mozilla

Mozilla Nederland LogoDe Nederlandse
Mozilla-gemeenschap

Please welcome Allison Banks, Vice President of People

Mozilla Blog - wo, 25/03/2015 - 19:57

We’re thrilled to announce that Allison Banks is joining the leadership team at Mozilla today as our new Vice President of People.

As the leader of our global human resource team at Mozilla, Allison will be responsible, above all, for ensuring our people have what they need to help move our mission forward. Specifically, her team will develop and execute the people-related strategies and activities that will help to foster growth, innovation, and our overall organizational effectiveness.

With over 20 years of experience, Allison joins us most recently from GoPro where she served as Sr. Director of HR overseeing the hiring of 900 people, opening offices in seven countries, integrating acquisitions and building the HR processes and systems required to support a dynamic global organization. Prior to GoPro, she developed her HR expertise and track record for inspiring and supporting people at Perforce Software, Citibank, and Ingres.

Allison’s background, experience and passion for the human side of business is an exceptional fit for Mozilla.

She will be based in the Bay Area, working out of our Mozilla Space in San Francisco and our headquarters in Mountain View.

Please join me in welcoming Allison to Mozilla!

chris

Background:

Allison Banks, Vice President of People, Mozilla

Bio & Mozillians profile

LinkedIn profile

High-res photo

Categorieën: Mozilla-nl planet

The Mozilla Blog: Please welcome Allison Banks, Vice President of People

Mozilla planet - wo, 25/03/2015 - 19:57

We’re thrilled to announce that Allison Banks is joining the leadership team at Mozilla today as our new Vice President of People.

As the leader of our global human resource team at Mozilla, Allison will be responsible, above all, for ensuring our people have what they need to help move our mission forward. Specifically, her team will develop and execute the people-related strategies and activities that will help to foster growth, innovation, and our overall organizational effectiveness.

With over 20 years of experience, Allison joins us most recently from GoPro where she served as Sr. Director of HR overseeing the hiring of 900 people, opening offices in seven countries, integrating acquisitions and building the HR processes and systems required to support a dynamic global organization. Prior to GoPro, she developed her HR expertise and track record for inspiring and supporting people at Perforce Software, Citibank, and Ingres.

Allison’s background, experience and passion for the human side of business is an exceptional fit for Mozilla.

She will be based in the Bay Area, working out of our Mozilla Space in San Francisco and our headquarters in Mountain View.

Please join me in welcoming Allison to Mozilla!

chris

Background:

Allison Banks, Vice President of People, Mozilla

Bio & Mozillians profile

LinkedIn profile

High-res photo

Categorieën: Mozilla-nl planet

How Mozilla is giving back to it's community - opensource.com

Nieuws verzameld via Google - wo, 25/03/2015 - 19:17

opensource.com

How Mozilla is giving back to it's community
opensource.com
Mozilla has a rich history of empowering people on the open web through open education. From an early partnership with P2PU, and the 2010 Mozilla Festival of Learning, Freedom, and the Web, grew initiatives like the highly successful Mozilla Webmaker, ...

en meer »Google Nieuws
Categorieën: Mozilla-nl planet

Air Mozilla: Product Coordination Meeting

Mozilla planet - wo, 25/03/2015 - 19:00

Product Coordination Meeting Weekly coordination meeting for Firefox Desktop & Android product planning between Marketing/PR, Engineering, Release Scheduling, and Support.

Categorieën: Mozilla-nl planet

Mozilla WebDev Community: Beer and Tell – March 2015

Mozilla planet - wo, 25/03/2015 - 18:27

Once a month, web developers from across the Mozilla Project get together to design the most dangerous OSHA-compliant workstation possible. While searching for loopholes, we find time to talk about our side projects and drink, an occurrence we like to call “Beer and Tell”.

There’s a wiki page available with a list of the presenters, as well as links to their presentation materials. There’s also a recording available courtesy of Air Mozilla.

Michael Kelly: dxr-cmd

A certain blog post author was first with dxr-cmd, a command-line client for making queries to DXR, Mozilla’s source code browser. The tool is installed via pip and supports any query you can make via the web interface. Output can be run through a pager utility such as less, and you can also control the syntax highlighting applied to the output.

