Slashdot Mirror

You can just download the tarball and use that until Ubuntu gets the update.

https://support.mozilla.org/en...

It will use the same config you currently have so no loss in bookmarks, logins, etc.

Ubuntu gives some more complex instructions in case you want to make sure to back up your firefox profile first
https://help.ubuntu.com/commun...

You can volunteer for this now: https://addons.mozilla.org/en-...

That and getting rid of the Pocket spyware.

Disable Pocket for Firefox

If you prefer not to use Pocket for Firefox, follow these steps to disable it:

    - In the address bar, type about:config and press Enter.
                The about:config "This might void your warranty!" warning page may appear. Click I accept the risk! to continue to the about:config page.
    - Type pocket in the Search box above the list of preferences.
    - Double-click the extensions.pocket.enabled preference to toggle its value to false.

Note: Disabling Pocket does not remove Recommended by Pocket entries, if present, on the New Tab page. If you would also like to remove those Pocket recommendations, click the cogwheel at the top right corner of the New Tab page and uncheck Recommended by Pocket. See Hide or display content in New Tab for more information.

That Facebook container is golden. I wish Firefox would take it even further, though. The other day, I was browsing for a new monitor. Then what do you know, I open the desktop Spotify client (free tier) and there's an ad for the same monitor. I really, really hate this shit but I don't know what to do against this tracking. I already use uBlock Origin in Firefox.

Have a look at Firefox Multi-Account Containers -- https://support.mozilla.org/en... -- they allow you to run Facebook, your shopping, etc. in separate contexts that insulate all cookies, web data, etc. from one another. There's a default implementation for Facebook, you may configure others as you see fit. Cookies set by Facebook in its container are invisible by the main browser set up, or in a shopping container (e.g. Amazon), or in your personal container (e.g. Shoppify).

You may combine containers with uBlock, Ghostery, and so on and have an ad free, non-correlating data browsing experience.

Cheers!

Cheers!

Yeah, I know: users are too stupid to manage this one checkbox, your telemetry proves it (and those now quaint instructions on how to enable Javascript some sites still carry, as a reminiscence of the 2005s). Know what? If you treat your users as idiots, you'll get idiot users. I know how this may be in Microsoft's or Google's interest, but I don't get how it is in yours.

Have you tried this? https://addons.mozilla.org/en-US/firefox/addon/javascript-toggler/

I agree that it should be easily togglable. I browse with Javashit disabled by default, enable it when I need to use a web-based app like Google Maps or my bank's website, and then disable it again.

The only other thing I'd like to do is be able to disable the browser's ability to use CSS position:fixed, which is responsible for those floating dickbars (you know the ones - navigation-headers, big site logos that waste your vertical space, click-share-like-subscribe dreck at the bottom of the page) that obstruct content and break scrolling. I used to be able to do this with a proxy that replaced most strings that parsed down to position:fixed into fuckihate:webdevs but the move to https:/// meant that I could no longer do so without effectively building an MITM proxy, and that was a security compromise I wasn't willing to make even on localhost. My hack was a crude hack to begin with, and the right solution would be to have a togglable setting in the browser whereby I could tell the browser "No, I don't care what the webdev wanted, disable this functionality because the webdev who wrote this page isn't using it for anything useful, they're just stuffing ads in my face."

They've been working hard to make the new, more secure and (importantly) concurrent system up to scratch.

Let me know when this hard work results in enough functionality in the system to allow a WebExtension counterpart to the defunct Keybinder extension, even if only for disabling accidental presses Ctrl+Q or Ctrl+Shift+Q for quit when I was aiming for Ctrl+Tab or Ctrl+Shift+Tab. (No, Restore Previous Session didn't restore text entered into a Slashdot comment composition form last I checked.) That's reportedly waiting on a fix for long-standing bug 1325692.

Then in your case I urge you to spend time with the dev-tools of FireFox. I think they are far superior to anything out there. I only use chrome/edge/ie-exploder dev-tools to de-bug those respective browsers, and only when necessary. Otherwise I live the good dev life in Firefox.

