WebProNews

Tag: Mozilla

  • Mozilla Prepping a Non-Webkit Version of Firefox for iOS

    Mozilla Prepping a Non-Webkit Version of Firefox for iOS

    Google isn’t the only company prepping a non-Webkit version of its browser, with Mozilla taking similar action.

    News broke last week that Google was working on an iOS version of Chrome that used its own Blink rendering engine instead of Apple’s Webkit. App Store rules currently require all iOS web browsers to use Webkit, meaning that front-end features are the only thing that differentiate the options.

    According to The Register, Mozilla is also working on a version of its browser that runs on its own Gecko rendering engine instead of Webkit.

    Interestingly, while Mozilla and Google are not officially confirming it, it appears both companies may anticipate a future where regulation forces Apple to allow third-party browser engines on iOS. If such an eventuality occurs, both companies will be able to hit the ground running.

  • Mozilla Acquires Pulse Team for Machine Learning Projects

    Mozilla Acquires Pulse Team for Machine Learning Projects

    Mozilla has acquired the Pulse team, a group of developers behind a popular Slack status update tool of the same name.

    It’s fairly rare for Mozilla to make an acquisition. As a result, when the organization does it’s worth taking note. Pulse was a powerful status updating tool that could automatically update individuals’ status based on calendar appointments and more.

    Despite Pulse closing shop, Mozilla clearly sees potential in what the Pulse team accomplished, specifically in the realm of machine learning.

    “I’m proud to announce that we have acquired Pulse, an incredible team that has developed some truly novel machine learning approaches to help streamline the digital workplace,” wrote chief product officer Steve Teixeira. “The products that Raj, Jag, Rolf, and team have built are a great demonstration of their creativity and skill, and we’re incredibly excited to bring their expertise into our organization. They will spearhead our efforts in applied ethical machine learning, as we invest to make Mozilla products more personal, starting with Pocket. “

    Teixeira says the two companies had similar goals and vision of what is needed when building products for consumers.

    “Which explains why we were so excited when we began talking to the Pulse team,” Teixeira. “It became immediately obvious that we both fundamentally agree that the world needs a model where automated systems are built from day one with individual people as the primary beneficiary. Mozilla, with an almost 25 year history of building products with people and privacy at their core, is the right organization to do that. And with Pulse as part of our team, we can move even more quickly to set a new example for the industry.”

    Teixeira says the team’s work will eventually make its way into Mozilla’s entire portfolio of products.

  • Mozilla Releases Firefox Translation, a Local, Non-Cloud Extension

    Mozilla Releases Firefox Translation, a Local, Non-Cloud Extension

    Mozilla has released a local, non-cloud translation extension, Firefox Translation, providing a private and secure alternative.

    Translation extensions are among the most popular add-ons available for Firefox, but Mozilla has created a new one that focuses on privacy. The vast majority of translation extensions rely on cloud-based services, uploading text to complete the translation. Needless to say, this poses a privacy and security risk, especially for sensitive content.

    According to Mozilla, this new add-on “was developed with The Bergamot Project Consortium, coordinated by the University of Edinburgh with partners Charles University in Prague, the University of Sheffield, University of Tartu, and Mozilla.”

    The Firefox Translation extension is designed to do all translation locally, on the user’s computer, without uploading anything to the cloud.

    Mozilla notes the following requirement:

    A CPU that supports SSE4.1 extensions is required for this addon to function properly. If it doesn’t, an error will be displayed when the translation is being started.

    Users can find out more and download the extension here.

  • Don’t Waste Time on YouTube’s Dislike Button; It Doesn’t Work

    Don’t Waste Time on YouTube’s Dislike Button; It Doesn’t Work

    YouTube users smashing the “Dislike” button are likely wasting their time, according to new research from Mozilla.

    YouTube, like many online platforms, provides a button for individuals to dislike content. The idea is that disliking something will fine-tune the platform’s algorithm to show the user less content of a similar nature.

    According to Mozilla, however, the “Dislike” button doesn’t really work.

    Indeed, Mozilla’s research found that people who are experiencing unwanted recommendations and turn to the platform’s user controls for assistance prevent less than half of unwanted recommendations.

    The issue is made even worse as a result of the type of content often found on YouTube.

