Stories
Slash Boxes
Comments

SoylentNews is people

Mozilla Acquires Pocket, Will Open Source Pocket Code

posted by on Tuesday February 28 2017, @01:01PM   Printer-friendly
from the what-has-it-got-in-its-pockets? dept.

An Anonymous Coward writes:

https://blog.mozilla.org/blog/2017/02/27/mozilla-acquires-pocket/

Mozilla had previously made Pocket a mandatory part of Firefox and that really annoyed a lot of people because Pocket's business model was to spy on users for profit. This acquisition gives me hope that the spying will be eliminated, making Pocket - which is a genuinely useful tool - safe for all to use.

Pocket will join Mozilla's product portfolio as a new product line alongside the Firefox web browsers with a focus on promoting the discovery and accessibility of high quality web content. (Here's a link to their blog post on the acquisition). Pocket's core team and technology will also accelerate Mozilla's broader Context Graph initiative.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Mozilla Acquires Pocket, Will Open Source Pocket Code | Log In/Create an Account | Top | 43 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Hyperturtle on Tuesday February 28 2017, @08:50PM (1 child)

    by Hyperturtle (2824) on Tuesday February 28 2017, @08:50PM (#473030)

    Erase them from the line about the about:config. and the other things that alarm you, but keep in mind what things do.

    here are the answers you seek; check the "pocket*" wildcard below.

    https://noscript.net/faq [noscript.net]

    1.5
    Q: What websites are in the default whitelist and why?
    A: If you're a security-minded user, you probably want to build your own customized whitelist suiting your needs and keep it as short as you can.
    Therefore, when you install NoScript for the first time, you've got a very short default whitelist of sites you can trust:

            chrome:
            It can't be removed because it is the privileged pseudo-protocol used by Firefox internal scripts: disabling it would prevent the browser itself from working.
            about:xyz, moz-safe-about:, resource:
            A bunch of internal pseudo URLs. They can't be removed because they help your browser to work as expected.
            blob:, mediasource:
            Internal pseudo URLs identifying content generated by a script. They can't be removed because if you have these on a page, you already allowed the script generating them, so no point treating them separately.
            about:pocket*
            Internal URLs of the Pocket service, distributed as part of Firefox.
            addons.mozilla.org and mozilla.net
            The add-ons Mozilla website and the domain serving its static content for performance reasons. You probably installed NoScript and any other extension you've got from there. Also, they are the same people who made your browser - you trust these guys, don't you?
            persona.org
            Persona, the privacy-friendly, hassle-free distributed sign-on system created and promoted by Mozilla.
            noscript.net
            You just installed NoScript on your system, running with the privileges of your web browser. If you don't trust it, you've got a much bigger problem than JavaScript on its website (strictly HTTPS) ;)
            paypal.com, paypalobjects.com (Paypal)
            securecode.com, securesuite.net, firstdata.com, firstdata.lv (required by popular credit card verification systems)
            youtube.com, ytimg.com, googlevideo.com
            Youtube, where basic video reproduction may work scriptless, but most other features require them
            netflix.com, nflxext.com, nflximg.com, nflxvideo.net
            required for Netflix video playback
                    google.com, ajax.googleapis.com, maps.googleapis.com, and gstatic.com (GMail, Google Maps and other Google services)
                    hotmail.com, msn.com, passport.com, passport.net, passportimages.com, live.com, live.net, outlook.com, afx.ms, gfx.ms, sfx.ms, wlxrs.com (Microsoft webmail services)
                    yahoo.com, yimg.com, yahooapis.com (Yahoo! Mail)
            All these sites have been added to enable JavaScript on the most popular AJAX-based webmail services "out of the box". This way, even if some users installs NoScript without understanding what they're doing, and they've got no idea about how NoScript works, they can still ask for help by email.
            ajax.aspnetcdn.com bootstrapcdn.com code.jquery.com yandex.st tinymce.cachefly.net
            CDNs providing common, well known and verified JavaScript libraries and frameworks to popular websites.

    Obviously, if any of the entries above (except chrome: and some about:xyz ones) bothers you for any reason, you can delete it at any time by using either NoScript Options|Whitelist|Remove or the regular Forbid commands.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by FatPhil on Wednesday March 01 2017, @12:22PM

    by FatPhil (863) <reversethis-{if.fdsa} {ta} {tnelyos-cp}> on Wednesday March 01 2017, @12:22PM (#473275) Homepage
    Thanks for that. Searching found some other worried souls:
    https://www.helpnetsecurity.com/2015/07/01/researchers-point-out-the-holes-in-noscripts-default-whitelist/
    http://www.xed.ch/b/2016/1202.html
    Gonna do some editting...
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves