Mozilla has patched twozero-day security vulnerabilities in Firefox that allowed backdoors to be installed on Macs, bypassing Apple's usual XProtect and Gatekeeper protections. Firefox users should update the browser immediately.
The zero-days were exploited by unnamed hackers this week, but so far, attacks are known only to have targeted Mac users involved in cryptocurrency.
3/ We’ve seen no evidence of exploitation targeting customers. We were not the only crypto org targeted in this campaign. We are working to notify other orgs we believe were also targeted. We’re also releasing a set of IOCs that orgs can use to evaluate their potential exposure.
The Mozilla Foundation is working on a premium version of its Firefox browser, according to a new report. German media site T3N ran an interview with Chris Beard, CEO of Firefox, who appeared to confirm that a paid tier of the browser could be ready to launch by October this year.
According to Beard, the premium version of Firefox is likely to include a VPN, secure cloud storage, and other subscription services such as paywalled content access.
"We will probably launch some new services first and then we will think carefully about which model makes the most sense while ensuring the best user safety," said Beard. "Firefox and many security features and services, like ETP [Enhanced Tracking Protection], will still be free, that's for sure."
Mozilla has been experimenting offering ProtonVPN to some Firefox users for a $10 per month subscription, but Beard says the company is now considering offering some amount of free VPN bandwidth to non-paying users, and a premium metered VPN service as a monthly subscription.
Mozilla currently earns its money through read-it-later and content discovery service Pocket, which it owns, but the majority of its revenue comes from the search engines used in its free browser.
After Beard's interview was published, The Next Web received a statement from Dave Camp, senior vice president of Firefox, who confirmed that paid products are actively in development:
We were founded on the belief that the internet should be open and accessible to all. A high-performing, free and private-by-default Firefox browser will continue to be central to our core service offerings. We also recognize that there are consumers who want access to premium offerings, and we can serve those users too without compromising the development and reach of the existing products and services that Firefox users know and love.
There's no word as yet on pricing for the upcoming paid version of Firefox, the standard version of which relaunched last year powered by a new Quantum engine and including several privacy-focused features.
In perhaps a hint at its planned new product launches, Mozilla on Tuesday unveiled a family of new Firefox logos, designed to give a unified identity to its broadening suite of products and services that become accessible to users who open a Firefox account. For example, Lockwise is a secure password manager, and Monitor that notifies users if their email has been part of a known data breach.
Apple's latest marketing campaign — "Privacy. That's iPhone" — made us raise our eyebrows.
It's true that Apple has an impressive track record of protecting users' privacy, from end-to-end encryption on iMessage to anti-tracking in Safari.
But a key feature in iPhones has us worried, and makes their latest slogan ring a bit hollow.
Each iPhone that Apple sells comes with a unique ID (called an "identifier for advertisers" or IDFA), which lets advertisers track the actions users take when they use apps. It's like a salesperson following you from store to store while you shop and recording each thing you look at. Not very private at all.
These identifiers can already be manually reset under Settings > Privacy > Advertising on iOS devices and under Settings > General > Privacy on Apple TV, but Mozilla is asking for "a real cap" with an automatic monthly reset to make it "harder for companies to build a profile about you over time."
"If Apple makes this change, it won't just improve the privacy of iPhones — it will send Silicon Valley the message that users want companies to safeguard their privacy by default," wrote Ashley Boyd, Mozilla's VP of Advocacy.
Interest-based ads in the App Store and Apple News app are based on information such as your App Store search history and Apple News reading history. Apple makes it easy to opt out, but Mozilla argues that "most people don't know that feature even exists, let alone that they should turn it off."
Mozilla has announced a new security tool for users of its Firefox web browser. Called Firefox Monitor, the website lets visitors check if their accounts have been included in known data breaches and the types of data exposed in each breach.
The security tool is the result of a partnership between Mozilla and HaveIBeenPwned.com (HIBP), a site set up by security researcher Troy Hunt that includes a database of email addresses that are known to have been compromised in data breaches.
Thanks to the partnership, Firefox is able to check email addresses against the HIBP database via a method of anonymized data sharing (full details can be found in Troy Hunt's blog post). The new tool builds on Firefox's existing HIBP integration, which tells users if a site they are visiting was previously exposed in a data breach.
Mozilla has updated Firefox for iOS with some notable changes, including new iPad features and default tracking protection in both regular and private browsing sessions.
