Mozilla, Gecko Archive
Firefox 75 due to be released next month should finally have its native Wayland support in good order. Merged yesterday were the Firefox Wayland patches for VA-API video acceleration support in conjunction with FFmpeg. And so the slow, almost never-ending march towards Wayland continues. I wonder if the march will ever end,
The SeaMonkey project is a community effort to develop the SeaMonkey Internet Application Suite (see below). Such a software suite was previously made popular by Netscape and Mozilla, and the SeaMonkey project continues to develop and deliver high-quality updates to this concept. Containing an Internet browser, email & newsgroup client with an included web feed reader, HTML editor, IRC chat and web development tools, SeaMonkey is sure to appeal to advanced users, web developers and corporate users. SeaMonkey has been around for a while, and I’m sure many of you are familiar with it. It’s effectively a modern continuation of the more classic Mozilla browser, the Mozilla Application Suite, which also included a news reader, email client, and so on. Not exactly the kind of thing most people want to use today, but there must still be a place for it in today’s era. That being said, the project just released its latest new version, 2.53.1, so I figured I’d highlight it here.
Today, Firefox began the rollout of encrypted DNS over HTTPS (DoH) by default for US-based users. The rollout will continue over the next few weeks to confirm no major issues are discovered as this new protocol is enabled for Firefox’s US-based users. At the creation of the internet, these kinds of threats to people’s privacy and security were known, but not being exploited yet. Today, we know that unencrypted DNS is not only vulnerable to spying but is being exploited, and so we are helping the internet to make the shift to more secure alternatives. We do this by performing DNS lookups in an encrypted HTTPS connection. This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit. We can only hope other browsers will follow soon. This is a very important and great improvement.
There was a time when Thunderbird’s future was uncertain, and it was unclear what was going to happen to the project after it was decided Mozilla Corporation would no longer support it. But in recent years donations from Thunderbird users have allowed the project to grow and flourish organically within the Mozilla Foundation. Now, to ensure future operational success, following months of planning, we are forging a new path forward. Moving to MZLA Technologies Corporation will not only allow the Thunderbird project more flexibility and agility, but will also allow us to explore offering our users products and services that were not possible under the Mozilla Foundation. The move will allow the project to collect revenue through partnerships and non-charitable donations, which in turn can be used to cover the costs of new products and services. Thunderbird’s focus isn’t going to change. We remain committed to creating amazing, open source technology focused on open standards, user privacy, and productive communication. The Thunderbird Council continues to steward the project, and the team guiding Thunderbird’s development remains the same. I’m glad Thunderbird and its users found a way forward for the application, but I’ve never been a fan of these complex, overloaded e-mail/groupware applications like Thunderbird, Evolution, and Kmail. I use Geary because it focuses on one thing and does it well – e-mail – and it doesn’t try to also do all sorts of stuff I don’t want an e-mail client to do. As a side note, KDE could really use a Geary-like simple e-mail client – because Kmail is not in a great state.
A couple of weeks ago, we landed a commit that took years of effort at Mozilla. It removed “XBL”, which means we’ve completed the process of migrating the Firefox UI to Web Components. It wasn’t easy – but I’ll get to that later. It’s taken a couple years of work of remarkably steady progress by a small team of engineers along with the support of the rest of the organization, and I’m happy to report that we’ve now finished. This is a big accomplishment on its own, and also a foundational improvement for Firefox. It allows teams to focus efforts on modern web standards, and means we can remove a whole lot of duplicated and complicated functionality that wasn’t exposed to websites. The fact the people at Mozilla have been able to do this without any major disruptions to Firefox users is pretty impressive.
Sideloading is a method of installing an extension in Firefox by adding an extension file to a special location using an executable application installer. This installs the extension in all Firefox instances on a computer. Sideloaded extensions frequently cause issues for users since they did not explicitly choose to install them and are unable to remove them from the Add-ons Manager. This mechanism has also been employed in the past to install malware into Firefox. To give users more control over their extensions, support for sideloaded extensions will be discontinued. This blog post requires some very clear translating before all of grab our pitchforks. Users will still be able to install extensions from outside Mozilla’s own add-on website, and developers will still be able to distribute them separately. The functionality Mozilla is removing from Firefox is the ability for application installers – such as Skype – to dump an extension in a folder and then have that extension be installed in every Firefox profile on the machine.