Also check out this really good add-on for maintaining multiple, simultaneous logins (identifiable via color-coded tabs): https://addons.mozilla.org/en-...

It's hard to filter out Facebook

The Facebook Container makes it easy.

Of course they can still see that you come from the same IP address, but if all Facebook traffic is passed through a proxy then it won't do them any good.

Tor is being integrated into Firefox. So once that happens Firefox can offer this out of the box and the Tor project will no longer have to maintain Tor Browser.

It's hard to filter out Facebook

The Facebook Container makes it easy.

Of course they can still see that you come from the same IP address, but if all Facebook traffic is passed through a proxy then it won't do them any good.

Tor is being integrated into Firefox. So once that happens Firefox can offer this out of the box and the Tor project will no longer have to maintain Tor Browser.

I already use uBlock Origin in Firefox.

It might not solve the problem in your particular case, but also turn on Firefox's built-in tracking protection (set it to "always" to have it on all the time). It runs after any blocker add-ons and it blocks some stuff uBlock Origin misses.

And allow only when necessary.
For Firefox, I use this.

Bad news:
https://blog.nightly.mozilla.o...

Firefox and chrome are both advocating for ignoring the system DNS resolver and baking DNS resolving into their code (also, shifting from DNS over UDP to DNS over HTTPS, with etiher json or the traditional binary format. Instead of trusting your dns server, it trusts https://mozilla.cloudflare-dns... as the equivalent of the DNS server, ignoring the local network suggested settings.

Of course, I presume they must be doing something to support non-internet names to be resolved, but I haven't found yet an article going into that much detail.

>>what browser still supports XP?
>Uhh Firefox.

https://support.mozilla.org/en...

So no, firefox 52 ESR still is still supported in XP, until August 2018 ... you have 2 months of support, that's it!

>>are you getting updated?
>Who gives a shit? Updates aren't important when the software is made correctly the first time.

LOL, you are new to computers, right? all software have bugs... anything that connects to the internet is important to keep updated, any new bug found may be abuse.

>>did they updated for spectre attack?
>Spectre isn't an attack, it's a potential vulnerability that isn't a threat to anyone but servers operators hosting multiple users who don't have permissions set up properly.
yes, spectre is a vulnerability, not a attack, you are right there, but you did understand what i want...
Lets read mozilla post about it: https://www.mozilla.org/en-US/...

>>i bet you are using a insecure browser one way or another
>Define "insecure browser". Because I bet I can find a shitload of vulnerabilities in whatever browser you are using that you think is safe.

insecure browser: with known security problems ... if you find zero day problems, great, report then to the browser devs so they can fix then

Find me a shitload of vulnerabilities in netcat, please! :P

>>and just because you do not know that your XP is owned, it doesn't mean it isn't... many XP out there are already hacked and owners do not know about it
>Sorry, but no. You would have to be a complete noob to not notice something like that. I think perhaps what you meant to say is that *YOU* would not be able to tell if your system was owned because *YOU* are a noob. Don't project your failings on to others.

you check the signature of all your drivers and dlls, they are all legit, all your windows services are monitored and check as valid...
Do you really do know know what are rootkits, right?

>>many of the malware today cleanup the machine so they are the only one controlling the machine and avoiding detection and instability
>It is impossible for malware to avoid detection.

https://heimdalsecurity.com/bl...
https://en.wikipedia.org/wiki/...

>>and by the way, my linux is not spying on me, thank you!
>Nobody wants to spy on an operating system that can run shit or do shit, so that's not surprising.

yes, you are right, linux don't run on most servers you use online, that doesn't run in almost all smartphones, it is not the base OS for chromeOS, can't run browsers, office apps, music, video and games ... looks you are a huge tech expert!

>>what browser still supports XP?
>Uhh Firefox.

https://support.mozilla.org/en...

So no, firefox 52 ESR still is still supported in XP, until August 2018 ... you have 2 months of support, that's it!

