Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
United Kingdom

UK Licensing Site Requires MSIE Emulation, But Won't Work With MSIE 143

Posted by timothy
from the strange-circlings-back dept.
Anne Thwacks writes The British Government web site for applying for for a licence to be a security guard requires a plugin providing Internet Explorer emulation on Firefox to login and apply for a licence. It won't work with Firefox without the add-on, but it also wont work with Internet Explorer! (I tried Win XP and Win7 Professional). The error message says "You have more than one browser window open on the same internet connection," (I didn't) and "to avoid this problem, close your browser and reopen it." I did. No change.

I tried three different computers, with three different OSes. Still no change. I contacted their tech support and they said "Yes ... a lot of users complain about this. We have known about it since September, and are working on a fix! Meanwhile, we have instructions on how to use the "Fire IE" plugin to get round the problem." Eventually, I got this to work on Win7pro. (The plugin will not work on Linux). The instructions require a very old version of the plugin, and a bit of trial and error is needed to get it to work with the current one. How can a government department concerned with security not get this sort of thing right?"
Chrome

Every Browser Hacked At Pwn2own 2015, HP Pays Out $557,500 In Awards 237

Posted by Soulskill
from the another-four-bite-the-dust dept.
darthcamaro writes: Every year, browser vendors patch their browsers ahead of the annual HP Pwn2own browser hacking competition in a bid to prevent exploitation. The sad truth is that it's never enough. This year, security researchers were able to exploit fully patched versions of Mozilla Firefox, Google Chrome, Microsoft Internet Explorer 11 and Apple Safari in record time. For their efforts, HP awarded researchers $557,500. Is it reasonable to expect browser makers to hold their own in an arms race against exploits? "Every year, we run the competition, the browsers get stronger, but attackers react to changes in defenses by taking different, and sometimes unexpected, approaches," Brian Gorenc manager of vulnerability research for HP Security Research said.
Firefox

Analysis: People Who Use Firefox Or Chrome Make Better Employees 127

Posted by Soulskill
from the also-handsomer-and-better-at-darts dept.
HughPickens.com writes: In the world of Big Data, everything means something. Now Joe Pinsker reports that Cornerstone OnDemand, a company that sells software that helps employers recruit and retain workers, has found after analyzing data on about 50,000 people who took its 45-minute online job assessment, that people who took the test on a non-default browser, such as Firefox or Chrome, ended up staying at their jobs about 15 percent longer than those who stuck with Safari or Internet Explorer. They also tended to perform better on the job as well. Chief Analytics Officer Michael Housman offered an explanation for the results in an interview with Freakonomics Radio: "I think that the fact that you took the time to install Firefox on your computer shows us something about you. It shows that you're someone who is an informed consumer," says Housman. "You've made an active choice to do something that wasn't default." But why would a company care about something as seemingly trivial as the browser a candidate chooses to use? "Call centers are estimated to suffer from a turnover rate of about 45 percent annually (PDF), and it can cost thousands of dollars to hire new employees," says Pinsker. "Because of that, companies are eager to find any proxy for talent and dedication that they can."
Mozilla

Mozilla: Following In Sun's Faltering Footsteps? 300

Posted by Soulskill
from the don't-let-the-sun-go-down-on-them dept.
snydeq writes: The trajectory of Mozilla, from the trail-blazing technologies to the travails of being left in the dust, may be seen as paralleling that of the now-defunct Unix systems giant Sun. The article claims, "Mozilla has become the modern-day Sun Microsystems: While known for churning out showstopping innovation, its bread-and-butter technology now struggles." It goes on to mention Firefox's waning market share, questions over tooling for the platform, Firefox's absence on mobile devices, developers' lack of standard tools (e.g., 'Gecko-flavored JavaScript'), and relatively slow development of Firefox OS, in comparison with mobile incumbents.
Chrome

Firefox 37 To Check Security Certificates Via Blocklist 29

Posted by timothy
from the making-a-list-pushing-it-multiple-times dept.
An anonymous reader writes The next version of Firefox will roll out a 'pushed' blocklist of revoked intermediate security certificates, in an effort to avoid using 'live' Online Certificate Status Protocol (OCSP) checks. The 'OneCRL' feature is similar to Google Chrome's CRLSet, but like that older offering, is limited to intermediate certificates, due to size restrictions in the browser. OneCRL will permit non-live verification on EV certificates, trading off currency for speed. Chrome pushes its trawled list of CA revocations every few hours, and Firefox seems set to follow that method and frequency. Both Firefox and Chrome developers admit that OCSP stapling would be the better solution, but it is currently only supported in 9% of TLS certificates.
Firefox

