For years, Mozilla has largely neglected development of Thunderbird, an email client it owns. But the company, which grew its team to eight staff last year, says it plans to address most of the issues that users have complained about and add six more people to Thunderbird staff this year, it said in a blog post. In the blog post Wednesday, the company said: Our hires are already addressing technical debt and doing a fair bit of plumbing when it comes to Thunderbird's codebase. Our new hires will also be addressing UI-slowness and general performance issues across the application. This is an area where I think we will see some of the best improvements in Thunderbird for 2019, as we look into methods for testing and measuring slowness -- and then put our engineers on architecting solutions to these pain points. Beyond that, we will be looking into leveraging new, faster technologies in rewriting parts of Thunderbird as well as working toward a multi-process Thunderbird.

[...] For instance, one area of usability that we are planning on addressing in 2019 is integration improvements in various areas. One of those in better Gmail support, as one of the biggest email providers it makes sense to focus some resources on this area. We are looking at addressing Gmail label support and ensuring that other features specific to the Gmail experience translate well into Thunderbird. We are looking at improving notifications in Thunderbird, by better integrating with each operating system's built-in notification system. By working on this feature Thunderbird will feel more "native" on each desktop and will make managing notifications from the app easier.

The UX/UI around encryption and settings will get an overhaul in the coming year, whether or not all this work makes it into the next release is an open question â" but as we grow our team this will be a focus. It is our hope to make encrypting Email and ensuring your private communication easier in upcoming releases, we've even hired an engineer who will be focused primarily on security and privacy.

Some Firefox users yesterday started seeing an ad in the desktop version of the browser. It offers users a $20 Amazon gift card in return for booking your next hotel stay via Booking.com. VentureBeat reached out to Mozilla, which confirmed the ad was a Firefox experiment and that no user data was being shared with its partners. From a report: The ad appears at the bottom of Firefox's new tab page on the desktop version with a "Find a Hotel" button that takes the user to a Booking.com page. The text reads: "Ready to schedule that next family reunion? Here's a thank you from Firefox. Book your next hotel stay on Booking.com today and get a free $20 Amazon gift card. Happy Holidays from Firefox! (Restrictions apply)." A second version reads: "For the holidays, we got you a little something just for using Firefox! Book your next hotel stay on Booking.com today and get a free $20 Amazon gift card. Happy Holidays from Firefox! (Restrictions apply.)"

An anonymous reader quotes Neowin: Every time Microsoft releases a Windows 10 feature update, it runs some efficiency tests to prove that its Edge browser is significantly faster than the competition, which includes Mozilla Firefox and Google Chrome. Then the company posts the detailed results on its Windows blog and YouTube channel, boasting about the power efficiency of its browser. Even though the company still has run battery tests, it has remained strangely silent about them, posting about it on GitHub only. While many thought that Microsoft's silence on the matter was due to Edge finally losing to the competition, it appears that this is not the case.

As spotted by Paul Thurrott, Microsoft has indeed run efficiency tests for Edge in Windows 10 version 1809, pitting it against the likes of Firefox and Chrome. Through these tests, the company has concluded that Edge lasts 24% longer than Chrome and a massive 94% longer than Firefox on average.
"While Edge appears to have won these efficiency tests easily as well, it is likely that the company did not decide to promote this achievement -- as it has always done previously -- because of the planned abandonment of EdgeHTML in favor of Chromium," the article concludes.

"It will be very interesting to see if Microsoft Edge is able to maintain its battery advantage once the switch to Chromium is complete."

Starting Tuesday, Firefox will nudge you to try out options designed to make the web more interesting, more useful or more productive. From a report: Mozilla's new Firefox 64 keeps an eye on what you're up to and prompts you to try extensions and features that could help you with that activity, the browser maker said. For example, if you open the same tab lots of times, it could suggest you pin it to your tab strip for easier future access. Other suggestions include installing the Facebook Container extension to curtail the social network's snooping, a Google Translate extension to tap into Google's service, and the Enhancer for YouTube extension to do things like block ads and control playback on Google's video site.

The feature could help you customize Firefox more to your liking -- something that could help you stick with the browser in the face of Google Chrome's dominance. And that, in turn, could help Mozilla pursue its push toward a privacy-respecting web that's not just effectively controlled by Chrome.