Daniel Maher: AudioAddict plugin for Plex

Next up was phrawzty, who was not present but shared a link to AudioAddict.bundle, a Plex plugin that allows you to play music from AudioAddict-based services (such as radiotunes.com, di.fm, and more).

Peter Bengtsson: Redunter

peterbe shared Redunter, a web service that helps hunt down unused CSS on your website. By embedding a small snippet of JS into your page and browsing through your website, Redunter will analyze the HTML being rendered and compare it to the CSS being served. The end result is a list of CSS rules that did not match any HTML that was delivered to the user. Redunter even works with sites that modify the DOM by watching for mutation events and tracking the altered HTML.

Scott Michaud: GPU-Accelerated Audio

ScottMichaud returns with more fun stuff using the WebCL extension! Scott shared a demo of WebCL-powered audio where a virtual microphone was surrounded by individual raindrop sounds. By controlling the rate of raindrops, you can simulate a higher audio load and see the difference that pushing audio processing to the GPU can make.

Les Orchard: Parsec Patrol

Senior Space Cadet lorchard shared Parsec Patrol, a vector-based space game for the web. While there’s no full game made yet, there is a webpage with several demos showing collision detection, spaceship navigation, missiles, point-defense systems, and more!

Matthew Claypotch: a9r

Have you ever seen an abbreviation like l10n or i18n and had no idea what it meant? Have no fear, Uncle Potch is here with a9r, the answer to the abbreviation problem! Simply install the command and enter in an abbreviation to receive a list of all words in the SOWPODS word list that match. Got a word that you need to abbreviate? Not only can a9r decipher abbreviations, it can create them!

Matthew Claypotch: socketpeer

In a slightly-less-whimsical vein, potch also shared socketpeer, a simple JavaScript library for 1:1 messaging via WebRTC Data Channels and WebSockets. Extracted from the Tanx demo that Mozilla showed at GDC 2015, socketpeer contains both a server API for establishing peer connections between users and a client API to handle the client-side communication. Potch also shared a demo of a peer-to-peer chat application using socketpeer.

Chris Van Wiemeersch: PhantomHAR

Next up was cvan, who shared PhantomHAR, a PhantomJS and SlimerJS script that generates an HTTP Archive (or HAR) for a URL. A HAR is an archive of data about HTTP transactions that can be used to export detailed performance data for tools to consume and analyze, and PhantomHAR allows you to easily generate the HAR for use by these tools.

Chris Van Wiemeersch: fetch-manifest

Next, cvan shared fetch-manifest, a small library that takes a URL, locates the W3C web app manifest for the page, fixes any relative URLs in the manifest, and returns it. This is useful for things like app marketplaces that want to allow people to submit web apps by submitting a single URL to the app they want to submit.

Bill Walker: robot-threejs

Last up was bwalker, who shared robot-threejs, an experimental steampunk robot game powered by three.js and WebGL. The game currently allows you to fly around a 3D environment that has 3D positional audio emitting from an incredibly mysterious cube. CAN YOU SOLVE THE CUBE MYSTERY?

This month we think we’ve really got something special with our Seki Edge keyboard-and-mouse combo. Order now and get a free box of Band-aids at no additional cost!

If you’re interested in attending the next Beer and Tell, sign up for the dev-webdev@lists.mozilla.org mailing list. An email is sent out a week beforehand with connection details. You could even add yourself to the wiki and show off your side-project!

See you next month!

Categorieën: Mozilla-nl planet

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions ... - CSO Online

Nieuws verzameld via Google - wo, 25/03/2015 - 18:16

CSO Online

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions ...
CSO Online
Microsoft has blacklisted a subordinate CA certificate that was wrongfully used to issue SSL certificates for several Google websites. The action will prevent those certificates from being used in Google website spoofing attacks against Internet ...
Google and Mozilla block bogus certificates from ChinaV3.co.uk

alle 108 nieuwsartikelen »Google Nieuws
Categorieën: Mozilla-nl planet

Air Mozilla: The Joy of Coding (mconley livehacks on Firefox) - Episode 7

Mozilla planet - wo, 25/03/2015 - 18:00

The Joy of Coding (mconley livehacks on Firefox) - Episode 7 Watch mconley livehack on Firefox Desktop bugs!

