mozilla

Mozilla Nederland LogoDe Nederlandse
Mozilla-gemeenschap

Mozilla Firefox – tipy pro ochranu soukromí - 2.díl - PC World.cz

Nieuws verzameld via Google - zo, 22/05/2016 - 10:18

PC World.cz

Mozilla Firefox – tipy pro ochranu soukromí - 2.díl
PC World.cz
Mozilla Firefox – tipy pro ochranu soukromí - 2.díl. Internet | 22.05.16. Pokud jste příznivci internetového prohlížeče Mozilla Firefox, pak určitě oceníte následující tipy, které vám umožní zefektivnit ochranu vašeho soukromí právě v souvislosti s ...

en meer »Google Nieuws
Categorieën: Mozilla-nl planet

Mozilla Firefox 46.0.1 Lands in the Ubuntu Repos, But No Sign of Thunderbird 45 - Softpedia News

Nieuws verzameld via Google - zo, 22/05/2016 - 03:37

Softpedia News

Mozilla Firefox 46.0.1 Lands in the Ubuntu Repos, But No Sign of Thunderbird 45
Softpedia News
Canonical recently pushed the first point release of the Mozilla Firefox 46.0 web browser to the stable channels for all supported Ubuntu Linux operating systems, along with Mozilla Thunderbird 38.8.0. Mozilla Firefox 46.0.1 is a small bug fix update ...

Categorieën: Mozilla-nl planet

Mozilla Invests $59000 In Three Kansas City Startups - KCUR

Nieuws verzameld via Google - za, 21/05/2016 - 22:20

KCUR

Mozilla Invests $59000 In Three Kansas City Startups
KCUR
Three Kansas City startups will receive a combined $59,000 from the Mozilla Gigabit Community Fund to expand and develop programs that promote innovation in the classroom. KC Social Innovation Center, PlanIT Impact and Pennez were awarded money ...

Categorieën: Mozilla-nl planet

Kennst du schon…? Interessante, aber weniger bekannte Mozilla-Projekte #3 - soeren-hentzschel.at

Nieuws verzameld via Google - za, 21/05/2016 - 16:16

soeren-hentzschel.at

Kennst du schon…? Interessante, aber weniger bekannte Mozilla-Projekte #3
soeren-hentzschel.at
Die meisten kennen Mozilla durch Firefox, einige vielleicht auch noch durch Thunderbird und Firefox OS. Dann aber hört es oft schon auf. Dabei macht Mozilla so viel mehr, was vielen gar nicht bewusst ist. In dieser Artikel-Serie sollen andere Mozilla ...

en meer »
Categorieën: Mozilla-nl planet

Linksys says 'no' to the FCC, Mozilla expands open source funding, and more ... - Opensource.com

Nieuws verzameld via Google - za, 21/05/2016 - 09:07

Opensource.com

Linksys says 'no' to the FCC, Mozilla expands open source funding, and more ...
Opensource.com
In this week's edition of our open source news roundup, we take a look at Linksys saying no to the FCC's router rules, Mozilla expands its funding for open source projects, a new open source project from LinkedIn, and more.

Categorieën: Mozilla-nl planet

Gian-Carlo Pascutto: Technical Debt, Episode 1

Mozilla planet - za, 21/05/2016 - 00:30
One of the projects I'm working on for Mozilla is our Content Sandboxing. We've been using sandboxing for a while to protect some plugins like Flash, as well as media plugins, but now that Firefox can render webpages in a separate process, we can apply restrictions to what those "Web Content" processes can do, too. Those processes are the part of Firefox that is essentially exposed to the internet, and hence to potentially dangerous webpages.

Although we go to great lengths to make this impossible, there is always a chance that a bug in Firefox would allow an attacker to exploit and take over a Web Content process. But by using features provided by the operating system, we can prevent them from taking over the rest of the computing device by disallowing many ways to interact with it, for example by stopping them from starting new programs or reading or writing specific files.

This feature has been enabled on Firefox Nightly builds for a while, at least on Windows and Mac OS X. Due to the diversity of the ecosystem, it's taken a bit longer for Linux, but we are now ready to flip that switch too.

