couchslug writes: Mozilla's Firefox once commanded a large chunk of the browser market share, but now it stands under a pitiful 5 percent. Google money removes need to compete from a management POV as they'll get paid either way but they're still leaving money on the table.

What should Mozilla do to help Firefox regain its lost market share? Not so long ago Internet Explorer was only used to download Firefox when geeks reloaded Windows machines for others. Today, Edge, however pathetic, still outranks Firefox. Were FF not arguably the best available browser for Linux, share would be even less.

Were you the king for a day what would you do to make Firefox great again? If you dropped or deprecated Firefox what shooed you off? This is not about Firefox being good or bad but about regaining casually discarded market share.

An automated status updater for Slack isn't the only thing Mozilla acquired this week. From a report: On Wednesday, the company announced that it snatched up Active Replica, a Vancouver-based startup developing a "web-based metaverse." According to Mozilla SVP Imo Udom, Active Replica will support Mozilla's ongoing work with Hubs, the latter's VR chatroom service and open source project. Specifically, he sees the Active Replica team working on personalized subscription tiers, improving the onboarding experience and introducing new interaction capabilities in Hubs.

"Together, we see this as a key opportunity to bring even more innovation and creativity to Hubs than we could alone," Udom said in a blog post. "We will benefit from their unique experience and ability to create amazing experiences that help organizations use virtual spaces to drive impact. They will benefit from our scale, our talent, and our ability to help bring their innovations to the market faster." Active Replica was founded in 2020 by Jacob Ervin and Valerian Denis. Ervin is a software engineer by trade, having held roles at AR/VR startups Metaio, Liminal AR and Occipital. Denis has a history in project management -- he worked for VR firms including BackLight, which specializes in location-based and immersive VR experiences for brands.

An anonymous reader quotes a report from the Washington Post: Major web browsers moved Wednesday to stop using a mysterious software company that certified websites were secure, three weeks after The Washington Post reported its connections to a U.S. military contractor. Mozilla's Firefox and Microsoft's Edge said they would stop trusting new certificates from TrustCor Systems that vouched for the legitimacy of sites reached by their users, capping weeks of online arguments among their technology experts, outside researchers and TrustCor, which said it had no ongoing ties of concern. Other tech companies are expected to follow suit.

The Post reported on Nov. 8 that TrustCor's Panamanian registration records showed the same slate of officers, agents and partners as a spyware-maker identified this year as an affiliate of Arizona-based Packet Forensics, which has sold communication interception services to U.S. government agencies for more than a decade. One of those contracts listed the "place of performance" as Fort Meade, Md., the home of the National Security Agency and the Pentagon's Cyber Command. The case has put a new spotlight on the obscure systems of trust and checks that allow people to rely on the internet for most purposes. Browsers typically have more than a hundred authorities approved by default, including government-owned ones and small companies, to seamlessly attest that secure websites are what they purport to be."Certificate Authorities have highly trusted roles in the internet ecosystem and it is unacceptable for a CA to be closely tied, through ownership and operation, to a company engaged in the distribution of malware," Mozilla's Kathleen Wilson wrote to a mailing list for browser security experts. "Trustcor's responses via their Vice President of CA operations further substantiates the factual basis for Mozilla's concerns."

Firefox developer Mozilla is making a rare foray into the world of mergers and acquisitions, with news that it has snapped up recently-shuttered California-based productivity startup Pulse. From a report: Terms of the deal haven't been disclosed, but the deal is tantamount to an "acqui-hire," with Mozilla looking to deploy the Pulse team across an array of machine learning (ML) projects. "We're acquiring Pulse for the incredible team they have built," Mozilla chief product officer Steve Teixeira told TechCrunch. "As we look to continue to improve user experiences across all of our products, ML will be a core part of that."