Malware authors, ad farmers, and scammers are abusing a Firefox bug to trap users on malicious sites. From a report: This wouldn't be a big deal, as the web is fraught with this kind of malicious sites, but these websites aren't abusing some new never-before-seen trick, but a Firefox bug that Mozilla engineers appear to have failed to fix in the 11 years ever since it was first reported back in April 2007. The bug narrows down to a malicious website embedding an iframe inside their source code. The iframe makes an HTTP authentication request on another domain.

[...] For the past few years, malware authors, ad farmers, and scammers have been abusing this bug to lure users on sites where they show all sorts of nasties, such as tech support scams, ad farms that reload the page with new ads in a loop, pages that push users to buy fake gift cards, or sites that offer malware-laced software updates. Whenever users try to leave, the owners of these shady sites trigger the authentification modal in a loop.

"The Rust programming language team has announced the first major edition of Rust since 1.0 was released in 2015," reports SD Times -- specifically, Rust 1.31, the first edition of "Rust 2018," described by Rust's developers as "the culmination of feature stabilization."

An anonymous reader writes: The Rust team is working hard to maintain backwards compatibility, for example with the way they're handling the ongoing addition of an async/await feature. "Even though the feature hasn't landed yet, the keywords are now reserved," notes the Rust Team. "All of the breaking changes needed for the next three years of development (like adding new keywords) are being made in one go, in Rust 1.31." The keyword "try" has now also been reserved, but "Almost all of the new features are 100% compatible with Rust as it is. They don't require any breaking changes... New versions of the compiler will continue to support "Rust 2015 mode", which is what you get by default... [Y]ou could think of Rust 2018 as the specifier in Cargo.toml that you use to enable the handful of features that require breaking changes."

The Rust language's blog adds, "Your 2018 project can use 2015 dependencies, and a 2015 project can use 2018 dependencies. This ensures that we don't split the ecosystem, and all of these new things are opt-in, preserving compatibility for existing code. Furthermore, when you do choose to migrate Rust 2015 code to Rust 2018, the changes can be made automatically, via cargo fix." Tooling improvements include faster and smarter "incremental" compilation (along with better IDE support), plus the addition of function-like and attribute-like (procedural) macros. There's also a rustfmt tool which can automatically reformat your code's style "like clang format does for C++ and Prettier does for JavaScript," plus an optional diagnostics linter named clippy, and automated code fixes via rustfix. There's even upgrades to Rust's module system and other path clarity improvements.
But this is only the beginning, SD Times reports: With the release of Rust 2018, the team is now starting to look at Rust's future. The team is asking developers to reflect on what they liked, didn't like or hoped to see in Rust during the last year, and propose any goals or directions for the upcoming year.

With the news earlier today that Microsoft is embracing Chromium for Edge browser development on the desktop, VentureBeat decided to see what the other browser companies had to say about the decision. From the report: Google largely sees Microsoft's decision as a good thing, which is not exactly a surprise given that the company created the Chromium open source project. "Chrome has been a champion of the open web since inception and we welcome Microsoft to the community of Chromium contributors. We look forward to working with Microsoft and the web standards community to advance the open web, support user choice, and deliver great browsing experiences."

Mozilla meanwhile sees Microsoft's move as further validation that users should switch to Firefox. "This just increases the importance of Mozilla's role as the only independent choice. We are not going to concede that Google's implementation of the web is the only option consumers should have. That's why we built Firefox in the first place and why we will always fight for a truly open web." Mozilla regularly points out it develops the only independent browser -- meaning it's not tied to a tech company that has priorities which often don't align with the web. Apple (Safari), Google (Chrome), and Microsoft (Edge) all have their own corporate interests.

Opera thinks Microsoft is making a smart move, because it did the same thing six years ago. "We noticed that Microsoft seems very much to be following in Opera's footsteps. Switching to Chromium is part of a strategy Opera successfully adopted in 2012. This strategy has proved fruitful for Opera, allowing us to focus on bringing unique features to our products. As for the impact on the Chromium ecosystem, we are yet to see how it will turn out, but we hope this will be a positive move for the future of the web."

Google and Mozilla are heading a group that is devising a way for users to save changes they make using web apps. From a report: The idea is to allow users to save changes they've made using web apps, without the hassle of having to download new files after each edit, as is necessary today. "Today, if a user wants to edit a local file in a web app, the web app needs to ask the user to open the file," said Google developer advocate Pete LePage. "Then, after editing the file, the only way to save changes is by downloading the file to the Downloads folder, or having to replace the original file by navigating the directory structure to find the original folder and file. This user experience leaves a lot to be desired, and makes it hard to build web apps that access user files."

To this end, the W3C Web Incubator Community Group (WICG), which is chaired by representatives from Chrome developer Google and Firefox developer Mozilla, is working on developing the new Writable Files API, which would allow web apps running in the browser to open a file, edit it, and save the changes back to the same file. However, the group says the biggest challenge will be guarding against malicious sites seeking to abuse persistent access to files on a user's system. "By far the hardest part for this API is of course going to be the security model to use," warns the WICG's explainer page for the API. "The API provides a lot of scary power to websites that could be abused in many terrible ways."

Mozilla has released its second annual "Privacy Not Included" guide that rates 70 products to help give you an idea as to how secure or insecure they are. "We want to provide people information about how to make informed decisions when shopping for gifts that are connected to the internet," says Ashley Boyd, vice president of advocacy at Mozilla. "These products are becoming really popular. And in some cases, it's easy to forget that they're even connected to the internet." Wired reports: Among the important signifiers of a trustworthy stocking stuffer, according to Mozilla's rubric: the use of encryption, pushing automatic software security updates, strong password hygiene, a way to deal with vulnerabilities should they arise, and a privacy policy that doesn't take a PhD to parse. The most surprising result of Mozilla's testing may be how many products actually earned its seal of approval. Thirty-three of the 70 items in the "Privacy Not Included" guide passed muster; fans of the Nintendo Switch, Google Home, and Harry Potter Kano Coding Kit can sleep a little easier.

On the other end of the scale, Mozilla highlighted seven products that may not hit the mark -- yes, including the sous vide wand, the Anova Precision Cooker. Also scoring low marks in Mozilla's accounting: the DJI Spark Selfie Drone (no encryption, does not require users to change the default password), the Parrot Bebop 2 drone (no encryption, complex privacy policy), and unsurprisingly, at least one baby monitor. The remaining 30 items on the list all exist somewhere in the murky middle, usually because Mozilla was unable to confirm at least one attribute. Which may be the real takeaway from the report: Typically, you have no reasonable way to find out if a given internet-connected device is secure. "If you can't tell, that says that there's a problem of communication between manufacturers and consumers," says Boyd. "We would love for makers of these products to be more clear and more transparent about what they're doing and not doing. That's a big place we think change is needed."

The Firefox Test Pilot team on Monday rolled out two new experimental features, one of which is aimed to make this year's holiday shopping a bit easier on your wallet. It's called Price Wise, and it's an online shopping comparison tool that lets you add items from across several retailers to a Price Watcher list. From a report: When a price drops, a notification is automatically sent to your browser, and you can click regardless of what web page you are currently on. For now, Price Wise tracks just five retailers -- Amazon, Best Buy, eBay, Walmart, and the Home Depot -- but the company said it's planning on expanding to cover more outlets in the future.

Elsewhere, Mozilla is also rolling out a new feature called Email Tabs as part of its early adopter program. While Mozilla already offers a service for bookmarking content to read later via Pocket, Email Tabs enables users to choose multiple tabs and send links to one or more of them to their Gmail address. There are a number of options here. Users can choose to send links with screenshots, just links, or links with full articles. Price Wise is only available to users in the U.S. for now.

The New York Times reports that in Silicon Valley, "a wariness that has been slowly brewing is turning into a regionwide consensus: The benefits of screens as a learning tool are overblown, and the risks for addiction and stunting development seem high." One Facebook engineer doesn't allow his own kids to have any screen time, according to this article shared by schwit1, and even Chris Anderson, the former editor of Wired, believes screen time is addictive for children. "On the scale between candy and crack cocaine, it's closer to crack cocaine," Mr. Anderson said of screens. Technologists building these products and writers observing the tech revolution were naive, he said. "We thought we could control it. And this is beyond our power to control. This is going straight to the pleasure centers of the developing brain... I didn't know what we were doing to their brains until I started to observe the symptoms and the consequences... We glimpsed into the chasm of addiction, and there were some lost years, which we feel bad about...."

Tim Cook, the C.E.O. of Apple, said earlier this year that he would not let his nephew join social networks. Bill Gates banned cellphones until his children were teenagers, and Melinda Gates wrote that she wished they had waited even longer. Steve Jobs would not let his young children near iPads. But in the last year, a fleet of high-profile Silicon Valley defectors have been sounding alarms in increasingly dire terms about what these gadgets do to the human brain. Suddenly rank-and-file Silicon Valley workers are obsessed. No-tech homes are cropping up across the region. Nannies are being asked to sign no-phone contracts....