The initial version on Linux will block very, very little. It's our goal to get Firefox working and shipping with this first and foremost, while we iterate rapidly and hammer down the hatches as we go, shipping a gradual stream of improvements to our users.

One of the first things to hammer down is filesystem access. If an attacker is free to write to any file on the filesystem, he can quickly take over the system. Similarly, if he can read any file, it's easy to leak out confidential information to an attacking webpage. We're currently figuring out the list of files and locations the Web Content process needs to access (e.g. system font directories) and which ones it definitely shouldn't (your passwords database).

And that's where this story about technical debt really starts.

While tracing filesystem access, we noticed at some point that the Web Content process accesses /etc/passwd. Although on most modern Unix systems this file doesn't actually contain any (hashed) passwords, it still typically contains the complete real name of the users on the system, so it's definitely not something that we'd want to leave accessible to an attacker.

My first thought was that something was trying to enumerate valid users on the system, because that would've been a good reason to try to read /etc/passwd.

Tracing the system call to its origin revealed another caller, though. libfreebl, a part of NSS (Network Security Services) was reading it during its initialization. Specifically, we traced it to this array in the source. Reading on what it is used for is, eh, quite eyebrow-raising in the modern security age.

The NSS random number generator seeds itself by attempting to read /dev/urandom (good), ignoring whether that fails or not (not so good), and then continuing by reading and hashing the password file into the random number generator as additional entropy. The same code then goes on to read in several temporary directories (and I do mean directories, not the files inside them) and perform the same procedure.

Should all of this have failed, it will make a last ditch effort to fork/exec "netstat -ni" and hash the output of that. Note that the usage of fork here is especially "amusing" from the sandboxing perspective, as it's the one thing you'll absolutely never want to allow.

Now, almost none of this has ever been a *good* idea, but in its defense NSS is old and caters to many exotic and ancient configurations. The discussion about /dev/urandom reliability was raised in 2002, and I'd wager the relevant Linux code has seen a few changes since. I'm sure that 15 years ago, this might've been a defensible decision to make. Apparently one could even argue that some unnamed Oracle product running on Windows 2000 was a defensible use case to keep this code in 2009.

Nevertheless, it's technical debt. Debt that hurt on the release of Firefox 3.5, when it caused Firefox startup to take over 2 minutes on some people's systems.

It's not that people didn't notice this idea was problematic:
I'm fully tired of this particular trail of tears. There's no good reason to waste users' time at startup pretending to scrape entropy off the filesystem. -- Brendan Eich, July 2009RNG_SystemInfoForRNG - which tries to make entropy appear out of the air. -- Ryan Sleevi, April 2014 Though sandboxing was clearly not considered much of a use case in 2006:
Only a subset of particularly messed-up applications suffer from the use of fork. -- Well meaning contributor, September 2006Nevertheless, I'm - still - looking at this code in the year of our Lord 2016 and wondering if it shouldn't all just be replaced by a single getrandom() call.

If your system doesn't have getrandom(), well maybe there's a solution for that too.



Don't agree? Can we then at least agree that if your /dev/urandom isn't secure, it's your problem, not ours?

Categorieën: Mozilla-nl planet

Air Mozilla: Webdev Beer and Tell: May 2016

Mozilla planet - vr, 20/05/2016 - 20:00

 May 2016 Once a month web developers across the Mozilla community get together (in person and virtually) to share what cool stuff we've been working on in...

Categorieën: Mozilla-nl planet

Support.Mozilla.Org: Event Report: Mozilla Ivory Coast SUMO Sprint

Mozilla planet - vr, 20/05/2016 - 18:18

We’re back, SUMO Nation! This time with a great event report from Abbackar Diomande, our awesome community spirit in Ivory Coast! Grab a cup of something nice to drink and enjoy his report from the Mozilla Ivory Coast SUMO Sprint.

The Mozilla Ivory Coast community is not yet ready to forget Saturday, May 15. It was then that the first SUMO Sprint in Ivory Coast took place, lasting six hours!
For this occasion, we were welcomed and hosted by the Abobo Adjame University, the second largest university in the country.
Many students, some members of the Mozilla local community, and other members of the free software community gathered on this day.

