Language Selection

English French German Italian Portuguese Spanish

Moz/FF

FOSS, Self-Hosted Applications and People of Mozilla

Filed under
Moz/FF
OSS
  • 6 Open-Source Alternatives to Proprietary Software: Self-Hosted Applications

    Using FOSS software is a great way of getting free access to valuable services and retaining your privacy and independence when you do it. Whether you’re running your own business on a tight budget or just want to use social media without fear of corporations stockpiling your personal info, there are tons of free and open source alternatives to the mainstream proprietary software that you’re probably used to.

    FOSS software also fosters communities and the sharing of knowledge. For those that have the hardware and time, there are tons of benefits to self-hosting sites built on open-source software. Here are 6 of the best open-source, self-hosted applications and how they compare to their proprietary counterparts.

  • Support.Mozilla.Org: Introducing Josh and Jeremy to the SUMO team

    Today the SUMO team would like to welcome Josh and Jeremy who will be joining our team from Boise, Idaho.

    Josh and Jeremy will be joining our team to help out on Support for some of the new efforts Mozilla are working on towards creating a connected and integrated Firefox experience.

    They will be helping out with new products, but also providing support on forums and social channels, as well as serving as an escalation point for hard to solve issues.

  • Mozilla Reps Community: Rep of the Month – April 2019

    Lidya Christina is from Jakarta, Indonesia. Her contribution in SUMO event in 2016 lead her into a proud Mozillian, an active contributor of Mozilla Indonesia and last March 2019 she joined the Reps program.

Firefox & GNOME Can Finally Run On The AFS File-System With Linux 5.2

Filed under
Linux
Moz/FF
GNOME

AFS, the Andrew File-System that serves as a distributed file-system and used by the likes of Carnegie Mellon University and has seen ports to different operating systems, can now handle more programs running on top of the file-system like Firefox and GNOME.

The AFS file-locking up until now has caused issues with SQLite databases as is commonly used by Firefox and countless other desktop applications on multiple platforms. With the Linux 5.2 kernel changes, AFS file-locking changes now jive with SQLite and thus allow a lot more applications to run when AFS is in use as the home directory.

Read more

Also: Mozilla looks to Tor as it ponders Super Private Browsing mode

Mozilla: SUMO/Firefox Accounts integration, Privacy Features, and Another Facebook Rant

Filed under
Moz/FF
  • SUMO/Firefox Accounts integration

    One of Mozilla’s goals is to deepen relationships with our users and better connect them with our products. For support this means integrating Firefox Accounts (FxA) as the authentication layer on support.mozilla.org

  • Mozilla To Add Tor Features In Firefox For A ‘Super Privacy Browsing’ Mode

    Mozilla Firefox, with an aim to further work on the privacy and security of users, could soon introduce a new mode for the same. As found in the Research Grants of the company, Mozilla plans to work in two main areas: Data and Privacy and Security in the Firefox browser.

    Speaking of Privacy and Security, Mozilla is planning to incorporate Tor in Firefox browser which will lead to the introduction of a new Super Privacy Browsing mode for easy and anonymous internet surfing.

  • Mozilla offers research grant for a way to embed Tor inside Firefo

    Mozilla is looking for a more efficient way of integrating Tor into Firefox, and the organization is willing to throw money at the problem.

    A better Tor integration is one of the key points that Mozilla is willing to fund via its Research Grants 2019H1 program that the organization announced last month.

    This program has been going on for quite a while and is how Mozilla has paid the bills for the development of new Firefox features in the past.

  • Alpine Linux Docker Images Shipped with Unlock Root Accounts, Mozilla Offering a Research Grant to Embed Tor into Firefox, Plasma 5.16 to Get a Rewritten Notification System, Unity 2019.2 Beta Released and Emirates NBD Wins Red Hat's 2019 Innovation Award

    Mozilla has offered a research grant to find a way to embed Tor into Firefox to create a Super Private Browser mode.

