Slashdot Mirror

This video, shot at Mozilla, explains about the origin of Ogg Theora (which was based on VP3) and thus also WebM (which was based on VP8):

http://air.mozilla.org/open-video-codec-discussion-at-mozilla/

Actually, just black-box reverse engineering is simpler in this case than trying to sort through their code.

And yes, someone did do it for me. And then I reviewed their work: https://bugzilla.mozilla.org/show_bug.cgi?id=435442

None of which makes CSS Animations an "open standard" as things stand.

So now things aren't open if you can't understand it first glance? Now you're just being whiny.

Actually, just black-box reverse engineering is simpler in this case than trying to sort through their code.

And yes, someone did do it for me. And then I reviewed their work: https://bugzilla.mozilla.org/show_bug.cgi?id=435442

None of which makes CSS Animations an "open standard" as things stand.

In the meantime, Firefox 1.0 is still available for download. I encourage you to try it out if you're dissatisfied with the direction we've taken recently.

How difficult would it be to build firebird or firefox 1.0 against a more recent gecko engine? Is it "damn near impossible" or is it "something I can spend a few weekends working on?"

I'm not complaining that the project is doing X or Y now. I think a lot of the updates and changes are quite interesting. What I am saying is that Firefox in its current state no longer meets my needs.

This is not about making more money. Mozilla is not driven by that economic model. Mozilla sees the walled gardens of the current crop of smartphone and similar devices operating systems as a threat to personal freedom and the heath of the internet. This project is an exploration partly to see what technical gaps exist that web application needs access to function in a similar manner to a desktop application.

There are already companies and working groups trying to accomplish this. Rather than have the specs written without any exploratory work. Mozilla is proposing to build out B2G to evaluate where those problems and shortfalls are. To me this seems like a better idea than having device manufacturers who want to expose the world. Is the user on 4g, wifi, what is the access point name, what is the user paying per kb, etc.? Or having working groups building out a spec absent of actual web developers.

It's time for someone to make a browser that does nothing but render HTML.

You wouldn't have been able to share this insight on Slashdot in such a browser, you know...

Seriously, I'm looking forward to the day when someone posts a story on Slashdot about a Mozilla project, and everyone doesn't instantly complain that we're doing X or Y instead of making teh awesomest stripped-down browser, which does nothing but send http requests and display unrendered HTML.

In the meantime, Firefox 1.0 is still available for download. I encourage you to try it out if you're dissatisfied with the direction we've taken recently.

[..]to quickly, effectively, and openly communicate with various people on various shared interests with various levels of privacy?

Your statement makes zero sense to me. I can't openly communicate when there is no privacy due to lack encryption. It's also not effective in any way, the web is extremely limited - I can't quote as I can with e-mail, I can't use a decent editor (or maybe I could, but It doesn't really integrate that well with the whole "Web 2.0" idea), I can't use all the mighty tools that I can use with Usenet, E-mail or IRC. Instead I have to use some shitty web interface that's meant to meet everyones needs. And I can't do anything quickly, because browsers are fscking slow.
All these new web-based, bloated, centralized services seem so inferior to all of the decentralized, standardized protocols that were already there 20 years ago that I really can't imagine why I should ever use them. /rant

You're over thinking things. What if you were allowed to tick a checkbox in your browser, and thereafter it would state clearly in every HTTP request header DO NOT TRACK ME. This enables notification that we do not want any tracking to be performed, and is delivered in the same set of headers that they are already parsing to read the "Cookies" they set.

It looks like this:
DNT: 1
Firefox4 and IE9 Support this, last I heard Chrome didn't (I hear there is a 3rd party plugin now). All those advertising bastards need do is not track people with those settings. Additionally, use a plugin like CookieMonster to manage your cookie settings.

Them: "Without cookies how will we know if you want to opt out?!"
Us: "Problem Solved. Read the DNT header fool."
Them: "We need cookies to makes sure people aren't fraudulently clicking ads, and to count clicks"
Us: "Not our problem; Besides, Cookies can be cleared -- Store your clicks & hits in YOUR OWN damn database!"
Them: "... [under breath] But we don't have to, and we won't comply sanely without mandatory regulation."

They'll cry us a river when it comes down to strict regulations -- The only bad thing is that the law writers don't understand technology enough to just say: "Advertisers must honor the 'DNT: 1' (do not track header) as if the user had followed the advertiser's opt-out procedure, and [insert other shit they should do like delete user records and not set cookies -- though I can manage my own damn cookies, but thanks]."