Founded out of Menlo Park in 2019, Pulse in its initial guise was a "virtual office" platform called Loop Team, but after honing the idea for a couple of years it pivoted and rebranded last November. Pulse, essentially, was an automated status-updating tool that used signals based on pre-configured integrations and preferences set by the user. For example, users could synchronize Pulse with their calendar and Slack, setting rules to stipulate what their status and corresponding emoji should be based on keywords in their calendar event title. If their schedule for a particular time says "hair appointment" from 12-1pm, then the person's Slack status update might display a scissors emoji alongside the word "haircut." Or, it might say "birthday" alongside a cake emoji if that's what is in their calendar.

Google researchers say they have linked a Barcelona, Spain-based IT company to the sale of advanced software frameworks that exploit vulnerabilities in Chrome, Firefox, and Windows Defender. From a report: Variston IT bills itself as a provider of tailor-made Information security solutions, including technology for embedded SCADA (supervisory control and data acquisition) and Internet of Things integrators, custom security patches for proprietary systems, tools for data discovery, security training, and the development of secure protocols for embedded devices.

According to a report from Google's Threat Analysis Group, Variston sells another product not mentioned on its website: software frameworks that provide everything a customer needs to surreptitiously install malware on devices they want to spy on. Researchers Clement Lecigne and Benoit Sevens said the exploit frameworks were used to exploit n-day vulnerabilities, which are those that have been patched recently enough that some targets haven't yet installed them. Evidence suggests, they added, that the frameworks were also used when the vulnerabilities were zero-days. The researchers are disclosing their findings in an attempt to disrupt the market for spyware, which they said is booming and poses a threat to various groups.

Mozilla today released its annual "State of Mozilla" report and for the most part, the news here is positive. From a report: Mozilla Corporation, the for-profit side of the overall Mozilla organization, generated $585 million from its search partnerships, subscriptions and ad revenue in 2021 -- up 25% from the year before. And while Mozilla continues to mostly rely on its search partnerships, revenue from its new products like the Mozilla VPN, Mozilla Developer Network (MDN) Plus, Pocket and others now accounts for $57 million of its revenue, up 125% compared to the previous year. For the most part, that's driven by ads on the New Tab in Firefox and in Pocket, but the security products now also have an annual revenue of $4 million.

With the launch of this year's report, the Mozilla leadership team is also taking some time to look ahead, because in many ways, this is an inflection point for Mozilla. When Mozilla was founded, the internet was essentially the web and the browser was the way to access it. Since then, the way we experience the internet has changed dramatically and while the browser is still one of the most important tools around, it's not the only one. With that, Mozilla, too, has to change. Its Firefox browser has gone from dominating the space to being something of a niche product, but the organization's mission ("to ensure the internet is a global public resource, open and accessible to all") is just as important today -- and maybe more so -- as it was almost 25 years ago when Mozilla was founded.

A new article from Wired calls Rust "the 'viral' secure programming language that's taking over tech."

"Rust makes it impossible to introduce some of the most common security vulnerabilities. And its adoption can't come soon enough...." [A] growing movement to write software in a language called Rust is gaining momentum because the code is goof-proof in an important way. By design, developers can't accidentally create the most common types of exploitable security vulnerabilities when they're coding in Rust, a distinction that could make a huge difference in the daily patch parade and ultimately the world's baseline cybersecurity....

[B]ecause Rust produces more secure code [than C] and, crucially, doesn't worsen performance to do it, the language has been steadily gaining adherents and now is at a turning point. Microsoft, Google, and Amazon Web Services have all been utilizing Rust since 2019, and the three companies formed the nonprofit Rust Foundation with Mozilla and Huawei in 2020 to sustain and grow the language. And after a couple of years of intensive work, the Linux kernel took its first steps last month to implement Rust support. "It's going viral as a language," says Dave Kleidermacher, vice president of engineering for Android security and privacy. "We've been investing in Rust on Android and across Google, and so many engineers are like, 'How do I start doing this? This is great'...."