    This is especially troubling because Mozilla’s past research shows that YouTube recommends videos that violate its very own community guidelines, like misinformation, violent content, hate speech, and spam. For example, one user in this most recent research asked YouTube to stop recommending war footage from Ukraine — but shortly after was recommended even more grisly content from the region.

    Needless to say, users don’t trust YouTube’s controls to provide them with the tailored experience they’re looking for.

    “We learned that people don’t feel YouTube’s user controls are effective tools for managing the content they see,” says Becca Ricks, Senior Researcher at Mozilla. “Our research validates these experiences — the data shows that people don’t actually have much control over the YouTube algorithm.”

    “Our study found that YouTube’s user controls have a negligible impact on preventing unwanted recommendations, leaving people at the mercy of YouTube’s recommender system,” adds Jesse McCrosky, data scientist with Mozilla. “As a result, YouTube continues to recommend videos that people have clearly signaled they do not want to see, including war footage and gruesome horror clips.”

  • PSA: Update Mozilla Firefox, Thunderbird, and Focus Immediately

    PSA: Update Mozilla Firefox, Thunderbird, and Focus Immediately

    Mozilla has issued updates for Firefox, Firefox for Android, Thunderbird, and Firefox Focus to fix two vulnerabilities being actively exploited in the wild.

    Firefox, while not nearly as popular as Chrome, is one of the most important web browsers on the market, an open source alternative with a focus on privacy. Mozilla says both vulnerabilities are being actively exploited by bad actors, making it critically important to update immediately.

    Here’s Mozilla’s description of the two issues:

    CVE-2022-26485: Use-after-free in XSLT parameter processing: “Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw.”

    CVE-2022-26486: Use-after-free in WebGPU IPC Framework: “An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw.”

    Both issues have been addressed in these updates:

    • Firefox 97.0.2
    • Firefox ESR 91.6.1
    • Firefox for Android 97.3
    • Focus 97.3
    • Thunderbird 91.6.2
  • Salesforce Faces Employee Backlash Over NFT Plans

    Salesforce Faces Employee Backlash Over NFT Plans

    Salesforce employees are pushing back against the company’s plan to create an NFT platform.

    Salesforce announced in early February that it was working to develop its own NFT platform and NFT Cloud. Co-CEOs Marc Benioff and Bret Taylor told employees at an online event. NFTs have become increasingly popular, with some fetching millions of dollars.

    It seems Salesforce employees are not impressed with the plans, with hundreds of them signing an open letter of protest, according to Thompson Reuters Foundation News. The employees took multiple issues with the company’s plans, including the environmental impact of NFTs and their being “unregulated, highly speculative financial assets.”

    The environmental concerns are becoming a common refrain of critics of blockchain-based tech. Mozilla was forced to abandon plans to accept cryptocurrency donations over crypto’s environmental impact, and Wikipedia is under similar pressure.

    It remains to be seen if Salesforce will abandon its plans, or merely alter them to address employee concerns.

  • Mozilla and Meta Team Up on Privacy-Respecting Ad Tech

    Mozilla and Meta Team Up on Privacy-Respecting Ad Tech

    Mozilla and Meta have teamed up in one of the most unlikely pairings, in an effort to create privacy-respecting ad tech.

    The advertising industry is currently caught in a dilemma between mining the information it needs to be profitable and respecting user privacy. The two have generally been mutually exclusive, with privacy losing out — at least until recently. Efforts by Apple to improve privacy and give users options to reduce how much companies can track their activity have made a significant dent in many ad companies’ business, including Meta.

    Mozilla and Meta appear to be solving one of the biggest issues in the advertising vs privacy debate, how to effectively deal with attribution, an important quantifier in helping advertisers know how effective their campaigns are.

    Mozilla’s Martin Thomson described the two companies’ solution in a blog post:

    For the last few months we have been working with a team from Meta (formerly Facebook) on a new proposal that aims to enable conversion measurement – or attribution – for advertising called Interoperable Private Attribution, or IPA.