John Lilly, a Silicon Valley-based venture capitalist with Greylock Partners and the former C.E.O. of Mozilla, said he tries to help his 13-year-old son understand that he is being manipulated by those who built the technology. "I try to tell him somebody wrote code to make you feel this way-- I'm trying to help him understand how things are made, the values that are going into things and what people are doing to create that feeling," Mr. Lilly said. "And he's like, 'I just want to spend my 20 bucks to get my Fortnite skins.'"
What do Slashdot's reader think? Should parents end 'screen time' for children?

Mozilla today launched Firefox 63 for Windows, Mac, Linux, and Android. The release brings Enhanced Tracking Protection, performance improvements on Windows and macOS, search shortcuts, and Picture-In-Picture on Android. From a report: Firefox 63 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. According to Mozilla, Firefox has about 300 million active users. In other words, it's a major platform that web developers must consider. Firefox 63 for desktop brings support for Enhanced Tracking Protection. [...] Firefox 63's Enhanced Tracking Protection blocks cookies and storage access from third-party trackers, which Mozilla says targets the problem of cross-site tracking without breaking sites and impacting revenue streams like the original Tracking Protection. It does this by preventing known trackers from setting third-party cookies -- the primary method of tracking across sites -- but still gives you the option to block all known trackers (under Firefox Options/Preferences).

[...] Search shortcuts essentially pins sites like Google and Amazon on the new tab page. When you click or tap them, you're redirected to Firefox's awesome bar, which automatically fills the corresponding keyword (@google or @amazon in this case) for the search engine. This way, you can type your query, hit enter, and get your search results without having to first load the Google or Amazon homepage. [...] The only major new feature for this Firefox for Android release is a picture-in-picture mode (Android Oreo and up). This means that if you're watching a video in full-screen, when you switch away from Firefox it will move the video into a small floating window, which you can tap to return to the full video player.

Mozilla is reportedly preparing to offer a VPN service for Firefox users to help protect them when surfing the web. According to Trusted Reviews, Mozilla has partnered with the ProtonVPN service, "with a new notification piping-up when the browser detects an unsecured connection, or in a scenario when VPN might be preferable to users." From the report: However, it appears Firefox users will have to pay for the privilege. Austrian site Soeren-hentzschel reports the premium VPN service will be $10 a month, which is what ProtonVPN charges its users. Users will receive a "Firefox Recommends" pop-up when browsing an unsecured wireless network. The pop-up says the VPN service will provide a "private and secure' internet connection. According to the reports, a subset of Firefox 62 users in the United States will begin receiving the pop-up from today. Mozilla will reportedly get a cut of any subscription fee handed over by users to access the VPN service. MSPowerUser points out that this will be the first advertised service that costs money for Firefox users.

The head of the Mozilla Foundation, Mitchell Baker, is warning that companies need to diversify their hiring practices to include more people from backgrounds in philosophy and psychology if they want to tackle the problem of misinformation online. He also "warned that hiring employees who mainly come from Stem -- science, technology, engineering and maths -- will produce a new generation of technologists with the same blindspots as those who are currently in charge, a move that will 'come back to bite us,'" reports the Guardian. From the report: "Stem is a necessity, and educating more people in Stem topics clearly critical," Baker told the Guardian. "Every student of today needs some higher level of literacy across the Stem bases. "But one thing that's happened in 2018 is that we've looked at the platforms, and the thinking behind the platforms, and the lack of focus on impact or result. It crystallized for me that if we have Stem education without the humanities, or without ethics, or without understanding human behavior, then we are intentionally building the next generation of technologists who have not even the framework or the education or vocabulary to think about the relationship of Stem to society or humans or life."

"Stem is a necessity, and educating more people in Stem topics clearly critical," Baker told the Guardian. "Every student of today needs some higher level of literacy across the Stem bases. "But one thing that's happened in 2018 is that we've looked at the platforms, and the thinking behind the platforms, and the lack of focus on impact or result. It crystallized for me that if we have Stem education without the humanities, or without ethics, or without understanding human behavior, then we are intentionally building the next generation of technologists who have not even the framework or the education or vocabulary to think about the relationship of Stem to society or humans or life."