Categorieën: Mozilla-nl planet

Air Mozilla: Content Services

Mozilla planet - wo, 25/03/2015 - 17:48

Content Services Content Services

Categorieën: Mozilla-nl planet

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions ... - PC World

Nieuws verzameld via Google - wo, 25/03/2015 - 15:16

V3.co.uk

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions ...
PC World
Google and Mozilla blacklisted the sub-CA certificate misused by MCS Holdings on Monday, so certificates it has signed are no longer trusted by Chrome and Firefox. Microsoft's action Tuesday extended the blacklisting to Internet Explorer and any other ...
Google and Mozilla block bogus certificates from ChinaV3.co.uk

alle 64 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions ... - PCWorld

Nieuws verzameld via Google - wo, 25/03/2015 - 15:13

V3.co.uk

Microsoft blacklists latest rogue SSL certificates, Mozilla mulls sanctions ...
PCWorld
Google and Mozilla blacklisted the sub-CA certificate misused by MCS Holdings on Monday, so certificates it has signed are no longer trusted by Chrome and Firefox. Microsoft's action Tuesday extended the blacklisting to Internet Explorer and any other ...
Google and Mozilla block bogus certificates from ChinaV3.co.uk
Beijing behind Internet security violation: groupPhys.Org

alle 57 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Air Mozilla: Bugzilla Development Meeting

Mozilla planet - wo, 25/03/2015 - 15:00

Bugzilla Development Meeting Help define, plan, design, and implement Bugzilla's future!

Categorieën: Mozilla-nl planet

Advancing Content: Content Services Team Adds New Talent With Partnerships (and Mozilla) Experience

Mozilla planet - wo, 25/03/2015 - 14:53

Earlier this year I wrote about how 2015 will be a big year for Mozilla to scale and build better personalized experiences as we help move the ad industry forward. Today, I’m excited to announce two new additions to our Content Services team as we continue our mission to create innovative content offerings while always upholding Mozilla’s commitment to user privacy.

Accomplished interactive advertising expert Aaron Lasilla has joined Mozilla and our Content Services team as head of content partnerships. Aaron comes to us from EA Games where he served as the global director of brand solutions and co-founded the in-game advertising group. Aaron was instrumental in negotiating and securing a number of strategic partnerships for EA’s publishing division as he built the group it into a new business and revenue channel for EA, including the largest EA Online partnership ever (within Pogo.com’s casual games offering, in 2003). During his tenure, EA was established as the number one publisher of integrated advertising placements and partnership in and around games. Aaron previously managed Microsoft’s Premium Games Advertising offering and also worked in sales and sponsorship capacities for Double Fusion, Clear Channel Entertainment and Kemper Sports Marketing.

As we continue to develop and refine our new offerings like Firefox Tiles, Aaron will be focusing on engagement and value exchange for Mozilla’s offerings while maintaining the same quality and standards of user experience that Mozilla is known for.

In addition, I’m excited to formally announce that long-time Mozillian Patrick Finch joined our group late last year as director of marketing. Patrick has been with Mozilla for over seven years based out of Sweden and has worked in a number of strategic roles on Mozilla’s desktop and mobile projects over that time. Prior to joining Mozilla Patrick spent over ten years at Sun Microsystems in a variety of capacities including working on numerous open source projects.

As we continue the rollout of Firefox Tiles and bring on new partners, you’ll probably be seeing more of Aaron and Patrick on this blog. If you’re interested in partnering with us in our mission or if you’d just like to drop our team a line, feel free to reach out to us at contentservices@mozilla.com.

Aaron Lassila

Aaron Lassila

Patrick Finch

Patrick Finch

 

Categorieën: Mozilla-nl planet

Mozilla Extends Its Default Google Search Blockout, Signs Up Yandex In Turkey - TechCrunch

Nieuws verzameld via Google - wo, 25/03/2015 - 11:41

TechCrunch

Mozilla Extends Its Default Google Search Blockout, Signs Up Yandex In Turkey
TechCrunch
Mozilla last November made waves when it swapped out Google as the default search engine in its Firefox browser in the U.S., replacing it with Yahoo, and put Yandex in for Google in Russia at the same time. Today Mozilla announced an expansion of that ...