    IPA aims to provide advertisers with the ability to perform attribution while providing strong privacy guarantees. IPA has two key privacy-preserving features. First, it uses Multi-Party Computation (MPC) to avoid allowing any single entity — websites, browser makers, or advertisers — to learn about user behavior. Mozilla has some experience with MPC systems as we’ve deployed Prio for privacy-preserving telemetry. Second, it is an aggregated system, which means that it produces results that cannot be linked to individual users. Together these features mean that IPA cannot be used to track or profile users.

    The key to IPA’s success will be whether enough companies adopt it. Having Mozilla and Meta — two organizations on the extreme opposite ends of the privacy spectrum — collaborating on it is sure to make other companies take notice.

  • Mozilla Killing Off Firefox Reality

    Mozilla has announced it is killing off Firefox Reality, the company’s foray into virtual reality.

    Companies large and small are racing to deploy virtual and augmented reality solutions, racing to stake their claim on the metaverse, where in-person, virtual, and augmented reality meet. Mozilla, on the other hand, is killing off its entry in the market, although that doesn’t mean users are without hope.

    Firefox Reality was the first cross-platform browser for mixed reality that was made by a company dedicated to user privacy. Fortunately, Firefox Reality’s innovations will live on in the Wolvic browser, made by Igalia.

    “On mobile or desktop, the web is woven into everything. It’s how we communicate, get information, entertain ourselves, and so much more. In the last few years, XR has really matured. The increase of devices shipping with an immersive OS is incredible. As such, now is an especially critical time to ensure that we establish the web on them in a healthy way,” said Brian Kardell, Developer Advocate at Igalia. “The Firefox Reality project was created with similar aims, to give users some choice and ensure that open and unlimited access to the web remains strong on these devices. These ideas are core to what we do at Igalia, so we’re thrilled to be able to carry the torch forward in leveraging that work to create a new browser, Wolvic. Together, we will help to ensure that the web ecosystem remains healthy.”

    Mozilla emphasizes that it continues to be an incubator for many new technologies, including mixed reality tech. Fortunately, its stewardship of Firefox Reality was enough to help it serve as the basis of an all-new application.

  • Wikipedia the Latest to Face Pressure to Stop Accepting Crypto

    Wikipedia the Latest to Face Pressure to Stop Accepting Crypto

    Pressure is mounting on Wikipedia to stop accepting crypto, amid criticism of its environmental impact.

    Mozilla came under heavy criticism for its decision to accept cryptocurrency donations. None other than one of the founders of Mozilla lambasted the organization for its decision, prompting an about-face.

    Wikipedia is now facing pressure to stop accepting crypto as well, with a “Requests for comments” page opened to discuss the situation. The user who opened the page, GorillaWarfare, explained three specific issues with accepting crypto.

    • Concern that accepting crypto signaled endorsement
    • The environmental impact of crypto
    • The potential to damage Wikipedia’s reputation

    It’s too early to know how Wikipedia will proceed, but the discussion is another example of the headwinds crypto faces in its bid for widespread acceptance.

  • Mozilla Backtracks on Accepting Crypto After Backlash

    Mozilla Backtracks on Accepting Crypto After Backlash

    Mozilla has put the brakes on accepting crypto donations after facing severe backlash, including from one of its original founders.

    Mozilla announced last week that it was planning on accepting cryptocurrency for donations. The announcement sparked immediate backlash, with some of the most vocal criticism coming from one of its original founders, Jamie “jwz” Zawinski.

    It appears Mozilla got the message, saying it pausing its plans to accept crypto donations while it reviews whether its policies match its climate goals.

    Unfortunately for crypto, this is not the first time a major organization has suspended its plans to accept it. Tesla made headlines when it announced it would also stop accepting bitcoin as payment over environmental concerns.

  • Mozilla Founder Jamie Zawinski Lambasts Mozilla’s Crypto Move

    Mozilla Founder Jamie Zawinski Lambasts Mozilla’s Crypto Move

    Jamie “jwz” Zawinski, has lambasted the organization he helped found for announcing it will accept cryptocurrency donations.

    Zawinski is notable for being one of the original creators of Netscape Navigator. He is also the one who proposed the name “Mozilla,” promoted the idea of open-sourcing Netscape, and was a founding member of the Mozilla organization.

    Despite his background, he is most definitely not a fan of the organization’s most recent decision, if his expletive-laced tweet is any indication. He was tweeting in response to Mozilla’s tweet that they would accept crypto donations.

