Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'firefox'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 509 results

  1. This is Firefox’s Upcoming Permissions System Mozilla is working on a new permissions frontend for Firefox currently that improves user interaction with permission requests significantly. Back in mid-2016 we gave you a glimpse of the new permissions system that Mozilla was working on at the time for its Firefox web browser. Mozilla worked on it a bit more in the meantime, and plans to launch an updated version of it soon that improves the user interaction with permissions in several ways. While there has always been permissions in web browsers, think of allowing or disallowing cookies or JavaScript for instance, recent advanced in web technologies brought along with them new ways for sites and services to interact with the browser. Non-default permissions, those that require access to a system's web cam, microphone or other sensors for instance, require elevation in Firefox. This means that Firefox will prompt the user when a site requests access to these features, and it is up to the user to grant or deny the request. Firefox Permissions The old system that Firefox uses right now in the stable version of the browser has its usability flaws. It is for instance easy enough to dismiss prompts by clicking elsewhere, and users appear to have troubles bringing the prompt back up when that happens. It is also difficult to manage individual permissions for sites according to surveys and tests that Mozilla conducted in the past to analyze the current system. The new permissions system, which is activate in Nightly versions of Firefox already, improves user interactions with site permissions significantly. We talked about the new sticky permissions prompt already that is displayed when a site requests a permission. Options are clearer in the prompt, and it is not possible anymore to accidentally dismiss it without making a selection. The icon the prompt uses indicates the permission request. A new feature that makes things even easier is that Firefox highlights permissions that you declined in the address bar next to the "information" icon. The icon indicates if special permissions have been granted, and opens the permissions dialog. Blocked permission requests are highlighted in the address bar to indicate that to the user, and give users a chance to activate them quickly if the need arises. A click on the icon, or the information icon, opens the new permissions dialog of Firefox. This dialog shows permissions directly, allowing you to remove them with a click, or allow or block permissions directly from there without having to go anywhere else in Firefox for that. If you see a small dot in the top right corner of the i-icon, it means that the site has been granted elevated privileges. You can still open Page Info from that dialog though to open the full permissions listing for the site, and make changes to it. WebRTC Audio, video and screen sharing permissions are improved as well. Screen sharing for one does not require sites to be added to a whitelist anymore. All sites may use WebRTC screen sharing in Firefox when the change lands. Firefox users have to select the window they want to share from a list -- the default is no window -- and a preview of that window is displayed for verification purposes. Firefox will ask the user if the entire screen or other important screens are to be shared. Mozilla introduced a permissions manager back in 2011 in Firefox that gave you control over site permissions, but removed it later on. Additional information on the permission system changes are available here. Now You: What's your opinion on the new permissions system? Source
  2. Mozilla Firefox 51.0 RC 2 Windows en-US: x86: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/51.0-candidates/build2/win32/en-US/Firefox%20Setup%2051.0.exe x64: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/51.0-candidates/build2/win64/en-US/Firefox%20Setup%2051.0.exe Windows All languages: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/51.0-candidates/build2/win32/ https://download-installer.cdn.mozilla.net/pub/firefox/candidates/51.0-candidates/build2/win64/ Other OS: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/51.0-candidates/build2/ Checksum: SHA512SUMS SHA512SUMS.asc Firefox for Android 51.0 RC: https://download-installer.cdn.mozilla.net/pub/mobile/candidates/51.0-candidates/
  3. 2017 will be quite the interesting year for the Firefox web browser. Mozilla plans to make the switch to WebExtensions in that year, launch a new themes API that is based on that, and will introduce a new default Firefox theme on top of all that. The first changes have been pushed to the Nightly version of the Firefox web browser already. The most visible change is the addition of two new themes that Firefox will ship with from that version on. What this means is that Firefox users can choose one of the three themes to run Firefox with, all without having to head over to the themes repository to download themes first. Firefox: new default compact themes Users of Firefox's Developer Edition may know the themes already: Compact Dark and Compact Light are more or less copies of the Developer Themes. The core difference is that you may enable the themes using the Add-on Manager, and don't have to open the Developer Tools to switch between themes. Their main advantage over the default theme is that they save you a couple of extra pixels vertically when enabled. The new themes are already available for selection in Firefox Nightly. They will be made available in other Firefox versions in the coming months. To enable them, load about:addons in the browser's address bar, and switch to appearance in the menu. There you find the two new themes listed next to the default theme, and any other theme you may have installed in Firefox manually. Simply click on the enable link to activate the selected theme. A restart is not required. Another option that you have to enable the themes is to open the browser's customize mode. Click on Menu > Customize. Select Themes to display the list of themes. Firefox displayed the default theme there, and five recommended themes. The new themes listing there displays the two compact themes for selection, and only two recommended themes instead of five. Theme WebExtensions API has landed Mozilla is working on WebExtensions support currently. Some APIs are already available, and many are still being worked on. One API that was a