Firefox 36 Arrives With Full HTTP/2 Support, New Design For Android Tablets 147

Posted by Soulskill
from the onward-and-upward dept.
An anonymous reader writes: Mozilla today launched Firefox 36 for Windows, Mac, Linux, and Android. Additions to the browser include some security improvements, better HTML 5 support, and a new tablet user interface on Android. The biggest news for the browser is undoubtedly HTTP/2 support, the roadmap for which Mozilla outlined just last week. Mozilla plans to keep various draft levels of HTTP/2, already in Firefox, for a few versions. These will be removed "sometime in the near future." The full changelog is here.
Chrome

Ask Slashdot: Most Useful Browser Extensions? 353

Posted by Soulskill
from the still-waiting-on-an-extension-that-makes-me-lunch dept.
An anonymous reader writes: One of the most powerful features of modern browsers is the ability to install third-party extensions. They allow third-party developers to work on really useful niche functionality, and let users customize their browser with the tools they need. Unfortunately, this environment has the same discover-ability and security problems as standalone software. Thus, my question: what are your most useful (and safe) browser extensions? I can't live without some privacy basics like NoScript, AdBlock, and Ghostery. I also find FoxyProxy helpful for getting around geolocation requirements for media streaming. OneTab works pretty well for saving groups of browser tabs, and Pushbullet keeps getting better at managing my phone while I'm at my PC.
Mozilla

Firefox To Mandate Extension Signing 196

Posted by samzenpus
from the changing-things-up dept.
First time accepted submitter x0ra writes In a recent blog post, Mozilla announced its intention to require extensions to be signed in Firefox, without any possible user override. From the post: "For developers hosting their add-ons on AMO, this means that they will have to either test on Developer Edition, Nightly, or one of the unbranded builds. The rest of the submission and review process will remain unchanged, except that extensions will be automatically signed once they pass review. For other developers, this is a larger change. For testing development versions, they’ll have the same options available as AMO add-on developers. For release versions, however, we’re introducing the required step of uploading the extension file to AMO for signing. For most cases, this step will be automatic, but in cases where the extension doesn’t pass these tests, there will be the option to request a manual code review."
DRM

Kickstarted Firefox OS HDMI Dongle Delayed, DRM Support Being Added 106

Posted by Soulskill
from the surprise! dept.
An anonymous reader writes: You may recall last September when Mozilla and a new company named Matchstick announced a Kickstarter project for a new device that would compete with Google's Chromecast. It was an HDMI dongle for streaming media that runs on Firefox OS. They easily quadrupled their $100,000 funding goal, and estimated a ship date of February, 2015. Well, they emailed backers today to say that the Matchstick's release is being pushed back to August. They list a few reasons for the delay. For one, they want to upgrade some of the hardware: they're swapping the dual-core CPU for a quad-core model, and they're working on the Wi-Fi antenna to boost reception. But on the software side, the biggest change they mention is that they're adding support for DRM. This is a bit of a surprise, since all they said on the Kickstarter about DRM was that they hoped it would be handled "either via the playback app itself or the OS." Apparently this wasn't possible, so they're implementing Microsoft PlayReady tech on the Matchstick.
Firefox

Firefox Succeeded In Its Goal -- But What's Next? 296

Posted by Soulskill
from the building-actual-foxes-made-of-fire dept.
trawg writes: It's been more than 10 years since Mozilla released version 1.0 of Firefox, one of their first steps in their mission to 'preserve choice and innovation on the Internet'. Firefox was instrumental in shattering the web monoculture, but the last few years of development have left users uninspired. "Their goal was never to create the most popular browser in the world, or the one with the best UX, or the one with the most features, or the one with the best developer mode. ... It would be foolish to say a monoculture will never arise again (Google are making some scary moves with Chrome-only web applications). But at this point in time while Chrome is the ascendant browser (largely at the expense of Firefox), Mozilla’s ability to impact the web in general is greatly reduced." Perhaps it is time to move on to the next challenge — ensuring there is a strong Thunderbird to help preserve a free and open email ecosystem.
Advertising

Ask Slashdot: Gaining Control of My Mobile Browser? 223

Posted by Soulskill
from the lagging-utility dept.
An anonymous reader writes: I run Firefox with NoScript and FlashBlock at home. Browsing is easy, and I only have to enable scripts on a few sites. If they have 20+ scripts, I just surf somewhere else. Fast forward to the mobile experience. I had an Android device, but now I have an iPhone. In addition to the popup problem, and the fake "X" on ads, the iPhone browsers (Safari, Chrome, Opera) will start to show a site, then they will lock up for 10-30 seconds before finally becoming responsive. If I switch back to another app and then return to the browser, Safari and Chrome have a little delay, but Opera delays 20+ seconds before becoming responsive again.

