A new browser extension promises to show you which products in your Amazon search results are sold by brands that are either owned by or are exclusive to Amazon, giving you a better idea of who's selling what you're buying. The Verge reports: It's called Amazon Brand Detector, and it uses a list of Amazon brands created by The Markup, along with filters and other techniques (detailed here) to detect and highlight products that are a part of Amazon's Our Brands program. The Markup created this extension after its investigation into how Amazon ranks its in-house brands in search results and says the tool (available for Chrome-like browsers and Firefox) is designed to make searches more transparent. When we tested it, it obviously highlighted Amazon Basics and Essentials products, but it also drew attention to results that were otherwise indistinguishable from ones not affiliated with Amazon: a dog leash labeled as being made by Panykoo, socks by Teebulen, a sweater by Ofeefan.

While Amazon marked some of those results as "featured from our brands," that wasn't the case for all of them. That advisory text is also small and grey, making it easy to miss if you're casually browsing (especially since there may not be any notice of the affiliation on the actual product page), and it didn't show up on every result the tool highlighted. Amazon isn't necessarily shadowy about these brands: it has a page that lists its "private and select exclusive brands," many of which have legit-sounding names: Happy Belly, Wag, Nature's Wonder. Some are private labels owned by Amazon, where some are "curated selections" sold exclusively on Amazon but not necessarily operated by the company. According to The Markup, the extension "does not collect any data" and should be compatible with other extensions.

Mozilla announced last week via a support article that its Firefox Lockwise password manager app will reach end-of-life on December 13th. The final release versions are 1.8.1 (iOS) and 4.0.3 (Android) and will no longer be available to download or reinstall after that date. The Verge reports: What started in 2018 as a small experimental mobile app called Lockbox ended up bringing a way to access saved passwords and perform autofills on iOS, Android, and desktop devices to a small but enthusiastic following of Firefox fans. The app was also later adapted as a Firefox extension. It seemed like it was apt to stick around for the long run.

The support article recommends that users continue accessing passwords using the native Firefox browsers on desktop and mobile. In an added note on the support site, Mozilla suggests that later in December, the Firefox iOS app will gain the ability to manage Firefox passwords systemwide. The note alludes to Mozilla adopting the features of Lockwise and eventually integrating them into the Firefox browser apps natively on all platforms.

Thousands of Firefox cookie databases containing sensitive data are available on request from GitHub repositories, data potentially usable for hijacking authenticated sessions. The Register reports: These cookies.sqlite databases normally reside in the Firefox profiles folder. They're used to store cookies between browsing sessions. And they're findable by searching GitHub with specific query parameters, what's known as a search "dork." Aidan Marlin, a security engineer at London-based rail travel service Trainline, alerted The Register to the public availability of these files after reporting his findings through HackerOne and being told by a GitHub representative that "credentials exposed by our users are not in scope for our Bug Bounty program."

Marlin then asked whether he could make his findings public and was told he's free to do so. "I'm frustrated that GitHub isn't taking its users' security and privacy seriously," Marlin told The Register in an email. "The least it could do is prevent results coming up for this GitHub dork. If the individuals who uploaded these cookie databases were made aware of what they'd done, they'd s*** their pants."

Marlin acknowledges that affected GitHub users deserve some blame for failing to prevent their cookies.sqlite databases from being included when they committed code and pushed it to their public repositories. "But there are nearly 4.5k hits for this dork, so I think GitHub has a duty of care as well," he said, adding that he's alerted the UK Information Commissioner's Office because personal information is at stake. Marlin speculates that the oversight is a consequence of committing code from one's Linux home directory. "I imagine in most of the cases, the individuals aren't aware that they've uploaded their cookie databases," he explained. "A common reason users do this is for a common environment across multiple machines."