  • Google’s Ad API is Better Than Facebook’s, But…

    Last month, Mozilla released an analysis of Facebook’s ad archive API, a tool that allows researchers to understand how political ads are being targeted to Facebook users. Our goal: To determine if Facebook had fulfilled its promise to make political advertising more transparent. (It did not.)

    Today, we’re releasing an analysis of Google’s ad archive API. Google also promised the European Union it would release an ad transparency tool ahead of the 2019 EU Parliament elections.

    [...]

    Overall: While the company gets a passing grade, Google doesn’t sufficiently allow researchers to study disinformation on its platform. The company also significantly delayed the release of their API, unveiling it only weeks before the upcoming EU elections and nearly two months after the originally promised deadline.

    With the EU elections fewer than two weeks away, we hope Google (and Facebook) take action swiftly to improve their ad APIs — action that should have been taken months ago.

File Sharing: qBittorrent 4.1.6 and Mozilla Thunderbird WeTransfer

Filed under
Software
Moz/FF
  • qBittorrent 4.1.6 Released! How to Install it in Ubuntu 18.04

    qBittorrent torrent client 4.1.6 was released a few days ago. Here’s how to install it in Ubuntu 16.04, Ubuntu 18.04, Ubuntu 18.10, and Ubuntu 19.04.

  • Mozilla Thunderbird: WeTransfer File Transfer Now Available in Thunderbird

    WeTransfer’s file-sharing service is now available within Thunderbird for sending large files (up to 2GB) for free, without signing up for an account.

    Even better, sharing large files can be done without leaving the composer. While writing an email, just attach a large file and you will be prompted to choose whether you want to use file link, which will allow you to share a large file with a link to download it. Via this prompt you can select to use WeTransfer.

Mozilla: Firefox 67 Beta 16 Testday, Addon Issue, and Issues With "Clear Browsing Data"

Filed under
Moz/FF
  • Firefox 67 Beta 16 Testday Results

    As you may already know, last Friday May 3rd – we held a new Testday event, for Firefox 67 Beta 16.

    Thank you all for helping us make Mozilla a better place: Rok Žerdin, Fernando Espinoza, Kamila Kamciatek.

  • Firefox armagg-add-on: Lapsed security cert kills all browser extensions, from website password managers to ad blockers

    On Friday, Mozilla detected a great disturbance in its Firefox browser, as if millions of voices had cried out on social media in annoyance.

    Every single web extension, theme, search engine plugin, and language pack had been nuked from netizens' Firefox installations, stripping any data and settings associated with them as they were removed.

    For example, in a post on Hacker News, Rosser Schwarz, who works with databases, lamented how the add-on annihilation lost work stored in the Firefox container add-on.

    "I did not merely 'lose some tabs'; those, I could just re-open," he said. "I lost work. That data, effort, and time are gone."

    The source of the trouble was identified in a bug report as the expiration of an intermediate signing certificate, which is used to authenticate third-party Firefox add-ons, also known as extensions. With the cert's unanticipated demise, Firefox stopped allowing these add-ons to run or be installed.

  • Firefox extensions APIs fail to completely clear browsing data

    While I was working on Clear Browsing Data I have learned about several browser bugs that may render some Firefox extensions that focus on user privacy unreliable.

    The browsingData API in Firefox does not properly remove data, enabling sites to track users that rely on extensions to clear browsing data. Removing certain data types can also lead to side effects and data loss.

The Firefox EU Elections Toolkit helps you to prevent pre-vote online manipulation

Filed under
Moz/FF

What comes to your mind when you hear the term ‘online manipulation’? In the run-up to the EU parliamentary elections at the end of May, you probably think first and foremost of disinformation. But what about technical ways to manipulate voters on the internet? Although they are becoming more and more popular because they are so difficult to recognize and therefore particularly successful, they probably don’t come to mind first. Quite simply because they have not received much public attention so far. Firefox tackles this issue today: The ‘Firefox EU Election Toolkit’ not only provides important background knowledge and tips – designed to be easily understood by non-techies – but also tools to enable independent online research and decision-making.

