Language Selection

English French German Italian Portuguese Spanish

Moz/FF

Mozilla: Six-Year Moziversary, Thomas Park/Codepip, and Weak Response to Critics of Firefox Spyware

Filed under
Moz/FF
  • Chris H-C: Six-Year Moziversary

    I’ve been working at Mozilla for six years today. Wow.

    Okay, so what’s happened… I’ve been promoted to Staff Software Engineer. Georg and I’d been working on that before he left, and then, well *gestures at everything*. This means it doesn’t really _feel_ that different to be a Staff instead of a Senior since I’ve been operating at the latter level for over a year now, but the it’s nice that the title caught up. Next stop: well, actually, I think Staff’s a good place for now.

    Firefox On Glean did indeed take my entire 2020 at work, and did complete on time and on budget. Glean is now available to be used in Firefox Desktop.

  • Hacks.Mozilla.Org: Hacks Decoded: Thomas Park, Founder of Codepip

    Thomas Park is a software developer based in the U.S. (Philadelphia, specifically). Previously, he was a teacher and researcher at Drexel University and even worked at Mozilla Foundation for a stint. Now, he’s the founder of Codepip, a platform that offers games that teach players how to code. Park has made a couple games himself: Flexbox Froggy and Grid Garden.

  • Mark Surman: Exploring better data stewardship at Mozilla [Ed: Mozilla fails to admit that spying on Firefox users is wrong; now it's misframing the criticism and responds to a straw man]

    Over the last few years, Mozilla has increasingly turned its attention to the question of ‘how we build more trustworthy AI?’ Data is at the core of this question. Who has our data? What are they using it for? Do they have my interests in mind, or only their own? Do I trust them?

    We decided earlier this year that ‘better data stewardship’ should be one of the three big areas of focus for our trustworthy AI work.

    One part of this focus is supporting the growing field of people working on data trusts, data cooperatives and other efforts to build trust and shift power dynamics around data. In partnership with Luminate and Siegel, we launched the Mozilla Data Futures Lab in March as a way to drive this part of the work.

How to try out the open-source Firefox alternative LibreWolf on Linux

Filed under
Moz/FF

Firefox is a great browser. The developers of Firefox do a lot for the web, and without it, we’d all be stuck using Chromium on Linux. However, as time goes on, Firefox has gotten worse with its practices. If you’re tired of the experiments and the business practices Mozilla is up to, there’s LibreWolf.

LibreWolf is a fork of Firefox proper. It is open-source and works on Mac OS, Linux, and Windows. Best of all, it removes all of the shady things Mozilla has been up to. Here’s how you can try out LibreWolf on Linux.

Read more

More Mozilla Spying and Management Shuffle

Filed under
Moz/FF
Web
  • William Lachance: Learning about Psychological Safety at the Recurse Center

    Some context: I’m currently working as a software engineer at Mozilla, building out our data pipeline and analysis tooling. I’ve been at my current position for more than 10 years (my “anniversary” actually passed while I was out). I started out as a senior engineer in 2011, and was promoted to staff engineer in 2016. In tech-land, this is a really long tenure at a company. I felt like it was time to take a break from my day-to-day, explore some new ideas and concepts, and hopefully expose myself to a broader group of people in my field.

    My original thinking was that I would mostly be spending this time building out an interactive computation environment I’ve been working on called Irydium. And I did quite a bit of that. However, I think the main thing I took away from this experience was some insight on what makes a remote environment for knowledge work really “click”. In particular, what makes somewhere feel psychologically safe, and how this feeling allows us to innovate and do our best work.

    While the Recurse Center obviously has different goals than an organization that builds and delivers consumer software, I do think there are some things that it does that could be applied to Mozilla (and, likely, many other tech workplaces).

  • [Older] Firefox Now Sends Your Address Bar Keystrokes to Mozilla

    Firefox now sends more data than you might think to Mozilla. To power Firefox Suggest, Firefox sends the keystrokes you type into your address bar, your location information, and more to Mozilla’s servers. Here’s exactly what Firefox is sharing and how to control it.

  • Support.Mozilla.Org: What’s up with SUMO – October 2021

    As we enter October, I hope you’re all pumped up to welcome the last quarter of the year and, basically, wrapping up projects that we have for the remainder of the year. With that spirit, let’s start by welcoming the following folks into our community.