Cookies are the implementation that people have come up with so far, at least until you start sending some kind of global user id in all http headers (an idea that people would hate even more).

Or perhaps a simple "fuck off and don't track me" HTML header?

It doesn't actually have to identify you for them to get the message. If they'd honor it, that is.

-CCarrot (posting AC due to mods in this topic)

How about fixing this bug from 2004?

Bug 235853 - [PAC] Defer proxy resolution for HTTP and HTTPS PAC to avoid blocking main thread during DNS resolution

FF6 won't be out in ten weeks. Don't be silly. Major Firefox releases are now six weeks apart. FF6 will be out in four weeks.

How long have people been begging for an MSI based installer, and some Group Policy support that is "official".. sure there are scripts that can hack GPO support in, and 3rd party builds of the MSI installer.. but people have been asking since Firefox 2...

People have been asking officially since at least 2000.
https://bugzilla.mozilla.org/show_bug.cgi?id=52052
https://bugzilla.mozilla.org/show_bug.cgi?id=231062

How long have people been begging for an MSI based installer, and some Group Policy support that is "official".. sure there are scripts that can hack GPO support in, and 3rd party builds of the MSI installer.. but people have been asking since Firefox 2...

People have been asking officially since at least 2000.
https://bugzilla.mozilla.org/show_bug.cgi?id=52052
https://bugzilla.mozilla.org/show_bug.cgi?id=231062

The previous EWG was my effort and yes I believe it it failed because of a lack of interest by Mozilla.

The old information is here:

https://wiki.mozilla.org/Enterprise/Old

And yeah, it is sad that the blog came down with the meeting notes.

It looks like the wayback machine caught my back though

http://web.archive.org/web/20080608175739/http://e2pt0.blogspot.com/2007/08/firefox-ewg-meeting-2.html

At least for some posts.

in total three "meetings". and - history repeats itself - the same problems with Firefox in enterprise environments:

* Packaging (MSI)
* Settings Management (GPO)

And the blog with the meeting notes is deleted. as I expected: This was a _really_ important project for Mozilla...

They DO give the same content to the user as they give to Googlebot - as long as the user is coming from Google, which is all Google really cares about.

Of course, it's really not that hard to forge the referer header...

every single time, Firebug and Greasemonkey stop working.

If you use a beta version of Firefox and want to use Firebug, the Firebug developers say you should use the beta version of Firebug. It would be nice if Firefox Beta automatically went out and fetched the beta version of Firebug instead of just saying the version you have is incompatible.

Greasemonkey is often more compatible than its authors let on. I'm using it with Firefox 8 Nightly and it's working fine, despite being marked as only compatible with Firefox 5. I bet it would work in your Firefox 6 Beta just fine.

There's also a competitor to Greasemonkey called Scriptish that is marked as compatible with Firefox 6 beta. I've heard good things about it but haven't tried switching yet.

track add-ons better and not refuse to load them just because they haven't yet been certified to work

That's the plan!

AMO-hosted extensions that use APIs that haven't changed are automatically assumed to work. So are extensions developed using the new SDK.

To do it safely for other extensions, we'll need to gather data from beta users (like you -- thanks!) to find out whether the extension still does its job, whether it causes crashes (crash-stats correlations), and whether it causes other widespread problems (telemetry correlations).

Future beta versions of Firefox will probably ask you whether you also want to beta-test extensions that might not be compatible. For now you have to set a hidden pref to do that.

I'm pretty sure "__misaligned_access" in that stack trace is a red herring. Notice the large offsets and multiple frames blamed on the "same function". It's probably a section of ntoskrnl for which you don't have full symbols.

In theory you can get a decent stack trace (or even stack traces for all threads) by following the instructions on How to get a stacktrace with WinDbg. In theory. I tried once and got about as far as you did.

http://releases.mozilla.org/pub/mozilla.org/firefox/releases/5.0/linux-x86_64/ for the current Linux 64-bit release builds.

At the moment, 64-bit FireFox will only run 64-bit plugins (As I know, running Windows FireFox Nightly 7.0a1 x64 as my default desktop browser, And there are 64-bit plugins on Windows for Java and Flash). They're working on it, though.

And most of the memory leaks are being caused by poorly-written or resource intensive plugins (Like FireBug), and they're working on that, too. "about:memory" in nightly builds now lists a complete tree of what's using the allocated memory, and more reporters are being introduced all the time.

Can you point to such a Firefox 64bit build?

