones).

    What does this mean?

  • Grizzly Browser Fuzzing Framework

    At Mozilla, we rely heavily on automation to increase our ability to fuzz Firefox and the components from which it is built. Our fuzzing team is constantly developing tools to help integrate new and existing capabilities into our workflow with a heavy emphasis on scaling. Today we would like to share Grizzly – a browser fuzzing framework that has enabled us to quickly and effectively deploy fuzzers at scale.

    Grizzly was designed to allow fuzzer developers to focus solely on writing fuzzers and not worry about the overhead of creating tools and scripts to run them. It was created as a platform for our team to run internal and external fuzzers in a common way using shared tools. It is cross-platform and supports running multiple instances in parallel.

More in Tux Machines

BlueStar Linux 5.2.1

Today we are looking at BlueStar Linux 5.2.1. This release of BlueStar is an Arch rolling distro and comes with Linux Kernel 5.2.1 and KDE Plasma 5.16.3 and uses about 700MB of ram when idling. Bluestar Linux is a beautiful Arch/KDE distro that works great out of the box and is receiving a lot of love from their very active developer. Read more Direct/video: BlueStar Linux 5.2.1 Run Through

GNU Parallel 20190722 ('Ryugu') released

GNU Parallel 20190722 ('Ryugu') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/ GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17. Read more

today's howtos

Audiocasts/Shows: This Week in Linux, Command Line Heroes, DevNation Live Introducing Kogito and Python Podcast

  • Episode 75 | This Week in Linux

    On this episode of This Week in Linux, we’ve got a lot of Distro News with the first stable release of EndeavourOS, and we’ve also got new releases from Proxmox, deepin and FerenOS. Dropbox has decided to revert their weird decision of blocking various Linux Filesystems so we’ll talk about that. We’ve got some App News with KDE Connect now being available for macOS and a new release for the Foliate, ebook reader. Later in the show, we’ll cover some Linux Security news regarding a recently found piece of malware targeting the Linux Desktop. Then we’ll round out the show with some Linux Gaming news from Epic Games, Valve, Google Stadia and a new Humble Bundle. All that and much more on Your Weekly Source for Linux GNews!

  • JavaScript's surprising rise from the ashes of the browser wars on Command Line Heroes

    The third season of the Command Line Heroes podcast continues its look at the history of the programming languages we depend on every day. Episode 3, released today, investigates the origin of JavaScript. Here's the unlikely story of how it happened.

  • DevNation Live: Introducing Kogito

    DevNation Live tech talks are hosted by the Red Hat technologists who create our products. These sessions include real solutions and code and sample projects to help you get started. In this talk, you’ll learn about Quarkus, Kogito, and GraalVM from Red Hat’s Mario Fusco, Principal Software Engineer, and Burr Sutter, Chief Developer Evangelist. These days rule engines are often overlooked, possibly because people think that they are only useful inside heavyweight enterprise software products. However, this is not necessarily true. Simply put, a rule engine is just a piece of software that allows you to separate domain and business-specific constraints from the main application flow. Drools is the rule engine of Red Hat, and our goal is to make it ready to be used in serverless environments.

  • Protecting The Future Of Python By Hunting Black Swans

    The Python language has seen exponential growth in popularity and usage over the past decade. This has been driven by industry trends such as the rise of data science and the continued growth of complex web applications. It is easy to think that there is no threat to the continued health of Python, its ecosystem, and its community, but there are always outside factors that may pose a threat in the long term. In this episode Russell Keith-Magee reprises his keynote from PyCon US in 2019 and shares his thoughts on potential black swan events and what we can do as engineers and as a community to guard against them.