The Firefox extension for the uBlock Origin Lite content blocker is no longer available. According to Neowin, "Raymond Hill, the maker of the extension, pulled support and moved uBlock Origin Lite to self-hosting after multiple encounters with a 'nonsensical and hostile' review process from the store review team." From the report: It all started in early September when Mozilla flagged every version of the uBlock Origin Lite extension as violating its policies. Reviewers then claimed the extension apparently collected user data and contained "minified, concatenated or otherwise machine-generated code." The developer seemingly debunked those allegations, saying that "it takes only a few seconds for anyone who has even basic understanding of JavaScript to see the raised issues make no sense." Raymond Hill decided to drop the extension from the store and move it to a self-hosted version. This means that those who want to continue using uBlock Origin Lite on Firefox should download the latest version from GitHub (it can auto-update itself).

The last message from the developer in a now-closed GitHub issue shows an email from Mozilla admitting its fault and apologizing for the mistake. However, Raymond still pulled the extension from the Mozilla Add-ons Store, which means you can no longer find it on addons.mozilla.org. It is worth noting that the original uBlock Origin for Firefox is still available and supported.

Mozilla has been hit with a complaint by EU privacy group noyb, accusing it of violating GDPR by tracking Firefox users by default without their consent. TechCrunch reports: Mozilla calls the feature at issue "Privacy Preserving Attribution" (PPA). But noyb argues this is misdirection. And if EU privacy regulators agree with the complaint the Firefox-maker could be slapped with orders to change tack -- or even face a penalty (the GDPR allows for fines of up to 4% of global revenue). "Contrary to its reassuring name, this technology allows Firefox to track user behaviour on websites," noyb wrote in a press release. "In essence, the browser is now controlling the tracking, rather than individual websites. While this might be an improvement compared to even more invasive cookie tracking, the company never asked its users if they wanted to enable it. Instead, Mozilla decided to turn it on by default once people installed a recent software update. This is particularly worrying because Mozilla generally has a reputation for being a privacy-friendly alternative when most other browsers are based on Google's Chromium."

Another component of noyb's objection is that Mozilla's move "doesn't replace cookies either" -- Firefox simply wouldn't have the market share and power to shift industry practices -- so all it's done is produce another additional way for websites to target ads. [...] The noyb-backed complaint (PDF), which has been filed with the Austrian data protection authority, accuses Mozilla of failing to inform users about the processing of their personal data and of using an opt-out -- rather than an affirmative "opt-in" -- mechanism. The privacy rights group also wants the regulator to order the deletion of all data collected so far. In a statement attributed to Christopher Hilton, its director of policy and corporate communications, Mozilla said that it has only conducted a "limited test" of a PPA prototype on its own websites.While acknowledging poor communication around the effort, the company emphasized that no user data has been collected or shared and expressed its commitment to engaging with stakeholders as it develops the technology further.

Apple has pulled 60 VPNs from its App Store in Russia, according to research from anti-censorship org GreatFire. From a report: The iThing-maker's action comes amid a Kremlin crackdown on VPNs that has already seen a ban on privacy-related extensions to the open source Firefox browser. The software's developer, Mozilla, defied that ban and allowed the extensions back into its web store. In July, Apple removed at least one VPN from its Russian App Store. Cupertino removed at least 60 more between early July and September 18, according to research by GreatFire posted to its site that tracks Apple censorship. The org's research asserts that 98 VPNs are now unavailable in Russia -- but doesn't specify if the removals were made in the iOS or macOS app stores.

