An anonymous reader writes: The growing trend of closed content silos -- publishing platforms that require a login in order to view the content is a step away from a more open web. Back in December of last year, Facebook launched its own in-app browser, which is basically a web-view that loads links you tap on using the Facebook app. Although in-app browsers may be convenient for some, such features are primarily designed to keep users inside of the application for a longer duration, which translates to more advertising exposure (and, thus, more money). This kind of feature can be challenging to the goal of keeping the web open, not only because the feature overrides the end user's default mobile browser, but also because it keeps users in a closed ecosystem (versus exploring the web). Additionally, the Instant Articles feature doubles down on siloed content by working with publishers to make articles available nearly instantly within the app, loading much faster than they would through a mobile browser. This sounds good, and it is convenient. But it also sets up a path for monetizing content that would otherwise be viewable outside of the closed silo, and, because you're using the app to browse the web inside this silo, there are privacy concerns. Unlike using a browser such as Firefox or Chrome, which has a private browsing option, a user of Facebook's in-app browser does not have the same privacy control. It's no secret that Facebook has been trying to create what appears to be a closed version of the internet. The social juggernaut's Free Basics initiative, for instance, offers users with free access to select websites. Facebook gets to be the gatekeeper of the platform. This is something that didn't sit well with some privacy advocates in India, who played an instrumental role in banning Facebook's initiative in the country. Facebook is not just a social networking website where people go to talk with their friends and family, Facebook has become a mammoth platform that offers the ability to upload videos (mimic YouTube), and send money to your friends (mimic PayPal) among other things. It is almost scary to see the rate at which Facebook is expanding and trying to absorb everything that comes in its way.

An anonymous reader writes: Four major web browsers have announced support for the near-native compiling technology WebAssembly, and collaborated to bring an initial common game demo of Angry Bots, running via Unity and WebAssembly, to experimental builds of Chrome, Firefox, Microsoft Edge and, shortly, Safari. WebAssembly was launched last year in a joint project between Microsoft, Mozilla, Apple and Google as a potentially more efficient route to assembly-level performance than asm.js, which is in itself a low-level subset of JavaScript.

An anonymous reader writes: Mozilla has announced it is releasing the first alpha versions of its Servo browser this upcoming June. The project uses browser.html for the browser's UI and Rust for the browser's core. There's a similarity between how Microsoft launched Spartan (Edge) and how Mozilla is launching Servo now. While many might think Mozilla is sneakily working on a Firefox replacement, Mozilla has also invested quite a lot in Firefox these days, like WebExtensions and e10s, and it may be more plausible that Servo might slowly be integrated in Firefox to replace Gecko, rather than replace Firefox altogether, like Microsoft did with Edge to IE.

An anonymous reader writes: Firefox 45, set to be released today, will remove the Tab Groups feature, a feature that many people used, but Mozilla decided to ask due to buggy code. The good news is that a developer created a perfect replacement for this feature as an add-on. Users that use Tab Groups on a daily basis are urged to install the add-on before upgrading to Firefox 45. The add-on will take over from the browser's Tab Groups feature without any complex configuration. Users that update to Firefox 45 will have their tab groups moved to their Bookmarks as folders, which may be difficult to move back into the Tab Groups add-on later on, especially if some people have hundreds of URLs.

mikejuk writes: Mozilla has been clarifying some of its plans to convert the Firefox OS project into four IoT based projects. At a casual glance, this seems like a naive move that is doomed to failure. Project Link is a 'user agent' for the smart home, that helps the end user set preferences for device interaction, and automates those connections for the user in a secure environment. Next, Project Sensor Web will be a pilot project for crowdsourcing a pm2.5 sensor network. Project Smart Home is focused on bridging the gap in IoT smart home providers between completely boxed solutions like Apple HomeKit, and completely DIY solutions like Raspberry Pi. Finally, Project Vaani is a voice interface for IoT access, which Mozilla credits as the 'most natural way to interact with connected devices.' With Firefox losing market share and projects like Firefox OS, Thunderbird, Shumway, and Persona closing down, perhaps Mozilla should try and find its way back to core concerns. All four of the projects need significant AI expertise and a powerful cloud computing resource neither of which Mozilla is likely to be able to afford.

An anonymous reader writes: Mozilla has banned the popular (250,000+ installs) YouTube Unblock add-on that allowed users to view YouTube clips blocked in their country. The reason for this move is because the add-on was caught disabling a Firefox security setting (code signing) which the allowed it to silent-install another add-on, which Avast (antivirus software) was detecting as malware. Earlier in 2015, the same plugin was again caught cheating when it was using an self-contained update system that was bypassing Mozilla's add-on review process.

