No More $10 Plan: Bitwarden Hikes Prices to Fund ‘Proactive’ Defense Features

Posted on by Martin Brinkmann

For years, Bitwarden held the undisputed title of the tech world’s best password manager bargain, offering top-tier password security for just $10 a year. But that era officially ended today.

In a major strategic shift, the open-source company announced an immediate price increase that sees its individual Premium plan rise to $1.65 per month—effectively doubling the annual cost—while the Families plan climbs to $3.99 per month.

Here is the old and new price comparison.

Old PriceNew Price
BasicFreeFree
Premium$1 per month
$10 per year		$1.65 per month $19.80 per year
Family$40 per year$3.99 per month
$47.88 per year
  • The free basic plan remains as is.
  • Premium nearly doubles to $20 per year.
  • Family increases by about $8 per year.

The company argues the hike is necessary to fund a transition from passive storage to “proactive” defense, rolling out new features like real-time vault health alerts, expanded encrypted storage, and an upcoming phishing blocker designed to stop attacks before they happen.

Here is an overview of the new security features that Bitwarden announced:

Real-Time Vault Health & Coaching

The new feature automates the security process of checking for weak or exposed passwords.

  • In-Vault Alerts: Bitwarden shows a risk-icon next to vault items if a password is weak, reused, or was found in a breach.
  • Password Coaching: The moment a user logs in a site with a weak or compromised password, Bitwarden will prompt them to change it and guide them through the process.

Phishing Blocker

Upgrades defenses against phishing attacks.

  • Proactive Blocking: Bitwarden will attempt to discern legitimate from phishing websites in order to block the latter before filling any credentials.
  • Protection Layer: Aims to stop credential theft before it happens.

Expanded Encrypted Storage

Bitwarden Premium and Family plan customers get five times more storage space under the updated plans. This gives each user five gigabytes of secure file storage space, which they may use to store digital copies of passports, backup codes, wills, and other sensitive documents or files.

Advanced Two-Step Login options

Here, users get two expansions to existing support:

  • More Hardware Keys: Users may register up to ten hardware keys, e.g., a Yubikey, with Bitwarden. This doubles the old limit of five hardware keys.
  • Passkey Support: Improved support for the password-less authentication standard.

Closing Words

Ultimately, this update signals Bitwarden’s growth from a budget-friendly utility into a comprehensive security suite.

While a 100% price jump may sting long-time loyalists, the new ~$20 annual cost remains nearly half the price of top-tier competitors like 1Password and Dashlane.

Bitwarden is softening the blow with a one-time 25% renewal discount for existing users, but the company is clearly betting that active phishing defense and expanded storage are worth the premium. The days of the $10 vault are gone; users must now decide if they are ready to pay double for a smarter, more protective Bitwarden, or if the service’s robust free tier is effectively all the security they need

Cloudy with a Chance of Freezing: The New Windows 11 Bug That’s Locking Up Your PC

Posted on by Martin Brinkmann

Imagine this: You’ve just finished a critical document or a long email, you hit “Save,” and suddenly—nothing. Your screen freezes, the cursor spins endlessly, and your application enters the dreaded state of “Not Responding.”

If this sounds like your week, you aren’t alone. A frustrating new bug in the latest Windows 11 update is causing freezes for users relying on cloud storage.

Microsoft confirms yet another bug

Will it ever end? Microsoft confirmed several bugs already that plague users who have installed the January 2026 update for Windows.

Today, Microsoft confirmed yet another issue and this one appears more widespread than the others.

  • The issue: Apps might become unresponsive when saving files to cloud-backed storage
  • Support page: Link
  • Affected systems:
    • Windows 11: Version 25H2, 24H2, 23H2
    • Windows 10: Version 22H2
    • Enterprise: Windows 10 LTSC 2021, Windows 10 LTSC 2019
    • Server: Windows Server 2019, Windows Server 2022, Windows Server 23H2, Windows Server 2025

Microsoft admits that the bug affects file operations, such as load or save, when cloud-storage is involved. Attempts to save files to OneDrive, Dropbox or other cloud storage services may trigger the issue. Similarly, opening files from cloud locations may also cause the freezes.

