Mozilla Taiwan 正體中文在地化

不小心漏了某一天的小秘訣嗎？沒關係，這邊整理了整月的 30 則小秘訣，讓您一次看個夠。

MozTW 2019 Privacy Month 活動，由 Mozilla India 提供原始內容，感謝 Adan SARKÖZY 協助中文翻譯、Irvin Chen 編輯、Huang-I Yang 協助本文整理。

#01

當在網站註冊時，在電子郵件欄填入 Gmail 的 帳戶名稱+網站名@gmail.com，如 jason+facebook@gmail.com 或 emily+ig@gmail.com 。

這樣信件能夠正常傳送到你的信箱，同時還能在收到垃圾郵件時，告訴你哪些網站外洩你的個資。免客氣 :)

（Yahoo 信箱的用戶，也可以到設定>信箱> 信箱分身地址，增加類似用途的分身信箱！）

Facebook Posts 、Twitter Posts

#02

好奇網路上能不能買到你的個人資料嗎？

Firefox Monitor 能幫你遍查過去 120 個資料外洩事件，看看其中有沒有你的電子郵件和帳號名稱；還能在網站發生資料外洩後快快警示你。

進入 Firefox Monitor 立刻檢查： monitor.firefox.com

介紹短片： https://youtu.be/rL53twJ-JJI

Facebook Posts 、Twitter Posts

#03

地方的螢幕都需要一組密碼。

Facebook Posts 、Twitter Posts

#04

更強固的密碼 = 更好的保護

數據指出：73% 的人在多個網站重複使用相同密碼，33% 的人從頭到尾都只用同一組密碼⋯⋯你的個人隱私有多重要，你的密碼就該有多牢靠。

學習如何選擇一組安全密碼
https://support.mozilla.org/zh-TW/kb/選擇更安全的密碼

Facebook Posts 、Twitter Posts

#05

別再用 j0hndoe1991 或 c@atain81 這種短而容易猜出來的密碼了，試試用幾個單詞組合成長句吧，容易記憶、難以猜測。

例如「television carpet window bucket magnet parliament scooter worldcup honey aeroplane plastic pendulum」（電視 地毯 窗戶 水桶 磁鐵 國會 機車 世界杯 蜂蜜 飛機 塑膠 鐘擺），就是一組長度為 99 個字的超安全密碼

超好記的，是吧是吧╰(〒皿〒)╯ #崩潰

Facebook Posts 、Twitter Posts

#06

幫你所有的帳號設定兩步驟驗證。

在登入服務時，兩步驟驗證透過額外的驗證條件來增強安全，讓駭客更難入侵你的帳號。

十個台灣常用服務的兩步驟驗證教學： https://www.playpcesor.com/2015/10/10.html

Facebook Posts 、Twitter Posts

#07

有太多複雜密碼，太難記住那些大小寫隨機字元了⋯⋯
試試密碼管理員程式吧！安全而且免麻煩。

這裡有一些開源的好選擇：
- BitWarden
- LessPass
- KeePass

還有 Mozilla 的實驗專案 Firefox Lockbox，正在 iOS 平台測試中

Facebook Posts 、Twitter Posts

#08

網路攝影機多年來一直是安全的顧慮，多數人都沒把它遮住。沒有比這更令人提心吊膽的事了。

連馬克·祖克柏都這麼做：遮住你的網路攝影機！
https://www.techbang.com/posts/54939-tape-webcam

Facebook Posts 、Twitter Posts

#09

你的電視正在分享你的個資嗎？

智慧型電視可以蒐集相當可觀的使用者資訊 — 來把它關掉吧！

消費者報告提供的教學：
https://www.consumerreports.org/privacy/how-to-turn-off-smart-tv-snooping-features/