>>are you getting updated?
>Who gives a shit? Updates aren't important when the software is made correctly the first time.

LOL, you are new to computers, right? all software have bugs... anything that connects to the internet is important to keep updated, any new bug found may be abuse.

>>did they updated for spectre attack?
>Spectre isn't an attack, it's a potential vulnerability that isn't a threat to anyone but servers operators hosting multiple users who don't have permissions set up properly.
yes, spectre is a vulnerability, not a attack, you are right there, but you did understand what i want...
Lets read mozilla post about it: https://www.mozilla.org/en-US/...

>>i bet you are using a insecure browser one way or another
>Define "insecure browser". Because I bet I can find a shitload of vulnerabilities in whatever browser you are using that you think is safe.

insecure browser: with known security problems ... if you find zero day problems, great, report then to the browser devs so they can fix then

Find me a shitload of vulnerabilities in netcat, please! :P

>>and just because you do not know that your XP is owned, it doesn't mean it isn't... many XP out there are already hacked and owners do not know about it
>Sorry, but no. You would have to be a complete noob to not notice something like that. I think perhaps what you meant to say is that *YOU* would not be able to tell if your system was owned because *YOU* are a noob. Don't project your failings on to others.

you check the signature of all your drivers and dlls, they are all legit, all your windows services are monitored and check as valid...
Do you really do know know what are rootkits, right?

>>many of the malware today cleanup the machine so they are the only one controlling the machine and avoiding detection and instability
>It is impossible for malware to avoid detection.

https://heimdalsecurity.com/bl...
https://en.wikipedia.org/wiki/...

>>and by the way, my linux is not spying on me, thank you!
>Nobody wants to spy on an operating system that can run shit or do shit, so that's not surprising.

yes, you are right, linux don't run on most servers you use online, that doesn't run in almost all smartphones, it is not the base OS for chromeOS, can't run browsers, office apps, music, video and games ... looks you are a huge tech expert!

Chad Weiner is (was?) Senior Director of Marketing and Marketing Operations at Mozilla:
https://www.beckon.com/blog/chad-weiner-mozillas-journey-test-learn-marketing/
https://blog.mozilla.org/futurereleases/author/cweinermozilla-com/

Is Chad related to Nate?

Hey Firefox, looking for something else to copy?

What, you mean like how Firefox provides built-in tracking protection? Or how Firefox provides a Facebook Container which isolates Facebook from the rest of your browsing activity? Or how Firefox is developing an anti-fingerprinting mode? Or how Firefox is integrating Tor as a built-in feature?

I don't think you know what you're talking about. The web browser is the most commonly used piece of application software. If there's one type of software you should educate yourself about, it's web browsers.

Hey Firefox, looking for something else to copy?

What, you mean like how Firefox provides built-in tracking protection? Or how Firefox provides a Facebook Container which isolates Facebook from the rest of your browsing activity? Or how Firefox is developing an anti-fingerprinting mode? Or how Firefox is integrating Tor as a built-in feature?

I don't think you know what you're talking about. The web browser is the most commonly used piece of application software. If there's one type of software you should educate yourself about, it's web browsers.

Hey Firefox, looking for something else to copy?

What, you mean like how Firefox provides built-in tracking protection? Or how Firefox provides a Facebook Container which isolates Facebook from the rest of your browsing activity? Or how Firefox is developing an anti-fingerprinting mode? Or how Firefox is integrating Tor as a built-in feature?

I don't think you know what you're talking about. The web browser is the most commonly used piece of application software. If there's one type of software you should educate yourself about, it's web browsers.

Hey Firefox, looking for something else to copy?

What, you mean like how Firefox provides built-in tracking protection? Or how Firefox provides a Facebook Container which isolates Facebook from the rest of your browsing activity? Or how Firefox is developing an anti-fingerprinting mode? Or how Firefox is integrating Tor as a built-in feature?

I don't think you know what you're talking about. The web browser is the most commonly used piece of application software. If there's one type of software you should educate yourself about, it's web browsers.

