The Linux Foundation-backed project OpenTofu "has gotten legal pushback from HashiCorp," according to a report — just seven months after forking OpenTofu's code from HashiCorp's IT deployment software Terraform: On April 3, HashiCorp issued a strongly-worded Cease and Desist letter to OpenTofu, accusing that the project has "repeatedly taken code HashiCorp provided only under the Business Software License (BSL) and used it in a manner that violates those license terms and HashiCorp's intellectual property rights." It goes on to note that "In at least some instances, OpenTofu has incorrectly re-labeled HashiCorp's code to make it appear as if it was made available by HashiCorp originally under a different license." Last August, HashiCorp announced that it would be transitioning its software from the open source Mozilla Public License (MPL 2.0) to the Business Source License (BSL), a license that permits the source to be viewed, but not run in production environments without explicit approval by the license owner. HashiCorp gave OpenTofu until April 10 to remove any allegedly copied code from the OpenTofu repository, threatening litigation if the project fails to do so.
Others are also covering the fracas, including Steven J. Vaughan-Nichols at DevOps.com: OpenTofu replied, "The OpenTofu team vehemently disagrees with any suggestion that it misappropriated, mis-sourced, or otherwise misused HashiCorp's BSL code. All such statements have zero basis in facts." In addition, it said, HashiCorp's claims of copyright infringement are completely unsubstantiated. As for the code in question, OpenTofu claims it can clearly be shown to have been copied from older code under the Mozilla Public License (MPL) 2.0. "HashiCorp seems to have copied the same code itself when they implemented their version of this feature. All of this is easily visible in our detailed SCO analysis, as well as their own comments."

In a detailed source code origination (SCO) examination of the problematic source code, OpenTofu stated that HashiCorp was mistaken. "We believe that this is just a case of a misunderstanding where the code came from." OpenTofu maintains the code was originally licensed under the MPL, not the BSL. If so, then OpenTofu was perfectly within its right to use the code in its codebase...

[OpenTofu's lawyer] concluded, "In the future, if you should have any concerns or questions about how source code in OpenTofu is developed, we would ask that you contact us first. Immediately issuing DMCA takedown notices and igniting salacious negative press articles is not the most helpful path to resolving concerns like this."

On Mozilla's blog, engineer Martin Thomson explores Google's "Privacy Sandbox" initiative (which proposes sharing a subset of private user information — but without third-party cookies).

The blog post concludes that Google's Protected Audience "protects advertisers (and Google) more than it protects you." But it's not all bad — in theory: The idea behind Protected Audience is that it creates something like an alternative information dimension inside of your (Chrome) browser... Any website can push information into that dimension. While we normally avoid mixing data from multiple sites, those rules are changed to allow that. Sites can then process that data in order to select advertisements. However, no one can see into this dimension, except you. Sites can only open a window for you to peek into that dimension, but only to see the ads they chose...

Protected Audience might be flawed, but it demonstrates real potential. If this is possible, that might give people more of a say in how their data is used. Rather than just have someone spy on your every action then use that information as they like, you might be able to specify what they can and cannot do. The technology could guarantee that your choice is respected. Maybe advertising is not the first thing you would do with this newfound power, but maybe if the advertising industry is willing to fund investments in new technology that others could eventually use, that could be a good thing.
But here's some of the blog post's key criticisms:

• "[E]ntities like Google who operate large sites, might rely less on information from other sites. Losing the information that comes from tracking people might affect them far less when they can use information they gather from their many services... [W]e have a company that dominates both the advertising and browser markets, proposing a change that comes with clear privacy benefits, but it will also further entrench its own dominance in the massively profitable online advertising market..."

• "[T]he proposal fails to meet its own privacy goals. The technical privacy measures in Protected Audience fail to prevent sites from abusing the API to learn about what you did on other sites.... Google loosened privacy protections in a number of places to make it easier to use. Of course, by weakening protections, the current proposal provides no privacy. In other words, to help make Protected Audience easier to use, they made the design even leakier..."

• "A lot of these leaks are temporary. Google has a plan and even a timeline for closing most of the holes that were added to make Protected Audience easier to use for advertisers. The problem is that there is no credible fix for some of the information leaks embedded in Protected Audience's architecture... In failing to achieve its own privacy goals, Protected Audience is not now — and maybe not ever — a good addition to the Web."