Read more

Mozilla: LLVM Clang, Addon Apocalypse, Goals and Constraints

Filed under
Moz/FF
  • OpenSUSE Tumbleweed Eyeing LTO By Default; GCC 9 Optimization Work Thanks To Firefox

    Firefox developers and their desire to switch to LLVM Clang in the name of performance. Separately, openSUSE Tumbleweed has been looking at using link-time optimizations (LTO) by default for their packages and that has also motivated developers and help ensured the LTO support was in good shape for this annual compiler release.

  • A Glitch Is Disabling All Firefox Extensions, But A Workaround May Help

    A technical error has affected Mozilla Firefox’s extensions as all the extensions or add-ons have been disabled on the browser.

    Users trying to use the extensions are receiving a pop-up message which reads, “Could not be verified for use in Firefox and has been disabled.”

  • A glitch is breaking all Firefox extensions

    Did you just open Firefox only to find all of your extensions disabled and/or otherwise not working?

    You’re not alone, and it’s nothing you did.

    Reports are pouring in of a glitch that has spontaneously disabled effectively all Firefox extensions.

    Each extension is now being listed as a “legacy” extension, alongside a warning that it “could not be verified for use in Firefox and has been disabled”.

    A ticket submitted to Mozilla’s Bugzilla bug tracker first hit at around 5:40 PM Pacific, and suggests the sudden failure is due to a code signing certificate built into the browser that expired just after 5 PM (or midnight on May 4th in UTC time).

  • TenFourFox not affected by the addon apocalypse

    Tonight's Firefox add-on apocalypse, traced to a mistakenly expired intermediate signing certificate, is currently roiling Firefox users worldwide. It bit me on my Talos II, which really cheesed me off because it tanked all my carefully constructed site containers. (And that's an official Mozilla addon!)

  • Mozilla Had A Rough Night With Add-Ons Getting Disabled Due To An Expired Certificate

    If you are waking up this morning to find all of your Mozilla Firefox add-ons have expired, you are certainly not alone. A major blunder has found users of Firefox finding most add-ons getting disabled. 

    Add-ons like Netflix, Amazon Assistant, Greasemonkey, Ghostery, NoScript, uBlock Origin, and many other popular browser add-ons ended up getting disabled at midnight... An intermediate signing certificate expired over now having an invalid signature. For whatever reason, Mozilla hadn't planned ahead and shipped a renewed certificate in advance. Whoops!

  • Mike Hoye: Goals And Constraints

    Last week I laid out the broad strokes of Mozilla’s requirements for our next synchronous-text platform. They were pretty straightforward, but I want to thank a number of people from different projects who’ve gotten in touch on IRC or email to ask questions and offer their feedback.

    Right now I’d like to lay out those requirements in more detail, and talk about some of the reasons behind them. Later I’m going to lay out the process and the options we’re looking at, and how we’re going to gather information, test those options and evaluate what we learn.

    While the Rust community is making their own choices now about the best fit for their needs, the Rust community’s processes are going to strongly inform the steps for Mozilla. They’ve learned a lot the hard way about consensus-building and community decision-making, and it’s work that I have both a great deal of respect for and no intention of re-learning the hard way myself. I’ll have more about that shortly as well.

    [...]

    It was easy not to care about this when somebody who wanted to contribute to an open source project with global impact had maybe four choices, the Linux kernel, the Mozilla suite, the GNU tools and maybe Apache. But that world was pre-Github, pre-NPM. If you want to work on hard problems with global impact now you have a hundred thousand options, and that means the experience of joining and becoming a part of the Mozilla community matters.

    In short, the amount of effort a project puts into making the path from “I want to help” to “I’m helping” easier is a reliable indicator of the value that project puts on community involvement. So if we say we value our community, we need to treat community involvement and contribution like a product, with all the usability and accessibility concerns that implies. To drive involvement friction as close to zero as possible.

    One tool we’ll be relying on – and this one, we did build in-house – is called Mozilla-IAM, Mozilla’s Identity and Access Management tool. I’ll have more to say about this soon, but at its core it lets us proxy authentication from various sources and methods we trust, Github, Firefox Accounts, a link in your email, a few others. We think IAM will let us support pseudonymous participation and a low-cost first-contact experience, but also let us keep our house in order and uphold the CPG in the process.

Mozilla: Firefox/Mozilla Addon Restrictions and New Report on Socorro (Crash Reporter)

Filed under
Moz/FF
  • Mozilla announces ban on Firefox extensions containing obfuscated code

    Mozilla announced plans today to ban Firefox extensions from its Add-ons portal if the extension contains obfuscated code.

  • Mozilla Addons Blog: Add-on Policy and Process Updates

    As part of our ongoing work to make add-ons safer for Firefox users, we are updating our Add-on Policy to help us respond faster to reports of malicious extensions. The following is a summary of the changes, which will go into effect on June 10, 2019.

  • Will Kahn-Greene: Socorro: April 2019 happenings

    Socorro is the crash ingestion pipeline for Mozilla's products like Firefox. When Firefox crashes, the crash reporter collects data about the crash, generates a crash report, and submits that report to Socorro. Socorro saves the crash report, processes it, and provides an interface for aggregating, searching, and looking at crash reports.

New From Mozilla Foundation and Document Foundation

Filed under
LibO
Moz/FF
  • Migrate to Fluent

    A couple of weeks ago the Localization Team at Mozilla released the Fluent Syntax specification. As mentioned in our announcement, we already have over 3000 Fluent strings in Firefox. You might wonder how we introduced Fluent to a running project. In this post I?ll detail on how the design of Fluent plays into that effort, and how we pulled it off.

    [...]

    Migrating your code will often be a trivial change from one API to another. Most of your code will get a string and show it, after all. You might convert several different APIs into just one in Fluent, in particular dedicated plural APIs will go away.

    You will also move platform-specific terminology into the localization side, removing conditional code. You should also be able to stop stitching several localized strings together in your application logic.

    As we’ll go through the process here, I’ll show an example of a sentence with a link. The project wants to be really sure the link isn’t broken, so it’s not exposed to localizers at all. This is shortened from an actual example in Firefox, where we link to our privacy policy. We’ll convert to DOM overlays, to separate localizable and non-localizable aspects of the DOM in Fluent. Let’s just look at the HTML code snippet now, and look at the localizations later.

  • Deconstruction of a Failure

    I first want to say that I don’t think MozReview was a total failure. There were many successes, despite the fact that we decommissioned it in favour of another system. Indeed, as I note below, we had quite a big userbase near the end. I am also sure that perspectives on MozReview vary quite a bit among the team that worked on it. These are just the particular failures that I felt most responsible for and, thus, were the most instructive for me.

    That these failures occurred early in my management career was, overall, a good thing. I can say that I learned quite a lot from the project, and it made me a better manager. I apply the lessons I’ve learned to all my team’s projects now, and I try to pass on this knowledge to others, not so they can avoid failure, but so that they can perhaps recognize it earlier than I did.

  • LibOCon Reminders
  • Reminder: LibOCon 2020 Call for Locations

    The Call for Location for LibreOffice Conference 2020 is open until June 30, 2019. It will be the 10th of a series of successful events: Paris, October 2011; Berlin, October 2012; Milan, September 2013; Bern, September 2014; Aarhus, September 2015; Brno, September 2016; Rome, October 2017; Tirana, September 2018, and Almeria, September 2019. During or around the event we will celebrate the 10th anniversary of the project, which was announced on September 28, 2010.

    The Call for Locations opens well in advance as TDF Board of Directors wants to to give the event organizers the opportunity to attend this year’s conference – in Almeria, Spain, September 11 to 13, 2019 – to familiarize with the community and the structure of the event. For historical and practical reasons, the LibreOffice Conference takes place between September and November, with a preference for September.