    [...]

    Thanks for Jefferson Scher for straightening the Firefox Suggest confusion on Reddit. That definitely help people to understand the feature better.

  • Welcome Imo Udom, Mozilla’s new Senior Vice President, Innovation Ecosystems

    I am delighted to share that Imo Udom has joined Mozilla as Senior Vice President, Innovation Ecosystems. Imo brings a unique combination of strategy, technical and product expertise and an entrepreneurial spirit to Mozilla and our work to design, develop and deliver new products and services.

Mozilla Firefox: Spyware, Password Loggers, and Performance Monitoring

Filed under
Moz/FF
  • This Week in Glean: Designing a telemetry collection with Glean

    (“This Week in Glean” is a series of blog posts that the Glean Team at Mozilla is using to try to communicate better about our work. They could be release notes, documentation, hopes, dreams, or whatever: so long as it is inspired by Glean.) All “This Week in Glean” blog posts are listed in the TWiG index).

    Whenever I get a chance to write about Glean, I am usually writing about some aspects of working on Glean. This time around I’m going to turn that on its head by sharing my experience working with Glean as a consumer with metrics to collect, specifically in regards to designing a Nimbus health metrics collection. This post is about sharing what I learned from the experience and what I found to be the most important considerations when designing a telemetry collection.

    I’ve been helping develop Nimbus, Mozilla’s new experimentation platform, for a while now. It is one of many cross-platform tools written in Rust and it exists as part of the Mozilla Application Services collection of components. With Nimbus being used in more and more products we have a need to monitor its “health”, or how well it is performing in the wild. I took on this task of determining what we would need to measure and designing the telemetry and visualizations because I was interested in experiencing Glean from a consumer’s perspective.

  • Firefox Add-on Reviews: How to choose the right password manager browser extension

    All good password managers should, of course, effectively secure passwords; and they all basically do the same thing—you create a single, easy-to-remember master password to access your labyrinth of complex logins. Password managers not only spare you the hassle of remembering a maze of logins; they can also offer suggestions to help make your passwords even stronger. Fortunately there’s no shortage of capable password protectors out there. But with so many options, how to choose the one that’ll work best for you?

    Here are some of our favorite password managers. They all offer excellent password protection, but with distinct areas of strength.

  • Mozilla Performance Blog: Performance Sheriff Newsletter (September 2021)

    In September there were 174 alerts generated, resulting in 23 regression bugs being filed on average 6.4 days after the regressing change landed.

    Welcome to the September 2021 edition of the performance sheriffing newsletter. Here you’ll find the usual summary of our sheriffing efficiency metrics. If you’re interested (and if you have access) you can view the full dashboard.

Mozilla Leftovers

Filed under
Moz/FF
  • Jan-Erik Rediger: Fenix Physical Device Testing

    The Firefox for Android (Fenix) project runs extensive tests on every pull request and when merging code back into the main branch.

    While many tests run within an isolated Java environment, Fenix also contains a multitude of UI tests. They allow testing the full application, interaction with the UI and other events. Running these requires the Android emulator running or a physical Android device connected. To run these tests in the CI environment the Fenix team relies on the Firebase test lab, a cloud-based testing service offering access to a range of physical and virtual devices to run Android applications on.

    To speed up development, the automatically scheduled tests associated with a pull request are only run on virtual devices. These are quick to spin up, there is basically no upper limit of devices that can spawn on the cloud infrastructure and they usually produce the same result as running the test on a physical device.

  • CTCFT 2021-10-18 Agenda

    After the CTCFT this week, we are going to try an experimental social hour. The hour will be coordinated in the #ctcft stream of the rust-lang Zulip. The idea is to create breakout rooms where people can gather to talk, hack together, or just chill.

  • Hacked! Unravelling a data breach

    The bottom line: If you get snagged in a data breach, tie up any loose threads quickly to protect yourself, and stay on top of monitoring your accounts for suspicious activity.

