Kerschbaumer C.,Mozilla Corporation
Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016 | Year: 2016
Web browsers were initially designed to retrieve resources on the world wide web in a static manner such that adding security checks in select locations throughout the codebase sufficiently provided the necessary security guarantees of the web. Even though systematic security checks were always performed, those security checks were sprinkled throughout the codebase. Over time, various specifications for dynamically loading content have proven that such a scattered security model is error-prone. Instead of opting into security checks wherever resource loads are initiated throughout the codebase, we present an approach where security checks are performed by default. By equipping every resource load with a loading context (which includes information about who initiated the load, the load type, etc.), our approach enforces an opt-out security mechanism performing security checks by default by consulting a centralized security manager. In addition, the added load context allows to provide the same security guarantees for resource loads which encounter a server-side redirect. © 2016 IEEE.
News Article | October 28, 2016
IMS Global Learning Consortium (IMS Global/IMS), the world leader in EdTech interoperability and innovation, the Mozilla Foundation, and Collective Shift/LRNG announced today an agreement for IMS Global to become the organization responsible for advancing the development, transferability, and market adoption of the Open Badges specification beginning January 1, 2017. As an open-governance, member-based standards consortium, IMS Global is committed to furthering the adoption, integration, and portability of digital badges to meet the needs of learners, educators, and employers. “IMS is the smart choice for the next step in the evolution of the Open Badges initiative,” said Mark Surman, executive director of the Mozilla Foundation, who serves on the Badge Alliance Steering Committee along with Dr. Rob Abel, CEO of IMS Global, and Connie Yowell, CEO of Collective Shift/LRNG. “The IMS community shares the values of openness and collaboration that have driven this project since its launch in 2011.” Both the Mozilla Foundation and LRNG will become IMS Contributing Members to help lead and support the evolution of the Open Badges standard. “I look forward to working with the IMS member community to build on the momentum gained by Mozilla and Open Badges contributors, as well as address some of the challenges identified, such as articulating the value of digital credentials,” said Connie Yowell. “IMS is bringing together the wide range of stakeholders dedicated to working together to accelerate progress.” Open Badges started as a Mozilla-led project funded by the MacArthur Foundation that included the creation of the Badge Alliance community to help organize adoption. The work of the Open Badges community will continue via IMS Global, facilitated by a revamped website featuring both technical evolution and badge adoption community activities. “The IMS community is a very good fit for this effort because of our leadership in the education technology market, our collaborative K-20 and EdTech supplier member network, and our existing investments in enabling better digital credentialing, specifically our focus on Open Badges extensions for education, the extended transcript, and competency-based education,” commented Dr. Rob Abel. “Working closely with Mozilla Foundation and LRNG over the last year has confirmed that this move should help to accelerate development of the open badges product ecosystem.” IMS is inviting Open Badges contributors, who have invested their time and talent in this movement, to join a new Open Badges Community Council. The Community Council will be a channel to showcase thought leadership around Open Badges and provide guidance to IMS activities. IMS will also be forming an executive leadership council for IMS member organizations that are actively contributing to market development and adoption. During the transition, the Open Badges community is actively working towards the release of Open Badges 2.0, the most significant upgrade to the specification since its release, which will make it possible to address dozens of high priority use cases identified by key stakeholders. City & Guilds “By adopting the Open Badges standard and combining it with our expertise in accreditation and assessment, we can help even more people validate their skills and competencies,” said Chris Jones, chief executive, City & Guilds Group. “Open standards will be essential in creating a global and interoperable ecosystem that will allow us to be part of something truly game-changing. We are delighted that IMS will be driving the standard forwards and believe this will help deliver a step change in delivering global adoption. Through Digitalme, City & Guilds Group’s role will focus on high-quality, relevant and trusted credentials which make the biggest difference in individual’s life and career.” Concentric Sky "I believe the Open Badges standard has the power to help catalyze