Microsoft writes:

For example, in some configurations of Outlook that store PST files on OneDrive, Outlook might become unresponsive and fail to reopen unless its process is terminated in Task Manager, or the system is restarted. In addition, sent emails might not appear in the Sent Items folder, and previously downloaded might be downloaded again.

The company says that it is working on a resolution. It does not have a universal workaround for affected users at the time of writing. While it has published a workaround for users who load Outlook PST files from cloud storage, it simply states that users should contact the application developer to learn about other access options.

I will update this article once there is a fix or a universal workaround. Keep you posted.

Intel’s Nightmare Arrives in Q2: NVIDIA to Launch High-Performance ARM Chips for Windows

Posted on by Martin Brinkmann

Intel’s and AMD’s nightmare has a release date. According to new reports, NVIDIA will debut its high-performance N1 and N1X consumer processors by Q2 2026, marking the company’s aggressive entry into the Windows laptop market.

The launch would end a long period of rumors and sets the stage for a major showdown, as NVIDIA attempts to replace traditional x86 CPUs with its own custom ARM architecture.

The report comes from the usually well-informed DigiTimes. Nvidia plans to release its first Nvidia N1X chip in notebooks in the first half of 2026 according to the report. DigiTimes reports further, that Nvidia has plans to release a second generation chip — N2/N2X — as early as the third-quarter of 2027.

Nvidia will follow the same business strategy that it has implemented for its graphics cards. It will create a reference design, which other manufacturers may customize.

It has been over a decade that Nvidia released a processor for Windows PCs. Back in 2013, Nvidia released the Tegra 4 processor for the Microsoft Surface 2 device, which ran on Windows RT 8.1.

We all know how this worked out. Windows RT was a colossal failure for Microsoft, in large parts due to its locked-down nature. Microsoft limited apps to the Windows 8 Store for the most part, which meant that users could not run any traditional Windows desktop apps on RT devices.

Windows on ARM has evolved significantly since the RT days. One of the main advantages of Windows 11 on ARM is support for classic Windows programs through emulation.

However, while Windows on ARM offers advantages in some fields, it does lag behind in others. Notably, it is gaming and legacy compatibility — think older PC hardware — that ARM has problems with.

For NVIDIA, the N1 launch represents unfinished business. More than a decade after the Surface 2 and the rocky Windows RT era, the company is returning to a landscape that has fundamentally changed.

The ultimate winners here are likely the consumers, as NVIDIA could provide the high-performance push that Windows on ARM needs to finally thrive. And while predicting the death of the x86 PC is premature, it is certain that Intel and AMD will be watching this release with bated breath.

Now it is your turn. Are your main systems still powered by AMD or Intel hardware, or do you use some with ARM processors already? Feel free to leave a comment down below.

Critical Bug: Latest Windows 11 Update Renders Outlook “Completely Unusable”

Posted on by Martin Brinkmann

Microsoft’s January 2026 Patch Tuesday update (KB5074109) is causing classic Outlook to hang, freeze, and fail to restart. Find out if your system is affected and how to restore functionality.

The first patch day of the year 2026 won’t go down in history as one of the smoothest. While system administrators expect minor inconveniences with each cumulative update, the January patch is taking things to the extreme: Microsoft already confirmed an insomniac bug and broken RDC functionality for some users.

Turns out, there is another issue that is plaguing users on Windows.

The Classic Outlook POP issue

Uninstalling the latest cumulative update for Windows 11 resolve the issue according to reports. However, doing so leaves the system open to attacks. One of the patches included in this month’s security update addressed a 0-day issue that is actively exploited.

  1. Go to Settings > Windows Update.
  2. Click on Update history.
  3. Scroll down and select Uninstall updates.
  4. Locate KB5074109 in the list.
  5. Click Uninstall and restart your computer.

Note: You may need to pause updates for a week to prevent Windows from automatically reinstalling it immediately.

