Slashdot Mirror
Firefox 31 Released
An anonymous reader writes Mozilla has released version 31 of its Firefox web browser for desktops and Android devices. According to the release notes, major new features include malware blocking for file downloads, automatic handling of PDF and OGG files if no other software is available to do so, and a new certificate verification library. Smaller features include a search field on the new tab page, better support for parental controls, and partial implementation of the OpenType MATH table. Firefox 31 is also loaded with new features for developers. Mozilla also took the opportunity to note the launch of a new game, Dungeon Defenders Eternity, which will run at near-native speeds on the web using asm.js, WebGL, and Web Audio. "We're pleased to see more developers using asm.js to distribute and now monetize their plug-in free games on the Web as it strengthens support for Mozilla's vision of a high performance, plugin-free Web."
The "malware blocking for file downloads" is a severe invasion of privacy. It works by sending the URL of nearly every downloaded file to Google.
When a binary file is downloaded, the user-agent extracts several pieces of metadata about the file, including:
The target URL from which the file was downloaded, its referrer URL and any URLs in the redirect chain.
The SHA-256 hash of the contents of the file.
Any certificate verification information obtained through the Windows Authenticode APIs.
The length of the file in bytes.
The suggested filename for the download.
Remote lookup (present in FF 32)
The user-agent stuffs all file metadata into a ClientDownloadRequest protocol buffer and sends it to the remote service.
This remote service is https://sb-ssl.google.com/safe...