significant advancements in education technology,” said Wayne Skipper, CEO of Concentric Sky and head of the open source project Badgr. “IMS Global’s focus on interoperability makes it the perfect home for the standard and I’m excited to continue our work together with IMS to build a robust ecosystem for portable digital credentials.” Credly "In the marketplace for knowledge and skills, digital credentials are emerging as the currency of choice. A crucial input to the development of any currency is the adoption of standards across industries and applications," said Jonathan Finkelstein, founder and CEO of Credly. "As early advocates of credential and badge standards, Credly is pleased to see the Open Badges specification find a new home, and to build on contributions to the ecosystem with partners like IMS Global, LRNG, and Mozilla." D2L “Badging and digital credentialing is an important part of building the future of learning and assessment, and the evolving world of capturing skills, achievement, and experience,” said Jeremy Auger, chief strategy officer, D2L Corporation. “IMS Global is the perfect choice for the ongoing stewardship of Open Badges, bringing a world-class collaborative approach to drive buy-in, adoption, and success for the standards under their care.” EDUCAUSE “This is a most welcome development,” said Malcolm Brown, director, EDUCAUSE Learning Initiative. “IMS Global has been experiencing increasing success and exercising conspicuous leadership in the development and adoption of open standards for education. Badging will continue to gain in importance in educational contexts as we pursue new options for recognizing educational achievement. So it comes as terrific news that IMS will be carrying forward the important work initiated by Mozilla with respect to the Open Badges specification.” IBM "I see Open Badges as an increasingly valuable tool to recognize demonstrated knowledge and skills in the 21st century,” said David Leaser, senior manager for the IBM Open Badge Program. “IMS Global is a trusted partner in this new ecosystem, and this transition ensures the long term success of Open Badges. Badge issuers, earners, and employers will benefit tremendously from this move.” Pearson “Pearson Acclaim has been an active participant in the Open Badges community since 2011, pledging support for the standard as founding members of the Badge Alliance when it launched in 2014,” said Jarin Schmidt, director, Acclaim Services, Pearson. “The Acclaim platform is Open Badges compliant and we continue to advocate for open, verified, learner-controlled credentials as we work with the world's leading learning organizations to grow the use of Open Badges. We are excited to support IMS Global as it ushers in a new era of leadership for the community and we look forward to further collaboration to enhance the technical specifications to advance the Open Badges ecosystem.” For more information see the Open Badges Transition FAQ. About IMS Global Learning Consortium (IMS Global) IMS Global is a nonprofit organization that advances technology to affordably scale and improve educational participation and attainment. IMS members are leading suppliers, institutions and government organizations that are enabling the future of education by collaborating on interoperability and adoption initiatives. IMS sponsors the Learning Impact Leadership Institute, a global program focused on recognizing the impact of innovative technology on educational access, affordability, and quality while developing the people and ideas to help shape the future of educational technology. About Mozilla Foundation The nonprofit Mozilla Foundation believes the internet must always remain a global public resource that is open and accessible to all. Our work is guided by the Mozilla Manifesto. The direct work of the Mozilla Foundation focuses on making the health of the internet a mainstream issue. We do this by connecting open internet leaders with each other and by mobilizing grassroots activities around the world. The Foundation is also the sole shareholder in the Mozilla Corporation, the maker of Firefox and other open source tools. Mozilla Corporation functions as a self-sustaining social enterprise – money earned through its products is reinvested into the organization. About Collective Shift/LRNG Collective Shift is a nonprofit dedicated to redesigning social systems for the connected age. Building on over a decade of research, Collective Shift launched LRNG initiative in 2015 to close the equity gap by transforming how young people access and experience learning and the available paths to success. Using an online platform as an infrastructure, LRNG is building an ecosystem of learning that combines in-school, out-of-school, employer-based and online learning experiences into a seamless network that is open to all youth. LRNG is designed to help youth to identify emerging passion areas, engage in online or local experiences related to their interests, produce and share work, and develop marketable skills. When young people successfully complete learning experiences called playlists, they earn digital badges.
