mozilla

Mozilla Nederland LogoDe Nederlandse
Mozilla-gemeenschap

Abonneren op feed Mozilla planet
Planet Mozilla - https://planet.mozilla.org/
Bijgewerkt: 9 maanden 2 weken geleden

The Rust Programming Language Blog: Announcing Rust 1.74.1

do, 07/12/2023 - 01:00

The Rust team has published a new point release of Rust, 1.74.1. Rust is a programming language that is empowering everyone to build reliable and efficient software.

If you have a previous version of Rust installed via rustup, getting Rust 1.74.1 is as easy as:

rustup update stable

If you don't have it already, you can get rustup from the appropriate page on our website.

What's in 1.74.1

1.74.1 resolves a few regressions introduced in 1.74.0:

Contributors to 1.74.1

Many people came together to create Rust 1.74.1. We couldn't have done it without all of you. Thanks!

Categorieën: Mozilla-nl planet

Mozilla Security Blog: Mozilla VPN Security Audit 2023

wo, 06/12/2023 - 18:00

To provide transparency into our ongoing efforts to protect your privacy and security on the Internet, we are releasing a security audit of Mozilla VPN that Cure53 conducted earlier this year.

The scope of this security audit included the following products:

  • Mozilla VPN Qt6 App for macOS
  • Mozilla VPN Qt6 App for Linux
  • Mozilla VPN Qt6 App for Windows
  • Mozilla VPN Qt6 App for iOS
  • Mozilla VPN Qt6 App for Android

Here’s a summary of the items discovered within this security audit that the auditors rated as medium or higher severity:

  • FVP-03-003: DoS via serialized intent 
      • Data received via intents within the affected activity should be validated to prevent the Android app from exposing certain activities to third-party apps.
      • There was a risk that a malicious application could leverage this weakness to crash the app at any time.
      • This risk was addressed by Mozilla and confirmed by Cure53.
  • FVP-03-008: Keychain access level leaks WG private key to iCloud 
      • Cure53 confirmed that this risk has been addressed due to an extra layer of encryption, which protects the Keychain specifically with a key from the device’s secure enclave.
  • FVP-03-009: Lack of access controls on daemon socket
      • Access controls to guarantee that the user sending commands to the daemon was permitted to initiate the intended action needs to be implemented.
      • This risk has been addressed by Mozilla and confirmed by Cure53.
  • FVP-03-010: VPN leak via captive portal detection 
      • Cure53 advised that the captive portal detection feature be turned off by default to prevent an opportunity for IP leakage when using maliciously set up WiFi hotspots.
      • Mozilla addressed the risk by no longer pinging for a captive portal outside of the VPN tunnel.
  • FVP-03-011: Lack of local TCP server access controls
      • The VPN client exposes a local TCP interface running on port 8754, which is bound to localhost. Users on localhost can issue a request to the port and disable the VPN.
      • Mozilla addressed this risk as recommended by Cure53.
  • FVP-03-012: Rogue extension can disable VPN using mozillavpnnp (High)
      • mozillavpnnp does not sufficiently restrict the application caller.
      • Mozilla addressed this risk as recommended by Cure53.

If you’d like to read the detailed report from Cure53, including all low and informational items, you can find it here.

 

The post Mozilla VPN Security Audit 2023 appeared first on Mozilla Security Blog.

Categorieën: Mozilla-nl planet

Mozilla Privacy Blog: Mozilla Asks US Supreme Court to Support Responsible Content Moderation

wo, 06/12/2023 - 01:05

Today Mozilla Corporation joined an amicus brief in a pair of important Supreme Court cases. The cases consider Texas and Florida laws that prohibit social media platforms from removing hateful and abusive content. If upheld, these laws would make content moderation impossible and would make the internet a much less safe place for all of us. Mozilla urges the Supreme Court to find them unconstitutional.

The Texas law, known as H.B. 20, would prohibit large social media sites from blocking, removing, or demonetizing content based on the viewpoint. While it provides an exception for illegal speech, this still means that platforms would be forced to host a huge range of legal but harmful content, such as outright racism or Holocaust denial. It would mandate, for example, that a page devoted to South African history must tolerate pro-Apartheid comments, or that an online community devoted to religious practice allow comments mocking religion. It would condemn all social media to rampant trolling and abuse.