Nature published an introduction to running an LLM locally, starting with the example of a bioinformatician who's using AI to generate readable summaries for his database of immune-system protein structures. "But he doesn't use ChatGPT, or any other web-based LLM." He just runs the AI on his Mac... Two more recent trends have blossomed. First, organizations are making 'open weights' versions of LLMs, in which the weights and biases used to train a model are publicly available, so that users can download and run them locally, if they have the computing power. Second, technology firms are making scaled-down versions that can be run on consumer hardware — and that rival the performance of older, larger models. Researchers might use such tools to save money, protect the confidentiality of patients or corporations, or ensure reproducibility... As computers get faster and models become more efficient, people will increasingly have AIs running on their laptops or mobile devices for all but the most intensive needs. Scientists will finally have AI assistants at their fingertips — but the actual algorithms, not just remote access to them.
The article's list of small open-weights models includes Meta's Llama, Google DeepMind's Gemma, Alibaba's Qwen, Apple's DCLM, Mistral's NeMo, and OLMo from the Allen Institute for AI. And then there's Microsoft: Although the California tech firm OpenAI hasn't open-weighted its current GPT models, its partner Microsoft in Redmond, Washington, has been on a spree, releasing the small language models Phi-1, Phi-1.5 and Phi-2 in 2023, then four versions of Phi-3 and three versions of Phi-3.5 this year. The Phi-3 and Phi-3.5 models have between 3.8 billion and 14 billion active parameters, and two models (Phi-3-vision and Phi-3.5-vision) handle images1. By some benchmarks, even the smallest Phi model outperforms OpenAI's GPT-3.5 Turbo from 2023, rumoured to have 20 billion parameters... Microsoft used LLMs to write millions of short stories and textbooks in which one thing builds on another. The result of training on this text, says Sébastien Bubeck, Microsoft's vice-president for generative AI, is a model that fits on a mobile phone but has the power of the initial 2022 version of ChatGPT. "If you are able to craft a data set that is very rich in those reasoning tokens, then the signal will be much richer," he says...

Sharon Machlis, a former editor at the website InfoWorld, who lives in Framingham, Massachusetts, wrote a guide to using LLMs locally, covering a dozen options.
The bioinformatician shares another benefit: you don't have to worry about the company updating their models (leading to different outputs). "In most of science, you want things that are reproducible. And it's always a worry if you're not in control of the reproducibility of what you're generating."

And finally, the article reminds readers that "Researchers can build on these tools to create custom applications..." Whichever approach you choose, local LLMs should soon be good enough for most applications, says Stephen Hood, who heads open-source AI at the tech firm Mozilla in San Francisco. "The rate of progress on those over the past year has been astounding," he says. As for what those applications might be, that's for users to decide. "Don't be afraid to get your hands dirty," Zakka says. "You might be pleasantly surprised by the results."

First released on July 11th, the Firefox-based Zen browser is "taking a different approach to the user interface," according to the blog It's FOSS.

The Register says the project "reminds us strongly of Arc, a radical Chromium-based web browser... to modernize the standard web browser UI by revising some fundamental assumptions." [Arc] removes the URL bar from front and center, gets rid of the simple flat list of tabs, and so on. Zen is trying to do some similar things, but in a slightly more moderate way — and it's doing it on the basis of Mozilla's Firefox codebase... Instead of the tired old horizontal tab bar you'll see in both Firefox and Chrome, Zen implements its own tab bar... By default, this tab bar is narrow and just shows page icons — but there are some extra controls at the bottom of the sidebar, one of which expands the sidebar to show page titles too. For us, it worked better than Vivaldi's fancier sidebar.
The article concludes it's "a new effort to modernize web browsing by bringing tiling, workspaces, and so on — and it's blissfully free of Google code." One Reddit comment swooned over Zen's "extraordinary" implementation of a distraction-free "Compact Mode" (hiding things like the sidebar and top bar). And It's Foss described it as a "tranquil," browser, "written using CSS, C++, JavaScript, and a few other programming languages, with a community of over 30 people contributing to it." The layout of the interface felt quite clean to me; there were handy buttons on the top to control the webpage, manage extensions, and a menu with additional options... The split-view functionality allows you to open up two different tabs on the same screen, allowing for easy multitasking when working across different webpages... I split two tabs, but in my testing, I could split over 10+ tabs... If you have a larger monitor, then you are in for a treat...

The Zen Sidebar feature... can run web apps alongside any open tabs. This can be helpful in situations where you need to quickly access a service like a note-taking app, Wikipedia, Telegram, and others.

On the customization side of things, you will find that Zen Browser supports everything that Firefox does, be it the settings, adding new extensions/themes/plugins, etc.
The Register points out it's easy to give it a try. "Being based on Firefox means that as well as running existing extensions, it can connect to Mozilla's Sync service and pick up not just your bookmarks, but also your tabs from other instances."