WheatGrass writes to note that the company T-Platforms has introduced the first mass production unit based upon the Russian Baikal-T1 processor, mentioned here last in 2014. The new Baikal-based workstation is called the "Meadowsweet terminal," according to T-Platform's official website; the feature list says it's running a Debian-based Linux distro. "Congratulations, Russia," Says WheatGrass. (According to Google's translation of this Russian-language story at RG.RU Digital, "[Y]ou can install many conventional applications, such as the LibreOffice office suite, Firefox web browser, and so on, the developers say," but the main use seems to be as a thin client.)

An anonymous reader writes: If an application can embed fonts with special characters, then it's probably using the Graphite font processing library. This library has several security issues which an attacker can leverage to take control of your OS via remote code execution scenarios. The simple attack would be to deliver a malicious font via a Web page's CSS. The malformed font loads in Firefox, triggers the RCE exploit, and voila, your PC has a hole inside through which malware can creep in.

darthcamaro writes: For the last decade, the Pwn2own hacking competition has pitted the world's best hackers against web browsers to try and find zero-day vulnerabilities in a live event. The contest, which is sponsored by HPE and TrendMicro this year, is offering over half a million dollars in prize money, but for the first time, not a penny of that will directed to Mozilla Firefox. While Microsoft Edge, Google Chrome and Apple Safari are targets, Firefox isn't because it's apparently too easy and not keeping up with modern security: "'We wanted to focus on the browsers that have made serious security improvements in the last year,' Brian Gorenc, manager of Vulnerability Research at HPE said."

An anonymous reader writes: There's a German security researcher that is arduously testing the installers of tens of software products to see which of them are vulnerable to basic DLL hijacking. Surprisingly, many companies are ignoring his reports. Until now, only Oracle seems to have addressed this problem in Java and VirtualBox. Here's a short (probably incomplete) list of applications that he found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple iTunes. Mr. Kanthak also seems to have paid special attention to antivirus software installers. Here are some of the security products he discovered vulnerable to DLL hijacking: ZoneAlarm, Emsisoft Anti-Malware, Trend Micro, ESET NOD32, Avira, Panda Security, McAfee Security, Microsoft Security Essentials, Bitdefender, Rapid7's ScanNowUPnP, Kaspersky, and F-Secure.

AmiMoJo writes: Four years ago Mozilla moved to a fixed-schedule release model, otherwise known as the Train Model, in which we released Firefox every six weeks to get features and updates to users faster. Now Mozilla is moving to a variable 6-8 week cycle, with the same number of releases per year but some flexibility to 'respond to emerging user and market needs' and allow time for holidays. The new release schedule looks like this:

• 2016-01-26 – Firefox 44
• 2016-03-08 – Firefox 45, ESR 45 (6 weeks cycle)
• 2016-04-19 – Firefox 46 (6 weeks cycle)
• 2016-06-07 – Firefox 47 (7 weeks cycle)
• 2016-08-02 – Firefox 48 (8 weeks cycle)
• 2016-09-13 – Firefox 49 (6 weeks cycle)
• 2016-11-08 – Firefox 50 (8 weeks cycle)
• 2016-12-13 – Firefox 50.0.1 (5 week cycle, release for critical fixes as needed)
• 2017-01-24 – Firefox 51 (6 weeks from prior release)

ewhac writes: Among its other desirable features, Firefox included a feature allowing very fine-grained cookie management. When enabled, every time a Web site asked to set a cookie, Firefox would raise a dialog containing information about the cookie requested, which you could then approve or deny. An "exception" list also allowed you to mark selected domains as "Always allow" or "Always deny", so that the dialog would not appear for frequently-visited sites. It was an excellent way to maintain close, custom control over which sites could set cookies, and which specific cookies they could set. It also helped easily identify poorly-coded sites that unnecessarily requested cookies for every single asset, or which would hit the browser with a "cookie storm" — hundreds of concurrent cookie requests.

Mozilla quietly deleted this feature from Firefox 44, with no functional equivalent put in its place. Further, users who had enabled the "Ask before accept" feature have had that preference silently changed to, "Accept normally." The proffered excuse for the removal was that the feature was unmaintained, and that its users were, "probably crashing multiple times a day as a result" (although no evidence was presented to support this assertion). Mozilla's apparent position is that users wishing fine-grained cookie control should be using a third-party add-on instead, and that an "Ask before accept" option was, "not really nice to use on today's Web."