Facebook Posts、Twitter Posts

#10

使用公共 WiFi 時，一直開著檔案共享很危險。跟著以下步驟，去設定中將其關掉；也順便關閉網路上的芳鄰，讓其它電腦更難找到你吧！

Windows — https://www.wikihow.com/Turn-Off-Network-Sharing-on-Windows

Mac — https://support.apple.com/zh-tw/guide/mac-help/mh17131/mac

Facebook Posts 、Twitter Posts

#11

手機裡的許多 app，都可以使用你的定位資訊，持續紀錄你的行蹤。當不需要定位服務的時候，就去設定中把它關閉吧。

- iOS: https://support.apple.com/zh-tw/HT207092

- Android: https://support.google.com/accounts/answer/3467281?hl=zh-Hant

Facebook Posts 、Twitter Posts

#12

線上生活的「#頭版原則」

不希望在報紙頭版看到的東西，就別貼上網。
慎選你的社群發文材料！

深入了解： https://www.wikihow.com/Avoid-Oversharing-on-Social-Media

Facebook Posts 、Twitter Posts

#13

當你上網時，廣告商隨時都在紀錄你的瀏覽頁面與發言。

立刻啟動 Firefox 的內容封鎖功能，保護你的個人隱私

https://support.mozilla.org/zh-TW/kb/tracking-protection-pbm

Facebook Posts 、Twitter Posts

#14

Firefox 幫助你救回你的隱私權。

這裡有許多可以幫你調教 Firefox 隱私功能的附加元件： https://addons.mozilla.org/zh-TW/firefox/collections/4757633/privacy-matters/?collection_sort=-popularity

Facebook Posts 、Twitter Posts

#15

當你寄信時，你會把信封黏起來。把你的資料加密正是同樣道理。
加密會把你的資料攪亂，讓不該讀的人（像是郵差）都無法偷看懂。

深入了解如何幫你的東西加密：https://www.wired.com/story/encrypt-all-of-the-things/

Facebook Posts 、Twitter Posts

#16

只上有鎖頭的 HTTPS 網站，確保你的資料在傳輸時經過加密。

立刻安裝 HTTPS Everywhere 擴充套件，幫助你避免上網時意外錯連到網站的未加密版本：

Firefox — https://addons.mozilla.org/zh-TW/firefox/addon/https-everywhere/

Chrome — https://chrome.google.com/webstore/detail/https-everywhere/gcbommkclmclpchllfjekcdonpmejbdp

Facebook Posts 、Twitter Posts

#17

你喜歡的網站上，有許多廣告跟追蹤器，時時搜集你的線上活動，儲存到它們為你所建的個人檔案庫。

安裝 uBlock Origin 套件，阻擋行為追蹤！

Firefox — https://addons.mozilla.org/zh-TW/firefox/addon/ublock-origin/

Chrome — https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm

Facebook Posts 、Twitter Posts

#18

定期清除 Cookie，或使用 Firefox 隱私瀏覽模式，保護你的資料安全。

- Ron vs. Online Privacy 小短片： https://youtu.be/8xn1rO1oQmk

- 如何刪除 Cookie： https://support.mozilla.org/zh-TW/kb/delete-cookies-remove-info-websites-stored

Facebook Posts 、Twitter Posts

#19

用用看 Linux 吧！它是一個免費／開放原始碼的電腦作業系統，你對它擁有絕對的控制權。它可以加密你的硬碟、擁有設定簡單的防火牆、以及其他不為人知 (?) 的保護機制。

Facebook Posts 、Twitter Posts

#20

收到銀行或社交網路來信中要求登入很意外嗎？

詐騙警告！！

不要隨意點開信中的登入連結，因為那可能是假冒的。如果需要登入網站，直接開新分頁，再於網址列輸入或搜索該公司的網址就好。

Facebook Posts 、Twitter Posts

#21

忽然接到電話、電郵、簡訊，詢問你登入帳密或 PIN 碼嗎？

給我停！不准回覆！
請改打該服務的客服電話回報問題。

Facebook Posts 、Twitter Posts

#22

你我都重度使用 Google 的服務，來檢查一下我們分享的資訊：去 https://myaccount.google.com 來設定有哪些你的資料可被 Google 蒐集並分享吧。

Facebook Posts 、Twitter Posts

#23

如果你有戴著健康手環或運動錶，注意它可能正在廣播你的心跳等敏感資訊。不需要時，可關閉網路和藍芽來停止它。

進一步了解心跳帶等運動偵測器訊號廣播：
t.me/moztw_general/100092
t.me/moztw_general/100093
t.me/moztw_general/100094
t.me/moztw_general/100095

