Firefox 83 Released With Warp'ed JavaScript, HTTPS-Only Mode Option
Most notable with Firefox 83 is the SpiderMonkey "Warp" upgrade aiming to deliver better website responsiveness and other real-world JavaScript performance improvements. Mozilla describes the Warp benefits as "improved page load performance by up to 15%, page responsiveness by up to 12%, and reduced memory usage by up to 8%. We have replaced part of the JavaScript engine that helps to compile and display websites for you, improving security and maintainability of the engine at the same time."
Firefox 83 also ships with an option for an HTTPS-only mode whereby every Firefox connection aims to be secure and will warn the user should HTTPS not be supported.
Mozilla Punts Servo Web Engine Development To The Linux Foundation
Ever since the mass layoffs at Mozilla earlier this year and some Mozilla projects in jeopardy many have been wondering: what about Servo? Well, today it's heading off to the Linux Foundation.
Mozilla and the Linux Foundation are jointly announcing this morning that the Servo web engine development will now be hosted by the Linux Foundation.
The Rust-written code-base that's served as a long in development "next-gen" web engine at Mozilla will now be developed under the Linux Foundation umbrella. Besides Mozilla, this move has the support of other industry stakeholders like Samsung and Let's Encrypt.
See also: Firefox 84 Beta Begins Enabling WebRender By Default On Linux
Chrome 87 Released With More Performance Improvements
Google Is Already Experimenting With WebP2 As Successor To WebP Image Format
Previously: Mozilla Lays Off 250, Including Entire Threat Management Team
Following Layoffs, Mozilla and Core Rust Developers Are Forming a Rust Foundation
Related Stories
Mozilla lays off 250 employees while it refocuses on commercial products
The Mozilla Corporation announced today it was laying off approximately 250 staff members in a move to shore up the organization's financial future.
The layoffs were publicly announced in a blog post today. Employees were notified hours before, earlier this morning, via an email [PDF] sent by Mitchell Baker, Mozilla Corporation CEO and Mozilla Foundation Chairwoman.
Baker's message cited the organization's need to adapt its finances to a post-COVID-19 world and re-focus the organization on new commercial services.
[...] In 2018, the Mozilla Corporation said it had around 1,000 full-time employees worldwide. Mozilla previously laid off 70 employees in January. Several sources have told ZDNet that the recent layoffs accounted for nearly a quarter of the organization's workforce.
Main casualties of today's layoffs were the developers working on the company's experimental Servo browser engine and Mozilla's threat management security team. The latter is the security team that investigates security reports and performs incident response. The security team that fixes bugs in Mozilla products is still in place, according to sources and a Mozilla spokesperson.
Changing World, Changing Mozilla
Also at TechCrunch and The Verge.
Rust Core Team + Mozilla To Create A Rust Foundation
Rust's core team and Mozilla are announcing plans to create a Rust foundation with the hopes of establishing this legal entity by year's end. The trademarks and related assets of Rust, Cargo, and Crates.io will belong to this foundation. Work is well underway on establishing this foundation with originally coming to the idea of possibly creating an independent Rust foundation last year, now pushed along by the recent Mozilla layoffs and the global pandemic. This should allow the Rust community more safety rather than being reliant upon a sole organization (Mozilla) and help foster growth and open up new possibilities.
Lay(off)ing the foundation for Rust's future
Previously: Mozilla Lays Off 250, Including Entire Threat Management Team
Related: Linus Torvalds: Don't Hide Rust in Linux Kernel; Death to AVX-512
Mozilla Announces "Open Web Docs" Following Last Year's Layoffs
Last year during the big round of layoffs at Mozilla the entire Mozilla Developer Network (MDN) writers team was laid off. That was a particularly sad blow considering how valuable the MDN documentation has been to web developers as a very useful resource. Today the Mozilla folks are announced Open Web Docs in seemingly looking to have the community take over.
Following those unfortunate layoffs last summer, they exposed all of the Mozilla Developer Network documentation to GitHub. Now they are announcing the Open Web Docs organization.
"Open Web Docs (OWD) is an open collective, created in collaboration between several key MDN partner organizations to ensure the long-term health of open web platform documentation on de facto standard resources like MDN Web Docs, independently of any single vendor or organization. It will do this by collecting funding to finance writing staff and helping manage the communities and processes that will deliver on present and future documentation needs," was written on the Mozilla Hacks blog.
Previously: Mozilla Lays Off 250, Including Entire Threat Management Team
Following Layoffs, Mozilla and Core Rust Developers Are Forming a Rust Foundation
A Pretty Dire Assessment of Mozilla
Firefox 83 Released; Mozilla Kicks Rusty "Servo" Web Engine to the Linux Foundation
(Score: 3, Insightful) by The Mighty Buzzard on Wednesday November 18 2020, @10:27PM (1 child)
You mean the Linux Foundation actually does something besides spout big corporate propaganda? Well now, learn something new every day.
