An anonymous reader quotes a report from VentureBeat: Mozilla today launched Firefox 47 for Windows, Mac, Linux, and Android. The browser has gained a sidebar for synced tabs from other devices, improvements to YouTube playback and HTML5 support, and is seeing the end of support for Android Gingerbread. [If you're logged in with your Firefox Account, the sidebar will show all your open tabs from your smartphone and other computers. The sidebar even lets you search for specific tabs. Next, Firefox 47 supports the open source VP9 video codec on machines with powerful multiprocessors. VP9 is the successor to VP8, both of which fall under Google's WebM project of freeing web codecs from royalty constraints.] Firefox 47 is available for download on Firefox.com, and will be slowly released on Google Play. You can view the full Firefox 47 changelog here. If you're a developer, Firefox 47 for developers offers more details for you.

An anonymous reader writes from a report via Ars Technica: For the first time, Firefox has pulled ahead of Microsoft's Internet Explorer and Edge browsers. Mozilla's Firefox grabbed 15.6 percent of worldwide desktop browser usage in April, according to the latest numbers from Web analytics outfit StatCounter. Google Chrome continues to dominate two thirds of the market. StatCounter, which analyzed data from three million websites, found that Firefox's worldwide desktop browser usage last month was 0.1 percent ahead of the combined share of Internet Explorer and Edge at 15.5 percent. Firefox has reportedly been losing market share over the last three months, but Microsoft's Edge and Internet Explorer browsers appear to be declining faster. Last week, Mozilla launched Test Pilot, a program for trying out experimental Firefox features. They've also been fighting the FBI in court for details about a vulnerability in the Tor Browser hack, which may affect the company since the Tor browser is partially based on the Firefox browser code.

An anonymous reader writes from a report on Help Net Security: Mozilla has asked a Washington State District Court to compel FBI investigators to provide details about a vulnerability in the Tor Browser hack with them, before they share it with the defendant in a lawsuit, so that they could fix it before the knowledge becomes public. The lawsuit in question is against Jay Michaud, a Vancouver (Wa.) teacher that stands accused of accessing and downloading child pornography from a website on the Dark Web. The FBI used a "network investigative technique" (NIT) to discover the IP address and identity of the defendant, which was only possible from a vulnerability in the Tor Browser. Why does Mozilla care to learn about the vulnerability? "The Tor Browser is partially based on our Firefox browser code. Some have speculated, including members of the defense team, that the vulnerability might exist in the portion of the Firefox browser code relied on by the Tor Browser," Denelle Dixon-Thayer, Chief Legal and Business Officer at Mozilla Corporation, explained.

An anonymous reader writes: Mozilla today launched Test Pilot, a program for trying out experimental Firefox features. To try the new functionality Mozilla is offering for its browser, you have to download a Firefox add-on from testpilot.firefox.com and enable an experiment. The main caveat is that experiments are currently only available in English (though Mozilla promises to add more languages "later this year"). Test Pilot was first introduced for Firefox 3.5, but the new program has been revamped since then, featuring three main components: Activity Stream, Tab Center and Universal Search. Activity Stream is designed to help you navigate your browsing history faster, surfacing your top sites along with highlights from your browsing history and bookmarks. Tab Center displays open tabs vertically along the side of your screen. Mozilla says Universal Search "combines the Awesome Bar history with the Firefox Search drop down menu to give you the best recommendations so you can spend less time sifting through search results and more time enjoying the web."

An anonymous reader writes: Google Chrome, Firefox and Safari are actively blocking direct access to The Pirate Bay. Kickass Torrents suffered such a similar incident last month, because of the intermediary confirmation screen that appeared every time users navigated away from the site.

The reason why these three browsers block access to The Pirate Bay is unknown, but it could be related to a malvertising campaign that has plagued the site for more than two weeks. Two weeks ago, the malvertising campaign intensified right when season six of Game of Thrones premiered.
Meanwhile, HBO is contacting sites asking them to remove Game of Thrones torrents, and sending thousands of copyright infringement warnings to ISPs, urging them to remind pirates that they can stream HBO content legally after purchasing a subscription to HBO.