Mozilla has joined a brief filed by Internet Works and other companies including Tumblr and Pinterest. The brief sets out how content moderation works in practice, and how it can vary widely depending on the goals and community of each platform. It explains how content moderation can promote speech and free association by allowing people to choose and build online communities. In Mozilla’s own social media products, our goal is to moderate in favor of a healthy community. This goal is central to our mission, which underscores our commitment to “an internet that promotes civil discourse, human dignity, and individual expression” and “that elevates critical thinking, reasoned argument, shared knowledge, and verifiable facts.”

The laws under consideration by the Court do not serve speech, but would instead destroy online communities that rely on healthy moderation. Mozilla is standing with the community and allies to call for a better future online.

The post Mozilla Asks US Supreme Court to Support Responsible Content Moderation appeared first on Open Policy & Advocacy.

Categorieën: Mozilla-nl planet

IRL (podcast): The Art of AI

di, 05/12/2023 - 06:00

From Hollywood to Hip Hop, artists are negotiating new boundaries of consent for use of AI in the creative industries. Bridget Todd speaks to artists who are pushing the boundaries.

It’s not the first time artists have been squeezed, but generative AI presents new dilemmas. In this episode: a member of the AI working group of the Hollywood writers union; a singer who licenses the use of her voice to others; an emcee and professor of Black music; and an AI music company charting a different path.

Van Robichaux is a comedy writer in Los Angeles who helped craft the Writers Guild of America’s proposals on managing AI in the entertainment industry. 

Holly Herndon is a Berlin-based artist and a computer scientist who has developed “Holly +”, a series of deep fake music tools for making music with Holly’s voice.

Enongo Lumumba-Kasongo creates video games and studies the intersection between AI and Hip Hop at Brown University. Her alias as a rapper is Sammus. 

Rory Kenny is co-founder and CEO of Loudly, an AI music generator platform that employs musicians to train their AI instead of scraping music from the internet.

*Thank you to Sammus for sharing her track ‘1080p.’ Visit Sammus’ Bandcamp page to hear the full track and check out more of her songs.*

Categorieën: Mozilla-nl planet

Hacks.Mozilla.Org: Firefox Developer Edition and Beta: Try out Mozilla’s .deb package!

do, 30/11/2023 - 20:55

A month ago, we introduced our Nightly package for Debian-based Linux distributions. Today, we are proud to announce we made our .deb package available for Developer Edition and Beta!

We’ve set up a new APT repository for you to install Firefox as a .deb package. These packages are compatible with the same Debian and Ubuntu versions as our traditional binaries.

Your feedback is invaluable, so don’t hesitate to report any issues you encounter to help us improve the overall experience.

Adopting Mozilla’s Firefox .deb package offers multiple benefits:

  • you will get better performance thanks to our advanced compiler-based optimizations,
  • you will receive the latest updates as fast as possible because the .deb is integrated into Firefox’s release process,
  • you will get hardened binaries with all security flags enabled during compilation,
  • you can continue browsing after upgrading the package, meaning you can restart Firefox at your convenience to get the latest version.
To set up the APT repository and install the Firefox .deb package, simply follow these steps: <code># Create a directory to store APT repository keys if it doesn't exist: sudo install -d -m 0755 /etc/apt/keyrings # Import the Mozilla APT repository signing key: wget -q <a class="c-link" href="https://packages.mozilla.org/apt/repo-signing-key.gpg" target="_blank" rel="noopener noreferrer" data-stringify-link="https://packages.mozilla.org/apt/repo-signing-key.gpg" data-sk="tooltip_parent">https://packages.mozilla.org/apt/repo-signing-key.gpg</a> -O- | sudo tee /etc/apt/keyrings/packages.mozilla.org.asc > /dev/null # The fingerprint should be 35BAA0B33E9EB396F59CA838C0BA5CE6DC6315A3 gpg -n -q --import --import-options import-show /etc/apt/keyrings/packages.mozilla.org.asc | awk '/pub/{getline; gsub(/^ +| +$/,""); print "\n"$0"\n"}' # Next, add the Mozilla APT repository to your sources list: echo "deb [signed-by=/etc/apt/keyrings/packages.mozilla.org.asc] <a class="c-link" href="https://packages.mozilla.org/apt" target="_blank" rel="noopener noreferrer" data-stringify-link="https://packages.mozilla.org/apt" data-sk="tooltip_parent">https://packages.mozilla.org/apt</a> mozilla main" | sudo tee -a /etc/apt/sources.list.d/mozilla.list > /dev/null # Update your package list and install the Firefox .deb package: sudo apt-get update && sudo apt-get install firefox-beta # Replace "beta" by "devedition" for Developer Edition And that’s it! You have now installed the latest Firefox Beta/Developer Edition .deb package on your Linux. Firefox supports more than a hundred different locales. The packages mentioned above are in American English, but we have also created .deb packages containing the Firefox language packs. To install a specific language pack, replace fr in the example below with the desired language code: sudo apt-get install firefox-beta-l10n-fr To list all the available language packs, you can use this command after adding the Mozilla APT repository and running sudo apt-get update: apt-cache search firefox-beta-l10n