no-show up until now was the new theme API that will provide theme developers with capabilities to create themes for the Firefox web browser. This is important, as Mozilla wants to turn off all other add-on and theme related creation options, and focus solely on WebExtensions starting in late 2017. All themes and add-ons for Firefox that are not created using WebExtensions won't be compatible with Firefox anymore at that point. While it is possible that Mozilla will extend the deadline to give developers more time to make the switch, nothing has been said in this regard up to now. Specifics are not known yet and it remains to be seen how this will end up. The new themes API will sit somewhere between today's lightweight themes and full themes. It will be more powerful than lightweight themes, but not as powerful as full themes. The new theme WebExtensions API has landed in Firefox Nightly. It is locked behind a configuration switch right now though: Type about:config in the Firefox address bar. Confirm that you will be careful if the warning prompt appears. Search for extensions.webextensions.themes.enabled. Double-click the preference. This sets the preference to true, and enables support for the WebExtensions themes API in Firefox. You can follow development of the themes API -- it is far from complete -- here. The following demo shows some of the API's capabilities: New Firefox Default Theme Mozilla plans to refresh the current default theme of the Firefox web browser in 2017. The project is called photon, and it is part of Quantum, but that is the extent of what we know about the plans right now. It could be a simple visual refresh, or something of epic proportions like Australis. Closing Words Much of what is theme-related and coming in 2017 is unknown territory at this point in time. We don't know anything about the default theme refresh, nor how powerful the themes API will be once version 1.0 is made available. (thanks Sören Hentzschel) Article source
  4. Two major browsers makers, Mozilla and Google, are adding support for the FLAC audio format this month, with the releases of Firefox 51 and Chrome 56. FLAC is an acronym that stands for Free Lossless Audio Codec, a file format for storing audio data with no data loss. The format is well known among music lovers, who often prefer to listen to music files stored in FLAC format due to the higher sound quality that these files provide. For many years, the downside to using FLAC files on the web was their huge size, with streaming providers opting for smaller audio file formats, such as MP3, WAV, and others. But as bandwidths have grown all over the world, both streaming providers and browser makers are now turning their sights to FLAC in order to improve their quality of service. FLAC support to be added in Firefox, Chrome by the end of the month The first browser vendor to announce FLAC support was Mozilla. Since the end of August, Mozilla engineers have been working hard on adding FLAC support to Firefox. Their end goal is Firefox 51, set for an official release on January 23. FLAC support has already arrived in Firefox Nightly and Beta versions, and the feature is expected to launch as initially planned. The latest browser maker to add FLAC support is Google, who recently started adding basic FLAC support in the desktop version of Chrome 56, expected to launch on January 31. According to a feature request spotted by 9to5Google, Chrome users had been asking for FLAC support since as early as 2011. ChromeOS already features FLAC support, so adding it to the Chrome browser now seems a trivial task. Article source
  5. Mozilla is investigating options currently to turn the built-in Developer Tools of the Firefox web browser into a system add-on. So-called system add-ons are browser add-ons that ship with core Firefox. Basically, add-ons that are not installed by the user but by Mozilla. Firefox users have less control over these system add-ons, even though it is possible to remove them from the system Firefox is run on. The main idea behind making the Developer Tools of the web browser a system add-on is that it allows Mozilla to deliver updates faster to users as the release of updates would not be tied to Firefox releases anymore. This is especially beneficial to users of Firefox's release channel who have to wait several release cycles currently to get updates (starting with Nightly, then Developer Tools, then Beta before they land in Stable). Mozilla notes that the majority of Developer Tools users use the release version of Firefox. The DevTools team investigates scenarios currently in regards to turning the built-in Developer Tools into a system add-ons. One idea that is being discussed is to change the state of the Developer Tools when it is offered as a system add-on. The two main ideas are to either only install the system add-on on demand, or to ship it in disabled state instead, but both options are not supported right now by Firefox. Move DevTools, DevEdition Prefs + Theme into a system add-on. This would allow us to achieve our goal of shipping to our users more quickly and set us to more easily transition all of our users later. While Developer Tools are certainly appreciated by users who make use of them, the team notes that less than 1% of users interact with DevTools at all. A Microsoft study suggests on top of that, that the majority of users interact with the Developer Tools by mistake instead of intentionally. Nothing is set in stone yet, but the team wants to move forward with the plan. There are also talks underway to transition the system later on to a mix of WebExtensions and system add-on. (this is still up in the air) is likely that we transition from system add-on to WebExtension + System add-on. Where the system add-on becomes smaller and smaller, only remaining to support the WebExtension APIs we need and the rest of the tools to live as pure WebExtensions. Closing Words Turning the Developer Tools into a system add-on makes a whole lot of sense. First, it enables the team to push updates faster to all users as updates don't have to ride the train anymore to end up in the release version of the web browser. Second, it may prevent users from interacting with the Developer Tools by mistake. As long as Mozilla gets the activation process right, it should not take more than one or two clicks to enable the Developer Tools in Firefox, doing so should be beneficial to all parties involved. (via Sören Hentzschel) Article source
  6. Download Beta (Select Language): Installer x32 Installer x64