Joseph Cox, reporting for Motherboard: Earlier this week, it emerged that a section of Government Communications Headquarters (GCHQ), the UK's signal intelligence agency, had disclosed a serious vulnerability in Firefox to Mozilla. Now, GCHQ has said it helped fix nearly two dozen individual vulnerabilities in the past few months, including in highly popular pieces of software like iOS. "So far in 2016 GCHQ/CESG has disclosed more than 20 vulnerabilities across a number of software products," a GCHQ spokesperson told Motherboard in an email. CESG, or the National Technical Authority for Information Assurance, is the information security wing of GCHQ. Those issues include a kernel vulnerability in OS X El Captain v10.11.4, the latest version, that would allow arbitrary code execution, and two in iOS 9.3, one of which would have done largely the same thing, and the other could have let an application launch a denial of service attack.

An anonymous reader quotes a report from VentureBeat: Microsoft has announced a big change for how the Cortana search box in Windows 10 will work going forward: all searches will be powered by Bing and all links will open with the Edge browser. This is a server-side change going into effect today. Once it takes effect on your Windows 10 computer, Cortana will no longer be able to serve up results from third-party search providers, like Google or Yahoo, nor take you to a third-party browser, such as Google Chrome or Mozilla Firefox. Ryan Gavin, Microsoft's general manager of search and Cortana, said in a Windows blog post announcing the change, "Unfortunately, as Windows 10 has grown in adoption and usage, we have seen some software programs circumvent the design of Windows 10 and redirect you to search providers that were not designed to work with Cortana. The result is a compromised experience that is less reliable and predictable. The continuity of these types of task completion scenarios is disrupted if Cortana can't depend on Bing as the search provider and Microsoft Edge as the browser. The only way we can confidently deliver this personalized, end-to-end search experience is through the integration of Cortana, Microsoft Edge and Bing -- all designed to do more for you."

Reader chefmonkey writes: In a report commissioned by Mozilla to explore the next home for Thunderbird, two potential new hosts have been offered: the Software Freedom Conservancy (host to git, boost, QEMU, and a host of other projects) and The Document Foundation (home of LibreOffice). At the same time, the report discusses completely uncoupling Thunderbird from the rest of the Mozilla codebase and bringing in a dedicated technical architect to chart the software's roadmap.

Given that the two named organizations are already on board with taking Thunderbird under their wing, is this a new lease on life for the email program Mozilla put out to pasture four years ago?In December last year, Mozilla Foundation chairperson Mitchell Baker had argued that the organization should disentangle itself from the Thunderbird email client in order to focus on Firefox. It appears the Firefox-maker is all set to part ways with Thunderbird.

prisoninmate quotes a report from Softpedia: According to Matthew Garrett, a renowned CoreOS security developer, and Linux kernel contributor, Canonical's new snap package format is not secure at all when it is used under X.Org Server (X Window System), which, for now, it is still the default display server of the Ubuntu 16.04 LTS (Xenial Xerus) operating system. The fact of the matter is that X11's old design is well-known for being insecure, and Matthew Garrett took the time to demonstrate this by writing a simple snap package that can steal data from any other X11 software, in this case anything you type on the Mozilla Firefox web browser. As more developers will provide snaps for their apps, Canonical needs to do something about the security of snaps in Ubuntu when using X11 or switch to the Mir display server. In the meantime, the security of snaps remains unaffected for the Ubuntu Server operating system, which is usually used without a display server. Canonical has officially released Ubuntu 16.04 LTS, which is now available to download for those interested.

