Planet Mozilla Projects

Looking For

June 16, 2025

The Mozilla Blog — The Great British Bake Off’s Janusz on CakeTok and queer joy

A smiling man in a light blue shirt stands in front of a bright pink background, surrounded by colorful confetti. He’s pointing enthusiastically at a small, square sprinkle-topped cake he’s holding in one hand.

Here at Mozilla, we are the first to admit the internet isn’t perfect, but we know the internet is pretty darn magical. The internet opens up doors and opportunities, allows for human connection, and lets everyone find where they belong — their corners of the internet. We all have an internet story worth sharing. In My Corner Of The Internet, we talk with people about the online spaces they can’t get enough of, the sites and forums that shaped them, and how they would design their own corner of the web.

We caught up with Janusz Domagala, the joyful breakout star of 2022’s “The Great British Bake Off” and author of Baking With Pride. He talks about CakeTok, his secret ingredient hot honey, how digital friendships shaped his life, and why history tastes better when baked.

What is your favorite corner of the internet?

I have to say my favourite corner of the internet is American CakeTok. I love the online baking community generally, it’s so welcoming, supportive and encouraging. But I do have to admit that American baking really aligns with my personal approach to baking- colourful, bold and daring flavours and visually dramatic. I think food should be an experience for all the senses and it’s typically American baking videos on social media that gets my senses tingling…

A recipe spread for a cake called “Semi-Naked Flower Cake” with ingredients and steps on the left, and a photo on the right of a tall layer cake decorated with vibrant buttercream flowers including poppies and lavender, set against a pastel background and green gingham tablecloth.

What is an internet deep dive that you can’t wait to jump back into?

As well as baking, I’m a big fan of history. Living in the UK I love diving into its rich history online- researching the fashion, culture and popular bakes of certain periods of time. I love recreating historical bakes I discover as not only do I get to imagine what life was like during chapters of time, I get to taste what it was like too.

What is the one tab you always regret closing?

I would be lost and create some very … interesting… bakes if it wasn’t for my tab that has an international unit conversion! I love using recipes from around the world but because I’m a speedy baker (thanks to competitive baking, I guess) I don’t have time to whip out my calculator mid whisk!

What can you not stop talking about on the internet right now?

Hot honey! As a creative and a genuine foodie, I love seeing the trends that come out in the food world and take over in the internet. Recently we’ve had caramelised biscuit, pistachio and now hot honey which combines two of my two favourite flavour profiles and is already getting me thinking about my next bake.

“Until [joining a local baking group online] my only chance to talk about baking was with my mother who taught me to bake, so to finally get the chance to talk to people my own age about one of my biggest passions was a big moment for me.”

What was the first online community you engaged with?

Like a true millennial the first online community I engaged with was on MySpace, joining a local baking group. Until then my only chance to talk about baking was with my mother who taught me to bake, so to finally get the chance to talk to people my own age about one of my biggest passions was a big moment for me. Within the group, we actually started arranging monthly meet ups at a local park where we would get together in person, taking things we’d baked along, and chat all things baking. I’m still friends with some of the people from that group and that for me is one of the most powerful things about the internet- meeting people you never would normally have met in life and turning them into real life friendships.

If you could create your own corner of the internet, what would it look like?

My corner of the internet would probably look a lot like my wardrobe; bold, colourful and fun! Full of feelgood items and also have different options for different moods, have comfy options when we need that little extra warmness on the days we need but most importantly- get people talking and inspired.

What articles and/or videos are you waiting to read/watch right now?

It’s currently Pride Month and each year I get so excited about the digital content that’s released, full of stories from the LGBTQ+ community. I’m currently waiting for the OUT100 list to be released which highlights 100 influential people who are currently working towards change and fighting for our rights. It’s a great read and a great chance to highlight the work of people that might not always have the spotlight shone on them.

If the internet were a giant Showstopper Challenge and you got to design it for the future, what ingredients would you throw in to make it more delicious for creative people like you — and what baking disaster would you absolutely leave out?

This is a great question… I would start with multiple layers of art flavoured with fashion, food, body positivity and queer joy. I would layer in some curiosity to help people be brave enough to try new things and top with some creativity, kindness and acceptance… and sprinkles! Always sprinkles. A baking disaster I would ban from my internet Showstopper would be fear- wonderful things can happen when we act without fear and if something doesn’t go to plan it’s not the end of the world. As I say, a bad batch of bread can make excellent breadcrumbs!

Janusz Domagala, or simply Janusz as he’s most commonly known, became the instant standout star on 2022’s “The Great British Bake Off” when he rightfully declared himself the “Star Caker.” Since appearing on the show, Janusz has built a successful social media following, has been featured in multiple print and digital media outlets and was a contestant on the third season of the show “Crime Scene Kitchen.” A keen LGBT+ activist, his debut recipe book, “Baking With Pride,” was released in May 2024.

Get the browser that puts your privacy first – and always has

Download Firefox

The post The Great British Bake Off’s Janusz on CakeTok and queer joy appeared first on The Mozilla Blog.

by Damiano at June 16, 2025 05:40 PM

June 10, 2025

The Mozilla Blog — Firefox features that help you plan a trip (and take it)

Browser window and smartphone with a sync icon, representing syncing data between devices.

Most travel plans start with a handful of tabs. A map here, a few guides there. Then a flurry of bookings, logins and maybe a PDF form you’re supposed to sign with your finger. Next thing you know, you’re in line at the car rental counter with 3% battery, no confirmation number, and no address for where you’re staying.

Firefox can’t hand you a charger. But it can keep up before your trip and while you’re on it. Haven’t downloaded Firefox mobile yet? Now’s a good time. Once you enable sync on Firefox mobile, all your travel bookmarks and tabs will come with you — ready to access quickly when you need them. Strong privacy protections are built in by default.

Here are a few features that help you plan, book and get where you’re going:

Sync

Start planning on your laptop, pick it back up on your phone. Tabs like your hotel reservation page, bookmarks, passwords and more come with you, so you’re not stuck emailing yourself links or searching “best vegan pizza rome” for the third time. Sign in to your Mozilla account to enable sync and access your data across your devices. It stays private and encrypted — even from us. (Firefox sync works in most places, but it’s not available in every region.)

AI chatbot in your sidebar

Firefox lets you keep an AI chatbot in the sidebar while you browse. Useful when you’re planning an itinerary, overthinking a layover, or asking it to generate a packing list based on the weather, your mood, and your inability to travel light.

Right-click the sidebar > customize sidebar > check “AI chatbot.” Pick from tools like Claude, ChatGPT, Gemini and others (availability may vary by region).

Firefox browser window showing the “Customize sidebar” panel, with options to enable vertical tabs and move the sidebar to the right. Under “Firefox tools,” the “AI chatbot” is checked, while “Tabs from other devices,” “History,” and “Bookmarks” are unchecked. A link to “Manage Firefox settings” is at the bottom.

Password manager and generator

Firefox can save your passwords, fill them in when you need them and generate more secure ones than “plzletmein!”

PDF editor

Sometimes the thing that holds up your travel plans is a PDF: tour sign-up sheets, car rental instructions, a transit map. Firefox’s built-in PDF editor lets you fill out, sign and annotate PDFs directly in the browser — no downloads, no printing required. Works on desktop and mobile.

Tab groups

Tab groups let you organize your tabs by topic — flights, food, logistics, backup food — so you’re not digging through a sea of identical tab titles wondering where the train schedule went.

Vertical tabs

Once the tab count crosses into the regrettable zone, vertical tabs help you see what you’re working with. Everything’s listed neatly on the side, so you can find the one tab with actual answers and stop clicking through five versions of “best day trips near Milan.”

Firefox browser window open to a TripAdvisor page about Milan, Italy, with a large image of Piazza del Duomo featuring the cathedral, nearby buildings, and people walking. The sidebar on the left shows open tabs related to Milan travel, including Google Flights, YouTube, Reddit, Google Docs, and Maps.

Right-click the toolbar > turn on vertical tabs.

Built-in translation

Firefox can translate full pages instantly for supported languages. Useful when you’re trying to fill out a form, make a reservation, or read a menu where the only word you recognize is cornetto.

VPN extension for Windows

Sometimes travel means needing to book something as if you’re already there, or reading the news like you’re still at home. With Mozilla VPN, you can locate yourself wherever in the world you want — even back home. And with the VPN extension for Windows, you can do this on a per site basis, so you can check what you need without changing your whole device’s location. (Available as part of a paid subscription.)

List of location options in Mozilla VPN settings, showing the default location selected and a list of countries including Australia, Austria, Belgium, and Brazil.

Firefox keeps up with your tabs, logins, pages, even the one in another language. Just remember to pack your charger.

Get the browser that puts your privacy first – and always has

Download Firefox

The post Firefox features that help you plan a trip (and take it) appeared first on The Mozilla Blog.

by Kristina Bravo at June 10, 2025 09:15 PM

Firefox UX — How a UX-Led Approach Shaped Firefox Profiles

Why Firefox needed profiles

We’ve all been there — one minute you’re checking work emails, the next you’re deep into vacation planning, and the next thing you know all of your content is a jumbled mess. Firefox users needed an easy way to keep different online lives separate — work, personal, school, or shopping — without juggling multiple browsers.

While other browsers offer multi-profile support, they lack privacy-first management and quick profile switching. We saw an opportunity to do it better — to give users more control, with fewer headaches.

With hundreds of votes on Mozilla Connect, demand for direct taskbar access to profiles was clear. So, we got to work.

Building profiles

From day one, UX and content design collaborated on every step of the process, ensuring a cohesive experience based on a shared understanding of user needs.

Phase 01: research & early ideas

Before designing anything, we:

Studied competitors to find what worked (and what didn’t).
Mapped out user journeys to understand pain points.
Sketched early ideas — low-fidelity wireframes — to get quick team feedback.
Defined how profiles fit into the Firefox ecosystem.

A black and white composite image of 5 photos of wireframes and word lists written in marker on a whiteboard

Phase 02: test, iterate, repeat

We tested profiles at every stage, using:

Moderated & unmoderated user tests (UserTesting.com)
We asked real people to try early versions of the feature and share their thoughts. Sometimes a moderator guided them through tasks and asked follow-up questions (moderated), and other times they completed tasks on their own while we watched recordings later (unmoderated). This helped us understand where users got stuck or confused.

Key learnings:
Positive: Users found the profile creation process simple and intuitive, and appreciated the instant visual feedback like color and icon changes — confirming this flow was working well as designed.

Constructive: Some users had trouble finding where to access profiles within the browser, often looking for them in the account section, suggesting the need for clearer entry points and distinctions in the UI.

Accessibility-focused testing (Fable, DisCoTec)
We partnered with people who use assistive technologies like screen readers or keyboard-only navigation to test the feature. Their feedback helped us make sure profiles would be easy to use for everyone, including users with disabilities.

Key learnings:
Positive: The profiles feature was well-received by participants using assistive technologies. The setup process was described as “pretty easy,” and users appreciated the immediate feedback when choosing themes or avatars. One participant noted, “I like to have all profiles significantly different colors so it’s easy for me to recognize I’m in the right profile without zooming in.”

Constructive: Some users had trouble locating profiles in the menu or understanding what elements were clickable, especially with screen readers. One participant commented, “Alt+P didn’t take me to the profiles part of the app menu as expected — it should be a shortcut.”

Live prototype reviews with Firefox teams
We regularly showed early interactive versions of the feature, also known as prototypes, to different Firefox teams. This let us gather fast, internal feedback and make improvements before we committed to building anything fully.

Key learnings:
Positive: Stakeholders responded positively to the decision to launch each profile in its own window with a separate taskbar icon. This was seen as a clear differentiator from other browsers and aligned with Firefox’s goals around user control and simplicity.

Constructive: Stakeholders identified the lack of a profiles entry point in the account avatar as a key discoverability issue. While this was initially excluded from the MVP to reduce complexity, there was an alignment that it should be prioritized as part of the initial roll out.

Phase 03: refining the experience

Every iteration made profiles simpler, more accessible, and easier to use.
To keep everyone aligned, we took our work company-wide by:

Maintaining the smaller cross functional team well informed during weekly syncs.
Creating walkthrough videos for a wide range of feedback and perspectives.
Sharing during UX leadership reviews
Working closely with the design systems team to ensure that the UI was not only accessible and intuitive, but also fit well within the wider Firefox ecosystem.
Collaborating with the accessibility team to create an easy handoff for engineers to build a delightfully accessible product.

Phase 04: measuring success with telemetry

A great feature isn’t complete without the right data to evaluate impact and guide business decisions. At Firefox, we believe in collecting only what’s necessary. That’s why we follow lean data practices, minimizing what we track and always keeping it anonymous. This ensures we respect user privacy while answering key product and business questions.

We led a two-part telemetry workshop to make sure:

Every button and link was trackable (all this data is of course anonymous).
We could measure adoption, switching behavior, and engagement.

These valuable insights will help us improve profiles post-launch.

Phase 05: bringing profiles to life

To ensure a smooth handoff to engineering, we provided:

Detailed documentation for all screens and components.
Accessibility annotations for keyboard navigation, focus order, and high-contrast mode.
Comprehensive user flows covering onboarding, profile creation, switching, and deletion.

Some examples of our final screens:

Unique avatars and themes help users instantly recognize each profile.

A startup profile picker makes choosing and managing profiles a breeze.

Easily access and switch between profiles from your dock or taskbar

Windows taskbar showing two Firefox icons, one with a green suitcase icon in the upper right corner and one with a purple flower icon amongst other standard taskbar icons

MacOS dock showing two Firefox icons, one with a green suitcase icon in the upper right corner and one with a purple flower icon amongst other standard dock icons

What’s next?

Profiles are currently rolled out to a small percentage of Firefox users, and early telemetry shows strong engagement. We’re seeing meaningful adoption, encouraging retention signals, and higher engagement across key behaviors like search and customization. Many users are also making use of cross-profile switching, indicating that the feature is resonating with both casual and power users.

This project proved that when UX leads from the start, we build better, more user-friendly features.

This is how we design Firefox, together.

How a UX-Led Approach Shaped Firefox Profiles was originally published in Firefox User Experience on Medium, where people are continuing the conversation by highlighting and responding to this story.

by misha bruk at June 10, 2025 04:42 PM

June 05, 2025

SeaMonkey — SeaMonkey 2.53.21 is out!

Hi All,

The SeaMonkey Project is pleased to announce the immediate release of SeaMonkey 2.53.21. There are a few security updates and …

*What? Um.. No, I didn’t see it. I did look at the website patch… Yes, it’s the same as reading the release notes. It clearly states that it’s a point release and it’s a security patch… Anyway…. *

Please check out [1] and/or…

*What now? Look, I’ve been doing and/or for some time… What do you mean exclusive or? Ok.. this time, you make sense.*

Please do check out [1] and [2].

:ewong

PS: Did I mention the Updates will be forthcoming…? Yes, the updates will be forthcoming…if it hasn’t already been done already when you read this.

PPS: Yes, trying to jazz things up… think of this post being Rik Mayall’d. (RIP). The People’s Poet…

[1] – https://www.seamonkey-project.org/releases/seamonkey2.53.21

[2] – https://www.seamonkey-project.org/releases/2.53.21

by ewong at June 05, 2025 09:30 AM

June 04, 2025

The Mozilla Blog — Performance doesn’t have to come at the cost of privacy

What if you could increase conversations — without collecting more data? You’ve probably been told you need to collect more data to get better results. But with smarter tools and better technology, privacy isn’t a tradeoff, it’s a feature. Anonym makes it possible to measure real performance without complex integrations — just drag and drop your data set. Let the results below speak for themselves.

Proof points

UEFA

Take UEFA’s Men’s Club Competitions online store, for example. Ahead of the 2024 finals, they launched a campaign on TikTok to engage fans and drive sales, all without sending any personal user data with TikTok. By utilizing our privacy-first analytics solution used by TikTok, UEFA was able to measure meaningful results like conversion lift and sales impact using differentially private algorithms. The outcome: 93% lift in conversions and a 94% increase in sales, without exposing data to the advertising platform. They leveraged Anonym’s drag-and-drop interface, ensuring all data was correctly formatted and encrypted before sharing in Anonym’s trusted execution environment.

Zenjob

Zenjob, a flexible job platform in Germany, took a similar path. During a key hiring season, they ran a TikTok campaign focused on app installs and signups, but didn’t want to cut corners on user data. Like UEFA, they used Anonym to unlock insights into incrementality and attribution, encrypting the user level data and relying on Anonym’s privacy enhancing technologies. The results spoke for themselves: a 38% increase in signups and a significant improvement in conversion. All without exposing sharing user level information with TikTok.

The future of online advertising

These examples aren’t one-off wins, they’re proof that better performance is possible. With Anonym, advertisers get the insights they need to optimize creative, targeting, and spend to drive real results. You don’t need more data to get better outcomes — you need the right tools. If you’re ready to boost performance without the guesswork, our team is here to show you. Reach out for a deeper dive into our privacy preserving solutions.

A teal lock icon next to the bold text "Anonym" on a black background.

Performance, powered by privacy

Learn more about Anonym

The post Performance doesn’t have to come at the cost of privacy appeared first on The Mozilla Blog.

by Hannah Bullion at June 04, 2025 09:16 PM

The Mozilla Thunderbird Blog — VIDEO: Thunderbird Pro and Thundermail!

It’s been just over two months (!) since we first announced our upcoming Thunderbird Pro suite and Thundermail email service. We thought it would be a great idea to bring in Chris Aquino, a Software Engineer on our Services team, to chat about these upcoming products. We want our community to get to know the newest members of the Thunderbird family even before they hatch!

We’ll be back later this summer after our upcoming Extended Support Release, Thunderbird 140.0, is out! Members of our desktop team will be here to talk about the newest features. Of course, if you’d like to try the newest features a little sooner, we encourage you to try the monthly Release channel. Just be sure to check if your Add-ons are compatible first!

May Office Hours: Thunderbird Pro and Thundermail

Chris has been a part of the Thunderbird Pro products since we first started developing them. So not only is he a great colleague, he’s an ideal guest to help tell the story about this upcoming chapter in the Thunderbird story. Chris starts with an overview for each product that covers the features we have planned for each of our Thunderbird Pro products and Thundermail. We know how curious our community is about these products, and so our hosts have lots of questions for each product, and Chris is more than up to the challenge in answering them. We also make sure to point out how to get involved with trying, testing, and helping us improve these products by linking you to our repositories.

Watch, Read, and Get Involved

The entire interview with Chris is below, on YouTube and Peertube. There’s a lot of references in the interview, which we’ve handily provided below. We hope you’re enjoying these looks into what we’re doing at Thunderbird as much as we’re enjoying making them, and we’ll see you soon!

We also know some of you might only be interested in a single product, and so we’ve also made separate videos for each product!

COMPLETE VIDEO (Also on Peertube):

Slides:

Office-Hours-Thunderbird-Pro Download

Individual Videos:

May 30, 2025

Mozilla Add-ons Blog — Crypto wallet scams — thwarting a new threat

According to the FBI’s 2024 Internet Crime Report, crypto-related scams accounted for nearly $16.6 billion in victim losses last year across the globe ($9.3 billion in the United States alone — a 66% increase from 2023). Crypto thieves employ a variety of tactics to defraud people, but a certain type, known as a crypto wallet drainer, is proliferating and one of the ways scammers find new victims is through malicious browser extensions.

A crypto wallet drainer is basically any type of fraudulent method that gives bad actors unauthorized access to a user’s crypto wallet. In the case of browser extensions, we find malicious extensions masquerading as legitimate extensions from trusted, known crypto wallets. Unfortunately for users who install a scam crypto wallet extension and input their private keys and credentials, the effects are often immediate and devastating. The funds quickly vanish and they’re virtually impossible to recover.

The FBI’s Internet Crime Complaint Center receives an average of 836,000 complaints per year comprising all manner of online scams. (Source: 2024 FBI Crime Report)

According to Add-ons Operations Manager Andreas Wagner, who leads content security and review efforts, AMO (addons.mozilla.org) has uncovered “hundreds” of scam crypto wallets over the past few years. “It’s a constant cat and mouse game,” Wagner explains, as “developers try to work around our detection methods.”

To help protect Firefox users, the Add-ons Operations team developed an early detection system designed to identify and stop crypto scam extensions before they find traction with unsuspecting users. The first layer of defense involves automated indicators that determine a risk profile for wallet extensions submitted to AMO. If a wallet extension reaches a certain risk threshold, human reviewers are alerted to take a deeper look. If found to be malicious, the scam extensions are blocked immediately.

While add-on reviewers are doing everything they can to find and snuff out crypto wallet scams before they can do harm, there are things users should be aware of as well to help protect themselves. “Check your crypto wallet’s website to see if they have an official extension, and only use the one they link to,” advises Wagner, while adding you might also consider reaching out directly to your crypto wallet service to confirm you’re selecting a legitimate extension. You can never be overly cautious when it comes to protecting your digital assets. There are too many disastrous tales out there.

The post Crypto wallet scams — thwarting a new threat appeared first on Mozilla Add-ons Community Blog.

by Scott DeVaney at May 30, 2025 06:39 PM

SUMO Blog — Decommissioning of the Social Support and Mobile Store Support programs

Hi everyone,

After much thoughtful consideration and evaluation, we’ve made the difficult decision to officially decommission the Social Support and Mobile Store Support programs. This wasn’t a decision made lightly. We recognize the immense dedication, time, and care, that so many of you have poured into these programs over the years. We’re truly grateful for everything you’ve done to support users and represent Mozilla in these spaces that have made users feel heard, supported, and connected to our mission.

The primary reason behind this decision is our team’s choice to discontinue activity on the X platform (formerly known as Twitter). While we value the interaction and connections we’ve had on this channel in the past, the social media landscape has evolved, and we’ve seen a steady decline in the impact of our interactions in this channel.

While we are stepping back from the platform, we have intentionally chosen to maintain ownership of our existing accounts (including @FirefoSupport and @SUMO_Mozilla). This allows us to protect our identity, prevent impersonation and maintain a minimal presence in case an emergency situation arises.

This change also reflects a shift in our overall support strategy, as we’ll be focusing our limited resources on the Mozilla Support Community Forums as our primary support channel. Over the past year, we’ve seen a notable increase in forum activity, but our ability to respond hasn’t been able to keep up with the volume. For comparison, our Q1 2025 total volume increased for almost 120% (exclude those that marked as spam) compared to the same period last year. There’s a growing need and clear opportunity for us to do more here, and your continued involvement will be more valuable than ever.

Although these programs are winding down, the impact you’ve had has been meaningful and deeply appreciated. And to honor your contributions, we’ve issued a set of special SUMO badges to recognize those of you who supported these efforts over the years.

Due to the limited data retention policy from the third-party tool that we’re using, we were only able to retrieve contributor data going back to 2023. Based on this, we’ve issued a total of seven badges:

Top 3 Contributors for Social Support (2023, 2024, and 2025)
Top 3 Contributors for Mobile Store Support (2023, 2024, and 2025)
An Honorary Badge for everyone who made a significant contribution to these programs

Thank you for your passion, commitment, and dedication to these programs throughout the years. Many of you have made a real difference for countless Firefox users around the world. This is a moment to reflect and be proud of everything we’ve done together.

To read our FAQ related to this decision, feel free to check out this Community Discussion thread. If you have additional questions or concerns, you can also share on the same thread.

by Rizki Kelimutu at May 30, 2025 04:19 PM

The Mozilla Blog — What happens when you don’t choose your browser? Let’s talk about it at SXSW London

Most people use whatever browser comes pre-installed. But your browser default shapes your online experience more than you realize.

At SXSW London, we’re asking: What does real choice look like on today’s internet, and who’s still building for it?

In this live conversation, Mozilla CEO Laura Chambers will share how AI-powered feeds, platform lock-in, and in-app browsers are subtly limiting discovery and agency online. She’ll share why Mozilla continues to build outside dominant ecosystems; how Firefox is designed to put people, not profit, first; and what it takes to stay mission-aligned in an industry that rewards scale over values.

Come join the conversation on Thursday, June 5 at 3:20 p.m. at Shoreditch Electric as part of the 2050: Future-Thinking track at SXSW London.

Add the session to your SXSW schedule (and bring your big question!)

The post What happens when you don’t choose your browser? Let’s talk about it at SXSW London appeared first on The Mozilla Blog.

by Mozilla at May 30, 2025 02:51 PM

May 28, 2025

Blog of Data — Glean Memory Usage Reporting

Since Bug 1896609 landed we now have Glean & Firefox on Glean (FOG) memory reporting built into the Firefox Memory Reporter. This allows us to measure the allocated memory in use by Glean and FOG. It currently covers memory allocated by the C++ module of FOG and all instantiated Glean metrics. It does not yet measure the memory used by Glean and its database.

How it works

Firefox has a built-in memory usage reporter, available as about:memory. Components of Firefox can expose their own memory usage by implementing the nsIMemoryReporter interface. FOG implements this interface and delegates the measurement to the firefox-on-glean Rust component.

firefox-on-glean then collects the memory usage of objects under its own control: all user-defined and runtime-instantiated metrics, additional hashmaps used to track metrics & all user-defined and runtime-instantiated pings. It will soon also collect the memory size of the global Glean object, and thus the memory used for built-in metrics as well as the in-memory database.

Memory measurement works by following all heap-allocated pointers, asking the allocator for the memory size of each and summing everything up. Because we do most of this measurement in Rust we use the existing wr_malloc_size_of crate, which already implements the correct measurement for most Rust libstd types as well as some additional library-provided types. Our own types implement the required trait using malloc_size_of_derive for automatically deriving the trait, or manual implementations.

How it looks

The memory measurement is built into Firefox and works in every shipped build. Open up about:memory in a running Firefox, click the “Measure” button and wait for the measurement. Once all data is collected it will show a long tree of measured allocations across all processes. Type fog into the filter box on the right to trim it down to only allocations from the fog component. The exact numbers differ between runs and operating systems.

You will see a view similar to this:

about:memory on a freshly launched developer build of Firefox. fog reports 0.35 MB of allocated memory in the main process.

After opening a few tabs and browsing the web a new measurement on about:memory will show a different number, as Glean is instantiating more metrics and therefore allocating more memory. This number will grow as more metrics are instantiated and kept in memory.

This currently does not show the allocations from the global Glean object and its in-memory database. In the future we will be able to measure those allocations as well. In a prototype locally this already works as expected: As more data is recorded and stored the allocated memory grows. Once a ping is assembled, submitted and sent the allocations will be freed and about:memory will report less memory allocated again.

by Jan-Erik Rediger at May 28, 2025 12:17 PM

May 24, 2025

The Mozilla Blog — A smarter, simpler Firefox address bar

Firefox’s address bar just got an upgrade, and it’s all about putting you in control.

It’s faster, easier to use and built to support how you search and browse — while staying true to what makes Firefox, Firefox: real user choice, strong privacy and transparency.

Built to help you search faster and get things done

The address bar is where browsing begins. It’s more than a space for URLs. It’s a command center for search, navigation, productivity and discovery. Here’s how we’ve improved it:

Unified search button

Firefox browser search bar showing the option to search 'sprocket gear' using different sources like Google, Amazon, Bing, DuckDuckGo, eBay, Wikipedia, Bookmarks, Tabs, and History.

Choose how you search, right from the address bar
The new search button puts your preferred engines front and center, making it easier to switch between providers and search modes based on what you need. It improves visibility, supports re-running searches with ease, and ultimately reflects something core to Firefox: giving users real choice in how they explore the web.

Easily continue your search

Firefox browser showing a Google search results page for 'Mozilla Firefox shirt' with a dropdown menu to switch the search source to Amazon, Bing, DuckDuckGo, eBay, Wikipedia, or browser data like Bookmarks, Tabs, and History.

Keep your original search visible
When you perform a search, your query now remains visible in the address bar instead of being replaced by the search engine’s URL. Whereas before your address bar was filled with long, confusing URLs, now it’s easier to refine or repeat searches. It’s especially helpful for keeping you productive while performing research and multistep tasks.

@ Shortcuts

Firefox search with “@actions” shows quick commands like managing bookmarks, extensions, themes, and settings, plus options to open private windows, take screenshots, or update Firefox.

Search your tabs, bookmarks and history using simple keywords
You can access different search modes in the address bar using simple, descriptive keywords like @bookmarks, @tabs, @history, and @actions, making it faster and easier to find exactly what you need.

Quick Actions

Firefox browser with the search bar showing “Actions” and a grid of quick command options, including view add-ons, manage bookmarks, clear recent history, view downloads, manage extensions, Firefox help, open Firefox View, open Developer Tools, manage passwords, print page, open private window, refresh Firefox, restart Firefox, save page as PDF, take a screenshot, manage settings, manage themes, update Firefox, and view page source.

Type a command, and Firefox takes care of it
You can now perform actions like “clear history,” “open downloads,” or “take a screenshot” just by typing into the address bar. This turns the bar into a practical productivity tool — great for users who want to stay in the flow.

Smart shortcuts

Firefox address bar showing a search for “the mozilla blog,” with a Firefox Suggest option to switch to an already open tab containing The Mozilla Blog website.

Do more from your search suggestions
These buttons appear contextually within your search suggestions, offering relevant shortcuts like “search with [site name]” or “switch to tab.” They reduce clicks and help users get where they’re going faster.

HTTPS trim

Firefox browser displaying the 'Example Domain' webpage, which is used for illustrative purposes, with a “Not Secure” warning in the address bar for http://example.com.

Cleaner URLs with smarter security cues
We’ve simplified the address bar by trimming “https://” from secure sites, while clearly highlighting when a site isn’t secure. This small change improves clarity without sacrificing awareness.

More than a visual refresh

These updates are part of a larger direction we’re taking in Firefox — toward a browser that supports people in all parts of their online lives, from quick lookups to complex research.The new address bar is now available in Firefox version 138. It’s faster, more intuitive and designed to work the way you do.

Get the browser that puts your privacy first – and always has

Download Firefox

The post A smarter, simpler Firefox address bar appeared first on The Mozilla Blog.

by Gayatri Pendse at May 24, 2025 01:06 AM

May 23, 2025

The Mozilla Blog — The most L.A. corner of the internet

Person wearing sunglasses and a brown mesh polo shirt, framed by green leaves, with pixel-style heart and document icons overlaid on a yellow grid background.

We caught up with Javier Cabral, the editor-in-chief of L.A. Taco, a culture site covering life (and tacos) in Los Angeles. He talks about starting out as a teenage food blogger, going deep on espresso Reddit, and being fully prepared to defend his take that carnitas should never be topped with salsa.

What was the first online community you engaged with?

Back in 2007 — before Instagram, Yelp, when the first cameras on phones were just starting to come out — I started a food blog called Teenage Glutster. I was 16. And my first community was people who commented on my writing. It was not vitriolic… it was very supportive. Things are different now, but over the years, I figured out how to respond or not respond to trolls, to message boards, to random comments online. Back then I would just walk by restaurants, grab menus, study them and write about them. And yes, the blog is still up.

What is your favorite corner of the internet?

Well, you have to realize that when you ask the editor of an independent online publication, the internet starts to become all work and errands. It gets harder and harder to use it for fun.

So my favorite corner is wherever I can decompress. After publishing stressful stories— obituaries, stuff that could get us sued — I just want to chill. That’s when I’m scrolling Reddit. Lately, I’ve been on the Marzocco subreddit. My wife just got me a Marzocco espresso machine. It’s this very professional, expensive, stupid-high-quality machine that requires finesse. If you use the wrong tamp, you void the warranty. But there’s an art to it, like pulling a perfect shot of espresso. That subreddit has been my go-to for about six months. It’s just cool to have the internet be a place that isn’t dread or trolling or deadlines.

It’s getting so hard to have good, clean thrills in our lives. You know, in a world where everything feels like slow self-destruction, this hobby feels wholesome. The machine is expensive, and it just went up in price because of tariffs, but I’ve already pulled hundreds of shots. I know folks who love the ritual of walking to their local shop. I respect that. But you can also develop that same ritual at home and build a real passion around it.

So yeah, that’s my current little corner of the internet.

What is an internet deep dive that you can’t wait to jump back into?

I oversee a publication, so I’m always watching to see what performs. But it gets harder to predict what’ll take off. The news cycle moves fast, especially with things like Trump, AI, doomscrolling.

I’m especially interested in why people are willing to pay our membership rate — it’s like $6/month — to find out things like the top 25 breakfast burritos in L.A. That’s part of what I want to keep doing deep dives into — readership insights and what those patterns actually mean right now.

Also, the relationship between creators and journalists. I’m sensing a real divide. But creators need what journalists need: engagement, attention, readers. Where can we meet in peace? I want to keep researching that.

I went to community college for journalism, and things were already changing fast then. I can only imagine what it’s like for students now. But they still want to write and create with ethics and integrity. That’s the future of journalism.

What is the one tab you always regret closing?

I always say to myself, “Okay, I’m going to shut my computer at 5 p.m. and be a normal human.” But it rarely happens. There’s always another story, another case, something I have to get done. So I always regret closing my browser in general. Even after you finish a story and send it off to socials, there’s usually something you forgot.

What can you not stop talking about on the internet right now?