  • Dyn async traits, part 5

    If you’re willing to use nightly, you can already model async functions in traits by using GATs and impl Trait — this is what the Embassy async runtime does, and it’s also what the real-async-trait crate does. One shortcoming, though, is that your trait doesn’t support dynamic dispatch. In the previous posts of this series, I have been exploring some of the reasons for that limitation, and what kind of primitive capabilities need to be exposed in the language to overcome it. My thought was that we could try to stabilize those primitive capabilities with the plan of enabling experimentation. I am still in favor of this plan, but I realized something yesterday: using procedural macros, you can ALMOST do this experimentation today! Unfortunately, it doesn’t quite work owing to some relatively obscure rules in the Rust type system (perhaps some clever readers will find a workaround; that said, these are rules I have wanted to change for a while).

OSCAL, Open Labs, Mozilla & grooming women for Outreachy

Filed under
Software
Moz/FF

Monday, 11 October is the UN's International Day for the Girl Child. The definition of Girl Child varies from country to country. In the law of Albania, the age of consent can be as low as 14 if you can convince (bribe) a judge that a 14 year old girl has achieved sexual maturity. Legal text.

What does it look like when children aged 16 and 17 make software for big corporations to use?

Today we find out

Here is a team photo from Ura Design, one of the Albanian companies using the hackerspace as a front for people trafficking. In the team we see a former Outreachy, Renata Gegaj beside a future Outreachy, Anja Xhakani.

Read more

Mozilla Thunderbird 91.2 Finally Allows OTA Upgrades from Thunderbird 78 or Earlier

Filed under
News
Moz/FF

Thunderbird 91 was launched two months ago, but it wasn’t offered as an OTA (Over-the-Air) upgrade from Thunderbird 78 and earlier releases. After three minor point releases, Thunderbird 91.2 is here and enables support for OTA upgrades from earlier Thunderbird versions.

Thunderbird 91.2 is also a minor update, bringing only the ability to use a unique filename when saving a single message in the .eml file format, as well as a bunch of bug fixes. But the major change in this release is the ability to upgrade from Thunderbird 78 and earlier versions without from within the app.

Read more

Mozilla and Programming Leftovers

Filed under
Development
Moz/FF
  • Reducing the Overhead of Profiling Firefox Sleeping Threads – Mozilla Performance

    Firefox includes its own profiler: Visit profiler.firefox.com to enable it, and the user documentation is available from there.

    The main advantages compared with using a third-party profiler, are that it’s supplied with Firefox, it can capture screenshots, it understands JavaScript stacks, and Firefox is adding “markers” to indicate important events that may be useful to developers.

    Its most visible function is to capture periodic “samples” of function call stacks from a number of threads in each process. Threads are selected during configuration in about:profiling, and can range from a handful of the most important threads, to all known threads.

    This sampling is performed at regular intervals, by going through all selected threads and suspending each one temporarily while a sample of its current stack is captured (this is known as “stack walking”). This costly sampling operation can have a non-negligible impact on how the rest of the Firefox code runs, this is the “overhead” of the Profiler. In order to be able to sample as many threads as possible with the smallest impact, there is ongoing work to reduce this overhead.

  • Lots to see in Firefox 93! - Mozilla Hacks - the Web developer blog

    Firefox 93 comes with lots of lovely updates including AVIF image format support, filling of XFA-based forms in its PDF viewer and protection against insecure downloads by blocking downloads relying on insecure connections.

    Web developers are now able to use static initialization blocks within JavaScript classes, and there are some Shadow DOM and Custom Elements updates. The SHA-256 algorithm is now supported for HTTP Authentication using digests. This allows much more secure authentication than previously available using the MD5 algorithm.

  • GCC, Clang[d], LSP client, Kate and variadic macro warnings, a short story

    Kate has had an LSP plugin for sometime now, which uses Clangd. It's a great plugin that brings many code navigation/validation features, akin to those available in Qt Creator and KDevelop.

    So naturally since I got it to work, I've been using it. At some point I found out about the Diagnostics tab in the LSP Client tool view in Kate, which displays useful information; however I also saw that it was plagued by a spam of the following warnings...

  • GCC 12 Enables Auto-Vectorization For -O2 Optimization Level - Phoronix

    The change merged today is enabling the auto-vectorizer at the -O2 optimization level rather than only at -O3 and above. The auto-vectorizer is enabled by default with -O2 and using its "very cheap" cost model. The very cheap model enables vectorization if the scalar iteration count is a multiple of four, it is the "cheapest" of these cost models. Meanwhile the default cost model for vectorization at -O3 is "dynamic" for having more checks to try to determine if a vectorized code path will be faster.