The post Firefox Developer Edition and Beta: Try out Mozilla’s .deb package! appeared first on Mozilla Hacks - the Web developer blog.

Categorieën: Mozilla-nl planet

The Rust Programming Language Blog: Announcing Rustup 1.26.0

di, 25/04/2023 - 02:00

The rustup working group is happy to announce the release of rustup version 1.26.0. Rustup is the recommended tool to install Rust, a programming language that is empowering everyone to build reliable and efficient software.

If you have a previous version of rustup installed, getting rustup 1.26.0 is as easy as stopping any programs which may be using Rustup (e.g. closing your IDE) and running:

rustup self update

Rustup will also automatically update itself at the end of a normal toolchain update:

rustup update

If you don't have it already, you can get rustup from the appropriate page on our website.

What's new in rustup 1.26.0

This version of Rustup involves a significant number of internal cleanups, both in terms of the Rustup code and its tests. In addition to a lot of work on the codebase itself, due to the length of time since the last release this one has a record number of contributors and we thank you all for your efforts and time.

The headlines for this release are:

  1. Add rust-analyzer as a proxy of rustup. Now you can call rust-analyzer and it will be proxied to the rust-analyzer component for the current toolchain.

  2. Bump the clap dependency from 2.x to 3.x. It's a major version bump, so there are some help text changes, but the command line interface is unchanged.

  3. Remove experimental GPG signature validation and the rustup show keys command. Due to its experimental status, validating the integrity of downloaded binaries did not rely on it, and there was no option to abort the installation if a signature mismatch happened. Multiple problems with its implementation were discovered in the recent months, which led to the decision to remove the experimental code. The team is working on the design of a new signature validation scheme, which will be implemented in the future.

Full details are available in the changelog!

Rustup's documentation is also available in the rustup book.

Thanks

Thanks again to all the contributors who made rustup 1.26.0 possible!

  • Daniel Silverstone (kinnison)
  • Sabrina Jewson (SabrinaJewson)
  • Robert Collins (rbtcollins)
  • chansuke (chansuke)
  • Shamil (shamilsan)
  • Oli Lalonde (olalonde)
  • 二手掉包工程师 (hi-rustin)
  • Eric Huss (ehuss)
  • J Balint BIRO (jbalintbiro)
  • Easton Pillay (jedieaston)
  • zhaixiaojuan (zhaixiaojuan)
  • Chris Denton (ChrisDenton)
  • Martin Geisler (mgeisler)
  • Lucio Franco (LucioFranco)
  • Nicholas Bishop (nicholasbishop)
  • SADIK KUZU (sadikkuzu)
  • darkyshiny (darkyshiny)
  • René Dudfield (illume)
  • Noritada Kobayashi (noritada)
  • Mohammad AlSaleh (MoSal)
  • Dustin Martin (dmartin)
  • Ville Skyttä (scop)
  • Tshepang Mbambo (tshepang)
  • Illia Bobyr (ilya-bobyr)
  • Vincent Rischmann (vrischmann)
  • Alexander (Alovchin91)
  • Daniel Brotsky (brotskydotcom)
  • zohnannor (zohnannor)
  • Joshua Nelson (jyn514)
  • Prikshit Gautam (gautamprikshit1)
  • Dylan Thacker-Smith (dylanahsmith)
  • Jan David (jdno)
  • Aurora (lilith13666)
  • Pietro Albini (pietroalbini)
  • Renovate Bot (renovate-bot)
Categorieën: Mozilla-nl planet