Facebook Posts 、Twitter Posts

#24

確保你所有的社交媒體都設為「僅限朋友觀看」，這是縮減你個人網路上敏感資訊，最基礎的一步。

如何保護你的社交媒體帳號？

- 隱私設定：檢查每一個社交平台的隱私設定，減少你的線上公開足跡。
- 密碼管理：建立強而複雜的密碼，時常變更。
- 有意識地分享：謹慎選擇你要在社群媒體上分享的資訊。
- 兩步驟認證：啟動雙因子認證，就算密碼被偷也能提供你第二重的保護。
- 第三方套件：許多廠商開發社群平台的非官方軟體。平台無法確保他們的安全，因此請選擇具有良好評價的套件。

Facebook Posts 、Twitter Posts

#25

使用 Firefox Focus — 免費、快速、使用簡易、保護隱私的手機瀏覽器。沒有選單、沒有彈出視窗，最棒棒的是，它會自動封鎖廣告與追蹤程式！

https://www.mozilla.org/zh-TW/firefox/mobile/

Facebook Posts 、Twitter Posts

#26

正在找尊重你的隱私，不會追蹤你的搜尋引擎嗎？ DuckDuckGo 給你： https://duckduckgo.com

Facebook Posts 、Twitter Posts

#27

我們都想在上網時保有隱私。我們希望資料能加密傳輸，並且難以被人追蹤。好，這些都是使用 Tor 的好理由。試試看吧 😊

https://www.torproject.org/download/download.html.en

Facebook Posts 、Twitter Posts

#28

我們對待線上生活的態度，總是與現實生活有點不同。Mozilla 的 IRL Podcast 廣播節目，透過網路上的故事來討論這種不一致，也分享影響所有人的線上議題。

立刻收聽： https://irlpodcast.org

Facebook Posts 、Twitter Posts

#29

檢查一下你提供給手機軟體的權限吧。

Android 的步驟： https://support.google.com/googleplay/answer/6270602?hl=zh-Hant

iOS 的： https://support.apple.com/zh-tw/HT203033

Facebook Posts 、Twitter Posts

#30

學習網路隱私的知識，與你的家人與朋友們分享，並且使用 Firefox，一起讓網路瀏覽變得越來越安全，也是保護你個人的最佳方式。

到此重新複習所有小秘訣，然後立刻分享出去吧！

Facebook Posts、Twitter Posts

#PrivacyMonth #MozTW4Privacy

歡度隱私月，整月的小秘訣與您分享！ was originally published in moznewszh on Medium, where people are continuing the conversation by highlighting and responding to this story.

Mozilla 與 HTC 於 CES 公布 HTC Vive 系列 VR 頭戴式裝置將預載 Firefox Reality 作為預設瀏覽器。

Firefox Reality Becomes Default Browser on HTC Vive Headsets, Makes Jump to Desktop

HTC Vive 將預載 Firefox Reality 瀏覽器 was originally published in moznewszh on Medium, where people are continuing the conversation by highlighting and responding to this story.

Partnering with Law Firms Committed to Diversity and Inclusion - Mozilla Stands for Inclusion

這是重要的一小步。我們改變的行動不應該只限於公司內部。
 — Amy Keating, General Counsel at Mozilla

Mozilla 與其他 170 個私人與上市公司、新創團隊與非營利組織在日前共同簽署給法律領域的公開信，承諾將會將顧問相關預算，運用在已建立多元與包容文化的法律顧問公司 was originally published in moznewszh on Medium, where people are continuing the conversation by highlighting and responding to this story.

Vote for Irvin

Hi Rep,

I’m Irvin, volunteer and rep mentor, from East Asia, Taipei, Taiwan.

I’d join Rep since spring 2013, the very beginning of the program. I’d been Mozilla volunteers even longer, as early as 2004, since my first year in college.

We all feel that the internet is so important to keep healthy, and Mozilla plays a significant role. We all want Mozilla to be strong and great. We dedicate our time for it, and Rep program can help us to do our best.

