Microsft heals some wounds as it moves to Open Source

Subject: General Tech | December 7, 2018 - 01:57 PM |
Tagged: windows, open source, microsoft, edge, chromium, browser, Opera, firefox

One of the big stories this week has been the rumour and confirmation of Microsoft's move to Chromium.  What we hadn't seen until this morning was what the competition thought about it, which we now know thanks to a link from Slashdot.   You will be shocked to learn that Firefox sees this as solid proof you should have been using Firefox all along, or should switch immediately.

Opera and Google both applaud the move; Opera pointing out that they did something very similar about 6 years ago while Google welcomes Microsoft to the open source community it once spurned.  Take a peek at the rest here.

chromium-logo-100751561-large.jpg

"Google largely sees Microsoft's decision as a good thing, which is not exactly a surprise given that the company created the Chromium open source project. "Chrome has been a champion of the open web since inception and we welcome Microsoft to the community of Chromium contributors. We look forward to working with Microsoft and the web standards community to advance the open web, support user choice, and deliver great browsing experiences."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot

Wondering if your email was included in a data dump?

Subject: General Tech | September 26, 2018 - 01:40 PM |
Tagged: security, firefox, Have I Been Pwned

Have I Been Pwned has been around for some time now, letting you determine if your email address was included in one of the disturbingly frequent data breaches which have occurred in the past few years.  FireFox Monitor is a new site which uses that database to search email addresses users enter, with two added features. When you submit your email, it turns it into an SHA-1 hash which is then compared to the emails in the database, offering you a bit more protection if you so desire.  You can also request that your email address be monitored, with automated searches sent in occasionally so you don't need to remember to check on them yourself.  According to the discussion The Inquirer has with Mozilla, there are plans to integrate this into Firefox to make it even easier to keep tabs on your emails.

Capture.PNG

"Mozilla on Tuesday debuted a service called Firefox Monitor that it has been testing to help people see whether their email addresses have been compromised."

Here is some more Tech News from around the web:

Tech Talk

 

Source: The Register

Mozilla, Opera, and Google Pull Malicious Extension

Subject: General Tech | July 6, 2018 - 09:12 PM |
Tagged: Opera, mozilla, google, firefox, chrome

I don’t think this should surprise anyone, but it’s good to report on none-the-less. There was a popular browser extension, called Stylish, that allowed users to customize the pages that they visit, and share those customizations with their friends. It’s a cool concept, but it was later sold to another company. That new owner changed the extension to monitor its users.

Mozilla, Opera, and Google slapped it across the jaw with a banhammer.

valve-nope.jpg

If you go to Mozilla’s Firefox Add-ons site, Opera's Add-ons site, or Google’s Chrome Web Store, you will get a 404. If you already installed the extension, it will be removed from your browser. As such, you probably don’t need to worry about it, because the browser vendors went DEFCON 1 on it.

But just in case you haven’t yet got the kill signal (because you’re behind a limited VPN or something) be sure to remove “Stylish” from your browser.

This also raises the point about curated app stores: review isn't perfect. Sometimes malicious software can go unnoticed for years. It's best not to get too complacent.

Source: Sophos

Firefox goes open sores

Subject: General Tech | May 1, 2018 - 12:58 PM |
Tagged: firefox, ad supported, open source, firefox 60

Targeted advertising is all the rage right now and now FireFox wants in on the (class) action.  Starting with Firefox 60 sponsored content will start showing in your browser, though perhaps not the Pocket variety which is very easy to disable.  The reason is that Mozilla needs revenue, which is not flowing in great enough quantities from other streams, and they claim the ads will be "Worthy of your time. Not just clicks."; whatever that might mean. 

They are implementing this in a unique way, not only keeping all the data on your machine instead of slapped into a cloud somewhere, but also allowing you to access the harvested data yourself.  Perhaps you will be able to erase the one search you did on toilet seats so that you are no longer bombarded with targeted ads that think you either have 50 bathrooms or consider them single use products.  The new browser arrives on the 9th; pop by The Inquirer for more info.