And beyond all that, "There's just something satisfying about switching browsers every now and again..." argues the tech site Pocket-Lint: Zen Browser's vertical tabs layout is superb and feels much better than anything available in standard Firefox. [Firefox recently offered vertical tabs and a new sidebar experience in Nightly/Firefox Labs 131.] The tab bar can be set to automatically hide and show up whenever you hover near it, and it also contains quick access buttons to bookmarks, settings, and browsing history. The tab bar also contains a profile switcher...

One of the greatest parts of the Zen Browser is the community that has popped up around it. At its heart, Zen Browser is a community-driven project... Zen Browser themes are aesthetic and functional tweaks to the UI. While there aren't a ton available right now, the ones that are show a lot of promise for the browser's future... I've personally gotten great use out of the Super URL Bar theme, which makes your URL bar expand and become the focus of your screen while typing in it... There's a lot you can do to make Zen Browser feel nearly exactly like what you want it to feel like.
The "Business Standard calls it "an open-source alternative to Chromium-based browsers," adding "Where Zen truly shines is it offers a range of customisation, tab management, and workspace management..." Their theme store offers a range of options, including modifications to the bookmark toolbar, a floating URL bar, private mode theming, and removal of browser padding. In addition to these, users can also choose from custom colour schemes and built-in theming options... The Sidebar is another neat feature which allows you to open tabs in a smaller, smartphone-sized window. You can view websites in mobile layout by using this panel.
It's "focused on being always at the latest version of Firefox," according to its official site, noting that Firefox is known for its security features. But then, "We also have additional security features like https only built into Zen Browser to help keep you safe online." And it also promises automated Releases "to ensure security."

It's FOSS adds that you can get Zen Browser for Linux, Windows, and macOS from its official website (adding "They also offer it on the Flathub store for further accessibility on Linux.")

And its source code is available on GitHub.

Mozilla is exiting the fediverse by shutting down its Mozilla.social Mastodon server on December 17. Moving forward, the company will focus on Firefox and AI, aligning with its strategy under interim CEO Laura Chambers to scale back investments in non-core products. TechCrunch reports: Mozilla.social was a small instance, having only 270 active users at the time of Tuesday's announcement. By comparison, the most popular Mastodon instance, Mastodon.social, has over 247,500 monthly active users. Mozilla had telegraphed its plans to scale back on its fediverse investments earlier this year after the CEO stepped down. At the time, Mozilla board member Laura Chambers took over the job as the interim CEO of Mozilla Corporation through the end of 2024. Shortly after the change in leadership, Mozilla said it would refocus its product strategy around Firefox and AI and significantly scale back or even shutter other efforts. Among those products affected by the pullback were its VPN, Relay, and Online Footprint Scrubber, in addition to its Mastodon instance, the company said at the time. Meanwhile, its virtual world Hubs was shut down.

The redirection of Mozilla's efforts came after its flagship product, the Firefox web browser, spent years losing market share. That left room for other competitors, like the startup Arc, to take hold in the alternative browser market. Months prior to this change in strategy, Mozilla had been touting the fediverse's potential, but under Chambers, the company said that a more "modest approach" to the fediverse would have allowed it to participate with "greater agility." In an internal memo, Mozilla signaled that going forward, a "much smaller team" would participate in the Mastodon ecosystem. However, it didn't say at the time that the Mozilla.social instance would shut down, adding that it would continue to bring small experiments to those who participated on its instance. Mozilla said it was a "hard decision."

"Thank you for being part of the Mozilla.social community and providing feedback during our closed beta. You can continue to use Mozilla.social until December 17," a post on Mastodon reads. Users can download their data or migrate their accounts at the respective links.

An anonymous reader shared this report from DevClass: A report from developer-focused analyst Redmonk finds "there does not seem to be a clear link between moving from an open source to proprietary license and increasing the company's value."