News Article | January 13, 2016
Mozilla will completely shut down its Persona single-sign-on system on Nov. 30 this year. Mozilla Persona was launched in 2011 and it was supposed to be an alternative to Facebook Connect and OpenID, which would allow website operators to support registration and login on their websites without any passwords. Users could register with an email and a single password for logging on to multiple services. The Persona concept was straightforward but it did not attract many users and the adoption rate for the service was very low. In March 2014, Mozilla transferred the little-known Persona project from its full-time developers to a community of volunteers. As the adoption rate of Persona remained unimpressive, Mozilla has decided to completely rid itself of the service. "When the Mozilla Identity team transitioned Persona to community ownership, we committed resources to operational and security support throughout 2014, and renewed that commitment for 2015," said Ryan Kelly of Mozilla. "Due to low, declining usage, we are reallocating the project’s dedicated, ongoing resources and will shut down the persona.org services that we run." Not The First Persona is not the first project that Mozilla has ditched. In early December 2015, Mitchell Baker, the executive chairwoman of the Mozilla Foundation and Mozilla Corporation, announced that they are planning to spin off email client Thunderbird and are looking for a new maintainer. Baker said that the company wants to focus its resources on the Firefox browser. "Many inside of Mozilla, including an overwhelming majority of our leadership, feel the need to be laser-focused on activities like Firefox that can have an industry-wide impact," said Baker. "With all due respect to Thunderbird and the Thunderbird community, we have been clear for years that we do not view Thunderbird as having this sort of potential." In December 2015, Mozilla also confirmed that it has stopped the development of the Firefox OS for low-priced smartphones. "Firefox OS proved the flexibility of the Web, scaling from low-end smartphones all the way up to HDTVs," said Ari Jaaksi, senior vice president of Connected Devices at the Mozilla Foundation. "However, we weren't able to offer the best user experience possible and so we will stop offering Firefox OS smartphones through carrier channels." Firefox OS was meant to compete with the low-cost Android smartphones but its popularity was far less than Mozilla actually expected. A major chunk of low-cost smartphone users in emerging markets preferred Android-based phones to Firefox OS-running handsets. After Nov. 30, 2016, the Persona.org domain will not be available and all user data will be deleted from the servers. The community has the option to deploy the project source code for free on their own and without any financial assistance from Mozilla. The Persona system used only emails and no passwords. Mozilla executives suggest that this will make it easy for users to migrate to other forms of authentication. Mozilla will still have control over Persona.org but Kelly says that Persona's code will be available on GitHub. Check out Persona.org to see how the service works.
News Article | February 27, 2017
SAN FRANCISCO--(BUSINESS WIRE)--Today, the Mozilla Corporation has completed the acquisition of Read It Later, Inc. the developers of Pocket. As our first strategic acquisition, Pocket contributes to our strategy by growing our mobile presence and providing people everywhere with powerful tools to discover and access high quality web content, on their terms, independent of platform or content silo. Pocket will join Mozilla’s product portfolio as a new product line alongside the Firefox web browsers with a focus on promoting the discovery and accessibility of high quality web content. Pocket’s core team and technology will also accelerate Mozilla’s broader Context Graph initiative. Chris Beard, CEO of Mozilla, said, “We believe that the discovery and accessibility of high quality web content is key to keeping the internet healthy by fighting against the rising tide of centralization and walled gardens. Pocket provides people with the tools they need to engage with and share content on their own terms, independent of hardware platform or content silo for a safer, more empowered and independent online experience.” Pocket brings to Mozilla a successful human-powered content recommendation system with 10 million unique monthly active users on iOS, Android and the Web and with more than 3 billion pieces of content saved to date. In working closely with Pocket over the last year around the integration within Firefox, we developed a shared vision and belief in the opportunity to do more together that has led to Pocket joining Mozilla today. Nate Weiner, CEO of Pocket, said, “We’ve really enjoyed partnering with Mozilla over the past year. We look forward to working more closely together to support the ongoing growth of Pocket and to create great new products that people love in support of our shared mission.” As a result of this strategic acquisition, Pocket will become a wholly owned subsidiary of Mozilla Corporation and will become part of the Mozilla open source project. Mozilla is growing, experimenting more, and doubling down on our mission to keep the internet healthy, as a global public resource that’s open and accessible to all. Mozilla has been a pioneer and advocate for the open web for more than 15 years. We promote open standards that enable innovation and advance the Web as a platform for all. Today, hundreds of millions of people worldwide use Mozilla Firefox to experience the Web on computers, tablets and mobile devices. For more information, visit www.mozilla.org Pocket, made by Read It Later, Inc., is the world's leading save-for-later service. It currently has more than 10 million active monthly registered users and is integrated into hundreds of leading apps including Flipboard and Twitter. Pocket helps people save interesting articles, videos and more from the web for later enjoyment. Once saved to Pocket, content is visible on any device — phone, tablet or computer, online or off. Pocket is available for major devices and platforms including Firefox, Google Chrome, Safari, iOS, Android and Windows. For more information, visit www.getpocket.com/about.