  7. Firefox 53: JSON Viewer On By Default Mozilla plans to enable the built-in JSON Viewer of the Firefox web browser for all browser channels including Firefox Stable in Firefox 53. The organization integrated the viewer in version 44 of the web browser, but did not enable it by default for all channels but the Developer Channel. Firefox's JSON Viewer displays structured JSON data instead of the RAW data dump that one gets when the viewer or a third-party extension is not enabled. Take a look at the following two screenshots to see the difference between unstructured JSON data, barely readable by humans, and the data presented by the JSON Viewer in Firefox. As you can see, the data is displayed in a tree hierarchy with JSON Viewer enabled. It is still possible to switch to the raw data view with the viewer enabled. Other options that you may find interesting are to show or hide certain bits of data, to use a filter, and to save or copy data. This is mostly useful for developers, as it provides them with a better representation of JSON data directly in the Firefox web browser. Useful for instance to understand how to retrieve information from the data. JSON Viewer is part of all versions of Firefox already, but it is not enabled in all versions. While it is enabled in Firefox Developer Edition and Nightly for instance, it is not enabled in Firefox Stable. This will happen with the release of Firefox 53 which will come out on April 18th, 2017 if the Firefox release schedule is not changed. You can enable JSON Viewer in all versions of Firefox right now if you don't want to wait for that to happen: Type about:config in the Firefox address bar and hit the Enter-key. Confirm that you will be careful if the warning prompt appears. Search for devtools.jsonview.enabled. Double-click on the preference name. Setting the value of the preference to true enables the feature, while a value of false disables it. This means that you can disable the viewer in case you don't require it, or prefer to use a different extension or program for that instead. You can follow the progress on Bugzilla. (via Sören Hentzschel) Source
  8. Mozilla has published a new test pilot project for the organization's Firefox web browser that brings Cliqz suggestions to Firefox's address bar. Cliqz, available as a standalone desktop browser, mobile apps, and a Firefox extension, is a service that returns rich suggestions as you type. While most browsers support suggestions, they are limited usually to search queries, page titles, or URLs. Cliqz advances that concept by delivering results directly while you type. If you type "weather Essen" for instance, you get a weather report and forecast delivered to you directly without having to open any sites for that. Please note that the Cliqz Test Pilot experiment appears to be limited to deliver German results right now. While it does understand English queries, e.g. weather "cityname", all of its results are in German right now even if your version of Firefox is set to a different language. The experiment works like any other available for Firefox. Head over to the Firefox Test Pilot website, and install the Test Pilot extension first if you have not done so already. Once that is out of the way, open the [Killer]Cliqz page on the Test Pilot site and click on the enable link there to activate it. Make sure you read the privacy information on the page before you do so. Information, what you type or do, is collected. This includes web page interactions like mouse movements or time spent on sites. Second note: Mozilla [Killer]holds an investment in the German Cliqz GMBH since 2016. This was done to strengthen web search in regards to privacy according to the German press release. Third note: The experiment replaces the home page and the new tab page with a new version. There is no option to prevent this from happening. It is interesting to note that the Test Pilot experiment resembles the functionality of the Firefox add-on. You can use it to display direct results to some queries including weather reports, flight information, conversions, news, calculations and more. The experiment may prompt you to share your location with it to deliver local results. If you enter Stau for instance, the German word for traffic jam, you get prompted to share your location with the service. A click on a result takes you to the site directly without opening a search results page first. Closing Words You are probably wondering why Mozilla launched a Test Pilot project for something that is already available as a browser extension. Mozilla did not tell, but the most likely reason is that experiments allow Mozilla to grab telemetry data which it would not have access to otherwise. It remains to be seen how well this is received by users who take part in the experiment. The browser extension for Firefox is quite popular with roughly 121,000 users currently. (via Sören Hentzschel) Article source
  9. Mozilla Firefox 51.0 beta 11 http://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b13/ en-US x86 https://download.mozilla.org/?product=firefox-51.0b13-SSL&os=win&lang=en-US x64 https://download.mozilla.org/?product=firefox-51.0b13-SSL&os=win64&lang=en-US
  10. Browser Autofill Data May Be Phished Data that you have saved as so-called Autofill data in your web browser of choice may be phished by sites using hidden form fields. Most modern web browsers support comfortable features like auto-filling forms on sites using data that you have entered in the past. Instead of having to enter your name, email address or street address whenever you sign up for a new account for instance, you'd fill out the data once only and have the browser fill out the fields for you any time they are requested afterwards. But autofill can also be a privacy issue. Imagine a site requesting that you enter your name and email address on a page. You would probably assume that this is the only data it requests, and that your browser will only fill out those fields and nothing else. Watch what happens when the developer of a site adds hidden fields to a page. Note that hidden in this regard means visible but drawn outside the visible screen. The browser may fill out fields that you don't see but are there. As you can see, this may include personal data without you being aware that the data is submitted to the site. While you could analyze any page's source code before submitting anything, doing so is highly impracticable. You can download the example index.html file