Starting with Firefox 64, RSS/Atom feed support will be handled via add-ons, rather than in-product. Mozilla's Gijs Kruitbosch writes: After considering the maintenance, performance and security costs of the feed preview and subscription features in Firefox, we've concluded that it is no longer sustainable to keep feed support in the core of the product. While we still believe in RSS and support the goals of open, interoperable formats on the Web, we strongly believe that the best way to meet the needs of RSS and its users is via WebExtensions.

With that in mind, we have decided to remove the built-in feed preview feature, subscription UI, and the "live bookmarks" support from the core of Firefox, now that improved replacements for those features are available via add-ons.

By virtue of being baked into the core of Firefox, these features have long had outsized maintenance and security costs relative to their usage. Making sure these features are as well-tested, modern and secure as the rest of Firefox would take a surprising amount of engineering work, and unfortunately the usage of these features does not justify such an investment: feed previews and live bookmarks are both used in around 0.01% of sessions.

Today, Mozilla, along with Omidyar Network, Schmidt Futures, and Craig Newmark Philanthropies, is launching a competition for professors and educators to effectively integrate ethics into computer science education at the undergraduate level. From a report: The context, called the Responsible Computer Science Challenge, will award up to $3.5 million over the next two years to proposals focused on how to make ethics relevant to young technologists. "You can't take an ethics course from 50 or even 25 years ago and drop it in the middle of a computer science program and expect it to grab people or be particularly applicable," Mitchell Baker, the founder and chairwoman of the Mozilla Foundation, said. "We are looking to encourage ways of teaching ethics that make sense in a computer science program, that make sense today, and that make sense in understanding questions of data."

Firefox has joined Google's WebP party, another endorsement for the internet giant's effort to speed up the web with a better image format. From a report: Google revealed WebP eight years ago and since then has built it into its Chrome web browser, Android phone software and many of its online properties in an effort to put websites on a diet and cut network data usage. But Google had trouble encouraging rival browser makers to embrace it. Mozilla initially rejected WebP as not offering enough of an improvement over more widely used image formats, JPEG and PNG. It seriously evaluated WebP but chose to try to squeeze more out of JPEG. But now Mozilla -- like Microsoft with its Edge browser earlier this week -- has had a change of heart. "Mozilla is moving forward with implementing support for WebP," the nonprofit organization said. WebP will work in versions of Firefox based on its Gecko browser engine, Firefox for personal computers and Android but not for iOS.

Jean-Baptiste Kempf, president of VideoLan and developer of VLC media player, made the following announced Monday: AV1 is a new video codec by the Alliance for Open Media, composed of most of the important Web companies (Google, Facebook, Netflix, Amazon, Microsoft,...). AV1 has the potential to be up to 20% better than the HEVC codec, but the patents license is totally free, while HEVC patents licenses are insanely high and very confusing.

The reference decoder for AV1 is great, but it's a research codebase, so it has a lot to improve. Therefore, the VideoLAN, VLC and FFmpeg communities have started to work on a new decoder, sponsored by the Alliance of Open Media. The goal of this new decoder is: be small, be as fast as possible, be very cross-platform, correctly threaded, libre and (actually) Open Source. Without further due, the code: https://code.videolan.org/videolan/dav1d Recommended: A talk during VDD 2018 conference about dav1d.

Mozilla announced today a new recovery option for Firefox Accounts, the user system included inside the Firefox browser. ZDNet: Starting today, users can generate a one-time recover key that will be associated with their account, and which they can use to regain access to Firefox data if they ever forget their passwords. Firefox Accounts is included with all recent versions of the Firefox browser.

Most users are familiar with it because of Firefox Sync, the system that synchronizes Firefox data such as passwords, browsing history, open tabs, bookmarks, installed add-ons, and general browser options between multiple Firefox instances. But while Sync does the actual synchronization, Firefox Accounts is at the core of Sync and is the system that manages the identities of Firefox users. Sync works by taking a user's Firefox account password and encrypting the user's browser data on the local computer.

Earlier this year, Mozilla announced Firefox Monitor, a service that will inform you if your online accounts were hacked in a recent data breach. It's now available to general public. A report adds: For the new security-focused tool, Mozilla partnered with Troy Hunt, the renowned security expert behind Have I Been Pwned? (HIBP), which is a database of data breaches that allows anyone to discover whether one of their online accounts has been compromised. The first iteration of Firefox Monitor is, for all intents and purposes, a clone of HIBP. After you enter your email address and hit the scan button, you're told which online services have leaked your personal details (if any). You can also sign up to be notified of any future data breaches involving one or more of your email addresses.