And today we’re excited to announce that we’re moving to a four-week release cycle! We’re adjusting our cadence to increase our agility, and bring you new features more quickly. In recent quarters, we’ve had many requests to take features to market sooner. Feature teams are increasingly working in sprints that align better with shorter release cycles. Considering these factors, it is time we changed our release cadence. I’ve been incredibly satisfied with Firefox for a long time now, and aside from a few hiccups along the way, I trust the team to handle a faster release cycle just fine.
I’ve found myself agreeing wholeheartedly with the recent pushes to get people to switch from Chrome to Firefox. Google keeps pulling dumb trick after dumb trick in an attempt to have more control over the web. It’s hard not to think that this kind of behavior warrants quitting Chrome and other Google products. But taking a look at Firefox usage statistics, it’s pretty obvious that the trend (looking at Monthly Active Users) is going in the wrong direction. This raises some questions: why is Firefox usage going down, and what does Mozilla need to do to bring it back up? Harsh, but fair. Firefox’s out-of-the-box defaults are very counter-intuitive to its privacy-focused marketing. Nonsense like recommended articles littering the new tab page, forced Pocket integration that you can only disable through about:config, recommended themes and extensions based on your usage, Google being the default browser, and so on, all seem to fly in the face of claims that using Firefox allows you to take control of your privacy. Sure, I disable the Pocket integration, set DDG as my default search engine, and do other things to decrapify Mozilla’s terrible defaults (Firefox is my browser on all my computers and mobile devices), but regular users shouldn’t have to.
At Firefox, we’re passionate about providing solutions for people who care about safety, privacy and independence. For several months, we’ve been working on a new strategy for our Android products to serve you even better. Today we’re very happy to announce a pilot of our new browser for Android devices that is available to early adopters for testing as of now. We’ll have a feature-rich, polished version of this flagship application available for this fall. This version does not yet support extensions, making it a bit useless for me at this stage. I hope they address that soon.
Recently, Firefox had an incident in which most add-ons stopped working. This was due to an error on our end: we let one of the certificates used to sign add-ons expire which had the effect of disabling the vast majority of add-ons. Now that we’ve fixed the problem for most users and most people’s add-ons are restored, I wanted to walk through the details of what happened, why, and how we repaired it. An in-depth look at the cause and fixes for the devastating extensions bug that hit Firefox users over the weekend, written by Firefox CTO Eric Rescorla.
Update: a partial fix has been shipped by Mozilla A few hours ago a security certificate that Mozilla used to sign Firefox add-ons expired. What this means is that every add-on signed by that certificate, which seems to be nearly all of them, will now be automatically disabled by Firefox as security measure. In simpler terms, Firefox doesn’t trust any add-ons right now. Basically, all your Firefox extensions will be disabled and won’t work until Mozilla fixes this embarrassing issue. Until they do, you can go to about:config and set xpinstall.signature.required to false. This is obviously a major security issue, so only change this flag if you know what you’re doing, and don’t forget to set it back to true once Mozilla fixes the issue.
A recently published support document highlights Mozilla’s plans for the current Firefox for Android and also Fenix. Mozilla’s main idea is to maintain the legacy version of Firefox for Android until Fenix reaches migration readiness status. Firefox users on Android should be able to use the legacy version until Fenix is ready while Mozilla wants to minimize support costs. Fenix currently does not support extensions just yet, so I’ll be staying on the regular Firefox for Android until that has been addressed.
It’s no secret that Google Chrome is the world’s most popular browser, and while a lot of that might be owed to its quality, some believe that Google intentionally sabotaged competing browsers in order to grow in popularity. A former Mozilla executive has lashed out at the Mountain View company for repeatedly and continuously finding less-than-desirable ways to promote its own browser. Jonathan Nightingale posted a series of tweets over the weekend, detailing some of the events that took place between Google and Mozilla over the years. Nightingale starts by pointing out that Google typically played nice with Mozilla before Chrome was a thing, but things turned sour once Google’s browser launched. While the company kept trying to convince Mozilla that both organizations were on the same side, things would often break in Firefox for no real reason. This is really not that surprising. The only reason Google plays nice with Mozilla is the same reason Microsoft invested in Apple in the late ’90s and kept its products available on Mac OS despite the fact the Mac was basically dead: they need an antitrust lightning rod.