Tacos. I was just on The Dave Chang Show, and I’m getting a lot of heat for what I said. I said carnitas aren’t meant to be eaten with salsa. You’re supposed to eat them with jalapeño in vinegar. That sparked a lot of reactions. But I stand by everything I publish. I’m always prepared to defend it in a dark alley, if needed.

Today they published another clip where I was actually defending Dave Chang. He said you should only order tacos four at a time so they stay hot. That way, when you’re ready, you can go back and get another round fresh. People were upset about that too.

But yeah. Two decades later, I still can’t stop talking about tacos online.

If you could create your own corner of the internet, what would it look like?

I already feel like I’ve created it with L.A. Taco because I’m the editor-in-chief. Every story is something I believe in. Either I wrote it or I wanted to read it.

Still, I’d expand it. I’d love to do more travel guides. I’ve always admired travel writers. I have friends who do it, and I’ve always wanted to do what they do. I’m actually working on a big guide right now for Ensenada.

Also, we started the L.A. Taco Media Lab. We’re working with younger students and aspiring journalist-creators. We want to help them get their first bylines. I used to do that all on my own. Now we have the framework to help more people do it.

The internet is better when we hear from everyone, not just the same old voices.

What articles and/or videos are you waiting to read/watch right now?

I’ve bookmarked a piece from Columbia Journalism Review about how journalists and newsrooms are using AI. I don’t want to be a grouch about AI. I also don’t want to surrender to it. Navigating [that tension] is something I care a lot about.

What’s the most L.A. corner of the internet?

L.A. Taco. We’re holding it down. No shame in saying that.

When we gather at membership events, it’s clear we represent the L.A. I fell in love with. A place where tacos unite people. A place where we do real reporting, research, fact-checking. Stories we talk about with our friends and families.

There’s nothing like this anywhere else. Not even in Mexico. Here, we have the power of the free press. And people always want to know where the best tacos are.

L.A. is hands down the taco capital of the U.S. No contest. Not Chicago, not San Francisco, not Texas, not New York. We’re at the forefront.

So yes, L.A. Taco is the most L.A. corner of the internet. No doubt about it.

The post The most L.A. corner of the internet appeared first on The Mozilla Blog.

by Kristina Bravo at May 23, 2025 04:36 PM

May 22, 2025

The Mozilla Blog — Investing in what moves the internet forward

Firefox is the only major browser not backed by a billionaire and our independence shapes everything we build. This independence allows us to prioritize building products and tools, which shape the future of the internet for the better. And it means we have to be intentional about where we invest our time and resources so we can make the biggest impact.

As users’ everyday needs evolve alongside with the web itself, it’s imperative we focus our efforts on Firefox and building new solutions that give you real choice, control and peace of mind online.

With that in mind, we’ve made the difficult decision to phase out two products: Pocket, our read-it-later and content discovery app, and Fakespot, our browser extension that analyzes the authenticity of online product reviews.

Here’s what’s happening

Pocket shuts down July 8, 2025
- You will no longer be able to download Pocket or purchase a new Pocket Premium subscription from May 22, 2025.
- Premium monthly and annual subscriptions will be cancelled automatically. Annual subscribers will receive automatic refunds from July 8, 2025.
- Users can export saves anytime until October 8, 2025, after which their data will be permanently deleted.
- API users will no longer be able to transact data (read or write) over Pocket’s API from October 8, 2025 and will need to export their data before this date.
- For more information, including refund details for Premium annual subscribers and how to export saves, go to our Pocket support article.
Fakespot shuts down on July 1, 2025
- You will no longer be able to use the Fakespot extensions, mobile apps, or website from July 1, 2025.
- The Fakespot feature within Firefox known as Review Checker will shut down on June 10, 2025.

Focusing on what powers better browsing

We acquired Fakespot in 2023 to help people navigate unreliable product reviews using AI and privacy-first tech. While the idea resonated, it didn’t fit a model we could sustain.

Pocket has helped millions save articles and discover stories worth reading. But the way people save and consume content on the web has evolved, so we’re channeling our resources into projects that better match browsing habits today. Discovery also continues to evolve; Pocket helped shape the curated content recommendations you already see in Firefox, and that experience will keep getting better. Meanwhile, new features like Tab Groups and enhanced bookmarks now provide built-in ways to manage reading lists easily.

Thank you for helping shape what comes next

We’re grateful to the communities that made Pocket and Fakespot meaningful. As we wind them down, we’re looking ahead to focusing on new Firefox features that people need most.

This shift allows us to shape the next era of the internet – with tools like vertical tabs, smart search and more AI-powered features on the way. We’ll continue to build a browser that works harder for you: more personal, more powerful and still proudly independent.

The post Investing in what moves the internet forward appeared first on The Mozilla Blog.

by Mozilla at May 22, 2025 04:00 PM

May 20, 2025

The Mozilla Thunderbird Blog — VIDEO: Talking MZLA with Ryan Sipes

In this month’s Community Office Hours, we’re chatting with our director Ryan Sipes. This talk opens with a brief history of Thunderbird and ends on our plans for its future. In between, we explain more about MZLA and its structure, and how this compares to the Mozilla Foundation and Corporation. We’ll also cover the new Thunderbird Pro and Thundermail announcement And we talk about how Thunderbird put the fun in fundraising!

And if you’d like to know even more about Pro, next month we’ll be chatting with Services Software Engineer Chris Aquino about our upcoming products. Chris, who most recently has been working on Assist, is both incredibly knowledgeable and a great person to chat with. We think you’ll enjoythe upcoming Community Office Hours as much as we do.

April Office Hours: Thunderbird and MZLA

The beginning is always a very good place to start. We always love hearing Ryan recount Thunderbird’s history, and we hope you do as well. As one of the key figures in bringing Thunderbird back from the ashes, Ryan is ideal to discuss how Thunderbird landed at MZLA, its new home since 2020. We also appreciate his perspective on our relationship to (and how we differ from) the Mozilla Foundation and Corporation. And as Thunderbird’s community governance model is both one of its biggest strengths and a significant part of its comeback, Ryan has some valuable insights on our working relationship.

Thunderbird’s future, however, is just as exciting a story as how we got here. Ryan gives us a unique look into some of our recent moves, from the decision to develop mobile apps to the recent move into our own email service, Thundermail, and the Thunderbird Pro suite of productivity apps. From barely surviving, we’re glad to see all the ways in which Thunderbird and its community are thriving.

Watch, Read, and Get Involved

The entire interview with Ryan is below, on YouTube and Peertube. There’s a lot of references in the interview, which we’ve handily provided below. We hope you’re enjoying these looks into what we’re doing at Thunderbird as much as we’re enjoying making them, and we’ll see you next month!

VIDEO (Also on Peertube):

Resources

The untold history of Thunderbird: https://blog.thunderbird.net/2023/11/the-untold-history-of-thunderbird/
The Mozilla Foundation: https://wiki.mozilla.org/Foundation
Thunderbird’s New Home at MZLA: https://blog.thunderbird.net/2020/01/thunderbirds-new-home/
Community Office Hours with the Thunderbird Council: https://blog.thunderbird.net/2024/09/video-learn-about-the-thunderbird-council/
The Mozilla Manifesto: https://www.mozilla.org/about/manifesto/
Thundermail and Thunderbird Pro Announcement: https://blog.thunderbird.net/2025/04/thundermail-and-thunderbird-pro-services/
Get Involved: https://www.thunderbird.net/participate/

The post VIDEO: Talking MZLA with Ryan Sipes appeared first on The Thunderbird Blog.

by Monica Ayhens-Madon at May 20, 2025 01:05 PM

SUMO Blog — Introducing Flavius Floare

Hi folks,

I’m so excited to share that Flavius Floare joined our team recently as a Technical Writer. He’s working alongside with Dayani to handle the Knowledge Base articles. Here’s a bit more from Flavius himself:

Hi, everyone. My name is Flavius, and I’m joining the SUMO team as the new Technical Writer. I’m really excited to be here and look forward to collaborating with you. My goal is to be as helpful as possible, so feel free to reach out to me with suggestions or feedback.

Please join me to welcome Flavius into the team. He will also join our community call this week, so please make sure to join us tomorrow to say hi to him!

by Rizki Kelimutu at May 20, 2025 08:22 AM

May 17, 2025

Web Application Security — Firefox Security Response to pwn2own 2025

At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature release management and security engineering practices. These practices combined with well-trained and talented Firefox teams are also the reason why we respond to security bugs as quickly as we do. This week at the security hacking competition pwn2own, security researchers demonstrated two new content-process exploits against Firefox. Neither of the attacks managed to break out of our sandbox, which is required to gain control over the user’s system.

Out of abundance of caution, we just released new Firefox versions in response to these attacks – all within the same day of the second exploit announcement. The updated versions are Firefox 138.0.4, Firefox ESR 128.10.1, Firefox ESR 115.23.1 and Firefox for Android. Despite the limited impact of these attacks, all users and administrators are advised to update Firefox as soon as possible.

Just last year at the same security event, we responded to an exploitable security bug within 21 hours, for which we earned an award as the fastest to patch. But this year was special. This year, two security researchers signed up to attack Firefox at pwn2own. We continued the same rapid security response this year too.

Background

Pwn2Own is an annual computer hacking contest where participants aim to find security vulnerabilities in major software such as browsers. This year, the event was held in Berlin, Germany, and a lot of popular software was listed as potential targets for security research. As part of the event preparation, we were informed that Firefox was also listed as a target. But it took until the day before the event when we learned that not just one but two groups signed up to demonstrate their work.

Typically, people attacking a browser require a multi-step exploit. At first, they need to compromise the web browser tab to gain limited control of the user’s system. But due to Firefox’s robust security architecture, another bug (a sandbox escape) is required to break out of the current tab and gain wider system access. Unlike prior years, neither participating group was able to escape our sandbox this year. We have verbal confirmation that this is attributed to the recent architectural improvements to our Firefox sandbox which have neutered a wide range of such attacks. This continues to build confidence in Firefox’s strong security posture.

To review and fix the reported exploits a diverse team of people from all across the world and in various roles (engineering, QA, release management, security and many more) rushed to work. We tested and released a new version of Firefox for all of our supported platforms, operating systems, and configurations with rapid speed.

Our work does not end here. We continue to use opportunities like this to improve our incident response. We will also continue to study the reports to identify new hardening features and security improvements to keep all of our Firefox users across the globe protected.

Related Resources

If you’re interested in learning more about Mozilla’s security initiatives or Firefox security, here are some resources to help you get started:

Mozilla Security
Mozilla Security Blog
Bug Bounty Program

Furthermore, if you want to kickstart your own security research in Firefox, we invite you to follow our deeply technical blog at Attack & Defense – Firefox Security Internals for Engineers, Researchers, and Bounty Hunters .

The post Firefox Security Response to pwn2own 2025 appeared first on Mozilla Security Blog.

by Frederik Braun at May 17, 2025 09:17 PM

May 16, 2025

The Mozilla Blog — The future of the web depends on getting this right

The remedies phase of the U.S. v. Google LLC search case wrapped up last week. As the Court weighs how to restore competition in the search market, Mozilla is asking it to seriously consider the unintended consequences of some of the proposed remedies, which, if adopted, could harm browser competition, weaken user choice and undermine the open web.

Mozilla has long supported competition interventions in tech markets. Recent highlights include campaigns to pass the American Innovation and Choice Online Act, reports detailing the operating system power wielded by Apple, Google and Microsoft (among others), and detailed research into remedy design on Android and Windows to support the enforcement of EU Digital Markets Act.

In relation to the Google Search case, our message is simple: search competition must improve, but this can be done without harming browser competition.

As the maker of Firefox and Gecko, the only major browser engine left competing with Big Tech, we know what it means to fight for privacy, innovation and real choice online. That is why we have filed an amicus brief, urging the Court not to prohibit Google from making search revenue payments to independent browsers (i.e., browser developers that do not provide desktop or mobile devices or operating systems). Such a ban would destroy valuable competition in browsers and browser engines by crippling their ability to innovate and serve users in these fundamentally important areas. As explained in our amicus brief:

Mozilla has spent over two decades fighting for an open and healthy internet ecosystem. Through developing open source products, advancing better web standards, and advocating for competition and user choice, Mozilla has tangibly improved privacy, security, and choice online. Much of this work is funded by Firefox’s search revenue and implemented in Gecko—the last remaining cross-platform browser engine challenger to Google’s Chromium.
Firefox offers unparalleled search choice. Mozilla has tried alternatives (like Yahoo! In 2014-2017) and knows that Google Search is the preferred option of Firefox users. While Google provides the default search engine, Firefox offers multiple, dynamic ways for people to change their search engine.
Banning search payments to independent browsers would threaten the survival of Firefox and Gecko. The Court previously recognized that Mozilla depends on revenue share payments from Google. This was underlined by testimony the Court heard from Eric Muhlheim, Mozilla’s CFO. Eric explained how complex and expensive it is to maintain Firefox and Gecko and why switching to another search provider would result in a “precipitous” decline in revenue. Undermining Mozilla’s ability to fund this work risks handing control of the web to Apple and Google and further entrenching the power of the largest tech companies.
Banning search payments to independent browsers would not improve search competition. Independent browsers play an important role in the ecosystem, far beyond their market share. The Court previously found that they account for 2.3% of US search traffic covered by Google’s contracts. As a result, the DOJ’s expert calculated that banning payments to independent browsers would shift only 0.6% of Google’s current market share to another search engine. This is not a prize worth destroying browser competition for.

At Mozilla, we believe that a more tailored approach to the remedies is absolutely critical. The Court should permit independent browsers like Firefox to continue to receive revenue share payments from Google to avoid further harm to competition. This would be a consistent approach with other jurisdictions that have sought to improve search competition and would not undermine the effectiveness of any remedies the court orders.

To learn more about Mozilla’s position and why we’re urging the Court to carefully consider the unintended consequences of these proposed remedies, read our full amicus brief.

The post The future of the web depends on getting this right appeared first on The Mozilla Blog.

by Mozilla at May 16, 2025 06:02 PM

May 15, 2025

The Mozilla Thunderbird Blog — Thunderbird for Mobile April 2025 Progress Report

Here is an update of what Thunderbird’s mobile community has been up to in April 2025. With a new team member, we’re getting Thunderbird for iOS out in the open and continuing to work on release feedback from Thunderbird for Android.

The Team is Growing

Last month we introduced Todd and Ashley to the MZLA mobile team, and now we have another new face in the team! Rafael Tonholo joins us as a Senior Android Engineer to focus on Thunderbird for Android. He also has much experience with Kotlin Multiplatform, which will be beneficial for Thunderbird for iOS as well.

Thunderbird for iOS

We’ve published the initial repository of Thunderbird for iOS! The application doesn’t really do a lot right this moment, since we intend to work very incrementally and start in the open. You’ll see a familiar welcome screen, slightly nicer than Thunderbird for Android and have the opportunity to make a financial contribution.

Testflight Distribution

We’re planning to distribute Thunderbird for iOS through TestFlight. To support that, we’ve set up an Apple Developer account and completed the required verification steps.

Unlike Android, where we maintain separate release and beta versions, the iOS App Store will have a single “Thunderbird” app. Apple prefers not to list beta versions as separate apps, and their review process tends to be stricter. Once the main app is published, we’ll be able to use TestFlight to offer a beta channel.

Before the App Store listing goes live, we’ll use TestFlight to distribute our builds. Apple provides an internal TestFlight option that doesn’t require a review, but it only works if testers have access to the developer account. That makes it unsuitable for community testing.

Initial Features for the Public Testflight Alpha

To share a public TestFlight link, we need to pass an initial App Store review. Apple expects apps to meet a minimum bar for functionality, so we can’t publish something like a simple welcome screen. Our goal for the first public TestFlight build is to support manual account setup and display emails in the inbox. Here are the specifics:

Initial account setup will be manual with hostname/username/password.
There will be a simple message list that will only show the INBOX folder messages, with a sender, subject, and maybe 2–3 preview lines.
You’ll have the opportunity to pull to refresh your inbox.

That is certainly not what you’d call a fully functional email client, but it could qualify for bare minimum functionality required for the Apple review. We have more details and a feature comparison in this document.

In other exciting news, we’re going to build Thunderbird for iOS with JMAP support first and foremost. While support on the email provider side is limited, we start with a modern email stack. This will allow us to build towards some of the features that email from the late 80’s was missing. We’ll be designing the code architecture in a way that adding IMAP support is very simple, so it will ideally follow soon after.

iOS Release Engineering and Localization

We’ve also gone through a few initial conversations on what the release workflow might look like. We’re currently deciding between:

GitHub Actions with Upload Actions (Pro: very open, re-use of some work on the Thunderbird for Android side. Con: Custom work, not many well-supported upload actions)
GitHub Actions with Fastlane (Pro: very open, well-supported, uses the same listing metadata structure we already have on Android. Con: Ruby as yet another language, no prior releng work)
Xcode Cloud (Pro: built in to Xcode, easy to configure, we’ll probably get by with the free tier for quite some time. Con: Not very open, increasing build cost)
Bitrise (Pro: Easy to configure, used by Firefox for iOS, we’ll get some support from Mozilla on this. Con: Can be pricy, not very open)

For now, our release process is pressing a button every once in a while. Xcode makes this very easy, which gives the release operations more time to plan a solution.

For localization, we’re aiming to use Weblate, just as Thunderbird for Android. The strings will mostly be the same, so we don’t need to ask our localizers to do double work.

Thunderbird for Android

We’re still focusing on release feedback by working on the drawer and looking to improve stability. April has very much been focused on onboarding the new team. I’ll keep the updates in this section a bit more brief, as we have less to explore and more to fix

We’ve accepted a new ADR to change the shared modules package from app.k9mail and com.fsck to net.thunderbird. We’ll be doing this gradually when migrating over legacy code.
Ashley has fixed a few keyboard accessibility issues to get started. She has also resolved a crash related to duplicate folder ids in the drawer. Her next projects are improving our sync debug tooling and other projects to resolve stability issues in retrieving emails.
Clément Rivière added initial support for showing hierarchical folders. The work is behind a feature flag for now, as we need to do some additional refactoring and crash fixes before we can release it. You can however try it out on the beta channel.
Fishkin removed a deprecated progress indicator, which provides slightly better support for Android watches.
Rafael fixed an issue related to Outlook/Microsoft accounts. If you have received the “Authentication Unsuccessful” message in the past, please try again on our beta channel.
Shamim continues on his path to refactor and move over some of our legacy code into the new modular structure. He also added support to attach files from the camera, and has resolved an issue in the drawer where the wrong folder was selected.
Timur Erofeev added support for algorithmic darkening where supported. This makes dark mode work better for a wider range of emails, following the same method that is used on web pages.
Wolf has been working diligently to improve our settings and drawer infrastructure. He took a number of much needed detours to refactor legacy code, which will make future work easier. Most notably, we have a new settings system based on Jetpack Compose, where we will eventually migrate all the settings screens to.

That’s a wrap for April! Let us know if you have comments, or see opportunities to help out. See you soon!

The post Thunderbird for Mobile April 2025 Progress Report appeared first on The Thunderbird Blog.

by Philipp Kewisch at May 15, 2025 02:26 PM

May 13, 2025

The Mozilla Blog — ‘Shifting left’ for better accessibility in Firefox

Illustration showing accessibility features: a microphone icon for voice input, "Aa" for text size, a hand tapping gesture, and an eye icon for visual settings.

As a product manager for Firefox, one of the areas I’m most passionate about is accessibility. This is not only because I’m a disabled person myself, but also because I’ve seen firsthand that building in accessibility from the beginning results in better outcomes for everyone. Our new profile management feature is a great example of this approach.

Shifting left means building accessibility in from the start

If you picture the product development process as a horizontal line, with “user research” on the extreme left and “launch to market” on the extreme right, accessibility tends to fall on the right side of the line. On the right side of the line, we are reactive: the product is already built for the needs of non-disabled users, so we’re just checking it for accessibility bugs. On the right side of the line, it’s often too late or very expensive to fix accessibility bugs, so they don’t get fixed. On the right side of the line, the best we can hope for is accessibility compliance with an industry standard like WCAG. On the right side of the line, we are more likely to build something unusable – even if we checked all the accessibility compliance boxes.

So how do we ensure that accessibility moves to the other end of the line, the left side? One of the most powerful ways to “shift left” is to include disabled people in the process as early as possible. On the left side of the line, we become proactive: we build products with disabled folks, not for them. On the left side of the line, we prevent accessibility bugs from ever happening because we spot them in the designs. On the left side of the line, we have a chance to go beyond compliance and achieve accessibility delight. On the left side of the line, working together, we have a better chance to discover curb cut effects: solutions designed with people with disabilities that end up benefitting everyone.

How Firefox profiles shifted left

Firefox is not always on the left side of the line, but we’ve been working hard over the last couple years to “shift left.”

I’m a proudly disabled university student who works full time and is passionate about rowing and musical theater. I made four profiles: medical, school, work and personal. Each profile has its own unique avatar, color theme and name so I can easily recognize and switch between them in one click. I especially love that browsing history, bookmarks and tabs no longer intermix. I’m now much less likely to accidentally share my health information with my professors or my strategic work plans with fellow Sondheim nerds.

Throughout this project, we partnered with disabled folks to aim for accessibility compliance and, more importantly, delight. They gave us valuable feedback from our very first user research studies and continue to do so.

One group dreamed up brand new ideas and suggested enhancements during an in-depth review of an early prototype (including an awesome curb-cut effect we hope to share with you later this year). Testers who are experts in assistive tech (AT) pinpointed areas where we still needed to improve.

This truly was a community effort. We learned a lot, and we have more work to do.

Try profiles now and help shape what’s next

While we’d love to make it available to everyone immediately, profile management is more complex than it probably appears: It’s built on core Firefox code, and it interacts with and affects several other features and essential systems. To ensure Firefox and the profile management feature remain stable and compatible, we need to continue our incremental rollout for now.

In the meantime, we’d love for you to use profile management on Nightly and Beta, where it’s on by default for everyone, then share your thoughts in this thread on Mozilla Connect, our forum for community feedback and ideas. You’ll help us validate fixes and catch new bugs, as well as get early access to new features and enhancements.

At least 29% of the population is disabled, which means many of you have the insight and lived experience to help Firefox “shift left” on accessibility. That collaboration is already shaping a better browser — and a better web.

Get the browser that puts your privacy first – and always has

Download Firefox

The post ‘Shifting left’ for better accessibility in Firefox appeared first on The Mozilla Blog.

by Kim Bryant at May 13, 2025 09:52 PM

The Mozilla Blog — Jump into Firefox Labs: A place to try new features and help shape Firefox

Ever thought, “I wish I could try that new Firefox feature early?” Good news – we’ve been trying out new features and now, you can try them out, too.

Firefox Labs is our space for sharing experimental features with our community before they’re fully baked. It’s a chance to play around with new ideas, tell us what’s working (and what’s not) and help shape the future of Firefox together.

Early access to what we’re building

Firefox Labs is built on a simple idea: If we’re building for Firefox users, we should be building with them, too.

“We created Firefox Labs to get features into users’ hands earlier,” said Karen Kim, senior product manager at Mozilla. “It’s a safe space where people can turn things on, play around, and help us learn faster.”

In the past, testing out new ideas usually meant downloading special builds like Nightly or digging into advanced settings. That’s not for everyone. Firefox Labs makes it way easier — just head to your Firefox settings, flip a switch, and try something new.

It’s inspired by our old Test Pilot program (shoutout to longtime Firefox fans!), which helped launch popular features like picture-in-picture. Firefox Labs carries that same spirit — but with a closer connection to the people using Firefox today.

Try these Firefox Labs features now

We’ve got a couple of features live in Firefox Labs that you can try today:

Custom wallpapers for new tab

Inspired by your feedback, you can now upload your own image or choose from a set of new wallpapers and colors to customize your Firefox home screen.

“You can choose your own color — go bold, go subtle, it’s completely up to you,” said Amber Meryman, product manager for the New Tab team. “We’ve added a new celestial category, plus even more images across all your favorite themes, these new wallpapers are all about making Firefox feel more like you.”

Pet photos, space scenes, whatever you’re into – the choice is up to you.

Link previews

Not sure if that link is worth clicking? Link previews give you a quick snapshot of what’s behind a link — so you can decide if it’s relevant before opening a new tab.

“Link previews are about saving time and reducing clutter,” said Joy Chen, who works on Firefox’s AI Experiences team. “When you’re scanning a lot of content, it’s easy to feel overwhelmed. Link Previews helps you quickly assess what’s most relevant to you, so you can browse and learn more efficiently.”

The team is already seeing valuable feedback in Firefox Labs, from shortcut suggestions to content quality questions.

“All of it helps — even critical feedback gives us a clearer picture of how people might use or feel about these tools,” Joy said.

Link previews are especially handy for staying focused while doing research, browsing news, or avoiding tab overload.

How to share feedback (yes, we’re listening)

Each experiment includes a link to Mozilla Connect — our community hub for feedback, suggestions, and discussion. If you sign in or create an account, it’s where you can:

Share what you love (or what’s confusing)
Suggest improvements
See what others are saying
Help guide what we build next
Hear directly from product teams and engineers who regularly jump into the conversation

How to get started with Firefox Labs

First, check to make sure you’re using the latest version of Firefox. Then:

Go to Settings > Firefox Labs (it only shows up if a feature is available).
Turn on a feature and give it a try.
Head to Connect to share your thoughts!

Your ideas help shape Firefox. Many features like custom wallpapers got their start from community posts. Your idea could be next -– head to Mozilla Connect.

So whether you want to test new features, share your thoughts, or just peek at what’s coming, Firefox Labs is your front-row seat to the future of Firefox.

Update: The post was revised on May 14 to clarify a quote about link previews.

Get the browser that puts your privacy first – and always has

Download Firefox

The post Jump into Firefox Labs: A place to try new features and help shape Firefox appeared first on The Mozilla Blog.

by Jenifer Boscacci at May 13, 2025 04:27 PM

The Mozilla Thunderbird Blog — Thunderbird Monthly Developer Digest – April 2025

Hello from the Thunderbird development team! With some of our time spent onboarding new team members and interviewing for open positions, April was a fun and productive month. Our team grew and we were amazed at how smooth the onboarding process has been, with many contributions already boosting the team’s output.

Gearing up for our annual Extended Support Release

We have now officially entered the release cycle which will become our annual “ESR” at the end of June. The code we’re writing, the features we’re adding, the bugs we’re fixing at the moment should all make their way into the next major update, to be enjoyed by millions of users. This most stable release is used by enterprises, governments and institutions who have specific requirements around consistency, long-term support, and minimized change over time.

If waiting a whole year doesn’t sound appealing to you, our Monthly release may be better suited. It offers access to the latest features, improvements, and fixes as soon as they’re ready. Watch out for an in-app invitation to upgrade or install over ESR to retain your profile settings.

Calendar UI Rebuild

The implementation of the new event dialog hit some challenges in April with the dialog positioning and associated tests causing more than a few headaches when our CI started reporting test failures that were not easy to debug. Not surprising given the 60,000 tests which run for this one patch alone!!

The focus on loading data into the various containers continues, so that we can enable this feature and begin the QA process.

Keep track of feature delivery via the [meta] bug

Exchange Web Services support in Rust

Our 0.2 release will make it into the hands of Daily and QA testers this month, with only a handful of smaller items left in our current milestone, before the “polish” milestone begins. The following items were completed in April:

Connectivity check for EWS accounts
Threading support
Folder updates & deletions in sync
Folder cache cleanup
Folder copy/move
Bug fixes!

Our hope is to include this feature set to users on beta and monthly release in 140 or 141.

Keep track of feature delivery here.

Account Hub

The new email account feature was “preffed on” as the default experience for the Daily build but recent changes to our Oauth process have required some rework to this user experience. We’re currently working on designing a UX and associated functionality that can detect whether account autodiscovery requires a password, and react accordingly.

The redesigned UI for Address Book account additions is also underway and planned for release to users on 25th May.

Global Message Database

We welcomed a new team member in April so technical onboarding has been a priority. In addition, a long list of patches landed, with the team focused on refactoring core code responsible for the management of common folders such as Drafts or Sent Mail, and significant changes to nsIMsgPluggableStore.

Time was spent to research and plan a path to tackle dangling folders in May.

To follow their progress, the team maintains documentation in Sourcedocs which are visible here.

New Features Landing Soon

A number of requested features and important fixes have reached our Daily users this month. We want to give special thanks to the contributors who made the following possible…

Improvements to notifications
Manual folder sorting improvements
Several port bugs to correct bustage introduced by upstream changes
and many more in the release notes for beta.

If you would like to see new features as they land, and help us squash some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.

—

Toby Pilling

Senior Manager, Desktop Engineering

Thunderbird

The post Thunderbird Monthly Developer Digest – April 2025 appeared first on The Thunderbird Blog.

by Toby Pilling at May 13, 2025 01:25 PM

May 09, 2025

Mozilla Add-ons Blog — New Extension Data Consent Experience now available in Firefox Nightly

In a previous blog post I explained that we’re working to streamline the data consent experience for extensions and allow users to consent to sharing data with extensions directly in the Firefox add-on installation flow itself — rather than during a separate post-install experience and asking developers to build their own custom consent experiences, which is the case today.

We are not changing our policies on data collection, nor are we changing how extensions can collect data. Our goal is to simplify how a developer can be compliant with our existing policies so that we can dramatically reduce the:

development effort required to be compliant with Firefox data policies
confusion users faces when installing extensions by providing a more consistent experience, giving them more confidence and control around the data collected or transmitted
time it takes for an extension to be reviewed to ensure it’s compliant with our data collection policies

I’m pleased to announce that the initial version of this feature is now available in Firefox Nightly version 139 (and later) for extension developers to test out and provide feedback.

We need your help!

We want to make sure that the new data consent experience is easy for extension developers to adopt, and works as a drop-in replacement for any existing custom consent experiences you may have created. We also need to know if the data categories available to choose from are appropriate for your extension.

We encourage extension developers to test out this new experience with their own extensions in Firefox Nightly, and let us know what they think by posting on this Mozilla Connect thread, or reach out to me directly on BlueSky!

To install an extension that has this experience configured you will need to install it from a file. You’ll need to first set the xpinstall.signatures.required preference to false in about:config. This will only work on Nightly, and not on release versions of Firefox.

How it works

Developers can specify what data they wish to collect or transmit in their extensions manifest.json file. This information will be parsed by the browser and shown to the user when they first install the extension. A user can then choose to accept or reject the data collection, just like they do with extension permissions. The developer can also specify that the extension collects no data.

To standardize this information for both developers and end users, we have created categories based on data types that extensions might be using today. In line with our current policies, there are two types of data: Personal data, and Technical and Interaction data.

To provide feedback on these categories, please let us know via our research survey. Therefore, please note that these options are subject to change based on the feedback we receive during this initial phase.

Personal data

Personally identifiable information can be actively provided by the user or obtained through extension APIs. It includes, but is not limited to names, email addresses, search terms and browsing activity data, as well as access to and placement of cookies.

Data type Visible during install	Data collection permission Used in the manifest	Definition / Examples
Personally identifying information	`personallyIdentifyingInfo`	Examples: contact information like name and address, email, and phone number, as well as other identifying data such as ID numbers, voice or video recordings, age, demographic information, or biometric data.
Health information	`healthInfo`	Examples: medical history, symptoms, diagnoses, treatments, procedures, or heart rate data.
Financial and payment information	`financialAndPaymentInfo`	Examples: credit card numbers, transactions, credit ratings, financial statements, or payment history.
Authentication information	`authenticationInfo`	Examples: passwords, usernames, personal identification numbers (PINs), security questions, and registration information for extensions that offer account-based services.
Personal communications	`personalCommunications`	Examples: emails, text or chat messages, social media posts, and data from phone calls and conference calls.
Location	`locationInfo`	Examples: region, GPS coordinates, or information about things near a user’s device.
Browsing activity	`browsingActivity`	Information about the websites you visit, like specific URLs, domains, or categories of pages you view over time.
Website content	`websiteContent`	Covers anything visible on a website — such as text, images, videos, and links — as well as anything embedded like cookies, audio, page headers, request, and response information.
Website activity	`websiteActivity`	Examples: interactions and mouse and keyboard activity like scrolling, clicking, typing, and covers actions such as saving and downloading.
Search terms	`searchTerms`	Search terms entered into search engines
Bookmarks	`bookmarksInfo`	Information about Firefox bookmarks, including specific websites, bookmark names, and folder names.

Technical and interaction data

Technical data describes information about the environment the user is running, such as browser settings, platform information, and hardware properties. User interaction data includes how the user interacts with Firefox and the installed add-on, metrics for product improvement, and error information.

Data type
Visible during install

Data collection permission

Used in the manifest

Definition

Technical and interaction data technicalAndInteraction Examples: Device and browser info, extension usage and settings data, crash and error reports.

Specifying data types

You specify data types your extension transmits in the browser_specific_settings.gecko key in the manifest.json file. As a reminder, our policies state that data transmission refers to any data that is collected, used, transferred, shared, or handled outside of the add-on or the local browser.

Personal data

Personal data permissions can either be required or optional (only technicalAndInteraction cannot be required, and this is documented later):


"browser_specific_settings": {
  "gecko": {
    "data_collection_permissions": {
      "required": [...],
      "optional": [...]
    }
  }
}

The rest of this section describes each key in the data_collection_permissions object.
Required data
When types of data are specified in the required list, users must opt in to this data collection to use the extension. Users cannot opt-out, and Figure 1 gives an example of how it could look. If a user does not agree to the data collection the extension is not installed. Unlike today, this gives the user a chance to review the data collection requirements of an extension before it is installed in their browser.
In the manifest.json file below, the developer specifies a single type of required data: locationInfo.
{
  "manifest_version": 2,
  "name": "Example - Data collection with fallback",
  "version": "1.0.0",
  "permissions": [
    "storage",
    "management"
  ],
  "browser_specific_settings": {
    "gecko": {
        "id": "example-data-collection-with-fallback@test.mozilla.org",
        "data_collection_permissions": {
          "required": [
             "locationInfo"
          ],
          "optional": [
             "technicalAndInteraction"
          ]
         }
      }
  },
  "background": {
    "scripts": [
      "background.js"
    ]
  },
  "browser_action": {},
  "options_ui": {
     "page": "options/page.html"
  }
}
This results in a new paragraph in the installation prompt (see Figure 1). The data permissions are also listed in about:addons as shown in Figure 2.
Figure 1: Installation prompt with data types as specified in the manifest
Figure 2: The data permissions are also listed in about:addons
Optional data
Optional data collection permissions can be specified using the optional list. These are not surfaced during installation (except technicalAndInteraction; see next section), and they are not granted by default. The extension can request the user opts in to this data collection after installation via a prompt, and the user can enable or disable this option data collection at any time in about:addons in the Permissions and data section of the extension settings.
Technical and interaction data
The technicalAndInteraction data type behaves differently compared to all others. This data permission can only be optional, but unlike other optional data collection options the user has the opportunity to enable or disable this during the installation flow.. In Figure 1, we can see this choice available in the optional settings section of the installation prompt.
No data collection
We also want to be clear to users when an extension collects no data. To enable this, developers can explicitly indicate that their extension does not collect or transmit any data by specifying the ”none” required permission in the manifest, as follows:
{
  "manifest_version": 2,
  "name": "extension without data collection",
  "version": "1.0.0",
  "browser_specific_settings": {
    "gecko": {
      "id": "@extension-without-data-collection",
      "data_collection_permissions": {
        "required": ["none"]
      }
    }
  },
  "permissions": [
    "bookmarks",
    "<all_urls>"
  ]
}
When a user attempts to install this extension, Firefox will show the usual installation prompt with the description of the required (API) permissions as well as a new description to indicate that the extension does not collect any data (see Figure 3).
Figure 3: Installation prompt with no data transmission defined in the manifest
 
The “no data collected” type is also listed in the “Permissions and data” tab of the extension in about:addons as shown in Figure 4.
Figure 4: The “no data collected” permission is listed in about:addons
Note: The none data type can only be required, and it cannot be used with other data types, including optional types. When that happens, Firefox will ignore the none type, and only consider the other data types (see next section for more information). In addition, Firefox will show a warning message intended to developers in about:debugging as shown in Figure 5.
Figure 5: A warning message is displayed when the none type
is combined with other data collection permissions
Accessing the data permissions programmatically
Extension developers can use the browser.permissions API (MDN docs) to interact with the optional data permissions. Specifically, the getAll() method would now return the list of granted optional data permissions as follows:
await browser.permissions.getAll()
{
  origins: ["<all_urls>"],
  permissions: ["bookmarks"],
  // In this case, the permission is granted.
  data_collection: ["technicalAndInteraction"]
}
Extension developers can also use the browser.permissions.request() API method (MDN docs) to get consent from users for ancillary data collection (defined in the optional list):
await browser.permissions.request({ data_collection: ["healthInfo"] });
This will show the following message to the Firefox user, giving them the choice to opt in to this data collection or not.

Updates
When an extension is updated, Firefox will only show the newly added required data permissions, unless it’s the special none data type because we don’t need to bother the user when the extension does not collect any data. This should behave like today for traditional permissions.
Please try it out and let us know what you think!
As I mentioned, we really want to make sure that the new data consent experience is easy for extension developers to adopt, and works as a drop-in replacement for any existing custom consent experiences you may have created.
Please test out this new experience with your own extensions in Firefox Nightly, and let us know what you think by posting on this Mozilla Connect thread
The post New Extension Data Consent Experience now available in Firefox Nightly appeared first on Mozilla Add-ons Community Blog.

by Alan Byrne at May 09, 2025 09:28 AM

`May 07, 2025`

`Blog of Data — Data and Firefox Suggest`

`Introduction`


Firefox Suggest is a  feature that displays direct links to content on the web based on what users type into the Firefox address bar. Some of the content that appears in these suggestions is provided by partners, and some of the content is sponsored. It may also include locally-stored items from the user’s history or bookmarks.
In building Firefox Suggest, we have followed our long-standing Lean Data Practices and Data Privacy Principles. Practically, this means that we take care to limit what we collect, and to limit what we pass on to our partners. The behavior of the feature is straightforward–suggestions are shown as you type, and are directly relevant to what you type.
We take the security of the datasets needed to provide this feature very seriously. We pursue multi-layered security controls and practices, and strive to make as much of our work as possible publicly verifiable.
In this post, we wanted to give more detail about what data is needed to provide this feature, and about how we handle it.
What is Firefox Suggest?
 
The address bar experience in Firefox has long been a blend of results provided by partners (such as the user’s default search provider) and information local to the client (such as recently visited pages). Firefox Suggest augments these data sources with search completions from Mozilla, which it displays alongside the local and default search engine suggestions.

Suggest is currently available by default to users in the following countries:

The United States
The United Kingdom
France
Germany
Poland
Italy

Data Collected by Mozilla for an improved experience
Users with access to Suggest can choose to enable an expanded version of the feature.  This feature requires access to additional data and is only available to users who have chosen to opt-in (via an opt-in prompt or their Settings menu). When users have opted in to the improved experience, Mozilla collects the following information to power Firefox Suggest.

Clicks and impressions: Mozilla receives information about the fact that a suggestion was shared.  When a user clicks on a suggestion, Mozilla receives notice that a suggested link was clicked.
Location: Mozilla collects city-level location data along with searches, in order to properly serve location-sensitive queries.
Search keywords: Firefox Suggest sends Mozilla information about certain search keywords, which may be shared with partners (after being stripped of any personally identifiable information) to fetch the suggested content and improve the Suggest feature.

How Data is Handled and Shared
Mozilla handles this data conservatively. When passing data on to our partners, we are careful to only provide the partner with the minimum information required to serve the feature.
For example, we only do not share user’s specific search queries (except where the user has signed up for the enhanced experience), and we do not identify which specific user sent the request, or use cookies to track users’ online activity after their search is performed.
Similarly, while a Firefox client’s location can typically be determined from their IP address, we convert a user’s IP address to a more general location immediately after we receive it, and we remove it from all datasets and reports downstream. Access to machines and (temporary, short-lived) datasets that might include the IP address is highly restricted, and limited only to a small number of administrators. We don’t enable or allow analysis on data that includes IP addresses.
We’re excited to be bringing Firefox Suggest to you. See the product announcement to learn more!
EDIT: May 7, 2025: Updated to clarify product details and reflect changes.

by Mozilla at May 07, 2025 09:00 AM

`May 01, 2025`

`SeaMonkey — SeaMonkey 2.53.21 Beta 1 is out!`

Hi All,


The SeaMonkey Project is pleased to announce the immediate release of SeaMonkey 2.53.21 Beta 1.
Please check out [1] and/or [2].
As usual, updates are forthcoming.
:ewong
[1] – https://www.seamonkey-project.org/releases/seamonkey2.53.21
[2] – https://www.seamonkey-project.org/releases/2.53.21b1

by ewong at May 01, 2025 02:08 AM

`April 30, 2025`

`Mozilla Add-ons Blog — WebExtensions Support for Tab Groups`

Exciting news: with yesterday’s release of Firefox 138, tab groups are now available to all users! Tab groups have been a long standing feature request for users, so it’s wonderful to see this go out to everyone.


New browser features are great, but what’s even better is when they’re backed by WebExtensions APIs that allow our amazing developer community to deeply integrate with those features. So, without further ado, let’s get into the new capabilities available in this release.
What’s new in 138
Firefox 138 includes initial support for tab group management in WebExtensions APIs. More specifically, we’ve updated the Tabs API with a few new tricks that allow extension developers to create tab groups, modify a group’s membership, and ungroup tabs:

tabs.group() creates a new tab group that contains the specified tab(s) (MDN, bug 1959714)
tabs.ungroup() remove the specified tab(s) from their associated tab groups (MDN, bug 1959714)
tabs.query() can now be used to query for tabs with a given groupId (MDN, bug 1959715)
Tab objects now have a groupId property that identifies which group it’s in (if any) (MDN, bug 1959713)
The tabs.onUpdated event now emits updates for tab group membership changes (MDN, bug 1959716)

Best practices
As we learn more about how users interact with Tab Groups and how extensions integrate Tab Groups into their features, we’ll build out and expand on suggestions to help Add-on developers create better interactions for users. Here’s some suggestions we have so far.
Moving tabs
Be aware that changing a tab’s position in the tab strip may change its group membership, and that your users may not expect that moving tabs using your add-on will move tabs in or out of their tab groups. Use the groupId property on Tab instances to ensure that the tab is or is not grouped as expected.
Reorganizing tabs
Take tab groups into consideration when organizing tabs. For example, Firefox Multi-Account Containers has a “sort tabs by container” feature that reorganizes tabs so that tabs in the same container are grouped together. Since moving a tab can change its group membership, this could have unexpected consequences for users. To avoid this destructive operation, the add-on was updated to skip over grouped tabs.
To avoid destructive changes to a user’s tab groups, we recommend reorganizing ungrouped tabs or tabs inside a window’s tab groups as opposed to organizing all tabs within a window.
What’s coming
In addition to the features added in 138, we are also looking to further expand tab group support with the introduction of the Tab Groups API in Firefox 139. This will address a few gaps in our tab group supporting including the ability to:

set a tab group’s title, color, and collapsed state (tabGroups.update())
move an entire tab group (tabGroups.move())
get info about a single tab group (tabGroups.get())
get info about all tab groups (tabGroups.query())
subscribe to specific tab group events (onUpdated, onMoved, onCreated, onRemoved)

We’ve already landed the initial implementation of this API in Firefox 139 Beta, but we’d love to get feedback on the API design and capabilities from our development community. If you’re feeling adventurous, you can start experimenting with these new capabilities and sharing feedback with us today. We encourage you to share your experiences and thoughts with us on Discourse.
If everything proceeds smoothly during the next beta cycle, we anticipate that the Tab Groups API will be available with the release of Firefox 139. We look forward to seeing what you build!
The post WebExtensions Support for Tab Groups appeared first on Mozilla Add-ons Community Blog.

by Simeon Vincent at April 30, 2025 11:38 PM

`April 28, 2025`

`Mozilla L10N — Lost (and Found) in Translation: My Internship Story`

If you were to ask my parents or sister what my favourite hobby was as a child, they’d say something along the lines of “sitting in front of our family computer”. I’d spend hours browsing the internet, usually playing Flash games or watching early YouTube videos. Most of my memories of using the computer are now a blur, however, one detail stands out. I distinctly remember that our family computer used Mozilla Firefox as our primary internet browser. So imagine my surprise when I was offered an opportunity to intern here at Mozilla!


In the midst of my third year studying Computer Engineering at the University of Toronto, I had been searching for a 12-month internship to complete our Professional Experience Year (PEY) Co-op credit. Incredibly, I landed the privilege of working at Mozilla for 12 months alongside 17 other students. Coincidentally, one of my closest friends from high school would also be completing his internship at Mozilla too!
As a Software Engineer (SWE) Intern, I had been hired on the Localization (L10N) team, and would be based out of the Toronto office. I had already connected with both my manager, Francesco “Flod” Lodolo, and my mentor, Matjaž Horvat, before my start date. I couldn’t wait to begin my internship, and after I finished my final exam for third year, I began counting the days before my start date.
LGTM! (Onboarding)
From our first day at the office, I knew I was going to love working here. The Toronto office is so vibrant and filled with some truly amazing people! After finishing the office tour with the rest of the interns, we booted up our computers and began installing all our tools. Luckily for me, Ayanaa (who was the previous SWE Intern on the Localization team) was in the office too. She would be here until the end of August, helping to mentor and guide me along the way.
With her help, I got started on some bug fixes in Pontoon, Mozilla’s translation management system. I was mainly using Python (specifically the Django framework) and JavaScript/TypeScript (React) for the duration of the internship. Since I had some prior internship experience with these tools, I was able to hit the ground running, and by the end of my third month I had already completed 12 tickets! Matjaž and Flod were both instrumental in my progress, and with their help, I narrowed down the larger projects I wanted to work on for the rest of my internship.
I also took an interest in web standards within my first few months. Eemeli, the other engineer on our team, was an active contributor to the MessageFormat2 API, a new Unicode standard for localization. With his support, I was able to attend the Working Group’s weekly meetings. These meetings included some of the most influential and experienced people in this domain, spanning across many large companies and organizations.
Our first day tour of the Toronto office!

Coast to Continent to Coast (MozWeek and Work Week)
Around the middle of August, we were given the opportunity to attend MozWeek 2024, which is our annual week-long, company-wide conference. MozWeek 2024 was being held in Dublin, Ireland, so this was my first time ever travelling to Europe! From day one, the atmosphere at The Convention Centre Dublin was electric. I could tell a lot of thought, planning, and care went into creating the best possible experience for all employees. Throughout the week, we attended plenary talks, workshops, and strategic meetings.
Seeing how Mozilla is a remote-first international company, this was the first time I had met any of my full-time colleagues in person. It was so nice to finally see and chat with them outside my laptop screen. We even had our team dinner next to the famous Temple Bar! In our free time, the other interns and I had a blast walking through the streets of Dublin, and exploring what Ireland has to offer.
The interns and I at the MozWeek 2024 Closing Party, hosted at the Guinness Storehouse.
Dublin wasn’t my only travel destination though. Each team meets up once a year in one of Mozilla’s many office spaces across the world. Owing to our remote-first policy, these ‘Work Weeks’ are an opportunity for teams to reflect on the past year and align on OKRs for the coming year. Our Work Week happened in November, in sunny San Mateo, California, marking my first time on the West Coast! The Work Week was a great experience filled with good food, and it was super fun to explore San Francisco in my free time.
L10N team dinner at Porterhouse Restaurant San Mateo!

Building for a Better Web (Projects Overview)
One of my favourite parts of working at Mozilla was that almost all of my work was public-facing. I worked on three major projects during my internship, so here’s a brief description of each:
Pontoon Search
My first major project had me improving Pontoon’s search capabilities. Despite the many filters Pontoon already contained to sift through over 4.5 million strings, there were still no options for common filters like ‘Match Case’ or to limit a search to specific elements, like source text. My job was to create a new full-stack feature to enable users to refine their search queries. By leveraging TypeScript, React, and Django’s ORM capabilities, I created a new search panel with 5 options for users to toggle:

Improving the searching in Pontoon not only made the user experience more streamlined, but also improved Pontoon’s API capabilities, which was later used in the Mozilla Language Portal (see below).
Pontoon Achievement Badges
My second major project involved adding gamification elements into Pontoon. In a nutshell, we wanted to implement achievement badges into Pontoon to recognize contributions made by our vibrant volunteer community, while also further promoting positive behaviours on the platform. Ayanaa had created both the proposal document and technical specification before her term ended, so it was my job to implement the feature. This project mainly involved TypeScript and a bit of Django for counting badge actions, and the initial user feedback was overwhelmingly positive! For more information, check out the blog post I wrote to announce the feature.

Mozilla Language Portal
My final project, and the one I had the most ownership over, was the creation of the Mozilla Language Portal. For a long time, the localization industry was missing a central hub for sharing knowledge, best practices, and searchable translation memories. We decided it was a good idea to leverage our influence to create the Mozilla Language Portal, in hopes to fill this gap and make localization tools themselves more accessible. We decided to create the Portal using Birdbox, an internal tool created by the websites team to quickly spin up Mozilla-branded web pages. The deployment of the Portal was handled primarily through Google Cloud Services and Terraform, which was a whole new set of tools for me to learn. The website itself was made using Wagtail CMS, built on top of Django. With the help of the Websites and Site Reliability Engineering teams, I was able to both create the MVP and deploy the site.

Closing Thoughts
Since taking an anthropology course in my third year of university, I’ve come to appreciate how important human connection and social interactions are, especially in this day and age. Most people would agree that technology (in particular the internet) has now thoroughly integrated itself into the fabric of our societies, so I believe it’s in our collective best interest to keep the internet in a healthy and open state. In recent years, it sadly seems like many bad actors are increasing their influence and control over what should be a vital and protected resource. As one of my long-term goals, I want to focus my career towards improving the internet and using its influence over society for good.
So naturally with this goal in mind, Mozilla’s position as a non-profit organization dedicated to creating an open and accessible web was a perfect fit for me. Coincidentally, Localization was also the perfect team for me. As a very community-facing team, Localization gave me the unique chance to see the direct results of creating technology to make the internet more accessible, and I was able to explore my burning interests such as web standards.
I think it goes without saying that the lessons I learned at Mozilla, both from an engineering perspective and from a community perspective, will stick with me for the rest of my career. Regardless of if I continue to be a SWE in the future, I want to focus on creating technology to grow and help humanity, and thus I’ve promised myself to only work for organizations whose missions I align with.
To me, my time at Mozilla will always be emblematic of my growth: as a student, as an engineer, and as an individual. They say all good things must come to an end, but I oddly don’t feel as though my time at Mozilla is coming to an end. The lessons instilled in me and the drive to keep fighting for an open web won’t ever leave me.
Team photo with everyone! Taken in August 2024
 
Acknowledgements
I’d like to dedicate this section to my amazing team that has supported me and helped me grow both professionally and personally this past year.
To Ayanaa, thank you for being a great coworker, mentor and friend. I’ve been following the path you carved out, both at Mozilla and beyond, and I’m extremely grateful for all the advice and support you gave me throughout.
To Matjaž, I can’t really put into words how helpful and kind you have been to me. You truly have a talent for mentoring, and I’m so incredibly grateful you were my mentor. I hope you continue to inspire others the way you’ve inspired me. Let’s hope Lebron and Luka can win it all (eventually).
To Flod, your support as my manager has been monumental to my professional development. Thank you for being patient with me, and for supporting all of my interests and endeavors during my term. It sounds cliché, but I truly couldn’t have asked for a better manager.
To Eemeli, thank you for supporting my interest in MessageFormat2. Your great sense of humour will definitely stick with me, and you’ve inspired me to carry on your tradition of taking walks during online meetings.
To Bryan, it was always such a pleasure to speak and work with you. I’m glad I had someone else to nerd-out with about Pokémon! I really appreciate how we could always find something to talk about.
To Peiying, I loved hearing all about your travel anecdotes during MozWeek and our Work Week. I promise to keep my photo blog updated as long as you do too! I hope to see you and Leo again soon.
To Delphine, your enthusiasm and bubbly personality always brought a smile to my face. It was so nice to finally have met you during our Work Week! Congrats again on all your personal achievements in this past year.
And thank you to all the Mozillians I’ve had the privilege to work with this past year, both in the Toronto office and across the globe. I’m sure our paths will cross again! As they say, “once a Mozillian, always a Mozillian”.
*Thanks for reading, and if you’d like to learn more or connect with me, please feel free to add me on LinkedIn*

by Harmit Goswami at April 28, 2025 06:08 PM

`April 25, 2025`

`Mozilla L10N — L10n report: April 2025 Edition`

Please note some of the information provided in this report may be subject to change as we are sometimes sharing information about projects that are still in early stages and are not final yet.


Welcome!
Are you a locale leader and want us to include new members in our upcoming reports? Contact us!
What’s new or coming up in Firefox desktop
There are a number of new features launched recently or upcoming in Nightly to look out for.
Smart Tab Grouping
With the recent release of Tab Groups in Firefox 137, we’ll see some additional development on enhancements in the future. Currently only available in English on Nightly, Smart Tab Grouping uses a local AI model to suggest similar tabs to group together.
Link Previews
This feature will be coming to Firefox Labs in 138, Link Previews uses a local AI model to quickly see what’s behind a link, by distilling key points from the page.
Signing in PDFs
You have likely seen these strings while working on Beta, but the ability to add signatures using the built-in PDF editor will be released fully in the upcoming 138 release on April 29.
What’s new or coming up in mobile
We’re adding customization options for Firefox icons on mobile! Some of the icon names may be tricky to localize, so we’ll be sharing a reference sheet that includes each icon along with its visual and contextual usage. This will help you choose the most accurate and user-friendly translations for your locale. Keep an eye out for upcoming Pontoon notifications for more details!
What’s new or coming up in web projects
AMO and AMO Frontend
To enhance user experience, the AMO team has established a minimum translation completion threshold of 80% for locales to remain on production sites. The team will start implementing the new policy in May. Last month, locales with a completion rate of 40% or lower were removed from the production site. However, affected communities can continue making progress in Pontoon, and their status will change once they meet the threshold.
Once this new standard is fully implemented, the addon team will reassess the list of locales on a monthly basis, evaluating those that have met or fallen below the 80% threshold. Based on this review, they will determine which locales to retain and which to remove from the production site. Regardless of your locale’s current status, you can check your work in context using the links to the production, staging, and developer sites which can be found on the top left of the project dashboards.
What’s new or coming up in Pontoon
We’re working on some sizable back-end improvements to how Pontoon internally represents and deals with translatable messages, i.e. source-locale entries and their translations. Thus far we’ve refactored Pontoon’s sync code (how it reads from and writes data to project repositories) and the serialization of our supported file formats; the next step will be replacing our file format parsers.
Mostly this work should remain invisible to users, though it has already allowed us to fix quite a few long-standing bugs and improved sync performance. Eventually, this will make it much easier for us to expand the file formats and features supported by Pontoon.
Events
We are hosting our first localization office hour on Apr 30, 2025 at 3:30pm UTC, it will be live streamed on both AirMozilla and YouTube (recordings can be found at the same links). This session will focus on common errors localizers may encounter and how to overcome them. Feel free to ask questions beforehand via the Google form or reach out directly to delphine at mozilla dot com.
Want to showcase an event coming up that your community is participating in? Contact us and we’ll include it.
Friends of the Lion
Know someone in your l10n community who’s been doing a great job and should appear here? Contact us and we’ll make sure they get a shout-out!
Useful Links

#l10n-community channel on Element (chat.mozilla.org)
Localization category on Discourse
Mastodon
Twitter
L10n blog

Questions? Want to get involved?
If you want to get involved, or have any question about l10n, reach out to:

Francesco Lodolo (flod) – Engineering Manager
Bryan – L10n Project Manager
Delphine – L10n Project Manager for mobile
Peiying (CocoMo) – L10n Project Manager for mozilla.org, marketing, and legal
Francis – L10n Project Manager for Common Voice, Mozilla Foundation
Théo Chevalier – L10n Project Manager for Mozilla Foundation
Kiki – L10n Project Manager for SUMO
Matjaž (mathjazz) – Pontoon dev
Eemeli – Pontoon, Fluent dev

Did you enjoy reading this report? Let us know how we can improve it.

by Matjaž Horvat at April 25, 2025 06:57 PM

`Blog of Data — Comparing data-stewardship at Mozilla with Lauren Maffeo’s book “Designing Data Governance from the Ground Up”`

`Data Stewardship: A Mozilla Perspective`


In Designing Data Governance from the Ground Up, author Lauren Maffeo presents data stewardship as a pivotal role in data governance that is focused on maintaining data quality, consistency, and usability. Data stewards, in her view, are operational experts who ensure that data is of the highest quality, aligns with organizational standards, and supports business objectives.
At Mozilla, rather than taking such a broad role in data governance, a data steward’s responsibilities are deeply intertwined with the organization’s commitment to user privacy and ethical data practices. This approach reflects Mozilla’s mission to promote an open and accessible internet while safeguarding user trust.
Maffeo’s Framework: Operational Excellence
Maffeo outlines data stewards as key players in:

Ensuring Data Accuracy: Identifying and correcting data quality issues.
Maintaining Metadata: Documenting data definitions and standards.
Enforcing Policies: Applying data governance policies consistently.
Facilitating Collaboration: Bridging gaps between technical and business teams.

This model emphasizes the importance of data stewards in operationalizing data governance to enhance data quality, decision-making, and organizational efficiency. This work is spread amongst the product, data, data-engineering, and other organizations at Mozilla.
Mozilla’s Approach: Privacy-Centric Stewardship
At Mozilla, data stewards focus on:

Evaluating Data Collection Requests: As outlined in Mozilla’s Data Collection documentation, data stewards are responsible for reviewing proposed data collections to ensure they align with Mozilla’s Data Privacy Principles, which emphasize user control, transparency, and minimal data collection.
Collaborating Across Teams: Working with engineers, product managers, and legal teams to assess the necessity and impact of data collection and helping to ensure the collection is properly categorized and documented in a public way that is accessible to our users.
Advocating for Lean Data Practices: Promoting the collection of only essential data needed to improve user experiences, in line with Mozilla’s commitment to user privacy.
Guiding Data Publishing: Ensuring that any data shared publicly adheres to Mozilla’s Data Publishing policies, which categorize data sensitivity and dictate appropriate aggregation levels to protect user anonymity.

This stewardship model is proactive, emphasizing ethical considerations and user trust over data quality and operational efficiency.
Mozilla’s Data Stewardship in Practice
Mozilla’s data stewards operate within a structured framework that includes:
Data Collection Review: Any new data collection undergoes a review process to assess its necessity, potential privacy impact, and alignment with Mozilla’s principles. This includes ensuring data is correctly categorized by its sensitivity in order to ensure it is properly handled.
User Control and Transparency: Mozilla ensures users have meaningful choices regarding data collection, including the ability to opt-out and have their data deleted.
Public Data Sharing: When publishing data, Mozilla applies rigorous standards to prevent the release of sensitive information, following guidelines outlined in their Data Publishing documentation.
This approach ensures that data stewardship at Mozilla is less focused on managing data, but more about upholding the organization’s core values of user privacy and transparency.
Conclusion
Lauren Maffeo’s framework provides a solid foundation for understanding the operational aspects of data governance. Mozilla’s implementation of data stewardship focuses this role on ethical responsibility and user advocacy. At Mozilla, data stewards are less “custodians of data quality” and more “champions of user privacy”, ensuring that every data-related decision aligns with the organization’s mission to foster an open and trustworthy internet.
If you’re interested in learning more about Mozilla’s data practices or becoming involved in data stewardship initiatives, feel free to reach out to the Data Stewardship team.

by Travis Long at April 25, 2025 02:42 PM

`April 11, 2025`

`The Mozilla Thunderbird Blog — VIDEO: The New Account Hub`


In this month’s Community Office Hours, we’re chatting with Vineet Deo, a Software Engineer on the Desktop team, who walks us through the new Account Hub on the Desktop app. If you want a sneak peak at this new streamlined experience, you can find it in the Daily channel now and the Beta channel towards the end of April.



Next month, we’ll be chatting with our director Ryan Sipes. We’ll be covering the new Thunderbird Pro and Thundermail announcement and the structure of MZLA compared to the Mozilla Foundation and Corporation. And we’ll talk about how Thunderbird put the fun in fundraising!



March Office Hours: The New Account Hub



Setting up a new email account in Thunderbird is already a solid experience, so why the update? Firstly, this is the first thing new users will see in the app. Thus, it’s important it has the same clean, cohesive look that is becoming the new Thunderbird design standard. It’s also helpful for users coming from other email clients to have a familiar, wizard-like experience. While the current account setup works well, it’s browser based. This makes it possible a user could exit out before finishing and get lost before they even started. This is the opposite of what we want for potential users!



Vineet and his team are also working to make the new Account Hub ready for Exchange. Likewise, they also have plans for a similar hub to set up new address books and calendars. We’re proud of the collaboration between back and frontend teams, and designers and engineers, to make the Account Hub.



Watch, Read, and Get Involved



But don’t take our word for it! Watch Vineet’s Account Hub talk and demo, along with a Q&A session. If you’re comfortable testing Daily, you can test this new feature now. (Go to File > New > Email Account to start the experience.) Otherwise, keep an eye on our Beta release channel at the end of April. And if you’re watching this after Account Hub is part of the regular release, now you know the feature’s story!



VIDEO (Also on Peertube):









Account-Hub-Community-Hours-1Download



Get Involved




TB Beta Mailing List (to provide feedback on Account Hub once it lands): https://thunderbird.topicbox.com/groups/beta

The post VIDEO: The New Account Hub appeared first on The Thunderbird Blog.

by Monica Ayhens-Madon at April 11, 2025 12:18 PM

`April 10, 2025`

`The Mozilla Thunderbird Blog — Thunderbird for Android March 2025 Progress Report`


Hello, everyone, and welcome to the Thunderbird for Android March 2025 Progress Report. We’re keeping our community updated on everything that’s been happening in the Android team, which is quickly becoming a more general mobile team with some recent hires. In addition to team news, we’re talking about our roadmap board on GitHub.



Team Changes



In March we said goodbye to cketti, the K-9 Mail maintainer who joined the team when Thunderbird first announced plans for an Android app. We’re very grateful for everything he’s created, and for his trust that K-9 Mail and Thunderbird for Android are in good hands. But we also said hello to Todd Heasley, our new iOS engineer, who started March 26. We also have just added Ashley Soucar, an Android/iOS engineer, who joined us on April 7. If all continues to go well, we’ll also be adding another Android engineer in the next couple of weeks. 



Our Roadmap Board



Our roadmap board is now available! We’re grateful to the Council for their trust and support in approving it. As the board will reflect any changes in our planning, this is the most up-to-date source for our upcoming development. Each epic will show its objective and what’s in scope – and as importantly, what’s out of scope. The project information on the side will tell you if an epic is in the backlog or work in progress.







If you’d like to know what we’re working on right now, check out our sprint board.



Contribute by Triaging GitHub Issues



One way to contribute to Thunderbird for Android is by triaging open GitHub Issues. In March, we did a major triage with over 150 issues closed as duplicates, marked with ‘works for me,’ or elevating them up to the efforts and features described in the roadmap above. Especially since we’re a small team, triaging issues helps us know where to act on incoming issues. This is a great way to get started as a Thunderbird for Android contributor.




To start triaging bugs, have a look at the ‘unconfirmed’ issues. Try to reproduce the issue  to help verify that the issue exists. Then add a comment with your results and any other information you found that might help narrow down the issue. If you see users generally saying “it doesn’t work”, ask them for more details or to enable logs. This way we know when to remove the unconfirmed label. If you have questions along the way or need someone to confirm a thought you had, feel free to ask in the community support channel.



Account Drawer



Our main engineering focus in March has been the account drawer we shared screenshots on in the January/February update. Given the settings design includes a few non-standard components, we took the opportunity to write a modern settings framework based on Jetpack Compose and make use of it for the new drawer. There will be some opportunities to contribute here in the future, as we’d like to migrate our old settings UI to the new system.



We have a few crashes and rough edges to polish, but are very close to enabling the feature flag in beta. If you aren’t already using it and want to get early access, install our beta today.



I’d also like to call out a pull request by Clément, who contributed support for a folder hierarchy. The amazing thing here—our design folks were working out a proposal because we were interested in this as well, and without knowing, Clément came up with the same idea and came in with a pull request that really hit the spot. Great work!







Community Contributions



In addition to the folder hierarchy mentioned above, here are a few community activities in March:




Shamim made sure the Unified Inbox shows up when you add your second account, retained scroll position in the drawer when rotating, removed font size customizations in favor of Android OS controls, flipped the default for being notified about new email and helped out with a few refactorings to make our codebase more modern.



Sergio has improved back button navigation when editing drafts.



Salkinnoma made our workflow runs more efficient and fixed an issue in the find folders view where a menu item was incorrectly shown.



Smatek improved our edge to edge support by making the bottom Android navigation bar background transparent



Husain fixed some inconsistencies when toggling “Show Unified Inbox”.



Vayun has begun work to update the Thunderbird for Android app widgets to Jetpack compose (including dark theming)



SttApollo has made the logo size more dynamic in the onboarding screen.




This is quite a list, great work! When you think about Thunderbird for Android or K-9 Mail, what was the last major annoyance you stumbled upon? If you are an Android developer, now is a good time to fix it. You’ll see your name up here next time as well 
The post Thunderbird for Android March 2025 Progress Report appeared first on The Thunderbird Blog.

by Philipp Kewisch at April 10, 2025 04:06 PM

`April 08, 2025`

`The Mozilla Thunderbird Blog — Thunderbird Monthly Development Digest – March 2025`


Hello again Thunderbird Community! It’s been almost a year since I joined the project and I’ve recently been enjoying the most rewarding and exciting work days in recent memory. The team who works on making Thunderbird better each day is so passionate about their work and truly dedicated to solving problems for users and supporting the broader developer community. If you are reading this and wondering how you might be able to get started and help out, please get in touch and we would love to get you off the ground!



Paddling Upstream



As many of you know, Thunderbird relies heavily on the Firefox platform and other lower-level code that we build upon. We benefit immensely from the constant flow of improvements, fixes, and modernizations, many of which happen behind the scenes without requiring our input. 



The flip side is that changes upstream can sometimes catch us off guard – and from time to time we find ourselves firefighting after changes have been made. This past month has been especially busy as we’ve scrambled to adapt to unexpected shifts, with our team hunting down places to adjust Content Security Policy (CSP) handling and finding ways to integrate a new experimental whitespace normalizer. Very much not part of our plan, but critical nonetheless.



Calendar UI Rebuild



The implementation of the new event dialog is moving along steadily with the following pieces of the puzzle recently landing:




Title



Border



Location Row



Join Meeting button



Time & Recurrence




The focus has now turned to loading data into the various containers so that we can enable this feature later this month and ask our QA team and Daily users to help us catch early problems.



Keep track of feature delivery via the [meta] bug 



Exchange Web Services support in Rust



We’re aiming to get a 0.2 release into the hands of Daily and QA testers by the end of April so a number of remaining tasks are in the queue – but March saw a number of features completed and pushed to Daily




Folder copy/move



Sync folder – update



Complete composition support (reply/forward)



Bug fixes!




Keep track of feature delivery here.



Account Hub



This feature was “preffed on” as the default experience for the Daily build but recent changes to our Oauth process have required some rework to this user experience, so it won’t hit beta until the end of the month. It’s beautiful and well worth considering a switch to Daily if you are currently running beta.



Global Message Database



The New Zealand team completed a successful work week and have since pushed through a significant chunk of the research and refactoring necessary to integrate the new database with existing interfaces.



The patches are pouring in and are enabling data adapters, sorting, testing and message display for the Local Folders Account, with an aim to get all existing tests to pass with the new database enabled. The path to this goal is often meandering and challenging but with our most knowledgeable and experienced team members dedicated to the project, we’re seeing inspiring progress.



The team maintains their documentation in Sourcedocs which are visible here.



In-App Notifications



A few last-minute changes were made and uplifted to our ESR version early this month so if you use the ESR and are in the lucky 2% of users targeted, watch out for an introductory notification!
We’ve also wrapped up work on two significant enhancements which are now on Daily and will make their way to other releases over the course of the month:




Granular control of notifications by type via EnterprisePolicy



Enhanced triggering mechanism to prevent launch when Thunderbird is in the background




 Meta Bug & progress tracking.



New Features Landing Soon



A number of requested features and important fixes have reached our Daily users this month. We want to give special thanks to the contributors who made the following possible…




Several colour scheme improvements and fixes.



A long-standing feature request to add manual sort order for folders



Fix to notification interaction with quick filter



Multiple message selection correction



and many more which are listed in release notes for beta.




As usual, if you want to see and use new features as they land, and help us squash some early bugs, you can try running daily and check the pushlog to see what has recently landed. This assistance is immensely helpful for catching problems early.



—



Toby Pilling



Senior Manager, Desktop Engineering
The post Thunderbird Monthly Development Digest – March 2025 appeared first on The Thunderbird Blog.

by Toby Pilling at April 08, 2025 01:31 PM

`April 04, 2025`

`The Mozilla Thunderbird Blog — Thundermail and Thunderbird Pro Services`


Today we’re pleased to announce what many in our open source contributor community already know. The Thunderbird team is working on an email service called “Thundermail” as well as file sharing, calendar scheduling and other helpful cloud-based services that as a bundle we have been calling “Thunderbird Pro.”



First, a point of clarification: Thunderbird, the email app, is and always will be free. We will never place features that can be delivered through the Thunderbird app behind a paywall. If something can be done directly on your device, it should be. However, there are things that can’t be done on your computer or phone that many people have come to expect from their email suites. This is what we are setting out to solve with our cloud-based services.



All of these new services are (or soon will be) open source software under true open source licenses. That’s how Thunderbird does things and we believe it is our super power. It is also a major reason we exist: to create open source communication and productivity software that respects our users. Because you can see how it works, you can know that it is doing the right thing.



The Why for offering these services is simple. Thunderbird loses users each day to rich ecosystems that are both products and services, such as Gmail and Office365. These ecosystems have both hard vendor lock-ins (through interoperability issues with 3rd-party clients) and soft lock-ins (through convenience and integration between their clients and services). It is our goal to eventually have a similar offering so that a 100% open source, freedom-respecting alternative ecosystem is available for those who want it. We don’t even care if you use our services with Thunderbird apps, go use them with any mail client. No lock-in, no restrictions – all open standards. That is freedom.



What Are The Services?



Thunderbird Appointment



Appointment is a scheduling tool that allows you to send a link to someone, allowing them to pick a time on your calendar to meet. The repository for Appointment has been public for a while and has seen pretty remarkable development so far. It is currently in a closed Beta and we are letting more users in each day.



Appointment has been developed to make meeting with others easier. We weren’t happy with the existing tools as they were either proprietary or too bloated, so we started building Appointment.



Thunderbird Send



Send is an end-to-end encrypted file sharing service that allows you to upload large files to the service and share links to download those files with others. Many Thunderbird users have expressed interest in the ability to share large files in a privacy-respecting way – and it was a problem we were eager to solve.



Thunderbird Send is the rebirth of Firefox Send – well, kind of. At this point, we have a bit of a Ship of Theseus situation – having rebuilt much of the project to allow for a more direct method of sharing files (from user-to-user without the need to share a link). We opened up the repo to the public earlier this week. So we encourage everyone interested to go and check it out.



Thunderbird Send is currently in Alpha testing, and will move to a closed Beta very soon.



Thunderbird Assist



Assist is an experiment, developed in partnership with Flower AI, a flexible open-source framework for scalable, privacy-preserving federated learning, that will enable users to take advantage of AI features. The hope is that processing can be done on devices that can support the models, and for devices that are not powerful enough to run the language models locally, we are making use of Flower Confidential Remote Compute in order to ensure private remote processing (very similar to Apple’s Private Cloud Compute). 



Given some users’ sensitivity to this, these types of features will always be optional and something that users will have to opt into. As a reminder, Thunderbird will never train AI with your data. The repo for Assist is not public yet, but it will be soon.



Thundermail



Thundermail is an email service (with calendars and contacts as well). We want to provide email accounts to those who love Thunderbird, and we believe that we are capable of providing a better service than the other providers out there. Email that aligns with our values of privacy, freedom and respect of our users. No ads, no selling or training AI on your data – just your email and it is your email.



With Thundermail, it is our goal to create a next generation email experience that is completely, 100% open source and built by all of us, our contributors and users. Unlike the other services, there will not be a single repository where this work is done. But we will try and share relevant places to contribute in future posts like this.



The email domain for Thundermail will be Thundermail.com or tb.pro. Additionally, you will be able to bring your own domain on day 1 of the service. 





Heading to thundermail.com you will see a sign up page for the beta waitlist. Please join it!





Final Thoughts



Don’t services cost money to run?



You may be thinking: “this all sounds expensive, how will Thunderbird be able to pay for it?” And that’s a great question! Services such as Send are actually quite expensive (storage is costly). So here is the plan: at the beginning, there will be paid subscription plans at a few different tiers. Once we have a sufficiently strong base of paying users to sustainably support our services, we plan to introduce a limited free tier to the public. You see this with other providers: limitations are standard as free email and file sharing are prone to abuse.



It’s also important to highlight again that Thunderbird Pro will be a completely separate offering from the Thunderbird you already use. While Thunderbird and the additional new services may work together and complement each other for those who opt in, they will never replace, compromise, or interfere with the core features or free availability of Thunderbird. Nothing about your current Thunderbird experience will change unless you choose to opt in and sign up with Thunderbird Pro. None of these features will be automatically integrated into Thunderbird desktop or mobile or activated without your knowledge.



The Realization of a Dream



This has been a long time coming. It is my conviction that all of this should have been a part of the Thunderbird universe a decade ago. But it’s better late than never. Just like our Android client has expanded what Thunderbird is (as will our iOS client), so too will these services.



Thunderbird is unique in the world. Our focus on open source, open standards, privacy and respect for our users is something that should be expressed in multiple forms. The absence of Thunderbird web services means that our users must make compromises that are often uncomfortable ones. This is how we correct that.



I hope that all of you will check out this work and share your thoughts and test these things out. What’s exciting is that you can run Send or Appointment today, on your own server. Everything that we do will be out in the open and you can come and help us build it! Together we can create amazing experiences that enhance how we manage our email, calendars, contacts and beyond.



Thank you for being on this journey with us.



—



Ryan Sipes
Managing Director of Product
Thunderbird
The post Thundermail and Thunderbird Pro Services appeared first on The Thunderbird Blog.

by Ryan Sipes at April 04, 2025 04:58 PM

`April 03, 2025`

`Mozilla Add-ons Blog — Rethinking Extension Data Consent: Clarity, Consistency, and Control`

Hello, extension developers! I’m Alan, the Product Manager at Mozilla responsible for the Firefox add-ons ecosystem.


I wanted to share news about a project we’re working on that will streamline how extension developers implement user data consent experiences.
Firefox extension data collection policies protect our users
Today, our Add-on policies dictate that any extension that collects or transmits user data must create and display a data consent dialog. This consent dialog must clearly state what type of data is being collected and inform the user about the impact of accepting or declining the data collection.
Whilst the policy is a great example of Firefox’s commitment to transparency and protecting user data, it can add significant overhead for developers who want to build on our platform, and it creates a confusing experience for end users who often encounter many different data consent experiences for every extension they install. These custom data consent experiences also increase the time it takes for add-on reviewers to process a new extension version, as they need to verify this custom code is compliant with our policies.
We’re simplifying how extensions gets consent to collect data
In 2025 we will launch a new data consent experience for extensions, built into the Firefox add-on installation flow itself. This will dramatically reduce the:

development effort required to be compliant with Firefox data policies
confusion users faces when installing extensions by providing a more consistent experience, giving them more confidence and control around the data collected or transmitted
effort it takes AMO reviewers to evaluate an extension version to ensure it’s compliant with our data collection policies

Developers won’t need to bother with creating their own custom data consent experiences. Soon, developers will simply be able to specify in the manifest what types of data the extension collects/transmits and this will automatically be reflected in a unified consent experience across all Firefox extensions.
When a user then adds an extension to Firefox, the installation prompt will show what required types of data the extension collects, if any, alongside a list of permissions that the extension requests. Users will have a choice to opt in/out of providing the optional technical and usage data if the add-on has requested it, as well as any optional data collection the developer requests. As always, the user then has the choice to continue adding the extension if they agree to the required permissions and data collection, or cancel the installation flow. We plan to extend the existing WebExtensions permissions APIs to include these data collection options, making it as easy as possible for developers to adopt this new functionality.
The data collection information will also be displayed on AMO extension listing pages to help Firefox users make informed download decisions. We’re also exploring ways to let developers provide more context about their data practices, if they wish.
We will eventually accept this standardized approach instead of requiring a developer to build custom consent screens, but acknowledge this will take time as we gather feedback from our community of developers and users. To begin with, we will be adding this functionality to the Nightly version of Firefox for desktop in an upcoming release so that we can gather feedback on how this approach compares with their existing consent experiences. We’ll be sure to announce here on this blog with further technical details about how to use it, so stay tuned!
Help us make this better
We would love our Firefox extension developers to help us shape the future of this feature and we encourage you to test it out in Nightly when it’s released and send us your feedback. Finally, if you’re an extension developer, please help us build this feature by completing a survey about how you’re using permissions and data in your own extensions. This will help us make sure we’re not missing anything important during this stage of design!
Complete the extension permissions and data collection survey
The post Rethinking Extension Data Consent: Clarity, Consistency, and Control appeared first on Mozilla Add-ons Community Blog.

by Alan Byrne at April 03, 2025 05:09 PM

`April 02, 2025`

`Open Policy & Advocacy — New Mozilla Research: Civil Liability Along the AI Value Chain`

What happens when AI systems fail? Who should be held responsible when they cause harm? And how can we ensure that people harmed by AI can seek redress?


READ THE REPORT HERE
As AI is increasingly integrated in products and services across sectors, these questions will only become more pertinent. In the EU, a proposal for an AI Liability Directive (AILD) in 2022 catalyzed debates around this issue.  Its recent withdrawal by the European Commission leaves a wide range of open questions to linger as businesses and consumers will need to navigate fragmented liability rules across the EU’s 27 member states.
To answer these questions, policymakers will need to ask themselves: what does an effective approach to AI and liability look like?
New research published by Mozilla tackles these thorny issues and explores how liability could and should be assigned across AI’s complex and heterogeneous value chain.
Solving AI’s “problem of many hands” 
The report, commissioned from Beatriz Botero Arcila — a professor at Sciences Po Law School and a Faculty Associate at Harvard’s Berkman Klein Center for Internet and Society — explores how liability law can help solve the “problem of many hands” in AI: that is, determining who is responsible for harm that has been dealt in a value chain in which a variety of different companies and actors might be contributing to the development of any given AI system. This is aggravated by the fact that AI systems are both opaque and technically complex, making their behavior hard to predict.
Why AI Liability Matters
To find meaningful solutions to this problem, different kinds of experts have to come together. This resource is designed for a wide audience, but we indicate how specific audiences can best make use of different sections, overviews, and case studies.
Specifically, the report:

Proposes a 3-step analysis to consider how liability should be allocated along the value chain: 1) The choice of liability regime, 2) how liability should be shared amongst actors along the value chain and 3) whether and how information asymmetries will be addressed.
Argues that where ex-ante AI regulation is already in place, policymakers should consider how liability rules will interact with these rules.
Proposes a baseline liability regime where actors along the AI value chain share responsibility if fault can be demonstrated, paired with measures to alleviate or shift the burden of proof and to enable better access to evidence — which would incentivize companies to act with sufficient care and address information asymmetries between claimants and companies.
Argues that in some cases, courts and regulators should extend a stricter regime, such as product liability or strict liability.
Analyzes liability rules in the EU based on this framework.

Why Now?
We have already seen examples of AI causing harm, from biased automated recruitment systems to predictive AI tools used in public services and law enforcement generating faulty outputs. As the number of such examples will increase with AI’s diffusion across the economy, affected individuals should have effective ways of seeking redress and justice — as we have already argued in our initial response to the AILD proposal in 2022 — and businesses should be incentivized to take sufficient measures to prevent harm. At the same time, they should not be overburdened with ineffective rules and have legal certainty rather than facing a patchwork of varying rules across different jurisdictions in which they operate. A well-designed, targeted, and robust liability regime for AI could address all of these challenges — and we hope the research released today can contribute to a more grounded debate around this issue.
The post New Mozilla Research: Civil Liability Along the AI Value Chain appeared first on Open Policy & Advocacy.

by Maximilian Gahntz at April 02, 2025 05:07 AM

`April 01, 2025`

`Web Application Security — Updated GPG key for signing Firefox Releases`

The GPG key used to sign the Firefox release manifests is expiring soon, and so we’re going to be switching over to a new signing subkey shortly.


The GPG fingerprint is 14F2 6682 D091 6CDD 81E3 7B6D 61B7 B526 D98F 0353. The new signing subkey’s fingerprint is 09BE ED63 F346 2A2D FFAB 3B87 5ECB 6497 C1A2 0256, and it expires 2027-03-13.
The public key can be fetched from KEY files from the latest Firefox Nightly, keys.openpgp.org, or from below. This can be used to validate existing releases signed with the current key, or future releases signed with the new key.
-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBFWpQAQBEAC+9wVlwGLy8ILCybLesuB3KkHHK+Yt1F1PJaI30X448ttGzxCz
PQpH6BoA73uzcTReVjfCFGvM4ij6qVV2SNaTxmNBrL1uVeEUsCuGduDUQMQYRGxR
tWq5rCH48LnltKPamPiEBzrgFL3i5bYEUHO7M0lATEknG7Iaz697K/ssHREZfuuc
B4GNxXMgswZ7GTZO3VBDVEw5GwU3sUvww93TwMC29lIPCux445AxZPKr5sOVEsEn
dUB2oDMsSAoS/dZcl8F4otqfR1pXg618cU06omvq5yguWLDRV327BLmezYK0prD3
P+7qwEp8MTVmxlbkrClS5j5pR47FrJGdyupNKqLzK+7hok5kBxhsdMsdTZLd4tVR
jXf04isVO3iFFf/GKuwscOi1+ZYeB3l3sAqgFUWnjbpbHxfslTmo7BgvmjZvAH5Z
asaewF3wA06biCDJdcSkC9GmFPmN5DS5/Dkjwfj8+dZAttuSKfmQQnypUPaJ2sBu
blnJ6INpvYgsEZjV6CFG1EiDJDPu2Zxap8ep0iRMbBBZnpfZTn7SKAcurDJptxin
CRclTcdOdi1iSZ35LZW0R2FKNnGL33u1IhxU9HRLw3XuljXCOZ84RLn6M+PBc1eZ
suv1TA+Mn111yD3uDv/u/edZ/xeJccF6bYcMvUgRRZh0sgZ0ZT4b0Q6YcQARAQAB
tC9Nb3ppbGxhIFNvZnR3YXJlIFJlbGVhc2VzIDxyZWxlYXNlQG1vemlsbGEuY29t
PokCTwQTAQIAIgUCValABAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AAIQkQ
Ybe1JtmPA1MWIQQU8maC0JFs3YHje21ht7Um2Y8DU1CqD/9Gvr9Xu4uqsjDHRQWS
fI0lqxElmFSRjF0awsPXzM7Q1rxV7dCxik4LeiOmpoVTOmqboo2/x5d938q7uPdY
av2Q+RuNk2CG/LpXku9rgmTE7oszEqQliqKoXajUZ91rw19wrTwYXLgLQvzM3CUA
O+Z0yjjfza2Yc0ZtNN+3sF5VpGsT3Fb14aYZDaNg6yPFvkyxp0B1lS4rwgL3lkeV
QNHeAf0qqF9tBankGj3bgqK/5/YlTM2usb3x46bVBvwX2t4/NnYM5hEnI57inwam
X6SiMJc2e2QmBzAnVrXJETrDL1HOl4GUJ6hC4tL3Yw2d7515BlSyRNkWhhdRp1/q
9t1+ovSe48Ip2X2WF5/VA3ATfQhHKa3p+EkIV98VCMZ14x9KIIeBwjyJyFBuvOEE
IYZHdsAdqf1zYRtD6m6obcBrRiNfoNsYmNY4joDrVupI96ksIxVpepXaZkQhplZ1
mQ4eOdGtToIl1cb/4PibVgFnBgzrR4mQ27h4wzAwWdGweJZ/tuGoqm3C6TwfIgan
ajiPyKqsVFUkRsr9y12EDcfUCUq6D182t/AJ+qE0JIGO73tXTdTbqPTgkyf2etnZ
QQZum3L7w41NvfxZfn+gLrUGDBXwqLjovDJvt8iZTPPyMTzemOHuzf40Iq+9sf5V
9PXZ/5X9+ymE3cTAbAk9MLd9fbkCDQRkVUBzARAA1cD3n5ue0sCcZmqX2FbtIFRs
k39rlGkvuxYABsWBTzr0RbRW7h46VzWbOcU5ZmbJrp/bhgkSYRR3drmzT63yUZ62
dnww6e5LJjGSt19zzcber9BHELjqKqfAfLNsuZ7ZQ5p78c6uiJhe8WpbWogbspxJ
20duraLGmK4Kl23fa3tF0Gng1RLhoFcSVK/WtDZyC+elPKpch1Sru6sw/r8ktfuh
NIRGxdbj/lFHNVOzCXb3MTAqpIynNGMocFFnqWLZLtItphHxPUqVr6LKvc3i3aMl
C6IvLNg0Nu8O088Hg3Ah9tRmXKOshLjYjPeXqM9edqoWWqpzxDTNl6JlFMwP+Oac
MKsyX7Wq+ZXC/o3ygC/oclYUKtiuoGg47fSCN2GS3V2GX2zFlT6SEvEQQb2g5yIS
LX9Q/g9AyJdqtfaLe4Fv6vM4P1xhOUDnjmdoulm3FGkC701ZF7eFhMSRUM9QhkGH
6Yz2TvS4ht6Whg7aVt4ErIoJfj9jzJOp6k9vna5Lmgkj8l19NTiUQ7gk98H3wW4m
RrINxZ2yQD47V/LJ+tUamJc5ac+I0VP7c15xmKEJ2rfGCGhiSWQwZZw7Y2/qoADS
BlI28RlBTuRP2i6AdwyJU+75CzxGzMpr/wBLhZT+fNRV4HHd5dgR3YxajpkzZ6wX
L2aaJhznFEmLBLokOwMAEQEAAYkEcgQYAQoAJhYhBBTyZoLQkWzdgeN7bWG3tSbZ
jwNTBQJkVUBzAhsCBQkDwmcAAkAJEGG3tSbZjwNTwXQgBBkBCgAdFiEErdcHlHlw
Dcrf3VM34207E/PZMnQFAmRVQHMACgkQ4207E/PZMnRgdg/+LAha8Vh1SIVpXzUH
Vdx81kPyxBSaXtOtbBw6u9EiPW+xCUiF/pyn7H1lu+hAodeNFADsXmmONKcBjURV
fwO81s60gLKYBXxpcLLQXrfNOLrYMnokr5FfuI3zZ0AoSnEoS9ufnf/7spjba8Rl
dV1q2krdw1KtbiLq3D8v4E3qRfx5SqCA+eJSavaAh3aBi6lvRlUSZmz8RWwq6gP9
Z4BiTTyFp5jQv1ZKJb5OJ+44A0pS+RvGDRq/bAAUQULLIJVOhiTM74sb/BPmeRYU
S++ee10IFW4bsrKJonCoSQTXQexOpH6AAFXeZDakJfyjTxnl3+AtA4VEp1UJIm0Y
we0h6lT0isSJPVp3RFZRPjq0g+/VniBsvYhLE/70ph9ImU4HXdNumZVqXqawmIDR
wv7NbYjpQ8QnzcP3vJ5XQ4/bNU/xWd1eM2gdpbXI9B46ER7fQcIJRNrawbEbfzuH
y5nINAzrznsg+fAC76w2Omrn547QiY2ey7jy7k79tlCXGXWAt9ikkJ95BCLsOu5O
TxPi4/UUS2en1yDbx5ej7Hh79oEZxzubW1+v5O1+tXgMOWd6ZgXwquq50vs+X4mi
7BKE2b1Mi6Zq2Y+Kw7dAEbYYzhsSA+SRPu5vrJgLTNQmGxxbrSA+lCUvQ8dPywXz
00vKiQwI9uRqtK0LX1BLuHKIhg4OgxAAnmFSZgu7wIsE2kBYwabCSIFJZzHu0lgt
RyYrY8Xh7Pg+V9slIiMGG4SIyq5eUfmU8bXjc4vQkE6KHxsbbzN6gFVLX1KDjxRK
h+/nG/RDtfw/ic7iiXZfgkEqzIVgIrtlDb/DK6ZDMeABnJcZZTJMAC4lWpJGgmnZ
xfAIGmtcUOA0CKGT43suyYET7L7HXd0TM+cJRnbEb7m8OexT9Xqqwezfqoi1MGH2
g8lRKQE4Z2eEFvCiuJnCw547wtpJWEQrGw1eqL3AS8Y051YqblbXLbgf5Oa49yo6
30ehq9OxoLd7+GdWwYBlr/0EzPUWezhdIKKvh1RO+FQGAlzYJ6Pq7BPwvu3dC3YY
dN3Ax/8dj5036Y+mHgDsnmlUk8dlziJ0O3h1fke/W81ABx4ASBktXAf1IweRbbxq
W8OgMhG6xHTeiEjjav7SmlD0XVOxjhI+qBoNPovWlChqONxablBkuh0Jd6kdNiaS
EM9cd60kK3GT/dBMyv0yVhhLci6HQZ+Mf4cbn0KtayzuQLOcdRCN3FF/JNQH3v6L
A1MdRfmJlgC4UdiepBb1uCgtVIPizRuXWDjyjzePZRN/AqaUbEoNBHhIz0nKhQGD
bst4ugIzJWIX+6UokwPC3jvJqQQttccjAy6kXBmxfxyRMB5BEeLY0+qVPyvOxpXE
GnlSHYmdIS65Ag0EZ9KQfQEQAOVIyh0sZPPFLWxoFT0WhPzHw8BhgnCBNdZAh9+S
M0Apq2VcQKSjBjKiterOTtc6EVh0K2ikbGKHQ1SvwNdsYL01cSkJSJORig/1Du1e
h+2nlo8nut7xT//V+2FQyWFCLDeQvLlAs3QHMrMYxTcwNk3qi/z1Z5Q4e6Re2aKR
U00LtSomD6CKWy9nAaqTRNzzdndJwIyCyshX4bbUzAzE7Wbgh/E0/FgBGw87LYIT
qyU6US4lvoUXB+89XxwMxO9I74L118gXEyybz+JN0/w87hXAKnaKjasSvobKE4ma
u8SXqmOO66MxiMaF4Xsmr3oIwo8q9W5d+hA+t225ipq2rZZErmPL44deMCeKmepj
LTa9CoxX2oVpDWGOYFRyJRkLDyyH4O3gCo/5qv4rOTJqPFfKPtrjWFJKGf4P4UD0
GSBX2Q+mOf2XHWsMJE4t8T7jxQCSAQUMwt6M18h1auIqcfkuNvdJhcl2GvJyCMIb
kA3AoiuKaSPgoVCmJdbc6Ao9ydmMUB5Q1rYpMNKCMsuVP9OcX8FoHEVMXOvr0f6W
fj+iHytfO2VTqrw/cqoCyuPoSrgxjs1/cRSz5g9fZ0zrOtQyNB5yJ3YPTG3va1/X
LflrjPcT4ZUkej9nkFpCNWdEZVWD/z3vXBGSV11N9Cdy60QbD4yZvDjV2GQ+dwAF
1o1BABEBAAGJBHIEGAEKACYWIQQU8maC0JFs3YHje21ht7Um2Y8DUwUCZ9KQfQIb
AgUJA8JnAAJACRBht7Um2Y8DU8F0IAQZAQoAHRYhBAm+7WPzRiot/6s7h17LZJfB
ogJWBQJn0pB9AAoJEF7LZJfBogJW9I4QAJbv4Rhb4x6Jl75x2Lfp46/e3fZVDhzU
dLjK8A/acRF7JRBuJVJRaijJ5tngdknmlmbzfqlyzsMWUciAwVJRvijNFDeicet5
zJpBRsXEUAug3iVCD1KlVvLzjCi9Eb9s6xCQjSJ8DZE020s41wdqtb1nziDASAkg
+YH2DzpTEaZVNM39uNDKbaJLYIjKA9MV1YHArqUldFsoofBe4zIZRFyvMD7Gmr7X
m0IWYLrfmnenm1JJYIkvGUeVoP8dEonAVhLVwvwwufobV0qdtMfhZsgFwf1XSHI9
MtD4yAVtBqBTkfFeRLnBjJK/ywYxGqbadt1b57I4ywTQ16oXNrlTF1Su0I8i/fo0
i/9ohNl3opN3LbaEbhT37M4xpy4MgL2Fthddc2gWvF/8TFRaXw7LaLSR7HwO+Y0C
pOtV/Ct4RzKEulY5DpV9b1JQJhpLcjMz+pBDAM3KJuiV6Bcfoz5PZowFy74UmE02
Vzk/oyuI/o4KMihy0UzWQVkOZTTu4eONktgGiZOnRFdiLKVgeLEDXTLdhbuwGS2+
wX3I7lLP9AWpK8Ahc81eUwU6MwdbfwfJ1ELtKaa/JmMjaWkr5aGrp88d8ePR9jYA
47Z2q0esB67pRJVe0McVJlu9GQGq05S7lZKs6mi9dHTzeHwua//IXHMK0s3WhMU7
vGwJ3E2+pTstf8AQALSwkezD3QchPV+5CAUYY7CmMXB6zzIU18wCS61Y8QdDvqmt
WHdMVTp4xT14fS6cvB4uFzacGQJ7CVIWeZgwEFzZiev3dKpnUOGg0WQSwmQQA0JC
g6/qS0AeUPINjhWtNcR7voCqAYeRcjo47UJclD/KKNTCn27btHRaEmpTdTtC6sxi
VElFObb3a9tHXqwLWp8gJ+NZ+6mlrvvH2hm1CAyQTDRYC7nN69QJrKHR8HA3AeR5
figQHLwvmfQlV2erZE17GT+L5t0HxX/HKZCim91PApqa+7iY0eKPAG5iacABrBi9
zzh/ex0ovvuxsBDKUFCSu7HIivnAVrdS/kbO1qJ5I3MBMp0dlQ6PS6LeZIRhxts0
aPPZedsXytoL7kFLISfJ55AuhJpskz+55uviJhp/H3zNBYtQ+dmFmp4RRk/Nvu0z
v6OGtaZy6M5X24Pbzb/OApBML84cEmb3iZie9J2ZYW68/D96sP09x6GItCJlCIdQ
ZkRcwmkQwgtq9sJDw92/vSGeYdRn+oCAxJ14eObCsVwcfJARLt45btEnx+zRCAHA
HQHpV6qTGT6nqg57XuM9iNNdyTGKRU+Iklgb9LRxVAQfbn5uXYb5j2ox5pjxtbXT
f9Lbo7RkygcWSKZPWmYgGsKS6jmXkDa/TyOlPxkbaknpPbYMBztRT4Ju0VU4
=8qIP
-----END PGP PUBLIC KEY BLOCK-----
The post Updated GPG key for signing Firefox Releases appeared first on Mozilla Security Blog.

by Julien Cristau at April 01, 2025 08:31 AM

`March 31, 2025`

`Open Policy & Advocacy — Mozilla Mornings: Unleashing PETs – Regulating Online Ads for a Privacy-First Future`

Our first edition of Mozilla Mornings in 2025 will explore the state of online advertising and what needs to change to ensure a fairer, healthier, and privacy-respecting ads ecosystem where everyone stands to benefit.


The European regulatory landscape for online advertising is at a turning point. Regulators step up enforcement under the GDPR, the DMA and the DSA and industry players explore alternatives to cookies. Despite these advancements, online advertising remains an area where users do not experience strong privacy protections, and the withdrawal of the ePrivacy Regulation proposal can only exacerbate these concerns.
The industry’s reliance on invasive tracking, excessive profiling, and opaque data practices makes the current model deeply flawed. At the same time, online advertising remains central to the internet economy, supporting access to information, content creators, and journalism.
This Mozilla Mornings session will bring together policymakers, industry experts and civil society to discuss how online advertising can evolve in a way that benefits both users and businesses.

How can we move towards a more privacy-respecting and transparent advertising ecosystem while maintaining the economic sustainability of the open web?
How can regulatory reforms, combined with developments in the space of Privacy-Enhancing Technologies (PETs) and Privacy-Preserving Technologies (PPTs), provide a viable alternative to today’s surveillance-based advertising?
And what are the key challenges in making this shift at both the policy and technological levels?

To discuss these issues, the panel will welcome:

Rob van Eijk, Managing Director at Future of Privacy Forum
Svea Windwehr, Associate Director Public Policy at Electronic Frontier Foundation
Petra Wikström, Senior Director Public Policy at Schibsted
Martin Thomson, Distinguished Engineer at Mozilla

The discussion will also feature a fireside chat with Prof. Dr. Max von Grafenstein from Einstein Center Digital Future at the UdK Berlin.

Date: Wednesday 9th April 2025
Time: 08:45-10:15 CET
Venue: L42, Rue de la Loi 42, 1000 Brussels

To register, click here.
The post Mozilla Mornings: Unleashing PETs – Regulating Online Ads for a Privacy-First Future appeared first on Open Policy & Advocacy.

by Tasos Stampelos at March 31, 2025 06:07 PM

`March 27, 2025`

`Firefox UX — Marshmallows are for team players — A light-hearted, Severance-inspired icebreaker your team will…`

`Marshmallows are for team players — A light-hearted, Severance-inspired icebreaker`

Let’s be real — most icebreakers are cringe with a capital C. But instead of pretending we’re above it, what if we just… leaned into the weird? That’s my plan for our upcoming workweek. Severance just wrapped (what a finale, am I right?!), and the vibe is spot-on: relevant, bizarre in the best way, and blessedly spoiler-free. So I channeled my inner Milchick, grabbed some marshmallows, and cooked up something that might just be weird enough to stand out from the usual “ugh, another icebreaker” routine.

Here’s how to run your own “Marshmallows Are for Team Players” session:

Two people dressed in matching white winter outfits stand in a dark setting lit dramatically from below. The person on the left holds a tray of neatly arranged marshmallows, looking toward the person on the right, who stares straight ahead with a serious expression. The scene evokes a cult-like, ceremonial vibe.

`Set the Mood (2 min)`

Start with a little corporate dystopia ambiance:

Play the Severance theme music for 10–15 seconds.
Then roll the iconic clip of Milchick saying:

Close-up of a man lit dramatically from below, wearing a white turtleneck and coat, with a serious expression. On-screen subtitle reads: “Marshmallows are for team players, Dylan.” The scene has an eerie, intense tone.