Categorieën: Mozilla-nl planet

François Marier: Keeping up with noisy blog aggregators using PlanetFilter

Mozilla planet - wo, 25/03/2015 - 10:55

I follow a few blog aggregators (or "planets") and it's always a struggle to keep up with the amount of posts that some of these get. The best strategy I have found so far to is to filter them so that I remove the blogs I am not interested in, which is why I wrote PlanetFilter.

Other options

In my opinion, the first step in starting a new free software project should be to look for a reason not to do it :) So I started by looking for another approach and by asking people around me how they dealt with the firehoses that are Planet Debian and Planet Mozilla.

It seems like a lot of people choose to "randomly sample" planet feeds and only read a fraction of the posts that are sent through there. Personally however, I find there are a lot of authors whose posts I never want to miss so this option doesn't work for me.

A better option that other people have suggested is to avoid subscribing to the planet feeds, but rather to subscribe to each of the author feeds separately and prune them as you go. Unfortunately, this whitelist approach is a high maintenance one since planets constantly add and remove feeds. I decided that I wanted to follow a blacklist approach instead.

PlanetFilter

PlanetFilter is a local application that you can configure to fetch your favorite planets and filter the posts you see.

If you get it via Debian or Ubuntu, it comes with a cronjob that looks at all configuration files in /etc/planetfilter.d/ and outputs filtered feeds in /var/cache/planetfilter/.

You can either:

  • add file:///var/cache/planetfilter/planetname.xml to your local feed reader
  • serve it locally (e.g. http://localhost/planetname.xml) using a webserver, or
  • host it on a server somewhere on the Internet.

The software will fetch new posts every hour and overwrite the local copy of each feed.

A basic configuration file looks like this:

[feed] url = http://planet.debian.org/atom.xml [blacklist] Filters

There are currently two ways of filtering posts out. The main one is by author name:

[blacklist] authors = Alice Jones John Doe

and the other one is by title:

[blacklist] titles = This week in review Wednesday meeting for

In both cases, if a blog entry contains one of the blacklisted authors or titles, it will be discarded from the generated feed.

Tor support

Since blog updates happen asynchronously in the background, they can work very well over Tor.

In order to set that up in the Debian version of planetfilter:

  1. Install the tor and polipo packages.
  2. Set the following in /etc/polipo/config:

    proxyAddress = "127.0.0.1" proxyPort = 8008 allowedClients = 127.0.0.1 allowedPorts = 1-65535 proxyName = "localhost" cacheIsShared = false socksParentProxy = "localhost:9050" socksProxyType = socks5 chunkHighMark = 67108864 diskCacheRoot = "" localDocumentRoot = "" disableLocalInterface = true disableConfiguration = true dnsQueryIPv6 = no dnsUseGethostbyname = yes disableVia = true censoredHeaders = from,accept-language,x-pad,link censorReferer = maybe
  3. Tell planetfilter to use the polipo proxy by adding the following to /etc/default/planetfilter:

    export http_proxy="localhost:8008" export https_proxy="localhost:8008"
Bugs and suggestions

The source code is available on repo.or.cz.

I've been using this for over a month and it's been working quite well for me. If you give it a go and run into any problems, please file a bug!

I'm also interested in any suggestions you may have.

Categorieën: Mozilla-nl planet

Mozilla Release Management Team: Firefox 36.0.2 to 36.0.4

Mozilla planet - wo, 25/03/2015 - 10:50

Last Friday and Saturday, we released two minor releases to fix the issues found during the pwn2own hacking contests.

  • 6 changesets
  • 8 files changed
  • 25 insertions
  • 16 deletions

ExtensionOccurrences txt2 py2 sh1 json1 h1 cpp1

ModuleOccurrences testing3 docshell2 mobile1 config1 browser1

List of changesets:

Steve FinkBug 1145255. r=luke, a=lmandel - 2b1ecc5fad12 Jordan LundBug 1113460 - Bump mozharness.json to revision 75c435ef19ca. a=test-only - 3d681d747053 Jordan LundBug 1142743 - Increase chunks for Android 2.3 mochitest-gl, in-tree cfg total chunk fix. r=kmoir, a=test-only - 7d23a45099ee Geoff BrownBug 1142552 - Update robocop chunking to fix rc10. r=ahal, a=test-only - e2ba5973e4bb Olli PettayBug 1144988 - Don't let other pages to load while doing scroll-to-anchor. r=bz, a=lmandel - d5a003cc284a Kyle HueyBug 1145870. r=bz a=lmandel - 57cc76236bd7

Categorieën: Mozilla-nl planet

Mozilla Release Management Team: Firefox 37 beta6 to beta7

Mozilla planet - wo, 25/03/2015 - 10:25

In this beta release, we continued to land some patches for MSE. We disabled MSE under Mac OS X for now.

