Firefox 36.0.4 Released

Mozilla released another emergency security update for Firefox 36 on March 21, 2015 with Firefox 36.0.4. This update has more Security fixes for issues disclosed at HP Zero Day Initiative’s Pwn2Own contest. Depending on their update settings, users should be prompted shortly to update to Firefox 36.0.4 or can also force the update by going to the Firefox Help Menu and selecting About Firefox then follow the prompts. Alternatively, users my also go to getfirefox.com and download and install the latest version of Firefox there.

The next scheduled release for Firefox is March 31st with Firefox 37.

Attention Firefox Users: Google Wants You Back!

Google, is starting panic. For the first time since 2008 their market share as dropped below 75%. The reason behind this sudden decline and panic is Mozilla’s decision back in November 2014 not to renew the agreement (default browser search engine) they had with Google, instead opting to sign a five-year deal with Yahoo. Not surprisingly, Yahoo’s market share has increased as a result of this deal to 10.6% (up 2% since the agreement started back in November). Well, Google is not too happy about this and is trying to get Firefox user back.

While Google is still the clear market leader, it is still embarrassing for the company: Search is Google’s bread and butter — the company’s name has become a verb synonymous with finding information online. Google’s displeasure is now becoming clear, Search Engine Land reports, with the search engine prominently asking Firefox users who do not have Google set as their default search to change when they visit the site.

I checked this earlier today with the default search engine set to Yahoo and also again with the default search engine set as Bing. Both times when I did a search directly on google.com I received this request displayed above my search results:

google search

via Business Insider

Firefox 36.0.3 Released

Mozilla released an emergency security update for Firefox 36 on March 20, 2015 with Firefox 36.0.3. This update has Security fixes for issues disclosed at HP Zero Day Initiative’s Pwn2Own contest. Depending on their update settings, users should be prompted shortly to update to Firefox 36.0.3 or can also force the update by going to the Firefox Help Menu and selecting About Firefox then follow the prompts. Alternatively, users my also go to getfirefox.com and download and install the latest version of Firefox there.

The next scheduled release for Firefox is March 31st with Firefox 37.

uBlock for Firefox mobile now available

" ... The browser extension uBlock so far has only been available for desktop devices. The extension was released for Chromium-based browsers first and then later on for Firefox as well.
"Today, a version for Firefox on Android has been released that users of the browser can install to get the same blocking functionality as on the desktop. ... "
Source: gHacks Tech News
---> uBlock for Firefox mobile now available

Getting Superfish out of Firefox

From the Mozilla Security Blog:
First things first: If you are reading this post on a recent Lenovo laptop, please click the lock icon in the URL bar, then click “More Information…”.  If you see “Verified by: Superfish, Inc.”, you are infected with Superfish, and you should follow these instructions to remove it. The Superfish adware distributed by Lenovo has brought the issue of SSL interception back to the headlines.  SSL interception is a technique that allows other software on a user’s computer to monitor and control their visits to secure Web sites — however, it also enables attackers to masquerade as secure websites, in order to spy on users or steal personal information.  Firefox is affected by Superfish, but Mozilla is deploying a hotfix to Firefox that works with other disinfection software to ensure that Firefox is disinfected as well.

WhatsApp Web Now Works On Firefox And Opera

"When WhatsApp launched its desktop version last month, it became a phenomenal hit. However, the message service was only compatible with Google Chrome. Now, the company announced that the desktop version also works on Firefox and Opera. ..."
Source: PERSONAL TECH : Tech Times
Details ---> WhatsApp Web Now Works On Firefox And Opera

Firefox 36 Released

Mozilla released an update to Firefox on February 24, 2015 with Firefox 36. There are several new features and fixes for this release and these can be viewed in the release notes. Users may be prompted to update to the newest release (36.0) of Firefox or can do so manually within Firefox by going to Help > About Firefox and following the update prompts. Users may also manually download and install the newest Firefox update (34.5 via the getfirefox.com site. The next scheduled update for Firefox is February 24th, 2015 with Firefox 36.