Tiger Oakes: Alternatives to the resize event with better performance

zo, 23/04/2023 - 09:00
Exploring other APIs that integrate closely with the browser's styling engine.
Categorieën: Mozilla-nl planet

Cameron Kaiser: April patch set for TenFourFox

vr, 21/04/2023 - 02:06
As promised, there are new changesets to pick up in the TenFourFox tree. (If you're new to rolling your own TenFourFox build, these instructions still generally apply.) I've tried to limit their scope so that people with a partial build can just pull the changes (git pull) and gmake -f client.mk build without having to "clobber" the tree (completely erase and start over). You'll have to do that for the new ESR when that comes out in a couple months, but I'll spare you that today. Most of these patches are security-related, including one that prevents naughty cookies which would affect us as well, though the rest are mostly crash-preventers and would require PowerPC-specific attacks to be exploitable. There is also an update to the ATSUI font blacklist. As always, if you find problematic fonts that need to be suppressed, post them to issue 566 or in the comments, but read this first.

However, there is one feature update in this patchset: a CSS grid whitelist. Firefox 45, which is the heavily patched underpinning of TenFourFox FPR, has a partially working implementation of CSS grid as explained in this MDN article. CSS grid layout is a more flexible and more generalized way of putting elements on a page than the earlier tables method. Go ahead and try to read that article with the current build before you pull the changes and you'll notice that the page has weirdly scrunched up elements (before a script runs and blanks the whole page with an error). After you build with the updates, you'll notice that while the page still doesn't lay out perfectly right, you can now actually read things. That's because there's a whitelist entry now in TenFourFox that allows grid automatically on developer.mozilla.org (a new layout.css.grid.host.developer.mozilla.org preference defaults to true which is checked for by new code in the CSS parser, and there is also an entry in the problematic scripts filter to block the script that ends up blanking the page when it bugs out). The other issues on that page are unrelated to CSS grid.

This will change things for people who set the global pref layout.css.grid.enabled to true, which we have never shipped in TenFourFox because of (at times significant) bugs in the implementation. This pref is now true, but unless the URL hostname is in the whitelist, CSS grid will still be disabled dynamically and is never enabled for chrome resources. If you set the global pref to false, however, then CSS grid is disabled everywhere. If you were using this for a particular site that lays out better with grid on, post the URL to issue 659 or in the comments and I'll consider adding it to the default set (or add it yourself in about:config).

The next ESR (Firefox 115) comes out end of June-early July, and we'll do the usual root updates then.

Categorieën: Mozilla-nl planet

The Rust Programming Language Blog: Announcing Rust 1.69.0

do, 20/04/2023 - 02:00

The Rust team is happy to announce a nice version of Rust, 1.69.0. Rust is a programming language empowering everyone to build reliable and efficient software.

If you have a previous version of Rust installed via rustup, you can get 1.69.0 with:

rustup update stable

If you don't have it already, you can get rustup from the appropriate page on our website, and check out the detailed release notes for 1.69.0 on GitHub.

If you'd like to help us out by testing future releases, you might consider updating locally to use the beta channel (rustup default beta) or the nightly channel (rustup default nightly). Please report any bugs you might come across!

What's in 1.69.0 stable

Rust 1.69.0 introduces no major new features. However, it contains many small improvements, including over 3,000 commits from over 500 contributors.

Cargo now suggests to automatically fix some warnings

Rust 1.29.0 added the cargo fix subcommand to automatically fix some simple compiler warnings. Since then, the number of warnings that can be fixed automatically continues to steadily increase. In addition, support for automatically fixing some simple Clippy warnings has also been added.

In order to draw more attention to these increased capabilities, Cargo will now suggest running cargo fix or cargo clippy --fix when it detects warnings that are automatically fixable:

warning: unused import: `std::hash::Hash` --> src/main.rs:1:5 | 1 | use std::hash::Hash; | ^^^^^^^^^^^^^^^ | = note: `#[warn(unused_imports)]` on by default warning: `foo` (bin "foo") generated 1 warning (run `cargo fix --bin "foo"` to apply 1 suggestion)

Note that the full Cargo invocation shown above is only necessary if you want to precisely apply fixes to a single crate. If you want to apply fixes to all the default members of a workspace, then a simple cargo fix (with no additional arguments) will suffice.