3. With a grin, tell your team: “That’s right. Marshmallows are for team players.”

`Explain the Rules (1 min)`

We’ve got marshmallows — but they’re not free. To earn one, you need to give a shoutout to a teammate who was a great collaborator this week.

It could be anything — big impact, quiet kindness, or someone who brought great vibes to a meeting.

Tell them: “Try to keep it to one kudos each so we have time for everyone — but if you really need to sneak in an extra one, I won’t stop you.”

`The Kudos Round (5–10 min)`

Go popcorn style — whoever goes gives kudos, grabs a marshmallow, then calls on the next person.

Each person:

Shares a kudos
Collects a marshmallow
Picks who goes next

Bonus rule: If someone gives kudos and gets one, they can take two marshmallows. Double win.

`The Marshmallow Club Photo (2 min)`

Wrap it up with a team pic:

“Grab your marshmallow, hold it up like it’s your Severance badge, and let’s get a group photo. Smile like Milchick!”

Suggested file name: team_players_in_marshmallow_mode.jpg

`Slack Follow-Up`

Post the photo with something like:

Behold: the Marshmallow Club Everyone here earned their marshmallow by lifting someone else up. True team player behavior.

We’ve also unlocked a new emoji: :milchick-approves: Use it to celebrate kudos, overachievers, or extreme corporate joy.

Praise Kier.

`Try It Yourself`

All it takes is a playlist, a clip, a bag of marshmallows — and a bit of satire. Give it a go at your next team meeting or offsite. Just don’t forget the group photo. Milchick is watching.

Have your own twist on this idea? Or another ridiculous icebreaker that weirdly worked? Drop it in the comments or DM me — I’m always collecting ideas.


Marshmallows are for team players — A light-hearted, Severance-inspired icebreaker your team will… was originally published in Firefox User Experience on Medium, where people are continuing the conversation by highlighting and responding to this story.

by Emanuela at March 27, 2025 10:32 PM

`Open Policy & Advocacy — Mozilla shares 2025 Policy Priorities and Recommendations for Creating an Internet Where Everyone Can Thrive`

Mozilla envisions a future where the internet is a truly global public resource that is open, accessible, and safe for all. An internet that benefits people using online services, prioritizes the right to privacy, and enables economic dynamism. Our commitment to this vision stems from Mozilla’s foundational belief that the internet was built by people, for people and that its future should not be dictated by a few powerful organizations.


When technology is developed solely for profit, it risks causing real harm to people. True choice and control for Americans can only be achieved through a competitive ecosystem with a range of services and providers that foster innovation. However, today’s internet is far from this ideal state, and without action, is only set to become increasingly consolidated in the age of AI.
Today, Mozilla is setting out our 2025 – 2026 Policy Vision for the United States as we look to a new administration and a new congress. Our policy vision is anchored in our guiding principles for a healthy internet, and outlines policy priorities that we believe should be the ‘north star’ for U.S. policymakers and regulators. Some recommendations are long overdue, while others seek to ensure the development of a healthy and competitive internet moving forward.
Here’s how we can work together to make this happen.
Priority 1: Openness, Competition, and Accountability in AI
Promoting open source policies and approaches in AI has the potential not just to create technology that benefits individuals, but also to make AI systems safer and more transparent. Open approaches and public investment can spur increased research and development, create products that are more accessible and less vulnerable to cyberattacks, and help to catalyze investment, job creation, and a more competitive ecosystem. Mozilla’s key recommendations include:

Increase government use of, and support for, open-source AI. The U.S. federal government procures billions of dollars of software every year. The government should use these resources to promote and leverage open source AI when possible, to drive growth and innovation.
Develop and fund public AI infrastructure. Supporting initiatives like the National AI Research Resource (NAIRR) and the Department of Energy’s FASST program is crucial for developing public AI infrastructure that provides researchers and universities with access to AI tools, fosters innovation and ensures benefits for all.
Grow the AI talent ecosystem. It is critical that America invests in education programs to grow the domestic AI talent ecosystem. Without this talent, America will face serious difficulties competing globally.
Provide access to AI-related resource consumption data. At its current growth trajectory, AI could end up consuming tremendous amounts of natural resources. The government should work with the AI industry (from semiconductor developers to cloud providers to model deployers) to provide open access to resource consumption data and increase industry transparency; this can help to prevent expensive and dangerous grid failures and could lead to lower energy prices for consumers.
Clarify a federal position on open source AI export controls that maintains an open door for innovation. By affirming a federal position on open source AI export controls to reflect those of NTIA, and emphasizing the benefits of open models, the administration can spur further advancement in the field.

Priority 2: Protecting Online Privacy and Ensuring Accountability 
Today’s internet economy is powered by people’s information. While this data can deliver massive innovation and new services, it can also put consumers and trust at risk. Unchecked collection and opaque practices can leave people susceptible to deceptive and invasive practices, and discrimination online.  The rise of generative AI makes the issue of online privacy more urgent than ever.

Mozilla believes that privacy and innovation can coexist. With action and collaboration, policymakers can shift the internet economy toward one that prioritizes users’ rights, transparency, and trust — where privacy is not a privilege but a guarantee for all. We recommend that policymakers:

Pass strong comprehensive federal privacy legislation and support state efforts. Congress must enact a sufficiently strong comprehensive federal privacy law that addresses AI-specific privacy protections, upholds data minimization, ensures the security protections that encryption provides, and covers children and adults, setting a high bar for meaningful protections. This is how Congress can create an environment where people can truly benefit from the technologies they rely on without paying the premium of exploitation of their personal data. States should also move to enact strong laws to fill the gap and protect their constituents.
Support the adoption of privacy-enhancing technologies (PETs). This includes funding NIST and the National Science Foundation to advance fundamental and applied research, while establishing strong privacy protections that incentivize companies to prioritize PETs. The global standards development and consensus process is essential for privacy preserving technologies to develop in a sustainable manner, in particular around areas like advertising. Legislation can also incentivize companies to adopt more privacy-preserving business practices, ultimately benefiting users and supporting their right to privacy online.
Provide necessary resources and tools to data privacy regulators. Congress and the administration must enable and empower relevant federal regulators by providing additional resources and authorizations to facilitate privacy-related investigations and enforcement. Efforts should, in particular, target data brokers who traffic sensitive data.
Support critical independent research. Policymakers should ensure meaningful access to important data from major platforms for academia and civil society, enabling better research into big tech’s harms and stronger accountability. Transparency efforts like the bipartisan Platform Accountability and Transparency Act (PATA) are essential to advancing transparency while protecting public-interest research. Expanding such legislation to include AI platforms and model providers is critical to addressing privacy-related harms and ensuring accountability in the evolving digital landscape.
Respect browser opt-out signals. We encourage lawmakers at the state and federal level to support key privacy tools, like the Global Privacy Control (GPC) that Firefox uses. Mozilla supports bills like California’s AB 566, which would require browsers and mobile operating systems to include an opt-out setting. We encourage lawmakers at the state and federal level to advance this key privacy tool in law and meet the expectations that consumers rightly have about treatment of their personal information.

Priority 3: Increasing Choice for Consumers
Real choice and control for consumers require an open, fair, and competitive ecosystem where diverse services and providers can thrive.

Updated competition laws – and an understanding of the importance of competition at every layer of the ecosystem – are essential for the internet to be private, secure, interoperable, open, transparent, and to balance commercial profit with public benefit. Mozilla is committed to this future. To achieve this, we must advance the below.

Update antitrust legislation to address anti-competitive business practices, such as harmful self-preferencing, that stymie innovation and limit consumer choice. Congress must pass antitrust legislation that addresses these practices and provides the necessary resources, expertise, and authority to relevant regulatory agencies.
Tackle harmful design practices. Harmful deceptive design practices not only manifest at the interface level, but also deeper at the operating system level – particularly in cases of vertical integration of services and features. Deploying manipulative, coercive, and deceptive tactics such as aggressive and misleading prompts, messages, and pop-ups risk overriding user choice entirely. Policymakers must hold bad actors accountable.
Foster competition across the ecosystem. Independent browser and browser engine developers, like Mozilla, have a long history of innovating and offering privacy- and security-conscious users a meaningful alternative to big tech browser engines. Policymakers should recognize the importance of independent browsers and browser engines in maintaining a safe, open, and interoperable web that provides meaningful choice.

So what is the path forward?
We see our vision as a roadmap to a healthier internet. We recognize that achieving this vision means engaging with legislators, regulators, and the wider policy community. Mozilla remains committed to our mission to ensure the internet is a space for innovation, transparency, and openness for all.
Read our Vision for the United States: 2025 – 2026 for a more comprehensive look at our priorities and recommendations to protect the future of the internet. 
The post Mozilla shares 2025 Policy Priorities and Recommendations for Creating an Internet Where Everyone Can Thrive appeared first on Open Policy & Advocacy.

by Jenn Taylor Hodges and Joel Burke at March 27, 2025 03:49 PM

`March 25, 2025`

`hacks.mozilla.org — Improving Firefox Stability in the Enterprise by Reducing DLL Injection`

Beginning in version 138, Firefox will offer an alternative to DLL injection for Data Loss Prevention (DLP) deployments in enterprise environments.


DLL Injection
DLL injection into Firefox is a topic we’ve covered on the Hacks blog before. In 2023, we blogged about the Firefox capability to let users block third-party DLLs from being loaded. We explained what DLL injection is, how we deal with problematic third-party modules, our about:third-party page, and our third-party injection policy. Earlier, in 2019, we released a study of DLL injection Firefox bugs in collaboration with Polytechnique Montréal. We return to this topic now, in the context of enterprise Firefox installations.
First, a reminder of what DLL injection is and why it continues to be problematic. DLL injection is the term we use to describe third-party Windows software injecting its own DLL module code into Firefox. Third parties develop DLLs for injecting into applications to extend their functionality in some way. This is prevalent in the Windows ecosystem. When third-party code is injected, the injected code interacts with the internals of the application. While it is not unusual for software to work together, and the internet is built on software interoperating over documented standards, DLL injection differs in that the undocumented internals of an application are not intended to be a stable interface. As such, they are a poor foundation to build software products on. When the underlying application is changed, it can result in incompatibilities, leading to crashes or other unexpected behavior. In a modern web browser like Firefox, new features and fixes, big and small, are developed and released on a monthly schedule. Normal browser development can therefore cause incompatibilities with injected software, resulting in Firefox crashes, bypassing of security features, or other unpredictable buggy behavior. When these problems arise, they require emergency troubleshooting and engineering of workarounds for users until the problems are addressed by software updates. This often requires collaboration between the browser and the third-party application’s developers. The type of software injected into Firefox varies from small open source projects to widely-deployed enterprise security products. In an attempt to eliminate some of the most difficult DLL injection issues, we’ve turned our attention to Data Loss Prevention enterprise applications.
Data Loss Prevention (DLP) in the Enterprise
Data Loss Prevention (DLP) products are a type of software that is widely deployed by organizations to prevent unintended leaks of private data. Examples of private data include customer records such as names, addresses, credit card information or company secrets. Much like how anti-virus software is deployed across a corporation’s fleet of laptops, so too is DLP software. These deployments have become increasingly common, in large part due to compliance and liability concerns.
How does this relate to Firefox? DLP software typically uses DLL injection to monitor applications such as Firefox for activity that might leak private data. This only applies to specific operations that can leak sensitive information such as file uploads, pasting (as in copy-and-paste), drag-and-drop, and printing.
DLP and Firefox Today
Today, DLP software typically monitors Firefox activity via DLL injection as described above. Firefox and web browsers are not unique in this respect, but they are heavily used and under constant development, making DLL injection more dangerous. DLP software is typically deployed to a fleet of corporate computers that are managed by an IT department. This includes deployment of the software that injects into applications. DLP vendors take efforts to ensure that their products are compatible with the latest version of Firefox by testing beta versions and updating their DLLs as needed, but problems still occur regularly. A common issue is that a problem is encountered by corporate users who report the problem to their IT department. Their IT staff then work to debug the problem. They may file a bug report with Firefox or the DLP vendor. When a Firefox bug is filed, it can be a challenge for Mozilla to determine that the bug was actually caused by external software. When we learn of such problems, we alert the vendor and investigate workarounds. In the interim, users have a poor experience and may have to work around problems or even use another browser. When the browser is not functional, the problem becomes a high severity incident where support teams work as quickly as possible to help restore functionality.
Browsing Privacy
When users browse on company-owned computers, their browsing privacy is often subject to corporate-mandated software. Different regions have different laws about this and the disclosures required, but on a technical level, when the device is controlled by a corporation, that corporation has a number of avenues at its disposal for monitoring activity at whatever level is dictated by corporate policy. Firefox is built on the principle that browsing activity belongs only to the user, but as an application, it cannot reasonably override the wishes of the device administrator. Insofar as that administrator has chosen to deploy DLP software, they will expect it to work with the other software on the device. If a well-supported mechanism is not available, they will either turn to opaque and error-prone methods like DLL injection, or replace Firefox with another browser.
What’s New – Reducing DLL Injection in the Enterprise
Starting with Firefox 138, DLP software can work with Firefox without the use of DLL injection. Firefox 138 integrates the Content Analysis SDK and it can be enabled with Enterprise Policies. The SDK, developed by Google and used in Chrome Enterprise, is a lightweight protocol between the browser and a DLP agent, with the implementation being browser-specific. In other words, Firefox has its own implementation of the protocol. The integration allows Firefox to interact with DLP software while reducing the injection of third-party code. This will improve the stability for Firefox users in the enterprise and, as more DLP vendors adopt the SDK, there will be less third-party code injected into Firefox. With vendors and browsers using the same SDK, vendors can know that a single DLP agent implementation will be compatible with multiple browsers. During development of the Firefox implementation, we’ve been working with some leading DLP vendors to ensure compatibility. In addition to stability, Firefox will display an indicator when the DLP SDK is used, providing more transparency for users.
For Enterprise Use
Firefox will only enable the Content Analysis SDK in configurations where a Firefox Enterprise Policy is used. Firefox Enterprise Policies are used by organizations to configure Firefox settings across a fleet of computers. They allow administrators to configure Firefox, for example, to limit which browser extensions can be installed, set security-related browser settings, configure network proxy settings, and more. You can learn more about Firefox Enterprise Policies on our support article Enforce policies on Firefox for Enterprise.
The post Improving Firefox Stability in the Enterprise by Reducing DLL Injection appeared first on Mozilla Hacks - the Web developer blog.

by Haik Aftandilian at March 25, 2025 06:31 PM

`March 24, 2025`

`Open Policy & Advocacy — Mozilla Respond to the White House’s RFI on AI`

`The Future of AI Must Be Open, Competitive, and Accountable`


The internet has always thrived on openness, access, and broad participation. But as we enter the AI era, these core principles are at risk. A handful of dominant tech companies are positioned to control major AI systems, threatening both competition and innovation. At Mozilla, we believe AI should serve the public interest—not just corporate bottom lines.
Earlier this month, we responded to the White House Office of Science and Technology Policy’s request for input on AI policy, where we offered a roadmap for a more open and trustworthy AI future (view Mozilla’s full submission here). Here’s what we think should happen.
1. AI Policy Must Prioritize Openness, Competition, and Accountability
Right now, too much AI development stays behind closed doors. Proprietary models dominate, creating a landscape where users and developers have little insight—or control—over the AI systems shaping our digital lives. If we want AI that benefits everyone, we need strong policies that promote:

Openness: Encouraging open-source AI development ensures transparency, security, and accessibility.
Competition: Preventing monopolistic control keeps AI innovation dynamic and diverse.
Accountability: Effective governance can mitigate AI’s risks while fostering responsible development.

By advancing these principles, we can build an AI ecosystem that empowers users rather than locking them into closed, corporate-controlled systems.
2. The Government Should Support Public AI Infrastructure
AI’s future shouldn’t be dictated solely by private companies. Public investment is key to ensuring broad access to AI tools and research. We support initiatives like the National AI Research Resource (NAIRR), which would provide universities, researchers, and small businesses with AI computing power and resources. We hope to see federal, state, and local governments increasingly adopt open source AI models in their workflows, which can help save taxpayers money, increase efficiency, and prevent vendor lock-in. Public AI infrastructure levels the playing field, allowing more voices to shape AI’s future and facilitating innovation across America, not just in a few tech hubs.
3. Open-Source AI Should Be Encouraged, Not Restricted
Discussions about restricting open-source AI through export controls often miss the point about how to ensure national leadership in AI. Open-source AI fosters innovation, improves security, and lowers costs—critical benefits for businesses, researchers, and everyday users around the world. For the United States, promoting open source AI means more global products would be built on top of American AI innovation.
A 2025 McKinsey report, “Open source in the age of AI,” created in collaboration with Mozilla, found that 60% of decision-makers reported lower implementation costs with open-source AI compared to proprietary tools. Restricting open models would stifle progress and put the U.S. at a competitive disadvantage. Instead, we urge policymakers to support the open-source AI ecosystem and resist governance approaches that restrict AI models overall rather than making more targeted and precise interventions for AI harms.
4. AI Energy Consumption Needs Transparency
AI systems consume enormous amounts of energy, and this demand is only growing. To prevent AI from straining our power grids and driving up costs, we need better transparency into AI’s resource consumption so that we can plan infrastructure development more effectively. The federal government should work with the industry to collect and share data on AI energy use. By understanding AI’s impact on infrastructure, we can promote sustainable innovation.
5. The U.S. Must Invest in AI Talent Development
AI leadership isn’t just about technology—it’s about people. To remain competitive, the U.S. needs a strong, diverse workforce of AI researchers and practitioners. That means investing in:

Community colleges and public universities to train the next generation of AI professionals.
Apprenticeship and retraining programs to help workers adapt to AI-driven industries and adopt AI in every type of business across the economy from manufacturing to retail.
Public-private partnerships that create novel education pathways for students, like Dakota State University’s collaboration with ArmyCyber.

By growing the AI talent ecosystem, we ensure that AI works for people—not the other way around.
The Path Forward
AI is one of the most transformative technologies of our time. But without strong policies, it risks becoming yet another tool for big tech consolidation and unchecked corporate power.
At Mozilla, we believe in an AI future that is open, competitive, and accountable. We call on policymakers to take bold steps—supporting open-source AI, investing in public infrastructure, and fostering fair competition—to ensure AI works for everyone.
The post Mozilla Respond to the White House’s RFI on AI appeared first on Open Policy & Advocacy.

by Joel Burke and Jenn Taylor Hodges at March 24, 2025 07:31 PM

`March 13, 2025`

`The Mozilla Thunderbird Blog — VIDEO: The Thunderbird Design System`


In this month’s Community Office Hours, Laurel Terlesky, Design Manager, is talking about the new Thunderbird Design System. In her talk from FOSDEM, “Building a Cross-Platform, Scalable, Open-Source Design System,” Laurel describes the Thunderbird design journey. If you are interested in how the desktop and mobile apps have gotten their new look, or in the open source design process (and how to take part), this talk is for you!



Next month, we’ll be chatting with Vineet Deo, a Software Engineer on the Desktop team who will walk us through the new Account Hub on the Desktop app. If you want a sneak peak at this new streamlined experience, you can find it in the Daily channel now and the Beta channel starting March 25. 



February Office Hours: The Thunderbird Design System



As Thunderbird has grown over the past few years, so has its design needs. The most recent 115 and 128 releases, Supernova and Nebula, have introduced a more modern, streamlined look to the Thunderbird desktop application. Likewise, the Thunderbird for Android app has incorporated Material 3 in its development from the K-9 Mail app. When we begin working on the iOS app, we’ll need to work with Apple’s Human Interface Guidelines. Thus, Laurel and her team have built a design system that provides consistency across our existing and future products. This system’s underlying principles also embrace user choice and privacy while emphasizing human collaboration and high design standards.



Watch, Read, and Get Involved



We’re so grateful to Laurel for joining us! We hope this video helps explain more about how we design our Thunderbird products. Want to know more about this new Thunderbird design system? Want to find out how to contribute to the design process? Watch the video and check out our resources below!



VIDEO (Also on Peertube):









Thunderbird Design Resources:




Open Source Design



Thunderbird UX Mailing List



Thunderbird/Mozilla Careers

The post VIDEO: The Thunderbird Design System appeared first on The Thunderbird Blog.

by Monica Ayhens-Madon at March 13, 2025 07:07 PM

`March 12, 2025`

`Web Application Security — Enhancing CA Practices: Key Updates in Mozilla Root Store Policy, v3.0`

Mozilla remains committed to fostering a secure, agile, and transparent Web PKI ecosystem. The new Mozilla Root Store Policy (MRSP) v3.0, effective March 15, 2025, introduces critical updates to strengthen Certificate Authority (CA) practices and enhance compliance.


A major focus of MRSP v3.0 is tackling the long-standing challenge of delayed certificate revocation—an issue that has historically weakened the security and reliability of TLS certificate management. The updated policy establishes clearer revocation expectations, improved incident reporting, subscriber education by CAs, revocation planning, and automated certificate issuance to ensure that certificate replacement and revocation can be handled promptly and at scale.
Beyond improving revocation, MRSP v3.0 also introduces policies to move CA operators toward dedicated hierarchies for TLS and S/MIME certificates and to enhance CA private key security with improved lifecycle tracking. All of these updates raise the bar for CA operations, reinforcing security and trust across the broader internet ecosystem.
Addressing Delayed Certificate Revocation
One of the most persistent challenges in certificate management has been ensuring that TLS server certificates are revoked quickly when necessary. Many website operators struggle to replace certificates efficiently, while security advocates emphasize the need for rapid revocation and automated certificate lifecycle management to reduce risks.
To strike the right balance between security, stability, and operational feasibility, MRSP v3.0 introduces several key changes towards clearer and more comprehensive revocation expectations.
No Exceptions to Revocation Requirements
Previously, some CA operators expressed uncertainty about whether Mozilla could grant exceptions to revocation timelines in certain situations. MRSP v3.0 explicitly reiterates that Mozilla does not grant exceptions to the TLS Baseline Requirements for revocation. This will promote more consistent enforcement of revocation policy.
Stronger Subscriber Communication and Contractual Clarity
CA operators must proactively warn subscribers about the risks of relying on publicly trusted certificates in environments that cannot tolerate timely revocation. Additionally, Subscriber Agreements must explicitly require cooperation with revocation timelines, ensuring CA operators can act without unnecessary delays.
Mass Revocation Preparedness
Historically, large-scale certificate revocations have been challenging, leading to operational slowdowns, and ecosystem-wide risks when urgent action is required. To prevent revocation delays, MRSP v3.0 mandates mass revocation readiness to help ensure that CA operators proactively plan for such scenarios. CA operators will be required to develop, maintain, and test comprehensive plans to revoke large numbers of certificates quickly when necessary. And, to further strengthen mass revocation preparedness, MRSP v3.0 introduces a third-party assessment requirement. Assessors will verify that CA operators:

Maintain well-documented, actionable plans for large-scale revocation,
Demonstrate feasibility through regular testing, and
Continuously improve their approach based on lessons learned.

These measures ensure CA operators are fully prepared for high-impact security events.
By strengthening mass revocation preparedness–and investing in CRLite–Mozilla is working to make certificate revocation a reliable security control.
Enhancing Automation in Certificate Issuance and Renewal
Automation plays a critical role in ensuring certificates can be replaced in a timely manner. To further encourage adoption of automation, MRSP v3.0 introduces new requirements for CA operators seeking root inclusion with the “websites” trust bit enabled, including: offering automation options for Domain Control Validation (DCV), certificate issuance, and renewal (demonstrated by a publicly accessible test website demonstrating automated certificate replacement at least every 30 days). Test website details must be disclosed in the Common CA Database (CCADB), adding transparency to this requirement. This push for more automation aligns with industry best practices, reducing reliance on manual processes, improving security, and minimizing mismanagement risks.
Phasing Out Dual-Purpose (TLS and S/MIME) Root CAs 
A significant change introduced in MRSP v3.0 is the phase-out of dual-purpose root CAs—those with both the “websites” trust bit and the “email” trust bit enabled. The industry is already moving toward separating TLS and S/MIME hierarchies due to their distinct security needs. Keeping these uses separate at the root certificate level ensures more focused compliance, increases CA agility, reduces complexity, and enhances security.  Going forward, Mozilla’s Root Store will require that new root CA certificates are dedicated to either TLS or S/MIME, and CA operators with existing dual-purpose roots will need to submit a transition plan to Mozilla by April 15, 2026, and complete a full migration to separate roots by December 31, 2028. This move enhances clarity and security by ensuring TLS and S/MIME compliance requirements remain distinct and enforceable.
Strengthening CA Key Security with “Cradle-to-Grave” Monitoring
Another major enhancement in MRSP v3.0 is the introduction of stricter key lifecycle monitoring to protect “parked” CA private keys. A “parked” key is a private key that the CA operator has generated for future use, but not yet used in a CA certificate. MRSP v3.0 adds mandatory reporting of parked key public hashes (corresponding to the parked CA private key) in annual audits. By enforcing transparency and accountability, Mozilla strengthens protections against undetected key compromise or misuse.
Conclusion
MRSP v3.0 represents a major step forward in ensuring stronger CA accountability with more reliable certificate revocation processes, better automation and operational resilience, and enhanced security for CA private keys. In all, these changes help modernize the Web PKI and ensure that CA operations will remain transparent, accountable, and secure.  We encourage you to engage with the Mozilla community and to contribute to these efforts and our shared mission of ensuring a secure and trustworthy online experience for all users.
The post Enhancing CA Practices: Key Updates in Mozilla Root Store Policy, v3.0 appeared first on Mozilla Security Blog.

by Ben Wilson at March 12, 2025 04:14 PM

`March 11, 2025`

`The Mozilla Thunderbird Blog — Thunderbird Monthly Development Digest – February 2025`


Hello again Thunderbird Community! Despite the winter seeming to last forever and the world being in a state of flux, the Thunderbird team has been hard at work both in development and planning strategic projects. Here’s the latest from the team dedicated to making Thunderbird better each day:



Monthly Releases are here!



The concept of a stable monthly release channel has been in discussion for many years and I’m happy to share that we recently changed the default download on Thunderbird.net to point at our most feature-rich and up-to-date stable version. A lot of work went into this release channel, but for good reason – it brings the very latest in performance and UX improvements to users with a frequent cadence of updates. Meaning that you don’t have to wait a year to benefit from features that have been tested and already spent time on our more experimental Daily and Beta release channels. Some examples of features that you’ll find on the monthly release channel (but not on ESR) are:




Linux System Tray



Dark reader Support



Folder compaction improvements



Hundreds of UI enhancements



ICS Import



Calendar printing improvements



Appearance settings UI



Many, many more




Download it over the top of your ESR installation and get the benefits today!



Developing Standards



As privacy and security legislation evolves, the Thunderbird team often finds itself in the heart of discussions that have the potential to define industry solutions to emerging problems. In addition to the previously-mentioned research underway to develop post-quantum encryption support, we’re also currently considering solutions to EU laws (EU NIS2) that require multi-factor authentication be in place for critical digital infrastructure and services. We’re committed to solving these issues in a way that gives users and system administrators other options besides Google & Microsoft, and we’ll be sharing our thoughts on the matter soon, with the resulting decisions documented in our new ADR process.



For now, you can follow a healthy and colourful discussion on the topic of OAuth2 Dynamic Client Registration here.



Calendar UI Rebuild is underway



The long awaited UI/UX rebuild of the calendar has begun, with our first step being a new event dialog that we’re hoping to get into the hands of users on Daily via a preference switch. Turning the pref on will allow the existing calendar interface to launch the new dialog once complete. The following pieces of work have already landed:




Dialog container



Generic row container



Calendar row



Close button



Generic subview



Title




Keep track of feature delivery via the [meta] bug 



Exchange Web Services support in Rust



A big focus for February has been to grow our team so we’ve been busy interviewing and evaluating the tremendously talented individuals who have stepped forward to show interest in joining the team. In the remaining time, the team has managed to deliver another set of features and is heading toward a release on Daily that will result in most email features being made available for testing. Here’s what landed and started in February:




Display refactor



Basic testing framework



Sync folder – delete



Sync folder read/unread



Integration testing



Complete composition support (reply/forward)




Keep track of feature delivery here.



Account Hub



Since my last update, tasks related to density and font awareness, the exchange add-on and keyboard navigation were completed, with the details of each step available to view in our Meta bug & progress tracking. Watch out for this feature being rolled out as the default experience for the Daily build this week and on beta after the next merge on March 25th!



Global Message Database



The New Zealand team are in the middle of a work week to shout at the code together, have a laugh and console each other plan out work for the next several weeks. Their focus has been a sprint to prototype the integration of the new database with existing interfaces with a positive outcome meaning we’re a little closer to producing a work breakdown that paints a more accurate picture of what lies ahead. Onward!



In-App Notifications



Phase 3 of the project is underway to finalize our uplift stack and add in last-minute features! It is expected that our ESR version will have this new feature enabled for a small percentage of users at some point in April. If you use the ESR release, watch out for an introductory notification!



 Meta Bug & progress tracking.



New Features Landing Soon



Several requested features and fixes have reached our Daily users and include…




Final folder compaction fixes relating to database writes!



The RSS scrolling fix took a while but has now landed



Overflow overrides causing scrolling problems are now a thing of the past



and many more which we listed in release notes for beta.




As usual, if you want to see things as they land, and help us squash some early bugs, you can always check the pushlog and try running daily, which would be immensely helpful for catching things early.



If you’re interested in joining the technical discussion around Thunderbird development, consider joining one or several of our mailing list groups here. 



—



Toby Pilling



Senior Manager, Desktop Engineering




The post Thunderbird Monthly Development Digest – February 2025 appeared first on The Thunderbird Blog.

by Toby Pilling at March 11, 2025 02:32 PM

`March 10, 2025`

`Mozilla Add-ons Blog — Root certificate will expire on 14 March — users need to update Firefox to prevent add-on breakage`

`UPDATE – 19 March`


We’ve discovered a bug impacting some older extensions for users on Firefox 128+ or ESR 115 (in this case even updating Firefox won’t resolve the root certificate expiration). We’re working on fixes that will ship soon.
Otherwise, we recommend keeping Firefox and your extensions up to date. This will resolve the vast majority of root certification issues.

On 14 March a root certificate (the resource used to prove an add-on was approved by Mozilla) will expire, meaning Firefox users on versions older than 128 (or ESR 115) will not be able to use their add-ons. We want developers to be aware of this in case some of your users are on older versions of Firefox that may be impacted.
Should you see bug reports or negative reviews reflecting the effects of the certificate expiration, we recommend alerting your users to this support article that summarizes the issue and guides them through the process of updating Firefox so their add-ons work again.
The post Root certificate will expire on 14 March — users need to update Firefox to prevent add-on breakage appeared first on Mozilla Add-ons Community Blog.

by Scott DeVaney at March 10, 2025 11:11 PM

`March 06, 2025`

`The Mozilla Thunderbird Blog — Thunderbird for Android January/February 2025 Progress Report`


Hello, everyone, and welcome to the first Android Progress Report of 2025. We’re ready to hit the ground running improving Thunderbird for Android experience for all of our users. Our January/February update involves a look at improvements to the account drawer and folders on our roadmap, an update on Google and K-9 Mail, and explores our first step towards Thunderbird on iOS.



Account Drawer Improvements



As we noted in our last post on the blog, improving the account drawer experience is one of our top priorities for development in 2025. We heard your feedback and want to make sure we provide an account drawer that lets you navigate between accounts easily and efficiently. Let’s briefly go into the most common feedback:




The accounts on the same domains or with similar names are difficult to distinguish from the two letters provided.



It isn’t clear how the account name influences the initials.



The icons seemed to be jumping around, especially obvious with 3–5 accounts.



There is a lot of spacing in the new drawer.



Users would like more customization options, such as an account picture or icon.



Some users would like to see a broader view that shows the whole account name.



With just one account, the accounts sidebar isn’t very useful.




Our design folks are working on some mockups on where the journey is taking us. We’re going to share them on the beta topicbox where you can provide more targeted feedback, but for a sneak peek here is a medium-fidelity mockup of what the new drawer and settings could look like:

















On the technical side, we’ve integrated an image loader for the upcoming pictures. We now need to gradually adapt the mockups. We will begin with the settings screen changes and then adapt the drawer itself to follow.



Notifications and Error States



Some of you had the feeling your email was not arriving quick enough. While email delivery is reliable, there are a few settings in Thunderbird for Android and K-9 mail that aren’t obvious leading to confusion. When permissions are not granted, functionality is simply turned off instead of telling the user they actually need to grant the alarms permission for us to do a regular sync. Or maybe the sync interval is simply set to the default of 1 hour.



We’re still in the process of mapping out the best experience here, but will have more updates soon. See the notifications support article in case you are experiencing issues. A few things we’re aiming for this year:




Show an indicator in foreground service notification when push isn’t working for all configured folders



Show more detailed information when foreground service notification is tapped



Move most error messages from the system notifications to an area in-app to clearly identify when there is an error



Make authentication errors, certificate errors, and persistent connectivity issues use the new in-app mechanism



Make the folder synchronization settings more clear (ever wondered why there is “sync” and “push” and if you should have both enabled or not?)