If you do so, I recommend that you check the support page for updates to find out when the issue is fixed so that you may install the security update on the Windows machine again.

Other options include using different Outlook apps. Since Microsoft refers to classic Outlook as being broken, the new Outlook app and the Outlook mobile app for Android should continue to work as usually. Both support POP3, but require that the mail account is added to the program.

If switching from POP3 to IMAP is an option, this should also resolve the issue.

Emergency Patch: Microsoft Rushes Out Fix for Broken Remote Desktop Connections

Posted on by Martin Brinkmann

Just days after Microsoft released the first security updates for Windows, it is rushing out an out-of-bounds update to fix sign-in failures during Remote Desktop connections

It wouldn’t be a true Patch Tuesday if something didn’t break immediately after. If you spend the last days trying to figure out why Remote Desktop connection suddenly refuse to authenticate, you may be glad to hear that Microsoft acknowledged the issue yesterday.

Even better, the company released an out-of-bounds update on Saturday that addresses the issue.

Essential information

  • The issue: Microsoft notes that some Windows users “experienced sign-in failures during Remote Desktop connections”. The issue affected several Remote Desktop apps, including the Windows app.
  • Affected systems: Microsoft released updates for Windows 10 (KB5077796) and Windows 11, versions 24H2 and 25H2 (KB5077744)
  • Availability: Microsoft releases the update via Windows Update, Microsoft Update, and the Microsoft Update Catalog.

Administrators need to install the out-of-bounds update to fix the issue.

AI component updates included

While the main purpose of the update is to restore Remote Desktop connectivity, Microsoft has added several updated AI components to the update.

This affects the Windows 11 update only, as Windows 10 support is limited. Here is the list of components that are also updated when the patch is installed on a Windows 11 machine.

AI ComponentVersion
Image Search1.2511.1224.0
Content Extraction1.2511.1224.0
Semantic Analysis1.2511.1224.0
Settings Model1.2511.1224.0

Closing Words

The RDP issue is not the only one that Microsoft confirmed after the release of the January 2026 updates. Some Enterprise systems running Windows 11, version 23H2 were plagued by a shutdown bug that prevented the systems from shutting down properly.

Microsoft published a workaround — running the shutdown command from run or a command prompt — but no final fix for the issue at the time of writing.

The “Insomniac” Bug: Windows 11 Secure Launch Prevents Shutdown

Posted on by Martin Brinkmann

Secure Launch is keeping PCs awake. I explain why the latest patch broke the ‘Off’ switch and how to force a shutdown via CMD.

Microsoft released cumulative updates for Windows last week on the January 2026 Patch Day and fixed a critical security issue that is exploited in the wild.

Yesterday, Microsoft acknowledged that some Windows 11 devices are unable to power down after installing the KB5073455 security update.

When users try to shut down or hibernate affected machines, the devices simply restart instead.

Overview: The Secure Launch Shutdown Bug

Who is affected?

  • Operating system: Windows 11, version 23H2.
  • Target audience: Mostly Enterprise and IoT editions, as Home and Pro editions are no longer support. The Enterprise editions of Windows 11, version 23H2 will reach end of servicing this November.
  • Specific hardware: The bug is triggered only on devices with Secure Launch (System Guard Secure Launch) enabled.

Most home users and small to medium-sized businesses should not be affected by the issue.

The workaround

While Microsoft is fixing the underlying issue, it has published a workaround to fix the issue on affected systems.

Users who want to shut down the computer may run the following command from the command prompt: shutdown /s /t 0

Here are the steps:

  1. Open the Start menu.
  2. Type cmd.
  3. Launch the Command Prompt from the search results by selecting it.
  4. Paste shutdown /s /t 0 and press the Enter-key to execute.

Microsoft notes that it has no workaround currently for entering hibernation. The company recommends that users save all work regularly to avoid that work is lost when devices run out of power.

Windows and its Shut Down bugs: a trip down memory lane

Windows had a fair share of shut down related bugs over the years. The most notorious is a bug that plagued Windows users for nearly a decade before Microsoft finally fixed it in late 2025.

