Sign up for our Technology Newsletter 
Mozilla Touts WebRTC
Mozilla has shown off WebRTC integration in its Firefox web browser, demonstrating real-time video conferencing and file transfer capabilities.
All major web browser developers have started to integrate the WebRTC protocol and now Mozilla has shown off how far its integration has come. The firm demonstrated working video conferencing, file transfer and sharing capabilities through the Firefox web browser.
Mozilla was keen to push its implementation of the Datachannels API that is part of WebRTC to allow instant messaging and file transfer. The firm’s impressive demonstration shows off seamless sharing between two clients that had initiated a video conversation, with tabs and files being sent and viewed with little user interaction.
Mozilla’s demonstration does highlight the need for tight sandboxing within the web browser, however as a peer-to-peer protocol that automatically encrypts communications between two hosts, WebRTC could challenge some existing closed communication protocols such as Skype.
Maire Reavy, product lead for Firefox Platform Media at Mozilla said, “WebRTC is a powerful new tool that enables web app developers to include real-time video calling and data sharing capabilities in their products. While many of us are excited about WebRTC because it will enable several cool gaming applications and improve the performance and availability of video conferencing apps, WebRTC is proving to be a great tool for social apps.”
Mozilla didn’t say when its WebRTC implementation will enter the stable release channel, however given the outfit’s rapid release schedule, it should be a matter of weeks rather than months.
Japan Goes After Online Piracy
Japan will enforce anti-’piracy’ laws that criminalize illegally downloading media files.
The penalties see downloaders running the risk of a two year stay in prison and a fine of up to about $25K, according to a BBC report.
The BBC reports that the enforcement proposal follows a lobbying campaign by the Japanese music
industry, adding that the penalties could apply even if someone has downloaded only a single file. The laws were passed two years ago, but so far have not been implemented.
Local rightsholders will be hoping that from now on the criminal penalties will be enforced, and in spades. They are the kind of sanctions that rightsholders dream of and are much stricter than the three-strikes policy in the US.
Anyone caught uploading is also treated more sternly, and could be jailed for as long as ten years.
Japan has a large market for media material, and its government apparently is bowing to protect the interests of rightsholders.
This past Summer the Japanese government ratified the draconian Anti-Counterfeiting Trade Agreement (ACTA), despite it being rejected elsewhere.
Mozilla Fixes Major Security Issues
July 26, 2012 by admin
Filed under Around The Net
Comments Off on Mozilla Fixes Major Security Issues
Mozilla has fixed a number of security vulnerabilities in the latest versions of its internet applications, including Firefox 14, Thunderbird 14 and Seamonkey 2.11.
Following the release of its Firefox 14 browser for desktop operating systems on Tuesday, Mozilla said it has removed security holes in the Gecko rendering engine that all the applications run, some of which it rated as “critical”.
The bugs fixed included a code execution problem related to javascript URLs, a JSDependentString::undepend string conversion bug that can be exploited to cause a crash and a same-compartment Security Wrappers bypass issue.
Critical use-after-free problems, an out-of-bounds read bug, and a bad cast in the Gecko engine that could lead to memory corruption have also been addressed, Mozilla said.
These bugs were deemed “critical” due to their vulnerability to being exploited remotely by hackers that could execute arbitrary code on an unsuspecting victim’s system.
Sprint Will Support Mozilla’s Mobile OS
Comments Off on Sprint Will Support Mozilla’s Mobile OS
A new operating system for mobile phones, similar to the Mozilla Firefox internet browser has got the backing of several major telecom companies, turning up the heat on Google and Apple in the smartphone market.
Mozilla said on Monday that mobile network operators Deutsche Telekom, Sprint, Smart, Telecom Italia, Telenor and Etisalat are backing the Firefox platform.
The non-profit organization which evolved from Netscape after the internet browser wars 14 years ago, said phone makers ZTE and TCL Communication Technology will roll out the first Firefox OS phones using Qualcomm’s Snapdragon processors in early 2013.
Mozilla, which fosters the collective development of open-source Web applications, currently generates most of its income from a contract which makes Google the default search provider for Firefox users.
Broad support from telecom companies and handset makers is crucial for any new smartphone platform to take off in a market increasingly dominated by Google’s Android software, which has a market share of around 60 percent, while Apple’s iPhones run on its proprietary iOS software.
Yahoo Goes-DO NOT TRACK
April 6, 2012 by admin
Filed under Around The Net
Comments Off on Yahoo Goes-DO NOT TRACK
Yahoo websites worldwide will comply with users “do not track” settings starting later this year, Yahoo announced Wednesday.
Most major browsers are now able to send a message to sites visited, indicating whether users want their surfing behavior to be tracked by cookies for the purposes of displaying personalized ads. In February the last major hold-out, Google, announced that its Chrome browser will include do-not-track support by the end of the year.
That message, an HTTP (hypertext transfer protocol) header accompanying a request to display a Web page, avoids the awkward paradox that to store a visitor’s preference not to be tracked by cookies, sites had to store a cookie containing that preference, and provides a consistent way to store and indicate such preferences across all Web sites that respect the do-not-track header.
Support for the do-not-track header has been in the works since last year, Yahoo said. All Yahoo sites will respect the header, including those of Right Media and Interclick, two Yahoo subsidiaries specializing in behavioral or data-driven advertising, the company said.
The company’s announcement comes the same day that the U.S. House of Representatives’ Subcommittee on Commerce, Manufacturing, and Trade is set to hold a hearing on balancing privacy and innovation, and in the same week that the U.S. Federal Trade Commission called for creation of a do-not-track tool for Internet users.
In a statement announcing its plans for allowing visitors to opt out of tracking, Yahoo maintained that allowing advertisers to regulate themselves was the best and quickest way to introduce protections to the market place without sacrificing innovation or value creation.