Sure, Mozilla's ftp server has them here (the ones with x86_64). Those are for FF8 (Nightly build).

https://addons.mozilla.org/en-US/firefox/addon/nightly-tester-tools/

The spec actually explicitly envisages this:

https://wiki.mozilla.org/Labs/Identity/VerifiedEmailProtocol#Scope_of_the_system

"With some additional work, to create pseudonymous identities that allow a user to provide a different address per relying site"

https://wiki.mozilla.org/Labs/Identity/VerifiedEmailProtocol#Synchronization_of_keys

yup. You can have multiple keys for one email address, or you can sync one key across multiple browser profiles.

Which is depends on a whole lot of big protocols which are much more complicated than need be.

Have a look at the specification:
https://wiki.mozilla.org/Labs/Identity/VerifiedEmailProtocol
https://wiki.mozilla.org/Identity/Verified_Email_Protocol/Latest

Which is depends on a whole lot of big protocols which are much more complicated than need be.

Have a look at the specification:
https://wiki.mozilla.org/Labs/Identity/VerifiedEmailProtocol
https://wiki.mozilla.org/Identity/Verified_Email_Protocol/Latest

But it doesn't.

It is just a way to verify the the email-address you already own, but without waiting for the email to arrive (or having it getting stuck in spamfilters) and clicking a link.

Now you click a link only ones to connect your browser to your email address (and obviously you only share the email-address information to site the sites you want).

This allows for a lot more interresting UI changes to make it easier for users to do so:
https://wiki.mozilla.org/images/4/4c/IdentityInTheBrowser.png

Also it prevents Facebook from tracking you all over the web, like they currently do with the Facebook Connect-button (!)

according to this wiki entry it is possible to create multiple key pairs for one address, so public keys are not compulsorily unique identifiers.

As I understand it, the browser keeps your private key in your profile, just as it keeps your bookmarks and cookies in your profile. And as the protocol spec states: "It does not forbid synchronization" of the private key across devices. So back up your profile.

Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/1865/
Ghostery - https://addons.mozilla.org/en-US/firefox/addon/9609/
BetterPrivacy - https://addons.mozilla.org/en-US/firefox/addon/6623/

Don't bother modding me up. This reply is only for SD NFN STM and is a Clue (TM)

Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/1865/
Ghostery - https://addons.mozilla.org/en-US/firefox/addon/9609/
BetterPrivacy - https://addons.mozilla.org/en-US/firefox/addon/6623/

Don't bother modding me up. This reply is only for SD NFN STM and is a Clue (TM)

Adblock plus - https://addons.mozilla.org/en-US/firefox/addon/1865/
Ghostery - https://addons.mozilla.org/en-US/firefox/addon/9609/
BetterPrivacy - https://addons.mozilla.org/en-US/firefox/addon/6623/

Don't bother modding me up. This reply is only for SD NFN STM and is a Clue (TM)

Firefox skin that makes it look like Netscape: https://addons.mozilla.org/en-US/firefox/addon/foxscape/

That, and, sometimes I also set the Windows theme to "classic." :)

I spend days with Windows Classic on at work, coupled with the 90's Grunge/Alternative Genre station on Pandora: my nostalgia is unstoppable.

Firefox skin that makes it look like Netscape: https://addons.mozilla.org/en-US/firefox/addon/foxscape/

That, and, sometimes I also set the Windows theme to "classic." :)

Does that mean the goal of Rust is to become part of Firefox at some point?

Yes, the hope is that parts of Firefox will begin to be written in Rust. I heard a rumor that we might replace our HTML parser first. (Our current HTML parser has one of the weirdest build requirements; it's written in a custom subset of Java that can be source-translated into C++.)

I had always wondered why Mozilla would suddenly become interested in writing a new programming language out of the blue

As opposed to digging deeper and deeper into our unhappy dialect of C++? ;)

Didn't seem like the sort of organization with so much excess resources to throw around that it would be useful to start spinning up such a thing

We're doing pretty okay on money for now :) Putting together a language research team doesn't compete directly with much of the other stuff we're doing, except maybe JS engine work. It's a long shot, but if it works succeeds, it will be worthwhile many times over.

instead of, say, buying more build slaves

IIRC, we were limited there by datacenter power or space. We recently got space in a data center in Phoenix, which should help a lot.

We were also limited there by trying to use the same hardware to test Firefox's performance on all desktop operating systems, which meant using a specific version of the Mac Mini for everything. And using the same hardware for both performance testing and unit testing. We're going to change that.

No, JavaScript is specifically the superset of ECMAScript implemented by Mozilla browsers.

Of course, in real world, this kind of pedantry is as relevant as fuss about GNU/Linux. Everyone just calls the language "JavaScirpt" regardless of the context.