    It’s unlikely Zawinski’s disapproval will have any impact, given that he is no longer part of Mozilla. It’s also not surprising the organization is accepting crypto, given its need to continue develop alternate income sources, and its privacy-oriented nature. Accepting donations available via crypto is a natural merging of those two positions.

  • Mozilla to Pass $500 Million in 2021 As Other Services Take Off

    Mozilla to Pass $500 Million in 2021 As Other Services Take Off

    Mozilla is closing in on a major milestone, set to pass $500 million in 2021 revenue as the company’s other services gain ground.

    Mozilla has always been in a unique and precarious position. The organization is responsible for one of the most important pieces of software, in its Firefox web browser. Although Chrome has long-since come to dominate the browser market, Firefox consistently wins praise for its focus on user privacy, unlike Chrome. In fact, Mozilla has established itself as a stalwart defender of user privacy, and is on the forefront of such efforts.

    Despite its importance, and what the company stands for, Mozilla’s primary financial support has come from search deals with Google, to the tune of nearly 90% of the company’s revenue. Relying on its greatest competitor, one whose values are almost diametrically opposed to Mozilla’s, is a dangerous position to depend on.

    According to TechCrunch, the status quo is finally starting to change. While Mozilla reported $466 million in search revenue in 2020, and $465 million in 2019, the organization is set to pass $500 million in 2021.

    Most significantly, however, an increasing share of Mozilla’s revenue is coming from its other services, such as Mozilla VPN, Pocket and Firefox Relay Premium. In fact, revenue from these other services is expected to grow 150% in 2020, accounting for 14% of Mozilla’s total revenue. According to TechCrunch, Mozilla’s VPN service alone saw a 450% revenue growth from 2020 to 2021.

    While 14% is still a relatively small portion of Mozilla’s total revenue, it’s an excellent start toward finally breaking free of dependence on Google.

  • EFF: Google Chrome’s ‘Manifest V3 is Deceitful and Threatening’

    EFF: Google Chrome’s ‘Manifest V3 is Deceitful and Threatening’

    The Electronic Frontier Foundation (EFF) is calling out Google’s Manifest V3 (MV3) browser extension plans, calling them “deceitful and threatening.”

    MV3 represents a significant change to how Chrome browser extensions are implemented. In an effort to increase compatibility, Mozilla has already announced that Firefox will adopt MV3 too.

    According to the EFF, however, MV3 represents a major threat to privacy and security, thanks to the limits it places on how extensions work.

    Manifest V3, or Mv3 for short, is outright harmful to privacy efforts. It will restrict the capabilities of web extensions—especially those that are designed to monitor, modify, and compute alongside the conversation your browser has with the websites you visit. Under the new specifications, extensions like these– like some privacy-protective tracker blockers– will have greatly reduced capabilities. Google’s efforts to limit that access is concerning, especially considering that Google has trackers installed on 75% of the top one million websites.

    The EFF aren’t the only ones warning about MV3.

    “A web browser is supposed to act on behalf of the user and respect the user’s interests,” says Jonathan Mayer, Princeton University. “Unfortunately, Chrome now has a track record as a Google agent, not a user agent. It is the only major web browser that lacks meaningful privacy protections by default, shoves users toward linking activity with a Google Account, and implements invasive new advertising capabilities. Google’s latest changes will break Chrome privacy extensions, despite academic research demonstrating that no change is necessary. These user-hostile decisions are all directly attributable to Google’s surveillance business model and enabled by its dominance of the desktop browser market.”

    “Nearly all browser extensions as you know them today will be affected in some way: the more lucky ones will ‘only’ experience problems, some will get crippled, and some will literally cease to exist,” writes AdGuard’s Andrey Meshkov.

    It’s unlikely Google will back down from its MV3 plans, given how much it relies on the very kinds of trackers many privacy extensions are designed to combat. Hopefully, however, Mozilla will rethink its adoption of MV3, given the company’s commitment to privacy and security.

  • Mozilla Pulling the Plug on Firefox Lockwise

    Mozilla Pulling the Plug on Firefox Lockwise

    Mozilla is killing off its Firefox Lockwise password manager, with the end-of-life (EOL) date set for December 13, 2021.