LichtSpektren writes: Several tech sites have now broke the news that Canonical has revealed their BQ Aquaris M10 Ubuntu Tablet. Joey-Elijah Sneddon builds the hype: "A stunning 10.1-inch IPS touch display powered a full HD 1920×1200 pixel resolution at 240 ppi. Inside is a 64-bit MediaTek MT8163A 1.5GHz quad-core processor, 2GB of RAM, and 16GB of internal memory. A micro SD memory card is included, adding storage expansion of up to 64GB. Furthermore, the converged slate includes an 8-megapixel rear camera with autofocus and dual LED flash (and capable of recording in full 1080p), plus a front facing 3-megapixel camera for video chats, vlogs and selfies. Front facing Dolby Atmos speakers will provide a superior sound experience during movie playback. The M10 measure 246mm x 171mm x 8.2mm, weighs just 470 grams — lighter than the Apple iPad Air — and has a 7280 mAh battery to give up to 10 hours of use. ... Tablet mode offers a side stage for running two apps side-by-side, plus a full range of legacy desktop applications, mobile apps and scopes. LibreOffice, Mozilla Firefox, The GIMP and Gedit are among a 'curated collection of legacy apps' to ship pre-installed on the tablet. It will also be possible for developers and enthusiasts to install virtually any ARM compatible app available on Ubuntu using the familiar 'apt-get' command." A photo gallery can also be seen on his website here. The price is not yet announced, but the Android version of the same tablet is currently on sale for €229.

An anonymous reader writes: After Mozilla said in October that it would stop supporting Firefox plugins on the older NPAPI technology, Oracle had no choice now but to announce the deprecation of the Java browser plugin starting with the release of the JDK version 9, which is set for release in March 2017, and developers are urged to start using the Java Web Start pluginless technology instead. Security issues also had a big part in Java's demise.

An anonymous reader writes: Mozilla today launched Firefox 44 for Windows, Mac, Linux, and Android. Notable additions to the browser include push notifications, the removal of RC4 encryption, and new powerful developer tools. Mozilla made three promises for push notifications: "1. To prevent cross-site correlations, every website receives a different, anonymous Web Push identifier for your browser. 2. To thwart eavesdropping, payloads are encrypted to a public / private keypair held only by your browser. 3. Firefox only connects to the Push Service if you have an active Web Push subscription. This could be to a website, or to a browser feature like Firefox Hello or Firefox Sync." Here are the full changelogs: Desktop and Android.

prisoninmate writes: Canonical has been working on expanding the capabilities of Ubuntu Touch for a long time now, and it appears the company will reportedly unveil the first dedicated Ubuntu tablet device this year, during the upcoming Mobile World Congress 2016 event. Canonical has been working on implementing support for X11 apps on its Ubuntu mobile operating system, allowing users to run any graphical software that is currently in the Ubuntu repositories, such as GIMP or Firefox.

prisoninmate writes: An SBC called Chirimen was designed from the outset to use web browser technologies in various science projects by extending the I2C and GPIO WebAPIs to control devices powered by Mozilla's Firefox OS 2.0 and higher operating system. As such, Web developers can easily use browser technologies to develop awesome things. The board is developed by MozillaFactory.org in Japan.

RoccamOccam writes: Mozilla developers have discussed a plan to implement support for a subset of non-standard CSS prefixes used in WebKit. Mozilla developer Daniel Holbert says: "A good chunk of the web today (and particularly the mobile web) effectively relies on -webkit prefixed CSS properties & features. We wish we lived in a world where web content always included standards-based fallback (or at least multiple-vendor-prefixed fallback), but alas, we do not live in that world. To be successful at rendering the web as it exists, we need to add support for a list of frequently-used -webkit prefixed CSS properties & features."

An anonymous reader writes: Earlier this month, Mozilla announced that Firefox OS smartphones would no longer be sold via carriers. Because the company refused to talk about what's next for Firefox OS, aside from saying it will experiment with "connected devices," many were left simply to speculate as to what could be in the pipeline. Today, we have a leaked document, which Mozilla confirmed is legitimate. My favorite of the concepts is a Raspberry Pi-based keyboard.

An anonymous reader writes: Jonas Echterhoff from Unity has posted the latest Unity WebGL benchmark results on the Unity blog. He writes, "A bit over a year ago, we released a blog post with performance benchmarks for Unity WebGL, to compare WebGL performance in different browsers. We figured it was time to revisit those benchmarks to see how the numbers have changed. Microsoft has since released Windows 10 with their new Edge browser (which supports asm.js and is now enabling it by default) – so we were interested to see how that competes. Also, we have an experimental build of Unity using Shared Array Buffers to run multithreaded code, and we wanted to see what kind of performance gains to expect. So we tested this in a nightly build of Firefox with Shared Array Buffer support." The benchmark concludes that Firefox 42 64-bit is the fastest, Edge takes second, and Chrome and Safari share third place.