Kindle Fire Raises Privacy Concerns
December 5, 2011 by admin
Filed under Consumer Electronics
Comments Off on Kindle Fire Raises Privacy Concerns
Amazon told a Massachusetts congressman that the Silk browser in its Kindle Fire tablet doesn’t pose a privacy threat to customers, but the lawmaker wasn’t satisfied with that statement.
U.S. Rep. Ed Markey (D-Mass.), the co-chairman of a congressional caucus on consumer privacy, on Tuesday released the results of questions he had put to Amazon CEO Jeff Bezos in October about Silk and the data it collected.
Markey wasn’t happy with Amazon’s answers.
“Amazon’s responses to my inquiries do not provide enough detail about how the company intends to use customer information, beyond acknowledging that the company uses this valuable information,” said Markey in a statement.
“Amazon states ‘Customer information is an important part of our business,’ but it is also important for customers to know how the company uses their personal information,” Markey continued. “Amazon is collecting a massive amount of information about Kindle Fire users, and it has a responsibility to be transparent with its customers. I plan to follow-up with the company for additional answers on this issue.”
Silk, which is based on the open-source WebKit engine, connects to Amazon’s cloud service and servers by default. The service will handle much of the work of composing Web pages, pre-rendering and pre-fetching content, and squeezing the size of page components, a way, claimed Amazon, to speed up browsing on low-powered devices like the Kindle Fire.
Patches Released For Firefox and Thunderbird
Comments Off on Patches Released For Firefox and Thunderbird
The release of Firefox 7 is important because the new version features better memory management and is the first step in Mozilla’s long term plan to make the browser more resource friendly.
Nevertheless, users who upgrade to it will also benefit from improved security as this release fixes six critical and two moderate severity security vulnerabilities.
Four of the critical patches are shared with Thunderbird 7 and address a use-after-free condition with OGG headers, an exploitable crash in the YARR regular expression library, a code installation quirk involving the Enter key and multiple memory hazards.
A moderate severity patch that provides defence against multiple Location headers caused by CRLF injection attacks is also common to both products.
In addition to these patches Firefox 7 also contains fixes for two critical and one moderate severity vulnerabilities, with one of them resulting in a potentially exploitable WebGL crash.
It’s worth pointing out that Microsoft previously motivated its decision to not include support for WebGL in Internet Explorer by saying that the 3D graphics library opens a large attack surface.
So far several serious vulnerabilities have been identified and patched in WebGL, which partially supports Microsoft’s assessment, but the library’s supporters claim this is no different than with other technologies.
Firefox 7 also updates Websocket, a protocol disabled in the past because of security issues, to version 8, which is no longer vulnerable to known attacks.
Apple Blasted For Not Blocking Stolen Certificates
Comments Off on Apple Blasted For Not Blocking Stolen Certificates
A security researcher blasted Apple for what he called “foot dragging” over the DigiNotar certificate fiasco, and urged the company to act fast to update Mac OS X to protect users.
“We’re looking at some very serious issues [about trust on the Web] and it doesn’t help matters when Apple is dragging its feet,” said Paul Henry, a security and forensics analyst with Arizona-based Lumension.
Unlike Microsoft, which updated Windows Tuesday to block all SSL (secure socket layer) certificates issued by DigiNotar, Apple has not updated Mac OS X to do the same.
DigiNotar, one of hundreds of firms authorized to issue digital certificates that authenticate a website’s identity, admitted on Aug. 30 that its servers were compromised weeks earlier. A report made public Monday said that hackers had acquired 531 certificates, including many used by the Dutch government, and that DigiNotar was unaware of the intrusion for weeks.
Because almost all the people who were routed to a site secured with one of the stolen certificates were from Iran, many experts suspect that the DigiNotar hack was sponsored or encouraged by the Iranian government, which could use them to spy on its citizens.
Microsoft isn’t the only software maker to block all DigiNotar certificates: Google, Mozilla and Opera have also issued new versions of their browsers — Chrome, Firefox and Opera — to completely, or in Opera’s case, partially prevent users from reaching websites secured with a DigiNotar certificate.
Users of Safari on Mac OS X, however, remain at risk to possible “man-in-the-middle” attacks based on the fraudulently obtained certificates.
Because Safari relies on the underlying operating system to tell it which certificates have been revoked or banned entirely, Apple must update Mac OS X. The Windows edition of Safari, which has a negligible share of the browser market, taps Windows’ certificate list: That version is safe to use once Microsoft’s Tuesday patch is applied.
Download Defense Added To Chrome Browser
Comments Off on Download Defense Added To Chrome Browser
Google has updated Chrome to version 12, adding a new feature that warns users when they’ve downloaded files from dangerous Web sites.
New to Chrome 12 is a tool that flags questionable files pulled from the Web. Chrome now shows an alert when users download some file types from sites that are on the Safe Browsing API (application programming interface) blacklist, which Google maintains.
The messages reads: “This file is malicious. Are you sure you want to continue?” If they wish, users can ignore the warning and install the file on their system’s hard drive.
“This warning will be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API,” said Google last April when it debuted the feature in an earlier edition of Chrome.
Safe Browsing already identifies suspicious or unsafe sites, then adds them to a blacklist. Chrome, Mozilla’s Firefox and Apple’s Safari all tap into Safe Browsing to warn users of risky sites before they actually visit them.
Google SEARCH Goes SSL
Google is finally taking privacy seriously to a degree by offering its users a secure form of searching while using Google Search. Moving forward users will have the opportunity to enable SSL (Secure Socket Layer) for added security. Be advised, the service will only cover the Google search and clicks made through Google to other non-secured sites will be visible.