Kimelman D.,IBM |
Kimelman M.,Independent Consultant |
Mandelin D.,Mozilla Corporation |
IEEE Transactions on Software Engineering | Year: 2010
IT system architectures and many other kinds of structured artifacts are often described by formal models or informal diagrams. In practice, there are often a number of versions of a model or diagram, such as a series of revisions, divergent variants, or multiple views of a system. Understanding how versions correspond or differ is crucial, and thus, automated assistance for matching models and diagrams is essential. We have designed a framework for finding these correspondences automatically based on Bayesian methods. We represent models and diagrams as graphs whose nodes have attributes such as name, type, connections to other nodes, and containment relations, and we have developed probabilistic models for rating the quality of candidate correspondences based on various features of the nodes in the graphs. Given the probabilistic models, we can find high-quality correspondences using search algorithms. Preliminary experiments focusing on architectural models suggest that the technique is promising. © 2010 IEEE.
Barton J.J.,IBM |
Odvarko J.,Mozilla Corporation
Proceedings of the 19th International Conference on World Wide Web, WWW '10 | Year: 2010
Juma A.,Mozilla Corporation |
Vahlis Y.,and curity Research Center |
Yung M.,Columbia University
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2012
Understanding and modeling leakage in the context of cryptographic systems (connecting physical protection of keys and cryptographic operation) is an emerging area with many missing issues and hard to understand aspects. In this work we initiate the study of leakage out of cryptographic devices when the operation is inherently replicated in multiple locations. This setting (allowing the adversary access to leakage at different locations) arises naturally in cases like protocols, where different parties activate the same cryptographic function, or in the case of a global service providers (like cloud operators) which need to replicate the cryptographic function to allow for accessible and responsive services. We specifically deal with the theoretical setting of "leakage resilient cryptography," (modeling leakage as a bound associated with algorithmic steps), and in the most general model of continual leakage on memory, randomness (and thus computation) with periods of operation and refresh of private keys between them. We first investigate public-key cryptography, and construct a multi-location leakage resilient signature scheme (with unbounded number of locations) with optimal (i.e., total n (1 - o(1)) leakage) in a period, and O(log n) leakage during updates (n is the key size). The new crucial issue behind our scheme is how to maintain leakage at each location at the level of key leakage in the single location variant, even under parallel adaptive leakage at the different locations. We then construct a shared-symmetric-key authenticated session protocol that is resilient to leakage on both the sender and the receiver, and tolerates O(log n) bits of leakage per computation. We construct and utilize a single-location pseudorandom generator which is the first to tolerate continual leakage with only an efficient pseudorandom function as a primitive component. This protocol highlights the importance of protocol level "per message synchronization" against leakage adversaries. Interestingly, the construction is secure in spite of the entire randomness used in the refresh processes being publicly available. © 2012 International Association for Cryptologic Research.
