Articles in “Announcements”

Public key pinning released in Firefox

Firefox now supports built-in public key pins, which means that a shortened list of acceptable certificate authorities (CAs) for participating sites is built into Firefox. In this first stage of … Read more

Introducing Mozilla Winter of Security 2014

At Mozilla, we have a loosely formed group called Security Automation, where people who build security tools can meet, exchange ideas, and show their work. We build projects around applications … Read more

Update on Plugin Activation

To provide a better and safer experience on the Web, we have been working to move Firefox away from plugins. After much testing and iteration, we determined that Firefox would … Read more

Rebooting Security Engagement at Mozilla

We recently announced a reboot of our efforts to engage with security contributors at Mozilla. Today our strongest and most lasting contributor relationships are with individuals searching for bug bounties. … Read more

DigiNotar Removal Follow Up

Earlier this week we revoked our trust in the DigiNotar certificate authority from all Mozilla software. This is not a temporary suspension, it is a complete removal from our trusted … Read more

Plugin Check for Everyone

It’s been a few months since I wrote about the work our plugin check team has been doing, but there are a couple of pretty excellent pieces of news I’d … Read more

Plugging the CSS History Leak

Privacy isn’t always easy. We’re close to landing some changes in the Firefox development tree that will fix a privacy leak that browsers have been struggling with for some time. … Read more

Firefox 3.6.2 Released

Mozilla has accelerated its timetable and released Firefox 3.6.2 ahead of schedule. This release contains a number of security fixes, including a fix to Secunia Advisory SA38608 which was previously … Read more