Week in Geek: Firefox 15 Beta Reduces Memory Usage, Tames ‘Leaky’ Add-ons

Note: This article is part of our archive and is likely out of date.
(Links may not work, downloads have not been recently tested for safety)

By Akemi Iwaya on August 5th, 2012

Our first edition of WIG for August is filled with news link goodness covering topics such as Dropbox confirms it was hacked, Valve says Left 4 Dead 2 runs faster on Linux than on Windows, tech support phone scams are surging, and more.

Weekly News Links

  • Firefox 15 reduces memory consumption
    In the beta version of Firefox 15, the Mozilla developers have implemented a “radical idea” to force add-ons to release memory allocated to them. According to the developers, many add-ons are causing memory leaks by not releasing their DOM structures when a tab is closed.
  • Chrome 21 arrives with new API for video and audio communication
    With the release of Chrome 21, web applications can now directly access the local system’s built-in camera and microphone. Instead of requiring a special plugin, the major stable update to the WebKit-based web browser includes a new HTML5 getUserMedia API.
  • Microsoft Finishes Internet Explorer 10
    With the recent Windows 8 RTM announcement, the software giant has also finished the Final build of the Internet Explorer 10. However, while both IE10 and IE10 Metro for Windows 8 are ready, it is not clear whether or not the Windows 7 version was also finalized.
  • Microsoft unveils Windows 8-inspired “Outlook.com” freemail service
    Microsoft has announced beta availability of a new free e-mail service that it’s calling Outlook.com. The company is positioning it as a fresh, clean mail interface that will be touch-friendly, respectful of your privacy, and accessible from any device.
  • Windows 8 RTMs
    As expected, Windows 8 has been released to manufacturing, giving OEMs time to prepare new computers, laptops, tablets, and who knows what else to be ready for General Availability on October 26th. The blog post also includes a list of pre-consumer availability dates for easy reference.
  • Windows 8 to Offer 20 Start Screen Patterns to Play with
    Windows 8 did not offer too many customization options for the Metro-style Start Screen in the pre-release versions that we had the chance to try out until now, but that should change in the final flavor of the platform, rumor has it.
  • Fedora Linux Replaces GNOME With MATE As The Default Desktop Environment
    In what could be called as a major blow to the GNOME foundation, The Fedora Linux team has decided to get rid of GNOME 3 in the upcoming Fedora 18 linux OS. GNOME 3 will be replaced by a new Desktop Environment (DE) called MATE.
  • KDE 4.9 arrives with incremental improvements, KDE devs prepare for Qt
    The developers behind the KDE project have announced the official release of version 4.9, an update that brings improvements to KDE’s Plasma Workspaces, the KDE application stack, and the underlying KDE platform.
  • Valve says Left 4 Dead 2 runs faster on Linux
    In a post on its Linux blog, the Valve team reports that the Linux port of Left 4 Dead 2 (L4D2) is running faster on Linux than Windows.
  • Android 4.0 ported to Raspberry Pi’s $35 Linux computer
    The Raspberry Pi foundation has announced
    that its popular $35 Linux computer will soon be able to run Android 4.0. Google’s mobile operating system is being ported to the device by Broadcom developer Naren Sankar.
  • Open WebOS: No (official) support for existing devices
    HP’s Open WebOS project has released further important mobile operating system components under an open source licence, including the already announced central system manager for Open WebOS (Luna), which is now based on the current QtWebKit browser. HP (Hewlett Packard) has also made available the Email, Calendar, Contacts, Memos, Accounts, Clock and Calculator apps.
  • Adobe open sources its first font family
    Adobe has announced the release of its first open source font. Source Sans Pro is a fully fledged font family that includes six weights and is designed for use in software. The download link for the font is embedded in the last paragraph of the blog post.
  • Hulu blocks access to overseas Apple TV owners, report says
    The company has been able to identify and block overseas Apple TV owners trying to access its programming from a U.S. iTunes account.
  • Valve to Steam users: No class-action suit
    Valve has issued an update to its Steam Subscriber Agreement that effectively prevents all Steam users from joining in class-action lawsuits against the company. Valve’s new SSA requires that “you [the user] and Valve agree to resolve all disputes and claims… in individual binding arbitration,” mimicking similar language added by EA to its Origin service agreement and Microsoft with Windows 8.
  • Some Microsoft Office 365 users reporting problems signing up for Outlook.com
    Rogue, hard-to-delete cookies may be the culprit thwarting some testers from signing up for Microsoft’s newly launched Outlook.com web mail.
  • The @outlook.com email addresses Microsoft forgot to reserve
    Microsoft’s new Outlook.com webmail service launched this past Wednesday as a public preview, leaving thousands of Hotmail users scrambling to reserve their shiny new @outlook.com email addresses.
  • Is ‘Metro’ now a banned word at Microsoft?
    Why is Microsoft allegedly telling those inside and outside the company to stop playing up ‘Metro’ going forward when talking about the new wave of Microsoft products?
  • Questions mount as Facebook advertisers lose to clickbots
    A relationship with a startup sours when 80 percent of pay-per-click ad traffic turns out to be costly, invalid traffic. The issue may not be isolated. Is Facebook doing enough to solve the problem?
  • Software biz tapping hardware to give better experience
    Consumer hardware increasingly a differentiator for software companies, but crux is ultimately a value-added ecosystem of content and services in which hardware helps to maximize the experience.
  • French e-retailer pleads with Anonymous
    Early Flicker has replaced its website with a plea to Anonymous following the company’s attempt to register the iconic Anonymous logo.