When users selected the update and shut down option from the Start menu, Windows would instead restart the system and load the login screen again. PCs would remain turned on until the user recognized the error.

Microsoft explained that the issue was caused by a race condition in the Windows Servicing Stack that caused the shutdown command to get “forgotten” during the update process.

Fast Start woes

Microsoft introduced Fast Start, also known as hybrid boot, in Windows 8. This new feature was designed to make the PC start up faster by using hibernation.

The problem was that older systems did not support this new hybrid state. This caused blue screens on some systems. The systems would reboot automatically to recover and this looked to the user as if shut down was broken.

This is no longer an issue on modern PCs, but on older PCs, system administrators could disable Fast Startup to resolve the issue.

Samsung’s Internet browser for Windows is now available worldwide, but should you get it?

Posted on by Martin Brinkmann

Samsung Internet for Windows is now available without regional restrictions. Here is an overview of the browser and my personal take on it.

Samsung Internet is a long-standing mobile browser that is installed by default on Samsung mobile devices. Samsung announced some time ago that it would expand the browser to the Windows operating system. First launched as a limited beta, it can now be downloaded by anyone.

What is Samsung Internet? The desktop version for Windows is a Chromium-based browser. This means that it shares the foundation with Google Chrome, Microsoft Edge, and many other browsers.

For Samsung, it is an attempt to bridge the gap between Samsung Galaxy mobile devices and Windows PCs. Without support for Windows, Galaxy users had to find another browser to sync data, such as passwords, between their mobile devices and desktop systems.

Since it is based on Chromium, it shares many traits with Google Chrome. It offers similar performance levels and web compatibility, and supports the installation of Chrome extensions from the official web store.

Samsung Internet: unique and noteworthy features

Here is an overview of the browser’s standout features. It should not come as a surprise that most are Samsung-specific.

  • Integrated ad-blocker and smart anti-tracking functionality.
  • Samsung account integration, including Samsung Pass. This syncs important data, such as passwords or biometric login data, between devices.
  • Galaxy AI feature support. The two main features that Samsung Internet for Windows supports right now are the creation of summaries and translations.
  • A design that mimics the One UI design of the Galaxy phones and tablets.

Is it your next browser (aka, who is it for?)

Samsung Internet offers better out-of-the-box privacy protections than Google Chrome. Users can enable ad-blocking and privacy protections right on start, which gives the browser an edge. Chrome users have to install a content blocker extension to get a similar level of protection.

The explanation for this is simple: Google is an advertising company primarily. It depends on advertising revenue and shipping Chrome with an integrated content blocker would torpedo its business significantly. This is the main reason why Chrome for mobile does not support extensions.

Samsung is a hardware company primarily. It makes money from devices and components that it sells and its focus is to keep users in its ecosystem. Users who are satisfied with the products are more likely to remain customers, that is why Samsung is using privacy as a premium feature in its browser.

Who is it for? Samsung Internet for Windows is designed for Samsung users. Users who already use the mobile version of the browser and work on Windows PCs as well. They benefit from the integration, as they may sync data directly to their Windows devices with the browser without relying on third-party browsers or software.

The browser is a hard sell for anyone else. While it does come with content blocking advantages over Chrome or Edge, it is easy enough to install a content blocker. it is also noteworthy that other browsers, including Vivaldi, Brave and Opera, do come with native content blockers as well.

Personal Intelligence: Google pivots Gemini towards an all-seeing AI

Posted on by Martin Brinkmann

Artificial Intelligence (AI) has been mostly reactionary up to this point: a user initiates a conversation or asks the AI to do something, and the AI reacts to the input.

AI agents will change that, but they too have limited knowledge. All of this is going to change with Google’s announcement of Personal Intelligence, which sounds like Microsoft’s Recall feature, but on steroids.

It marks a shift towards a deeply integrated AI, including into Android and ChromeOS. Unlike the Gemini app, which is mostly there to provide the user with information or create something for the user, Personal Intelligence is designed to know the user fully to provide a deeply personal experience.