By writing new software in Rust instead, even amateur programmers can be confident that they haven't introduced any memory-safety bugs into their code.... These types of vulnerabilities aren't just esoteric software bugs. Research and auditing have repeatedly found that they make up the majority of all software vulnerabilities. So while you can still make mistakes and create security flaws while programming in Rust, the opportunity to eliminate memory-safety vulnerabilities is significant....

"Yes, it's a lot of work, it will be a lot of work, but the tech industry has how many trillions of dollars, plus how many talented programmers? We have the resources," says Josh Aas, executive director of the Internet Security Research Group, which runs the memory-safety initiative Prossimo as well as the free certificate authority Let's Encrypt. "Problems that are merely a lot of work are great."
Here's how Dan Lorenc, CEO of the software supply-chain security company Chainguard, explains it to Wired. "Over the decades that people have been writing code in memory-unsafe languages, we've tried to improve and build better tooling and teach people how to not make these mistakes, but there are just limits to how much telling people to try harder can actually work.

"So you need a new technology that just makes that entire class of vulnerabilities impossible, and that's what Rust is finally bringing to the table."

An anonymous reader quotes a report from The Verge: Darin Fisher has built a lot of web browsers. A lot of web browsers. He was a software engineer at Netscape early in his career, working on Navigator and then helping turn that app into Firefox with Mozilla. Then, he went to Google and spent 16 years building Chrome and ChromeOS into massively successful products. Last year, he left Google for Neeva, where he worked on ways to build a browser around the startup's search engine. And now, he's leaving Neeva to join The Browser Company and work on Arc, one of the hottest new browsers on the market. Arc, which has been in an invite-only beta for more than a year, is trying to rethink the whole browser UI. It has a sidebar instead of a row of tabs, offers a lot of personalization options, and is meant for people who live their computing life in a browser (which is increasingly most people). CEO Josh Miller often talks about building "the internet computer," too, and using the browser as a way to make the internet more useful.

Fisher has been an advisor to The Browser Company for a while, but Monday is his first official day at the company as a software engineer. Ahead of his new gig, Fisher and I got on a call to talk about why he thinks browsers are due for a reinvention -- and why he thinks a startup is the best place to do it. The answer starts with the browser's defining feature: tabs. Fisher doesn't hate tabs -- in fact, he helped popularize them. But he hates that using a modern browser involves opening a million of them, not being able to find them again, and eventually just giving up and starting all over again. "I remember when tabbed browsing was novel," Fisher says, "and helped people feel less cluttered because you don't have as many windows." But now, "even when I use Chrome," Fisher says, "I get a bunch of clutter. At some point, I just say, 'Forget it, I'm not even going to bother trying to sort through all these tabs. If it's important, I'll open it again.'" Browsers need better systems for helping you manage tabs, not just open more of them.

The best way to improve the browser, Fisher ultimately decided, is to just start from scratch. Arc is full of new ideas about how web browsers can work: it combines bookmarks and tabs into one app switcher-like concept; it makes it easy to search among your open tabs; it has built-in tools for taking notes and making shareable mini websites. The experience can be jarring because it's so different, but Fisher says that's part of what he's excited about. "This is not stuff people haven't talked about before," he says, "but actually putting it together and focusing on it and thinking about the small steps that go a long way, I think that's where there's so much opportunity." Fisher likes to compare a browser to an operating system, which matches with The Browser Company's idea that Arc isn't just a browser but rather an iOS-like system for the open web. "It has task management UI, it has UI for creating and starting a journey, but there's so much more in between," he says. What the iPhone did for native apps, Arc hopes to do for web apps. Fisher says he's interested in improving the way files move around the internet, for instance, finding a better way than the constant downloading and uploading we all do all day. He likes that Arc has a picture-in-picture mode that works by default, pulling your YouTube video out when you switch tabs. All these make the web feel more connected and cohesive rather than just a bunch of tabs in a horizontal line. The Browser Company also plans to reinvent the internet browser for mobile, too. On mobile, in particular, he says, "there are so many opportunities because the starting point is so archaic."