Mozilla launched Firefox Relay as a free product that gives you five email aliases you can use every time you need to sign up for a random account online. From a report: Now, the organization has introduced a paid Premium tier for the service that will give you access to even more aliases. You'll get your own subdomain (yourdomain.mozmail.com) when you subscribe, and you'll be able to create an unlimited number of emails. The tier will also give you access to a summary dashboard with the emails you make, the option to use your aliases when you reply to messages and a 150 kb attachment allowance. After you sign up for Relay, you'll have to install its Firefox extension to be able to take advantage of its features. Every time you visit a website that asks for an email address, the Relay icon will appear on your browser, and you can click it to generate a random address.The service will forward messages you get using your aliases to your primary email account, and you can block all messages from coming in or even delete the alias when it starts getting spam. Mozilla didn't say how much a Premium subscription will cost in the future, but it's offering the tier at an introductory price of $1/EUR1 per month for a limited time.

The creator of EdgeDeflector said this week that the latest Insider build of Windows 11 now blocks all default browser workarounds. If this functionality makes its way to the finished product, it will mark a new, dark chapter for Microsoft, which told the media at the Windows 11 launch that it was aware that it had made changing app defaults pointlessly difficult, but that it had not done so maliciously and would fix it. This is the opposite of that claim. From a report: "Something changed between Windows 11 builds 22483 and 22494 (both Windows Insider Preview builds)," EdgeDeflector creator Daniel Aleksandersen writes in a new blog entry. "The build changelog ... omitted the headline news: you can no longer bypass Microsoft Edge using apps like EdgeDeflector."

Microsoft not communicating effectively? I find that hard to believe. Cough. But Microsoft moving to make Windows 11 behave even more maliciously towards its users and browser rivals? That I have a hard time with. Basically, EdgeDeflector, as well as third-party browsers like Mozilla Firefox and Brave, intercept OS-level URL requests that force you to use Microsoft Edge even when you have gone through the incredibly ponderous steps to make a non-Edge browser the default in Windows 11. But in the latest Insider Preview build, Microsoft is changing how these URL requests work. And it's no longer possible to intercept URL requests that force users to use Edge instead of their default browser. (In the Insider builds. This functionality will come to mainstream users in the coming months unless we can change Microsoft's collective mind.)

In case you missed it, Google officially ended support for its Bookmarks service on September 30, 2021. But fear not, you can still export your bookmarks if you haven't already. Long-time Slashdot reader GPS Pilot writes: Google has dropped support for yet another one of its services. If you're like me, you don't visit Google Bookmarks very often, so you're not aware that Google dropped support on September 30th, 2021. The service still had its uses -- like being able to access a collection of bookmarks across different browsers, or when you're using a strange computer. You can still export your Google bookmarks to alternative services that are "arguably better." Some Google Bookmarks alternatives include Saved, Raindrop, Pinboard, and Mozilla Pocket. Which bookmark manager is your favorite?

Scott Gilbertson, writing for The Register: The legacy of Internet Explorer 6 haunts web developer nightmares to this day. Microsoft's browser of yore made their lives miserable and it's only slightly hyperbolic to say it very nearly destroyed the entire internet. It really was that bad, kids. It made us walk to school in the snow. Uphill. Both ways. You wouldn't understand. Or maybe you would. Today developers who want to use "cutting-edge" web APIs find themselves resorting to the same kind of browser-specific workarounds, but this time the browser dragging things down comes from Apple. Apple's Safari lags considerably behind its peers in supporting web features. Whether it's far enough behind to be considered "the new IE" is debatable and may say more about the shadow IE still casts across the web than it does about Safari. But Safari -- or more specifically the WebKit engine that powers it -- is well behind the competition. According to the Web Platform Tests dashboard, Chrome-based browsers support 94 per cent of the test suite, and Firefox pulls off 91 per cent, but Safari only manages 71 per cent.