That’s why I’d like to run for Rep council.

There are no perfect projects, and I believe sometimes you also feel as difficult as I do on rep program, and on Mozilla. I feel less motivated, unclear directions, helpless issues, and we’re losing so many people, recently.

I believe that, we can fix the problem, by making Rep not only Representative of Mozilla, but also the representative of Mozillians.

My first proposal, is to start a quarterly periodic survey for Rep, to understanding our ideas of Rep program, and our feelings of Mozilla projects.

As the core contributors, we can be the funnel for Mozilla to understanding our volunteer, more and deeply. We can become the bridge between the volunteers and paid-staff.

We can help volunteers to be heard and understood, we can start a more frequent communication, help engage each other, reduce problems, and strengthen the whole community.

Please vote for me on Rep council elections. If you have any questions, please ping me on Telegram Mozillians and Rep channel, or directly reply to the video.

Thanks.

Please do also check my answers to the nominee’s QA — 
https://discourse.mozilla.org/t/important-council-elections-spring-2018-nominee-q-a/27331/4

Run for Mozilla Rep Council was originally published in Mozilla related on Medium, where people are continuing the conversation by highlighting and responding to this story.

MOSS Q4: Supporting the Python Ecosystem - The Mozilla Blog

2017 年 Q4 的 Mozilla 開放原始碼支援專案（Mozilla Open Source Support program, MOSS）獲選者包含 Python 生態圈中重要的 Buildbot 與 PyPI。其他獲選則包含 Harfbuzz、Zappa、Tatoeba、Tor 專案的 Open Observatory of Network Interference 與 Commento 等專案獲得資助。

MOSS 專案仍持續接受提名中，另外也正接受開源碼專案申請安全檢核服務，詳情請查閱： https://www.mozilla.org/en-US/moss/

Mozilla 透過開源碼支援專案投資支持 Python 生態圈 was originally published in moznewszh on Medium, where people are continuing the conversation by highlighting and responding to this story.

Activity Stream 的目標是為 Firefox 使用者創造與歷史紀錄及書籤互動的全新方式，「假如用戶能更容易地回到最近觀看、儲存的頁面，使用者會更開心」。

經過數次的迭代，這個新分頁的新體驗，成功從 Test Pilot 畢業進入 Firefox Quantum (v57) 了。最終的新分頁體驗，包含可調整行數的常用網站、Pocket 推薦內容（目前為美、加、德國限定），以及來自書籤及瀏覽歷史的精選網站。

Firefox Quantum 的新分頁包含常用網站、推薦與精選內容

詳細的開發與測試過程歡迎閱讀下文

Graduation Report: Activity Stream

Activity Stream 的 Test Pilot 畢業報告 was originally published in moznewszh on Medium, where people are continuing the conversation by highlighting and responding to this story.

Mozilla 到底為什麼會用到一千兩百個員工還需要志工？

Mozilla 1200 名員工包含工程師（引擎、安全、可及性、在地化、基礎建設、雲端服務）、開發環境與開源工具（CI、測試、分析、資料收集⋯⋯）、新技術研發（例如 Rust/Servo）；設計師；網頁標準工作者；行銷、發布、使用者支援；企業營運（PR、法務、財務、經理）等等。

Maintaining An Independent Browser Is Incredibly Expensive

為什麼只是維護一個瀏覽器，一年需要三億美元。 was originally published in moznewszh on Medium, where people are continuing the conversation by highlighting and responding to this story.

(Chinese below, blogger link)

Updated: This method only works on Firefox 57.0 and died after 57.0.1

Because Firefox will start removing XUL interface and it’s related codes, Firefox Quantum (v57) begin to disable extensions developed with legacy (non-WebExtension) API.

It’s been a significant impact on my working environment, with 400+ tabs organizing in 28 groups with Tab Groups (formally Panorama), which is a must for me.

So I will stay on Firefox 56 as long as possible…

Well… I’m NOT staying in Firefox 56. There is actually a way to keep Tab Groups working in Firefox Quantum.