Prompt for permissions when they are needed, such as aforementioned alarms permission



Indicate to the user if permissions are missing for their folder settings.



Better debug tool in case of notification issues.




Road(map) to the Highway



Our roadmap is currently under review from the Thunderbird council. Once we have their final approval, we’ll update the roadmap documentation. While we’re waiting, we would like to share some of the items we’ve proposed:




Listening to community feedback on Mozilla Connect and implementing HTML signatures and quick filter actions, similar to the Thunderbird Desktop



Backend refactoring work on the messages database to improve synchronization



Improving the message display so that you’ll see fewer prompts to download additional messages



Adding Android 15 compatibility, which is mainly Edge to Edge support



Improving the QR code import defaults (relates to notification settings as well)



Making better product decisions by (re-)introducing a limited amount of opt-in telemetry.




Does that sound exciting to you? Would you like to be a part of this but don’t feel you have the time? Are you good at writing Android apps in Kotlin and have an interest in muti-platform work? Well, do I have a treat for you! We’re hiring an Android Senior Software Engineer to work on Thunderbird for Android!



K-9 Mail Blocked from Gmail



We briefly touched on this in the last update as well: some of our users on K-9 Mail have noticed issues with an “App Blocked” error when trying to log into certain Gmail accounts. Google is asking K-9 Mail to go through a new verification process and has introduced some additional requirements that were not needed before. Users that are already logged in or have logged in recently should not be affected currently.



Meeting these requirements depended on several factors beyond our control, so we weren’t able to resolve this immediately.



If you are experiencing this issue on K-9 Mail, the quickest workaround is to migrate to Thunderbird for Android, or check out one of the other options on the support page. For those interested, more technical details can be found in issue 8598. We’re using keys on this application that have so far not been blocked. Our account import feature will make this transition pretty seamless. 



We’ve been able to make some major progress on this, we have a vendor for the required CASA review and expect the letter of validation to be shared soon. We’re still hitting a wall with Google, as they are giving us inconsistent information on the state of the review, and making some requirements on the privacy policy that sound more like they are intended for web apps. We’ve made an effort to clarify this further and hope that Google will accept our revised policy.



If all goes well we’ll get approval by the end of the month, and then need to make some changes to the key distribution so that Thunderbird and K-9 use the intended keys. 



Our Plans for Thunderbird on iOS



If you watched the Thunderbird Community Office Hours for January, you might have noticed us talking about iOS. You heard right – our plans for the Thunderbird iOS app are getting underway! We’ve been working on some basic architectural decisions and plan to publish a barebones repository on GitHub soon. You can expect a readme and some basic tools, but the real work will begin when we’ve hired a Senior Software Engineer who will lead development of a Thunderbird app for the iPhone and iPad. Interviews for some candidates have started and we wish them all the best!



With this upcoming hire, we plan to have alpha code available on Test Flight by the end of the year. To set expectations up front, functionality will be quite basic. A lof of work goes into writing an email application from scratch. We’re going to be focusing on a basic display of email messages, and then expanding to triage actions. Sending basic emails is also on our list.



FOSDEM



Our team recently attended FOSDEM in Brussels, Belgium. For those unfamiliar with FOSDEM, it’s the Free and Open Source Software Developers’ European Meeting—an event where many open-source enthusiasts come together to connect, share knowledge and ideas, and showcase the projects they’re passionate about.



We received a lot of valuable feedback from the community on Thunderbird for Android. Some key areas of feedback included the need for Exchange support, improvements to the folder drawer, performance enhancements, push notifications (and some confusion around their functionality), and much more.



Our team was highly engaged in listening to this feedback, and we will take all of it into account as we plan our future roadmap. Thunderbird has always been a project developed in tandem with our community and it was exciting for us to be at FOSDEM to connect with our users, contributors and friends.



In other news…



As always, you can join our Android-related mailing lists on TopicBox. And if you want to help us test new features, you can become a beta tester.



This blog post talks a lot about the exciting things we have planned for 2025. We’re also hiring for two positions, and may have a third one later in the year. While our software is free and open source, creating a world class email application isn’t without a cost. If you haven’t already made a contribution in January,  please consider supporting our work with a financial contribution. Thunderbird for Android relies entirely on user funding, so without your support we could likely only get to a fraction of what you see here. Making a contribution is really easy if you have Thunderbird for Android or K-9 Mail installed, just head over to the settings and sign up directly from your device. 



See you next month,
The post Thunderbird for Android January/February 2025 Progress Report appeared first on The Thunderbird Blog.

by Philipp Kewisch at March 06, 2025 03:12 PM

`March 04, 2025`

`The Mozilla Thunderbird Blog — Thunderbird Release Channel Update`


The monthly Release channel is ready to help you move from annual to monthly updates in Thunderbird. This update lets you know how to switch from the annual update (ESR) to monthly updates (Release), why you might have to wait, and what features you’ll get first!



How do I switch from annual to monthly updates (ESR to Release)?



Right now, you can switch to the Release channel through manual installs only from the Thunderbird website Downloads page.  Other installation sources will have the Release version in the future such as Windows Store,  3rd-party sites and various Linux packages such as Snap and Flatpak.  



However, if you use add-ons, we strongly suggest staying on the ESR for now.



First, back up your profile data, as you should always do before making major changes. And check that your computer meets the System Requirements for version 136.  Then go to the Downloads page of the website. If Release Channel does not show “Thunderbird Release” then correct it. Click the ‘Download’ button. For Windows and macOS, run the downloaded file to install the monthly release into the same directory where the ESR is currently installed. (If you have installed Thunderbird ESR into a directory that is different from the default location, then you must do a custom installation to that directory.)  For Linux, consult the Linux installation knowledge base (KB) article.  



I switched to Release but I want to switch back to ESR. How do I do this?



If you switched to Release but want to switch back, for example, because of Add-ons, follow the steps below. Please note, this is valid for the current Release and ESR channels, and we will update here in the event of an underlying database change in ESR that would not make this possible:




Backup the Thunderbird profile



Download ESR and install ESR version into “Mozilla Thunderbird” directory where the release version is installed, but …



You must use command line for the first start up, to override downgrade protection, per https://support.mozilla.org/kb/dedicated-profile-thunderbird-installation#w_what-happens-to-my-profile-if-i-downgrade-to-a-previous-version-of-thunderbird. Otherwise you will see a “you are using an old version” check



If you have trouble, ask for help at https://support.mozilla.org/questions/thunderbird




What’s new in 136.0?



Now that you know how to make the switch, here’s some reasons to make the change. Here are some of the key features you’ll get as soon as you upgrade to the Release channel:



Improved Dark Reader



Enable dark reader for the message pane with `mail.dark-reader.enabled` preference




Bug: 1715361




Improved Dark Mode



Messages are automatically adapted to dark mode with a quick toggle in the header




Bug: 1942206




A Global Switch for Threading



New “Appearance” Settings UI to globally control message threading/sorting order




Bugs: 1829737, 1943724




Filters in the Folder Pane



Message filters are now available in the Folder Pane context menu




Bug: 1845206




Horizontal Threadpane Scrolling



Enable horizontal threadpane scrolling with `mail.threadpane.table.horizontal_scroll` preference




Bug: 381821




Improved Calendar Setup Wizard



Added checkbox to select/unselect all calendars in the calendar setup wizard




Bug: 1733959




See all the changes in our Release Notes.
The post Thunderbird Release Channel Update appeared first on The Thunderbird Blog.

by Monica Ayhens-Madon at March 04, 2025 08:17 PM

`February 25, 2025`

`Open Policy & Advocacy — Mozilla Joins Amicus Brief in Support of Law That Protects Your Private Messages`

Today Mozilla has joined an amicus brief in the California Supreme Court defending statutory privacy protections for messages on services such as Snapchat or Facebook. The amicus brief asks the court to overrule a lower court opinion that would significantly reduce the legal privacy protections for users of these widely used services. Mozilla is joined on the brief by the Electronic Frontier Foundation and the Center for Democracy and Technology.


Back in 1986, Congress passed a law called the Stored Communications Act (SCA) to provide privacy protections for stored electronic communications such as email. The SCA prohibits service providers from sharing private messages with the government or other third-parties without authorization. For example, it requires that the government must get a warrant to access recent communications (or at least a subpoena in other circumstances). In the years since 1986, it is fair to say we have developed many new forms of digital communication. Fortunately, the language of the SCA is sufficiently general (it uses the term “electronic communication service”) that courts have applied it to a large array of new products.
Unfortunately, a California court recently narrowed the scope of the SCA. In the case of Snap v. The Superior Court of San Diego County, the California Court of Appeal ruled that the SCA does not protect users of Snapchat and Facebook. The court concluded that the SCA does not apply because, in addition to facilitating transmission of messages and storing backups, these companies also maintain that content for their own business purposes such as targeted advertising. If upheld, this ruling would remove the SCA’s protection not just for users of Snap and Facebook, but for many other modern forms of communication.
While we may criticize some of Snap or Meta’s data practices, it would only compound the privacy harm to their users to hold that their privacy policies take them outside the scope of the SCA, with potential ramifications for the users of other services in the future. Our brief argues that this is both wrong on the law and bad policy. We hope the California Supreme Court will fix the lower court’s error and restore key statutory privacy protections to modern messaging services.
The post Mozilla Joins Amicus Brief in Support of Law That Protects Your Private Messages appeared first on Open Policy & Advocacy.

by Daniel Nazer at February 25, 2025 02:21 AM

`February 13, 2025`

`hacks.mozilla.org — Launching Interop 2025`

`Launching Interop 2025`


The Interop Project is a collaboration between browser vendors and other platform implementors to provide users and web developers with high quality implementations of the web platform.
Each year we select a set of focus areas representing key areas where we want to improve interoperability. Encouraging all browser engines to prioritize common features ensures they become usable for web developers as quickly as possible.
Progress in each engine and the overall Interop score are measured by tracking the pass rate of a set of web-platform tests for each focus area using the Interop dashboard.
Interop 2024
Before introducing the new focus areas for this year, we should look at the successes of Interop 2024.

The Interop score, measuring the percentage of tests that pass in all of the major browser engines, has reached 95% in latest browser releases, up from only 46% at the start of the year. In pre-release browsers it’s even higher — over 97%. This is a huge win that shows how effective Interop can be at aligning browsers with the specifications and each other.
Each browser engine individually achieved a test pass score of 98% in stable browser releases and 99% in pre-release, with Firefox finishing slightly ahead with 98.8% in release and 99.1% in Nightly.
For users, this means features such as requestVideoFrameCallback, Declarative Shadow DOM, and Popover, which a year ago only had limited availability, are now implemented interoperably in all browsers.
Interop 2025
Building on Interop 2024’s success, we are excited to continue the project into 2025. This year we have 19 focus areas; 17 new and 2 from previous years. A full description of all the focus areas is available in the Interop repository.
From 2024 we’re carrying forward Layout (really “Flexbox and Grid”), and Pointer and Mouse Events. These are important platform primitives where the Interop project has already led to significant interoperability improvements. However, with technologies that are so fundamental to the modern web we think it’s important to set ambitious goals and continue to prioritize these areas, creating rock solid foundations for developers to build on.
The new focus areas represent a broad cross section of the platform. Many of them — like Anchor Positioning and View Transitions — have been identified from clear developer demand in surveys such as State of HTML and State of CSS. Inclusion in Interop will ensure they’re usable as soon as possible.
In addition to these high profile new features, we’d like to highlight some lesser-known focus areas and explain why we’re pleased to see them in Interop.
Storage Access
At Mozilla user privacy is a core principle. One of the most common methods for tracking across the web is via third-party cookies. When sites request data from external services, the service can store data that’s re-sent when another site uses the same service. Thus the service can follow the user’s browsing across the web.
To counter this, Firefox’s “Total Cookie Protection” partitions storage so that third parties receive different cookie data per site and thus reduces tracking. Other browsers have similar policies, either by default or in private browsing modes.
However, in some cases, non-tracking workflows such as SSO authentication depend on third party cookies. Storage partitioning can break these workflows, and browsers currently have to ship site-specific workarounds. The Storage Access API solves this by letting sites request access to the unpartitioned cookies. Interop here will allow browsers to advance privacy protections without breaking critical functionality.
Web Compat
The Web Compat focus area is unique in Interop. It isn’t about one specific standard, but focuses on browser bugs known to break sites. These are often in older parts of the platform with long-standing inconsistencies. Addressing these requires either aligning implementations with the standard or, where that would break sites, updating the standard itself.
One feature in the Web Compat focus area for 2025 is CSS Zoom. Originally a proprietary feature in Internet Explorer, it allowed scaling layout by adjusting the computed dimensions of elements at a time before CSS transforms. WebKit reverse-engineered it, bringing it into Blink, but Gecko never implemented it, due to the lack of a specification and the complexities it created in layout calculations.
Unfortunately, a feature not being standardised doesn’t prevent developers from using it. Use of CSS Zoom led to layout issues on some sites in Firefox, especially on mobile. We tried various workarounds and have had success using interventions to replace zoom with CSS transforms on some affected sites, but an attempt to implement the same approach directly in Gecko broke more sites than it fixed and was abandoned.
The situation seemed to be at an impasse until 2023 when Google investigated removing CSS Zoom from Chromium. Unfortunately, it turned out that some use cases, such as Microsoft Excel Online’s worksheet zoom, depended on the specific behaviour of CSS Zoom, so removal was not feasible. However, having clarified the use cases, the Chromium team was able to propose a standardized model for CSS Zoom that was easier to implement without compromising compatibility. This proposal was accepted by the CSS WG and led to the first implementation of CSS Zoom in Firefox 126, 24 years after it was first released in Internet Explorer.
With Interop 2025, we hope to bring the story of CSS Zoom to a close with all engines finally converging on the same behaviour, backed by a real open standard.
WebRTC
Video conferencing is now an essential feature of modern life, and in-browser video conferencing offers both ease of use and high security, as users are not required to download a native binary. Most web-based video conferencing relies on the WebRTC API, which offers high level tools for implementing real time communications. However, WebRTC has long suffered from interoperability issues, with implementations deviating from the standards and requiring nonstandard extensions for key features. This resulted in confusion and frustration for users and undermined trust in the web as a reliable alternative to native apps.
Given this history, we’re excited to see WebRTC in Interop for the first time. The main part of the focus area is the RTCRtpScriptTransform API, which enables cross browser end-to-end encryption. Although there’s more to be done in the future, we believe Interop 2025 will be a big step towards making WebRTC a truly interoperable web standard.
Removing Mutation Events
The focus area for Removing Mutation Events is the first time Interop has been used to coordinate the removal of a feature. Mutation events fire when the DOM changes, meaning the event handlers run on the critical path for DOM manipulation, causing major performance issues, and significant implementation complexity. Despite the fact that they have been implemented in all engines, they’re so problematic that they were never standardised. Instead, mutation observers were developed as a standard solution for the use cases of mutation events without their complexity or performance problems. Almost immediately after mutation observers were implemented, a Gecko bug was filed:
“We now have mutation observers, and we’d really like to kill support for mutation events at some point in the future. Probably not for a while yet.”
That was in 2012. The difficulty is the web’s core commitment to backwards compatibility. Removing features that people rely on is unacceptable. However, last year Chromium determined that use of mutation events had dropped low enough to allow a “deprecation trial“, disabling mutation events by default, but allowing specific sites to re-enable them for a limited time.
This is good news, but long-running deprecation trials can create problems for other browsers. Disabling the feature entirely can break sites that rely on the opt-out. On the other hand we know from experience that some sites actually function better in a browser with mutation events disabled (for example, because they are used for non-critical features, but impact performance).
By including this removal in Interop 2025, we can ensure that mutation events are fully removed in 2025 and end the year with reduced platform complexity and improved web performance.
Interop Investigations
As well as focus areas, the Interop project also runs investigations aimed at long-term interoperability improvements to areas where we can’t measure progress using test pass rates. For example Interop investigations can be looking to add new test capabilities, or increase the test coverage of platform features.
Accessibility Investigation
The accessibility testing started as part of Interop 2023. It has added APIs for testing accessible name and computed role, as well as more than 1000 new tests. Those tests formed the Accessibility focus area in Interop 2024, which achieved an Interop score of 99.7%.
In 2025 the focus will be expanding the testability of accessibility features. Mozilla is working on a prototype of AccessibleNode; an API that enables verifying the shape of the accessibility tree, along with its states and properties. This will allow us to test the effect of features like CSS display: contents or ::before/::after on the accessibility tree.
Mobile Testing Investigation
Today, all Interop focus areas are scored in desktop browsers. However, some features are mobile-specific or have interoperability challenges unique to mobile.
Improving mobile testing has been part of Interop since 2023, and in that time we’ve made significant progress standing up mobile browsers in web-platform-tests CI systems. Today we have reliable runs of Chrome and Firefox Nightly on Android, and Safari runs on iOS are expected soon. However, some parts of our test framework were written with desktop-specific assumptions in the design, so the focus for 2025 will be on bringing mobile testing to parity with desktop. The goal is to allow mobile-specific focus areas in future Interop projects, helping improve interoperability across all device types.
Driving the Web Forward
The unique and distinguishing feature of the web platform is its basis in open standards, providing multiple implementations and user choice. Through the Interop project, web platform implementors collaborate to ensure that these core strengths are matched by a seamless user experience across browsers.
With focus areas covering some of the most important new and existing areas of the modern web, Interop 2025 is set to deliver some of the biggest interoperability wins of the project so far. We are confident that Firefox and other browsers will rise to the challenge, providing users and developers with a more consistent and reliable web platform.
Partner Announcements

Apple
Bocoup
Google
Igalia
Microsoft

The post Launching Interop 2025 appeared first on Mozilla Hacks - the Web developer blog.

by James Graham at February 13, 2025 04:59 PM

`February 11, 2025`

`The Mozilla Thunderbird Blog — Thunderbird Monthly Development Digest – January 2025`


Hello again Thunderbird Community! As January drew to a close, the team was closing in on the completion of some important milestones. Additionally, we had scoped work for our main Q1 priorities. Those efforts are now underway and it feels great to cross things off the list and start tackling new challenges.



As always, you can catch up on all of our previous digests and updates.



FOSDEM – Inspiration, collaboration and education



A modest contingent from the Thunderbird team joined our Mozilla counterparts for an educational and inspiring weekend at Fosdem recently. We talked about standards, problems, solutions and everything in between. However, the most satisfying part of the weekend being standing at the Thunderbird booth and hearing the gratitude, suggestions and support from so many users.



With such important discussions among leading voices, we’re keen to help in finding or implementing solutions to some of the meatier topics such as:




OAuth 2.0 Dynamic Client Registration Protocol



Support for unicode email addresses



Support for OpenPGP certification authorities and trust delegation




Exchange Web Services support in Rust



With a reduction in team capacity for part of January, the team was able to complete work on the following tasks that form some of the final stages in our 0.2 release:




Folder compaction



Saving attachments to disk



Download EWS messages in an nsIChannel




Keep track of feature delivery here.



Account Hub



We completed the second and final milestone in the First Time User Experience for email configuration via the enhanced Account Hub over the course of January. Tasks included density and font awareness, refactoring of state management, OAuth prompts, enhanced error handling and more which can be followed via Meta bug & progress tracking. Watch out for this feature being unveiled in daily and beta in the coming weeks!



Global Message Database



With a significant number of the research and prototyping tasks now behind us, the project has taken shape over the course of January with milestones and tasks mapped out. Recent progress has been related to live view, sorting and support for Unicode server and folder names. 



Next up is to finally crack the problem of “non-unique unique IDs” mentioned previously, which is important preparatory groundwork required for a clean database migration. 



In-App Notifications



Phase 2 is now complete, and almost ready for uplift to ESR, pending underlying Firefox dependencies scheduled in early March. Features and user stories in the latest milestone include a cache-control mechanism, a thorough accessibility review, schema changes and the addition of guard rails to limit notification frequency. Meta Bug & progress tracking.



New Features Landing Soon



Several requested features and fixes have reached our Daily users and include…




More folder compaction fixes and performance improvements!



Messages now adapt to dark mode and include a simple toggle in the header.



Introduction of a new “Appearance” Settings UI to globally control message threading/sorting order



and many more which are listed in release notes for beta.




To see things as they land, and help squash early bugs, you can check the pushlog and try running daily. This would be immensely helpful for catching things early.



—



Toby Pilling



Senior Manager, Desktop Engineering




The post Thunderbird Monthly Development Digest – January 2025 appeared first on The Thunderbird Blog.

by Toby Pilling at February 11, 2025 01:41 PM

`February 06, 2025`

`The Mozilla Thunderbird Blog — Thunderbird Desktop Release Channel Will Become Default in March 2025`


UPDATE (March 4, 2025): The Release Channel is now default! See our update post on how to make the switch with a manual install and what’s new in 136.



We have an exciting announcement! Starting with the 136.0 release in March 2025, the Thunderbird Desktop Release channel will be the default download.



If you’re not already familiar with the Release channel, it will be a supported alternative to the ESR channel. It will provide monthly major releases instead of annual major releases. This provides several benefits to our users:




Frequent Feature Updates: New features will potentially be available each month, versus the annual Extended Support Release (ESR).



Smoother Transitions: Moving from one monthly release to the next will be less disruptive than updating between ESR versions.



Consistent Bug Fixes: Users will receive all available bug fixes, rather than relying on patch uplifts, as is the case with ESR.




We’ve been publishing monthly releases since 124.0. We added the Thunderbird Desktop Release Channel to the download page on Oct 1st, 2024.



The next step is to make the release channel an officially supported channel and the default download. We don’t expect this step alone to increase the population significantly. We’re exploring additional methods to encourage adoption in the future, such as in-app notifications to invite ESR users to switch.



One of our goals for 2025 is to increase daily active installations on the release channel to at least 20% of the total installations. At last check, we had 29,543 daily active installations on the release channel, compared to 20,918 on beta, and 5,941 on daily. The release channel installations currently account for 0.27% of the 10,784,551 total active installations tracked on stats.thunderbird.net.



To support this transition and ensure stability for monthly releases, we’re implementing several process improvements, including:




Pre-merge freezes: A 4-day soft code freeze of comm-central before merging into comm-beta. We continue to bake the week-long post-merge freeze of the release channel into the schedule.



Pre-merge reviews: We evaluate changes prior to both merges (central to beta and beta to release) where risky changes can be reverted.



New uplift template: A new and more thorough uplift template.




For more details on these release process details, please see the Release section of the developer docs.



For more details on scheduling, please see the Thunderbird Releases & Events calendar.



Thank you for your support with this exciting step for Thunderbird. Let’s work together to make the Release channel a success in 2025!



Regards,
Corey 



Corey Bryant 
Manager, Release Operations | Mozilla Thunderbird 



Note: This blog post was taken from Corey’s original announcement at our Thunderbird Planning mailing list
The post Thunderbird Desktop Release Channel Will Become Default in March 2025 appeared first on The Thunderbird Blog.

by Monica Ayhens-Madon at February 06, 2025 07:32 PM

`about:community — FOSDEM 2025: A Celebration of Open Source Innovation`

Brussels came alive this weekend as Mozilla joined FOSDEM 2025, Europe’s premier open-source conference. FOSDEM wasn’t just another tech gathering. It is a representation of a vibrant community, open source innovation, and the spirit of collaboration. And we’re proud of being part of this amazing event since its inception.


This year, FOSDEM is celebrating its 25th anniversary. And unlike previous years’ gloomy weather, this year, we were blessed with surprising sunshine, almost as if the universe was applauding a quarter-century of open-source achievements.
As for Mozilla, our presence this year was extra special as we introduced our new brand. Over the weekend, we ran a bingo challenge in Mozilla’s and Thunderbird’s stands, where participants could play to win exclusive Mozilla t-shirts any many more special swag. It was a really fun way to introduce many projects from across pan-Mozilla.
We also showcased a sneak peek of Firefox Nightly’s new tab group feature in the Mozilla booth and gave away 2300 free cookies to participants on Saturday.
Here are some more highlights from our presence this year:
Highlights from Saturday

Mozilla engineering manager Marco Casteluccio presented a talk about the usage of LLM’s to support Firefox developers with code review in the main track.
Firefox engineer Valentin Gosu also presented a talk in the DNS track about his journey on using the getaddrinfo API in Firefox.
Another Firefox engineer who’s working on Firefox Profiler, Nazim Can Altinova also presented a talk in the Web Performance track. It’s also worth mentioning that the Web Performance devroom was co-run by some Mozillians.
Danny Colin, one of Mozilla’s active contributors, hosted a WebExtension BoF session featuring representatives from Mozilla Firefox (Rob Wu & Simeon Vincent) and Google Chrome’s extensions team (Oliver Dunk). This was the first time the team ran a Birds Of a Feather session, and it’s very likely that we’re going to do the same next year.
Danny Colin also hosted the Community Gathering where old and new contributors got together to discuss the future of Mozilla’s community. It was really nice to have an interactive session like this where all of us can share our perspective, so thank you to all of you who attended the session!

Highlights from Sunday


Mitchell Baker kicked off Sunday with a keynote session that offered a thought-provoking exploration of Free/Libre Open Source Software (FLOSS) in the age of artificial intelligence and demonstrated how Mozilla plays a role in defining principled approach to AI that prioritizes transparency, ethics, and community-driven innovation. It was a perfect opening for the talks that we presented at the Mozilla devroom later that day.
Around the same time as Mitchell’s session, Mozilla engineer Max Inden also delivered a presentation in the Network devroom, showcasing various techniques the Firefox team uses to enhance Firefox performance.
Then on the second half on Sunday, we also hosted the Mozilla devroom where we covered a wide range of Mozilla’s latest innovations from Mythbusting to Mozilla’s AI innovations and Firefox developments. Recordings will be available soon at FOSDEM’s website and via our YouTube channel. So stay tuned!


We’re grateful for the enthusiasm, conversations, and curiosity of attendees at FOSDEM 2025. And big thanks to our amazing volunteers and Mozillians for co-hosting our booth and the Mozilla devroom this year.
We sure had a blast, and we can’t wait to see you again next year!

by Rizki Kelimutu at February 06, 2025 12:25 PM

`February 04, 2025`

`Open Policy & Advocacy — Navigating the Future of Openness and AI Governance: Insights from the Paris Openness Workshop`

In December 2024, in the lead up to the AI Action Summit, Mozilla, Fondation Abeona, École Normale Supérieure (ENS) and the Columbia Institute of Global Politics gathered at ENS in Paris, bringing together a diverse group of AI experts, academics, civil society, regulators and business leaders to discuss a topic increasingly central to the future of AI: what does openness mean and how it can enable trustworthy, innovative, and equitable outcomes?


The workshop followed the Columbia Convenings on Openness and AI, that Mozilla held in partnership with Columbia University’s Institute of Global Politics. These gatherings, held over the course of 2024 in New York and San Francisco, have brought together over 40 experts to address what “openness” should mean in the AI era.
Over the past two years, Mozilla has mounted a significant effort to promote and defend the role of openness in AI. Mozilla launched Mozilla.ai, an initiative focused on ethical, open-source AI tools, and supported small-scale, localized AI projects through its Builders accelerator program. Beyond technical investments, Mozilla has also been a vocal advocate for openness in AI policy, urging governments to adopt regulatory frameworks that foster competition and accountability while addressing risks. Through these initiatives, Mozilla is shaping a future where AI development aligns with public interest values.
This Paris Openness workshop discussion — part of the official ‘Road to the Paris AI Summit’ taking place in February 2025 — looked to bring together the European AI community and form actionable recommendations for policymakers. While it embraced healthy debate and disagreement around issues such as definitions of openness in AI, there was nevertheless broad agreement on the urgency of crafting collective ideas to advance openness while navigating an increasingly complex commercial, political and regulatory landscape.
The stakes could not be higher. As AI continues to shape our societies, economies, and governance systems, openness emerges as both an opportunity and a challenge. On one hand, open approaches can expand access to AI tools, foster innovation, and enhance transparency and accountability. On the other hand, they raise complex questions about safety and misuse. In Europe, these questions intersect with transformative regulatory frameworks like the EU AI Act, which seeks to ensure that AI systems are both safe and aligned with fundamental rights.
As in software development, the goal of being ‘open’ in AI is a crucial one. At its heart, openness, we were reminded in the discussion, is a holistic outlook. For AI in particular it is a pathway to getting to a more pluralistic tool – one that can be more transparent, contextual, participatory and culturally appropriate. Each of these goals however contain natural tensions within them.
A central question of this most recent dialogue challenged participants on the best ways to build with safety in mind while also embracing openness. The day was broken down into two workshops that examined these questions from a technical and policy standpoint.
Running through both of the workshops was the thread of a persistent challenge: the multifaceted nature of the term openness. In the policy context, the term “open-source” can be too narrow, and at times, it risks being seen as an ideological stance rather than a pragmatic tool for addressing specific issues. To address this, many participants felt openness should be framed as a set of components — including open models, data, and tools — each of which has specific benefits and risks.
Examining Technical Perspectives on Openness and Safety
A significant concern for many in the open-source community is getting access to the best existing safety tools. Despite the increasing importance of AI safety, many researchers can find it difficult or expensive to access tools to help identify and address AI risks. In particular the discussion surfaced an increasing tension between some researchers and startups who have found it difficult to access datasets of known CSAM (Child Sexual Abuse Material) hashtags. Accessing these data sets could help mitigate misuse or clean training datasets. The workshop called for broader sharing of safety tools and more support for those working at the cutting edge of AI development.
More widely, some participants were frustrated by perceptions that open source AI development is not bothered by questions of safety. They pointed out that, especially when it comes to regulation, focusing on questions of safety makes them even more competitive.
Discussing Policy Implications of Openness in AI
Policy discussions during the workshop focused on the economic, societal, and regulatory dimensions of openness in AI. These ranged over several themes, including:

Challenging perceptions of openness: There is a clear need to change the narrative around openness, especially in policymaking circles. The open-source community must both act as a community and present itself as knowledgeable and solution-oriented, demonstrating how openness can be a means to advancing the public interest — not an abstract ideal. As one participant pointed out, openness should be viewed as a tool for societal benefit, not as an end in itself.
Tensions between regulation and innovation are misleading: As one of the first regulatory frameworks on AI to be drafted, many people view the EU’s AI Act as a test bed to get to smarter AI regulation. While there is a widespread characterisation of regulation obstructing innovation, some participants highlighted that this can be misleading — many new entrants seek out jurisdictions with favourable regulatory and competition policies that level the playing field.
A changing U.S. Perspective: In the United States, the open-source AI agenda has gained significant traction, particularly in the wake of incidents like the Llama leaks, which showed that many of the feared risks associated with openness did not materialize. Significantly, the U.S. National Telecommunications and Information Administration emphasized the benefits of open source AI technology and introduced a nuanced view of safety concerns around open-weight AI models.

Many participants also agreed that policymakers, many of whom are not deeply immersed in the technicalities of AI, need a clearer framework for understanding the value of openness. Considering the focus of the upcoming Paris AI Summit, some participants felt one solution could lie in focusing on public interest AI. This concept resonates more directly with broader societal goals while still acknowledging the risks and challenges that openness brings.
Recommendations 
Embracing openness in AI is non-negotiable if we are to build trust and safety; it fosters transparency, accountability, and inclusive collaboration. Openness must extend beyond software to broader access to the full AI stack, including data and infrastructure, with a governance that safeguards public interest and prevents monopolization.
It is clear that the open source community must make its voice louder. If AI is to advance competition, innovation, language, research, culture and creativity for the global majority of people, then an evidence-based approach to the benefits of openness, particularly when it comes to proven economic benefits, is essential for driving this agenda forward.
Several recommendations for policymakers also emerged.

Diversify AI Development: Policymakers should seek to diversify the AI ecosystem, ensuring that it is not dominated by a few large corporations in order to foster more equitable access to AI technologies and reduce monopolistic control. This should be approached holistically, looking at everything from procurement to compute strategies.
Support Infrastructure and Data Accessibility: There is an urgent need to invest in AI infrastructure, including access to data and compute power, in a way that does not exacerbate existing inequalities. Policymakers should prioritize distribution of resources to ensure that smaller actors, especially those outside major tech hubs, are not locked out of AI development.
Understand openness as central to achieving AI that serves the public interest. One of the official tracks of the upcoming Paris AI Action Summit is Public Interest AI. Increasingly, openness should be deployed as a main route to truly publicly interested AI.
Openness should be an explicit EU policy goal: As one of the furthest along in AI regulatory frameworks the EU will continue to be a testbed for many of the big questions in AI policy. The EU should adopt an explicit focus on promoting openness in AI as a policy goal.