Firefox is not available on the iPhone, so I can't simply run NoScript. Chrome does not appear to have a NoScript equivalent for mobile. What solutions are you using to make mobile browsing work?
Youtube

YouTube Ditches Flash For HTML5 Video By Default 225

Posted by Soulskill
from the now-if-they-can-ditch-the-commenters dept.
An anonymous reader writes: YouTube today announced it has finally stopped using Adobe Flash by default. The site now uses its HTML5 video player by default in Google's Chrome, Microsoft's IE11, Apple's Safari 8, and in beta versions of Mozilla's Firefox browser. At the same time, YouTube is now also defaulting to its HTML5 player on the web. In fact, the company is deprecating the "old style" Flash object embeds and its Flash API, pointing users to the iFrame API instead, since the latter can adapt depending on the device and browser you're using.
Opera

Opera Founder Is Back, WIth a Feature-Heavy, Chromium-Based Browser 158

Posted by timothy
from the sink-within-a-sink dept.
New submitter cdysthe writes Almost two years ago, the Norwegian browser firm Opera ripped out the guts of its product and adopted the more standard WebKit and Chromium technologies, essentially making it more like rivals Chrome and Safari. But it wasn't just Opera's innards that changed; the browser also became more streamlined and perhaps less geeky. Many Opera fans were deeply displeased at the loss of what they saw as key differentiating functionality. So now Jon von Tetzchner, the man who founded Opera and who would probably never have allowed those drastic feature changes, is back to serve this hard core with a new browser called Vivaldi. The project's front page links to downloads of a technical preview, available for Linux, Mac OS X, and Windows. Firefox users who likewise prefer a browser with more rather than fewer features (but otherwise want to stick with Firefox) might also consider SeaMonkey, which bundles not just a browser but email, newsgroup client and feed reader, HTML editor, IRC chat and web development tools.
Software

Windows 10 IE With Spartan Engine Performance Vs. Chrome and Firefox 181

Posted by Soulskill
from the attempting-to-battle-back dept.
MojoKid writes: In Microsoft's latest Windows 10 preview build released last week, Cortana made an entrance, but the much-anticipated Spartan browser did not. However, little did we realize that some of Spartan made the cut, in the form of an experimental rendering engine hidden under IE's hood. Microsoft has separated its Trident rendering engine into two separate versions: one is for Spartan, called EdgeHTML, while the other remains under its legacy naming with Internet Explorer. The reason Microsoft doesn't simply forego the older version is due to compatibility concerns. If you're running the Windows 10 9926 build, chances are good that you're automatically taking advantage of the new EdgeHTML engine in IE. To check, you can type 'about:flags' into the address bar. "Automatic" means that the non-Spartan Trident engine will be called-upon only if needed. In all other cases, you'll be taking advantage of the future Spartan web rendering engine. Performance-wise, the results with IE are like night and day in certain spots. Some of the improvements are significant. IE's Sunspider result already outperforms the competition, but it has been further improved. And with Kraken, the latency with the Spartan-powered Trident engine dropped 40%. Similar results are seen with a boost in the Octane web browser test as well.
Security

Adobe Patches One Flash Zero Day, Another Still Unfixed 49

Posted by timothy
from the cross-platform dept.
Trailrunner7 writes Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit. The vulnerability that Adobe patched Thursday is under active attack, but Adobe officials said that this flaw is not the one that security researcher Kafeine said Wednesday was being used in the Angler attacks. The patch for Flash comes just a day after Kafeine disclosed that some instances of the Angler exploit kit contained an exploit for a previously unknown vulnerability in the software. Adobe officials said Wednesday that they were investigating the reports. Kafeine initially saw Angler attacking the latest version of Flash in IE on Windows XP, Vista, 7 and 8, but said the exploit wasn't being used against Chrome or Firefox. On Thursday he said on Twitter that the group behind Angler had changed the code to exploit Firefox as well as fully patched IE 11 on Windows 8.1.
Internet Explorer