Senior analyst Rachel Stevens studied the question of whether the companies that changed from open source to proprietary licenses have since reported better financial positions. In particular, she looked at MongoDB, which changed from AGPL (GNU Affero General Public License) to its SSPL (Server Side Public License) in 2018; Elastic Co, which changed from Apache 2 to SSPL or Elastic License in early 2021; HashiCorp, which changed from MPL (Mozilla Public License 2.0) a year ago, and Confluent, which checked from Apache 2 to its own Confluent Community License in 2018.

The report is too recent to take account of Elastic's reversion to AGPL; and the financial impact of that is of course yet to be known, though it is perhaps unlikely that the switch back would have been made if the company considered it detrimental to its finances. Rather, Elastic's latest licensing change reinforces the view that proprietary licenses are not necessarily more profitable... All the companies studied increased their revenue after their license change, Stevens said, but added that the rate of change was similar to that before the change...

MongoDB stated in 2018 that "once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community." Six years later, it remains the case that the large cloud vendors are highly profitable, but that these companies who changed their license are not. In February this year, Bruce Perens, creator of the 1998 Open Source Definition, described open source as "a great corporate welfare program" and not at all what he had intended...

The new Redmonk report suggests that such license manoeuvres are neither fatal nor beneficial to the finances of the companies involved — though there are so many caveats that it is impossible to draw firm conclusions.
The report's final sentence concludes that "there does not seem to be a clear link between moving from an open source to proprietary license and increasing the company's value."

Firefox 130 introduces several enhancements, including improved local translation handling, better Android page load performance, and the WebCodecs API for low-level audio/video processing on desktop platforms. Notably, it also supports third-party AI chatbots like ChatGPT and Google Gemini via the new Firefox Labs feature. Phoronix reports: The WebCodecs API is particularly useful for web-based apps like video/audio editors and video conferencing that may want control over individual frames of a video stream or audio chunks. For any web software interested in that low-level audio/video encode/decode handling there is now WebCodecs API working on the Firefox desktop builds. As for the third-party AI chatbots, here's what Mozilla's Ian Carmichael said back in June: "If you want to use AI, we think you should have the freedom to use (or not use) the tools that best suit your needs. Instead of juggling between tabs or apps for assistance, those who opt-in will have the option to access their preferred AI service from the Firefox sidebar to summarize information, simplify language, or test their knowledge, all without leaving their current web page."

You can learn more about Firefox 130 via developer.mozilla.org. Binaries for Linux can be found at Mozilla.org.

"A new Mozilla logo appears to be on the way," writes the blog OMG Ubuntu, " marking the company's first major update to its word-mark since 2017." The existing logo, which incorporates the internet protocol "://" and chosen based on feedback from the community, has become synonymous with the non-profit company. But German blogger Sören Hentzschel, an avid watcher of all things Mozilla, recently noticed that a different Mozilla word-mark was accompanying the (unchanged) Firefox logo on Mozilla's 'Nothing Personal' webpage [upper-left]. Some digging uncovered a number of recent code commits readying and referencing a refreshed word-mark and symbol for use in the navigation areas of Mozilla websites, landing pages, and so on...

However, what's most exciting (to a nerd like me) with this new logo is the ASCII symbol at the end. It could be viewed as a flag on a pole. Sort of like Mozilla planting its values in the ground to say "we're here, come join". But it's more likely a nod to the original Mozilla mascot (inherited from its Netscape beginnings), which was a red dinosaur (an interesting logo of itself as it was designed by Shepard Fairey who created other seminal design works, and the skate brand OBEY)...

Between the inclusion on a live webpage, code commits readying new logo for Mozilla websites, and the fact people can buy official Mozilla merchandise emblazoned with the new design, it seems a formal rebrand announcement is fairly imminent...

Mozilla's interim CEO Laura Chambers "says the company is reinvesting in Firefox after letting it languish in recent years," reports Fast Company, "hoping to reestablish the browser as independent alternative to the likes of Google's Chrome and Apple's Safari.

"But some of those investments, which also include forays into generative AI, may further upset the community that's been sticking with Firefox all these years..." Chambers acknowledges that Mozilla lost sight of Firefox in recent years as it chased opportunities outside the browser, such as VPN service and email masking. When she replaced Mitchell Baker as CEO in February, the company scaled back those other efforts and made Firefox a priority again. "Yes, Mozilla is refocusing on Firefox," she says. "Obviously, it's our core product, so it's an important piece of the business for us, but we think it's also really an important part of the internet."