from GitHub. Please note that this appears to work in Chrome but not in Firefox at the time of writing. It is likely that Chrome-based browsers will behave the same. Chrome will only fill out the following information by default: name, organization, street address, state, province, zip, country, phone number and email address. Note that you may add other date, credit cards for instance, to autofill. Since there is no way of stopping this from the user's end, it is best right now to disable autofill until the issue gets fixed. It is interesting to note that this is not a new issue, but one that has been mentioned since at least 2010. A Chromium bug was reported in mid 2012, but it has not found any love yet. Disable autofill in Chrome You can disable Google Chrome's autofill functionality in the following way: Load chrome://settings/ in the web browser's address bar. Click on "show advanced settings" at the end of the page. Scroll down to the "passwords and forms" section. Remove the checkmark from "Enable Autofill to fill out web forms in a single click". Mozilla Firefox does not seem to be affected by this. You can find out about disabling autofill in Firefox on Mozilla's Support website. Closing Words There is the question whether browser add-ons that support automatic form filling may leak data to sites that use hidden form fields as well. I did not test this, but it would be interesting to find out. Source
  11. Mozilla Firefox 51.0 Beta 12 Download Beta (Select Language): Installer x32 Installer x64
  12. Firefox 52: Better Font Fingerprinting Protection Mozilla plans to integrate better font fingerprinting protection in Firefox 52; the new version of the web browser is scheduled for a March 7, 2017 release. The changes are already live in pre-release versions of the web browser. Font fingerprinting refers to one of the many fingerprinting options that websites and services have when users connect to them. The web browser reveals information during connect which the site or service may record. The core idea behind browser fingerprinting is to create a unique profile of a browser by using one, some or many parameters that are retrievable publicly. Tip: You can run browser fingerprinting tests like Browserprint or Panopticlick to find out about what your browser reveals on connect. Firefox 52: Better Font Fingerprinting Protection If you check for system fonts using a service like Panopticlick, you will get the list of supported fonts returned. This test requires only JavaScript to function, and has nothing to do with Adobe Flash's method of returning fonts as well. The screenshot above confirms that system fonts are revealed to sites using JavaScript currently. This is true for all Firefox channels, even development channels. The new change that will launch with Firefox 52 is an optional parameter that you can configure to restrict font access. So, instead of returning all fonts installed on the operating system, Firefox would only return the fonts that you have whitelisted. Side note: one could say that restricting fonts might make you even more unique, considering that the vast majority of browsers won't return only some or even no fonts at all. Also, being too restrictive may change fonts that the browser uses as well. Finally, some fonts appear to be added regardless of your choice currently. Adding only Helvetica to the whitelist for instance returned Courier, MS Sans Serif, Sans Serif and Times as well. It would obviously be better if Firefox would return only a standard set of fonts if the whitelist is activated. You need to do the following to use a system font whitelist in Firefox: Type about:config in the browser's address bar and hit the Enter-key afterwards. Confirm that you will be careful if the warning prompt is displayed. Right-click in the main pane listing all preferences, and select New > String from the context menu. Name the new parameter font.system.whitelist. Now add fonts to the whitelist separated by comma: Helvetica, Courier, Verdana is a valid value for instance. The change takes effect immediately. You may notice that fonts change in the browser UI or on websites as a response You can follow the feature's progress on Bugzilla. (via Sören Hentzschel) Source
  13. Mozilla Firefox 51.0 Beta 7 To download beta candidates(build 1): https://download-installer.cdn.mozilla.net/pub/firefox/candidates/51.0b7-candidates/build1/ Android beta candidates(build 1): https://download-installer.cdn.mozilla.net/pub/mobile/candidates/51.0b7-candidates/build1/ Download Page-Beta: https://www.mozilla.org/en-US/firefox/beta/all/ Windows en-US: x86: https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b7/win32/en-US/Firefox Setup 51.0b7.exe x64: https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b7/win64/en-US/Firefox Setup 51.0b7.exe Windows All languages: https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b7/win32/ https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b7/win64/ Checksum: SHA512SUMS SHA512SUMS.asc Release Notes[Beta]: https://www.mozilla.org/en-US/firefox/beta/notes/ Firefox for Android 51.0 Beta 7: https://download-installer.cdn.mozilla.net/pub/mobile/releases/51.0b7/
  14. Anti-Tracking Extension Privacy Badger 2.0 Is Out The Electronic Frontier Foundation released their anti-tracking extension Privacy Badger 2.0 for Firefox, Chrome and Opera yesterday. The extension is designed to prevent online tracking which is fundamentally different from how ad blockers operate. Instead of blocking scripts outright, Privacy Badger 2.0 will only block trackers. This means that ads may still be displayed, but that the extension puts an end to techniques that sites use to "follow" users around the web. The add-on places an icon in the browser's main toolbar that you interact with. It highlights the number of trackers that it blocked on a site, and displays options to allow individual trackers, or block domains that the extension did not detect as trackers. Privacy Badger 2.0 You are probably wondering how Privacy Badger 2.0 differs from the initial Privacy Badger released in 2014, and Privacy Badger 1.0 released in 2015. To find out, we have to dig deep as the EFF's own press release does not shed details on that. We have to look at the add-on stores to find out about the changes. Support for Firefox's multi-process architecture E10s is probably the biggest improvement over previous versions. Mozilla is still rolling out the feature to devices running the stable version of the Firefox web browser. Compatibility