  • Jon Chiappetta: Reddit Refresher Javascript Bookmark
  • Dirk Eddelbuettel: RcppGSL 0.3.10: Small Updatex

    A new release 0.3.10 of RcppGSL is now on CRAN. upload](https://dirk.eddelbuettel.com/blog/2020/06/21#rcppgsl_0.3.8). The RcppGSL package provides an interface from R to the GNU GSL by relying on the Rcpp package.

    This release brings a requested configure.ac update (just like RQuantLib yesterday and littler two days ago, along with the at-work tiledb update today). It also adds a small testing improvement. No user-visible changes, no new features. Details follow from the NEWS file.

  • Lang team October update

    This week the lang team held its October planning meeting (minutes). We hold these meetings on the first Wednesday of every month.

  • This Week In Rust: This Week in Rust 411

Old Thunderbird installations will be upgraded to Thunderbird 91 via automatic updates now

Filed under
Moz/FF

The Thunderbird team released two new versions of the open source desktop email client in the past two weeks. Thunderbird 91.1.2 was a smaller bug fix update for all client versions, Thunderbird 91.2.0, a security update that also included bug fixes.

Particularly of note for Thunderbird users who are still using Thunderbird 78.x is that the team has lifted the upgrade block. Previous releases of Thunderbird 91 were not offered to devices running Thunderbird 78.x via the email client's automatic update feature.

Read more

Mozilla: CISA, Rust, Rally, and SUMO

Filed under
Moz/FF
  • Mozilla Releases Security Updates for Firefox and Firefox ESR | CISA

    Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR . An attacker could exploit some of these vulnerabilities to take control of an affected system.

    CISA encourages users and administrators to review the Mozilla security advisories for Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2.

  • Baby Steps

    In the previous “dyn async traits” posts, I talked about how we can think about the compiler as synthesizing an impl that performed the dynamic dispatch. In this post, I wanted to start explore a theoretical future in which this impl was written manually by the Rust programmer. This is in part a thought exercise, but it’s also a possible ingredient for a future design: if we could give programmers more control over the “impl Trait for dyn Trait” impl, then we could enable a lot of use cases.

  • Control your data for good with Rally - Mozilla Hacks - the Web developer blog

    Let’s face it, if you have ever used the internet or signed up for an online account, or even read a blog post like this one, chances are that your data has left a permanent mark on the interwebs and online services have exploited your data without your awareness for a very long time.

    The Fight for Privacy

    The fight for privacy is compounded by the rise in misinformation and platforms like Facebook willingly sharing information that is untrustworthy, shutting down platforms like Crowdtangle and recently terminating the accounts of New York University researchers that built Ad Observer, an extension dedicated to bringing greater transparency to political advertising. We think a better internet is one where people have more control over their data.

  • Introducing Abby Parise – The Mozilla Support Blog

    It’s with great pleasure that I introduce Abby Parise, who is the latest addition to the Customer Experience team. Abby is taking the role of Support Content Manager, so you’ll definitely see more of her in SUMO. If you were with us or have watched September’s community call, you might’ve seen her there.

Syndicate content

More in Tux Machines

Plasma 5.23 available for Kubuntu 21.10 (Impish Indri) in backports PPA

We are pleased to announce that Plasma 5.23.1 is now available in our backports PPA for Kubuntu 21.10 (Impish Indri). The release announcement detailing the new features and improvements in Plasma 5.23 can be found here. Read more

Pumpkins, markets, and one bad Apple

Imagine your local farmers market: every Saturday the whole town comes together to purchase fresh and homemade goods, enjoy the entertainment, and find that there is always something for everyone. Whatever you need, you can find it here, and anyone can sign up to have their own little stand. It is a wonderful place, or so it seems. Now, imagine starting out as a pumpkin farmer, and you want to sell your pumpkins at this market. The market owner asks 30% of every pumpkin that you sell. It's steep, but the market owner -- we'll call him Mr. Apple -- owns all the markets in your area, so you have little choice. Let's continue this analogy and imagine that, since it is a little hard for you to make ends meet, you decide to tell your customers that they can come visit you at your farm to purchase pumpkins. Mr. Apple overhears and shuts your stand down. You explain that your business cannot be profitable this way, but the grumpy market owner says that you can either comply or find another place. At the end of your rope, you look for information about starting your own farmers market, but it seems Mr. Apple owns every building in town. In the midst of Apple announcing its new products, attention is drawn away from its ongoing battle to maintain its subjugation over users globally. The Netherlands’ Authority for Consumers and Markets (ACM) last month informed the U.S. technology giant of its decision that the rules around the in-app payment system are anticompetitive, making it the first antitrust regulator to conclude that the company has abused market power in the App Store. And while Apple is appealing this verdict, the European Union is charging the company with another antitrust claim concerning the App Store. Read more