Some of that focus involves adding features that have become table-stakes in other browsers. In June, Mozilla added vertical tab support in Firefox's experimental branch, echoing a feature that Microsoft's Edge browser helped popularize three years ago. It's also working on tab grouping features and an easier way to switch between user profiles. Mozilla is even revisiting the concept of web apps, in which users can install websites as freestanding desktop applications. Mozilla abandoned work on Progressive Web Apps in Firefox a few years ago to the dismay of many power users, but now it's talking with community members about a potential path forward.

"We haven't always prioritized those features as highly as we should have," Chambers says. "That's been a real shift that's been very felt in the community, that the things they're asking for . . . are really being prioritized and brought to life."
Firefox was criticized for testing a more private alternative to tracking cookies which could make summaries of aggregated data available to advertisers. (Though it was only tested on a few sites, "Privacy-Preserving Attribution" was enabled by default.) But EFF staff technologist Lena Cohen tells Fast Company that approach was "much more privacy-preserving" than Google's proposal for a "Privacy Sandbox." And according to the article, "Mozilla's system only measures the success rate of ads — it doesn't help companies target those ads in the first place — and it's less susceptible to abuse due to limits on how much data is stored and which parties are allowed to access it." In June, Mozilla also announced its acquisition of Anonym, a startup led by former Meta executives that has its own privacy-focused ad measurement system. While Mozilla has no plans to integrate Anonym's tech in Firefox, the move led to even more anxiety about the kind of company Mozilla was becoming. The tension around Firefox stems in part from Mozilla's precarious financial position, which is heavily dependent on royalty payments from Google. In 2022, nearly 86% of Mozilla's revenue came from Google, which paid $510 million to be Firefox's default search engine. Its attempts to diversify, through VPN service and other subscriptions, haven't gained much traction.

Chambers says that becoming less dependent on Google is "absolutely a priority," and acknowledges that building an ad-tech business is one way of doing that. Mozilla is hoping that emerging privacy regulations and wider adoption of anti-tracking tools in web browsers will increase demand for services like Anonym and for systems like Firefox's privacy-preserving ad measurements. Other revenue-generating ideas are forthcoming. Chambers says Mozilla plans to launch new products outside of Firefox under a "design sprint" model, aimed at quickly figuring out what works and what doesn't. It's also making forays into generative AI in Firefox, starting with a chatbot sidebar in the browser's experimental branch.
Chambers "says to expect a bigger marketing push for Firefox in the United States soon, echoing a 'Challenge the default' ad campaign that was successful in Germany last summer. Mozilla's nonprofit ownership structure, and the idea that it's not beholden to corporate interests, figures heavily into those plans."

Mozilla, the non-profit behind the Firefox browser, faces an uncertain future following Monday's landmark antitrust ruling against Google. The decision, which found Google illegally maintained its search monopoly, puts Mozilla's primary funding source at risk. In 2021-2022, Mozilla received $510 million from Google out of $593 million total revenue, according to its latest financial report. Fortune adds: You can be sure that critics of the judge's ruling will highlight the potentially devastating impact on Mozilla to make the case that the antitrust ruling will have unintended consequences on smaller tech industry players. Others might argue that Mozilla hasn't done enough with those spoils to differentiate its Firefox browser, or that it could cut a deal with another search engine like Bing if its Google deal goes away completely. Either way, Google will appeal the suit so a long battle may ensue. And there's another big domino to fall: the judge will rule on the remedy or remedies -- essentially, the business-model penalties -- that Google will face. Apple also stands to lose more than $20 billion a year that Google pays the iPhone-maker to be the default search engine on Safari. But as Fortune notes, "Apple is a large, diversified company with many sources of revenue."

Apple's elaborate new ad campaign promises that Safari is "a browser that protects your privacy." And the Washington Post says Apple "deserves credit for making many privacy protections automatic with Safari..."

"But Albert Fox Cahn, executive director of the Surveillance Technology Oversight Project, said Safari is no better than the fourth-best web browser for your privacy." "If browser privacy were a sport at the Olympics, Apple isn't getting on the medal stand," Cahn said. (Apple did not comment about this.)