We will be raising all the issues discussed while at the AI Action Summit in Paris. The organizers hope to host another set of these discussions following the conclusion of the Summit in order to continue working with the community and to better inform governments and other stakeholders around the world.
The list of participants at the Paris Openness Workshop is below:

Linda Griffin – VP of Global Policy, Mozilla
Udbhav Tiwari – Director, Global Product Policy, Mozilla
Camille François – Researcher, Columbia University
Tanya Perelmuter – Co-founder and Director of Strategy,, Fondation Abeona
Yann Lechelle – CEO, Probabl
Yann Guthmann – Head of Digital Economy, Department at the French Competition Authority
Adrien Basdevant – Tech lawyer, Entropy Law
Andrzej Neugebauer – AI Program Director, LINAGORA
Thierry Poibeau – Director of Research, CNRS, ENS
Nik Marda – Technical Lead for AI Governance, Mozilla
Andrew Strait – Associate Director, Ada Lovelace Institute (UK)
Paul Keller – Director of Policy, Open Future (Netherlands)
Guillermo Hernandez – AI Policy Analyst, OECD
Sandrine Elmi Hersi – Unit Chief of “Open Internet”, ARCEP

The post Navigating the Future of Openness and AI Governance: Insights from the Paris Openness Workshop appeared first on Open Policy & Advocacy.

by Mozilla at February 04, 2025 03:44 PM

`January 30, 2025`

`The Mozilla Thunderbird Blog — VIDEO: The Thunderbird Mobile Team`


The Thunderbird Mobile team are crafting the newest chapter of the Thunderbird story. In this month’s office hours, we sat down to chat with the entire mobile team! This includes Philipp Kewisch, Sr. Manager of Mobile Engineering (and long-time Thunderbird contributor), and Sr. Software Engineers cketti and Wolf Montwé (long-time K-9 Mail maintainer and developer, respectively). We talk about the journey from K-9 Mail to Thunderbird for Android, what’s new and what’s coming in the near future, and the first steps towards Thunderbird on your iOS devices!



Next month, we’ll be chatting with Laurel Terlesky, Manager of the UI/UX Design Studio! She’ll be sharing her FOSDEM talk, “Thunderbird: Building a Cross-Platform, Scalable Open-Source Design System.” It’s been a while since we’ve chatted with the design team, and it will be great to see what they’re working on.



January Office Hours: The Thunderbird Mobile Team



In June 2022, we announced that K-9 Mail would be joining the Thunderbird family, and would ultimately become Thunderbird for Android. After two years of development, the first beta release of Thunderbird for Android debuted in October 2024, shortly followed by the first stable release. Since then, over 200 thousand users have downloaded the app, and we’ve gotten some very nice reviews in ZDNet and Android Authority. If you haven’t tried us on your Android device yet, now is a great time! And if, like some of us, you’re waiting for Thunderbird to come to your iPhone or iPad, we have some exciting news at the end of our talk.



Want to know more about the Android development process and find out what’s coming soon to the app? Want the first look into our plans for Thunderbird on iOS? Let our mobile team guests provide the answers!



Watch, Read, and Get Involved



We’re so grateful to Philipp, cketti, and Wolf for joining us! We hope this video helps explain more about Thunderbird on Android (and eventually iOS), and encourages you to download the app if you haven’t already. If you’re a regular user, we hope you consider contributing code, translations, or support. And if you’re an iOS developer, we hope you consider joining our team!



VIDEO (Also on Peertube):









Thunderbird for Android Resources:




Download Thunderbird for Android 

Google Play Store: https://play.google.com/store/apps/details?id=net.thunderbird.android



F-Droid: https://f-droid.org/en/packages/net.thunderbird.android/



APK (GitHub): https://github.com/thunderbird/thunderbird-android/releases





Get Support for Thunderbird for Android:

Matrix: https://matrix.to/#/#tb-android:mozilla.org



Mozilla Support (SUMO): https://support.mozilla.org/products/thunderbird-android





Get Involved with Thunderbird for Android

Code Contribution



Localization



Provide Support on SUMO



Beta Testing

Download the Beta

Google Play Store



F-Droid



APK (GitHub)





Join the Android Beta Mailing List





The post VIDEO: The Thunderbird Mobile Team appeared first on The Thunderbird Blog.

by Monica Ayhens-Madon at January 30, 2025 11:24 AM

`January 29, 2025`

`Mozilla L10N — 2025 Pontoon survey results`

The results from the 2025 Pontoon survey are in and the 3 top-voted features we commit to implement are:



Add ability to preview Fluent strings in the editor (258 votes).
Keep unsaved translations when navigating to other strings (252 votes).
Hint at any available variants when referencing message (229 votes).

The remaining features ranked as follows:

Add virtual keyboard with special characters to the editor (226 votes).
Link project names in Concordance search results to corresponding strings (223 votes).
Add a batch action to pretranslate a selection of strings (218 votes).
Add ability to edit and remove comments (216 votes).
Enable use of generic machine translation engines with pretranslation (209 votes).
Add ability to report comments and suggestions for abusive content (193 votes).
Add “Copy translation from another locale as suggestion” batch action (186 votes).

We thank everyone who dedicated their time to share valuable responses and suggest potential features for us to consider implementing!
Each user could give each feature 1 to 5 votes. A total of 154 Pontoon users participated in the survey, 68 of which voted on all features. The number of participants is lower than in the past years, since we only reached out to users who explicitly opted-in to email updates.
We look forward to implementing these new features and working towards a more seamless and efficient translation experience with Pontoon. Stay tuned for updates!

by Matjaž Horvat at January 29, 2025 03:20 PM

`January 24, 2025`

`Mozilla L10N — L10n report: January 2025 Edition`

Please note some of the information provided in this report may be subject to change as we are sometimes sharing information about projects that are still in early stages and are not final yet.


Welcome!
Are you a locale leader and want us to include new members in our upcoming reports? Contact us!
New content and projects

What’s new or coming up in Firefox desktop

Tab Groups
Tab groups are now available in Nightly 136! To create a group in Nightly, all you have to do is have two tabs open, click and drag one tab to the other, pause a sec and then drop. From there the tab group editor window will appear where you can name the group and give it a color. After saving, the group will appear on your tab bar.

Once you create a group, you can easily access your groups from the overflow menu on the right.

 
These work great in the sidebar and vertical tabs feature that was released in the Firefox Labs feature in Nightly 131!
New profile selector
The new profile selector which we have been localizing over the previous months is now starting to roll out gradually to users in Nightly 136. SUMO has an excellent article about all the new changes which you can find here.
What’s new or coming up in web projects
AMO and AMO Frontend
The team is planning to migrate/copy the Spanish (es) locale into four: es-AR, es-CL, es-ES, and es-MX. Per the community managers’ input, all locales will retain the suggestions that have not been approved at the time of migration. Be on the lookout for the changes in the upcoming week(s).
Mozilla Accounts
The Mozilla accounts team recently landed strings used in three emails planned to be sent over the course of 90 days, with the first happening in the coming weeks. These will be sent to inactive users who have not logged in or interacted with the Mozilla accounts service in 2 years, letting them know their account and data may be deleted.
What’s new or coming up in SUMO
The CX team is still working on 2025 planning. In the meantime, read a recap from our technical writer, Lucas Siebert about how 2024 went in this blog post. We will also have a community call coming up on Feb 5th at 5 PM UTC. Check out the agenda for more detail and we’d love to see you there!
Last but not least, we will be at FOSDEM 2025. Mozilla’s booth will be at the K building, level 1. Would love to see you if you’re around!
What’s new or coming up in Pontoon
New Email Features
We’re excited to announce two new email features that will keep you better informed and connected with your localization work on Pontoon:
Email Notifications: Opt in to receive notifications via email, ensuring you stay up to date with important events even when you’re away from the platform. You can choose between daily or weekly digests and subscribe to specific notification types only.
Monthly Activity Summary: If enabled, you’ll receive an email summary at the start of each month, highlighting your personal activity and key activities within your teams for the previous month.
Visit your settings to explore and activate these features today!
New Translation Memory tools are here!
If you are a locale manager or translator, here’s what you can do from the new TM tab on your team page:

Search, edit, and delete Translation Memory entries with ease.
Upload .TMX files to instantly share your Translation Memories with your team.

These tools are here to save you time and boost the quality of suggestions from Machinery. Dive in and explore the new features today!

Moving to GitHub Discussions
Feedback, support and conversations on new Pontoon developments have moved from Discourse to GitHub Discussions. See you there!
Newly published localizer facing documentation

How to test mozilla.org was updated to reflect some of the changes to the site in the last year or so.

Events
Come check out our end of year presentation on Pontoon! A Youtube link and AirMozilla link are available.
Want to showcase an event coming up that your community is participating in? Contact us and we’ll include it.
Friends of the Lion
Know someone in your l10n community who’s been doing a great job and should appear here? Contact us and we’ll make sure they get a shout-out!
Useful Links

#l10n-community channel on Element (chat.mozilla.org)
Localization category on Discourse
Mastodon
L10n blog

Questions? Want to get involved?
If you want to get involved, or have any question about l10n, reach out to:

Francesco Lodolo (flod) – Engineering Manager
Bryan – l10n Project Manager
Delphine – l10n Project Manager for mobile
Peiying (CocoMo) – l10n Project Manager for mozilla.org, marketing, and legal
Francis – l10n Project Manager for Common Voice, Mozilla Foundation
Théo Chevalier – l10n Project Manager for Mozilla Foundation
Matjaž (mathjazz) – Pontoon dev
Eemeli – Pontoon, Fluent dev

Did you enjoy reading this report? Let us know how we can improve it.

by Delphine at January 24, 2025 12:14 AM

`January 22, 2025`

`SeaMonkey — Migrating to new update server…`

Hi all,


As subjected, we’re migrating to a new Update server over the weekend (possibly even sooner)and while I have tested it a bit, nothing beats testing in production.  ;P
Seriously, though,  there’ll probably a bit of a hiccup (I have water), but shouldn’t be so terrible that we need to resort to returning to the old server.
Best regards,
:ewong

by ewong at January 22, 2025 07:57 AM

`January 13, 2025`

`The Mozilla Thunderbird Blog — Thunderbird Monthly Development Digest – December 2024`


Happy New Year Thunderbirders! With a productive December and a good rest now behind us, the team is ready for an amazing year. Since the last update, we’ve had some successes that have felt great. We also completed a retrospective on a major pain point from last year. This has been humbling and has provided an important opportunity for learning and improvement.



Exchange Web Services support in Rust



Prior to the team taking their winter break, a cascade of deliverables passed the patch review process and landed in Daily. A healthy cadence of task completion saw a number of features reach users and lift the team’s spirits:




Copy to EWS from other protocol



Folder create



Enhanced logging



Local Storage



Save & manipulate Draft



Folder delete



Fix Edit Draft




Keep track of feature delivery here.



Account Hub



The overhauled Account Hub passed phase 1 QA review! A smaller team is handling phase 2 enhancements now that the initial milestone is complete. Our current milestone includes tasks for density and font awareness, refactoring of state management, OAuth prompts and more, which you can follow via Meta bug & progress tracking.



Global Database & Conversation View



Progress on the global database project was significant in the tail end of 2024, with foundational components taking shape. The team has implemented a database for folder management, including support for adding, removing, and reordering folders, and code for syncing the database with folders on disk. Preliminary work on a messages table and live view system is underway, enabling efficient filtering and handling of messages in real time. We have developed a mock UI to test these features, along with early documentation. Next steps include transitioning legacy folder and message functionality to a new “magic box” system, designed to simplify future refactoring and ensure a smooth migration without a disruptive “Big Bang” release.



Encryption



The future of email encryption has been on our minds lately. We have planned and started work on bridging the gap between some of the factions and solutions which are in place to provide quantum-resistant solutions in a post-quantum world. To provide ourselves with the breathing room to strategize and bring stakeholders together, we’re looking to hire a hardening team member who is familiar with encryption and comfortable with lower level languages like C. Stay tuned if this might be you!



In-App Notifications



With phase 1 of this project complete, we uplifted the feature to 134.0 Beta and notifications were shared with a significant number of users on both beta and daily releases in December. Data collected via Glean telemetry uncovered a couple of minor issues that have been addressed. It also provided peace of mind that the targeting system works as expected. Phase 2 of the project is well underway, and we have already uplifted some features and now merged them with 135.0 Beta.  Meta Bug & progress tracking.



Folder & Message Corruption



In the aftermath of our focused team effort to correct corruption issues introduced during our 2023 refactoring and solve other long-standing problems, we spent some time in self-reflection to perform a post mortem on the processes, decisions and situations which led to data loss and frustrations for users. While we regret a good number of preventable mistakes, it is also helpful to understand things outside of our control which played a part in this user-facing problem. You can find the findings and action plan here. We welcome any productive recommendations to improve future development in the more complex and arcane parts of the code.



New Features Landing Soon



Several requested features and fixes have reached our Daily users and include…




More folder compaction fixes and performance improvements!



Restructured and revamped Sourcedocs 



Allow S/MIME signed drafts to load



Fix for “Get Selected Messages” with “Leave Messages on Server” disabled.



Dark theme improvements



Localization problems in calendar printing



and many more in release notes for beta.




As usual, if you want to see things as they land, and help us squash some early bugs, you can always check the pushlog and try running daily, which would be immensely helpful for catching things early.



See you next month after FOSDEM!



—



Toby Pilling



Senior Manager, Desktop Engineering
The post Thunderbird Monthly Development Digest – December 2024 appeared first on The Thunderbird Blog.

by Toby Pilling at January 13, 2025 03:00 PM

`January 11, 2025`

`SeaMonkey — January 6th is a sad day to remember…`

Dear All,


It is with very heavy hearts that we, at the SeaMonkey Project, announce the sudden passing of one of our core dev and releng, Bill Gianopoulos (aka WG9s) on the 6th January 2025.   Here is his obiturary (https://www.chesmorefuneralhome.com/obituaries/william-andrew-gianopoulos/20284/)
I wish there was something to say… but.. still stunned by this news.
R.I.P.  Bill!
:ewong

by ewong at January 11, 2025 04:40 AM

`January 07, 2025`

`SeaMonkey — SeaMonkey 2.53.20 is out!`

Hi All,


Firstly, I’d like to take this opportunity to wish everyone a very Healthy, Safe and Prosperous New Year!
Secondly,  the SeaMonkey Project is proud to announce the immediate release of SeaMonkey 2.53.20!
Please check out [1] and/or [2].
:ewong
PS: Updates forthcoming…
[1] – https://www.seamonkey-project.org/releases/seamonkey2.53.20
[2] – https://www.seamonkey-project.org/releases/2.53.20

by ewong at January 07, 2025 10:05 AM

`January 02, 2025`

`Mozilla L10N — Mozilla Localization in 2024`

`A Year in Data`


2024 was a year with plenty of achievements for the Mozilla localization community (here’s the 2023 report in case you missed it, or want to check how we fared against our original plans). Let’s start with the numbers first:

30 projects (-2 compared to last year) and 369 locales (+111) set up in Pontoon.
4,991 new user registrations
1,202 active users, submitting at least one translation (on average 222 users per month)
466,187 submitted translations
385,722 approved translations
20,931 new strings to translate

While the overall number of projects decreased, this is mostly due to removal of obsolete projects (we actually added a new one in November). The astounding increase in the number of locales is driven once again by Common Voice, which has 318 locales enabled in Pontoon.
Thank you to all the volunteers who contributed their time, passion, and expertise to Mozilla’s localization over the last 12 months.

Pontoon Development
At the start of the year, we focused on improving Pontoon’s performance — a less glamorous but essential part of maintaining an effective platform: if the platform doesn’t perform well, users can quickly lose motivation and stop contributing. To assess the current state, we used the Apdex score, a standard measure of user satisfaction for web application performance. Between January and March, we successfully raised the average score for our lowest performing transactions from 0.77 to 0.87, making significant progress toward achieving what is considered a “good” performance level. Later in the year, we also moved to a larger database plan to further improve performance.
In May, we launched our first LLM integration. Users now have additional options if they’re not satisfied with the suggestion provided by Google Translate. They can choose from three actions: Rephrase, to generate an alternative version; Make formal, to adjust the tone to a more formal register; and Make informal, to create a more casual version. These options are especially valuable for languages like German or Spanish, where tone can significantly impact translation quality and consistency.
Between May and December 2024, this feature has been used 2,571 times across 69 locales, with approximately 35% of the generated text being copied into the editor. This adoption rate suggests that the feature is delivering good-quality results and meeting user needs effectively, and that we should look into expanding its use.
In October, we introduced advanced search options, giving users more flexibility and precision in finding the content they need. By default, Pontoon now searches through source text, approved translations, and pending suggestions. However, users still retain the option to expand their search to include identifiers, rejected translations, or further refine results by matching case or whole words.
For more details on how to use this feature, check out our documentation. We’re currently analyzing the usage data to understand if we should change the default options, and exploring how to make the feature more discoverable.
December was an especially busy month for releasing new features. We kicked things off with the long-awaited ability to edit translation memory (TM) entries, addressing one of the most frequently requested enhancements from our users. Shortly after, we introduced another powerful feature: the ability to upload custom translation memories in TMX format, giving locales even more control over their localization workflows.
We also launched our first glimpse of gamification! Users can now earn three different types of badges for translating, reviewing, and promoting other contributors. The goal isn’t just to recognize and celebrate the invaluable efforts of volunteers but also to encourage positive behaviors. These include reviewing others’ work and promoting promising contributors, helping communities grow and encouraging effective participation across the platform.
As part of this work we also introduced user banners to help clarify roles within a locale or project.
Finally, we wrapped up the year by enhancing Pontoon’s ability to keep users informed. Users can now opt to receive notifications via email, choosing between daily or weekly updates. Additionally, we introduced a Monthly Activity Summary — a digest that highlights both their personal contributions and their team’s activity. If you’re a locale manager, we highly recommend enabling this feature to stay on top of your community’s progress and engagement.
If you check your settings, you’ll find a new option for News and Updates. We highly encourage users to enable this checkbox to stay informed about online events, new features, surveys, and more. The content will be strictly focused on Mozilla Localization and Pontoon, and you can opt out or change your preferences at any time.
Lastly, a lot of work happened behind the scenes to improve Pontoon’s functionality and stability. We introduced the Messaging Center, a new feature that enables program managers to communicate with users more effectively through targeted notifications or emails.
In addition, we’ve been rewriting the code responsible for syncing Pontoon with repositories. This foundational work lays the groundwork for a broader set of initiatives planned for 2025. We also implemented measures to mitigate DDoS attacks, ensuring the platform remains stable, secure, and reliable for all users.
Community
This year, we collaborated with members of the community and other community-focused teams at Mozilla to improve our existing documentation and create comprehensive community guidelines aimed at building vibrant and sustainable communities. These guidelines address key topics, such as the expectations for managers and translators, and provide clear processes for assigning permissions to new contributors when existing leaders are not available.
Unfortunately, the situation around in-person community events hasn’t changed. We know how important these gatherings are for you — and for us — but in the meantime, we continued to focus on organizing online events. You can find all the recordings for the 2024 events here. We’ve also recorded an Introduction to Pontoon, designed to help onboard new contributors and familiarize them with the platform.
What’s coming in 2025
While we made significant strides in improving Pontoon’s performance this year, we believe that we’ve reached the limits of our current setup. As we move into the new year, our focus will shift to exploring alternative deployment solutions. Our goal is to make Pontoon faster, more reliable, and better equipped to meet the needs of our users.
We aim to make mobile projects (Android and iOS) first-class citizens in our localization ecosystem. The first step is introducing support for plural forms, which will significantly enhance the localizability of these projects. This improvement will enable more natural-sounding content in English and other languages, ensuring a better experience for both contributors and end users.
Talking about Pontoon, we’re committed to improving translation memory utilization, particularly for handling multi-value strings commonly found in Fluent. Currently, Pontoon only suggests translations for a single value within these strings. Moving forward, we aim to provide suggestions or translation memory matches for entire strings, ensuring a more comprehensive and efficient translation experience.
We plan to work on a Mozilla Language Portal — a unified hub that highlights Mozilla’s unique approach to localization while serving as a comprehensive resource for translators. This webpage will feature searchable translation memories, a rich repository of documentation, best practices, blogs, and more, fostering knowledge-sharing and collaboration across the global translation community.
Finally, we will continue exploring innovative ways to engage our community and strengthen its connections. As part of this work, we will keep advocating for increased investment in community building at the organization level, emphasizing its critical role in driving our mission forward.
If you have any thoughts or ideas about this plan, let us know on Mastodon or Matrix!
Thank you!
As we step into 2025, we’re constantly reminded of the transformative power of localization. Together, we’ll continue to break down barriers, and create a digital world that speaks everyone’s language. Thank you for being part of this journey.

by Francesco Lodolo [:flod] at January 02, 2025 10:02 AM

`December 27, 2024`

`SUMO Blog — Wrapping up 2024: How SUMO made support smarter, simpler, and more accessible`

As 2024 comes to a close, we want to take a moment to celebrate the work we’ve accomplished together at Mozilla Support (SUMO). This year, we focused on making support resources easier to use, smarter to create, and better for everyone. From reducing users’ cognitive load to amplifying their voices through new programs, these wins are a testament to collaboration between our team, contributors, and the wider Mozilla community.


Let’s look back at the highlights.
Making support simpler for everyone
This year, we successfully kicked off the Cognitive Load Reduction initiative. The goal was clear: make Knowledge Base articles easier to follow and less mentally demanding for users. We introduced several improvements, including:

Simplified screenshots (SUI) that focus on the interface’s key elements make it easier for users to follow instructions without getting distracted by unnecessary details.
Inline icons and images that show users exactly what to look for without making them guess.
Sequential step markers that guide users step-by-step through solutions.
Animated GIFs that visually demonstrate actions for clarity.

Right now, SUI screenshots and inline icons and images are the most widely adopted updates. These visual additions have already made a noticeable difference in helping users understand and solve issues faster. Next year, we will continue expanding these improvements to reach even more articles and provide a smoother experience for everyone.
One unified taxonomy to connect the dots
Another big milestone this year was the creation and implementation of a unified taxonomy across Mozilla’s Customer Experience team. A unified taxonomy is a shared structure for classifying things — in our case, everything from knowledge base content to app store feedback and user insights.
Here’s why it matters: With this new system, we can gather consistent and meaningful data about what our users need most. Whether it’s feedback about Firefox in app stores or trends in KB article usage, we’re now able to connect the dots between different channels. This deeper understanding helps us improve Mozilla’s products and continuously refine our support resources to be more useful and relevant.
Amplifying user voices with the Voice of Customer program
This year, we launched our Voice of Customer (VoC) program to ensure the voices of our users are consistently heard across Mozilla. We’re gathering feedback from multiple channels — like app store reviews, Connect, SUMO forums, and surveys — and sharing these insights with the teams that shape Mozilla’s products and support resources
To take this program even further, we’re customizing our own Gen-AI model to help cross-check user feedback across channels. This will allow us to identify trends more effectively and ensure the insights we share are accurate and actionable. By better connecting what users are saying with what we’re building, we can make Mozilla’s products and our support efforts even more aligned with user needs.
This is an ongoing effort, and we’re excited to see its continued impact in the coming year.
AI tools that make content smarter (and more accessible)
This year, we also explored how AI can improve the way we create, update, and localize content. Two major initiatives have already begun delivering results:
Organa Oracle for content creation and review
Organa Oracle is a custom GPT model built in Mozilla’s OpenAI Workspace, specifically designed to support SUMO’s style, voice, and guidelines. It helps streamline the creation and updating of Knowledge Base articles by:

Suggesting formats and approaches that align with SUMO guidelines.
Recommending screenshots and generating alt text to keep articles accessible to all users.
Reviewing drafts for clarity, tone, and consistency to ensure every article meets our standards.

For now, Organa Oracle is available only to staff, but we’re actively exploring ways to bring it and other similar tools to contributors in the future. These tools could make content creation and updates faster, easier, and even more collaborative while still reflecting the high quality and accessibility users expect from SUMO.
AI-powered L10N
At the same time, we’re using top large language models (LLMs), like Google’s Gemini and OpenAI’s ChatGPT-4o, with carefully designed prompts to assist in the localization process. These tools are built to respect existing translations while improving consistency and efficiency, especially in locales where fewer contributors are active. This initiative is designed to fill in gaps, improve consistency, and make localization more efficient for everyone.
Here’s what’s important: contributors will always be at the heart of our localization efforts. AI-powered localization is designed to support and amplify your work, not replace it. By speeding up the process and filling in gaps, the AI will help ensure more consistent translations and give contributors more time to focus on fine-tuning and reviewing content.
Together, these AI-driven tools are helping us create smarter, more accessible content and ensure users worldwide get the support they need.
Why this matters: Mozilla’s mission in action
At Mozilla, our work is guided by the Mozilla Manifesto, a promise to build an open and accessible internet that puts people first. Every initiative we worked on this year reflects that mission:

Reducing cognitive load makes support resources more inclusive, helping people of all skill levels solve problems with ease.
The Voice of Customer program ensures that user feedback actively shapes Mozilla’s products and support efforts.
Organa Oracle and our localization AI make content creation and translation faster while keeping accessibility, quality, and human collaboration at the center.

By simplifying and improving how we support users, we’re making it easier for everyone to feel confident and empowered on the web.
Thank you for an amazing year
None of this would have been possible without you, our incredible contributors, team members, and the wider Mozilla community. Your work, ideas, and feedback are what make SUMO a place where users can always find the help they need.
As we head into 2025, we are excited to keep building on this year’s progress. We will continue amplifying user voices, reducing complexity, improving accessibility, and exploring new ways to make support content even better.
Thank you for being part of this journey. Here is to another year of collaboration, growth, and making the internet better for everyone.
Let’s keep building a better web, one article at a time.

by Lucas Siebert at December 27, 2024 07:07 PM

`December 24, 2024`

`SeaMonkey — While 2.53.20b1 is out…`

… I seem to be having some issues with the artifacts appearing in the releases. Currently fixing.


:ewong

by ewong at December 24, 2024 10:00 AM

`SeaMonkey — SeaMonkey 2.53.20 Beta 1 is out!`

Hi All,


Firstly, on behalf of the SeaMonkey Project, I’d like to take this opportunity to wish everyone a very Merry Christmas and a Happy New Year!
Secondly, the SeaMonkey project would like to announce the immediate release of SeaMonkey 2.53.20 Beta 1!
Please check out [1] and/or [2]!
[1] – https://www.seamonkey-project.org/releases/seamonkey2.53.20
[2] – https://www.seamonkey-project.org/releases/2.53.20b1

by ewong at December 24, 2024 06:29 AM

`SeaMonkey — Updates issue`

Hi all,


The update server has been flapping about like a trout out of water.   Been working on it and will be monitoring it.
My apologies.
 
:ewong

by ewong at December 24, 2024 04:38 AM

`December 20, 2024`

`Mozilla L10N — Cast Your Vote for Pontoon’s 2025 Roadmap!`

We’re shaping the future of Pontoon, and your input is crucial! As we plan our 2025 roadmap, we’re committed to implementing at least three of the features most important to you—our users. Now’s your chance to tell us what matters most.


Take the 2025 Survey
Help us prioritize features by January 6 by participating in this quick 5-minute survey. Here are the options up for vote:

Enable use of generic machine translation engines with pretranslation (details).
Add a batch action to pretranslate a selection of strings (details).
Add “Copy translation from another locale” batch action to simplify translation of similar locales (details).
Add ability to preview Fluent strings in the editor (details).
Hint at any available variants when referencing message (details).
Keep unsaved translations when navigating to other strings (details).
Add virtual keyboard with special characters to the editor, customizable per locale (details).
Link project names in Concordance search results to corresponding strings in translate view (details).
Add ability to edit and remove comments (details).
Add ability to report comments and suggestions for abusive content (details).

Note that at the end of the survey you will be able to add your own ideas, which you are always welcome to submit on GitHub.

by Matjaž Horvat at December 20, 2024 07:23 PM

`Open Policy & Advocacy — Mozilla Joins Amicus Brief Supporting Software Interoperability`

UPDATE – December 20, 2024


We won!
Earlier this week the Ninth Circuit issued an opinion that thoroughly rejects the district court’s dangerous interpretation of copyright law. Recall that, under the district court’s ruling, interoperability alone could be enough for new software to be an infringing derivative work of some prior software. If upheld, this would have threatened a wide range of open source development and other software.
The Ninth Circuit corrected this mistake. It wrote that “neither the text of the Copyright Act nor our precedent supports” the district court’s “interoperability test for derivative works.” It concluded that “mere interoperability isn’t enough to make a work derivative.” Adding that “the text of the Copyright Act and our case law teach that derivative status does not turn on interoperability, even exclusive interoperability, if the work doesn’t substantially incorporate the preexisting work’s copyrighted material.”
Original post, March 11, 2024
In modern technology, interoperability between programs is crucial to the usability of applications, user choice, and healthy competition. Today Mozilla has joined an amicus brief at the Ninth Circuit, to ensure that copyright law does not undermine the ability of developers to build interoperable software.
This amicus brief comes in the latest appeal in a multi-year courtroom saga between Oracle and Rimini Street. The sprawling litigation has lasted more than a decade and has already been up to the Supreme Court on a procedural question about court costs. Our amicus brief addresses a single issue: should the fact that a software program is built to be interoperable with another program be treated, on its own, as establishing copyright infringement?
We believe that most software developers would answer this question with: “Of course not!” But the district court found otherwise. The lower court concluded that even if Rimini’s software does not include any Oracle code, Rimini’s programs could be infringing derivative works simply “because they do not work with any other programs.” This is a mistake.
The classic example of a derivative work is something like a sequel to a book or movie. For example, The Empire Strikes Back is a derivative work of the original Star Wars movie. Our amicus brief explains that it makes no sense to apply this concept to software that is built to interoperate with another program. Not only that, interoperability of software promotes competition and user choice. It should be celebrated, not punished.
This case raises similar themes to another high profile software copyright case, Google v. Oracle, which considered whether it was copyright infringement to re-implement an API. Mozilla submitted an amicus brief there also, where we argued that copyright law should support interoperability. Fortunately, the Supreme Court reached the right conclusion and ruled that re-implementing an API was fair use. That ruling and other important fair use decisions would be undermined if a copyright plaintiff could use interoperability as evidence that software is an infringing derivative work.
In today’s brief Mozilla joins a broad coalition of advocates for openness and competition, including the Electronic Frontier Foundation, Creative Commons, Public Knowledge, iFixit, and the Digital Right to Repair Coalition. We hope the Ninth Circuit will fix the lower court’s mistake and hold that interoperability is not evidence of infringement.
The post Mozilla Joins Amicus Brief Supporting Software Interoperability appeared first on Open Policy & Advocacy.

by Daniel Nazer at December 20, 2024 08:00 AM

`December 19, 2024`

`The Mozilla Thunderbird Blog — Open Source, Open Data: Visualizing Our Community with Bitergia`


Thunderbird’s rich history comes with a complex community of contributors. We care deeply about them and want to support them in the best way possible. But how does a project effectively do just that? This article will cover a project and partnership we’ve had for most of a year with a company called Bitergia. It helps inform the Thunderbird team on the health of our community by gathering and organizing publicly available contribution data.




In order to better understand what our contributors need to be supported and successful, we sought the ability to gather and analyze data that would help us characterize the contributions across several aspects of Thunderbird. And we needed some data experts that understood open source communities to help us achieve this endeavor. From our relationship with Mozilla projects, we recalled a past partnership between Mozilla and Bitergia, who helped it achieve a similar goal. Given Bitergia’s fantastic previous work, we explored how Thunderbird could leverage their expertise to answer questions about our community. Likewise, you can read Bitergia’s complimentary blog post on our partnership as well.



Thunderbird and Bitergia Join Forces



Thunderbird and Bitergia started comparing our data sources with their capabilities. We found a promising path forward on gathering data and presenting it in a consumable manner. The Bitergia platform could already gather information from some data sources that we needed, and we identified functionality that had to be added for some other sources. 



We now have contribution data sets gathered and organized to represent these key areas where the community is active:




Thunderbird Codebase Contributions – Most code changes take place in the Mercurial codebase with Phabricator as the code reviewing tool.  This Mercurial codebase is mirrored in GitHub which is more friendly and accessible to contributors. There are other important Thunderbird repositories in GitHub such as Thunderbird for Android, the developer documentation, the Thunderbird website, etc.



Bug Activity – Bugzilla is our issue tracker and an important piece of the contribution story.



Translations – Mozilla Pontoon is where users can submit translations for various languages.



User Support Forums – Thunderbird’s page on support.mozilla.org is where users can request support and provide answers to help other users.



Email List Discussions – Topicbox is where mailing lists exist for various areas of Thunderbird. Users and developers alike can watch for upcoming changes and participate in ongoing conversations.




Diving into the Dashboards



Once we identified the various data sets that made sense to visualize, Bitergia put together some dashboards for us. One of the key features that we liked about Bitergia’s solution is the interactive dashboard. Anyone can see the public dashboards, without even needing an account!



All of our dashboards can be found here: https://thunderbird.biterg.io/



All of the data gathered for our dashboards was already publicly available. Now it’s well organized for understanding too! Let’s take a deeper look at what this data represents and see what insights it gives us on our community’s health.



Thunderbird Codebase Contributions



As stated earlier, the code contributions happen on our Mercurial repository, via the Phabricator reviewing tool. However, the Bitergia dashboard gathers all its data from GitHub, the Mercurial mirror pluss our other GitHub repositories. You can see a complete list of GitHub repositories that are considered at the bottom of the Git tab.