Mozilla-Firefox.jpg

"It promises that "all personalisation happens at the client side" - this means that your data is kept on your computer, not uploaded. It also adds that as Firefox is entirely open source, you can look under the bonnet and see exactly what data is or isn't collected."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

A gentle reminder never hurts; unless a site decides not to patch their vulnerabilities

Subject: General Tech | November 23, 2017 - 12:25 PM |
Tagged: firefox, security

Firefox have come up with a very interesting idea, making use of the database at Have I Been Pwned to display an in-browser warning message when you visit a site which has suffered a data breach.  This reminder may help with one of the largest problems with internet security; the limited amount of damage a company experiences when their customers data is stolen.  When a major breach like the ones at Equifax, Yahoo or even that certain adultery site occur, they are covered in the news for a few days, maybe a week, and then everything goes back to normal for them as the vast majority of the population forgets it happened.  With this add-in to Firefox there will be a constant reminder that breaches have occurred and that perhaps an alternative would be a better choice than to continue to work with a company that has allowed your data to be stolen.  Since the courts do not seem interested in handing out prohibitive fines to businesses which fail to protect their customers data, this might be a way to convince them investing in security makes financial sense.  Drop by Slashdot for a brief look at the plan.

HIBP-Firefox-Linkedin.png

"The alert also includes an input field. In the add-ons current version this field doesn't do anything, but we presume it's there to allow users to search and see if their data was exposed during that site's security breach. Troy Hunt, Have I Been Pwned's author has confirmed his official collaboration with Mozilla on this feature."

Here is some more Tech News from around the web:

Tech Talk

 

Source: Slashdot

A Chunk of Servo Comes to Firefox: Quantum CSS

Subject: General Tech | August 22, 2017 - 10:12 PM |
Tagged: mozilla, firefox, servo, Rust

If you’re on Firefox Nightly, you are able to enable their new CSS engine with an about:config flag, called layout.css.servo.enabled. For a few years now, Mozilla has been working on a separate rendering engine, aided by Samsung, which was called Servo. Browsers are very single-threaded, so there was a lot of room for improvement, especially on devices that can afford more cores than per-core performance, like mobile. It is also more secure, as its programming language, Rust, is more strict with data accesses than C/C++, which is also great for a web browser.

mozilla-rust.png

Eventually, Mozilla decided to, instead of replacing Gecko, replace chunks of it with tech derived from Servo. Up to now, it’s been mostly security-related components, like the parsing of untrusted media headers. This one is about speed. I'm curious to see how it feels to our readers. I know that, personally, going from Firefox 54 to Firefox 55 was a significant difference, although that was due to other changes.

If you’re interested, download Firefox Nightly. I mean, it’s free.

Source: Mozilla

Firefox 52 Adds WebAssembly

Subject: General Tech | March 8, 2017 - 04:00 PM |
Tagged: mozilla, webassembly, javascript, firefox

Mozilla’s latest browser version, Firefox 52, was just released to the public on Tuesday. I wasn’t planning on putting up a post about it, but I just found out that it includes the ability to ingest applications written in WebAssembly. This is client-side language for browsers to be a compile target for C, C++, and other human-facing languages (such as Rust). Previously, these applications needed to transpile into JavaScript, which has several limitations.

Honestly, I haven’t heard much from WebAssembly in several months, so I was figured they were still quite a ways off. Several big engines, like Unreal Engine 4, not really putting their weight behind HTML5 as much as they were about three years ago, during the Windows 8- and iOS-era. Now I see the above video, which starts with Tim Sweeney and goes on to include others from Mozilla, Autodesk, and Unity, and I am starting to assume that I just wasn’t looking in the right areas.