Safari stops third-party cookies anywhere you go on the web. So do Mozilla's Firefox and the Brave browser... Chrome allows third-party cookies in most cases unless you turn them off... Even without cookies, a website can pull information like the resolution of your computer screen, the fonts you have installed, add-on software you use and other technical details that in aggregate can help identify your device and what you're doing on it. The measures, typically called "fingerprinting," are privacy-eroding tracking by another name. Nick Doty with the Center for Democracy & Technology said there's generally not much you can do about fingerprinting. Usually you don't know you're being tracked that way. Apple says it defends against common fingerprinting techniques but Cahn said Firefox, Brave and the Tor Browser all are better at protecting you from digital surveillance. That's why he said Safari is no better than the fourth-best browser for privacy.
Safari's does offer extra privacy protections in its "private" mode, the article points out. "When you use this option, Apple says it does more to block use of 'advanced' fingerprinting techniques. It also steps up defenses against tracking that adds bits of identifying information to the web links you click."

The article concludes that Safari users can "feel reasonably good about the privacy (and security) protections, but you can probably do better — either by tweaking your Apple settings or using a web browser that's even more private than Safari."

Mozilla is following in Google Chrome's footsteps in officially distrusting Entrust as a root certificate authority (CA) following what it says was a protracted period of compliance failures. From a report: A little over a month ago, Google was the first to make the bold step of dropping Entrust as a CA, saying it noted a "pattern of concerning behaviors" from the company. Entrust has apologized to Google, Mozilla, and the wider web community, outlining its plans to regain the trust of browsers, but these appear to be unsatisfactory to both Google and Mozilla.

In an email shared by Mozilla's Ben Wilson on Wednesday, the root store manager said the decision wasn't taken lightly, but equally Entrust's response to Mozilla's concerns didn't inspire confidence that the situation would materially change for the better. "Mozilla previously requested that Entrust provide a detailed report on these recent incidents and their root causes, an evaluation of Entrust's recent actions in light of their previous commitments given in the aftermath of similarly serious incidents in 2020, and a proposal for how Entrust will re-establish Mozilla's and the community's trust," said Wilson.

In an incident report today, DigiCert says it discovered that some CNAME-based validations did not include the required underscore prefix, affecting about 0.4% of their domain validations. According to CA/Browser Forum (CABF) rules, certificates with validation issues must be revoked within 24 hours, prompting DigiCert to take immediate action. DigiCert says impacted customers "have been notified." New submitter jdastrup first shared the news, writing: Due to a mistake going back years that has recently been discovered, DigiCert is required by the CABF to revoke any certificate that used the improper Domain Control Validation (DCV) CNAME record in 24 hours. This could literally be thousands of SSL certs. This could take a lot of time and potentially cause outages worldwide starting July 30 at 19:30 UTC. Be prepared for a long night of cert renewals. DigiCert support line is completely jammed.

"Many people over the past few days have been lashing out at Mozilla," writes the blog Its FOSS, "for enabling Privacy-Preserving Attribution by default on Firefox 128, and the lack of publicity surrounding its introduction."

Mozilla responded that the feature will only run "on a few sites in the U.S. under strict supervision" — adding that users can disable it at any time ("because this is a test"), and that it's only even enabled if telemetry is also enabled.

And they also emphasize that it's "not tracking." The way it works is there's an "aggregation service" that can periodically send advertisers a summary of ad-related actions — again, aggregated data, from a mass of many other users. (And Mozilla says that aggregated summary even includes "noise that provides differential privacy.") This Privacy-Preserving Attribution concept "does not involve sending information about your browsing activities to anyone... Advertisers only receive aggregate information that answers basic questions about the effectiveness of their advertising."

More from It's FOSS: Even though Mozilla mentioned that PPA would be enabled by default on Firefox 128 in a few of its past blog posts, they failed to communicate this decision clearly, to a wider audience... In response to the public outcry, Firefox CTO, Bobby Holley, had to step in to clarify what was going on.