更新：本方法只適用於 Firefox 57.0，57.0.1 就失效嘍。

因為 Firefox Quantum (57) 開始陸續要移除 XUL 介面，因此正式把非 WebExtensions 的套件停用了。對我的整個瀏覽器環境，影響最大的是，用以組織 400 個以上分頁成為 28 個專案的 Tab Groups「分頁群組 / Panorama」即將無法使用。

所以我決定要死守 Firefox 56⋯⋯沒有啦，還是可以用啦，其實！

(My daily environment) Tab Groups is still working on Firefox Quantum

Here is how to make Tab Groups working in Firefox Quantum,

1. Download and install last Firefox 57 Beta (57.0b14) and open it.
2. Open about:config?filter=extensions.legacy.enabled In URL, double-click to set the value to true, restart Firefox 57 Beta.
3. Open Tab Groups page listed on AMO.
4. You’ll notice [+Add to Firefox] button is unclickable. Right-click on the button, choose Save Link As… to download .xpi file.
5. Drag & drop the .xpi file into Firefox window and install it. After installed, check for Tab Group icon shows up on top-right, to make sure it’s enabled.
6. Shutdown Firefox Beta, and open Firefox Quantum (v57).
7. You’ll notice Tab Groups working fine on Firefox Quantum!

經過這週的持續實驗，確認在 Firefox 57 釋出後，分頁群組仍然能（有條件的）運作。方法是：

1. 下載安裝 Firefox 57 最終 Beta (57.0b14)。
2. 打開 about:config?filter=extensions.legacy.enabled，點兩下將其值設定為 true，關閉重開 Firefox 57 Beta。
3. 打開 Firefox 擴充套件網站的 Tab Groups 頁面。
4. 你會發現「+新增至 Firefox」按鈕無法點擊。在按鈕上按右鍵，選擇鏈結另存新檔。
5. 將下載後的 xpi 檔拖拉到 Firefox 視窗上，就能正常安裝。
6. 待安裝完成之後，關閉 Firefox Beta，再打開 Firefox Quantum (v57) 正式版
7. 你會看到持續正常運作中的分頁群組！

I assumed it’s a bug and not a Feature. The process will cease to function soon after Firefox 58 release. Thanks for it to enabling the upgrade of my working profile to Quantum anyway.

After testing for few days, I notice that sometimes Tab Group will randomly disappear (with all tabs in other groups).

Don’t panic! You just need to close Firefox, reopen Firefox 57 Beta, go to AMO Tab Group page, and click [+Install to Firefox]. It will resume working after reinstalling addon, and your tabs will still there.

預期這個方法到 Firefox 58 應該就會失效（如果開啟 Firefox (v58) Beta，Tab Groups 會被再次停用）。雖然這應該是個 Bug 不是 Feature，不過還是感謝它能讓我的作業環境正式升級到 Quantum。

經過幾天測試，分頁群組偶而會失效。此時只要關閉 Firefox，重新開啟 Firefox 57 Beta，再到 AMO 上點選「+新增至 Firefox」即可恢復正常。

I’ll keep using Firefox Quantum (v57) until the most critical WebExtension API “Hiding & showing tabs” (Bug 1384515) landed, and successor of Tab Groups been giving birth.

The patch and proof of concept from Dietrich and :johannh had been uploaded for three months, but I’m not able to follow the long, long thread of comments on that bug recently.

接著應該會繼續用這個方式用 57.0 頂著，直到 WebExtension API 中最關鍵的「隱藏分頁」API 完成，並有人開發出分頁群組替代品吧。

（Patch 以及驗證概念的測試套件都提出三個月了，最近吵了一長串，看不懂是什麼狀況⋯⋯）

1384515 - Provide an API for hiding and showing individual tabs

Besides the above method, I’d also been tested Waterfox for last month. The current Waterfox is developed based on Firefox 55, and they planned to release ESR version based on Firefox 56 soon, with security patch backport from latest Firefox.

It may be another good choice, if you want to have Tab Groups, and not really care about the speed of Quantum.