Steven J. Vaughan-Nichols, writing for ComputerWorld: Essentially, all software is built using open source. By Synopsys' count, 96% of all codebases contain open-source software. Lately, though, there's been a very disturbing trend. A company will make its program using open source, make millions from it, and then -- and only then -- switch licenses, leaving their contributors, customers, and partners in the lurch as they try to grab billions. I'm sick of it. The latest IT melodrama baddie is Redis. Its program, which goes by the same name, is an extremely popular in-memory database. (Unless you're a developer, chances are you've never heard of it.) One recent valuation shows Redis to be worth about $2 billion -- even without an AI play! That, anyone can understand.

What did it do? To quote Redis: "Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1). Consequently, Redis will no longer be distributed under the three-clause Berkeley Software Distribution (BSD)." For those of you who aren't open-source licensing experts, this means developers can no longer use Redis' code. Sure, they can look at it, but they can't export, borrow from, or touch it.

Redis pulled this same kind of trick in 2018 with some of its subsidiary code. Now it's done so with the company's crown jewels. Redis is far from the only company to make such a move. Last year, HashiCorp dumped its main program Terraform's Mozilla Public License (MPL) for the Business Source License (BSL) 1.1. Here, the name of the new license game is to prevent anyone from competing with Terraform. Would it surprise you to learn that not long after this, HashiCorp started shopping itself around for a buyer? Before this latest round of license changes, MongoDB and Elastic made similar shifts. Again, you might never have heard of these companies or their programs, but each is worth, at a minimum, hundreds of millions of dollars. And, while you might not know it, if your company uses cloud services behind the scenes, chances are you're using one or more of their programs,

An anonymous reader quotes a report from KrebsOnSecurity: The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep's CEO to admit that he has founded dozens of people-search networks over the years. Mozilla only began bundling Onerep in Firefox last month, when it announced the reputation service would be offered on a subscription basis as part of Mozilla Monitor Plus. Launched in 2018 under the name Firefox Monitor, Mozilla Monitor also checks data from the website Have I Been Pwned? to let users know when their email addresses or password are leaked in data breaches. On March 14, KrebsOnSecurity published a story showing that Onerep's Belarusian CEO and founder Dimitiri Shelest launched dozens of people-search services since 2010, including a still-active data broker called Nuwber that sells background reports on people. Onerep and Shelest did not respond to requests for comment on that story.

But on March 21, Shelest released a lengthy statement wherein he admitted to maintaining an ownership stake in Nuwber, a consumer data broker he founded in 2015 -- around the same time he launched Onerep. Shelest maintained that Nuwber has "zero cross-over or information-sharing with Onerep," and said any other old domains that may be found and associated with his name are no longer being operated by him. "I get it," Shelest wrote. "My affiliation with a people search business may look odd from the outside. In truth, if I hadn't taken that initial path with a deep dive into how people search sites work, Onerep wouldn't have the best tech and team in the space. Still, I now appreciate that we did not make this more clear in the past and I'm aiming to do better in the future." The full statement is available here (PDF).

In a statement released today, a spokesperson for Mozilla said it was moving away from Onerep as a service provider in its Monitor Plus product. "Though customer data was never at risk, the outside financial interests and activities of Onerep's CEO do not align with our values," Mozilla wrote. "We're working now to solidify a transition plan that will provide customers with a seamless experience and will continue to put their interests first." KrebsOnSecurity also reported that Shelest's email address was used circa 2010 by an affiliate of Spamit, a Russian-language organization that paid people to aggressively promote websites hawking male enhancement drugs and generic pharmaceuticals. As noted in the March 14 story, this connection was confirmed by research from multiple graduate students at my alma mater George Mason University.

Shelest denied ever being associated with Spamit. "Between 2010 and 2014, we put up some web pages and optimize them -- a widely used SEO practice -- and then ran AdSense banners on them," Shelest said, presumably referring to the dozens of people-search domains KrebsOnSecurity found were connected to his email addresses (dmitrcox@gmail.com and dmitrcox2@gmail.com). "As we progressed and learned more, we saw that a lot of the inquiries coming in were for people." Shelest also acknowledged that Onerep pays to run ads on "on a handful of data broker sites in very specific circumstances." "Our ad is served once someone has manually completed an opt-out form on their own," Shelest wrote. "The goal is to let them know that if they were exposed on that site, there may be others, and bring awareness to there being a more automated opt-out option, such as Onerep."