Time For Microsoft To Open Source Internet Explorer? 165

Posted by Soulskill
from the if-you-can't-beat-'em dept.
An anonymous reader writes: Ars Technica's Peter Bright argues that it's time for Microsoft to make Internet Explorer open source. He points out that IE's major competitors are all either fully open source (Firefox), or partially open source (Chrome, Safari, and Opera), and this puts Microsoft at a huge disadvantage. Bright says, "It's time for Microsoft to fit in with the rest of the browser industry and open up Trident. One might argue that this argument could be made of any software, and that Microsoft should by this logic open source everything. But I think that the browser is special. The community that exists around Web standards does not exist in the same way around, say, desktop software development, or file system drivers, or user interfaces. Development in the open is integral to the Web in an almost unique way. ... Although Microsoft has endeavored to be more open about how it's developing its browser, and which features it is prioritizing, that development nonetheless takes place in private. Developing in the open, with a public bug tracker, source code repositories, and public discussion of the browser's future direction is the next logical step."
Chrome

With Community Help, Chrome Could Support Side Tabs Extension 117

Posted by timothy
from the thinking-along-different-axes dept.
jones_supa writes The lack of a vertical tab strip (or "Tree Style Tab" as the Firefox extension is called) has been under a lot of discussion under Chrome/Chromium bug tracker. Some years ago, vertical tabs existed as an experimental feature enabled with a "secret" command line parameter, but that feature was eventually removed from the browser. Since then, Google has been rather quiet about whether such feature is still on the roadmap. Now, a Google engineer casts some light on the issue. He says that a tree-style interface for tabs would be overly complex as a native implementation, but Google would back the idea of improving the extensions interface to support a sidebar-like surface to render the tab UI on, if someone from the open source community would step forward to do the work to drive the feature to completion.
Firefox

Firefox 35 Arrives With MP4 Playback On Mac, Android Download Manager Support 177

Posted by Soulskill
from the onward-and-upward dept.
An anonymous reader writes: Mozilla today launched Firefox 35 for Windows, Mac, Linux, and Android. Major additions to the browser include room-based Firefox Hello conversations, H.264 (MP4 files) playback on OS X, and integration with the Android download manager. Mozilla has opened up the Firefox Marketplace for the desktop, currently in beta. While Firefox Marketplace is already available on Firefox OS and Firefox for Android, the company is now asking users to help test apps on Windows, Mac, and Linux. Full changelogs: desktop and Android.
Google

Google Sees Biggest Search Traffic Drop Since 2009 As Yahoo Gains Ground 155

Posted by Soulskill
from the and-we're-back dept.
helix2301 writes: Google's grip on the Internet search market loosened in December, as the search engine saw its largest drop since 2009. That loss was Yahoo's gain, as the Marissa Mayer-helmed company added almost 2% from November to December to bring its market share back into double digits. Google's lead remains overwhelming, with just more than three-quarters of search, according to SatCounter Global Stats. Microsoft's Bing gained some momentum to take 12.5% of the market. Yahoo now has 10.4%. All other search engines combined to take 1.9%.
Censorship

Inside North Korea's Naenara Browser 159

Posted by timothy
from the threat-is-right dept.
msm1267 (2804139) writes with this excerpt from Threatpost Up until a few weeks ago, the number of people outside of North Korea who gave much thought to the Internet infrastructure in that country was vanishingly small. But the speculation about the Sony hack has fixed that, and now a security researcher has taken a hard look at the national browser used in North Korea and found more than a little weirdness. The Naenara browser is part of the Red Star operating system used in North Korea and it's a derivative of an outdated version of Mozilla Firefox. The country is known to tightly control the communications and activities of its citizens and that extends online, as well. Robert Hansen, vice president of WhiteHat Labs at WhiteHat Security, and an accomplished security researcher, recently got a copy of Naenara and began looking at its behavior, and he immediately realized that every time the browser loads, its first move is to make a request to a non-routable IP address, http://10.76.1.11./ That address is not reachable from networks outside the DPRK.

"Here's where things start to go off the rails: what this means is that all of the DPRK's national network is non-routable IP space. You heard me; they're treating their entire country like some small to medium business might treat their corporate office," Hansen wrote in a blog post detailing his findings. "The entire country of North Korea is sitting on one class A network (16,777,216 addresses). I was always under the impression they were just pretending that they owned large blocks of public IP space from a networking perspective, blocking everything and selectively turning on outbound traffic via access control lists."