Mozilla: Firefox Reality coming to SteamVR, Firefox 67 Beta 16 Testday This Week, WebRender Update and Python 3 at Mozilla

Filed under
Moz/FF
  • Mozilla VR Blog: Firefox Reality coming to SteamVR

    We are excited to announce that we’re working with Valve to bring the immersive web to SteamVR!

    This January, we announced that we were bringing the Firefox Reality experience to desktop devices and the Vive stores. Since then, collaborating closely with Valve, we have been working to also bring Firefox Reality to the SteamVR immersive experience. In the coming months, users will be offered a way to install Firefox Reality via a new web dashboard button, and then launch a browser window over any OpenVR experience.

    With a few simple clicks, users will be able to access web content such as tips or guides or stream a Twitch comment channel without having to exit their immersive experiences. In addition, users will be able to log into their Firefox account once, and access synced bookmarks and cookies across both Firefox and Firefox Reality — no need to log in twice!

  • Firefox 67 Beta 16 Testday, May 3rd

    We are happy to let you know that Friday, May 3rd, we are organizing Firefox 67 Beta 16 Testday. We’ll be focusing our testing on: Track Changes M2 and WebExtensions compatibility & support.

    Check out the detailed instructions via this etherpad.

    No previous testing experience is required, so feel free to join us on #qa IRC channel where our moderators will offer you guidance and answer your questions.

  • Mozilla GFX: WebRender newsletter #44

    WebRender is a GPU based 2D rendering engine for web written in Rust, currently powering Mozilla’s research web browser servo and on its way to becoming Firefox‘s rendering engine.

  • Python 3 at Mozilla

    Mozilla uses a lot of Python. Most of our build system, CI configuration, test harnesses, command line tooling and countless other scripts, tools or Github projects are all handled by Python. In mozilla-central there are over 3500 Python files (excluding third party files), comprising roughly 230k lines of code. Additionally there are 462 repositories labelled with Python in the Mozilla org on Github (though many of these are not active). That’s a lot of Python, and most of it is Python 2.

    With Python 2’s exaugural year well underway, it is a good time to take stock of the situation and ask some questions. How far along has Mozilla come in the Python 3 migration? Which large work items lie on the critical path? And do we have a plan to get to a good state in time for Python 2’s EOL on January 1st, 2020?

Syndicate content

More in Tux Machines

Programming/Development Leftovers

Openwashing Leftovers/New Examples

Kernel and Linux Foundation in Pockets of Proprietary Software Vendors

  • AT&T, Nokia open up the radio’s edge to third party apps [Ed: Openwashing to dominate the standards and interfaces (with patents) through the "Linux" Foundation]
    AT&T and Nokia have developed a radio edge cloud (REC) appliance that the two companies plan to release into open source via the Linux Foundation. The REC will make it possible for third parties to develop apps and get access to the radio access network (RAN). [...] Murphy said that it is not easy to predict all the use cases for REC but added that having an open source edge cloud with open interfaces to the RAN control will allow operators to have more options.
  • Accord Project to develop open source framework for smart legal contracts [Ed: They're promoting and spreading proprietary software and proprietary formats of Microsoft]
    One of the main purposes of Accord Project is, therefore, to provide a vendor-neutral “.doc” format for smart legal agreements.
  • Apple joins the open-source Cloud Native Computing Foundation
    Apple, in typical fashion, isn’t commenting on the announcement, but the CNCF notes that end-user memberships are meant for organizations that are “heavy users of open source cloud native technologies” and that are looking to give back to the community. By becoming a CNCF end-user member, companies also join the Linux Foundation .
  • Linux stable tree mirror at github [Ed: Greg Kroah-Hartman giving Microsoft more control over Linux]
    It differs from Linus’s tree at: https://github.com/torvalds/linux in that it contains all of the different stable tree branches and stable releases and tags, which many devices end up building on top of. So, mirror away! Also note, this is a read-only mirror, any pull requests created on it will be gleefully ignored, just like happens on Linus’s github mirror. If people think this is needed on any other git hosting site, just let me know and I will be glad to push to other places as well.