Some features of WebAssembly include native 64-bit integer types and actual memory management. In JavaScript, the "number" type basically exists in a quazi-state between int32 and FP64. WebGL added a few containers for smaller data types, but it couldn't go larger than what "number" allowed, so int64 and uint64 couldn't be represented. Also, JavaScript requires garbage collection to be run on the browser's schedule, which limits the developer's control to "don't generate garbage and hope the GC keeps sleeping".

According to the video, though, it sounds like application startup time is the primary reason for shipping WebAssembly. That could just be what they feel the consumer-facing message should convey, though. I should probably poke around and see what some web and game developer contacts think about WebAssembly.

Firefox 52 is now available.

Source: Mozilla

Mozilla to Require Rust (and Dependencies) for Firefox

Subject: General Tech | February 7, 2017 - 02:47 AM |
Tagged: mozilla, firefox, web browser, Rust, llvm

Firefox 52 will be the company’s next Extended Support Release (ESR) branch of their popular web browser. After this release, Mozilla is planning a few changes that will break compatibility, especially if you’re building the browser from source. If you’re an end-user, the major one to look out for is Mozilla disabling NPAPI-based plugins (except Flash) unless you are using Firefox 52 ESR. This change will land in the consumer version of Firefox 52, though. It’s not really clear why they didn’t just wait until Firefox 53, rather than add a soft-kill in Firefox 52 and hard-code it the next version, but that’s their decision. It really does not affect me in the slightest.

mozilla-rust.png

The more interesting change, however, is that Mozilla will begin requiring Rust (and LLVM) in an upcoming version. I’ve seen multiple sources claim Firefox 53, Firefox 54, and Firefox 55 as possible targets for this, but, at some point around those versions, critical components of the browser will be written in Rust. As more of the browser is migrated to this language, it should be progressively faster and more secure, as this language is designed to enforce memory safety and task concurrency.

Firefox 52 is expected in March.

Firefox 51 and Chrome 56 Launch with WebGL 2.0

Subject: General Tech | January 27, 2017 - 03:55 PM |
Tagged: webgl, webgl2, firefox, chrome, google, mozilla, Opera

After quite a bit of anticipation, both Mozilla and Google have just shipped compatible implementations of WebGL 2. This feature was unlocked to the public in Firefox 51 and Chrome 56 for the desktop, both released this week, while Opera will push it out to desktop and mobile on their next version, Opera 43. Microsoft currently has the API “under consideration” for Edge.

As we’ve highlighted in the past, this new version of the graphics API pushes the platform up to OpenGL ES 3.0, with a few exceptions that are typically made for security reasons. This update allows quite a few new features like off-screen render targets, which is useful for deferred rendering. The shading language is also significantly larger, and can now operate natively on integer types and 3D textures.

WebGL 2.0 does not include compute shaders, however, which is a bit unfortunate. That said, it is (at least last I checked) a highly-requested feature and the browser vendors are interested in providing it.

Mozilla Unveils Quantum Project

Subject: General Tech | October 30, 2016 - 01:09 AM |
Tagged: mozilla, servo, gecko, firefox

One of the big announcements at Mozilla Summit 2013, despite Firefox OS being the focus of the event, was their research (with Samsung) into a new rendering engine, Servo. Rendering HTML5 is horrifically complex, so creating a new rendering engine from scratch is a big “nope!” for basically all organizations. Mozilla saw this as a big potential, because current engines are very difficult to scale to multiple cores, so they went in to this as a no-assumptions experiment.

mozilla-architecture.jpg

At the time, they didn't know whether Servo would be built up into a full rendering engine, or whether it would be picked apart and pulled back into their current engine, Gecko. Mozilla has now unveiled Quantum, and the first sentence of its MozillaWiki entry is “Quantum is not a new web browser.” They go on to say that they will be “building on the Gecko engine as a solid foundation”. So it seems pretty clear that, like they've recently done with their media file parser in Firefox 48.

While this will likely not have the major impact that “boom, new engine” would, in terms of performance, this piece-wise method should be quicker than bulking up Servo. Mozilla expects that big changes will begin to land next year.

Source: Mozilla