The event began with a Mozilla manifesto presentation by Kouadio – a young member of our local SUMO team and the Lead of the Firefox Club at the university.

After that, I introduced everyone to SUMO, the areas of SUMO contribution, the our Nouchi translation project, and Locamotion (the tool we use to localize).
During my presentation I learned that all the guests were really surprised and happy to learn of the existence of support.mozilla.org and a translation project for Nouchi
They were very happy and excited to participate in this sprint, and you can see that in the photos, emanating from their smiles and the joy that you can read from their the faces.

After all presentations and introductions, the really serious things could begin. Everyone spent two hours answering questions of French users on Twitter – the session passed very quickly in the friendly atmosphere.

We couldn’t reach the goal of answering all the Army of Awesome posts in French, but everyone appreciated what we achieved, providing answers to over half the posts – we were (and still are) very proud of our job!

After the Army of Awesome session, our SUMO warriors have turned to Locamotion for Nouchi localization. It was at once serious and fun. Originally planned for three hours, we localized for four – because it was so interesting :-)

Mozilla and myself received congratulations from all participants for this initiative, which promotes the Ivorian language and Ivory Coast as a digital country present on the internet.

Even though we were not able to reach all our objectives, we are still very proud of what we have done. We contributed very intensely, both to help people who needed it and to improve the scale and quality of Nouchi translations in open source, with the help of new and dynamic contributors.

The sprint ended with a group tasting of garba (a traditional local dish) and a beautiful family picture.

Thank you, Abbackar! It’s always great to see happy people contributing their skills and time to open source initiatives like this. SUMO is proud to be included in Ivory Coast’s open source movement! We hope to see more awesomeness coming from the local community in the future – in the meantime, I think it’s time to cook some garba! ;-)

Categorieën: Mozilla-nl planet

Patrick Cloke: Google Summer of Code 2016 projects

Mozilla planet - vr, 20/05/2016 - 15:15

I’d like to introduce the 13 students that are being mentored by Mozilla this year as part of Google Summer of Code 2016! Currently the “community bonding” period is ongoing, but we are on the cusp of the “coding period” starting.

As part of Google Summer of Code (GSoC), we ask students to provide weekly updates of their progress in a public area (usually a blog). If you’re interested in a particular project, please follow along! Lastly, remember that GSoC is a community effort: if a student is working in an area where you consider yourself knowledgable, please introduce yourself and offer to provide help and/or advice!

Below is a listing of each student’s project (linked to their weekly updates), the name of each student and the name of their mentor(s).

Project Student Mentor(s) Download app assets at runtime (Firefox for Android) Krish skaspari File API Support (Servo) izgzhen Manishearth Implement RFC7512 PKCS#11 URI support and system integration (NSS) varunnaganathan Bob Relyea, David Woodhoue Implementing Service Worker Infrastructure in Servo Browser Engine creativcoder jdm Improving and expanding the JavaScript XMPP Implementation Abdelrhman Ahmed aleth, nhnt11 Mozilla Calendar – Event in a Tab paulmorris Philipp Kewisch Mozilla Investigator (MIG): Auditd integration Arun kang Prevent Failures due to Update Races (Balrog) varunjoshi Ben Hearsum Proposal of Redesign SETA MikeLing Joel Maher Schedule TaskCluster Jobs in Treeherder martianwars armenzg Thunderbird - Implement mbox -> maildir converter Shiva mkmelin Two Projects to Make A-Frame More Useful, Accessible, and Exciting bryik Diego Marcos Web-based GDB Frontend baygeldin jonasfj
Categorieën: Mozilla-nl planet

Air Mozilla: Foundation Demos May 20 2016

Mozilla planet - vr, 20/05/2016 - 15:00

Foundation Demos May 20 2016 Foundation Demos May 20 2016

Categorieën: Mozilla-nl planet

FBI využívá ke sledování díru, která je zřejmě i ve Firefoxu. Mozilla chce chybu ... - Živě.cz