He started with how the internet has become a massive cesspool of surveillance, and doing something about it was the primary reason many people are part of Mozilla. He then expanded on their approach with Firefox, which, historically speaking, has been to ship a browser with anti-tracking features baked in to tackle the most common surveillance techniques. But, there were two limitations with this approach. One was that advertisers would try to bypass these countermeasures. The second, most users just accept the default options that they are shown...

Bas Schouten, Principal Software Engineer at Mozilla, made it clear at the end of a heated Mastodon thread that "[opt-in features are] making privacy a privilege for the people that work to inform and educate themselves on the topic. People shouldn't need to do that, everyone deserves a more private browser. Privacy features, in Firefox, are not meant to be opt-in. They need to be the default.

"If you are 'completely anti-ads' (i.e. even if their implementation is private), you probably use an ad blocker. So are unaffected by this."
This has already provoked a discussion among Slashdot readers. "It doesn't seem that evil to me," argues Slashdot reader geekprime. "Seems like the elimination of cross site cookies is a privacy enhancing idea." (They cite Mozilla's statement that their goal is "to inform an emerging Web standard designed to help sites understand how their ads perform without collecting data about individual people. By offering sites a non-invasive alternative to cross-site tracking, we hope to achieve a significant reduction in this harmful practice across the web.")

But Slashdot reader TheNameOfNick disagrees. "How realistic is the part where advertisers stop tracking you because they get less information from the browser maker...?"

Mozilla has provided simple instructions for disabling the feature:

• Click the menu button and select Settings.
• In the Privacy & Security panel, find the Website Advertising Preferences section.
• Uncheck the box labeled Allow websites to perform privacy-preserving ad measurement.

Thunderbird's annual Extended Support Release was revealed Friday, promising "significant" improvements to the overall user experience and "the speed at which we can deliver new features to you," according to the Thunderbird blog: We've devoted significant development time integrating Rust — a modern programming language originally created by Mozilla Research — into Thunderbird. Even though this is a seemingly invisible change, it is a major leap forward because it enhances our code quality and performance. This overhaul will allow us to share features between the desktop and future mobile versions of Thunderbird, and speed up our development process. It's a win for our developers and a win for you.
More from the blog OMG Ubuntu: I'm also stoked to see that Thunderbird 128 makes 'newest first' the default sort order for messages in message list. While some prefer the old way, I always found it strange that the oldest mails were shown first — team reverse chronology, represent!
They also cite "a number of OpenPGP improvements," plus a new preference option for displaying full names and email addresses of all recipients in the message list. (Plus, threaded-message views now display a "New Message" count.)

Other new features in this release:

• A new and more attractive layout for Cards View (with adjustable heights) that "makes it easier to scan your email threads and glean information."

• The folder pane has better recall of message thread states

• Improved theme compatibility. "Your Thunderbird should blend seamlessly with your desktop environment, matching the system's accent colors perfectly." (Especially beneficial on Ubuntu and Mint.)

• You can now customize the color of your account icon.

The Thunderbird blog also mentions that "We plan to launch the first phase of built-in support for Exchange, as well as Mozilla Sync, in a future Nebula point release (e.g. Thunderbird 128.X)."

williamyf writes: Mozilla has released version 128 of the Firefox web browser. Some noteworthy features include: "Firefox can now translate selections of text and hyperlinked text to other languages from the context menu. [...] Firefox now has a simpler and more unified dialog for clearing user data. In addition to streamlining data categories, the new dialog also provides insights into the site data size corresponding to the selected time range. [...] On macOS, microphone capture through getUserMedia will now use system-provided voice processing when applicable, improving audio quality." More info in the release notes here.

But the most important feature of 128 is that it is the newest ESR. Why is this important? Glad you asked:

* Firefox ESR is the browser of choice for many Linux distros (including Debian), so this is important for the Linux community at large.
* Many downstream projects (like Thunderbird or KAiOS) use Firefox ESR as their base, so whatever is included in 128 will determine the capabilities of those projects for the next year.
* Many ISVs (software makers), both big and small, test/certify their software only against the ESR version of Firefox. For users of such software, the new ESR is very important.
* Many companies and individuals value stability of the UI/Workflow over new bells and whistles, for them, ESR is important.
* When an OS is discontinued, Mozilla lets the ESR be the last browser on the platform, exceeding the support window of the likes of Alphabeth, Apple or Microsoft, so for people on older OSs, ESR is important.

