Security News

Essentially, FLoC allows marketers to guess users' interests without having to uniquely identify them, thereby eliminating the privacy implications associated with tailored advertising, which currently relies on techniques such as tracking cookies and device fingerprinting that expose users' browsing history across sites to advertisers or ad platforms. FLoC sidesteps the cookie with a new "Cohort" identifier wherein users are bucketed into clusters based on similar browsing behaviors.

Google, Microsoft, Apple, and Mozilla have launched the WebExtensions Community Group to collaborate on standardizing browser extensions to enhance both security and performance. "With multiple browsers adopting a broadly compatible model for extensions in the last few years, the WECG is excited to explore how browser vendors and other interested parties can work together to advance a common browser extension platform," the browser vendors said.

Mozilla advises Firefox users to update to the latest released version to avoid experiencing video streaming issues after Google updates the Widevine digital rights management on May 31. Once Google updates the Widevine private encryption keys and content decryption module on May 31, video streaming services using Google's DRM-protection technology will no longer work with older Firefox versions.

Mozilla Thunderbird spent the last couple of months saving some users' OpenPGP keys in plain text - but that's now been patched, the author of both the bug and the patch fixing it has told The Register. The vulnerability, assessed as "Low" impact by Mozilla, existed in the free open source Thunderbird email client between version 78.8.1 and version 78.10.1 after a crestfallen maintainer realised carefully designed protections were in fact not protecting users' private OpenPGP keys.

Mozilla has begun rolling out a new security feature for its Firefox browser in nightly and beta channels that aims to protect users against a new class of side-channel attacks from malicious sites. "This fundamental redesign of Firefox's Security architecture extends current security mechanisms by creating operating system process-level boundaries for all sites loaded in Firefox for Desktop," Mozilla said in a statement.

Mozilla has started rolling out the Site Isolation security feature to all Firefox channels, protecting users from attacks launched via malicious websites. Until today, Site Isolation could only be enabled by users of Firefox Nightly, the release channel used by Mozilla to test new features not yet ready for a wider rollout.

The Mozilla Foundation fixed a flaw in its Firefox browser that allowed spoofing of the HTTPS secure communications icon, displayed as a padlock in the browser address window. Successful exploitation of the flaw could have allowed a rogue website to intercept browser communications.

This month, Mozilla has announced plans to phase out support for the Firefox web browser app on the Amazon Fire TV product line. Although Firefox will be no longer supported on Fire TV effective at the end of this month, Amazon Silk web browser app remains available to Fire TV users.

Mozilla volunteers have recently been flooded with online merchants and marketers' requests for their domains to be added to what's called a Public Suffix List. Public Suffix List is an initiative of the Mozilla community volunteers to maintain a list of top-level domains and domains that should be treated as one to prevent the mixing of cookies between distinct domains.

Mozilla's attempts to augment its income continued apace with an update to the company's VPN subscription service. The update, which has landed less than a year since Mozilla first launched the service, adds two new features.