    Password managers are a popular, and important, cybersecurity option. Password managers help users keep track of the myriad of passwords they use for various websites and services, even generating stronger passwords that would otherwise be difficult to remember. Security experts recommend consumers make use of such apps, given the protection they offer.

    Firefox Lockwise is Mozilla’s password manager, but its functions are already present in the Firefox web browser, across the various platforms it supports. As a result, Mozilla is killing off Firefox Lockwise.

    Mozilla will end support for the Firefox Lockwise app on Android and iOS, effective December 13, 2021. You will no longer be able to install or reinstall Firefox Lockwise from the App Store or Google Play Store. iOS version 1.8.1 and Android version 4.0.3 will be the last releases for Firefox Lockwise. The application may continue to work on your device, but it will no longer receive support or security updates.

    After December 13, 2021, you can continue to access your saved passwords and your password management in the Firefox desktop and mobile browsers.

  • Microsoft Is Going Back to the ‘90s, Using Windows to Push Its Web Browser

    Microsoft Is Going Back to the ‘90s, Using Windows to Push Its Web Browser

    Microsoft is under fire for (once again) abusing its Windows platform to push its own web browser, reminiscent of its actions in the mid-90s.

    Microsoft’s history in the mid-90s was dominated by its browser war with Netscape. The company ultimately bundled Internet Explorer so tightly with Windows, that it was simply too difficult and inconvenient for most users to continue relying on Netscape.

    It seems Microsoft may be reverting back to that behavior and, in the process, is drawing sharp criticism from third-party browser makers, including Mozilla, Brave, Opera and Vivaldi. As The Verge points out, Windows 11 asks the user, when they install a third-party browser and try to open a link for the first time, which browser they want set as their default. However, unless the user selects “always use this app,” the default will remain unchanged. There’s also no fast and easy way to go back and do so if the user doesn’t get it right during that initial dialog.

    To make matters even worse, rather than providing a simple method to change the web browser in settings, Microsoft now forces users to select the browser they want to use for each and every one of the various filetypes that often comprise a website. That means the user has to set the default web browser for HTTP, HTTPS, HTM, HTML, XHT, XHTML, PDF, SHTML, SVG, WEBP and FTP.

    While users obviously may want to use a dedicated FTP or PDF client, every other one of those files should all be lumped together, handled by a single default browser.

    Even if a user goes through the tedious process of changing the default browser for each and every one of the necessary file types, it still won’t stop Windows from defaulting to Edge. A number of browser-based widgets will still open Edge regardless of the default setting.

    Inexplicably, Microsoft says this is what users want.

    “With Windows 11, we are implementing customer feedback to customize and control defaults at a more granular level, eliminating app categories and elevating all apps to the forefront of the defaults experience,” a Microsoft spokesperson told The Verge. “As evidenced by this change, we’re constantly listening and learning, and welcome customer feedback that helps shape Windows. Windows 11 will continue to evolve over time; if we learn from user experience that there are ways to make improvements, we will do so.”

    What Microsoft no doubt meant to say is: “We searched long and hard to find the most technologically masochistic users we could find, ones that love having their own technology fight against them, and based our decisions on their feedback.”

    There were a lot of great things about the ‘90s, but Microsoft’s behavior wasn’t one of them. The company should abandon this nonsense immediately.

  • No, Firefox Hasn’t Dropped to 50 Million Users, Still Has 200 Million

    No, Firefox Hasn’t Dropped to 50 Million Users, Still Has 200 Million

    Despite some losses, Firefox is still sitting at a relatively healthy 200 million users a year — not 50 million.

    A recent article in Gizmodo cited a Firefox Public Data Report, saying the browsers usage “number has sagged to just under 50 million.” In point of fact, the Firefox Public Data Report shows the browser’s usage share dropped from 253,000,000 in January 2019 to 196,000,000 in August 2021. While a drop of 50+ million is certainly unfortunate, roughly 200,000,000 million active users is a far cry from the 50 million Gizmodo proclaims.

    Firefox occupies a unique position in the web browser market. Unlike the more popular alternatives, Firefox is open source, developed and maintained by a non-profit organization, Mozilla. In addition, Firefox is one of the most privacy-conscious browsers on the market.

