Security Alerts

Following in the footsteps of Mozilla and Apple, Google is going to be removing all trust for WoSign and StartCom Certificates with Chrome 61 (current  version is 59) as well as Android browser. Mozilla has been very aggressive in enforcing their Mozilla’s CA Certificate Policy as was the case in April 2015 with the Firefox 37.0.1 release which Mozilla banned China Internet Network Information Center (CNNIC) issued Certificates. Once again another China based CA has ‘misbehaved’: About a year ago, Mozilla uncovered that a Chinese Certificate Authority (CA) called WoSign had a number of technical and management failures, which included…

Read More

Reducing Adobe Flash Usage in Firefox

“… Mozilla and the Web as a whole have been taking steps to reduce the need for Flash content in everyday browsing. Starting in August, Firefox will block certain Flash content that is not essential to the user experience, while continuing to support legacy Flash content. These and future changes will bring Firefox users enhanced security, improved battery life, faster page load, and better browser responsiveness. …” Source: Mozilla Reducing Adobe Flash Usage in Firefox | Future Releases

Read More

I am not making this up. Microsoft MSFT 99,76 +0,71 +0,72% almost as if in an attempt to get users of Windows 7 to go out and buy a new Windows 10 machine has intentionally broke Windows 7 for users with Asus ASUUY 43,00 0,00 0,00% system boards. Windows update KB3133977 which use to be an “Optional” but recently became a ‘Recommended’ update. This update enables secure boot on Windows 7 (a feature that was previously disabled). Older PC’s with Asus boards don’t support secure boot, which will cause users to get the below red screen upon first bootup after…

Read More

Time to remove QuickTime for Windows

Apple APL 0,05 +0,05 +0,00% has ended support for QuickTime for Windows earlier this year. QuickTime 7 was only supported for Windows 7 and older. These users may want to make sure QuickTime is not still installed, especially if they are/were an iTunes user as it was part of the bloat that was installed with iTunes. There are at least two ‘possible’ exploits with the QuickTime 7 for Windows. via grand stream dreams

Read More

Earlier this year Oracle ORCL 48,63 +0,48 +1,00% announced starting with JDK 9 (eta September 2016), they will remove the plugin support. They are encouraging developers to move towards the plugin free Java Web Start technology. Oracle’s reasoning for this move has to do with more and more browsers removing support the 20+ year old Netscape Plugin Application Programming Interface (NPAPI) plugin technology. GoogleGOOG 1.102,89 -24,57 -2,18% Chrome no longer supports NPAPI plugins such as Java and Silverlight. Google has partnered with Adobe ADBE 258,59 +3,72 +1,46% to include an integrated version of Flash within Chrome. The Windows 64-Bit version of Firefox also does not…

Read More

Seems like every couple months people start crying ‘the sky is falling’ with Firefox and Netscape Plugin Application Programming Interface (NPAPI) plugins. Earlier this week there was a flurry of activity with Bug 1165981. Again people seem to think that Firefox is not going support NPAPI plugins anymore on Windows since the 64-Bit (Win64) versions does not (except for Flash). As a reminder the removal of NPAPI support only applies to the Win64 version of Firefox. The 32-bit Windows version still supports all the NPAPI plugins including Java and Silverlight. However, Mozilla does plan on discontinuing support in the future with the Firefox 32-bit…

Read More

Note: While this post mostly pertains to Mozilla’s other project, Thunderbird I still felt it was important to post this here as to remind people that while Thunderbird is very different from Firefox, they are still both ‘interconnected’ within the Mozilla Foundation in regards to technical resources. Mitchel Baker, Chair of the Mozilla Foundation has posted an update on her blog about Thunderbird. She assures us that Mozilla is not ‘dropping’ Thunderbird. But, at the same time it is no longer effective for Thunderbird and Firefox to share the same technical infrastructure. Firefox and Thunderbird have diverging needs. Firefox needs to move at the speed…

Read More

Firefox 41.0.2 Released

On Thursday, October 15th, Mozilla released an update for the Firefox 41.0 branch with Firefox 41.0.2. This update addressed the following issues: Mozilla Foundation Security Advisory 2015-115: 2015-115 Cross-origin restriction bypass using Fetch The next planned release will be Firefox 42 on November 3rd.  

Read More

Following in the footsteps of Google and Microsoft, Mozilla plans to eliminate support for the ancient NPAPI plugins (with the exception of heavily sandboxed version of Flash) in the next year. This would include the 32-bit versions of Firefox. There has been a lot of heated discussions in the past few months in regards to Mozilla removing the support of NPAPI plugins (mainly Silverlight and Java) from the upcoming (Firefox 43?) Windows 64-bit (Win64) version of Firefox. I agree this needs to be done as NPAPI plugin technology is over 20-years old from the Netscape days and is badly outdated…

Read More

Windows 7/8.1 Users: Microsoft is Watching You!

Okay, maybe not ‘watching you’, but they are spying on you. Seems that Microsoft MSFT 99,76 +0,71 +0,72% was not content with just spying on Windows 10 users. They have pushed through some ‘Telemetry’ updates on Windows 7 and 8.1 which allow Windows to collect and send data back to Microsoft. Keep in mind if you have opted-out of previous ‘feedback/telemetry’ programs with Microsoft, these updates undo all that (including user privacy settings in the Windows hosts file). …(the updates) all add “customer experience and diagnostic telemetry” to Windows 7 and Windows 8. This is shorthand for monitoring how you use Windows…

Read More