Security Leftovers

  • Industry Watch: Of open source, data breaches and speed [Ed: And proprietary software is a lot less suitable for security and privacy purposes because there are surveillance 'features' disguised and back doors too]
    Open-source software helps developers work faster and smarter, as they don’t have to ‘re-invent the wheel’ every time create an application. They just need to be sure the license attached to that software allows them to use the component the way they want. They also need to stay on top of that application, so if the component changes, or an API changes, their application isn’t affected and they are still in compliance. Data protection is also something organizations must get serious about. While the GDPR only affects users in the European Union, it’s only a matter of time before those or similar regulations are in place in the U.S. and elsewhere. Companies should get a jump on that by doing a thorough audit of their data, to know they are prepared to be compliant with whatever comes down from the statehouses or from Washington, D.C. On the speed side, the benefits of Agile and DevOps are clear. These methodologies enable companies to bring new software products to market faster, with the result of getting a jump on the competition, working more efficiently and ultimately serving your customers. Unfortunately, these efforts are usually done by different teams of developers, database administrators and security experts. If the Equifax and Facebook breaches have taught us anything, it’s that you can’t expect developers to be security experts, and you can’t expect DB admins to understand the ramifications on the business when data is misunderstood. It will take a coordinated approach to IT to achieve business goals while not leaving the company — and its IP and PII data — exposed.
  • VLC patches critical flaws through EU open source bug bounty program
    More than 30 security issues have been fixed in VLC, the popular open source media player, with developers praising an EU-funded bug bounty program for helping produce its most secure update yet. VLC media player, created by the software non-profit VideoLAN, was found to have 33 vulnerabilities within various versions, including two that were considered critical. An out-of-bounds write was one of the severe vulnerabilities found to affect all VLC versions, and a stack buffer overflow was also discovered in VLC 4.0. Less severe vulnerabilities consisted of out-of-band reads, heap overflows, NULL-dereference, and use-after-free bugs. An updated version, VLC 3.0.7, has since been released for users to download.
  • VLC Player Gets Patched for Two High Severity Bugs
  • Asigra FreeNAS plugin brings open source data protection [Ed: Some openwashing of proprietary software]
    Asigra is trying to capture FreeNAS users with a free-to-try plugin version of its backup software. The Asigra FreeNAS plugin released this week allows customers to turn their iXsystems FreeNAS storage systems into backup targets. It encrypts and deduplicates data before it is sent to the FreeNAS system. The plugin also detects and quarantines malware and ransomware so that it doesn't get backed up.
  • TrueCommand Brings Single Pane of Glass Management to TrueNAS and FreeNAS Fleets
  • WSO2 and Ping Identity Partner to Provide Comprehensive, AI-Powered Cyber-Attack Protection for APIs
  • The Open Source Cookbook: A Baker’s Guide to Modern Application Development
    Let’s begin our cookbook by selecting our recipe. I’ve had some phenomenal baked goods, and I’ve had some not-so-phenomenal baked goods (there is rarely a bad baked good). But I’ve been surprised before, by a croissant from a diner that didn’t taste like the one from the local French bakery, or by a buttercream frosting at a supermarket that just didn’t have the same delicate touch as the one I make at home. In each case, I expected the same as I had before – by title – yet encountered a much different experience. When selecting your recipes, it’s important to understand which type of a particular food you are expecting to make, or you may be met with a different taste when you finish than you were hoping for when you began. [...] As with cooking, when incorporating open source components into applications, it’s important to understand origin and evolution of what you’re baking into your software. Carefully review your open source component versions, and evaluate the community’s activity in order to have the greatest chance possible to predict the possible technical debt you may inherit.