means that you can run Privacy Badger 2.0 alongside multi-process Firefox without major issues. Privacy Badger 2.0 may also be installed on Firefox Mobile for Android. This goes hand in hand with Privacy Badger sharing a code base now. Existing users of the extension may also notice performance improvements, the EFF refers to them as "huge", but mileage may vary. At least on my system, it is still not super fast. But there is more. Privacy Badget 2.0 may block WebRTC from leaking local IP addresses. Please note that this feature appears to be only available in the Chrome / Opera version of Privacy Badget 2.0, and not in the Firefox version. You find the option under "general settings" in the Privacy Badger options. You find the new "manage data" option in the settings as well. This enables you to import or export user data that includes whitelisted domains and filter settings. Privacy Badger 2.0 blocks so-called HTML5 pings as well in the new version, and will break fewer sites according to the EFF. Last but not least, it will also forget data when private browsing mode or incognito mode are used by the user. Firefox users reported that the extension breaks Google Docs for them, and there specifically Google Sheets. Closing Words Privacy Badger 2.0 is a major release, but it has its issues right now on Firefox. Google Sheets crashing, and WebRTC missing are just two of the reported issues right now that plague the Firefox version of the privacy add-on. If you do use it on Firefox, you better wait until those issues are sorted out before you upgrade to the new version. Source Changelog: New features with 2.0 & 2.0.1: Version 2.0.1 - Firefox Extension: Sanitize origin and action in popup Version 2.0 of Privacy Badger includes many improvements for users and developers, including: Support for “incognito” or “private” browsing Import/export capabilities, so you can export a backup of what Privacy Badger has learned about your tracker-blocking needs and import that into another browser Fixes to “break” fewer websites, ensuring that you can both block trackers and enjoy rich content Improved user interface translation for non-English-speaking users Blocks to prevent WebRTC from leaking your IP address Blocks to prevent HTMLl5 "ping" tracking Notable speed improvements (Firefox only) Multiprocess Compatibility (E10S) (Firefox only) A single code base for both the Firefox and Chrome versions Downloads: Details & FAQ: https://www.eff.org/privacybadger Firefox: https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/ Firefox[Optional Direct]: https://www.eff.org/files/privacy-badger-latest.xpi Opera: https://addons.opera.com/en/extensions/details/privacy-badger/?display=ru or https://addons.opera.com/extensions/download/privacy-badger/ Chrome: https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp Chromium browsers[Optional Direct]: https://www.eff.org/files/privacy_badger-chrome.crx
  15. First Version of Sandboxed Tor Browser Available Developers at the Tor Project have started working on a sandboxed version of the Tor Browser, currently available as an early alpha version for Linux systems. Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can't be leveraged to extend access to the underlying operating system. This is because the sandboxed application works with its own separate portion of disk and memory that isn't linked with the OS. Lack of sandboxing exposed Tor Browser users Most modern browsers use sandboxed environments to run code their receive from websites. Chrome, Firefox, and Edge all use sandboxes to separate themselves from the OS. Despite being based on Firefox, the Tor Browser did not use this technique, meaning it was far less secure, even if it provided more features to protect user privacy. In recent years, the FBI has developed and deployed Tor exploits in order to identify and catch crooks hiding their identity using Tor. While the FBI's intentions appear to be good, the Tor Project knows that this type of exploits can be used for other actions besides catching pedophiles and drug dealers. An exploit that unmasks Tor users can be very easily used to identify political dissidents or journalists investigating cases of corrupt politicians. As such, protecting the Tor Browser against exploits and vulnerabilities that can expose the identity of its users is crucial. The easiest way to do this is to support a sandboxing feature that isolates the Tor Browser from other OS processes and limits its ability to interact and query low-level operating system APIs that can expose MAC addresses, IP addresses, computer name, and more. Work on sandboxed Tor Browser started in September The Tor Project started working on a sandboxed version of the Tor Browser in September 2016. Over the weekend, Tor developers have released the first version of this new & improved Tor Browser. As you can imagine, this is a very rough version. One of the Tor developers working on the project describes the browser as a "Gtk+3 based UI for downloading/installing/updating Tor Browser, configuring [T]or, and launching the sandboxed browser. Think `tor-browser-launcher`, that happens to run Tor Browser in a bunch of containers." Currently, this version is in an early alpha stage, and only available for Linux. There are also no binaries available, and users must compile it themselves from the source code, which they can grab from here. Source
  16. Firefox 53: Tab Title Improvement Mozilla plans to launch a change to the display of tab titles in the Firefox 53 web browser that gives title more room than it is currently the case. I like Firefox's tab behavior better than that of Chrome. The core reasons are that Firefox won't reduce tabs to an unidentifiable mess when you reach a certain threshold, and that Firefox allows me to customize the display of tabs. I have set a custom minimum width value for open tabs in the browser, and changed the general layout as well for instance in Firefox. Firefox cuts off page titles if the tab width is not wide enough to display the full title text. The web browser does not just cut it off though, as it adds three dots to the end of the visible title to indicate that the title is not displayed in full. The change in Firefox 53 sees the three dots removed from Firefox in favor of displaying a couple more characters of the page's title. Check out the following two screenshots to see the difference. Please note that the width of the tabs in both screenshots is not identical. The first screenshot highlights how too long page titles