  • When does it start? It is rolling out for Google AI subscribers in the United States already.
  • Opt-in or Opt-out? Personal Intelligence is opt-int.
  • Where can you use it? Across Web, Android, and iOS.
  • How does it work? The AI creates a local database of a user’s life that is based on emails, photos, calendar entries, messages, and application usage. It pulls data from various sources to know as much as possible about a particular user.

Google reveals that Personal Intelligence runs on Gemini Nano v3, which is optimized heavily for running on the neural processing units of Pixel 9 and Pixel 10 series devices. This allows it to process sensitive data on the device without the data leaving it at any stage of the process.

Unlike Gemini App, which is just a chat window for the most part, Personal Intelligence sees what the user sees on the screen. Furthermore, the AI may act on the user’s behalf with other apps.

Potential benefits for users

  • The AI you interact with knows as much about your life as you do, at least when it comes to online activity. You can ask it vague questions using natural language.
  • Personal Intelligence has capabilities to act on information. It can not only retrieve information, but also use information for actions.
  • A proactive context that anticipates needs. It may recommend to leave early if it notices that traffic is heavier than usually, knowing where you will be based on calendar entries.

Potential points of criticism

  • While Google emphasizes that sensitive data remains on the device, giving an AI full access to every pixel on the screen and your entire digital life is problematic, especially considering that Google is an advertising company first and foremost.
  • It remains to be seen how an all-seeing AI impacts a device’s battery life.
  • Even with access to personal data, AI may hallucinate, which means that it may return information that does not exist or run the wrong actions on the user’s behalf.
  • Personal Intelligence is also locked into Google’s ecosystem of apps and services for the most part, as functionality with third-party apps is limited at this point.

Closing Words

With Personal Intelligence, Google is offering an interesting and at the same time frightening proposition: a life that is more and more controlled and managed by AI, and in exchange for that, total access to the life of the user.

For now, users have the key in hand. They do not have to enable Personal Intelligence and when they do not, nothing changes. However, when they do, they will effectively allow Google access to their life, connect the dots, and know more about the user than their closest friends or family members.

I want to hear from you: Is on-device processing enough to earn your trust, or does the idea of Google ‘reading’ your screen still feel like a step too far? Let’s discuss in the comments.

New Year, New Zero-Day: The January 2026 Windows Patch Tuesday Breakdown

Posted on by Martin Brinkmann

If you were hoping for a quiet start to the new year, Microsoft has other plans.

The January 2026 Patch Tuesday is here, and it marks a heavy start to the year for system administrators. Microsoft has addressed a massive 114 vulnerabilities across its ecosystem, including eight critical flaws and a zero-day that require immediate attention.

While Microsoft released a large number of patches for its operating systems and services, it is CVE-2026-20805 that requires immediate attention. It is an actively exploited zero-day vulnerability in the Desktop Windows Manager (DWM) that is being used by threat actors to bypass security controls.

Add to that a “no-click” remote code execution flaw in Microsoft Office that is triggered by using the preview pane, it is clear that administrators have their hands full in the coming days to address these and others.

Beyond the security fixes, this month also brings some significant housekeeping: Microsoft is officially purging legacy Agere modem drivers from Windows images, marking the end of the road for decades-old hardware dependencies.

The January 2026 Patch Day overview

Executive Summary

  • Release Date: January 13, 2026
  • Total Vulnerabilities: 114
  • Critical Vulnerabilities: 8
  • Zero-Days (Actively Exploited): 1 (Desktop Window Manager)
  • Key Action Item: Administrators should prioritize patching CVE-2026-20805 (DWM) immediately, as it is being used in the wild to bypass security controls.