Frechette M.,Université de Sherbrooke |
Letourneau D.,Université de Sherbrooke |
Valin J.-M.,Mozilla Inc. |
Michaud F.,Université de Sherbrooke
IEEE International Conference on Intelligent Robots and Systems | Year: 2012
To demonstrate the influence of an artificial audition system on speech recognition and dialogue management for a robot, this paper presents a case study involving soft coupling of ManyEars, a sound source localization, tracking and separation system, with the CSLU Dialogue Management system. Trials were conducted in a laboratory and a cafeteria. Results indicate that preprocessing of the audio signals by ManyEars improves speech recognition and dialogue management of the system, demonstrating the feasibility and the added flexibility provided by ManyEars for a robot to interact vocally with humans in a wide variety of contexts. © 2012 IEEE.
News Article | March 2, 2017
Ozlo, the integrated knowledge platform powering the intelligent future, today unveiled its open index of knowledge about the real world. Ozlo immediately enhances today’s virtual assistants by giving them a knowledge base that accounts for the nuances of everyday life. Ozlo helps intelligent systems have conversations that continue markedly longer, convert more frequently into action, and improve customer loyalty overall. Today’s AI systems are intelligent, but they are brittle around the edges because they are trained to operate on hard facts alone. Ozlo’s platform represents facts alongside a probabilistic understanding of available opinions, assertions, beliefs, and judgments. Ozlo’s platform helps assistants understand and represent the contours of the real world. Until now, there has been no reliable, single source of knowledge that models the complexity of everyday life. “Today’s assistants are not street smart, so to speak,” said Charles Jolley, co-founder and CEO of Ozlo. “They fail us so often because they’re limited to reasoning about facts alone. Our customers use Ozlo to recapture lost intent and build loyalty. Why delegate your most lucrative queries to a list of ten blue links? Own your current domains. Open up new ones. Give your assistant more to talk about.” Ozlo’s index contains over two billion data points on topics ranging from movies to restaurants and bars to the smart home. “Representing real-world knowledge accurately is one of the hardest problems in computer science today,” said Mike Hanson, co-founder and CTO of Ozlo. “With our definitive knowledge index, you can think of our index as the standard basic training index for all of AI. Any virtual assistant anywhere can be instantly enhanced by ‘plugging in’ our index.” Ozlo is funded by Greylock Partners, Battery Ventures, and AME Cloud Ventures. The company was incubated out of Greylock and Battery while Jolley and Hansen were respectively in residence as entrepreneurs. The two initially set about building a stand-alone assistant, which became the company’s reference app. “Along the way we realized that an intelligent system is only as good as the knowledge base upon which it can reason,” said John Lilly, a Greylock Partner and Ozlo Board member who also served previously as COO, then CEO of Mozilla Corporation. “Ozlo is addressing the fundamental constraints of AI today. Ozlo will be an essential part of every AI stack moving forward.” Ozlo’s index is currently available via a series of three products, accessed as APIs, and priced by volume. 1. Data – Allows intelligent systems to extract meaning from data with over two billion entities and attributes. 2. Intent – Allows intelligent systems to recognize and fulfill user intent 3. Converse – Allows intelligent assistants to anticipate users’ likely next steps and deliver options that keep them engaged Ozlo can accommodate proprietary knowledge unique to a customer's’ business or worldview for an additional fee. To learn more or start leveraging our model of the real world in your intelligent system, please visit http://www.ozlo.com. Ozlo is the integrated knowledge platform powering the intelligent future. We help intelligent assistants have conversations that convert. There is no single source of knowledge that models the complexity of everyday life. Ozlo has built the first index to offer probabilistic assertions of truth alongside accepted fact. To learn more, please visit us at: http://www.ozlo.com.
Stenberg D.,Mozilla Corporation
Computer Communication Review | Year: 2014
A detailed description explaining the background and problems with current HTTP that has lead to the development of the next generation HTTP protocol: HTTP 2. It also describes and elaborates around the new protocol design and functionality, including some implementation specifics and a few words about the future. This article is an editorial note submitted to CCR. It has NOT been peer reviewed. The author takes full responsibility for this article's technical content. Comments can be posted through CCR Online.