Mozilla to Start Prio Testing

Prio is a service, designed to protect the personal data of users in the collected statistics
31 October 2018   129

Mozilla representatives spoke about the principles of operation and the first results of testing the Prio service. The tool was developed at the Computer Science Department at Stanford University by Ph.D. Henry Corrigan-Gibbs and Professor Dan Boneh to protect the personal data of users in the collected statistics.

Most browsers and many other applications are equipped with mechanisms for collecting statistics. Thanks to the information received, developers can quickly respond to problems arising in the course of software operation by amending their product. As a rule, the user can decide for himself whether he wants the application to collect statistics on his device. However, for this to happen, he needs to be confident in his safety and anonymity.

Prio works on the principle of information sharing. Software developers do not need individual data of each user, sufficiently collected and processed anonymous statistics. Prio divides the data collected by the application into several parts and sends it to different servers. Separation is carried out in such a way that each individual part does not carry meaningful information. To gain access to the data, attackers will have to hack all the servers in the system.

Mozilla engineers suggest using additional servers owned by a third party. Personal data of the user will be under threat only in case of bad faith or negligence of all participants in the scheme.

The servers in the network process the received information and give anonymous statistics to software developers. As an example, the creators of the system lead the collection of data on the location of users. Prio receives data on the location of each device, but even the owners of servers do not have access to this information. Software developers receive processed information showing the overall distribution of users on the map.

Mozilla has already started testing a new tool. Data collection using Prio is carried out in parallel with the work of Telemetry, the standard system of the Firefox browser. The statistics obtained from both tools is verified. For six weeks of testing, developers have eliminated several problems, and now the data collected by the two systems completely coincide. The creators of Firefox are planning a few more months of testing.

In the current research phase, developers are not ready to state where and how Prio will be applied. This decision will be made based on the results of the final testing.

It is difficult to say how long it will be before the implementation of the security technology created at Stanford in the software. A known vulnerability in the password manager of the Firefox browser has remained untouched for nine years.

KDevelop IDE 5.3 to be Released

Version 5.3 fully supports KDE 5 development, including with the Clang compiler
15 November 2018   62

An update of the KDevelop integrated development environment has been released. Version 5.3 fully supports KDE 5 development, including with the Clang compiler. The project uses the KDE Frameworks 5 and Qt 5 libraries.

Key improvements and new features:

Improved C++ support:

A lot of work was done on stabilizing and improving our clang-based C++ language support. Notable fixes include:

  • Clang: include tooltips: fix range check. 
  • Allow overriding the path to the builtin clang compiler headers.
  • Always use the clang builtin headers for the libclang version we use.
  • Group completion requests and only handle the last one. 
  • Fix Template (Class/Function) Signatures in Clang Code Completion. 
  • Workaround: find declarations for constructor argument hints. 
  • Clang: Improve argument hint code completion. 

Improved PHP language support:

  • Much improved support for PHP Namespaces
  • Added support for Generators and Generator delegation
  • Updated and expanded the integrated documentation of PHP internals
  • Added support for PHP 7's context sensitive lexer
  • Install the parser as a library so it can be used by other projects (currently, umbrello can use it) 
  • Improved type detection of object properties
  • Added support for the object typehint
  • Better support for ClassNameReferences (instanceof)
  • Expression syntax support improvements, particularly around 'print'
  • Allow optional function parameters before non-optional ones 
  • Added support for magic constants __DIR__ and __TRAIT__

Improved Python language support

The developers have been concentrating on fixing bugs, which already have been added into the 5.2 series.

There are a couple of improved features in 5.3:

  • Inject environment profile variables into debug process environment.
  • Improve support for 'with' statements.