An anonymous reader writes: Mozilla Firefox 124 looks like a small update that only updates the Caret Browsing mode to also work in the PDF viewer and adds support for the Screen Wake Lock API to prevent devices from dimming or locking the screen when an application needs to keep running. The Firefox View feature has been updated as well in this release to allow users to sort open tabs by either recent activity (default setting) or tab order. Also, Firefox 124 expands Qwant's availability to all languages in the France region along with Belgium, Italy, Netherlands, Spain, and Switzerland.

This release also adds support for using HTTP(S) and relative URLs when creating WebSockets, as well as support for the AbortSignal: any() static method, which takes an iterable of abort signals and returns an AbortSignal (more details are available here). For Android users, Firefox 124 enables the Pull to Refresh feature, which is now more robust than ever, by default and adds support for the HTML drag and drop API when using a mouse, which accepts plain text or HTML text by the drop operation from external apps.

For macOS users, this release uses the fullscreen API for all types of full-screen windows, promising a better match to the expected macOS user experience for full-screen spaces, the Menubar, and the Dock. If you want to disable this feature, you'll need to set the full-screen-api.macos-native-full-screen preference to false in about:config. For Windows users, this release adds the ability to populate the Windows taskbar jump list more efficiently. According to Mozilla, this change should allow for a "smoother overall browsing experience."

Mozilla Location Service offered "a free, open way to offer GPS-style location detection features" for developers on devices without GPS hardware, remembers the Linux blog OMG Ubuntu. It used signals like Wi-Fi access points and Bluetooth beacons "without any of the privacy implications most competing geolocation services have."

But Friday they reported that Mozilla "has announced it is ending access to Mozilla Location Service (MLS), which provides accurate, privacy-respecting, and crowdsourced geolocation data." Developers and 3rd-party projects that use MLS to detect a users' location, such as the freedesktop.org location framework GeoClue, which is used by apps like GNOME Maps and Weather, have only a few months left to continue using the service... In late March, POST data submissions will return 403 responses. Finally, on June 12, all 3rd-party API keys will be removed and MLS data only accessible by Mozilla...

MLS' accuracy has declined in recent years. Patent infringement claims in 2019 saw Mozilla reach a settlement to avoid litigation. As part of that settlement it was forced to make changes to MLS that impacted its ability to invest in (commercially exploit?) and improve the service.
The article notes that GeoClue "already supports multiple location detection methods, including IP-based ones," so it should continue operating.

"But the sad reality is that there just aren't a lot of free, open, privacy-friendly, accurate, and (rather importantly for a framework built in to Linux desktops) reliable alternatives to Mozilla Location Services, which has built up a colossal 'signal map' from which to pinpoint locations."

"We are grateful for the contributions of the community to MLS to both the code and the dataset," a Mozilla senior engineering manager said in a statement.

Contributors from Apple, Google, Microsoft, and Mozilla, writing for BrowserBench: Since the initial version of the Speedometer benchmark was released in 2014 by the WebKit team, it has become a key tool for browser engines to drive performance optimizations as users and developers continue to demand richer and smoother experiences online.

We're proud to release Speedometer 3.0 today as a collaborative effort between the three major browser engines: Blink, Gecko, and WebKit. Like previous releases (Speedometer 2 in 2018 and Speedometer 1 in 2014), it's designed to measure web application responsiveness by simulating user interactions on real web pages. Today's release of Speedometer 3.0 marks a major step forward in web browser performance testing: it introduces a better way of measuring performance and a more representative set of tests that reflect the modern Web.

This is the first time the Speedometer benchmark, or any major browser benchmark, has been developed through a cross-industry collaboration supported by each major browser engine: Blink/V8, Gecko/SpiderMonkey, and WebKit/JavaScriptCore. It's been developed under a new governance model, driven by consensus, and is hosted in a shared repository that's open to contribution. This new structure involves a lot of collective effort: discussions, research, debates, decisions, and hundreds of PRs since we announced the project in December 2022.

Speedometer 3 adds many new tests. We started designing this new benchmark by identifying some key scenarios and user interactions that we felt were important for browsers to optimize. In particular, we added new tests that simulate rendering canvas and SVG charts (React Stockcharts, Chart.js, Perf Dashboard, and Observable Plot), code editing (CodeMirror), WYSIWYG editing (TipTap), and reading news sites (Next.js and Nuxt.js).