"He's vague on the details of his plans -- and The Browser Company hasn't really started working on a mobile browser yet anyway -- but says that's a big focus for him going forward," adds The Verge.

Firefox 106 is now available for download, bringing various new features and enhancements, such as a new PDF editing feature and new way to organize recently closed tabs. 9to5Linux reports: Mozilla says that Firefox 106 finally brings the long-anticipated two-finger swipe horizontal gesture for navigating back and forward on a website without having to hold down the Alt key. [...] Firefox 106 also introduces annotation capabilities to the built-in PDF viewer so you can write text, draw, or add signatures on PDF files. You'll be able to change the size and color of the text tool, as well as the thickness, opacity, and color of the draw tool.

Another interesting new feature of the Firefox 106 release is called Firefox View, which is implemented as a pinned tab, promising to help you get back to the content you've previously discovered by allowing you to switch seamlessly between your devices running Firefox. On top of all that, Firefox 106 also brings major WebRTC changes to improve Windows and Wayland screen sharing, RTP performance and reliability, statistics, and more. There are also the usual bug and security fixes to make Firefox more stable and reliable on your system.

Firefox Relay, a Mozilla service designed to hide your "real" email address by giving you virtual ones to hand out, is expanding to offer virtual phone numbers. From a report: In a blog post Mozilla product manager Tony Amaral-Cinotto explains that the relay service generates a phone number for you to give out to companies if you suspect they might use it to send you spam messages in the future, or if you think they might share it with others who will. The idea is that handing out this alternative phone number makes it easier to block spam phone calls or texts in the future. You can either block all calls or texts sent to your relay number, or just block specific contacts. Importantly it lets you keep your "real" phone number private, which is something you might want to consider if it's a number you use to receive sensitive information like two-step verification codes via SMS. Once you've signed up, the Firefox phone number masking service offers 50 minutes of incoming calls and 75 text messages a month. The phone number masking service is also more expensive at $4.99 a month (or $3.99 a month when paid annually), while the email service offers a choice between a free tier and a premium tier costing $1.99 a month ($0.99 a month when paid annually).

Martin Brinkmann writes via gHacks: From next year onward, extensions for Google Chrome and most other Chromium-based browsers, will have to rely on a new extension manifest. Manifest V3 defines the boundaries in which extensions may operate. Current Chromium extensions use Manifest V2 for the most part, even though the January 2023 deadline is looming over the heads of every extension developer. Google is using its might to push Manifest v3, and most Chromium-based browsers, including Microsoft Edge, will follow. [...]

Mozilla announced early on that it will support Manifest v3 as well, but that it would continue to support important APIs that Google limited in Manifest v3. Probably the most important of them all is the WebRequest API. Used by content blockers extensively to filter certain items, it has been replaced by a less powerful option in Manifest v3. While Manifest v3 does not mean the end for content blocking on Chrome, Edge and other Chromium-based browsers, it may limit abilities under certain circumstances. Users who install a single content blocker and no other extension that relies on the same relevant API may not notice much of a change, but those who like to add custom filter lists or use multiple extensions that rely on the API, may run into artificial limits set by Google.

Mozilla reaffirmed this week that its plan has not changed. In "These weeks in Firefox: issue 124," the organization confirms that it will support the WebRequst API of Manifest v2 alongside Manifest v3. Again, a reminder that Mozilla plans to continue support for the Manifest v2 blocking WebRequest API (this API powers, for example, uBlock Origin) while simultaneously supporting Manifest v3.