Debug information is not included in build scripts by default anymore

To improve compilation speed, Cargo now avoids emitting debug information in build scripts by default. There will be no visible effect when build scripts execute successfully, but backtraces in build scripts will contain less information.

If you want to debug a build script, you can add this snippet to your Cargo.toml to emit debug information again:

[profile.dev.build-override] debug = true [profile.release.build-override] debug = true Stabilized APIs

These APIs are now stable in const contexts:

Other changes

Check out everything that changed in Rust, Cargo, and Clippy.

Contributors to 1.69.0

Many people came together to create Rust 1.69.0. We couldn't have done it without all of you. Thanks!

Categorieën: Mozilla-nl planet

Mozilla Thunderbird: Meet The Team: Wolf-Martell Montwe, Android Developer

wo, 19/04/2023 - 11:37

Auf Deutsch übersetzen Traduire en français 日本語に翻訳

Welcome to a brand new feature called “Meet The Team!” In this ongoing series of conversations, I introduce you to the people behind the software you use every day. We kicked things off by talking to Thunderbird’s Product Design Manager Alex Castellani. Now let’s meet someone much newer to the team: Wolf-Martell Montwe.

Having recently joined us from Berlin as a full-time Android developer, Wolf brings his passion for building mobile applications to the Thunderbird team. He’ll be helping to develop new features and an updated interface for K-9 Mail as we transform it into Thunderbird for Android. I spoke with him about his first computer and early gaming memories, what he hopes to accomplish for the Thunderbird mobile app, and how our community of contributors can help.

Meet The Team: Alex Castellani, Product Design Manager <figcaption class="wp-element-caption">Catch up on the “Meet The Team” series by reading my conversation with Alex Castellani</figcaption> Wolf’s Technology Origin Story

I love a great origin story, and many people working in technology seem to have one that’s directly tied to their first computer. Wolf is no exception.

“I think I started my computer journey with playing games — the first I remember is Sid Meier’s Pirates!” Wolf remembers. “Back then I had an IBM 386. Super slow, super loud! And I hacked around a lot to get games running too, to free up memory, to free up disk space because this was super limited. I think one partition was maximum 3MB! It was a big achievement if something just was running.”

Wolf’s fascination with games eventually led to some basic programming knowledge and web page development.

“I used to develop web pages, especially for my school to build up like a little forum,” he says. “I fell in love with PHP because it had one of the first editors with code completion, and that was awesome.”

What Attracted Wolf To The Thunderbird Project?

“I’m a longtime Thunderbird user, and I have used K-9 Mail from 2010 on,” Wolf says. “In my last position, my task was to build up open source software. (So we developed the software and then prepared it to be open source, because the code was readable, but people couldn’t contribute.) And over that time I fall in love with developing open source, so I was looking for opportunities to to follow up on that direction. “

The Thunderbird Android Team Just Doubled In Size. Now What?

Believe it or not, for many years K-9 Mail had one full-time developer (in addition to a community of contributors). So, Wolf effectively doubles the size of the core team. The first questions that came to mind: what doors does this open to the future of Thunderbird for Android, and what can Wolf and cketti accomplish during the next few months?

“First, I want to strengthen the technology base and also open it up for using more modern tooling, especially because the whole Android ecosystem is right now under a really drastic change,” Wolf explains. “It could be pretty beneficial for the project since it’s being rebranded, and think it’s good timing to then also adapt new technology and base everything on that.”

Why We’re Rebuilding The Thunderbird Interface From Scratch

(The desktop version of Thunderbird is undergoing a similar transformation, as we slowly rebuild it with more modern tooling while eliminating years of technical debt.)

Wolf continues: “I think that would also open the Android app to be a little bit easier maintain from a UI side, because right now it is hard to achieve.”

It’s certainly easier for our developers — and our global team of community contributors — to improve an application and more easily add new features when the code isn’t fighting against them.

How Can The Community Help?

There’s so much we can do to contribute to open source software besides writing code. So I asked Wolf: what’s the most important thing the K-9 Mail and Thunderbird community can do to help development?

“Constructive feedback on what we’re doing,” Wolf says. “Whether it’s positive or negative, I think that’s important. But please be nice!”