Nieuws verzameld via Google - vr, 20/05/2016 - 13:39

FBI využívá ke sledování díru, která je zřejmě i ve Firefoxu. Mozilla chce chybu ...
Živě.cz
Američtí federální vyšetřovatelé z FBI objevili díru v zabezpečení internetového prohlížeče Tor Browser, díky které mohli sledovat a dopadnout uživatele serveru s dětskou pornografií. Tor Browser je však prohlížeč postavený na Firefoxu a je docela ...
Mozilla podala žalobu na FBI, chce informace o zranitelnosti Tor BrowseruDeep in IT

alle 3 nieuwsartikelen »
Categorieën: Mozilla-nl planet

FBI využívá ke sledování díru, která je zřejmě i ve Firefoxu. Mozilla chce chybu ... - Živě.cz

Nieuws verzameld via Google - vr, 20/05/2016 - 13:39

FBI využívá ke sledování díru, která je zřejmě i ve Firefoxu. Mozilla chce chybu ...
Živě.cz
Američtí federální vyšetřovatelé z FBI objevili díru v zabezpečení internetového prohlížeče Tor Browser, díky které mohli sledovat a dopadnout uživatele serveru s dětskou pornografií. Tor Browser je však prohlížeč postavený na Firefoxu a je docela ...
Mozilla podala žalobu na FBI, chce informace o zranitelnosti Tor BrowseruDeep in IT
FBI nemusí Mozille vydat informace o chybě, rozhodl soudRoot.cz

alle 3 nieuwsartikelen »Google Nieuws
Categorieën: Mozilla-nl planet

Doug Belshaw: What does it mean to be a digitally literate school leader?

Mozilla planet - vr, 20/05/2016 - 12:32

As part of the work I’m doing with London CLC, their Director, Sarah Horrocks, asked me to write something on what it means to be a digitally literate school leader. I’d like to thank her for agreeing to me writing this for public consumption.

Image CC BY K.W. Barrett

Image CC BY K.W. Barrett

Before I start, I think it’s important to say why I might be in a good position to be able to answer this question. First off, I’m a former teacher and senior leader. I used to be Director of E-Learning of a large (3,000 student), all-age, multi-site Academy. I worked for Jisc on their digital literacies programme, writing my thesis on the same topic. I’ve written a book entitled The Essential Elements of Digital Literacies. I also worked for the Mozilla Foundation on their Web Literacy Map, taking it from preliminary work through to version 1.5. I now consult with clients around identifying, developing, and credentialing digital skills.

That being said, it’s now been a little over six years since I last worked in a school, and literacy practices change quickly. So I’d appreciate comments and pushback on what follows.

Let me begin by saying that, as Allan Martin (2006) pointed out, “Digital literacy is a condition, not a threshold.” That’s why, as I pointed out in my 2012 TEDx talk, we shouldn’t talk about ‘digital literacy’ as a binary. People are not either digitally literate or digitally illiterate - instead literacy practices in a given domain exist on a spectrum.

In the context of a school and other educational institutions, we should be aware that that there are several cultures at play. As a result, there are multiple, overlapping literacy practices. For this reason we should talk of digital literacies in their plurality. As I found in the years spent researching my thesis, there is no one, single, definition of digital literacy that is adequate in capturing the complexity of human experience when using digital devices.

In addition, I think that it’s important to note that digital literacies are highly context dependent. This is perhaps most evident when addressing the dangerous myth of the 'digital native’. We see young people confidently using smartphones, tablets, and other devices and therefore we assume that their skillsets in one domain are matched by the requisite mindsets from another.

So to recap so far, I think it’s important to note that digital literacies are plural and context-dependent. Although it’s tempting to attempt to do so, it’s impossible to impose a one-size-fits-all digital literacy programme on students, teachers, or leaders and meet with success. Instead, and this is the third 'pillar’ one which my approach rests, I’d suggest that definitions of digital literacies need to be co-created.