My rights don't end where your fear begins.
(Score: 5, Funny) by takyon on Wednesday November 18 2020, @10:38PM
I'm sure they will give it the level of attentive stewardship that it deserves.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 4, Insightful) by SomeGuy on Wednesday November 18 2020, @10:41PM (12 children)
This should not be a thing.
An HTTPS only internet (it will no longer be The Web) is something that only Nazis with a certificate sales hard-on wants.
(Score: 4, Interesting) by takyon on Wednesday November 18 2020, @10:47PM (8 children)
Don't self-signed certificates and the Let's Encrypt CA avert that?
Also, if The Web gets too bad (and it is kinda bad), you will be voluntarily relocated to the Dark One.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Wednesday November 18 2020, @11:08PM (2 children)
setting aside all the possible shenenigans that identification of sites and encrypting coms with those sites might allow i think the big news is that the behemoth and show-case of closed source has totally and utterly lost the internet wars: open-source_code browsers and webservers are now probably 100% market share. so there's reason to hope and forks are available at the buffet ^_^
(Score: 3, Insightful) by Anonymous Coward on Thursday November 19 2020, @12:02AM (1 child)
Too-big-to-audit replaced closed source. How many people with the knowledge and skills to really understand the code aren't already on Google's payroll? How many have the time? Qt/GTK ports of spend all of their time playing catch-up with upstream...
(Score: 0) by Anonymous Coward on Thursday November 19 2020, @12:36AM
True, but with access to the source code people can dig and find the source of various problems. So it would be difficult to audit the entire codebase reliably, but if some nefarious behavior is noticed then it isn't as difficult to find the cause.
(Score: 4, Insightful) by unauthorized on Wednesday November 18 2020, @11:53PM (1 child)
All mainstream browsers will cry bloody murder at self-signed certificates. Let's Encrypt is a gatekeeper even if it's a free one.
(Score: 3, Insightful) by Anonymous Coward on Thursday November 19 2020, @12:05AM
"Let's Encrypt is a gatekeeper even if it's a free one."
The first one is ALWAYS free.
(Score: 5, Informative) by Pino P on Thursday November 19 2020, @03:51AM (2 children)
Self-signed certificates cause the browser to present a scary interstitial notice and are not compatible [stackoverflow.com] with JavaScript APIs restricted to secure contexts [pineight.com].
To use Let's Encrypt, a server must first have a fully-qualified domain name (FQDN). In particular, mDNS names ending in .local are ineligible. This means good luck using HTTPS with the router, printer, NAS, or other "Internet of things" devices on your home LAN.
Yes, I'm aware of the Plex workaround [filippo.io]. The publisher of Plex media streaming software operates a dynamic DNS service and acts as a DigiCert reseller for its subscribers. Nowadays, the dynamic DNS service alone would be enough, provided that the provider is on the Public Suffix List so as not to trip the 20 certificate per week limit that Let's Encrypt applies to each registrable domain name. I just see it as something that the manufacturer of a networked appliance can deliberately cease providing the day a product's warranty expires, leading to more e-waste. And I doubt the Raspberry Pi Foundation is willing to offer this sort of dynamic DNS service for web-based configuration of server applications installed on a Raspberry Pi computer.
How do you assign a FQDN to each networked device on your LAN?
(Score: 3, Informative) by darkfeline on Thursday November 19 2020, @04:40AM (1 child)
Just make your own certificate authority and issue your own certs. Add your authority as trusted to your devices/applications. Simple. FreeNAS even has an out of the box UI for making certs.
Join the SDF Public Access UNIX System today!
(Score: 0) by Anonymous Coward on Thursday November 19 2020, @07:07PM
This. Openssl works like a charm at the CLI on Linux.
(Score: 2) by RamiK on Thursday November 19 2020, @12:16AM
Would you rather have ISPs keep collecting "metadata" on voters and sell it to partisan think-tanks that render it into targeted political advertising?
compiling...
(Score: 0) by Anonymous Coward on Thursday November 19 2020, @07:08AM (1 child)
Since when options should not be a thing?
(Score: 3, Insightful) by maxwell demon on Thursday November 19 2020, @02:19PM
This is Mozilla we are talking about. If they add an option, chances are that soon that option will be set by default, and not much longer until the possibility to disable it will be removed. Well, unless the option is useful; in that case they'll probably remove the possibility of using that option at some time later, hurting all those who came to rely on its presence.
The Tao of math: The numbers you can count are not the real numbers.