Firefox Icon

Firefox

Firefox is an open-source web browser developed by Mozilla.
37 Stories
All Topics

Firefox zdnet.com

Firefox to add Tor Browser anti-fingerprinting technique called letterboxing

Called “letterboxing,” this new technique adds “gray spaces” to the sides of a web page when the user resizes the browser window, which are then gradually removed after the window resize operation has finished.

This appears to be a major win for privacy advocates. It also seems like a chink in the armor of Chrome’s dominance, given that many people have lost trust in its privacy model.

Culture ferdychristant.com

The state of web browsers

Should I read this 22 minute read on the state of web browsers? Sure. Count me in!

Microsoft has confirmed the rumor to be true. We now have one less browser engine, and a last man standing (Firefox) in deep trouble (reasons below).
…
The web now runs on a single engine. There is not a single browser with a non-Chromium engine on mobile of any significance other than Safari. Which runs webkit, kind of the same engine as Chromium, which is based on webkit.

Caroline Haskins motherboard.vice.com

Old school 'sniffing' attacks can still reveal your browsing history

Several major browsers you and I use everyday are capable of leaking our browsing history, and they all know about it. Caroline Haskins at Motherboard writes:

Most modern browsers—such as Chrome, Firefox, and Edge … have vulnerabilities that allow hosts of malicious websites to extract hundreds to thousands of URLs in a user’s web history, per new research from the University of California San Diego.

In a statement provided to Motherboard via email, senior engineering manager of Firefox security Wennie Leung said that Firefox will “prioritize our review of these bugs based on the threat assessment.” Google spokesperson Ivy Choi told Motherboard in an email that they are aware of the issue and are “evaluating possible solutions.”

Ben Adida shared this on Twitter:

When first web history sniffing attacks came out, I suggested we had to change the notion of a visited link: a link would be marked visited by origin (edges, not nodes.) That was considered too dramatic a change. Maybe it’s necessary after all.

Who’s ready to dig into this research and share how vulnerable we really are and what types of malicious websites could/would extract our browsing history? If you do, let us know so we can link it up.

Bert Hubert blog.powerdns.com

Firefox is considering a move to third party DNS lookups

Specifically, they are considering making CloudFlare the default nameserver. A new feature called “Trusted Recursive Resolver” (TRR) could be turned on by default, and therefore override the DNS changes you’ve configured in your network.

Cloudflare says it takes your privacy more seriously than telecommunication service providers do because this DNS query will be encrypted, unlike regular DNS. They also promise not to sell your data or engage in user profiling.

Cloudflare and Mozilla have set out a privacy policy that rules out any form of customer profiling. Their story is that many ISPs are doing user profiling and marketing, and that moving your DNS to Cloudflare is therefore a win for your privacy.

This is a deep subject with many, many layers. Dig deep on this one. So, the question is — under what circumstances would it be OK for Cloudflare (or any other third party) to take over our DNS by default?

Chrome waytab.io

Get a random item you've liked/bookmarked when you open a new browser tab

Waytab connects to your browser bookmark, Github, Twitter, Pocket, Pinterest and Unsplash account to remind you of your stars, likes and bookmarks every time you open a new browser tab.

This looks like a good idea, well executed. I’ve long given up on bookmarking, liking, and starring stuff because I never go back and revisit. Waytab changes all that.

Benjamin Bouvier blog.benj.me

Making calls to WebAssembly blazingly fast

Benjamin Bouvier, Compiler Engineer at Mozilla, writes about speeding up calls from JS to Wasm in Firefox.

If we want more WebAssembly (wasm) adoption, there shouldn’t be a big costly barrier between the two universes. That is, calls from one world to the other should be fast. For a very long time, calls from JS to asm.js/WebAssembly have been quite slow in Firefox. In fact, we didn’t optimize them at all.

He goes on to say…

Starting with Firefox 60, the JIT compiler makes no distinctions between calling a JavaScript function or a WebAssembly function, meaning it uses the same call optimizations for both kinds of function.

Benjamin continues through several more bugs mentioned on the Bugzilla bug board with fixes to speed up calls from JS to Wasm in Firefox.

Firefox hacks.mozilla.org

Firefox 61 – Quantum of Solstice

The latest version of Firefox adds some powerful new features. It enables parallel CSS parsing, which combines with their existing parallel CSS style computation to make CSS in Firefox incredibly fast. In addition, this version adds a brand new Accessibility Inspector, giving developers direct access to the ‘accessibility tree’ screen-readers use to interact with a website. This is HUGE for helping developers make websites more accessible.

Player art
  0:00 / 0:00