On the desktop this doesn't matter all that much because users can always switch to Google Chrome (or even better, Vivaldi). On iOS devices, however, that's not possible. According to Apple's App Store rules: "apps that browse the web must use the appropriate WebKit framework and WebKit Javascript." Every iPhone user is a Safari/WebKit user whether they use Safari or Chrome. Apple has a browser monopoly on iOS, which is something Microsoft was never able to achieve with IE. In Windows you could at least install Firefox. If you do that on iOS it might say Firefox, but you're still using WebKit. The reality is if you have an iOS device, you use Safari and are bound by its limitations. Another thing web developers find distressing is Apple's slow development cycle. Apple updates Safari roughly every six months at best. Blink-based browsers update every six weeks (soon every four), Firefox releases every four weeks, and Brave releases every three. This means that not only is Apple slow to add new features, but its development cycle means that even simple bug fixes have to wait a long time before they actually land on users' devices. Safari workarounds are not quick fixes. If your website is affected by a Safari bug, you can expect to wait up to a year before the problem is solved. One theme that emerges when you dig into the Web Platform Tests data on Safari's shortcomings is that even where WebKit has implemented a feature, it's often not complete.

Andrew Cunningham writes via Ars Technica: It has been well over a decade since PowerPC Macs roamed the earth -- so long that the Intel Macs that replaced them are themselves being replaced by something else. But to this day, there's a small community of people still developing software for PowerPC Macs and Mac OS 9. One of those projects was TenFourFox, a fork of the Firefox browser for G3, G4, and G5-based PowerPC Macs running Mac OS X 10.4 or 10.5. Maintained primarily by Cameron Kaiser, the TenFourFox project sprang up in late 2010 after Mozilla pulled PowerPC support from Firefox 4 during its development. And amazingly, the browser has continued to trundle on ever since.

But continuing to backport Firefox features to aging, stuck-in-time PowerPC processors only got more difficult as time went on. And in March of this year, Kaiser announced that TenFourFox updates would be ending after over a decade of development. The final planned release of TenFourFox was earlier this month. Kaiser's full post is long, but it's worth a read for vintage-computer enthusiasts or anyone who works on software -- Kaiser expresses frustration with the realities of developing and supporting a niche app, but he also highlights TenFourFox's impressive technical achievements and ruminates on the nature of the modern Internet and open source software development [...].

Kaiser doesn't intend to fully halt work on the browser, but he is downshifting it into what he calls "hobby mode." He will continue to backport security patches from newer ESR releases of Firefox and post them to the TenFourFox Github page, but anyone who wants to use these will need to build the app themselves. Kaiser also won't commit to providing support for these additions or providing them on any kind of schedule. Other developers are also welcome to continue to release TenFourFox builds on their own.

Following a brief beta-testing period, Ubuntu 21.10 has finally become available to download in the "final" stable form. BetaNews: Code-named "Impish Indri," this version of Ubuntu is not a Long Term Support (LTS) version, so it is only supported for nine months. Ubuntu 21.10 features Linux kernel 5.13 and a Snap variant of the Mozilla Firefox browser. "Ubuntu 21.10 brings the all-new PHP 8 and GCC 11 including full support for static analysis, greatly improving everyday developer security awareness in low-level programming. With Gnome 40 desktop users gain dynamic workspaces and touchpad gestures. The new Firefox snap, published by Mozilla, improves security and guarantees access to both the latest and the extended support release versions of the browser. The exact same versions of the browser are available on multiple different versions of Ubuntu, simplifying enterprise developer platform management," says Canonical.

The best part of Windows 11 is Linux, argues Ars Technica: For years now, Windows 10's Windows Subsystem for Linux has been making life easier for developers, sysadmins, and hobbyists who have one foot in the Windows world and one foot in the Linux world. But WSL, handy as it is, has been hobbled by several things it could not do. Installing WSL has never been as easy as it should be — and getting graphical apps to work has historically been possible but also a pain in the butt that required some fairly obscure third-party software. Windows 11 finally fixes both of those problems. The Windows Subsystem for Linux isn't perfect on Windows 11, but it's a huge improvement over what came before.