Important Patches

  • CVE-2026-20805 — Desktop Window Manager Information Disclosure Vulnerability
  • CVE-2026-21265 — Secure Boot Certificate Expiration Security Feature Bypass Vulnerability
  • CVE-2026-20952 — Microsoft Office Remote Code Execution Vulnerability
  • CVE-2026-20953 — Microsoft Office Remote Code Execution Vulnerability
  • CVE-2023-31096 — MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver Elevation of Privilege Vulnerability

Cumulative Updates

Product, VersionKB ArticleNotes
Windows 10, Version 22H2KB5073724ESU Only. Security updates. Removes old modem drivers (Agere).
Windows 11, Version 24H2KB5074109Security updates and non-security changes. Removes old modem drivers (Agere).
Windows 11, Version 25H2KB5074109Security updates and non-security changes. Removes old modem drivers (Agere).

Deep Dive: The Critical Vulnerabilities

While the total count of vulnerabilities is high, administrators may want to focus their attention on three specific issues: a zero-day vulnerability that is exploited in the wild, “no-click” Microsoft Office exploits, and a major issue affecting in Secure Boot.

The Zero-Day: CVE-2026-20805 (actively exploited)

CVE-2026-20805 is an Information Disclosure vulnerability that allows a threat actor to read specific memory addresses from remote ALPC ports. While this does not allow the actors to run malicious code directly, attackers may exploit the vulnerability to bypass Address Space Layout Randomization (ASLR).

This may enable them to create other remote code execution exploits that target system components directly.

The “No-Click” Microsoft Office issue

CVE-2026-20952 and CVE-2026-20953 are use-after-free vulnerabilities that allow remote code execution. The danger comes from the fact that they do not require user interaction for execution.

They rely on preview panes, either in File Explorer or Outlook, to trigger exploits. An attacker would have to get a specially crafted Office document on the user’s computer. When a user views the file in a preview area, for example by selecting it in File Explorer, the exploit triggers.

The Secure Boot bypass

CVE-2026-21265 describes a Secure Boot issue. It is not a bug in code that can be exploited, but a cryptographic expiration issue. Secure Boot certificates issued in 2011 are set to expire later this year.

Installation of this update rotates the certificates ensuring that devices will continue to boot and won’t fail to boot once the old certificates expire.

Significant changes

Microsoft removes drivers for legacy Agere modems from Windows with this update. The modems have not been manufactured for a long time and the main reason for removal is a vulnerability CVE-2023-31096. Instead of patching the driver, Microsoft decided to remove the driver from Windows instead.

The removal affects Enterprise and industrial users for the most part. It can affect point-of-sale terminals or legacy fax servers that rely on Agere modem chipsets. These will no longer work when the update is applied.

A quick check of the Device Manager should reveal whether “Agere Systems” or “LSI” models are used.

WDS Hardening enters first phase

This is only relevant if Windows Deployyment Services (WDS) is used. Microsoft is hardening WDS. The company introduces new event logging and Registry controls to block unauthenticated deployment requests.

Starting this month, logging is enabled. Administrators may enforce the block, but it is not enabled by default. From April 2026 onward, Microsoft plans to enable “block by default”.

Companies that rely on unauthenticated imaging have until April 2026 to switch to authenticated deployment. There is also a new AllowHandsFreeFunctionality Registry key, which enables the old status quo.

First Steps: Your Patch Tuesday Strategy

  1. Patch the Zero-Day issue that is exploited in the wild immediately.
  2. Deploy updates to mitigate the “no-click” vulnerability in Microsoft Office.
  3. Make sure legacy modem hardware is not in use anymore.
  4. Ensure that boot loaders are updated before certificates expire.

Firefox 147 Just Dropped: 5 Features That Make It Worth Updating Today

Posted on by Martin Brinkmann

Not every monthly browser update feels like a milestone, far from it, but Firefox 147 is an exception to the rule. Released just a moment ago, on January 13, 2026, version 147 of the open source browser is not just another round of bug and security fixes — it is a comprehensive update that crosses some of the oldest items from the community’s wish list.

Whether you are a Linux user who has been waiting for 20 years for a cleaner home directory, a privacy advocate looking for improvements, or an AMD-GPU user who is now benefitting from decreased memory use and improved battery life during video playback.