Jess Weatherbed reports via The Verge: Apple's iOS 17.4 update is now available, introducing new emoji and a cryptographic security protocol for iMessage, alongside some major changes to the App Store and contactless payments for the iPhone platform in Europe. Apple is making several of these changes to comply with the EU's Digital Markets Act (DMA), a law that aims to make the digital economy fairer by removing unfair advantages that tech giants hold over businesses and end users. iOS 17.4 will allow third-party developers to offer alternative app marketplaces and app downloads to EU users from outside the iOS App Store. Developers wanting to take advantage of this will be required to go through Apple's approval process and pay Apple a "Core Technology Fee" that charges 50 euro cents per install once an app reaches 1 million downloads annually. iPhone owners in the EU will see different update notes that specifically mention new options available for app stores, web browsers, and payment options.

The approval process may take some time, but we know that at least one enterprise-focused app marketplace from Mobivention will be available on March 7th. Epic is also working on releasing the Epic Game Store on iOS in 2024, and software company MacPaw is planning to officially launch its Setapp store in April. iOS 17.4 allows people in the EU to download alternative browser engines that aren't based on Apple's WebKit, such as Chrome and Firefox, with a new choice screen in iOS Safari that will prompt users to select a default browser when opened for the first time. While no browser alternatives have been officially announced, both Google and Mozilla are currently experimenting with new iOS browsers that could eventually be released to the public.

Apple is also introducing new APIs that allow third-party developers to utilize the iPhone's NFC payment chip for contactless payment services besides Apple Pay and Apple Wallet in the European Economic Area. No alternative contactless providers have been confirmed yet, but users will find a list of apps that have requested the feature under Settings > Privacy & Security > Contactless & NFC. While Apple previously revealed it was planning to drop support for progressive web apps (PWAs) in the EU to avoid building "an entirely new integration architecture" around DMA compliance, the company now says it will "continue to offer the existing Home Screen web apps capability" for EU users. However, these homescreen apps will still run using WebKit technology, with no option to be powered by third-party browser engines.

Americans filing their taxes could face privacy threats, reports the Washington Post: "We just need your OK on a couple of things," TurboTax says as you prepare your tax return.

Alarm bells should be ringing in your head at the innocuous tone.

This is where America's most popular tax-prep website asks you to sign away the ironclad privacy protections of your tax return, including the details of your income, home mortgage and student loan payments. With your permission to blab your money secrets, the company earns extra income from showing you advertisements for the next three years for things like credit cards and mortgage offers targeted to your financial situation.

You have the legal right to say no when TurboTax asks for your permission to "share your data" or use your tax information to "improve your experience...."
The article complains that granting permission allows TurboTax to share details with "sibling" companies "such as your salary, the amount of your tax refund, whether you received a tax break for student loans and the day you printed your tax return..."

"You'll see that permission request once near the beginning of the tax prep process. If you skip it then, you'll see the same screen again near the end. You'll have to say yes or no..." This is part of the corporate arms race for your personal data. Everyone including the grocery store, your apps and the manufacturer of your car are gobbling information to profit from details of your life. With TurboTax, though, you have the power to refuse to participate...

TurboTax and the online tax prep service from H&R Block have been asking every year to blab your tax return. We've cautioned you about it for each of the past two tax filing seasons. (I focused only on TurboTax this year.)

"A lot of that AI chatbots that you spend days talking to push hard on getting more and more private information from you," writes longtime Slashdot reader michelcultivo, sharing a report from Gizmodo.

"To be perfectly blunt, AI girlfriends and boyfriends are not your friends," says Misha Rykov, a Mozilla Researcher from the company's *Privacy Not Included project. "Although they are marketed as something that will enhance your mental health and well-being, they specialize in delivering dependency, loneliness, and toxicity, all while prying as much data as possible from you." Gizmodo reports: Mozilla dug into 11 different AI romance chatbots, including popular apps such as Replika, Chai, Romantic AI, EVA AI Chat Bot & Soulmate, and CrushOn.AI. Every single one earned the Privacy Not Included label, putting these chatbots among the worst categories of products Mozilla has ever reviewed. You've heard stories about data problems before, but according to Mozilla, AI girlfriends violate your privacy in "disturbing new ways." For example, CrushOn.AI collects details including information about sexual health, use of medication, and gender-affirming care. 90% of the apps may sell or share user data for targeted ads and other purposes, and more than half won't let you delete the data they collect. Security was also a problem. Only one app, Genesia AI Friend & Partner, met Mozilla's minimum security standards.