在還未實驗出以上 Workaround 之前，我也測試了一個月的 Waterfox。該分支目前版本是 55.2.0，計畫近期要釋出基於 56 的長期版本，然後持續 backport 新版 Firefox 的安全性更新。如果不必然堅持要享受 57 的速度差異，也是一個可考慮的穩定選擇。

Waterfox - The free, open and private browser

Tab Groups + Firefox Quantum (v57) was originally published in Mozilla related on Medium, where people are continuing the conversation by highlighting and responding to this story.

(Cross-post from Mozilla Discourse and blogger)

What is the price for us to eliminating the reviewing queue with robots? (picture from Mozilla Wiki)

Most people don’t know that we’re now using an automatically-approval process on AMO for Firefox Add-on review (since mid. September), which means, our program will check for known problems and threats in new add-ons, and if not found, it will get published without any manual process.

Extension review wait times are about to get much shorter

The benefit is time. Some addon author already found that the reviewing process is incredibly quick, that it will get published in just a few minutes after uploaded new version.

However, the automatically approved system (which Chrome used for many years) had been considering harmful for general user, because it can be the routes for malware to get into user’s browser, and we can only stop and fix it after someone discovered and reported back, and cannot prevent in advance with current manual reviewing process.

And this bad part had ALREADY happened just in that week after the automatically review process up. Two weeks ago, we discover several add-ons had bound with mining codes on AMO. After some research, we found 7 add-ons with the same codes in the end.

/g/ - >bitcoin miner in firefox addons. >addons are aut - Technology - 4chan

Although the editor had banned them, the MALICIOUS ADD-ONs had already got into user’s computer. We didn’t know how many users were affected nor how many mal-addons left there in public.

Many people (including me) feel that AMO is not trustworthy anymore because of the potential threat. Without fully manual review, we need to assume that every add-on appears on AMO can be dangerous.

The manual review process had always been considering one of the better things Firefox’s eco-system over Chrome, that the reviewer will not only check for the malicious codes, but also help addon author to follow some best practice (eg., using the known version of libraries such as jQuery from official site).

And because of the manual reviewing process, we told general user that they need to be aware for Add-on installed from other sites, and they can trust the one listed on AMO.

With non-manual checking Add-ons (and the fact that dangerous code can be live there), we cannot trust any AMO add-ons now. Even for those been manual reviewed, because we just cannot tell which one had been check and which is not apart.

Even worst, some normal add-ons may be updated with malicious codes, been auto-approval and push into user’s browser with our auto-update mechanism anytime.

Many people are asking for purchasing the ownership of my add-ons from time to time in past, that they want to earn the profit by adding Ads to it. Guess what they want to do for now if they discover the change of reviewing process?

According to the discussion on AMO blog article, on IRC addon channel, Reddit, 4chan, Telegram and within above and below links, many contributors including volunteering reviewers, Add-on authors and users already raise the concern about safety and trust problem, before and after the change.

• Mozilla changes review process for Firefox WebExtensions - gHacks Tech News
• Mozilla needs to adjust new review process for Firefox add-ons - gHacks Tech News

They didn’t get the answers before the auto-approved enabling. And they saw the incidents happened. Besides removing those add-ons which been reported, there is still lack of any steps and strategies to prevent future incidents happening again.

My question is — How can we still convince users that Firefox eco-system is still TRUSTWORTHY? If even myself found it’s not trustful anymore.

Please join with me and represent your concern on the Discourse thread.

Concern about how add-on auto-review can hurt user's trust to Firefox

Concerning about how add-on auto-reviewing process can hurt user’s trust to Firefox was originally published in Mozilla related on Medium, where people are continuing the conversation by highlighting and responding to this story.

Page Shot 是最受歡迎的 Test Pilot 實驗項目，每日使用率高過其他功能兩倍以上；分享的流量持續成長，且也吸引非 Firefox 的用戶觀看。

Screenshots is Shipping in Firefox 56

經過 Test Pilot 測試的 Firefox 網頁抓圖分享功能「Page Shot」，正式在 Firefox 56 中以「Firefox Screenshots」名稱釋出。本文說明了 Test Pilot 時期的研究成果，與其在正式版中的功能差異。

Firefox Screenshots 的 Test Pilot 畢業報告 was originally published in moznewszh on Medium, where people are continuing the conversation by highlighting and responding to this story.