As antitrust regulators around the world dial up scrutiny of platform power, Mozilla has published a piece of research digging into the at times subtle yet always insidious ways operating systems exert influence to keep consumers locked to using their own-brand browsers rather than seeking out and switching to independent options -- while simultaneously warning that competition in the browser market is vital to ensure innovation and choice for consumers and, more broadly, protect the vitality of the open web against the commercial giants trying to wall it up. TechCrunch: "Billions of people across the globe are dependent on operating systems from the largest technology companies. Amazon, Apple, Google, Microsoft and Meta each provide their own browser on their operating systems and each of them uses their gatekeeper position provider to preference their own browsers over independent rivals. Whether it is Microsoft pushing Firefox users to switch their default on Windows computers, Apple restricting the functionality of rival browsers on iOS smartphones or Google failing to apply default browser settings across Android, there are countless examples of independent browsers being inhibited by the operating systems on which they are dependent," Mozilla writes in a summary of its findings. "This matters because American consumers and society as a whole suffer. Not only do people lose the ability to determine their own online experiences but they also receive less innovative and lower quality products. In addition, they can be forced to accept poorer privacy outcomes and even unfair contracts. By contrast, competition from independent browsers can help to drive new features, as well as innovation in areas like privacy and security."

AmiMoJo shares a report from the Mozilla Foundation: YouTube's user controls -- buttons like "Dislike " and "Not interested" -- largely fail to help users avoid unwanted recommendations like misinformation and violent content, according to new research by Mozilla. An accompanying survey also found that YouTube's controls routinely frustrate and confuse users. Indeed, Mozilla's research found that people who are experiencing unwanted recommendations and turn to the platform's user controls for assistance prevent less than half of unwanted recommendations.

This is especially troubling because Mozilla's past research shows that YouTube recommends videos that violate its very own community guidelines, like misinformation, violent content, hate speech, and spam. For example, one user in this most recent research asked YouTube to stop recommending war footage from Ukraine -- but shortly after was recommended even more grisly content from the region. The study, titled "Does This Button Work? Investigating YouTube's ineffective user controls" is the culmination of months of rigorous qualitative and quantitative research. The study was made possible by the data of more than 20,000 participants who used Mozilla's RegretsReporter browser extension, and by data about more than 500 million YouTube videos. These are the top findings, as highlighted in the report: People don't trust YouTube's user controls. More than a third (39.3%) of people surveyed felt YouTube's user controls did not impact their recommendations at all, and 23% felt the controls had a mixed response. Said one interviewee: "Nothing changed. Sometimes I would report things as misleading and spam and the next day it was back in [...] Even when you block certain sources they eventually return."

People take matters into their own hands. Our study found that people did not always understand how YouTube's controls affect their recommendations, and so took a jury rigged approach instead. People will log out, create new accounts, or use privacy tools just to manage their YouTube recommendations. Said one user: "When the Superbowl came around ... if someone recommended a particular commercial, I used to log out of YouTube, watch the commercial, and then log back in."

The data confirms people are right. The most "effective" user control was "Don't recommend channel," but compared to users who do not make use of YouTube's user controls, only 43% of unwanted recommendations are prevented -- and recommendations from the unwanted channel sometimes persist. Other controls were even less effective: The "Not Interested" tool prevented only 11% of unwanted recommendations.

YouTube can fix this problem. YouTube has the power to confront this issue and do a better job at enabling people to control their recommendations. Our research outlines several concrete suggestions to put people back into the driver's seat, like making YouTube's controls more proactive, allowing users to shape their own experience; and giving researchers increased access to YouTube's API and other tools. Further reading: YouTube Targets TikTok With Revenue Sharing For Shorts, Partner Program Expansion

The Document Foundation, the organization that tends the open source productivity suite LibreOffice, has decided to start charging for one version of the software. The Register reports: LibreOffice is a fork of OpenOffice and is offered under the free/open source Mozilla Public License Version 2.0. A Monday missive from the Document Foundation reveals the org will begin charging 8.99 euros for the software -- but only when sold via Apple's Mac App Store. That sum has been styled a "convenience fee ... which will be invested to support development of the LibreOffice project."