Firejail – A Security Sandbox for Mozilla Firefox, Part 2

"In part 2 of this series, we look at some new browser sandboxing developments in Firejail security sandbox. Since the first article was published, many new features have been added. Unlike other sandboxes, the main focus of Firejail project is GUI application sandboxing, with web browsers being, at least for the immediate future, the main target. ..."
Source: l3net – a layer 3 networking blog
Details ---> Firejail – A Security Sandbox for Mozilla Firefox, Part 2

avast! components causing slowing in Windows

Claus at grand stream dreams, linked in his recent Anti Virus Software Updates blog posts an interesting article about issues Windows users were having with high CPU load. The culprit as it turns out was an optional (though installed by default) of avast! antivirus (both free and premium versions) called avast NG. The article (which has been Google Translated from another language) includes step-by-step instructions on how to uninstall the unwanted components (warning: restart required to complete the removal) as well as screenshots (in a another language). On my three systems (generic Windows 7 Desktop, HP Windows 7 Laptop and Gateway Windows 8.1), I have just the basics Shields installed for avast! along with the Software Updater as seen below. Overall, I haven't noticed much difference in the desktops, but both are running beefy processors and have 8 GB of RAM. On the laptop, I did notice some improvement especially when waking up out of sleep mode. avast-change2   I sometimes wonder if these security software suites with all these "tuning tools" components (such as avast GrimeFighter) are partnering with computer repair services (such as Geek Squad or Data Doctors) to drive up business. That being, people who followed the "advice" given by these applications and now their computers don't work properly anymore. Even worse are those TV commercials that say go to this website to fix your slow PC...you don't need to do anything, it will be fixed remotely. Classic 'fox guarding the hen house' scenario. Sure it may be fixed, but at what costs (they claim the service is free) such as your personal data is scanned/collected/harvested/sold, they secretly install monitoring software (spyware) so your computer reports back to them, ransomware/malware. Then what happens when their "fix" breaks your computer, I suppose then they charge you to fix what they broke.

Extension Signing Coming Later in 2015

This is a really good idea as all too often people end up installing extensions (knowingly or unknowingly) which end up making unwanted and undesired changes to their Firefox browser. I don't think it is going to have that big of a negative impact as this will be a way to prevent the bad extensions from being installed. Problems I could see though would be folks running a fresh install or profile and trying to install an add-on that has been abandoned by the developer.
Extensions that change the homepage and search settings without user consent have become very common, just like extensions that inject advertisements into Web pages or even inject malicious scripts into social media sites. To combat this, we created a set of add-on guidelines all add-on makers must follow, and we have been enforcing them via blocklisting (remote disabling of misbehaving extensions). However, extensions that violate these guidelines are distributed almost exclusively outside of AMO and tracking them all down has become increasingly impractical. Furthermore, malicious developers have devised ways to make their extensions harder to discover and harder to blocklist, making our jobs more difficult. We’re responsible for our add-ons ecosystem and we can’t sit idle as our users suffer due to bad add-ons. An easy solution would be to force all developers to distribute their extensions through AMO, like what Google does for Chrome extensions. However, we believe that forcing all installs through our distribution channel is an unnecessary constraint. To keep this balance, we have come up with extension signing, which will give us better oversight on the add-ons ecosystem while not forcing AMO to be the only add-on distribution channel.
It is important to note this will be Firefox only. There are currently no plans for extension signing in Thunderbird, SeaMonkey or unofficial builds such as WaterFox and PaleMoon. Also, the plan is start with a 'warning phase' starting in Firefox 39 (Release Date: June 30th) and will be enforced beginning with Firefox 41 (Release Date: September 22nd). This means developers have 4-months before the 'warning phase' and over 7-months before unsigned extensions will be blocked. via: Mozilla Add-ons Blog