are displayed currently in tabs in the Firefox web browser. As you can see when you look at the first tab, three dots are displayed in this case that take up space. The three dots are removed in Firefox 53 so that additional characters are displayed if a page title is too long to be displayed directly. Fun fact: The bug suggesting the change was filed back in 2011: It took this long because platform changes needed to be implemented first before it could be realized. Firefox display tab titles like Google Chrome does when it reaches version 53. Closing Words Since most browsers display page titles no longer in title bars, tabs are the only visible browser UI source when it comes to the vital information. More information in tabs is always welcome, even if it means only one or two additional characters per tab. The change benefits users the most who work with a medium or high number of open tabs at any point in time. (via Sören Hentzschel) Now You: What's your take on the change? Source
  17. AnonTab: Open Sites In A Secure Environment AnonTab is an add-on for the Firefox and Chrome web browsers that enables you to load unknown or seemingly dangerous sites in a secure environment. While you may trust some sites to a degree that you visit regularly, you may have encountered situations where you wanted to be extra safe when visiting certain sites on the Internet. This can be for privacy reasons, to avoid handing over too many information to a site, or for security reasons, if you have reasons to believe that visiting a site might be dangerous or harmful. There are a couple of things that you can do, like installing security or privacy add-ons, using a different browser profile, or opening a page in the browser's private browsing mode. AnonTab AnonTab for Firefox is an interesting add-on. The author describes it as taking the best from the NoScript and HTTPS Everywhere add-ons for Firefox, private browsing mode, and proxy use, and applying it all to the site in question. How does it work? The add-on installs without issues, and there is nothing to configure. You can right-click on any link and select "open link in AnonTab" to invoke the functionality. Please note that while you can download and install AnonTab for Firefox from the project's Github page or the Mozilla Add-ons Store, that the Chrome version is only available on Github. You need to prepare Chrome specifically to install off-Store extensions. The Chrome extension may install in other Chromium-base browsers such as Opera or Vivaldi as well; I have not tried that however. The linked site will be opened in a new tab. The IP address of your device is masked via public Google proxy servers, SSL / TLS is enforced for the connection, and scripts are blocked on the site. Additionally, no logs or browsing history entries are kept locally. This sounds really good on paper, and it is, provided that the site and its content load fine. HTTPS is only enforced if supported by the page. If it does not support it, the HTTP version is loaded instead. So that is not an issue, but the blocking of scripts may be. Some sites are programmed to load only if certain scripts are loaded, while functionality may be blocked on other sites instead. This goes hand in hand with a lack of controls. There is no option to allow certain scripts to run, which extensions like NoScript let you do. If you encounter a site that does not work when you load it in AnonTab, then you cannot load it as there is no option to customize the methods of AnonTab right now. Most blogs and content sites will load, but you may not get comments or other functionality that is powered by scripts. The add-on is built on top of DomPurify, a XSS and HTML sanitizer. Closing Words AnonTab is a handy security and privacy extension for Firefox and Chrome. While it has less uses if you use extensions or other means that offer similar functionality, it's greatest strength is that it is easy to use and does not impact regular browsing in any way. (Thanks Tom for the tip) Now You: Do you use security or privacy add-ons? Source Note: Fix for uBlock Origin browser extension (or µBlock) Users: You'll will see a Network error when using this add-on. To fix this, add "ananontab.resource-scheme" to whitelist manually or by clicking uBlock Origin's red/blue logo (which adds the opened site to uBlock Origin's Whitelist).
  18. Mozilla Firefox 50.1.0 RC 2 Windows en-US: x86: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build2/win32/en-US/Firefox%20Setup%2050.1.0.exe x64: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build2/win64/en-US/Firefox%20Setup%2050.1.0.exe Windows All languages: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build2/win32/ https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build2/win64/ Other OS: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build2/ Checksum: SHA512SUMS SHA512SUMS.asc Firefox for Android 50.1.0 RC: https://download-installer.cdn.mozilla.net/pub/mobile/candidates/50.1.0-candidates/
  19. Async/Await Arrive in Firefox The new async and await keywords—which make asynchronous code more concise, obvious, and maintainable—have arrived in Firefox 52. Currently available in the latest Developer Edition release, Firefox 52 is scheduled for general release in March 2017. JavaScript owes its excellent single-threaded performance and responsiveness on the web to its pervasively asynchronous design. Unfortunately, that same design gives rise to “callback hell,” where sequential calls to asynchronous functions require deeply nested, hard-to-manage code, as seen in this slightly contrived example using the localforage library: function foo(callback) { localforage.setItem('x', Math.random(), function(err) { if (err) { console.error("Something went wrong:", err); } else { localforage.getItem('x', function(err, value) { if (err) { console.error("Something went wrong:", err); } else { console.log("The random number is:", value); } if (callback) { callback(); } }); } }); } foo(function() { console.log("Done!"); }); If you glossed over that code, or didn’t immediately understand what it did, that’s the problem. ES2015 began addressing this challenge by standardizing on Promises for chained, asynchronous functions. Since their introduction, Promises have become an integral part of new web standards, including fetch and service workers. They make it possible to rewrite the previous example as: function foo() { return localforage.setItem('x', Math.random()) .then(() => localforage.getItem('x')) .then((value) => console.log("The random number is:", value)) .catch((err) => console.error("Something went wrong:", err)); } foo().then(() => console.log("Done!")); Thanks to Promises, the code doesn’t nest deeper with each successive call, and all of the error handling can be consolidated into a single case at the end of the chain. Note that in the example above, foo() returns immediately, before localforage does its work. Because foo() itself returns a Promise, future callbacks can be scheduled for after it completes with the .then() method.Semantically, the example above is much more straightforward, but syntactically, there’s still a lot to read and understand. The new async and await keywords are syntactic sugar on top of Promises to help make Promises more manageable: async function foo() { try { await localforage.setItem('x', Math.random()); let value = await localforage.getItem('x'); console.log("The random number is:", value); } catch (err) { console.error("Something went wrong:", err); } } foo().then(() => console.log("Done!")); The code above is functionally identical to the previous example, but it is much easier to understand and maintain, since the function body now resembles a common, synchronous function. Functions marked async always return Promises, and thus calls to .then() work on their return value to schedule callbacks. Expressions prefixed with await effectively pause functions until the expression resolves. If an awaited expression encounters an error, then execution passes to the catch block. If uncaught, the returned Promise settles into a rejected state. Similarly, instead of handling errors inside async functions, it’s possible to use normal .catch() methods on the return value instead: async function foo() { await localforage.setItem('x', Math.random()); let value = await localforage.getItem('x'); console.log("The random number is:", value); } foo().catch(err => console.error("Something went wrong:", err)) .then(() => console.log("Done!")); For a more practical example, consider a function you might write to unsubscribe a user from web push notifications: function unsubscribe() { return navigator.serviceWorker.ready .then(reg => reg.pushManager.getSubscription()) .then(subscription => subscription.unsubscribe()) .then(success => { if (!success) { throw "unsubscribe not successful"; } }); } With async and await, it becomes: async function unsubscribe() { let reg = await navigator.serviceWorker.ready; let subscription = await reg.pushManager.getSubscription(); let success = await subscription.unsubscribe(); if (!success) { throw "unsubscribe not successful"; } } Both function identically, but the latter example hides the complexities of Promises, and turns asynchronous code into code that reads (and executes) like synchronous code: from top to bottom, waiting for each line of code to fully resolve before moving on to the next line. Native cross-browser support for async and await keywords is still nascent, but you can use them today with the help of a JavaScript transpiler like Babel, which can convert async / await to functionally equivalent, backward-compatible code. To learn more about the async and await keywords, or Promises in general, check out the following resources: MDN: Async functions Can I Use: Async functions PouchDB: We have a problem with Promises Promisees: An interactive Promise visualization by @ponyfoo. Remember, async and await are just helpers for Promises: you can mix and match either syntax, and everything you learn about Promises applies directly to async and await. Special thanks to Jamund Ferguson for suggesting improvements to the code samples in this post. Source
  20. Mozilla Firefox 50.1.0 RC Windows en-US: x86: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build1/win32/en-US/Firefox%20Setup%2050.1.0.exe x64: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build1/win64/en-US/Firefox%20Setup%2050.1.0.exe Windows All languages: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build1/win32/ https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build1/win64/ Other OS: https://download-installer.cdn.mozilla.net/pub/firefox/candidates/50.1.0-candidates/build1/ Checksum: SHA512SUMS SHA512SUMS.asc Firefox for Android 50.1.0 RC: https://download-installer.cdn.mozilla.net/pub/mobile/candidates/50.1.0-candidates/
  21. Chrome 55 Now Blocks Flash, Uses HTML5 by Default Chrome 55, released earlier this week, now blocks all Adobe Flash content by default, according to a plan set in motion by Google engineers earlier this year. Back in May, Google's staff announced that starting with Q4 2016, Chrome would use HTML5 by default, while Flash would be turned off. While some of the initial implementation details of the "HTML5 By Default" plan changed since May, Flash has been phased out in favor of HTML5 as the primary technology for playing multimedia content in Chrome. Users have to allow Flash to run on non-HTML5 websites Google's plan is to turn off Flash and use HTML5 for all sites. Where HTML5 isn't supported, Chrome will prompt users and ask them if they want to run Flash to view multimedia content. The user's option would be remembered for subsequent visits, but there's also an option in the browser's settings section, under Settings > Content Settings > Flash > Manage Exceptions, where users can add the websites they want to allow Flash to run by default. Back in May, to avoid over-prompting users, Google said it would whitelist some of the Internet's biggest web portals where HTML5 isn't yet supported, or where not all content could be played back via HTML5 just yet. The list included YouTube, Flash, VK, and others. This top 10 list has been dropped, in favor of a better system called Site Engagement (chrome://site-engagement) that gives scores to websites based on the number of visits and time spent on each site. The Site Engagement indicator takes a value from 1 to 100, and once it drops under 30, users will be prompted to enable Flash, regardless of the site's popularity and Alexa ranking. Flash, who's been accused of being a resource hog and a security threat, will continue to ship with Chrome for the time being. If you don't like Google's decision to go with HTML5 by default, there's an option in the chrome://flags section where you can revert to using Flash. Google has been preparing for a life without Flash for many years now. YouTube has dropped Flash support a long time ago, while starting with January 2, 2017, Google will stop accepting Flash ads in its AdWords program. Both Chrome and Firefox now block non-essential Flash content, such as analytics and user fingerprinting scripts. Google has been doing this since Chrome 53, and Mozilla since Firefox 48. Source