Security News

  • Microsoft: Windows, Mac malware gets in via Adobe, Java, Office
    Microsoft has outlined the main third-party software through which cross-platform malware attacks Windows, Mac, and Linux computers: old vulnerabilities in Java, Adobe Flash, Adobe PDF applications, and Microsoft Office.
  • Dropbox confirms it got hacked, will offer two-factor authentication
    A couple of weeks ago Dropbox hired some “outside experts” to investigate why a bunch of users were getting spam at e-mail addresses used only for Dropbox storage accounts. The results of the investigation are in, and it turns out a Dropbox employee’s account was hacked, allowing access to user e-mail addresses.
  • Ubisoft DRM opens backdoor
    The Uplay copy protection system from the game publisher Ubisoft comes with a browser plugin that tears a huge security hole in the computer. It is possible for attackers to use a few lines of JavaScript to persuade the plugin to launch arbitrary processes – the potential victim only needs to open a specially crafted web page.
  • Mozilla Blocks Ubisoft’s Uplay Plugin
    Uplay, a browser plugin that appears on your PC once you install various Ubisoft games, has been discovered to have a serious security vulnerability, which allows malicious websites to take over your computer. Now, according to Mozilla’s blocked plug-Ins list, the open source organization took appropriate steps and has since blocked the mentioned crapware.
  • Ubisoft stoppers Uplay plug-in hole
    Games developer Ubisoft has patched a serious vulnerability in a plug-in for its Uplay DRM software that could have allowed a hacker to take remote control of a user’s computer.
  • LibreOffice vulnerable to multiple buffer overflows
    Three weeks after releasing LibreOffice 3.5.5, The Document Foundation has confirmed that security holes in earlier versions of the open source LibreOffice productivity suite can be exploited by attackers to compromise a victim’s system. Make sure to update to version 3.5.5 if you have not done so already.
  • Vulnerability in proprietary NVIDIA driver for Linux
    Linux kernel and X.org developer Dave Airlie has published a program that exploits a vulnerability in NVIDIA’s proprietary graphics driver on Linux to give root privileges to an arbitrary user on the system. The program was handed to Airlie anonymously and, he says, it was disclosed to NVIDIA over a month ago.
  • EFI rootkit for Macs demonstrated
    At the Black Hat hacker conference, Australian security expert Loukas K (aka Snare) has demonstrated a rootkit which is able to insert itself into a Macbook Air’s EFI firmware and bypass the FileVault hard drive encryption system.
  • Warning: Fake Groupon e-mails include malware
    Cybercriminals are pushing fake Groupon discount e-mails in the hopes you’ll think they are coming from a friend. The attached file is not what it claims to be. It’s malware.
  • Warning: Invitation Facebook Virus e-mail is a hoax
    Cybercriminals have put a Facebook spin on the infamous “Olympic Torch” e-mail hoax. Please do not forward this e-mail chain letter, or any other one for that matter.
  • Malware warning: Your AT&T bill is ready to be viewed
    Cybercriminals are pushing fake AT&T e-mails in the hopes you’ll think you forgot to pay your bill. This is a scam: the links inside do not point to AT&T but a website that tries to put malware on your computer. The blog post has a screenshot of what the e-mail looks like.
  • Trojan warning: Huge scandal with the USA Women’s Gymnastics Team
    Cybercriminals are using false news about the USA Women’s Gymnastics Team at the 2012 Olympics to push malware. Despite the claims, Gabrielle Douglas, who won a Gold Medal in Women’s Gymnastics All Around, did not test positive for doping.
  • Tech Support Phone Scams Surge
    The bogus tech support boiler rooms must be working overtime lately. I’ve (Brian Krebs) recently been inundated with horror stories from readers who reported being harassed by unsolicited phone calls from people with Indian accents posing as Microsoft employees and pushing dodgy PC security services.
  • Cloud service cracks VPN passwords in 24 hours
    At the Black Hat hacker conference in Las Vegas, encryption expert Moxie Marlinspike promised that his CloudCracker web service was able to crack any VPN or WiFi connection secured using MS-CHAPv2 within 24 hours. The cost? Around $200.
  • Uptick in Cyber Attacks on Small Businesses
    New data suggests that cyber attacks aimed at small businesses have doubled over the past six months, a finding that dovetails with my own (Brian Krebs) reporting on companies that are suffering six-figure losses from sophisticated cyber heists.
  • Free Android apps could hijack your phone
    Those annoying pop-up ads are back. This time, they’re on your smartphone, and they’re badder than ever. Here’s how you can avoid aggressive adware on your mobile device.
  • Google tightens up rules for Play store applications
    Google has updated the developer guidelines for Android applications in the Google Play store to take on the problems of spam, fake apps and privacy violating malware. Google says that the rules come into effect immediately and new apps must comply.
  • Mobile apps pose biggest threat
    RSA exec says users’ slack attitude toward mobile security, and ease and low cost for software development mean mobile apps increasingly main source of risk.
  • Risk management now driven by ‘fear’, not strategic enough
    Current approach stems mostly from fear of cyberattacks and compliance purposes, and should move toward being more proactive to address evolving IT landscape.
  • Apple needs wakeup call on security
    Cupertino has “head in the sand” in perceiving its platforms are secure and don’t need external protection, says Sophos exec, who notes Google is more proactive in addressing security vulnerabilities.

Random TinyHacker Links

Super User Questions

How-To Geek Weekly Article Recap

Geeky Goodness from the ETC Side

One Year Ago on How-To Geek

How-To Geek Comics Weekly Roundup

How-To Geek Weekly Trivia Roundup

Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 08/5/12
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!