The foundation suggests paying up in the Mac App Store is ideal for "end users who want to get all of their desktop software from Apple's proprietary sales channel." Free downloads of LibreOffice for macOS from the foundation's site will remain available and arguably be superior to the App Store offering, because that version will include Java. The foundation argued that Apple does not permit dependencies in its store, so it cannot include Java in the 8.99 euro offering. The version now sold in the App Store supersedes a previous offering provided by open source support outfit Collabora, which charged $10 for a "Vanilla" version of the suite and threw in three years of support. The foundation's marketing officer Italo Vignoli said the change was part of a "new marketing strategy."

"The Document Foundation is focused on the release of the Community version, while ecosystem companies are focused on a value-added long-term supported versions targeted at enterprises," Vignoli explained. "The distinction has the objective of educating organizations to support the FOSS project by choosing the LibreOffice version which has been optimized for deployments in production and is backed by professional services, and not the Community version generously supported by volunteers."

"The objective is to fulfil the needs of individual and enterprise users in a better way," Vignoli added, before admitting "we know that the positive effects of the change will not be visible for some time. Educating enterprises about FOSS is not a trivial task and we have just started our journey in this direction."

A group of privacy-focused organizations have signed a letter imploring US Congress leaders to schedule a vote on a bill that would hamper data collection by tech giants and promote user access to online privacy tools. From a report: In its letter to Congress, addressed to the likes of Mitch McConnell and Nancy Pelosi, the alliance argued that the continued suppression of the American Innovation and Choice Online Act (AICOA) allows "dominant firms" to "limit competition and restrict user choice" when accessing privacy-focused technologies and products. It also accused tech giants of forcing users into accepting their policies of "perpetual surveillance" because of their positions as "gatekeepers," and of using their "influence in society" to steer users away from rival services more committed to privacy. Signatories included the likes of DuckDuckGo, Proton, Brave and Mozilla, among others, representing sectors ranging from VPN and search to web browsers, office software, and more. The letter to Congress fighting for the revival of the AICOA hit back at the idea that the US technology industry is a free market. The 13 signatories, all of which are relatively small in stature, claim the tech giants deliberately wield the depth and breadth of their product portfolios to establish unassailable monopolies.

"Facebook has started to use a different URL scheme for site links," writes the technology blog Ghacks, "to combat URL stripping technologies that browsers such as Firefox or Brave use to improve privacy and prevent user tracking." Some sites, including Facebook, add parameters to the web address for tracking purposes. These parameters have no functionality that is relevant to the user, but sites rely on them to track users across pages and properties. Mozilla introduced support for URL stripping in Firefox 102, which it launched in June 2022. Firefox removes tracking parameters from web addresses automatically, but only in private browsing mode or when the browser's Tracking Protection feature is set to strict. Firefox users may enable URL stripping in all Firefox modes, but this requires manual configuration. Brave Browser strips known tracking parameters from web addresses as well....

It is no longer possible to remove the tracking part of the URL, as Facebook merged it with part of the required web address.

An anonymous reader quotes a report from Wired: [R]esearchers from the New Jersey Institute of Technology are warning this week about a novel technique attackers could use to de-anonymize website visitors and potentially connect the dots on many components of targets' digital lives. The findings (PDF), which NJIT researchers will present at the Usenix Security Symposium in Boston next month, show how an attacker who tricks someone into loading a malicious website can determine whether that visitor controls a particular public identifier, like an email address or social media account, thus linking the visitor to a piece of potentially personal data.

When you visit a website, the page can capture your IP address, but this doesn't necessarily give the site owner enough information to individually identify you. Instead, the hack analyzes subtle features of a potential target's browser activity to determine whether they are logged into an account for an array of services, from YouTube and Dropbox to Twitter, Facebook, TikTok, and more. Plus the attacks work against every major browser, including the anonymity-focused Tor Browser. "If you're an average internet user, you may not think too much about your privacy when you visit a random website," says Reza Curtmola, one of the study authors and a computer science professor at NJIT. "But there are certain categories of internet users who may be more significantly impacted by this, like people who organize and participate in political protest, journalists, and people who network with fellow members of their minority group. And what makes these types of attacks dangerous is they're very stealthy. You just visit the website and you have no idea that you've been exposed."