We also took the fixes for the pwn2own hacking contest in this release.

  • 54 changesets
  • 109 files changed
  • 2315 insertions
  • 1248 deletions

ExtensionOccurrences cpp54 h39 cc3 py2 js2 html2 json1 jsm1 ipdlh1 ipdl1 inc1 c1 build1

ModuleOccurrences dom26 gfx18 layout15 media14 widget9 toolkit5 image5 ipc4 testing3 security2 js2 docshell2 xpfe1 modules1 caps1 browser1

List of changesets:

Matt WoodrowBug 1131638 - Discard video frames that fail to sync. r=cpearce, a=lmandel - 297e2e626fe9 Matt WoodrowBug 1131638 - Record invalid frames as dropped for video playback stats. r=ajones, a=lmandel - f88fcb8ccc27 Matt WoodrowBug 1131638 - Disable hardware decoding if too many frames are invalid. r=cpearce, a=lmandel - edb24ca59d13 Mike HommeyBackout the part of changeset 8044e5199fe2 (Bug 1080319) that removed -remote. a=sledru - 29eac8276b62 Matt WoodrowBug 1139503 - Backlist ATI driver version for DXVA on windows 10 since it's causing crashes. r=cpearce, a=sledru - 5a8085d3a0fe Bill McCloskeyBack out Bug 1103036 to resolve shutdown hangs a=backout - 2cc99febbda0 Ryan VanderMeulenNo bug - Bump mozharness.json to revision fde96e1730cc. a=NPOTB - d16fe93d2755 Jordan LundBug 1142743 - Increase chunks for Android 2.3 mochitest-gl, in-tree cfg total chunk fix. r=kmoir, a=test-only - 2d55d8220616 Geoff BrownBug 1142552 - Update robocop chunking to fix rc10. r=ahal, a=test-only - 0e0204877015 Ralph GilesBug 1141349 - Pref off MSE on Mac. r=ajones, a=lmandel - c8f377118985 Jan VargaBug 1067568 - Fix intermittent "ASSERTION: We don't know anyting about this file handle?!: 'Error', file dom/filehandle/FileService.cpp, line 234". r=bent, a=lsblakk - 199e30cb18f3 Margaret LeibovicBug 1141550 - Register an AsyncShutdown blocker to persist download changes. r=paolo, a=lsblakk - 3eeb35bbafd2 Jean-Yves AvenardBug 1139271 - Part 1: Add logging when encountering invalid atoms. r=k17e, a=lsblakk - 202177831c59 Jean-Yves AvenardBug 1139271 - Part 2: Ignore partial moof. r=k17e, a=lsblakk - 21384861c447 Jean-Yves AvenardBug 1139271 - Part 3: Only consider a Box to be available if entire content is available. r=k17e, a=lsblakk - f4c0cec35772 Paul AdenotBug 1141781 - Grip the VideoFrameContainer when queing a call to invalidate in the MediaStreamGraph. r=roc, a=lsblakk - 6a4e68222995 Matthew GreganBug 1142746 - Make unexpected SL_PLAYEVENT_HEADATMARKER notification non-fatal. r=brsun, a=lsblakk - 067f83e99f66 Ryan VanderMeulenBacked out changeset 6a4e68222995 (Bug 1141781) for mochitest crashes/asserts. - 6a9120be7216 Ethan HuggBug 1144157 - Add ciscospark.com to the screenshare default whitelist r=jesup a=lmandel - bd028b4c3b95 Simon MontaguBug 1114239 patch 1: Backout Bug 1105137, r=jfkthame, a=lmandel - 0837b7d1188b Simon MontaguBug 1114239 patch 2: Backout Bug 1079139, r=jfkthame, a=lmandel - 8fca3694654a Simon MontaguBug 1114239 patch 3: Backout Bug 1062963 patch 3, r=jfkthame, a=lmandel - 470cd8c739c5 Olli Pettaybackout Bug 1121406 which enabled WebSocket in Workers in beta, a=abillings - f0a0d5d2d525 David MajorBug 1138794: Use an alternate crash report server on Windows XP SP2. r=ted a=lmandel - caf324dbb13f Matthew GreganBug 1124542 - WebrtcGmpVideoDecoder shouldn't crash when GMP completion callbacks are received. r=rjesup, a=lmandel - c54687cb7086 Ethan HuggBug 1125047 - GMP should catch decoder failures. r=jesup, a=lmandel - 5598a289b442 Chris PearceBug 1140797 - Make gmp-clearkey