Hey Firefox, looking for something else to copy?

What, you mean like how Firefox provides built-in tracking protection? Or how Firefox provides a Facebook Container which isolates Facebook from the rest of your browsing activity? Or how Firefox is developing an anti-fingerprinting mode? Or how Firefox is integrating Tor as a built-in feature?

I don't think you know what you're talking about. The web browser is the most commonly used piece of application software. If there's one type of software you should educate yourself about, it's web browsers.

Neither bug is documented in MDN.
[...]
References: [Bugzilla links]

MDN is a wiki using GitHub authentication. If you have a GitHub account, and you know how to phrase something in a tone that's more descriptive than complaining, and you have time, you can correct this.

I've just stuck with 56.
ff is in /usr/bin & updated normally, but 55.0, 56.0, & 52.4.1esr are in ~/opt
It's rare (never, actually) that I need to use current.
And yeah, noscript is what did it for me.

The more I read about the antics at mozilla the more it seems that 56 is the "last version that doesn't suck"

oldversion.com only seems to go up to 45, but mozilla will still let you download the entire history. Hope somebody mirrors it before they take it away.

Ref here:
https://support.mozilla.org/en...
and from the kb article:
https://ftp.mozilla.org/pub/fi...

I've just stuck with 56.
ff is in /usr/bin & updated normally, but 55.0, 56.0, & 52.4.1esr are in ~/opt
It's rare (never, actually) that I need to use current.
And yeah, noscript is what did it for me.

The more I read about the antics at mozilla the more it seems that 56 is the "last version that doesn't suck"

oldversion.com only seems to go up to 45, but mozilla will still let you download the entire history. Hope somebody mirrors it before they take it away.

Ref here:
https://support.mozilla.org/en...
and from the kb article:
https://ftp.mozilla.org/pub/fi...

3PRB can block CSS images.

Tor is being integrated into Firefox with the goal of making Tor Browser unnecessary. The Tor Project says the two big benefits of this are that Tor will get more users and they'll be able to focus more on research rather than maintaining their Firefox fork.

freakin' anonymity protocol that Firefox (and its various forks) will almost certainly never have.

Firefox will have it. Mozilla's project Fusion is working to integrate Tor into Firefox. The goal is to make Tor Browser (which is a Firefox fork) obsolete by including Tor in Firefox by default.

One option to at least help - use a different web browser for Facebook

Another option is to use Firefox's Facebook Container. It's an easy way to separate Facebook from the rest of your browsing activity.

One option to at least help - use a different web browser for Facebook

Another option is to use Firefox's Facebook Container. It's an easy way to separate Facebook from the rest of your browsing activity.

I've have stated my complaints about Firefox and Chrome countless times and no one listens. The last straw was when Mozilla decided to leave the millions of people still using Windows XP in the cold by not fixing this bug.

We need a new Marc Andressen, who will develop a new browser that dosen't sell it's users data and dosen't put ad's in the interface. It needs a new engine that dosen't have the monoculture of webkit/blink.

If only people made web browsers as much as they made cryptocurrencies.

Then:*

Mozilla's mission is to promote openness, innovation, and opportunity on the web. We do this by creating great software, like the Firefox browser, and building movements, like Drumbeat, that give people tools to take control of their online lives.

Now:

Our mission is to ensure the Internet is a global public resource, open and accessible to all. An Internet that truly puts people first, where individuals can shape their own experience and are empowered, safe and independent.

The past focused on software. The present focuses on... the Mozilla Foundation?

*Actually, the meandering mission statement in the very beginning (1999) was this and it stayed pretty much the same (save for some minor edits) for a decade or so.

Do your research before anonymously flinging mud please. HTTP 418 is a legitimate error code: https://developer.mozilla.org/...

It is not legitimate at all. Check the official docs, not Mozilla's: https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html

Do your research before anonymously flinging mud please. HTTP 418 is a legitimate error code: https://developer.mozilla.org/...