How this de-anonymization attack works is difficult to explain but relatively easy to grasp once you have the gist. Someone carrying out the attack needs a few things to get started: a website they control, a list of accounts tied to people they want to identify as having visited that site, and content posted to the platforms of the accounts on their target list that either allows the targeted accounts to view that content or blocks them from viewing it -- the attack works both ways. Next, the attacker embeds the aforementioned content on the malicious website. Then they wait to see who clicks. If anyone on the targeted list visits the site, the attackers will know who they are by analyzing which users can (or cannot) view the embedded content. [...] Complicated as it may sound, the researchers warn that it would be simple to carry out once attackers have done the prep work. It would only take a couple of seconds to potentially unmask each visitor to the malicious site -- and it would be virtually impossible for an unsuspecting user to detect the hack. The researchers developed a browser extension that can thwart such attacks, and it is available for Chrome and Firefox. But they note that it may impact performance and isn't available for all browsers.

EU antitrust regulators are investigating the video licensing policy of the Alliance for Open Media (AOM), whose members include Alphabet Google, Amazon, Apple and Meta , the European Commission said on Thursday. Reuters reports: Founded in 2015, the group aims to create a new standard software for streaming higher-quality 4K video on browsers, devices, apps, and gaming, known as AV1. While the AV1 software is not yet adopted widely, Netflix and YouTube have started using it for some customers, and browsers such as Google Chrome and Firefox have started to support the new format. Intel, Huawei, Mozilla, Samsung and Nvidia are also AOM members, according to its website.

In a questionnaire sent to some companies earlier this year and seen by Reuters, the EU watchdog said it was investigating alleged anti-competitive behavior related to the license terms of AV1 by AOM and its members in Europe. "The Commission has information that AOM and its members may be imposing licensing terms (mandatory royalty-free cross licensing) on innovators that were not a part of AOM at the time of the creation of the AV1 technical, but whose patents are deemed essential to (its) technical specifications," the paper said. It said this action may be restricting the innovators' ability to compete with the AV1 technical specification, and also eliminate incentives for them to innovate.

The questionnaire also asked about the impact of an AOM patent license clause in which licensees would have their patent licenses terminated immediately if they launched patent lawsuits asserting that implementation infringes their claims. Companies risk fines of up to 10% of their global turnover for breaching EU antitrust rules.

Mozilla's latest Firefox browser release has a new feature that prevents sites like Facebook from tracking you across websites. Called Query Parameter Stripping, it automatically removes strings of characters added to the end of an URL.

williamyf writes: Today, Mozilla released Firefox 102.
New features include:
* Tired of too many windows crowding your screen? You can now disable automatic opening of the download panel every time a new download starts. Read more.
* Firefox now mitigates query parameter tracking when navigating sites in ETP strict mode.
* Subtitles and captions for Picture-in-Picture (PiP) are now available at HBO Max, Funimation, Dailymotion, Tubi, Disney+ Hotstar, and SonyLIV. This allows you to view video in a small window pinned to a corner of the screen while navigating between apps or browsing content on the main screen.

But do not get fooled, the most important feature is that this release is an ESR, this is super-important of a host of reasons:

* Firefox ESR is the basis for KaiOS (an evolution of BootToGecko), an OS for Semi-Smart Phones very popular in India (100milion+), SE Asia + Africa (~60Milion), so, whatever made the cut in 102 will define the base capabilities for KaiOS for the next year.

* Firefox ESR is the basis for Thunderbird, so, if you use Thunderbird or a derivative, whatever made the cut in 102 will underpin Thunderbird for the next year.

* Many popular Linux distros (like Debian or Kali) use Firefox ESR as the default browser.

* Many companies and organizations use Firefox ESR as their default browser, and many SW development companies certify Firefox ESR as an alowed browser for their SW.

So, 102 is a very important release, becuase it brings a year of advances to ESR.