We're doing as much as we can to reduce those problems while Firefox is still single-process. For example, we recently started throttling timers in background tabs and added a sane web animation API. More and more internal APIs are asynchronous or interruptible. We've also reduced memory use quite a bit with Firefox 7; I think we use significantly less memory than Chrome in common cases now.

At the same time, we're also working on process separation. It looks like it will be ready to play with, perhaps even an option, in a few months. I don't think we'll enable it by default until we're comfortable with the tradeoff between memory use and responsiveness/stability.

And we're also working on a new programming language that could make it safe and sane to use "tasks" (likely mapping to threads) rather than processes, so we don't have to deal with that unhappy tradeoff :)

Pet gripe...note its from 2006, and STILL FUCKING BROKEN. Enterprise ready? My arse.

You also have to take into account a modernising society where non-internet services are being abandoned in favour of providing those services by the internet.

You have access to government agencies for applications and fee paying. Researching insurance, paying for policies and making claims all on line. A whole range of banking and investment options and research all now being driven by internet access. Education and research unaccredited and accredited, all needing internet access.

Then there is shopping, whether it be tech related or just groceries (after a debilitating car accident, something as simple as ordering groceries and having them delivered, including alcohol was a great relief).

If you are having problems controlling the nature of your internet access, then consider something like https://addons.mozilla.org/en-US/firefox/addon/stumbleupon/ which will keep you amused and distracted randomly browsing the internet.

The reality is taking a Luddite attitude to the internet will leave you further and further behind the eight ball as time goes on. You can of course switch from broadband to narrow band and read a book instead.

we all know that excluding trackers ends up being a game of whack-a-mole. you block some trackers and more will show up when you aren't looking. the solution is simple: whitelisting.

cookies
whitelisting cookies is a must because good guys, bad guys and even the oblivious have sites that want to store cookies on your system.

JavaScript
JavaScript is a lesser offender but noscript can help you here.

flash
the most insidious of cookies are flash cookies. some argue flash is the most insidious in it's own right but that is another issue. using Flashblock prevents those lame invisible flash trackers while not completely incapacitating a site you want to use flash on. just click on the flash object and voila!

images
we've all seen and not seen them: tracker images. they are either the unseen invisible ones or the "site stats by X CORP!" image. their mechanism is rudimentary and can be thwarted by not allowing off site images which can be troublesome with some pages that use high-speed hosts for static images.

however, there are going to be places you enable one of these that you don't want to be tracked.

there are proactive measures for most trackers.

do not track cookies
the only (sane) way to enjoy their site and not be tracked is to use "do not track" cookies. they are used as an opt-out system. you have a cookie that says to not track you and in turn they dont activate their tracking mechanisms. these are silver bullets: one do not track cookie will shutdown a tracking service. ghostery is a very nifty add-on that loads your system with do not track cookies. it updates the list on it's own so if you select the option so that nobody can track you, you are golden.

all these suggestions and add-ons will do a great job but the bottom line is that if you REALLY dont want people to track what you do on the internet then STAY OFF THE INTERNET! ;D

we all know that excluding trackers ends up being a game of whack-a-mole. you block some trackers and more will show up when you aren't looking. the solution is simple: whitelisting.

cookies
whitelisting cookies is a must because good guys, bad guys and even the oblivious have sites that want to store cookies on your system.

JavaScript
JavaScript is a lesser offender but noscript can help you here.

flash
the most insidious of cookies are flash cookies. some argue flash is the most insidious in it's own right but that is another issue. using Flashblock prevents those lame invisible flash trackers while not completely incapacitating a site you want to use flash on. just click on the flash object and voila!

images
we've all seen and not seen them: tracker images. they are either the unseen invisible ones or the "site stats by X CORP!" image. their mechanism is rudimentary and can be thwarted by not allowing off site images which can be troublesome with some pages that use high-speed hosts for static images.

however, there are going to be places you enable one of these that you don't want to be tracked.

there are proactive measures for most trackers.

do not track cookies
the only (sane) way to enjoy their site and not be tracked is to use "do not track" cookies. they are used as an opt-out system. you have a cookie that says to not track you and in turn they dont activate their tracking mechanisms. these are silver bullets: one do not track cookie will shutdown a tracking service. ghostery is a very nifty add-on that loads your system with do not track cookies. it updates the list on it's own so if you select the option so that nobody can track you, you are golden.

all these suggestions and add-ons will do a great job but the bottom line is that if you REALLY dont want people to track what you do on the internet then STAY OFF THE INTERNET! ;D

we all know that excluding trackers ends up being a game of whack-a-mole. you block some trackers and more will show up when you aren't looking. the solution is simple: whitelisting.

cookies
whitelisting cookies is a must because good guys, bad guys and even the oblivious have sites that want to store cookies on your system.