Here are the five standout features in Firefox 147 that make this update essential.

Firefox 147 released. (Image credit: Mozilla)

Closing a privacy loophole in Safe Browsing

Mozilla Firefox uses Safe Browsing from Google for security checks. This checks visited URLs to make sure they are not on a list of dangerous addresses.

Up until now, Mozilla Firefox used V4 of Safe Browsing. Under this system, Firefox downloaded a database of hash prefixes from Google. This list included only the first four bytes of a hash and not the full addresses.

When a Firefox user visited a site in the browser, it compared the first four bits of the site’s hash against the list. If a match was found, it contacted Google servers to verify if the site was on the badlist (bad then), or not (collision, not bad).

The problem here was that Firefox had to contact Google for this. This meant that Google got to see the IP address of the user’s computer and the has prefix of the site.

While local first, it was not fully private because of that.

Version 5 makes a shift to Oblivious HTTP. This adds a third-party server between the browser’s request, and thus a user’s IP address, and the Google server. The third-party server sees the IP address of the user, but only the encrypted hash that is submitted.

Google on the other hand sees the hash, which it can decrypt, but not the user’s IP address.

Site isolation support in Firefox for Android

Site isolation was introduced in late 2021 for desktop versions of the Firefox browser. The main idea was to load each site in its own separate process to avoid certain forms of attacks or privacy issues.

Now, almost four years later, Mozilla is introducing site isolation on Android. Apart from improving security, site isolation should also improve the stability of the Firefox browser on Android.

Under the old system, a crash of a website could take down other tabs or even the whole browser. With site isolation in place, only specific tabs associated with the site will crash, while all other sites and the browser itself won’t be affected.

Local network protection in Strict Tracking Protection

Only a few legitimate services require access to local network resources when you browse the Internet. However, sites may abuse the option for certain tracking forms or attacks. Fingerprinting, for example, benefits from identifying other network devices that are connected to the same network.

Starting in Firefox 147, the browser blocks requests from public websites to private RFC 1918 IP addresses, when tracking protection is set to Strict mode. Nothing changes if tracking protection is set to standard mode, which is the default.

As usual, Firefox users have the option to override this for individual sites.

Zero-Copy Video benefitting video playback on AMD GPU systems

Zero-Copy Video is a rendering technique that is designed to eliminate unnecessary transfers of data between system memory (RAM) and the graphics card (VRAM). Introduction of the feature removes one of the biggest bottlenecks when it comes to media consumption, especially on Linux systems.

To better understand the new system, it is important to understand how the old system worked. Or, more precisely, what made the old process inefficient.

When watching a video in the browser, say a 4K video on YouTube, this is what happened:

  • The GPU decodes the compressed video file.
  • The browser copies the decoded image into system RAM for the webpage frame.
  • The compositor copies the image back to the GPU for it to draw the image on the monitor.

Under the new system, the browser is no longer copying the decoded image. Instead, the GPU gives the browser a pointer to the image in its VRAM.

The main effect: The video never leaves the VRAM. This reduces memory (RAM), CPU usage, and PCIe traffic significantly.

XDG Base Directory Support

For the past 20 years, Mozilla has placed the .mozilla folder in the home folder on Linux to store configuration files and data. This has been a major annoyance for Linux users for a number of reasons:

  • Using the .mozilla folder violated the XDG Base Directory Specification, which says that files should be split into three locations based on purpose, not one location (Configuration, Data, and Cache).
  • Backup issues, as it was difficult to separate important files, such as configuration files, from trash, such as cache.
  • Some programs needed special rules to include the Firefox configuration, e.g., third-party sync software.
  • Performance problems on Enterprise networks that mounted the home directories over a network.

This changes with the release of Firefox 147. Firefox will store config files in ~/.config/mozilla and data in ~/.local/share/mozilla going forward, which resolves the long-standing issue.

Closing Words

You can check out the full release notes of Firefox 147 here. There you also find a link to the included security fixes, which, fix several issues rate high or lower, but none that appears to be exploited in the wild already.