One of the most interesting things about the codebase contributions, across all of our GitHub repositories, is the breakdown of which organizations contribute. Naturally, most of the commits will come from people who are associated with Thunderbird or Mozilla.  There are also many contributors who are not associated with any particular organization (the Unknown category).







One thing we hope to see, and will be watching for, is for the number of contributors outside of the Thunderbird and Mozilla organizations to increase over time. Once the Firefox and Thunderbird codebases migrate from Mercurial to git, this will likely attract new contributors and it will be interesting to see how those new contributions are spread across various organizations.



Another insightful dashboard is the graph that displays our incoming newcomers (seen from the Attracted Committers subtab). We can see that over the last year we’ve seen a steady increase in the number of people that have committed to our GitHub repositories for the first time. This is great news and a trend we hope to continue to observe!







Bug Activity



All codebases have bugs. Monitoring discovered and reported issues can help us determine not only the stability of the project itself, but also uncover who is contributing  their time to report the issues they’ve seen. Perhaps we can even run some developer-requested test cases that help us further solve the user’s issue. Bug reporting is incredibly important and valuable, so it is obviously an area we were interested in. You can view these relevant dashboards on the Bugzilla tab.







Translations



Many newcomers’ first contribution to an open source project is through translations.. For the Firefox and Thunderbird projects, Pontoon is the translation management system, and you can find the Translation contribution information on the Pontoon tab.



Naturally, any area of the project will see some oscillating contribution pattern for several reasons and translations are no different. If we look at the last 5 years of translation contribution data, there are several insights we can take away. It appears that the number of contributors drop off after an ESR release, and increase in a few chunks in the months prior to the release of the next ESR. In other words, we know that historically translations tend to happen toward the end of the ESR development cycle. Given this trend, If we compare the 115 ESR cycle (that started in earnest around January 2023) to the recent 128 ESR cycle (that started around December 2023), then we see far more new contributors, indicating a healthier contributor community in 128 than 115.







User Support Forums



Thus far we have talked about various code contributions that usually come from developers, but users supporting users is also incredibly important. We aim to foster a community that happily helps one another when they can, so let’s take a look at what the activity on our user support forums looks like in the Support Forums tab.



For more context, the data range for these screenshots of the user support forum dashboards has been set to the last 2 years instead of just the last year.



The good news is that we are getting faster at providing the first response to new questions. The first response is often the most important because it helps set the tone of the conversation.







The bad news is that we are getting slower at actually solving the new questions, i.e. marking the question as “Solved”. In the below graph, we see that over the last two years, our average time to mark an issue as “Solved” is affecting a smaller percentage of our total number of questions.







The general take away is that we need help in answering user support questions. If you are a knowledgeable Thunderbird user, please consider helping out your fellow users when you can.



Email List Discussions



Many open source projects use public mailing lists that anyone can participate in, and Thunderbird is no different. We use Topicbox as our mailing list platform to manage several topic-specific lists. The Thunderbird Topicbox is where you can find information on planned changes to the UI and codebase, beta testing, announcements and more. To view the Topicbox contributor data dashboard, head over to the Topicbox tab.



With our dashboards, we can see the experience level of discussion participants. As you might expect, there are more seasoned participants in conversations. Thankfully, less experienced people feel comfortable enough to chime in as well. We want to foster these newer contributors to keep providing their valuable input in these discussions!







Takeaways



Having collated public contributor data has helped Thunderbird identify areas where we’re succeeding. It’s also indicated areas that need improvement to best support our contributor community. Through this educational partnership with Bitergia, we will be seeking to lower the barriers of contribution and enhance the overall contribution experience.



If you are an active or potential contributor and have thoughts on specific ways we can best support you, please let us know in the comments. We value your input!



If you are a leader in an open source project and wish to gather similar data on your community, please contact Bitergia for an excellent partnership experience. Tell them that Thunderbird sent you!
The post Open Source, Open Data: Visualizing Our Community with Bitergia appeared first on The Thunderbird Blog.

by Heather Ellsworth at December 19, 2024 04:18 PM

`December 18, 2024`

`Open Policy & Advocacy — Mozilla Welcomes the Bipartisan House Task Force Report on AI`

On December 17, the bipartisan House AI Task Force, led by Representatives Jay Obernolte and Ted Lieu, along with a number of other technology policy leaders, released their long awaited report on AI.


The House Task Force Report on Artificial Intelligence provides in-depth analysis and recommendations on a range of policy issues related to AI, including the use of AI in government agencies, data privacy, research and development, civil rights, and more. The report is the culmination of nearly a year’s worth of research and discussions between the Task Force and a broad range of stakeholders, including Nik Marda of Mozilla, who provided his insights to the Task Force on the benefits and risks of open-source and closed-source models. We thank the members of the House AI Task Force and their staff for their diligent work in developing a robust report and for their willingness to consult a broad range of stakeholders from across industry, civil society, and government. We look forward to working with the Task Force on next steps, and we hope to see legislation advanced to tackle these important issues.
See Mozilla’s December 17, 2024 statement below:
Mozilla commends the House AI Task Force for their diligent work over the past year and welcomes their report detailing AI policy findings and recommendations for Congress. We were grateful for the opportunity to engage with the Task Force throughout this process, and to contribute our perspective on our key priorities, including open source, protecting people from AI-related harms, and Public AI. It’s encouraging to see these critical topics addressed in the final report.
In particular, Mozilla agrees with the Task Force findings that there is insufficient evidence to justify the restriction of open source models, and that today’s open AI models actually “encourage innovation and competition.” This finding echoes NTIA’s July 2024 report which acknowledged the benefits of open models to promote AI innovation. We’re also gratified to see the report address other vital issues like data privacy as it pertains to AI, including the use of Privacy Enhancing Technologies (PETs). We’re pleased with the continued emphasis on making foundational progress towards Public AI as well, including recommendations to monitor the current National AI Research Resource Pilot in preparation for potentially scaling the program, which Mozilla hopes to see expanded, and investing in AI-related R&D and education.
In large part to its great breadth and depth, the House AI Task Force report represents a much-needed step forward in the development of concrete AI policy legislation and will help inform the agenda for the next Congress. We look forward to continuing working with AI leaders to advance meaningful AI legislation that promotes accountability, innovation, and competition.
The post Mozilla Welcomes the Bipartisan House Task Force Report on AI appeared first on Open Policy & Advocacy.

by Jenn Taylor Hodges and Joel Burke at December 18, 2024 06:49 PM

`December 16, 2024`

`about:community — Contributor spotlight – Mayank Bansal`

In the open source world, there’s a saying that “given enough eyeballs, all bugs are shallow.” At Bugzilla, we’ve taken this principle to heart with our belief that “bugs are cheap” — a philosophy that transforms challenges into opportunities for collaborative problem-solving.


In this post, you will learn more about Mayank Bansal, whose journey embodies the true spirit of open source collaboration. For over a decade, Mayank has contributed across multiple aspects of Firefox development, including web performance. With his experience, he’s known for his exceptional skill in identifying the culprit of performance regression, and has even outpaced our automated alerting system! He’s also been recently appointed as the first official Community Performance Sheriff. Read on to uncover his insider tips and best practices for meaningful open source contributions.
Q: You’ve been a part of the Mozilla community since 2012. What initially inspired you to start contributing?
I have always been interested in software performance. I started using Firefox in 2009. Sometime in 2010-2011, Firefox announced it was working on graphics hardware acceleration, which was a novel technique then. That really piqued my interest. A developer who worked on the graphics backend for Firefox wrote a blog about the progress. I tested the Firefox beta builds on some graphic intensive websites and posted my findings on their blog. The developer responded to my comments and then filed a bug on Bugzilla to track it.
That was the moment when I realized that Mozilla is not your average faceless technology company. It had real developers, fixing real issues faced by real users.
I created my Bugzilla ID and commented on the bug the dev had filed. The devs responded there and fixed the bug. I could immediately test and perceive the improvement on the previously problematic webpage.
That was the positive feedback loop that got me hooked – I file performance bugs, the devs fix it (and thank me for filing the bug!)
Q: You’ve contributed across so many components: from JavaScript and Graphics to WebGPU and the DOM. How do you manage to stay on top of such a wide range of areas?
There are a few things I do:

I go through all the bugs filed in the last 24 hours in the Core component, which gives me a sense of issues reported by other Firefox users, and bugs filed by the Mozilla devs to track work on either a new feature or performance improvement.
I read through the bug review comments, which gives me an idea if a particular patch is expected to improve performance.
I go through the try pushes from the developers, which gives me an idea of upcoming patches and changes.
I have joined some of the chat rooms on Matrix that Mozilla developers use as team chats. These are generally open to the public (for responsible participation).

A good place to start would be to start cc’ing yourself to large meta bugs (which are like placeholders for other bugs). As new bugs get filed, they will get associated with the meta bug, and you will get an email notification. And then you can go through the new bug and follow that too.
Q: How do you approach bug triaging, and what are some of the challenges you face?
From the description of the bug by the reporter, I try to guess the component where it would sit (DOM, Style, Graphics, JS, etc.). Then I see if I can reproduce that bug. If I can, I will immediately perform a bisection using the wonderful mozregression tool. If I cannot reproduce it, I try to put it in the right component and cc a developer who works in that component.  All bugs get triaged as part of Mozilla’s regular process. But cc’ing a developer does cut short some of the lag associated with any process.
I have also been testing the fuzzing bugs created by Mozilla’s fuzzing team. Wherever I can reproduce a crash from the fuzzing testcase, I will perform a bisection and inform the developer. Again, all fuzz bugs get auto-bisected and triaged. But doing it manually cuts some of the time lag.
I also regularly test old bugs and close them if the original issue is fixed now. It feels right to close an old bug and declutter Bugzilla.
Challenges I face are when the details in the bug are not sufficient to reproduce, or when the issue is platform/setting specific, or when the testcase is private and the reporter cannot share. I will ask the reporter for extra information that will help the developers, and most of the time the reporters respond back!
Q: You’ve been known to find the culprit of performance regressions faster than the automated alerting system. What strategies do you use to efficiently track down regressions?
I use AWFY to track performance of Firefox on important metrics and benchmarks. This is a real-time dashboard maintained by the Perf-sheriffing team. As soon as a regression lands, the numbers change on the dashboard. The automated alert system needs minimum 12 datapoints before an alert is generated, which may take a few hours. In this interval, I identify the regression visually, zero-in on the potential range of bugs that could have caused the regression, and then based on my understanding identify a bug that caused the regression. I can then confirm my suspicion by triggering a build with only that bug and run the benchmark that regressed.
Note that the “bisect-build-run benchmark-create graph-generate perf alert” process is fully automated. I only need to press the right buttons, which makes my life very easy!
Q: With over a decade of contributions, how do you see Mozilla’s tools and technologies evolving, and what role do you hope to play in that future?
Tooling continues to evolve in Mozilla. For example, when I started, there wasn’t much source-code analysis. Now, multiple linters are run on each commit to the main repository. Mozilla as a company puts users at the forefront – and those users also include its internal development teams! There is a continuous push to improve tooling to make the developers more efficient and spend less time in mundane activities. The tooling around performance/regression monitoring, Crash Reporting, Telemetry, Build, Fuzzing is ever evolving. In the last few years, tooling around the use of machine learning has also increased.
I see my role as complementary to tools – filling gaps where the system cannot easily make a judgement, or connecting seemingly different bugs with little context.
Q: Through your testing, you’ve discovered bugs on the web where Firefox underperforms compared to other browsers. Can you share how you approach this type of testing?
I follow all the graphics related bugs. As soon as something lands in Nightly, I immediately start stress-testing websites. I also go to sites like Codepen.io and test literally hundreds of relevant demos.  Check out some of the bugs I filed for WebGPU and Canvas. With graphics, the issues usually are mis-rendering or crashes.
With Javascript, the issues I found tend to be where we are slower than other browsers, or where the javascript engine (SpiderMonkey) has some hidden quadratic behaviour. Crashes in Javascript are mostly from fuzzing testcases.
I also modify existing testcases or Codepen demos to make them intentionally unrealistic for the browser to process and then report issues. Kudos to the Mozilla devs who try to fix as much as they can and are always happy to analyse my testcases.
In general, if anything feels slow, file a bug. If any website looks weird, file a bug. The tenet in Bugzilla is “Bugs are cheap”.
Q: What advice would you give to new contributors who want to dive in?
Start with following bugs, reading Planet Mozilla, using Firefox Nightly, and installing the Firefox Profiler. Profiler is like an X-ray – you immediately get insight into what is slow in Firefox and where exactly. I spend a lot of time profiling webpages, demos, testcases. I profile anything and everything I find.
Q: What keeps you motivated to continue to contribute to Mozilla?
Couple of motivators:  The openness and transparency of development, extremely responsive and friendly developers, feeling of contributing to a piece of software that I use day in and out, belief that Mozilla is important to the openness and democratization of the Web, and finally that my bugs get analysed and fixed.
Q: Outside of your work on Mozilla, what do you enjoy doing in your free time?
Outside of Mozilla, I work within the Investment Banking industry as a transformation consultant in areas like risk, regulatory reporting, and capital markets.
In my free time, I like to read, cook, watch Netflix, and go on long drives with my friends and family.

Interested in contributing to performance tools like Mayank? Check out our wiki to learn more.

by Dave Hunt at December 16, 2024 02:52 PM

`December 11, 2024`

`Mozilla L10N — Celebrating Pontoon contributors with achievement badges`

At the heart of Mozilla’s localization efforts lies Pontoon, our in-house translation management system. Powered by our vibrant volunteer community, Pontoon thrives on their commitments to submit and review translations across all our products.


As part of our ongoing attempts to further recognize the contributions of Pontoon’s volunteers, the localization team has been exploring new ways to celebrate their achievements. We know that the success of localization at Mozilla hinges on the dedication of our community, and it’s important to not only acknowledge this effort but to also create an environment that encourages even greater participation.
That’s why we’re excited to introduce achievement badges in Pontoon! Whether you’re new to Pontoon or a seasoned contributor, achievement badges not only recognize your contribution but also encourage participation and promote good habits amongst our community.
With achievement badges, we aim to make contributing to Pontoon more rewarding and fun while reinforcing Mozilla’s mission of building an open and accessible web for everyone, everywhere.
What are achievement badges?
Achievement badges are a symbol recognizing your hard work in keeping the internet accessible and open, no matter where users are located. These badges are displayed on your Pontoon profile page.
In collaboration with Mozillian designer Céline Villaneau, we’ve created three distinct badges to promote different behaviors within Pontoon:

Translation Champion, awarded for submitting translations.
Review Master, awarded for reviewing translations.
Community Builder, awarded for promoting users to higher roles.

Receiving a badge
When the threshold required to receive a badge is crossed, you’ll receive a notification along with a pop-up tooltip (complete with confetti!). The tooltip will display details about the badge you’ve just earned.
To give you more of a challenge, each badge comes with multiple levels, encouraging continued contributions to Pontoon. You’ll receive similar notifications and celebratory tooltips whenever you unlock a new badge level.
Start collecting!
Badges are more than just icons — they’re a celebration of your dedication to keeping the web accessible to all. Ready to make your mark? All users will begin with a blank slate, so start contributing and begin your badge collection today!

by Harmit Goswami at December 11, 2024 04:38 PM

`December 10, 2024`

`The Mozilla Thunderbird Blog — Thunderbird for Android November 2024 Progress Report`


It’s been a while since our last update in August, and we’re glad to be back to share what’s been happening. Over the past few months, we’ve been fully focused on the Thunderbird for Android release, and now it’s time to catch you up. In this update, we’ll talk about how the launch went, the improvements we’ve made since then, and what’s next for the project.



A Milestone Achieved



Launching Thunderbird for Android has been an important step in extending the Thunderbird ecosystem to mobile users. The release went smoothly, with no hiccups during the Play Store review process, allowing us to deliver the app to you right on schedule.



Since its launch a month ago, the response has been incredible. Hundreds of thousands of users have downloaded Thunderbird for Android, offering encouragement and thoughtful feedback. We’ve also seen an influx of contributors stepping up to make their mark on the project, with around twenty people making their first contribution to the Thunderbird for Android and K-9 Mail repository since 8.0b1. Their efforts, along with your support, continue to inspire us every day.



Listening to Feedback



When we launched, we knew there were areas for improvement. As we’ve been applying our updates to both K-9 Mail and Thunderbird for Android, it won’t magically have all the bugs fixed with a new release over night. We’ve been grateful for the feedback in the beta testing group and the reviews, but also especially excited about those of you who spent a moment to appreciate by leaving a positive review. Your feedback has helped us focus on key issues like account selection, notifications, and app stability.



For account selection, the initial design used two-letter abbreviations from domain names, which worked for many users but caused confusion for users managing many similar accounts. A community contributor updated this to use letters from account names instead. We’re now working on adding custom icons for more personalization while keeping simple options available. Additionally, we resolved the confusing dynamic reordering of accounts, keeping them fixed while clearly indicating the active one.



Notifications have been another priority. Gmail users on K-9 faced issues due to new requirements from Google, which we’re working on. As a stop gap we’ve added a support article which will also be in the login flow from 8.2 onwards. Others have had trouble setting up push notifications or emails not arriving immediately, which you can read more about as well. Missed system error alerts have also been a problem, so we’re planning to bring notifications into the app itself in 2025, providing a clearer way to address actions.



There are many smaller issues we’ve been looking at, also with the help of our community, and we look forward to making them available to you.



Addressing Stability



App stability is foundational to any good experience, and we regularly look at the data Google provides to us. When Thunderbird for Android launched, the perceived crash rate was alarmingly high at 4.5%. We found that many crashes occurred during the first-time user experience. With the release of version 8.1, we implemented fixes that dramatically reduced the crash rate around 0.4%. The upcoming 8.2 update will bring that number down further.







The Year Ahead



The mobile team at MZLA is heading into well deserved holidays a bit early this year, but next year we’ll be back with a few projects to keep you productive while reading email on the go. Our mission is for you to fiddle less with your phone. If we can reduce the time you need between reading emails and give you ways to focus on specific aspects of your email, we can help you stay organized and make the most of your time. We’ll be sharing more details on this next year.



While we’re excited about these plans, the success of Thunderbird for Android wouldn’t be possible without you. Whether you’re using the app, contributing code, or sharing your feedback, your involvement is the lifeblood of this project.



If K-9 Mail or Thunderbird for Android has been valuable to you, please consider supporting our work with a financial contribution. Thunderbird for Android relies entirely on user funding, and your support is essential to ensure the sustainability of open-source development. Together, we can continue improving the app and building a better experience for everyone.
The post Thunderbird for Android November 2024 Progress Report appeared first on The Thunderbird Blog.

by Philipp Kewisch at December 10, 2024 11:55 AM

`December 07, 2024`

`The Mozilla Thunderbird Blog — Celebrating 20 Years of Thunderbird: Independence, Innovation and Community`


Thunderbird turns 20 today. Such a huge milestone invites reflection on the past and excitement for the future. For two decades, Thunderbird has been more than just an email application – it has been a steadfast companion to millions of users, offering communication, productivity, and privacy.



20 Years Ago Today…



Thunderbird’s journey began in 2003, but version 1.0 was officially released on December 7, 2004. It started as an offshoot of the Mozilla project and was built to challenge the status quo – providing an open-source, secure and customizable alternative to proprietary email clients. What began as a small, humble project soon became the go-to email solution for individuals and organizations who valued control over their data. Thunderbird was seen as the app for those in the ‘know’ and carved a unique space in the digital world.



Two Decades of Ups and Downs and Ups



The path hasn’t always been smooth. Over the years, Thunderbird faced its share of challenges – from the shifting tides of technology and billion dollar competitors coming on the scene to troubles funding the project. In 2012, Mozilla announced that support for Thunderbird would end, leaving the project largely to fend for itself. Incredibly, a passionate group of developers, users, and supporters stepped up and refused to let it fade away. Twenty million people continued to rely on Thunderbird, believing in its potential, rallying behind it, and transforming it into a project fueled by its users, for its users.



In 2017, the Mozilla Foundation, which oversaw Thunderbird along with a group of volunteers in the Thunderbird Council, once again hired a small 3 person team to work on the project, breathing new life into its development. This team decided to take matters into their own hands and let the users know through donation appeals that Thunderbird needed their support. The project began to regain strength and momentum and Thunderbird once again came back to life. (More on this story can be found in our previous post, “The History of Thunderbird.”)



The past few years, in particular, have been pivotal. Thunderbird’s user interface got a brand new facelift with the release of Supernova 115 in 2023.  The 2024 Nebula release fixed a lot of the back-end code and technical debt that was plaguing faster innovation and development.  The first-ever Android app launched, extending Thunderbird to mobile users and opening a new chapter in its story. The introduction of Thunderbird Pro Services, including tools like file sharing and appointment booking, signals how the project is expanding to become a comprehensive productivity suite. And with that, Thunderbird is gearing up for the next era of growth and relevance.



Thank You for 20 Amazing Years



As we celebrate this milestone, we want to thank you. Whether you’ve been with Thunderbird since its earliest days or just discovered it recently, you’re part of a global movement that values privacy, independence, and open-source innovation. Thunderbird exists because of your support, and with your continued help, it will thrive for another 20 years and beyond.



Here’s to Thunderbird: past, present, and future. Thank you for being part of the journey. Together, let’s build what’s next.



Happy 20th, Thunderbird!



20 Years of Thunderbird Trivia!



It Almost Had a Different Name



Before Thunderbird was finalized, the project was briefly referred to as “Minotaur.” However, that name didn’t stick, and the team opted for something more dynamic and fitting for its vision.



Beloved By Power Users



Thunderbird has been a favorite among tech enthusiasts, system administrators, and privacy advocates because of its extensibility. With add-ons and customizations, users can tweak Thunderbird to do pretty much anything.



Supports Over 50 Languages



Thunderbird is loved world-wide! The software is available in more than 50 languages, making it accessible to users all across the globe.



Launched same year as Gmail



Thunderbird and Gmail both launched in 2004. While Gmail revolutionized web-based email, Thunderbird was empowering users to manage their email locally with full control and customization.



Donation-Driven Independence



Thunderbird relies entirely on user donations to fund its development. Remarkably, less than 3% of users donate, but their generosity is what keeps the project alive and independent for the other 97% of users.



Robot Dog Regeneration



The newly launched Thunderbird for Android is actually the evolution of the K-9 Mail project, which was acquired by Thunderbird in 2022. It was smarter to work with an existing client who shared the same values of open source, respecting the user, and offering customization and rich feature options.
The post Celebrating 20 Years of Thunderbird:  Independence, Innovation and Community  appeared first on The Thunderbird Blog.

by Natalie Ivanova at December 07, 2024 10:00 AM

`December 06, 2024`

`Blog of Data — How do we preserve the integrity of business metrics while safeguarding our users privacy choice?`

Abstract. Respecting our user’s privacy choices is at the top of our priorities and it also involves the deletion of their data from our Data Warehouse (DHW) when they request us to do so. For Analytics Engineering, this deletion presents the challenge to maintain business metrics reliable and stable along with the evolution of business analyses. This blog describes our approach to break through this challenge. Reading time: ~5 minutes.



Mozilla has a strong commitment to protecting user privacy and giving each user control over the information that they share with us. When the user’s choice is to opt-out of sending telemetry data, the browser sends a request that results in the deletion of the user’s records from our Data Warehouse. We call this process Shredder. The impact of Shredder is problematic when the reported key performance indicators (KPIs) and Forecasts change after a reprocess or “backfill” of data. This is a limitation to our analytics capabilities and the evolution of our products. Yet, running a backfill is a common process that remains essential to expand our business understanding, so the question becomes: how do we rise to this challenge? Shredder Mitigation is a strategy that breaks through this problem and resolves the impact in business metrics. Let’s see how it works with a simplified example. A table “installs” in the DWH contains telemetry data including the install id, browser and  channel utilized on given dates.
installs



date
install_id
browser
channel


2021-01-01
install-1
Firefox
Release


2021-01-01
install-2
Fenix
Release


2021-01-01
install-3
Focus
Release


2021-01-01
install-4
Firefox
Beta


2021-01-01
install-5
Fenix
Release



Derived from this installs table, there is an aggregate that stores the metric “kpi_installs”, which allows us to understand the usage per browser over time and improve accordingly, and that doesn’t contain any ID or channel information.
installs_aggregates_v1



date
browser
kpi_installs


2021-01-01
Firefox
2


2021-01-01
Fenix
2


2021-01-01
Focus
1


Total
 
5



  What happens when install-3 and install-5 opt-out of sending telemetry data and we need to backfill? This event results in the browser sending a deletion request, which Mozilla’s Shredder process addresses by deleting existing records of these installs along the DWH. After this deletion, the business asks us if it’s possible to calculate kpi_installs split by channel, to evaluate beta, nightly and release separately. This means that the channel needs to be added to the aggregate and the data be backfilled to recalculate the KPI. With install-3 and install-5 deleted, the backfill will report a reduced -thus, unstable- value for kpi_installs due to Shredder’s impact.
installs_aggregates (without shredder mitigation)



date
browser
channel
kpi_installs


2021-01-01
Firefox
Release
2


2021-01-01
Fenix
Release
1


Total
 
 
3



  How do we solve this problem? The Shredder Mitigation process safely executes the backfill of the aggregate by recalculating the KPI using only the combination of previous and new aggregates data and queries, identifying the difference in metrics due to Shredder’s deletions and storing this difference as NULL. The process runs efficiently for terabytes of data, ensuring a 100% stability in reported metrics and avoiding unnecessary costs by running automated data checks for each subset backfilled. Every version of our aggregates that use Shredder Mitigation is reviewed to not contain any dimensions that could be used to identify previously deleted records. The result of a backfill with shredder mitigation in our example, is a new version of the aggregate that incorporates the requested dimension “channel” and matches the reported version of the KPI:
installs_aggregates_v2



browser
channel
kpi_installs


Firefox
Release
1


Firefox
Beta
1


Fenix
Release
1


Fenix
NULL
1


Focus
NULL
1


Total
 
5



With the reported metrics stable and consistent, the shredder mitigation process enables the business to safely evolve, generating knowledge in alignment with our data protection policies and safeguarding our users’ privacy choice. Want to learn more? Head over to the shredder process technical documentation for a detailed implementation guide and hands-on insights.

by Lucia Vargas at December 06, 2024 04:01 PM

`December 04, 2024`

`hacks.mozilla.org — Introducing Uniffi for React Native: Rust-Powered Turbo Modules`

Today Mozilla and Filament are releasing Uniffi for React Native, a new tool we’ve been using to build React Native Turbo Modules in Rust, under an open source license. This allows millions of developers writing cross-platform React Native apps to use Rust – a modern programming language known for its safety and performance benefits to build single implementations of their app’s core logic to work seamlessly across iOS and Android.


This is a big win for us and for Filament who co-developed the library with Mozilla and James Hugman, the lead developer. We think it will be awesome for many other developers too. Less code is good. Memory safety is good. Performance is good. We get all three, plus the joy of using a language we love in more places. 
For those familiar with React Native, it’s a great framework for creating cross-platform apps, but it has its challenges. React Native apps rely on a single JavaScript thread, which can slow things down when handling complex tasks. Developers have traditionally worked around this by writing code twice – once for iOS and once for Android – or by using C++, which can be difficult to manage. Uniffi for React Native offers a better solution by enabling developers to offload heavy tasks to Rust, which is now easy to integrate with React Native. As a result, you’ve got faster, smoother apps and a streamlined development process.
How Uniffi for React Native works
Unifii for React Native is a uniFFI bindings generator for using Rust from React Native via Turbo Modules. It lets us work at an abstraction level high enough to stay focused on our applications’s needs rather than getting lost in the gory technical details of bespoke native cross-platform development  It provides tooling to generate:

Typescript and JSI C++ to call Rust from Typescript and back again
A Turbo-Module that installs the bindings into a running React Native library.

We’re stoked about this work continuing. In 2020, we started with Uniffi as a modern day ‘write once; run anywhere’ toolset for Rust. Uniffi has come a long way since we developed the technology as a bit of a hack to get us a single implementation of Firefox Sync’s core (in Rust) that we could then deploy to both our Android and iOS apps! Since then Mozilla has used uniffi-rs to successfully deploy Rust in mobile and desktop products used by hundreds of millions of users. This Rust code runs important subsystems such as bookmarks and history sync, Firefox Suggest, telemetry and experimentation. Beyond Mozilla, Uniffi is used in Android (in AOSP), high-profile security products and some complex libraries familiar to the community.
Currently the Uniffi for React Native project is an early release. We don’t have a cool landing page or examples in the repo (coming!), but open source contributor Johannes Marbach has already been sponsored by Unomed to use Uniffi for React Native to create a React Native Library for the Matrix SDK .
Need an idea on how you might give it a whirl? I’ve got two uses that we’re very excited about:
1) Use Rust to offload computationally heavy code to a multi-threaded/memory-safe subsystem to escape single-threaded JS performance bottlenecks in React Native. If you know, you know.
2) Leverage the incredible library of Rust crates in your React Native app. One of the Filament devs showed how powerful this is, recently. With a rudimentary knowledge of Rust, they were able to find a fast blurhashing library on crates.io to replace a slow Typescript implementation and get it running the same day. We’re hoping we can really improve the tooling even more to make this kind of optimization as easy as possible.
Uniffi represents a step forward in cross-platform development, combining the power of Rust with the flexibility of React Native to unlock new possibilities for app developers. 
We’re excited to have the community explore what’s possible. Please check out the library on Github and jump into the conversation on Matrix. 
Disclosure: in addition to this collaboration, Mozilla Ventures is an investor in Filament. 
 
The post Introducing Uniffi for React Native: Rust-Powered Turbo Modules appeared first on Mozilla Hacks - the Web developer blog.

by Mark Mayo at December 04, 2024 07:38 PM

`December 03, 2024`

`The Mozilla Thunderbird Blog — Thunderbird Monthly Development Digest – November 2024`


Hello Thunderbird Community! Another adventurous month is behind us, and the team has emerged victorious from a number of battles with code, quirks, bugs and performance issues. Here’s a quick summary of what’s been happening across the front and back end teams as some of the team heads into US Thanksgiving:



Exchange Web Services support in Rust



November saw an increase in the number of team members contributing to the project and to the number of features shipped! Users on our Daily release channel can help to test newly-released features such as copy and move messages from EWS to another protocol, marking a message as read/unread, and local storage functionality. Keep track of feature delivery here.

If you aren’t already using Daily or Beta, please consider downloading to get early access to new features and fixes, and to help us uncover issues early.



Account Hub



Development of a refreshed account hub has reached the end of an important initial stage, so is entering QA review next week while we spin up tasks for phase 2 – taking place in the last few weeks of the year. Meta bug & progress tracking.



Global Database & Conversation View



Work to implement a long term database replacement is moving ahead despite some team members being held up in firefighting mode on regressions from patches which landed almost a year ago. Preliminary patches on this large-scale project are regularly pumped into the development ecosystem for discussion and review, with the team aiming to be back to full capacity before the December break.



In-App Notifications



With phase 1 of this project now complete, we’ve uplifted the feature to 134.0 Beta and notification tests will be activated this week. Phase 2 of the project is well underway, with some features accelerated and uplifted to form part of our phase 1 testing plan.  Meta Bug & progress tracking.



Folder & Message Corruption



Some of the code we manage is now 20 years old and efforts are constantly under way to modernize, standardize and make things easier to maintain in the future. While this process is very rewarding, it often comes with unforeseen consequences which only come to light when changes are exposed to the vast number of users on our “ESR” channel who have edge cases and ways of using Thunderbird that are hard to recreate in our limited test environments.



The past few months have been difficult for our development team as they have responded to a wide range of issues related to message corruption. After a focused team effort, and help from a handful of dedicated users and saintly contributors, we feel that we have not only corrected any issues that were introduced during our recent refactoring, but also uncovered and solved problems that have been plaguing our users for years. And long may that continue! We’re here to improve things!



New Features Landing Soon



Several requested features have reached our Daily users and include…




Folder compaction fixes and performance improvements



Various UI improvements



Today Pane scrolling correction



XMPP chat fix for CDATA XML



POP3 APOP password fix



and many more which are listed in release notes for beta.




If you want to see things as they land, and help squash early bugs, you can check the pushlog and try running daily. This would be immensely helpful for catching things early.



See you next month.



Toby Pilling



Senior Manager, Desktop Engineering
The post Thunderbird Monthly Development Digest – November 2024 appeared first on The Thunderbird Blog.

by Toby Pilling at December 03, 2024 11:00 AM

`Planet Mozilla Projects`

Collected here are the most recent blog posts from projects all over the Mozilla community. The content here is unfiltered and uncensored, and represents the views of community members. Individual posts are owned by their authors -- see original source for licensing information.

`Subscribe to Planet`

Feeds:

Subscription list:

FOAF
OPML

Last update: June 18, 2025 03:42 PM

date	install_id	browser	channel
2021-01-01	install-1	Firefox	Release
2021-01-01	install-2	Fenix	Release
2021-01-01	install-3	Focus	Release
2021-01-01	install-4	Firefox	Beta
2021-01-01	install-5	Fenix	Release

date	browser	kpi_installs
2021-01-01	Firefox	2
2021-01-01	Fenix	2
2021-01-01	Focus	1
Total		5