  22. Beware! Firefox Updates May Reset Preferences Mozilla Firefox may reset custom browser preferences when the web browser is updated to a newer version so that the preference is set to its default value. Mozilla releases updates to Firefox Stable regularly. The organization did so on a six week schedule in the past, but has loosened that up a bit in recent time. This schedule bumps the number in front of the dot by one. Smaller updates may increase the number after the dot to fix smaller issues or introduce changes to the browser. Firefox Beta, Developer and Nightly versions are updated more frequently than the stable version. Firefox updates should not have any impact on a user's custom configuration of the browser. There are a couple of exceptions to the rule. One is, if Mozilla decides to remove a preference from the browser, or rename it. Beware! Firefox updates may reset preferences I was contacted by two Ghacks readers in the past two weeks about Firefox resetting preferences of the web browser during updates. Jern informed me that Firefox reset the block lists setting of the browser's Tracking Protection feature from strict to basic when the browser was updated to version 50 from Firefox 49.0.2. Basic protection is the recommended and default value of the setting. It does not block as many trackers as the strict blocking list. I confirmed that the upgrade to Firefox 50 did indeed reset the preference. Michel told me a week later that a recent Firefox update (to 50.0.1 or 50.0.2) did reset another preference. This time an URL string that Michel modified on Firefox's about:config page. As you may know, you can modify hundreds of preferences on about:config. Some allow you to change URLs that Firefox uses. In this particular case, Michel modified the URL responsible for pulling add-on suggestions on the about:addons page of the browser. And it was this URL that reset when Firefox updated to one of the newer versions. The two users noticed the changes because they impacted how they use the browser. While those two are confirmed -- I confirmed the resetting using a local copy of Firefox -- there is no telling if other preferences were also reset in recent time during updates. Closing Words I can't come up with reasons why resetting those two preferences was justified. As I said earlier, it may make sense to reset preferences for a variety of legitimate reasons. This should only happen however if it does not impact a user's customization provided that it is still valid. Since both basic and strict protections are still available, and since it is possible to change the URL of the add-ons suggestions page, I'm puzzled why the preferences were reset. Now You: Did you notice the resetting of Firefox preferences during updates? Source
  23. The fastest memory available in a computer is built inside the CPU itself in the form of a small cache called L1, L2 or L3 cache. But these are for the internal use of the CPU and you cannot directly access any of these. The second fastest memory available in your PC is the RAM which is also called volatile physical memory. The data in the RAM can be stored using a special program but this data is volatile and it is destroyed when you shut down Windows and power off your PC. But since the RAM is really fast memory (faster than your standard SSD), it can be used to speed up your Firefox web browsing experience. You can use a special software like Dataram RAMDisk or AMD Radeon RamDisk to create a virtual disk using a small portion of your PC’s RAM. After this, you can move the Firefox profile to this RamDisk and it will load really fast. Here is how: Download and install Dataram RAMDisk in Windows from http://memory.dataram.com/products-and-services/software/ramdisk. The free software can create RamDisk of up to 1GB in size. Open Firefox browser, type about:profiles in the address bar and press Enter. 3. Click on the Show Folder button for the Root Directory folder for your Firefox profile. 4. Copy all the files from the profile folder that opens up to a folder names profile on the ramdisk you have created using Dataram RAMDisk. For example, I copied all the files from the profile folder to Z:\Profile. 5. Close all the open Firefox windows. 6. Right-click on the Mozilla Firefox desktop shortcut, select Properties and then append a space followed by -profile “Z:\Profile” in the Target command line for launching Firefox. Click on the OK button to save the changes . 7. Now if launch Firefox browser using this desktop shortcut, it will be launched with its profile from the RAM making it extremely fast. Please note that in order to have optimum experience with RAM disks of any sort, your PC must have RAM memory of 8GB or more. The free version of Dataram RAMDisk can only create a RAM disk of only 1GB maximum size. If your Firefox profile grows larger than that, then you will have to either use some other software or buy a premium Dataram RAMDisk license. Article source Other method: Make Firefox Faster By Putting Profile and SQLite Database in RAMDisk
  24. Avira Browser Safety 2.0.0 Final Stable Screenshots: Downloads: Mozilla Firefox: https://package.avira.com/package/abs/firefox/abs-webext.xpi Opera(Chromium): https://addons.opera.com/en/extensions/details/avira-browser-safety/ Google Chrome: https://chrome.google.com/webstore/detail/avira-browser-safety/flliilndjeohchalpbbcdekjklbdgfkk
  25. Mozilla Firefox 51.0 Beta 6 To download beta candidates(build 1): https://download-installer.cdn.mozilla.net/pub/firefox/candidates/51.0b6-candidates/build1/ Android beta candidates(build 1): https://download-installer.cdn.mozilla.net/pub/mobile/candidates/51.0b6-candidates/build1/ Download Page-Beta: https://www.mozilla.org/en-US/firefox/beta/all/ Windows en-US: x86: https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b6/win32/en-US/Firefox Setup 51.0b6.exe x64: https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b6/win64/en-US/Firefox Setup 51.0b6.exe Windows All languages: https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b6/win32/ https://download-installer.cdn.mozilla.net/pub/firefox/releases/51.0b6/win64/ Checksum: SHA512SUMS SHA512SUMS.asc Release Notes[Beta]: https://www.mozilla.org/en-US/firefox/beta/notes/ Firefox for Android 51.0 Beta 6[Not Yet Available]: https://download-installer.cdn.mozilla.net/pub/mobile/releases/51.0b6/