At Mozilla, we are always committed to people’s security and privacy. It’s part of our long-standing Mozilla Manifesto. We are continually looking for new ways to fulfill that promise, whether it’s through the browser, apps or services. So, it felt natural to graduate one of our popular Test Pilot experiments, Firefox Send. Send is a free encrypted file transfer service that allows users to safely and simply share files from any browser. Additionally, Send will also be available as a an Android app in beta later this week. Now that it’s a keeper, we’ve made it even better, offering higher upload limits and greater control over the files you share. Neat feature, because sending files is still a messy and unpleasant experience. I trust Mozilla to do this right.
We know that unsolicited volume can be a great source of distraction and frustration for users of the web. So we are making changes to how Firefox handles playing media with sound. We want to make sure web developers are aware of this new autoplay blocking feature in Firefox. Starting with the release of Firefox 66 for desktop and Firefox for Android, Firefox will block audible audio and video by default. We only allow a site to play audio or video aloud via the HTMLMediaElement API once a web page has had user interaction to initiate the audio, such as the user clicking on a “play” button. Good move, and long overdue. Autplaying video isn’t just a mere annoyance – it’s incredibly rude, obnoxious and desrespectful.
A Microsoft program manager has caused a stir on Twitter over the weekend by suggesting that Firefox-maker Mozilla should give up on its own rendering engine and move on with Chromium. “Thought: It’s time for @mozilla to get down from their philosophical ivory tower. The web is dominated by Chromium, if they really ‘cared’ about the web, they would be contributing instead of building a parallel universe that’s used by less than five percent?” wrote Kenneth Auchenberg, who builds web developer tools for Microsoft’s Visual Studio Code. This is such a rude and discourteous thing to say to a competitor – a competitor that has played a crucial role in bringing back competition to the browser market back when Internet Explorer 6 kept the web down like an anker. We need competition on the web.
According to Mozilla’s plugin roadmap, the firm planned to disable Flash by default in Firefox sometime this year. Now, a new bug filing has revealed that the plugin will be disabled as of Firefox 69 which is due for release on September 3, 2019. Mozilla will disable Flash beginning with the Nightly builds before it works its way down to the Stable channel. The disabling of Flash comes in anticipation of Adobe ending support for its Flash plugin at the end of 2020. Mozilla has said that it will completely remove Flash support for consumer versions of Firefox in early 2020, while the Extended Support Release (ESR) version will have support until the end of the year. In 2021, Mozilla has said that Firefox will refuse entirely to load the plugin due to a lack of security updates from Adobe. Aside from the occasional Flash-based online game, is Flash even a thing these days? Do any of you still use it on a regular basis?
Mozilla's response to Microsoft adopting Chromium.
Microsoft is officially giving up on an independent shared platform for the internet. By adopting Chromium, Microsoft hands over control of even more of online life to Google.
This may sound melodramatic, but it's not. The "browser engines" - Chromium from Google and Gecko Quantum from Mozilla - are "inside baseball" pieces of software that actually determine a great deal of what each of us can do online. They determine core capabilities such as which content we as consumers can see, how secure we are when we watch content, and how much control we have over what websites and services can do to us. Microsoft's decision gives Google more ability to single-handedly decide what possibilities are available to each one of us.
The question is now how long Firefox will be able to survive. The cold and harsh truth is that Firefox usage hasn't exactly been trending upwards, and with even Microsoft throwing its full weight behind Chromium, even more web developers won't even bother to test against anything other than Chromium and Apple's WebKit. How long can Mozilla and Firefox survive this reality?
As of last nightly (20181115100051), Firefox now supports Wayland on Linux, thanks to the work from Martin Stransky and Jan Horak, mostly.
Before that, it was possible to build your own Firefox with Wayland support (and Fedora does it), but now the downloads from mozilla.org come with Wayland support out of the box for the first time.
The transition to Wayland seems to be taking its time, but with how big of an undertaking this is, that only makes sense.
After considering the maintenance, performance and security costs of the feed preview and subscription features in Firefox, we've concluded that it is no longer sustainable to keep feed support in the core of the product. While we still believe in RSS and support the goals of open, interoperable formats on the Web, we strongly believe that the best way to meet the needs of RSS and its users is via WebExtensions.
With that in mind, we have decided to remove the built-in feed preview feature, subscription UI, and the "live bookmarks" support from the core of Firefox, now that improved replacements for those features are available via add-ons.
I would assume most RSS users already use more capable RSS readers and/or browser extensions, so it makes perfect sense for Firefox developers to remove this functionality from the browser so they no longer have to maintain it.