Legitimate? Oh wise one, please explain for us plebs how we're supposed to be using the Hyper Text Coffee Pot Control Protocol. I'm dying to know how you get your BREW commands to percolate.

Clearly you didn't GET that this was based on a fucking 20-year old April Fools joke. The true mistake was allowing RFC 2324 to exist beyond a stained napkin.
  It should be revoked, because it's as worthless as your feedback here.

Do your research before anonymously flinging mud please. HTTP 418 is a legitimate error code: https://developer.mozilla.org/...

The article only says they used a CDN (and therefore presumably multiple servers), but some things can be plausibly inferred about how any single server handles connections.

Apparently they offer their streaming service as a website, so presumably they use standard web streaming protocols. TCP-based protocols don't allow multicast. WebRTC precludes the use of multicast, but allows the use of peer-to-peer connections.

Therefore we can reasonably infer that it's probably P2P and not multicast, unless you're right and they do simply use 10M connections.

I browse with an extension that shows the flag of the country a site is hosted at in the URL bar. I was always nervous about using DD-WRT because for years the site was hosted in China (they changed hosts to Switzerland recently). So you shouldn't automatically trust third party firmware either. And if you're really paranoid you should be downloading source and compiling the firmware yourself. If you can trust that the source code is clean. (For those curious, OpenWRT is hosted in Germany.

On Firefox 60.0.1 (my distro (OpenSUSE Tumbleweed) package) :

  - By default, it isn't checked.
  - But right click, and toggle "Check Spelling", and it gets checked by the internal spell checker of Firefox (Spellbound)
  - That still doesn't trigger any proof-reader/grammar (such as LanguageTool(*) or Grammarly), thus you're still not covered against homophones or agreements/declension (depending on your language. Here it's English, so only the former).

---

(*) In my opinion, a much better plug-in than grammarly :
  - It's open-source
  - You can also run a daemon locally.
  - So you don't need to necessarily pipe all your text fields into some untrusted 3rd party web server.

On Firefox 60.0.1 (my distro (OpenSUSE Tumbleweed) package) :

  - By default, it isn't checked.
  - But right click, and toggle "Check Spelling", and it gets checked by the internal spell checker of Firefox (Spellbound)
  - That still doesn't trigger any proof-reader/grammar (such as LanguageTool(*) or Grammarly), thus you're still not covered against homophones or agreements/declension (depending on your language. Here it's English, so only the former).

---

(*) In my opinion, a much better plug-in than grammarly :
  - It's open-source
  - You can also run a daemon locally.
  - So you don't need to necessarily pipe all your text fields into some untrusted 3rd party web server.

Storing mail in its own mbox format is a weakness. Calling it standard mbox is still wrong.

Eventually, Maildir will be coming to Thunderbird.

Storing mail in its own mbox format is a weakness. Calling it standard mbox is still wrong.

Eventually, Maildir will be coming to Thunderbird.

A completly different direction for a suggestion, but...

Have you tough about setting up some server ?
(On you own home server. I'm sure as a /. geek you have on of those. Just hoping that your basement and your mom's house have a good connection).

Some Dovecot or Courrier-Imap to hold the her e-mail folders ?
  - Migrating is basically just drag-droping the local folders into the imap server's folder ?
  - In case of Thunderbird going berzerk you can still re-download everything from the Imap server.
  - In case of something that your mom ends up liking more than Thunderbird, it's basically just about pointing that tool to the same home imap server.
  - The above use Maildir, which a lot simpler to backup/restore than mbox. and are lot less corruption sensitive (as they are 1 file per mail, 1 directory per folder. instead of 1 file per folder)

Drawbacks : whenever network drops between your mom's apartment and the your basement's server, she only get the latest pre-failure snapshot.

---

And on a un-related note, Mozilla are considering making a plug-in based mail storage, which could make using Maildir directly in Thunderbird possible (once all the remaining bugs are closed).
That would also make her mails better to backup and less corruption prone, and also a tiny bit easier to move across different maildir-based clients.

A completly different direction for a suggestion, but...