Reader prisoninmate writes: The latest, and hopefully, the greatest version of Ubuntu is now available to download. On the sidelines, Mozilla today announced the availability of future releases of its popular Firefox web browser in the snap package format for Ubuntu 16.04 LTS. Earlier today, Canonical unleashed the final release of the highly anticipated Ubuntu 16.04 LTS (Xenial Xerus) operating system, bringing users a great set of new features and improvements. Also today, it looks like Canonical has renewed its partnership with Mozilla to offer Firefox as the default web browser on Ubuntu 16.04 LTS and upcoming releases of the Linux kernel-based operating systems. As part of the new partnership, Mozilla is committed to distributing future versions of Firefox as a snap package. Having Firefox distributed in the snap format means that you'll have 0-day releases in Ubuntu 16.04. Yes, just like Windows and Mac OS X, users are enjoying their 0-day releases of Mozilla Firefox and don't have to wait for package maintainers of a particular GNU/Linux distribution to update the software in the main repositories. For Mozilla, having Firefox as a snap package means that they'll be able to continually optimize it for Ubuntu.

An anonymous reader cites an article on Motherboard: For the first time, a judge has thrown out evidence obtained via a piece of FBI malware. The move comes from a cased affected by the FBI's seizure of a dark web child pornography site in February 2015, and the subsequent deployment of a network investigative technique (NIT) -- the agency's term for a hacking tool -- in order to identify the site's visitors. "Based on the foregoing analysis, the Court concludes that the NIT warrant was issued without jurisdiction and thus was void ab initio," Judge William G. Young of the District of Massachusetts writes in an order. "It follows that the resulting search was conducted as though there were no warrant at all. Since warrantless searches are presumptively unreasonable, and the good-faith exception is inapplicable, the evidence must be excluded," it continues. Young's order came in response to a motion to suppress from the lawyers of Alex Levin, who was arrested as part of the investigation into the child pornography site Playpen. After seizing the site, the FBI ran Playpen from a government facility from February 20 to March 4, 2015, and used a NIT to obtain over a thousand IP addresses for US-based users of the site, and at least 3000 for users abroad, according to Motherboard's investigations.

On Thursday, Opera announced that it is adding a free built-in virtual private network (VPN) client to its desktop browser. The feature, which isn't available on other popular Web browsers, will allow users to hide their IP address, unblock firewalls and access region-locked content. It will also help users protect their personal information on public Wi-Fi networks as it offers 256-bit encryption. "Everyone deserves to be private online if they want to be," Krystian Kolondra, SVP at Opera told Slashdot in a statement. "By adding a free, unlimited VPN directly into the browser, no additional download or extensions from an unknown third-party provider are necessary."

The move comes a year after Opera acquired North American VPN company SurfEasy. Unlike Chrome and Firefox, which require you to use an additional third-party tool (such as an extension), Opera's VPN offering is baked in the browser. What's more, it is free and offers unlimited usage. The feature is available on Opera's Mac, Windows, and Linux clients.

An anonymous reader writes: Vice reported at the end of March that the FBI and the U.S. Department of Justice are fighting tooth and nail to keep a Tor Browser exploit hidden from the public eye. Computer experts were quick to point out that this Tor Browser exploit, technically speaking, is a Firefox exploit, since Tor's browser is based on Firefox's ESR platform. Taking into account that Firefox follows open-source philosophy and reveals all security flaws reported, the effort which the FBI puts into restricting access to its exploit leads to only one conclusion, and that is that the FBI is hoarding a Firefox zero-day, currently unpatched in the browser's core -- something it hopes to use once again.

An anonymous reader writes: Mozilla seems to think a new future for Firefox [lies in Chrome]. While they claim that it is only about new ways of browser design, it is also an open secret that they are running into more and more problems lately with web compatibility. [Senior VP Mark Mayo caused a storm by revealing that the Firefox team is working on a next-generation browser that will run on the same technology as Google's Chrome browser. The project, named Tofino, will not use Firefox's core technology, Gecko, but will instead plumb for Electron, which is built on the technology behind Google's rival Chrome browser, called Chromium.] The benefit of Chromium/Electron would be that it is a solution they could pull much faster forward than their own Servo plans [Servo being Mozilla's Rust-based web engine]. What the real outcome of all this will be, only Mozilla knows so far. But inside Mozilla there is much resistance against such plans... Interesting times are ahead.