Link to download (the ESR) here.

Google is severing its trust in Entrust after what it describes as a protracted period of failures around compliance and general improvements. From a report: Entrust is one of the many certificate authorities (CA) used by Chrome to verify that the websites end users visit are trustworthy. From November 1 in Chrome 127, which recently entered beta, TLS server authentication certificates validating to Entrust or AffirmTrust roots won't be trusted by default.

Google pointed to a series of incident reports over the past few years concerning Entrust, saying they "highlighted a pattern of concerning behaviors" that have ultimately seen the security company fall down in Google's estimations. The incidents have "eroded confidence in [Entrust's] competence, reliability, and integrity as a publicly trusted CA owner," Google stated in a blog. The move follows a May publication by Mozilla, which compiled a sprawling list of Entrust's certificate issues between March and May this year. Entrust -- after an initial PR disaster -- acknowledged its procedural failures and said it was treating the feedback as a learning opportunity.

Thomas Claburn reports via The Register: Mozilla Corporation was sued this month in the US, along with three of its executives, for alleged disability discrimination and retaliation against Chief Product Officer Steve Teixeira. Teixeira, according to a complaint filed in King County Superior Court in the State of Washington, had been tapped to become CEO when he was diagnosed with ocular melanoma on October 3, 2023. Teixeira then took medical leave for cancer treatment from October 30, 2023, through February 1, 2024. "Immediately, upon his return, Mozilla campaigned to demote or terminate Mr Teixeira citing groundless concerns and assumptions about his capabilities as an individual living with cancer," the complaint [PDF] says. "Interim Chief Executive Officer Laura Chambers and Chief People Officer Dani Chehak were clear with Mr Teixeira: He could not continue as Chief Product Officer -- and could not continue as a Mozilla employee in any capacity beyond 2024 -- because of his diagnosis."

Chambers and Chehak are both named in the complaint, along with Mitchell Baker, the former CEO of Mozilla who stepped down in February and announced Chambers as her successor. "Mr Teixeira was enthusiastic to resume his critical role after treatment, but Mozilla would not tolerate an executive with cancer," said Amy Kangas Alexander, an attorney with law firm Stokes Lawrence who is representing the plaintiff, in an email to The Register. "When Mr Teixeira refused to be marginalized because of his disability, Mozilla retaliated and placed him on leave against his will. Mozilla has sidelined Mr Teixeira at the very moment he needs to be preparing his family for the possibility of a future without him."

The complaint claims that Teixeira, appointed in August 2022, helped reverse the decade-long decline of Firefox, which generates about 90 percent of Mozilla's revenue and is the company's only profitable product. He's further credited with growing Mozilla's advertising business, and AI capabilities, and with reducing investment in the money-losing Pocket service. These and other successes, it's alleged, led to conversation in September 2023 when Baker outlined a plan for Teixeira to become CEO. Then he took medical leave and before he could return, the complaint says, Chambers was appointed interim CEO and Baker was removed, becoming Executive Chair of the Board of Directors. [...] A Mozilla spokesperson said in a statement: "We are aware of the lawsuit filed against Mozilla. We deny the allegations and intend to vigorously defend against this lawsuit. Mozilla has a 25-plus-year track record of maintaining the highest standards of integrity and compliance with all applicable laws. We look forward to presenting our defense in court and are confident that the facts will demonstrate that we have acted appropriately. As this is an ongoing legal matter, we will not be providing further comments at this time."

Mozilla has acquired ad metrics firm Anonym in a move to "support user privacy" while delivering effective online advertising. Anonym, founded by former Meta executives in 2022, helps advertisers and ad networks measure the performance of online ads while preserving user privacy. The acquisition comes amid growing consumer concerns and regulatory scrutiny over current data practices in the advertising industry.

Mozilla CEO Laura Chambers sees this as a pivotal shift in the coexistence of privacy and advertising. Mozilla maintains that advertising is the underlying business model of the web, but it can be reformed to minimize societal harms.