buildable outside of mozilla-central. r=edwin, a=lmandel - a49b40d229df Chris PearceBug 1140797 - Prevent fatal assert when doing base64 decode in gmp-clearkey. r=edwin, a=lmandel - 29333933d6d6 Jordan LundBug 1113460 - Bump mozharness.json to revision 75c435ef19ca. a=test-only - 938177ece421 Cameron McCormackBug 1143953 - Fix typo in test_font_loading_api.html where it incorrectly returns document.fonts.read. r=jdaggett, a=test-only - 37be317efc7a Cameron McCormackBug 1143995 - Remove unnecessary layout flushes from test_font_loading_api.html. r=jdaggett, a=test-only - e84f65c3a6aa Cameron McCormackBug 1144507 - Fix incorrect Promise usage in test_font_loading_api.html. r=jdaggett, a=test-only - 9fc579f7bf3a Tim TaubertBug 1124409 - Fix intermittent browser_bug1015721.js failures by ensuring the EventStateManager has a document before trying to dispatch ZoomChangeUsingMouseWheel. r=smaug, a=test-only - 46cfbcfb58c5 Tim TaubertBug 1124409 - Fix test_bug659071.html to properly reset page zoom before finishing. r=smaug, a=test-only - e4f1cc6f63a3 Nicolas B. PierronBug 1137624 - Disable Array.join optimization. r=jandem, a=abillings - 968fa2b32612 Aaron KlotzBug 1141081 - Ensure nsPluginInstanceOwner::Destroy is called before returning from failed plugin instantiation. r=jimm, a=lmandel - 2710769c40a5 Aaron KlotzBug 1128064 - Check for null mContent in nsPluginInstanceOwner::GetDocument. r=jimm, a=abillings - e92558fa59eb Byron Campen [:bwc]Bug 1141749 - Prevent collisions in local SSRCs. r=mt, a=abillings - d76c709556bb Nicolas SilvaBug 1125848 - Reduce the likelyhood of a CompositorParent being destroyed without the proper shutdown sequence. r=sotaro a=lmandel - 45897d27ef82 Avi HalachmiBug 1142079 - Disable refresh driver telemetry on Android. r=froydnj, a=lmandel - 17adc07baf56 Matt WoodrowBug 1138967 - Part 1: Remove ISharedImage. r=nical, a=lmandel - c1356c27fa1b Matt WoodrowBug 1138967 - Part 2: Create IMFYCbCrImage so that image data copying happens off the decoder thread. r=nical, r=cpearce, a=lmandel - 07e266d45703 Matt WoodrowBug 1138967 - Part 3: Add D3D11 YCbCr texture clients and upload on the client side. r=nical, a=lmandel - 0c23dcbc6bf7 Masatoshi KimuraBug 1133187 - Update fallback whitelist. r=keeler, a=lmandel - 02b9c74353ad Seth FowlerBug 1142849 - Upliftable fix for imgRequest TSan violations. r=tn, a=lmandel - 9b7aa96d0e11 Karsten DüsterlohBug 1116952 - Treelines fragments after Bug 1105104. r=jwatt, a=lmandel - 5bd29483f85e Jeff MuizelaarBug 1130978 - Fix VisitEdges. r=kats, a=lmandel - fb9ae74a783a Seth FowlerBug 1137058 - Increment RasterImage::mLockCount to ensure that non-discardable images don't eventually become unlocked. r=tn, a=lmandel - 52b55d9c1d61 Matt WoodrowBug 1145029 - Disable DXVA for 4k videos on AMD hardware since it performs poorly. r=jya a=lmandel - 2445fcfe99d4 Steve FinkBug 1145255. r=luke, a=lmandel - aabde7671ac0 Jed DavisBug 1111079 - Backport some IPC message/channel fixes. r=bent, a=lmandel - 5bb1bb65cc28 Jed DavisBug 1111065 - Backport some upstream IPC serialization fixes. r=bent, a=lmandel - a2295cc0de06 Boris ZbarskyBug 1144991 - Be a bit more restrictive about when a URI_IS_UI_RESOURCE source is allowed to link to a URI_IS_UI_RESOURCE URI that doesn't have the same scheme. r=bholley, a=lmandel - 2e6977da201e Olli PettayBug 1144988 - Don't let other pages to load while doing scroll-to-anchor. r=bz, a=lmandel - 9b93e6033d5d