Have you tough about setting up some server ?
(On you own home server. I'm sure as a /. geek you have on of those. Just hoping that your basement and your mom's house have a good connection).

Some Dovecot or Courrier-Imap to hold the her e-mail folders ?
  - Migrating is basically just drag-droping the local folders into the imap server's folder ?
  - In case of Thunderbird going berzerk you can still re-download everything from the Imap server.
  - In case of something that your mom ends up liking more than Thunderbird, it's basically just about pointing that tool to the same home imap server.
  - The above use Maildir, which a lot simpler to backup/restore than mbox. and are lot less corruption sensitive (as they are 1 file per mail, 1 directory per folder. instead of 1 file per folder)

Drawbacks : whenever network drops between your mom's apartment and the your basement's server, she only get the latest pre-failure snapshot.

---

And on a un-related note, Mozilla are considering making a plug-in based mail storage, which could make using Maildir directly in Thunderbird possible (once all the remaining bugs are closed).
That would also make her mails better to backup and less corruption prone, and also a tiny bit easier to move across different maildir-based clients.

Mozilla Corporation cut Thunderbird loose ~ 2007, and the primary developer started his own commercial version called PostBox.

In their most recent version they added support for maildir in addition to mbox (a long requested feature on bugzilla).

The source code appears to be available for older versions, but I'm unclear if they are contributing back to the master repository anymore, or just a fork.

I bought it to support development, but I rarely use a client nowadays other than email provider's web client.

I wonder if anyone else has tried it?

1. For writing simple mail : thunderbird
2. For reading recent mail : thunderbird
3. For writing complex mail : compose in emacs org-mode , export to HTML, and use thunderbird's Stationery add-on to send mail.
4. For searching old mail - mbsync, notmuch and its emacs client.

I'm a lot like you: (al)pine when logged in locally, Thunderbird on MS Windows, and Mail.app on MacOS. These are in reverse order of my use frequency, actually.

One problem I have (and I don't think I'm alone) is that work mail is via Exchange only. I use this to allow Thunderbird to interoperate, and its.. OK. Not perfect, but better than having to use Outlook, which to me seems to have odd quirks and does not play well with my IMAP server.

Last year I experimented with Spark email on MacOS. It was great! Had lots of nice features I could see myself getting very used to. Then, I found out that they have a serious privacy issue built right in and I immediately dropped it. This was a pretty depressing moment. Makes you appreciate open source.

What are some of the bugs you encounter in Thunderbird?

The interface used to freeze randomly and completely for varying periods of time. Made it completely unusable for me. It's not an unknown problem. Unfortunately, none of the fixes ever seemed to work for me.

use firefox, there you are not the product ... they may still do not listen to you, but at least they are finally slowly disabling tracking

Very slowly. This tracking bug is still going after only 17 years, https://bugzilla.mozilla.org/s...

Yes, ads. Apparently they still have too many users.

https://www.mozilla.org/en-US/...

> Our mission is to ensure the Internet is a global public resource, open and accessible to all. An Internet that truly puts people first, where individuals can shape their own experience and are empowered, safe and independent.

>"Google Says Chrome Blocks 'About Half' of Unwanted Autoplays""

Sorry, but simply muting is not "blocking" autoplaying videos. If the video is playing, it is still using bandwidth, using CPU, using power, and is visually extremely annoying.

Fail.

Let us know you when you *actually* block autoplay and when you can do it more like 80+% of the time, like I can do in Firefox right now with the "Disable HTML5 Autoplay" addon.

https://addons.mozilla.org/en-...

Far from perfect, but much better (IMHO) than what Chrome does.

Why do home devices need to have trusted SSL certs?

Because Service Workers and several other web platform APIs are restricted to secure contexts per W3C's spec. For example, a browser may restrict the Fullscreen API or Presentation API to secure contexts as a mitigation against phishing by replicating the chrome of the operating system and web browser. In such a browser, the web interface of a NAS on which video is stored will not be able to present the video in the full screen.