Comment Re:Bad Idea (Score 1) 73
A public benefit corporation wholly owned by a non-profit foundation. If you don't think this approach furthers the mission please let us know.
Comment Re:It's OSS (Score 1) 276
SSLed checksums for the binaries... oh, wait, Mozilla doesn't bother publishing those, for some reason.
Really? So what are these, then? https://archive.mozilla.org/pub/mozilla.org/firefox/releases/3.6/SHA1SUMS
We don't advertise it because anyone competent to check SHA1 hashes should be able to check PGP signatures, and the mirror network scales unlike hosting everything ourselves. Obviously the SSL server is not mirrored because giving out the cert would make it pointless.
Comment Re:Pretty neat. (Score 1) 284
Much better to use the Add-on Compatibility Reporter https://addons.mozilla.org/en-US/firefox/addon/15003
It will enable all your officially incompatible addons just like the pref, and you can help by reporting your add-ons as working fine or not compatible (reporting is completely optional).
Comment Re:Wise or not, what choice do they really have? (Score 2, Informative) 346
The issue at hand is the CEO of a for-profit organization backed by a non-profit organization, and hence pays no taxes whatsoever on the $66 million some of which goes into obscene CEO profits.
The Mozilla Corporation pays taxes on everything it earns just like every other taxable corporation. It is not allowed to share money back with the Foundation or risk costing the Foundation its non-profit status.
Proton Beams Sent Around the LHC 115
feldhaus writes "The BBC reports that the first beams for over one year have been successfully sent around the complete circumference of the Large Hadron Collider. Engineers do not yet have a stable circulating beam but they hope to by 0600 GMT on Saturday."
Comment Re:CLEAR PRIVATE DATA DOES NOT WORK. (Score 1) 673
It _does_ work unless you hit some bug (and there have been some that affect some people). If you were an early adopter in particular there were some database corruption issues. If that's the case deleting the places database is often the best fix (especially if there's nothing in there you care about -- you're clearing private data, right?). Instructions at http://support.mozilla.com/ for this and other common problems.
The other issue is that the url bar shows both history and bookmarks. Obviously people don't want to clear their bookmarks so some data still shows up even after clearing history. This issue has been addressed in Firefox 3.5 with an option to not show bookmarks in the URL bar (on the Privacy tab in Options).
Shaw Cable Again Blocks Firewire On Canadian Set-Top Boxes 257
WestCoastSuccess writes with this excerpt: "A year and a half ago, Canada's Shaw Cable began encrypting channels with the '0x02' flag. This flag has the effect of making the IEEE1394 (Firewire) output useless to customers who use third-party PVRs (such as the excellent MythTV, for example). After complaints to the CRTC and Industry Canada about this practice, the encryption flag was dropped on most channels and the Firewire connection again functioned. Until last night, that is."
AT&T Makes Its Terms of Service Even Worse, To Discourage Lawsuits 412
techmuse writes "AT&T has changed its terms of service (including for existing contracts) to prevent class action suits. Note that you are already required to submit your case to arbitration, a forum in which consumers are often at a substantial disadvantage. Now you must go up against AT&T alone." This post on David Farber's mailing list provides a bit of context as well.
OnLive and Gaikai — How To Stop a Gaming Revolution 125
happierr writes "The gaming industry has been struggling in the last few months, and it is about to struggle even more when OnLive and Gaikai launch later this year. The new services are both a step in the right direction to counter piracy and provide easily-accessible gaming to people with low-end PCs. They might even do for PC gaming what the Wii did for casual gaming; greatly expand the market and draw interest from people who would not ordinarily play games. The services are a real threat for the Big Three video game companies (Microsoft, Sony, and Nintendo). How will they combat these revolutionary services? There are a few steps that the Big Three are taking to combat the New Two, such as an increased reliance on peripherals and vision cameras, exclusivity deals, and more online multiplayer features, which OnLive and Gaikai will have a hard time matching."
Printable Batteries Should Arrive Next Year 92
FullBandwidth writes "Paper-thin batteries that can be printed onto greeting cards or other flexible substrates have been demonstrated at Fraunhofer Research Institution for Electronic Nano Systems in Germany. The batteries have a relatively short life span, as the anode and cathode materials dissipate over time. However, they contain no hazardous materials."
Comment Firefox 3.5 is _not_ vulnerable (Score 1) 280
Firefox 3.5 is _not_ vulnerable to this attack.
Comment Re:IE will still dominate (Score 1) 438
Mozilla Firefox has supported pre-fetching for years. It has not always been received well.
Comment Re:How does this change userland? (Score 2) 160
The reason something like this scares me is that it lulls users into a higher level of trust... and doesn't protect them from hacked sites, or sites that choose not to implement this.
This mechanism isn't intended for users -- this is a tool for site authors, to cooperate with them in enforcing their policies. The site still has to make a best effort at implementing those policies themselves to protect all their visitors using browsers that don't support CSP (which includes every officially released version of Firefox to date). This is an extra layer of protection for users of CSP-compliant browsers, and a benefit to the site through the reporting function.
Please do continue running NoScript if you like. CSP is a mechanism for site authors to declare their policy, add-ons like NoScript and AdBlock are tools for users to declare their policies.
Comment Re:This is great for Firefox users... (Score 1) 160
Even if this was never implemented in any other browser sites still benefit through early detection of active attacks. If your site implements a security policy with a report URI then every Firefox visitor will be conducting a passive security scan on every page they visit, at least for the types of security problems CSP targets (primarily XSS).
Comment Re:Hey, Mozilla: Learn what "Never" means (Score 2, Insightful) 348
If you really don't want any upgrades just go into the options and toggle the "Check for updates" box. The default auto-upgrade is appropriate for 99% of internet users, but if you're one of the 1% please use the preference we put in just for you. No need to get all hostile about it.