Categorieën: Mozilla-nl planet

Mozilla Open Policy & Advocacy Blog: Information sharing debates continuing in problematic directions

Mozilla planet - wo, 25/03/2015 - 10:19

Recently, the U.S. Senate Select Committee on Intelligence held a closed-door hearing to markup the Cybersecurity Information Sharing Act (CISA). Mozilla has previously opposed CISA and its predecessor CISPA, and these changes do not alleviate our concerns. Simultaneously, in neighboring Canada, an aggressive counterterrorism bill would introduce similarly problematic surveillance provisions, among other harms.

But first, CISA. While the newly marked up version includes some improvements over the discussion draft circulated earlier this year, the substantive dangers remain. In particular, the bill:

  • Is still overbroad in scope, allowing near limitless sharing of private user data for a vague and expansive list of purposes that fall well outside the realm of cybersecurity;
  • Continues to require information to be automatically shared with “relevant agencies” including the NSA, which severely limits the power of the Department of Homeland Security (a civilian agency) to oversee information sharing practices and policies;
  • Allows for dangerous “defensive measures” (a rebranding of the previous version’s “countermeasures”) which could legitimize and permit “hacking back” in a manner that seriously harms the Internet; and
  • Provides blanket immunity for sharing private user information with still insufficient privacy safeguards, denying users both effective protection and remedy.

But the flaws of CISA are more than just the sum of its problematic provisions. The underlying paradigm of information sharing as a means to “detect and respond” or “detect and prevent” cybersecurity attacks lends itself more to advancing surveillance than to improving the security of the Web or its users. The primary threat we face is not a dearth of information shared with or by the government, but rather is often a lack of proactive, common sense security measures.

Moreover, data collected is data at risk, from the government’s failures to secure its own systems to the abuses revealed by the Snowden revelations. Putting more and more information into the hands of the government puts more user data in danger. Nevertheless, after passing the Senate Select Committee on Intelligence 14-1, CISA is scheduled to move to the full Senate floor imminently. This is a bad step forward for the future of the open Web.

Meanwhile in Canada, the Canadian Parliament is considering an even more concerning bill, C-51, the Anti-Terrorism Act of 2015. C-51 is sweeping in scope, including granting Canadian intelligence agencies CSIS and CSE new authority for offensive online attacks, as well as allowing these agencies to obtain significant amounts of information held by the Canadian government. The open-ended internal information-sharing exceptions contained in the bill erode the relationship between individuals and their government by removing the compartmentalization that allows Canadians to provide the government some of their most private information (for census, tax compliance, health services, and a range of other purposes) and trust that that information will be used for only its original purposes. This compartmentalization, currently a requirement of the Privacy Act, will not exist after Bill C-51 comes into force.

The Bill further empowers CSIS to take unspecified and open-ended “measures,” which may include the overt takedown of websites, attacks on Internet infrastructure, introduction of malware, and more all without any judicial oversight. These kinds of attacks on the integrity and availability of the Web make us all less secure.

We hope that both the Canadian Parliament and the U.S. Congress will take the time to hear from users and experts before pushing any further with C-51 and CISA respectively. Both of these bills emphasize nearly unlimited information sharing, without adequate privacy safeguards, and alarmingly provide support for cyberattacks. This is an approach to cybersecurity that only serves to undermine user trust, threaten the openness of the Web, and reduce the security of the Internet and its users. For these reasons, we strongly oppose both C-51 and CISA.

 

 

 

 

Categorieën: Mozilla-nl planet

Carsten Book: First overview from the sheriff survey!