Microsoft has traditionally made installing WSL more of a hassle than it should be, but the company finally got the process right in Windows 10 build 2004. Just open an elevated Command prompt (start --> type cmd --> click Run as Administrator), type wsl --install at the prompt, and you're good to go. Windows 11, thankfully, carries this process forward unchanged. A simple wsl --install with no further arguments gets you Hyper-V and the other underpinnings of WSL, along with the current version of Ubuntu. If you aren't an Ubuntu fan, you can see what other easily installable distributions are available with the command wsl --list --online. If you decide you'd prefer a different distro, you can install it instead with — for example — wsl --install -d openSUSE-42. If you're not sure which distribution you prefer, don't fret. You can install as many as you like, simply by repeating wsl --list --online to enumerate your options and wsl --install -d distroname to install whichever you like. Installing a second distribution doesn't uninstall the first; it creates a separate environment, independent of any others. You can run as many of these installed environments as you like simultaneously, without fear of one messing up another.

In addition to easy installation, WSL on Windows 11 brings support for both graphics and audio in WSL apps. This isn't exactly a first — Microsoft debuted WSLg in April, with Windows 10 Insider Build 21364. But Windows 11 is the first production Windows build with WSLg support. If this is your first time hearing of WSLg, the short version is simple: you can install GUI apps — for example, Firefox — from your Ubuntu (or other distro) command line, and they'll work as expected, including sound. When I installed WSLg on Windows 11 on the Framework laptop, running firefox from the Ubuntu terminal popped up the iconic browser automatically. Heading to YouTube in it worked perfectly, too, with neither frame drops in the video nor glitches in the audio....

[T]here is one obvious "killer app" for WSLg that has us excited — and that's virt-manager, the RedHat-originated virtualization management tool. virt-manager is a simple tool that streamlines the creation, management, and operation of virtual machines using the Linux Kernel Virtual Machine... virt-manager never got a Windows port and seems unlikely to. But it runs under WSLg like a champ.
They reported a few problems, like when running GNOME's Software Center app (and the GNOME shell desktop environment).

But "If you're already a Windows Subsystem for Linux (WSL) user, Windows 11 offers an enormously improved experience compared to what you're accustomed to from Windows 10. It installs more easily, makes more functionality available, and offers better desktop integration than older workarounds such as running MobaXTerm's X11 server."

An anonymous reader quotes a report from How-To Geek: Firefox now sends more data than you might think to Mozilla. To power Firefox Suggest, Firefox sends the keystrokes you type into your address bar, your location information, and more to Mozilla's servers. Here's exactly what Firefox is sharing and how to control it. This change was made as part of the introduction of Firefox Suggest in Firefox 93, released on October 5, 2021. As part of Firefox Suggest, Firefox is getting ads in your search bar -- but that's not the only thing that will be news to longtime Firefox users. According to Mozilla, "Firefox Suggest acts as a trustworthy guide to the better web, surfacing relevant information and sites to help people accomplish their goals." In reality, what that means is, when you start typing in your address bar, you won't just see the standard search suggestions from Google or your current search default engine. You'll also see "Firefox Suggest" results pointing to web pages. Some of them are sponsored ads, but you can disable the ads.

Firefox Suggest is on by default. Mozilla's blog post on the subject says Firefox Suggest is an "opt-in experience," which was the case in September 2021 -- but it's now enabled by default in Firefox 93. However, as of Firefox 93's release in October 2021, Firefox Suggest is only enabled in the USA -- for now. It's worth noting that, for many years, Firefox and other web browsers have had search suggestions in their address bar. So, when you start typing "win" in your address bar, you may see suggestions for "Windows 11" and "Window repair." This is accomplished by sending keystrokes to your default search engine as you type in the search bar, as Mozilla's support site explains. Mozilla is also providing contextual suggestions, for which it needs more data, including the city you're located in and whether you're clicking its suggestions.

You can disable Firefox's suggested results, if you like. This will stop Mozilla from collecting the data you type in your search bar, and it will also disable the suggested results and ads. To do so, open Firefox and click menu [and then] Settings. Select "Privacy [and] Security" in the left pane, and scroll down to "Address Bar -- Firefox Suggest." Disable "Contextual suggestions" and "Include occasional sponsored suggestions" to stop Firefox from sending data to Mozilla.

waspleg writes: Mozilla is now showing ads in the form of sponsored Firefox contextual suggestions when U.S. users type in the URL address bar. Mozilla says the feature was introduced with Firefox 92 in September to fund development and optimization. Mozilla describes Firefox Suggest contextual suggestions as opt-in, in BleepingComputer's tests and from what users have reported, the feature is on by default.

Furthermore, Firefox doesn't tag the ads displayed via Firefox Suggest. There is no clear way to identify what a sponsored suggestion and what a regular unsponsored suggestion should look like.

The only way Firefox users will know whether a sponsored suggestion is an ad would be by looking at the URL, but, in many cases, the URL is not clearly visible.

When Facebook went down yesterday for nearly six hours, so did Oculus' services. Since Facebook owns VR headset maker Oculus, and controversially requires Oculus Quest users to log in with a Facebook account, many Quest owners reported not being able to load their Oculus libraries. "[A]nd those who just took a Quest 2 out of the box have reported that they're unable to complete the initial setup," adds PCGamer. As VRFocus points out, "the issue has raised another important question relating to Oculus' services being so closely linked with a Facebook account, your Oculus Quest/Quest 2 is essentially bricked until services resume." From the report: This vividly highlights the problem with having to connect to Facebook's services to gain access to apps -- the WiFi connection was fine. Even all the ones downloaded and taking up actual storage space didn't show up. It's why some VR fans began boycotting the company when it made all mandatory that all Oculus Quest 2's had to be affiliated with a Facebook account. If you want to unlink your Facebook account from Oculus Quest and don't want to pay extra for that ability, you're in luck thanks to a sideloadable tool called "Oculess." From an UploadVR article published earlier today: You still need a Facebook account to set up the device in the first place and you need to give Facebook a phone number or card details to sideload, but after that you could use Oculess to forgo Facebook entirely -- just remember to never factory reset. The catch is you'll lose access to Oculus Store apps because the entitlement check used upon launching them will no longer function. System apps like Oculus TV and Browser will also no longer launch, and casting won't work. You can still sideload hundreds of apps from SideQuest though, and if you want to keep browsing the web in VR you can sideload Firefox Reality. You can still use Oculus Link to play PC VR content, but only if you stay signed into Facebook on the Oculus PC app. Virtual Desktop won't work because it's a store app, but you can sideload free alternatives such as ALVR.

To use Oculess, just download it from GitHub and sideload it using SideQuest or Oculus Developer Hub, then launch it from inside VR. If your Quest isn't already in developer mode or you don't know how to sideload you can follow our guide here.

The Record reports: The Electronic Frontier Foundation said it is preparing to retire the famous HTTPS Everywhere browser extension after HTTPS adoption has picked up and after several web browsers have introduced HTTPS-only modes." "After the end of this year, the extension will be in 'maintenance mode' for 2022," said Alexis Hancock, Director of Engineering at the EFF. Maintenance mode means the extension will receive minor bug fixes next year but no new features or further development.

No official end-of-life date has been decided, a date after which no updates will be provided for the extension whatsoever.

Launched in June 2010, the HTTPS Everywhere browser extension is one of the most successful browser extensions ever released. The extension worked by automatically switching web connections from HTTP to HTTPS if websites had an HTTPS option available. At the time it was released, it helped upgrade site connections to HTTPS when users clicked on HTTP links or typed domains in their browser without specifying the "https://" prefix. The extension reached cult status among privacy advocates and was integrated into the Tor Browser and, after that, in many other privacy-conscious browsers. But since 2010, HTTPS is not a fringe technology anymore. Currently, around 86.6% of all internet sites support HTTPS connections. Browser makers such as Chrome and Mozilla previously reported that HTTPS traffic usually accounts for 90% to 95% of their daily connections.
From EFF's announcement: The goal of HTTPS Everywhere was always to become redundant. That would mean we'd achieved our larger goal: a world where HTTPS is so broadly available and accessible that users no longer need an extra browser extension to get it. Now that world is closer than ever, with mainstream browsers offering native support for an HTTPS-only mode.

With these simple settings available, EFF is preparing to deprecate the HTTPS Everywhere web extension as we look to new frontiers of secure protocols like SSL/TLS... We know many different kinds of users have this tool installed, and want to give our partners and users the needed time to transition.
The announcement also promises to inform users of browser-native HTTPS-only options before the day when the extension reaches its final sunsetting — and ends with instructions for how to activate the native HTTPS-only features in Firefox, Chrome, Edge, and Safari, "and celebrate with us that HTTPS is truly everywhere for users."

An anonymous reader quotes the Record: An Irish man who ran a cheap dark web hosting service has been sentenced today to 27 years in prison for turning a blind eye to customers hosting child sex abuse material. Eric Eoin Marques, 36, from Dublin, operated the Freedom Hosting service between July 2008 and July 2013, when he was arrested following an FBI investigation.

"The investigation revealed that the hosting service contained over 200 child exploitation websites that housed millions of images of child exploitation material," the US Department of Justice said today, announcing Marques' sentencing. "Over 1.97 million of these images and/or videos were not previously known by law enforcement," officials said.
Flashback to 2013: [T]he FBI yesterday acknowledged that it secretly took control of Freedom Hosting last July, days before the servers of the largest provider of ultra-anonymous hosting were found to be serving custom malware designed to identify visitors. Freedom Hosting's operator, Eric Eoin Marques, had rented the servers from an unnamed commercial hosting provider in France, and paid for them from a bank account in Las Vegas.

It's not clear how the FBI took over the servers in late July, but the bureau was temporarily thwarted when Marques somehow regained access and changed the passwords, briefly locking out the FBI until it gained back control. The new details emerged in local press reports from a Thursday bail hearing in Dublin, Ireland, where Marques, 28, is fighting extradition to America on charges that Freedom Hosting facilitated child pornography on a massive scale...

Security researchers dissected the code and found it exploited a security hole in Firefox to identify users of the Tor Browser Bundle, reporting back to a mysterious server in Northern Virginia. The FBI was the obvious suspect, but declined to comment on the incident. The FBI also didn't respond to inquiries from WIRED today. But FBI Supervisory Special Agent Brooke Donahue was more forthcoming when he appeared in the Irish court yesterday to bolster the case for keeping Marque behind bars."

"Mozilla is running an experiment on 1% of the Firefox desktop population currently, which sets the default search engine to Bing in the web browser," reports Ghacks: [I]n most regions, it is Google Search. Mozilla and Google extended the search deal in 2020 for another three years. Google is paying Mozilla "between $400 and $450 million per year" so that its search engine is the default in Firefox in most regions. Google has been Firefox's default search engine since 2017, when Mozilla ended its search deal with Yahoo early.

Firefox users may change the default search engine to one of the other engines that are included by default, or an engine that is not included but can be added...

The study started on September 6 and it will run until early 2022, likely January 2022. About 1% of Firefox desktop users may notice that the default search engine is changed when the installation of Firefox is picked for the experiment.

Tip: load about:studies in the Firefox address bar to list the studies that the browser us currently taking part in and has completed already. Firefox users who don't want to participate in studies can disable the preference "Allow Firefox to install and run studies" on about:preferences#privacy.