One of the more striking findings came when Mozilla counted the trackers in these apps, little bits of code that collect data and share them with other companies for advertising and other purposes. Mozilla found the AI girlfriend apps used an average of 2,663 trackers per minute, though that number was driven up by Romantic AI, which called a whopping 24,354 trackers in just one minute of using the app. The privacy mess is even more troubling because the apps actively encourage you to share details that are far more personal than the kind of thing you might enter into a typical app. EVA AI Chat Bot & Soulmate pushes users to "share all your secrets and desires," and specifically asks for photos and voice recordings. It's worth noting that EVA was the only chatbot that didn't get dinged for how it uses that data, though the app did have security issues. [...]

Less than a week after naming Laura Chambers as interim CEO, Firefox's maker Mozilla said it is cutting about 60 jobs, or 5% of its workforce. The cuts are primarily in the product development organization. Bloomberg reports: "We're scaling back investment in some product areas in order to focus on areas that we feel have the greatest chance of success," Mozilla said in a statement. "We intend to re-prioritize resources against products like Firefox Mobile, where there's a significant opportunity to grow and establish a better model for the industry."

Mozilla last cut a significant number of jobs four years ago at the height of the Covid-19 pandemic. The not-for-profit company, which competes with Alphabet Inc.'s Google Chrome, Apple Inc.'s Safari and Microsoft Corp.'s Edge, has been grappling with sliding market share of its Firefox web browser in recent years. So far in 2024, the tech sector has cut 32,000 jobs.

Remember "Servo," Mozilla's "next-generation browser engine," focused on performance and robustness?

"The developers of Servo are starting 2024 by going all in..." reports It's FOSS News, citing a social media post from FOSDEM. "[T]he Servo Project team were there showing off the work done so far." If you were not familiar, Servo is an experimental browser engine that leverages the power of Rust to provide a memory-safe and modular experience that is highly adaptable. After Mozilla created Servo back in 2012 as a research project, it saw its share of ups and downs over the years, with it making a comeback in 2023; thanks to a fresh approach by the developers on how Servo should move forward.

Even though there are plenty of open source Chrome alternatives, with this, there's a chance that we will get some really cool options based on Servo that just might give Blink and Gecko a run for the money! Just a few months back, in September 2023, after The Servo Project officially joined Linux Foundation Europe, the existing contributors from Igalia stepped up their game by taking over the project maintenance. To complement that, at Open Source Summit Europe last year, Manuel Rego from Igalia shared some really useful insights when he presented.

He showcased stuff like the WebGL support, cross-platform support including mobile support for Android and Linux, among other things. They have experimented with Servo for embedded applications use-cases (like running it on Raspberry Pi), and have plans to make advances on it. As far as I can see, it looks like, Servo is faster for Raspberry Pi compared to Chromium. You can explore more such demos on Servo's demo webpage.
2024's roadmap includes "Initial Android support, that will see Servo being made to build on modern Android versions," according to the article, "with the developers publishing nightly APKs on the official website some time in the future."

One fun fact? "Even though Mozilla dropped the experimental project, Firefox still utilizes some servo components in the browser"

Another FOSDOM update from social media: "Thunderbird is also embracing Rust."

Mozilla, which manages the open-source Firefox browser, announced today that Mitchell Baker is stepping down as CEO to focus on AI and internet safety as chair of the nonprofit foundation. Laura Chambers, a Mozilla board member and entrepreneur with experience at Airbnb, PayPal, and eBay, will step in as interim CEO to run operations until a permanent replacement is found. Fortune: Baker, a Silicon Valley pioneer who co-founded the Mozilla Project, says it was her decision to step down as CEO, adding that the move is motivated by a sense of urgency over the current state of the internet and public trust. "We want to offer an alternative for people to have better products," says Baker, who wants to draw more attention to policies, products and processes to challenge business models built on fueling outrage. "What are the connections between this global malaise and how humans are engaging with each other and technology?"

Chambers says she plans to focus on building out new products that address growing privacy concerns while actively looking for a full-time CEO. Prior to being recruited to the Mozilla board three years ago, Chambers says she was feeling "pretty disillusioned" about society because of the influence of money in politics and the growing power of the tech giants. "I was confused about what to do and this felt like a genuine way to make an impact." Chambers says she won't be seeking a permanent CEO role because she plans to move back to Australia later this year for family reasons. "I think this is an example of Mozilla doing the right role modelling in how to manage a succession," says Chambers.