We certainly encourage everyone on Android to try K-9 Mail as we continue its transformation to Thunderbird. When you’re ready to give feedback or suggest ideas, we invite you to join our Thunderbird Android Planning mailing list, which is open to the public.

Talk to Wolf on Mastodon, and follow him on GitHub.

Download K-9 Mail: F-Droid | Play Store | GitHub.

The post Meet The Team: Wolf-Martell Montwe, Android Developer appeared first on The Thunderbird Blog.

Categorieën: Mozilla-nl planet

IRL (podcast): Bonus Episode

wo, 19/04/2023 - 02:39

We have good news to share. IRL: Online Life is Real Life has been nominated for two Webby Awards: one for Public Service and Activism and another for Technology.  We need your help.  We’d love it if you could go to the links below and vote for us.  It’s quick and easy!  Voting ends on Thursday, April 20th at midnight PDT. 

Vote for IRL in the Webby Awards: Technology and Public Service Activism 

It means so much to spotlight the voices and stories of folks who are making AI more trustworthy in real life, and we love to see them celebrated! 

Thanks for your vote and for listening to IRL!
 

 

 

 

 

Categorieën: Mozilla-nl planet

Cameron Kaiser: Power Mac ransomware? Yes, but it's complicated

di, 18/04/2023 - 18:33
Wired ran an article today (via Ars Technica) about apparent macOS-compatible builds of LockBit, a prominent encrypting ransomware suite, such as this one for Apple silicon. There have been other experimental ransomware samples that have previously surfaced but this may be the first known example of a prominent operation specifically targeting Macs, and it is almost certainly not the last.

What caught my eye in the article was a report of PowerPC builds. I can't seem to get an alleged sample to analyse (feel free to contact me at ckaiser at floodgap dawt com if you can provide one) but the source for that assertion appears to be this tweet.

Can that file run on a Power Mac? It appears it's indeed a PowerPC binary, but the executable format is ELF and not Mach-O, so the file can only run natively on Linux or another ELF-based operating system, not PowerPC Mac OS X (or, for that matter, Mac OS 9 and earlier). Even if the raw machine code were sprayed into memory for an exploitable Mac application to be tricked into running, ELF implies System V ABI, which is similar but different from the PowerOpen ABI used for PowerPC-compatible versions of Mac OS, and we haven't even started talking about system calls. Rather than a specific build targetting Power Macs, most likely this is evidence that the LockBit builders simply ran every crosscompiler variation they could find on their source code: there are no natively little-endian 32-bit PowerPC CPUs, for example, yet there's a ppcle build visible in the screenshot. Heck, there's even an s390x build. Parents, don't let your mainframes out unsupervised.

This is probably a good time to mention that I've been working on security patches for TenFourFox and a couple minor feature adjustments, so stay tuned. It's been awhile but such are hobbies.

Categorieën: Mozilla-nl planet

Support.Mozilla.Org: What’s up with SUMO – Q1 2023

ma, 17/04/2023 - 17:19

Hi everybody,

I know some of you have been asking about the monthly blog post since January. We’re back today, with a summary of what happened in the past 3 months. This will be our new cadence for this kind of post. So please look out for our next edition by early July.

I hope the past 3 months have treated you well. Time surely flies so fast. We’ve done a lot of internal research for the past 3 months, but in Q2, I promise you will see more of me all around our various community channels.

Welcome note and shout-outs
  • Welcome to Kim Jae Woo, Henry Green, Jason Hoyle, Ifeoma, Ray Vermey, Ashfaq, Hisham, Peter, Varun, and Théo. Thanks for joining the Social and Mobile Store Support program!
  • Shout-outs to Tim Maks, Christophe, for participating in FOSDEM 2023! Also to Paul for his continued support for Mozfest over the years. You are all amazing!
  • Thanks to everybody for your participation in the Mozilla Support 2023 contributor survey. Your input and feedback are greatly appreciated. #MozLove to you all!

If you know anyone that we should feature here, please contact Kiki, and we’ll make sure to add them in our next edition.