Mozilla has quietly made it easier to switch to Firefox on Windows recently. From a reporrt: While Microsoft offers a method to switch default browsers on Windows 10, it's more cumbersome than the simple one-click process to switch to Edge. This one-click process isn't officially available for anyone other than Microsoft, and Mozilla appears to have grown tired of the situation. In version 91 of Firefox, released on August 10th, Mozilla has reverse engineered the way Microsoft sets Edge as default in Windows 10, and enabled Firefox to quickly make itself the default. Before this change, Firefox users would be sent to the Settings part of Windows 10 to then have to select Firefox as a default browser and ignore Microsoft's plea to keep Edge. Mozilla's reverse engineering means you can now set Firefox as the default from within the browser, and it does all the work in the background with no additional prompts. This circumvents Microsoft's anti-hijacking protections that the company built into Windows 10 to ensure malware couldn't hijack default apps. Microsoft tells us this is not supported in Windows.

This weekend finds some long-time Slashdot readers debating why research shows Firefox losing market share. Long-time Slashdot reader chiguy shares one theory: "Firefox keeps losing users, according to this rant, because it arrogantly refuses to listen to its users."

Slashdot reader BAReFO0t countered that that can't be the reason, "because Google does that too." (They blame Chrome's "feature" addition treadmill, where "they keep adding stupid kitchen sinks for the sole and only purpose to make others unable to keep up.")

Long-time Slashdot reader Z00L00K thinks that "All those totally unnecessary UI changes are what REALLY annoys users. Not only the immediately visible things in the header but also the renaming of items in the menus just bugs people." But long-time Slashdot reader AmiMoJo argues that "the most popular browser, Chrome, has all those things. In fact all the browsers that are more popular than Firefox do, so the idea that those are unpopular and driving people away doesn't really hold up... Firefox's decline is mostly due to Chrome just being really good, and [Firefox] not having a decent mobile version."

I'm still a loyal Firefox user. (Although the thing that annoyed me was when Firefox suddenly changed the keyboard shortcut for copying a link from CNTRL-A to CNTRL-L.) The "rant" at ItsFoss argues that Firefox's original sin was in 2009 when it decided to move tabs to the top of the browser, and when favorite features could no longer be re-enabled in Firefox's about:config file. But that's what I like about Firefox -- at it's best, it's ultimately customizable, with any feature you want easily enabled in what's essentially an incredibly detailed "preferences" menu. Maybe other browsers are just better at attracting new users through purely mechanical advantages like default placement on popular systems?

Long-time Slashdot reader zenlessyank is also a long-time Firefox user -- "Been using it since Netscape" -- and countered all the doubters with a comment headlined "Firefox rocks!"

"Doesn't matter to me how many other users there are or aren't I will still use it as long as it stays updated."

But what are your thoughts? Feel free to share your own opinions and experiences with Firefox in the comments.

"Recently, browsing leader Mozilla shared the result of an independent security audit on its VPN service," reports Fossbytes.

"Upon inspection, a few vulnerabilities were discovered in the VPN, one of which was reportedly a major risk." In a blog post, Mozilla shared that Cure53, a Berlin-based cybersecurity firm, had identified and fixed the security vulnerabilities in its VPN... The most severe issue, labeled "FVP-02-014," made the user vulnerable to cross-site WebSocket hijacking. Moreover, the medium-risk vulnerabilities revolved around "VPN leak via captive portal detection" and "Auth code leak" by injecting the port. However, these sophisticated terms shouldn't worry you anymore as Cure53 has already addressed these weaknesses. There has also been no mention of any Mozilla VPN users falling victim to these either.

The Firefox developer's public post that outlines the security flaws detected by the German firm provides users an insight into the potential risks of using a VPN. Moreover, these audits also help Mozilla iron out any issues that its one-year-old VPN service might have.

Mozilla developers are putting the finishing touches on a new feature that will block insecure file downloads in Firefox. From a report: Called mixed content downloaded blocking, the feature works by blocking files downloads initiated from an encrypted HTTPS page but which actually take place via an unencrypted HTTP channel. The idea behind this feature is to prevent Firefox users from getting misled by the URL bar and think they're downloading a file securely via HTTPS when, in reality, the file could be tampered with by third parties while in transit.