JavaScript
JavaScript is a lesser offender but noscript can help you here.

flash
the most insidious of cookies are flash cookies. some argue flash is the most insidious in it's own right but that is another issue. using Flashblock prevents those lame invisible flash trackers while not completely incapacitating a site you want to use flash on. just click on the flash object and voila!

images
we've all seen and not seen them: tracker images. they are either the unseen invisible ones or the "site stats by X CORP!" image. their mechanism is rudimentary and can be thwarted by not allowing off site images which can be troublesome with some pages that use high-speed hosts for static images.

however, there are going to be places you enable one of these that you don't want to be tracked.

there are proactive measures for most trackers.

do not track cookies
the only (sane) way to enjoy their site and not be tracked is to use "do not track" cookies. they are used as an opt-out system. you have a cookie that says to not track you and in turn they dont activate their tracking mechanisms. these are silver bullets: one do not track cookie will shutdown a tracking service. ghostery is a very nifty add-on that loads your system with do not track cookies. it updates the list on it's own so if you select the option so that nobody can track you, you are golden.

all these suggestions and add-ons will do a great job but the bottom line is that if you REALLY dont want people to track what you do on the internet then STAY OFF THE INTERNET! ;D

Lots of sites use Flash cookies (LSOs) to track you in addition to the good old fashioned HTTP cookies.

Ghostery does a pretty good job of deleting Flash cookies, but it takes a brutal all-or-nothing approach; it'll delete them all if you enable the option.

If you want finer control over your Flash cookies you'll also need Better Privacy. Now you can save your progress when playing Kongregate games but not get tracked while you do so :)

(I just noticed that their licence notice doesn't make any sense. I presume they meant to write "with*out* written permission")

I just went looking for free alternatives but NoScript is all I found!

* https://addons.mozilla.org/en-US/firefox/addon/noscript/

TrackerBlock, BetterPrivacy, and Ghostery all seem to be proprietary software. What a disappointment.

FSF maintain a list of free mozilla-compatible plugins:
http://www.gnu.org/software/gnuzilla/addons.html

I see one free plugin that I haven't tinkered with: https://www.requestpolicy.com/

Here's the entire licence file of the software they tell you to install to protect your privacy:

All source code, images and other intellectually property in this extension is owned by or licensed to privacychoice LLC. It may not be used in any way with written permission. Copyright © 2011 privacychoice LLC

If no one can modify it, that means it's unlikely that anyone will bother looking at the source code. There's no community verifying or improving the privacy of this software. There has to be free alternatives.

Download and upzip: http://releases.mozilla.org/pub/mozilla.org/addons/247581/trackerblock-2.0.1-fx.xpi

Permit Cookies is very useful (need to disable extension checking and it works with FF5) in limiting tracking while still providing a usable web experience. It turns all cookies into session cookies that are gone when you close the browser and has a shortcut to override for sites that you do want to allow permanent cookies to be set. When I restart my browser I am a new person. For complete protection I also use NoScript, Ghostery and Better Privacy.

https://addons.mozilla.org/en-US/firefox/addon/permit-cookies/

Or RequestPolicy which is an easy-to-use plugin that shows you the sites the site you're currently browsing wants to contact. Once you've whitelisted the domains that are really part of the site (eg slashdot.com might have a few elements from slashdot.org) then you can leave the rest safely blocked. And unless you ever visit statcounter.com or similar, they'll never get to see your cookies.

I also rely on davmail + thunderbird after struggling for years with evolution - both MAPI and webdav integration.

It never worked right, regardless of patches tested and protocol used. It corrupted messages, it crashed,it lost messages, calendaring was almost always non-functional save for a brief period before they upgraded Exchange then I lost it again.

DavMail works beautifully, including calendaring using Lightning.

https://addons.mozilla.org/en-US/thunderbird/addon/gmail-conversation-view/

I'm also a big fan of this addon - gives it kinda that gmail feel we are more familiar with now.

So the creationists were wrong.

It isn't Intelligent Design that will supplant Evolution. Unintelligent Design will.

Did you not realise Firefox has always had JS with access to the file system in it? That's what extensions are written in.
Keeping that privileged JS from being accessed by normal html page JS gaining "elevated chrome privileges" has been the source of many many security fixes.