Community news
  • What happened at FOSDEM 2023? Check out this blog post!
  • Learn more about Mozilla.social initiative if you’re into the fediverse world.
  • Watch the recording of our community call in March if you haven’t already to learn more about SUI (Simplified User Interface) screenshot that Lucas shared.
  • It’s also highly recommended to watch our community call in April to catch up on the result of the contributor survey we’ve done in Q1.
Catch up
  • Watch the monthly community call if you haven’t. Learn more about what’s new in January, February and March! Reminder: Don’t hesitate to join the call in person if you can. We try our best to provide a safe space for everyone to contribute. You’re more than welcome to lurk in the call if you don’t feel comfortable turning on your video or speaking up. If you feel shy to ask questions during the meeting, feel free to add your questions on the contributor forum in advance, or put them in our Matrix channel, so we can answer them during the meeting.
  • If you’re an NDA’ed contributor, you can watch the recording of the Customer Experience weekly scrum meeting from AirMozilla to catch up with the latest product updates.
  • Consider subscribe to Firefox Daily Digest to get daily updates about Firefox from across different platforms.
  • Check out SUMO Engineering Board to see what the platform team is currently doing.
Community stats KB

KB pageviews (*)

* KB pageviews number is a total of KB pageviews for /en-US/ only

Month Page views Vs previous month Jan 2023 7,199,541 5.53% Feb 2023 7,288,066 2.88% Mar 2023 7,485,556 2.71%

Top 5 KB contributors in the last 90 days: 

KB Localization

Top 10 locales based on total page views

Locale Jan 2023 

pageviews (*)

Feb 2023 pageviews (*) Mar 2023 

pageviews (*)

Localization progress (per Apr, 17)(**) de 11.51% 10.34% 10.59% 98% fr 7.66% 6.81% 7.81% 89% zh-CN 5.05% 6.64% 7.27% 96% es 5.91% 5.67% 6.06% 25% ja 4.22% 4.11% 4.13% 46% ru 4.09% 3.98% 3.93% 100% pt-BR 3.00% 2.84% 3.39% 52% It 2.75% 2.79% 2.65% 99% pl 2.47% 2.24% 2.25% 88% zh-TW 0.61% 0.98% 1.47% 3%

* Locale pageviews is an overall pageviews from the given locale (KB and other pages)

** Localization progress is the percentage of localized article from all KB articles per locale

Top 5 localization contributors in the last 90 days: 

Forum Support

Forum stats

Month Total questions Answer rate within 72 hrs Solved rate within 72 hrs Forum helpfulness Jan 2023 2,888 77.77% 10.28% 47.12% Feb 2023 2,752 66.10% 9.30% 54.79% Mar 2023 3,450 66.02% 8.19% 48.91%

Top 5 forum contributors in the last 90 days: 

Social Support Channel Total tweets Total moderation by contributors Total reply by contributors Jan 2023 314 125 42 Feb 2023 344 140 62 Mar 2023 404 171 55

Top 5 Social Support contributors in the past 3 months: 

  1. Tim Maks 
  2. Bithiah K
  3. Théo C
  4. Daniel López
  5. Peter Gallwas
Play Store Support Channel Jan 2023 Total reviews Total moderation by contributors Total reply by contributors Firefox for Android 5,710 250 90 Firefox Focus for Android 785 63 23

 

Channel Feb 2023 Total reviews Total moderation by contributors Total reply by contributors Firefox for Android 5,025 173 46 Firefox Focus for Android 558 17 4

 

Channel Mar 2023 Total reviews Total moderation by contributors Total reply by contributors Firefox for Android 5,741 270 69 Firefox Focus for Android 588 29 7

Top 5 Play Store contributors in the past 3 months: 

Product updates

To catch up on product releases update, please watch the recording of the Customer Experience scrum meeting from AirMozilla. You can also subscribe to the AirMozilla folder by clickling on the Subscribe button at the top right corner of the page to get notifications each time we add a new recording.

Useful links:
Categorieën: Mozilla-nl planet

Frederik Braun: Examine Firefox Inter-Process Communication using JavaScript in 2023

ma, 17/04/2023 - 00:00

This is my update to the 2021 JavaScript IPC blog post from the Firefox Attack & Defense blog.

Firefox uses Inter-Process Communication (IPC) to implement privilege separation, which makes it an important cornerstone in our security architecture. A previous blog post focused on fuzzing the C++ side of IPC. This blog …

Categorieën: Mozilla-nl planet

Pagina's