    Anyone interested in privacy and security, as well as supporting a diverse web browser market, would do well to make the switch to Firefox — or at least give it a try.

  • Mozilla Testing Three-Digit Firefox User Agent

    Mozilla Testing Three-Digit Firefox User Agent

    Mozilla is preparing for the inevitable version 100 of its Firefox browser, testing to make sure a triple-digit user agent won’t break the browser.

    Web browsers send websites a string of text including the version number, rendering engine and more. Until now, there’s never been a web browser that has reached version 100, but Firefox is closing in at version 91.

    Mozilla is testing to make sure the unprecedented version won’t cause any issues. In a bug post, the organization is trying an experiment to see if a triple-digit user agent breaks any sites.

    We would like to run an experiment to test whether a UA string with a three-digit Firefox version number will break many sites. This new temporary general.useragent.experiment.firefoxVersion pref can override the UA string’s Firefox version.

    If many sites are broken, we might need to freeze the UA string’s Firefox version at some two-digit number like “Firefox/99.0”:

  • Mozilla Releases Firefox 91 With Enhanced Cookie Clearing

    Mozilla Releases Firefox 91 With Enhanced Cookie Clearing

    Mozilla has taken the wraps off of the latest version of Firefox, version 91, and it includes significant privacy improvements.

    Firefox is already one of the most secure, private browsers on the market today. The browser’s Total Cookie Protection is one of the features contributing to that, preventing companies from tracking you as you browse across websites.

    Version 91’s Enhanced Cookie Clearing builds on that even more, making it much easier to clear cookies for a given site, as well as any third-party cookies that may have been embedded in that site.

    Let’s say you have visited facebook.com, comfypants.com and mealkit.com. All of these sites store data in Firefox and leave traces on your computer. This data includes typical storage like cookies and localStorage, but also site settings and cached data, such as the HTTP cache. Additionally, comfypants.com and mealkit.com embed a like button from facebook.com.

    Embedded third-party resources complicate data clearing. Before Enhanced Cookie Clearing, Firefox cleared data only for the domain that was specified by the user. That meant that if you were to clear storage for comfypants.com, Firefox deleted the storage of comfypants.com and left the storage of any sites embedded on it (facebook.com) behind. Keeping the embedded storage of facebook.com meant that it could identify and track you again the next time you visited comfypants.com.

    With Enhanced Cookie Clearing, Firefox will now display a “cookie jar” for each website you’ve visited, collecting the cookies and data from that website, as well as any third-party cookies and data that may have been embedded in it.

    Firefox 91 Enhanced Cookie Clearing - Credit Mozilla
    Firefox 91 Enhanced Cookie Clearing – Credit Mozilla

    Mozilla says that, in order for Enhanced Cookie Clearing to work, users must have Strict Tracking Protection enabled.

  • Firefox 90 Ends FTP Support

    Firefox 90 Ends FTP Support

    Mozilla has ended support for FTP in Firefox 90, citing security concerns with the aging protocol.

    FTP (File Transfer Protocol) is one of the oldest protocols, dating back to the early days of the internet. Unfortunately, unlike newer protocols, basic FTP has no encryption and transmits data in plain text, including usernames and passwords. Mozilla highlights the danger this poses to users.

    The biggest security risk is that FTP transfers data in cleartext, allowing attackers to steal, spoof and even modify the data transmitted. To date, many malware distribution campaigns launch their attacks by compromising FTP servers and downloading malware on an end user’s device using the FTP protocol.

    As a result of FTP’s security risks, Mozilla has decided to end support for it.

    Removing FTP brings us closer to a fully-secure web which is on a path to becoming HTTPS only and any modern automated upgrading mechanisms such as HSTS or also Firefox’s HTTPS-Only Mode, which automatically upgrade any connection to become secure and encrypted do not apply to FTP.

    The FTP protocol itself has been disabled by default since version 88 and now the time has come to end an era and discontinue the support for this outdated and insecure protocol — Firefox 90 will no longer support the FTP protocol.

    Mozilla is to be commended for its ongoing push to protect user privacy and security, even if that means dropping venerable protocols like FTP.