Datamation 14 May 2013 | Sean Michael Kerner Mozilla is out with the Firefox 21 open source browser release today, fixing at least 8 security vulnerabilities, three of which are rated as being critical. The new release also provides new features that – depending on your viewpoint – could either improve or reduce user privacy.
One of the new features in Firefox 21 is the Health Report. Mozilla first began talking about the health report in September of 2012 as a non-invasive reporting mechanism. The report is intended to deliver information to users about the 'health' of the browser and its components. The report also shares that data with Mozilla. Johnathan Nightingale, VP of Firefox Engineering at Mozilla, explained to Datamation that Firefox Health Report is enabled by default in Firefox 21. "Firefox users who don't want to send health data to Mozilla can disable the data sending either from the health report itself, or from the 'Data Choices' section in the Firefox options window," Nightingale said. "Users who turn off the data will still be able to see their own browser health information." Firefox 21 also includes an update to Mozilla's Do Not Track cookie mechanism. In the Firefox 21 release, users will now have three choices: “Do Track,” “Do Not Track,” and “No Preference." "From its inception, we have built Do Not Track as an expression of intent," Nightingale said. "By default, we don't send a header at all, 'No Preference', because we don't know the user's intent." He added that the user can choose to express a preference either for, or against, tracking and from that point forward Firefox will express that decision to every site they visit. Mozilla's most recent data shows 17 percent of US users enabling DNT. Performance Performance is an area that Mozilla is constantly pushing with each new Firefox release, and Firefox 21 is no exception. Nightingale said that new graphics subsystem changes in Firefox 21 should give the browser performance wins on mobile and desktop. Mozilla developers are now also currently working on the new OdinMonkey JavaScript engine for a future release of Firefox. "We're currently testing OdinMonkey on pre-release, but the optimizations it makes for asm.js code are going to change the world of gaming," Nightingale said. The asm.js JavaScript library enables code to run at native speeds. It's is already being used to enable the Epic gaming engine for in-browser games. Security Updates On the security front, Mozilla has issued three critical security advisories with the Firefox 21 release. All three deal with memory related vulnerabilities and exploitations. Some of the flaws were reported by Google security researchers using the open source Address Sanitizer tool. "Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a series of use-after-free, out of bounds read, and invalid write problems rated as moderate to critical as security issues in shipped software," Mozilla states in its advisory. "Some of these issues are potentially exploitable, allowing for remote code execution." Register at the dedicated AccessIndia list for discussing accessibility of mobile phones / Tabs on: http://mail.accessindia.org.in/mailman/listinfo/mobile.accessindia_accessindia.org.in Search for old postings at: http://www.mail-archive.com/[email protected]/ To unsubscribe send a message to [email protected] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in Disclaimer: 1. Contents of the mails, factual, or otherwise, reflect the thinking of the person sending the mail and AI in no way relates itself to its veracity; 2. AI cannot be held liable for any commission/omission based on the mails sent through this mailing list..