Apple is making changes to iOS in Europe to comply with the EU's Digital Markets Act cracking down on Big Tech gatekeepers. The act demands interoperability, fairness and privacy measures including allowing competing browser engines on iOS. Despite better browser choice, Google and Mozilla are unhappy with Apple's proposed changes. Mozilla says restricting browser engine integration to EU apps burdens rivals to build separate implementations. Mozilla's comment: "We are still reviewing the technical details but are extremely disappointed with Apple's proposed plan to restrict the newly-announced BrowserEngineKit to EU-specific apps. The effect of this would be to force an independent browser like Firefox to build and maintain two separate browser implementations -- a burden Apple themselves will not have to bear. Apple's proposals fail to give consumers viable choices by making it as painful as possible for others to provide competitive alternatives to Safari. This is another example of Apple creating barriers to prevent true browser competition on iOS." Google's VP of engineering for Chrome, Parisa Tabriz, commented on DeMonte's statement, saying, "Strong agree with Mozilla. Apple isn't serious about supporting web browser or engine choice on iOS. Their strategy is overly restrictive, and won't meaningfully lead to real choice for browser developers."

Mozilla has rolled out a new $9 per month service called Mozilla Monitor Plus that automatically scrubs personal information from over 190 data broker sites. The tool builds on the free Firefox Monitor platform, expanding monitoring capabilities and proactively removing exposed details to protect user privacy. Subscribers will also receive data breach alerts under the new service.

Mozilla claims in a new 74-page research report that Microsoft "repeatedly uses harmful design" and "dark patterns" to push users toward Microsoft Edge and away from rival browsers like Mozilla's Firefox or Google's Chrome browser. PCMag: "Microsoft uses the harmful preselection, visual interference, trick wording, and disguised ads patterns to skew user choice," the report argues, adding that "Microsoft's harmful design practices mean users are unable to download, install, use, or set as default an alternative browser without interference." The researchers claim this harms consumers because they can experience "distortion of choice," lose trust in the broader tech industry, and even possibly experience "emotional distress" as a result of Microsoft's efforts.

For the study, user experiences were tested on Windows 10 Home and Windows 11 Pro as well as the Windows 11 Home Insider Preview Version. The UK-based testers did not attempt to use a VPN to change or hide their IP addresses during their investigation. While Microsoft recently said it will allow users in the European Union to uninstall Edge as part of its efforts to comply with the Digital Markets Act (DMA), it's unclear whether US, UK, or other users around the globe could ever get the same option. Some Windows 11 users can remove five other apps that come preinstalled, however.

Apple's new rules in the European Union mean browsers like Firefox can finally use their own engines on iOS. Although this may seem like a welcome change, Mozilla spokesperson Damiano DeMonte tells The Verge it's "extremely disappointed" with the way things turned out. From a report: "We are still reviewing the technical details but are extremely disappointed with Apple's proposed plan to restrict the newly-announced BrowserEngineKit to EU-specific apps," DeMonte says. "The effect of this would be to force an independent browser like Firefox to build and maintain two separate browser implementations -- a burden Apple themselves will not have to bear." In iOS 17.4, Apple will no longer force browsers in the EU to use WebKit, the underlying engine that powers Safari. The change opens the door for other popular engines, such as Blink, which is used by Google Chrome and Microsoft Edge, as well as Gecko, the engine used by Firefox. It also means third-party browsers could become fully functional on iOS without any of the limitations that come along with WebKit.

Linux Mint 21.3 is now available to download, reports the blog OMG Obuntu.

It's the first version to offer Wayland support in its Cinnamon desktop: Following a successful bout of bug-busting in last month's beta release, Mint devs have gone ahead and rubber-stamped a stable release. Thus, you can reasonably expect to not encounter any major issues when installing or using it... [I]t's based on Ubuntu 22.04 LTS and continues to use the Linux 5.15 kernel by default, but newer kernels are available to install within the OS...

In my own testing I find Cinnamon's Wayland support to be well-rounded. It's not perfect but I didn't hit any major snafus that prevented me from working (though admittedly I did only attempt 'basic' tasks like web browsing, playing music, and adding applets). However, Cinnamon's Wayland support is in an early state, is not enabled by default, and Linux Mint devs expect it won't be good enough for everyone until the 23.x series (due 2026) at the earliest. Still, try it out yourself and see if it works for you. Select the 'Cinnamon on Wayland (Experimental)' session from the login screen session selector, and then login as normal...