The additional privacy measure means users get automatic ad and content blocking when browsing unless they opt out, while those who want to selectively deploy Tracking Protection need only tap the menu button and slide the feature’s toggle.
On the iPad front, Mozilla has added the ability to re-order multiple open tabs to prioritize them. To do so, long-press a specific tab and drag it into the desired position. Meanwhile, in Split View, it’s now possible to share and open links by dragging and dropping them to and from Firefox to any application, whether they’re in an email or a tweet.
Firefox has also implemented new keyboard shortcuts for standard navigation, as well as several improvements for easier tab tray navigation, like Command-Option-Tab to get to and from the all tabs view. Users seeking more details on the full range of keyboard shortcuts available in Firefox can check Mozilla’s online guide.
Firefox for iOS is a free download for iPhone and iPad available on the App Store. [Direct Link]
Mozilla on Tuesday officially announced Firefox 57, the new "Quantum" version of its flagship desktop web browser for Mac, Linux, and Windows. Aside from a redesigned interface and a slew of new UI features, Mozilla says Quantum offers speeds twice as fast as Firefox 52 and a new engine that uses 30 percent less memory than Google Chrome.
The performance advantages are said to be down to Firefox's "just right" multi-process architecture, which uses separate processes to run its user interface and tabbed web page content. These additional processes are able to run across multiple CPU cores, making it much less likely for open web pages to negatively impact each other or the performance of the web browser in general.
While both Firefox and Chrome now run using multiple processes, Mozilla claims to have done things differently to avoid using up precious working memory. Chrome creates a separate content process for each open tab, and each tab typically consumes hundreds of megabytes of RAM, which has earned the browser a reputation as a resource hog.
Where Quantum differs, claims Mozilla, is in its more conservative approach to using multiple processes. By default, Firefox now creates up to four separate processes for web page content, so the first four tabs each use those four processes, and additional tabs run using threads within those processes. This leads to multiple tabs within a process sharing the browser engine that already exists in memory, instead of each one creating their own.
In addition to the under-the-hood improvements, the redesigned "Photon" user interface offers a less cluttered, more minimalist environment for browsing the web and aims to look better on modern high DPI displays. It also adds several new features including a built-in tool to take screenshots, and a new library for putting things like browsing history, bookmarks, Pocket lists, and synced tabs in one convenient place.
Firefox 57 also includes support for WebVR, which enables websites to take full advantage of VR headsets like the HTC Vive, while Mozilla's Pocket service is now more integrated in the browser and displays trending articles on the new tab page. Last but not least, a new feature called Tracking Protection blocks extensive requests for online user tracking. It works by default in the Private browsing window and Mozilla reckons it reduces the average page loading time by around 44 percent.
With all the changes, Firefox has had to lose support for many existing extensions written in XUL. Firefox Quantum only supports WebExtensions, which have more limitations, similar to Chrome extensions. Existing users can check the status of their extensions by navigating to Menu -> Add-Ons. Compatible ones are shown under "Extensions", while deactivated browser extensions appear under "Legacy Extensions" alongside an option to find the closest equivalent replacement available.
If you're already a Firefox user, you should receive an automatic upgrade to Quantum after restarting the browser. For everyone else, Firefox Quantum is available for macOS as a free download directly from the Mozilla website.
Mozilla released version 10 of its Firefox browser for iOS on Wednesday. With a new look the developers have dubbed "Photon", the update represents the Quantum release for mobile, boasting the same performance advantages as its forthcoming equivalent for desktops.
The more modern design aims to put users' needs first, with rearranged menus for easier access to the most-used features and an updated minimalist look.
A new application menu now sits at the bottom of the interface, providing quick links to top sites, bookmarks, reading list, history, Settings, and one-click options to enable Night Mode and hide images.
Elsewhere, a Page actions menu can be found in the address bar, containing frequently used actions like share, sync, or save content for later, as well as page search, pin site, and bookmark options.
In addition, the new tab screen has been overhauled, with icons that link to top sites from around the web and popular articles on Pocket, as well as pages you've recently visited or bookmarked.
Firefox will now show popular search suggestions by default as you type, while the QR code reader button has been moved up next to the address bar to make it easier to find. Also included in this release is Firefox's "Tracking Protection" privacy technology, which the company developed to mitigate invasive tracking of online activity.
Firefox 10 on iOS is a free download for iPhone and iPad available on the App Store. [Direct Link] The desktop version of Firefox Quantum is set for release on November 14.