By 'co-created’ I mean that there are so many ways in which one can understand both the 'digital’ and 'literacies’ aspects of the term 'digital literacies’ that it can be unproductively ambiguous. Instead, a dialogic approach to teasing out what this means in your particular context is much more useful. In my thesis and book I came up with eight elements of digital literacies from the research literature which prove useful to scaffold these conversations:

  1. Cultural
  2. Cognitive
  3. Constructive
  4. Communicative
  5. Confident
  6. Creative
  7. Critical
  8. Civic

In order not to make this post any longer than it needs to be, I’ll encourage you to look at my book and thesis for more details on this. Suffice to say, it’s important both to collaboratively define the above eight terms and define then what you mean by 'digital literacies’ in a particular context.

All of this means that the job of the school leader is not to reach a predetermined threshold laid down by a governing body or professional body. Instead, the role of the school leader is to be always learning, questioning their practice, and encouraging colleagues and students in all eight of the 'essential elements’ listed above.

As with any area of interest and focus, school leaders should model the kinds of knowledge, skills, and behaviours they want to see develop in those around them. Just as we help people learn that being punctual is important by always turning up on time ourselves, so the importance of developing digital literacies can be demonstrated by sharing learning experiences and revelations.

There is much more on this in my thesis, book, and presentations but I’ll finish with some recommendations as to what school leaders can do to ensure they are constantly improving their practices around digital literacies:

  • Seek out new people: it’s easy for us to become trapped in what are known as filter bubbles, either through the choices we make as a result of confirmation bias, or algorithmically-curated newsfeeds. Why not find people and organisations who you wouldn’t usually follow, and add them to your daily reading habits?
  • Share what you learn: why not create a regular way to update those in your school community about issues relating to the considered use of technology? This could be a discussion forum, a newsletter pointing to the work of people like the Electronic Frontier Foundation or Common Sense Media, or 'clubs’ that help staff and students get to grips with new technologies.
  • Find other ways: the danger of 'best practices’ or established workflows is that they can make you blind to new, better ways of doing things. As Clay Shirky notes in this interview it can be liberating to jettison existing working practices in favour of new ones. What other ways can you find to write documents, collaborate with others, be creative, and/or keep people informed?

Comments? Questions? I’m @dajbelshaw or you can get in touch with me at: hello@dynamicskillset.com. I consult around identifying, developing, and credentialing digital skills.

Categorieën: Mozilla-nl planet

Mozilla Firefox – tipy pro ochranu soukromí - 1.díl - PC World.cz

Nieuws verzameld via Google - vr, 20/05/2016 - 10:17

PC World.cz

Mozilla Firefox – tipy pro ochranu soukromí - 1.díl
PC World.cz
V tomto ohledu vám bez obav můžeme nabídnout prohlížeč Mozilla Firefox, který je šířený pod licencí Open Source a který je tou nejlepší volbou právě v souvislosti s ochranou vašich soukromých dat před zvědavýma očima ostatních. I přesto, že má Mozilla ...

Categorieën: Mozilla-nl planet

La justice refuse à Mozilla les détails sur une faille de Firefox - ZDNet France

Nieuws verzameld via Google - vr, 20/05/2016 - 10:12

Next INpact

La justice refuse à Mozilla les détails sur une faille de Firefox
ZDNet France
Mozilla avait déposé un recours dans une affaire opposant le FBI à un réseau de trafic d'images pédopornographiques sur Tor. L'éditeur de Firefox soupçonne les autorités d'avoir réuni ses preuves en exploitant une faille au sein du navigateur.
Tor : un juge refuse à Mozilla les détails d'une éventuelle faille de FirefoxNext INpact
Le FBI refuse de communiquer sur une faille touchant Tor et Firefox, la justice lui ...Le Journal du Geek
Le FBI refuse de communiquer sur une faille affectant Tor Browser et FirefoxClubic

alle 4 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Tor : un juge refuse à Mozilla les détails d'une éventuelle faille de Firefox - Next INpact