Additionally, the latest version of Mozilla Firefox is pre-installed (as a deb, not a Snap)
Among the new features are a whole new category of desktop add-ons — "Actions" — which upgrade the right-clicking context menu. (So for .iso files there's two new choices: "Verify" or "Make bootable USB stick".)

The article says there's also "a raft of smaller refinements," plus "a bevvy of buffs and embellishments" for Linux Mint's homegrown apps.

Any Linux Mint users reading Slashdot? Share your thoughts or experiences in the comments...

"For the last few years, Mozilla has started to look beyond Firefox," writes TechCrunch, citing startup investments like Mastodon's client Mammoth and the Fakespot browser extension that helps identify fake reviews. But Mozilla has also launched Mozilla.ai (added a bunch of new AI-focused members to its board).

In an interview with TechCrunch, Mozilla's president and executive director Mark Surman clarifies their plans, saying that Mozilla.ai "had a broad mandate around finding open source, trustworthy AI opportunities and build a business around them." "Quickly, Moez [Draief], who runs it, made it about how do we leverage the growing snowball of open source large language models and find a way to both accelerate that snowball but also make sure it rolls in a direction that matches our goals and matches our wallet belt...." Right now, Surman argued, it remains hard to for most developers — and even more so for most consumers — to run their own models, even as more open source models seemingly launch every day. "What Mozilla.ai is focused on really is almost building a wrapper that you can put around any open source large language model to fine-tune it, to build data pipelines for it, to make it highly performant."
While much work is in stealth mode, TechCrunch predicts "we'll hear quite a bit more in the coming months." Meanwhile, the open source and AI communities are still figuring out what exactly open source AI is going to look like. Surman believes that no matter the details of that, though, the overall principles of transparency and freedom to study the code, modify it and redistribute it will remain key... "We probably lean towards that everything should be open source — at least in a spiritual sense. The licenses aren't perfect and we are going to do a bunch of work in the first half of next year with some of the other open source projects around clarifying some of those definitions and giving people some mental models...."

With a small group of very well-funded players currently dominating the AI market, he believes that the various open source groups will need to band together to collectively create alternatives. He likened it to the early era of open source — and especially the Linux movement — which aimed to create an alternative to Microsoft...

Surman seems to be optimistic about Mozilla's positioning in this new era of AI, though, and its ability to both use it to further its mission and create a sustainable business model around it. "All this that we are going to do is in the kind of service of our mission. And some of that, I think, will just have to be purely a public good," he said. "And you can pay for public goods in different kinds of way, from our own resources, from philanthropy, from people pooling resources. [...] It's a kind of a business model but it's not commercial, per se. And then, the stuff we're building around communal AI hopefully has a real enterprise value if we can help people take advantage of open source large language models, effectively and quickly, in a way that is valuable to them and is cheaper than using open AI. That's our hope."
And what about Firefox? "I think you'll see the browser evolve," says Mozilla's president. "In our case, that's to be more protective of you and more helpful to you.

"I think it's more that you use the predictive and synthesizing capabilities of those tools to make it easier and safer to move through the internet."

Mozilla closed out 2023 with a report that dodges its flatlining browser market share and Mozilla.social beta in favor of calls for a faster pace from its highly paid CEO. From a report: According to the company's filings, Mitchell Baker's compensation went from $5,591,406 in 2021 to $6,903,089 in 2022. It's quite the jump considering that revenues declined from $527,585,000 to $510,389,000 in the same period. Despite the executive payout, Firefox continues to trail Google and even Microsoft in desktop browser market share. While it has not suffered any catastrophic losses, neither has it made any significant gains.

Baker, however, would very much like to speed things up and says in the State of Mozilla report: "The pace is not enough, the impact is not enough." Unsurprisingly for a technology company, the report is heavy on AI going mainstream where Mozilla reckons it can make an impact in the technology, particularly with regard to open source developers and privacy. Mozilla's adventures in AI? The organization says it has 15 engineers working on open source large language models and is working on use cases in the healthcare space. Moez Draief, managing director of Mozilla.ai, said: "There's a lot of structured data work in that industry that will feed the language models; we don't have to invent it."