today's howtos

  • How To Install PostgreSQL 14 on Ubuntu 20.04 - howtodojo

    In this tutorial, we learn how to install PostgreSQL 14 on Ubuntu 20.04 (Focal Fossa). PostgreSQL, or usually called Postgres, is an open-source object-relational database management system (ORDBMS) with an emphasis on extensibility and standards compliance. PostgreSQL is ACID-compliant and transactional. It is developed by PostgreSQL Global Development Group (PGDG) that consists of many companies and individual contributors. PostgreSQL released under the terms of PostgreSQL license.

  • How to Install Minikube on CentOS 8 - Unixcop

    Minikube is open source software for setting up a single-node Kubernetes cluster on your local machine. The software starts up a virtual machine and runs a Kubernetes cluster inside of it, allowing you to test in a Kubernetes environment locally. Minikube is a tool that runs a single-node Kubernetes cluster in a virtual machine on your laptop. In this tutorial we will show you how to install Minikube on CentOS 8.

  • How to Install and Secure Redis on Ubuntu 20.04 | RoseHosting

    Redis (short for Remote Dictionary Server), is an open-source in-memory data structure store. It’s used as a flexible, highly available key-value database that maintains a high level of performance. It helps to reduce time delays and increase the performance of your application by accessing in microseconds.

  • How to Upgrade to Ubuntu 21.10 - OMG! Ubuntu!

    If the glowing reviews for the Ubuntu 21.10 release have you intrigued, here’s how to upgrade to Ubuntu 21.10 from an earlier version. Fair warning: this tutorial is super straightforward (the benefits of upgrading after a stable release, rather than a little bit before). Meaning no, you don’t need to be a Linux guru to get going! There are plenty of good reasons to upgrade from Ubuntu 21.04 to Ubuntu 21.10, such as benefiting from a newer Linux kernel, enjoying a new GNOME desktop, sampling the new Yaru Light theme, and getting to go hands-on with an able assortment of updated apps.

  • How to install Adobe Flash Player on a Chromebook

    Today we are looking at how to install Adobe Flash Player on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • How to install OnlyOffice on Linux Lite 5.4 - Invidious

    In this video, we are looking at how to install OnlyOffice on Linux Lite 5.4. Enjoy!

  • Jenkins: How to add a JDK version - Anto ./ Online

    This guide will show you how to add a JDK version to Jenkins. If you plan to run a Java build requiring a specific version of the Java Development Kit, you need to do this.

  • Sending EmailsSend them from Linux Terminal? | Linux Journal

    Does your job require sending a lot of emails on a daily basis? And you often wonder if or how you can send email messages from the Linux terminal. This article explains about 6 different ways of sending emails using the Linux terminal. Let’s go through them.

Development version: GIMP 2.99.8 Released

GIMP 2.99.8 is our new development version, once again coming with a huge set of improvements. Read more Some early coverage:

  • GIMP 2.99.8 Released with Clone Tool Tweaks, Support for Windows Ink

    A new development version of GIMP is available to download and it carries some interesting new features. While this isn’t a new stable release — GIMP 2.10.28 is the most recent stable release (and the version you’ll find in Ubuntu 21.10’s archives) — the release of GIMP 2.99.8 is yet another brick in the road to the long-fabled GIMP 3.0 release. And it’s a fairly substantial brick, at that.

  • GIMP 2.99.8 Released As Another Step Toward The Long Overdue GIMP 3.0

    GIMP 3.0 as the GTK3 port of this open-source Adobe Photoshop alternative has been talked about for nearly a decade now and the work remains ongoing. However, out today is GIMP 2.99.8 as the newest development snapshot.