Mozilla planet - wo, 25/03/2015 - 08:06

Hi,

thanks for all the Reply’s we got for the Sheriff Survey! If you haven’t already took part in it, its still online and you can still take part in the survey!

While we close the Survey in a few days and i will provide a comprehensive overview of course, i was feeling i could already do some quick overview what we got so far.

One big take away is how important checkin-needed requests is and how many people depend on this. We are very sorry if there are delays with picking up checkin-needed requests but since its a human task it depend how much is ongoing with the trees etc.

But there is work being done on Autoland like on https://wiki.mozilla.org/Auto-tools/Projects/Autoland :)

Also to follow up on 2 concrete things (you might know or maybe not).

Question: How do i know why the tree is closed (when we have a tree closure) on Treeherder

Answer:  Just hover over the repo name in Treeherder (as example mozilla-inbound) or click on the info button right next to the repo name

Question: When i land something on like mozilla-inbound its a mess to manually copy and past the hg changeset url to bug

Answer: We have a tool called mcmerge its right next to every push in the drown-down arrow action menu and unlike the name says its not just to mark merges. During the survey we found out that the name is misleading so we trying to find a new name – https://bugzilla.mozilla.org/show_bug.cgi?id=1145836

Thanks,

 

– Tomcat

Categorieën: Mozilla-nl planet

Jim Chen: Back from leave

Mozilla planet - wo, 25/03/2015 - 04:44

Back in January, I left on a two-month-long leave from Mozilla, in order to do some traveling in China and Japan. Now I'm finally back! I was in China for 1.5 months and in Japan for 2 weeks, and it was amazing! I made a short video highlighting parts of my trip:

Being a mobile developer, I naturally paid some attention to mobile phone usage in China, and how it's different from what I'm used to in the U.S. The cellular infrastructure was impressive. It was fairly cheap, and I was getting full 3G/4G service in small villages and along high-speed rail routes. It seemed like everyone had a smartphone, too. I would see grandmas standing on the side of the road checking their phones.

I never use QR codes in the U.S., but I actually used them quite often in China. For example, you would scan another person's QR code to add them as friends on Wechat. In some places, you could scan a merchant's QR code to pay that merchant using Alipay, a wallet app. Many types of tickets like train tickets and movie tickets also use QR codes over there.

Everyone used Wechat, a messaging app that's “way better than anything else in the U.S.” according to my American friend living in China. It's more than just a messaging app though – you have a “friend circle” that you can post to, a la Facebook; you can also follow “public accounts”, a la Twitter. The app has integrated wallet functionality: I paid for a train ticket and topped up my phone using the app; during Chinese New Year, people were sending each other cash gifts through it.

For some reasons, you see a lot of these “all-in-one” apps in China. I used Baidu Maps during my travel, which does maps and navigation. However, you can also call taxis from within the app or hire a “private car”, a la Uber. You can use the app like Yelp to find nearby restaurants by type and reviews. While you're at it, the app lets you find “group buy” discounts to these restaurants, a la Groupon. I have to say it was super convenient. After I came back to the States, I wasn't used to using Google Maps anymore because it didn't do as much.

Of course, on the flip side, these apps probably would be less popular without the Internet censorship that's so prevalent over there. By creating a barrier for foreign companies to enter the Chinese market, it provided opportunities for domestic companies to create and adapt copycat products. I found it amusing that Android is so prevalent in the Chinese smartphone market, but everything Google is blocked. As a result, you have all these third-party markets that may or may not be legitimate. Mobile malware seems to be a much larger issue in China than in the U.S., because people have to find their apps off of random markets/websites. It was strange to see an apps market promising “safe, no malware” with every download link. Also amusingly, every larger app I saw came with its own updater, again because these apps could not count on having a market to provide update service.

Overall, the trip was quite eye-opening, to see China's tremendous development from multiple angles. I loved Japan, too; I felt it was a lot different from both China and the U.S. Maybe I'll write about Japan in another post.

Categorieën: Mozilla-nl planet

David W: Windows Nighly 64 bit test day

Mozilla planet - wo, 25/03/2015 - 00:28

Why not come along to the windows 64 bit nighly test day this Saturday from 9am to 3pm

PS we are looking for moderators at the event

https://etherpad.mozilla.org/testday-20150328


Categorieën: Mozilla-nl planet

Pages