Nieuws verzameld via Google - vr, 20/05/2016 - 08:30

Next INpact

Tor : un juge refuse à Mozilla les détails d'une éventuelle faille de Firefox
Next INpact
Un juge américain vient de débouter Mozilla dans sa demande d'intervention dans un procès pour pédopornographie. L'éditeur aimerait connaître les détails d'une possible faille de sécurité utilisée pour traquer des utilisateurs du réseau Tor. Il ne ...
Le FBI refuse de communiquer sur une faille touchant Tor et Firefox, la justice lui ...Le Journal du Geek
Le FBI refuse de communiquer sur une faille affectant Tor Browser et FirefoxClubic

alle 3 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Mozilla las perdió de vista - Clarín.com

Nieuws verzameld via Google - vr, 20/05/2016 - 05:32

Mozilla las perdió de vista
Clarín.com
Una acabada muestra de superioridad. Eso fue el triunfo de ayer de Mozilla en el Clásico México, prueba estelar disputada en el Hipódromo de La Plata. Dando cuenta de su capacidad para recorrer distancias dilatadas, esta vez la tordilla que defiende ...

en meer »
Categorieën: Mozilla-nl planet

Air Mozilla: Bay Area Accessibility and Inclusive Design meetup: Fifth Annual Global Accessibility Awareness Day

Mozilla planet - vr, 20/05/2016 - 03:30

 Fifth Annual Global Accessibility Awareness Day Digital Accessibility meetup with speakers for Global Accessibility Awareness Day. #a11ybay. 6pm Welcome with 6:30pm Start Time.

Categorieën: Mozilla-nl planet

Support.Mozilla.Org: What’s Up with SUMO – 19th May

Mozilla planet - do, 19/05/2016 - 23:59

Hello, SUMO Nation!

Glad to see all of you on this side of spring… How are you doing? Have you missed us as much as we missed you? Here we go yet again,  another small collection of updates for your reading pleasure :-)

Welcome, new contributors! If you just joined us, don’t hesitate – come over and say “hi” in the forums! Contributors of the week

We salute you!

Don’t forget that if you are new to SUMO and someone helped you get started in a nice way you can nominate them for the Buddy of the Month! Most recent SUMO Community meeting The next SUMO Community meeting
  • …is happening on WEDNESDAY the 25th of May – join us!
  • Reminder: if you want to add a discussion topic to the upcoming meeting agenda:
    • Start a thread in the Community Forums, so that everyone in the community can see what will be discussed and voice their opinion here before Wednesday (this will make it easier to have an efficient meeting).
    • Please do so as soon as you can before the meeting, so that people have time to read, think, and reply (and also add it to the agenda).
    • If you can, please attend the meeting in person (or via IRC), so we can follow up on your discussion topic during the meeting with your feedback.
Community Social Support Forum Knowledge Base & L10n
  • The Polish team have reached their monthly milestone – congratulations!
  • Final reminder: if you want to participate in the ongoing discussion about source material quality and frequency, take a look at this thread. We are going to propose a potential way of addressing your issues once we collate enough feedback.
  • Reminder: L10n hackathons everywhere! Find your people and get organized!
Firefox
  • for Android
    • Version 46 support discussion thread.
    • Reminder: version 47 will stop supporting Gingerbread. High time to update your Android installations!
      • Other than that, it should be a minor release. Documentation in progress!

And that’s it! We hope you are looking forward to the end of this week and the beginning of the next one… We surely are! Don’t forget to follow us on Twitter!

Categorieën: Mozilla-nl planet

Mozilla awards grants to Chattanooga organizations - Nooga.com

Nieuws verzameld via Google - do, 19/05/2016 - 21:31

Nooga.com

Mozilla awards grants to Chattanooga organizations
Nooga.com
"Grantees will leverage the awarded funds to build, pilot and scale gigabit-enabled applications and curricula that have immediate impact on classrooms and informal learning organizations," Katie Hendrix, who leads Mozilla's gigabit work here, said in ...
Mozilla Steps beyond Open Source with Gigabit Internet Funding in AustinThe VAR Guy
Mozilla Funds Program to Put Austin"s Gigabit Connections to UseDSL Reports

alle 3 nieuwsartikelen »
Categorieën: Mozilla-nl planet

Pagina's