An anonymous reader writes: Security researchers claim that NoScript and other popular Firefox add-on extensions are exposing millions of end users to a new type of vulnerability which, if exploited, can allow an attacker to execute malicious code and steal sensitive data. The vulnerability resides in the way Firefox extensions interact with each other. From a report on SlashGear, "The problem is that these extensions do not run sandboxed and are able to actually access data or functions from other extensions that are also enabled. This could mean, for example, that a malware masquerading as an add-on can access the functionality of one add-on to get access to system files or the ability of another add-on to redirect users to a certain web page, usually a phishing scam page. In the eyes of Mozilla's automated security checks, the devious add-on is blameless as it does nothing out of the ordinary." Firefox's VP of Product acknowledged the existence of the aforementioned vulnerability. "Because risks such as this one exist, we are evolving both our core product and our extensions platform to build in greater security. The new set of browser extension APIs that make up WebExtensions, which are available in Firefox today, are inherently more secure than traditional add-ons, and are not vulnerable to the particular attack outlined in the presentation at Black Hat Asia. As part of our electrolysis initiative -- our project to introduce multi-process architecture to Firefox later this year -- we will start to sandbox Firefox extensions so that they cannot share code."

An anonymous reader quotes a report from VentureBeat: On top of the slew of news coming out of Microsoft's Build 2016 developer conference, a story broke yesterday that Microsoft was building an ad blocker into its Microsoft Edge browser. While this would be a big deal, it apparently isn't true. "We have no plans to build a native ad blocker into Microsoft Edge," a Microsoft spokesperson told VentureBeat. Microsoft was originally referencing the extension support it is building into Edge, which would allow ad blocking to work exactly like any other desktop browser. For those hoping for an Edge browser with built-in ad blocking, well, you're stuck with 'niche browsers' like Brave from Mozilla cofounder Brendan Eich and Adblock Browser.

Reader itwbennett writes: A Trojan program, dubbed USB Thief by researchers at security firm ESET, infects USB drives that contain portable installations of popular applications such as Firefox, NotePad++, or TrueCrypt, and it also seems to be designed to steal information from so-called air-gapped computers. "In the case we analyzed, it was configured to steal all data files such as images or documents, the whole windows registry tree (HKCU), file lists from all of the drives, and information gathered using an imported open-source application called 'WinAudit'," the ESET researchers said. The stolen data was saved back to the USB drive and was encrypted using elliptic curve cryptography. Once the USB drive was removed, there was no evidence left on the computer, the ESET researchers added.

itwbennett writes: The Tor Project, which provides more anonymous browsing across the Internet using a customized Firefox Web browser. is fortifying its software so that it can quickly detect if its network is tampered with. To address worries that Tor could either be technically subverted or subject to court orders, Tor developers are now designing the system in such a way that many people can verify if code has been changed and 'eliminate single points of failure,' wrote Mike Perry, lead developer of the Tor Browser, on Monday. 'Even if a government or a criminal obtains our cryptographic keys, our distributed network and its users would be able to detect this fact and report it to us as a security issue,' said Perry.

prisoninmate writes: What's ubuntuBSD? Well, it's not that hard to figure out yourself, but just in case you're not sure, we can tell you that ubuntuBSD promises to bring the power of the FreeBSD kernel to Ubuntu Linux. The best part of using the FreeBSD kernel is that you'll end up using the famous Z File System, or ZFS. Xfce is also included along with the popular Firefox, LibreOffice, and Ubuntu Software Center apps. ubuntuBSD is inspired by the Debian GNU/kFreeBSD project, it is hosted on SourceForge, and has been created by Jon Boden.

An anonymous reader writes: The developers of the Palo Moon browser are thinking of scratching their current codebase due to the fact that it doesn't support many of today's current Web standards, and because future Firefox plans will introduce incompatibilities within its codebase. The team plans to build a new browser from scratch, which they'll use to replace Pale Moon when it reaches a stable version. As with the old Pale Moon, the browser will keep Firefox's pre-Australis interface and still support many features removed in Firefox, like Tab Groups and full themes.