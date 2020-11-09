Language Selection

Mozilla: Tor Browser, CAs and Rust Shuffling on Microsoft's Servers

  • New Release: Tor Browser 10.5a3

    Tor Browser 10.5a3 for Desktop platforms is now available from the Tor Browser Alpha download page and also from our distribution directory.

    Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

  • Preloading Intermediate CA Certificates into Firefox - Mozilla Security Blog

    Throughout 2020, Firefox users have been seeing fewer secure connection errors while browsing the Web. We’ve been improving connection errors overall for some time, and a new feature called Intermediate Certificate Authority (CA) Preloading is our latest innovation. This technique reduces connection errors that users encounter when web servers forget to properly configure their TLS security.

    In essence, Firefox pre-downloads all trusted Web Public Key Infrastructure (PKI) intermediate CA certificates into Firefox via Mozilla’s Remote Settings infrastructure. This way, Firefox users avoid seeing an error page for one of the most common server configuration problems: not specifying proper intermediate CA certificates.

    For Intermediate CA Preloading to work, we need to be able to enumerate every intermediate CA certificate that is part of the trusted Web PKI. As a result of Mozilla’s leadership in the CA community, each CA in Mozilla’s Root Store Policy is required to disclose these intermediate CA certificates to the multi-browser Common CA Database (CCADB). Consequently, all of the relevant intermediate CA certificates are available via the CCADB reporting mechanisms. Given this information, we periodically synthesize a list of these intermediate CA certificates and place them into Remote Settings. Currently the list contains over two thousand entries.

    When Firefox receives the list for the first time (or later receives updates to the list), it enumerates the entries in batches and downloads the corresponding intermediate CA certificates in the background. The list changes slowly, so once a copy of Firefox has completed the initial downloads, it’s easy to keep it up-to-date. The list can be examined directly using your favorite JSON tooling at this URL: https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/intermediates/records

    For details on processing the records, see the Kinto Attachment plugin for Kinto, used by Firefox Remote Settings.

    Certificates provided via Intermediate CA Preloading are added to a local cache and are not imbued with trust. Trust is still derived from the standard Web PKI algorithms.

  • Robert O'Callahan: rr Repository Moved To Independent Organisation

    There have been no changes in intellectual property ownership. rr contributions made by Mozilla employees and contractors remain copyrighted by Mozilla. I will always be extremely grateful for the investment Mozilla made to create rr!

Games: Proton, Linux App Summit 2020 and More

  • Steam Play Proton 5.13-2 compatibility layer is out now with improved Direct3D 12 support | GamingOnLinux

    The Proton compatibility layer used with Steam Play on Linux has a brand new release out with Proton 5.13-2. This release follows on from some Release Candidate builds earlier this week, to clean up some issues after the big initial Proton 5.13-1 release that went up in the middle of October.

  • Proton 5.13-2 Released With A Variety Of Game Fixes, VKD3D-Proton 2.0

    In time for the weekend Linux gamers is an updated Proton release from Valve and CodeWeavers for powering Steam Play to enjoy the latest Windows games on Linux. Proton 5.13-2 is the newest version of this Wine 5.13 based software that combined with the likes of DXVK and VKD3D-Proton do a pretty darn good job at allowing modern Windows games to often run rather gracefully on Linux. Most notable with Proton 5.13-2 is pulling in VKD3D-Proton 2.0 in offering better Direct3D 12 on Vulkan support. VKD3D-Proton 2.0 should work with games like Death Strandling, Devil May Cry 5, Resident Evil 3, Metro Exodus, and others.

  • Check out Linux porter Ethan Lee show off how Linux games are built and packaged | GamingOnLinux

    You've heard a lot about various packaging systems on Linux from deb to rpm and the next generation with Snap and Flatpak, but what about how games get built and packaged up? Well, that's what Linux game porter Ethan Lee wanted to talk about and show off during the Linux App Summit 2020. Interestingly, it sounds like Ethan Lee put in their talk plan after seeing us announce the event. For those who aren't familiar with Ethan Lee you can check out their port portfolio here which shows just how many games they've shipped including the likes of: Streets of Rage 4 which just recently released, VVVVVV, Owlboy, FEZ, TowerFall Ascension, Dust: An Elysian Tail and a vast many more. Ethan Lee also created and maintains FNA, which is a reimplementation of the Microsoft XNA Game Studio 4.0 Refresh libraries.

  • Collabora give an overview of their work with Valve at the Linux App Summit 2020 | GamingOnLinux

    Interested in all the work the open source consulting firm Collabora are doing with Valve to help improve Linux gaming? We've got you covered. We've already been over a few bits of what they're doing together, like their Linux Kernel work that will hopefully be live with Linux 5.11 and also their work on the Steam Linux Runtime Container system. Collabora have been doing a lot of other work in the open source space too that we've been following, like the Monado runtime for VR and AR (XR) and their work on the Panfrost driver for Mali. During the Linux App Summit 2020, Collabora developer Vivek Das Mohapatra did a presentation giving a whistle-stop tour of their work to give an overview of all the bits and pieces. It's about 28 minutes, so it won't take you long to go through if you want a nice way to catch up.

Super Productivity is an extremely powerful To Do app for Linux

Being productive is not the same as being busy all the time. You can be productive in a smart way by optimizing the scarce time you have in your work. There are lots of theories on how to be productive in a sane and healthy way while still being able to deliver stuff. There are also all kind of supporting ideas to optimize your productivity and balance it with your physical and mental health, like Pomodoro timers and automated breaks. For me the basis for optimized productivity can be found in the Gettings Things Done (GTD) approach, that I already discussed in depth in one of my previous articles “How I manage my productive life in Linux“, which is inspired by the worldwide known and widely appreciated approach of David Allen, which he describes in his book “getting Things Done”. To optimize your productivity, one of the things that is important to realize is that it is better not to use your brain to remember things, but to develop new ideas. If you don’t have to remember everything, you have more room in your head to create things. Therefore it is very important to directly bring over your ideas to some kind of storage or second brain, so you can forget them for the time being, and come back to them later to organize, prioritize and plan these ideas into actionable items. You could say that the GTD method supports all of this. David Allen explains in his book five important steps that can help to set up and master your GTD workflow from idea to result, whch are Capture, Clarify, Organize, Reflect and Engage. Read more Also: Martin Michlmayr: beancount2ledger 1.3 released

today's howtos

  • How to root a Fairphone 3

    Before installing those kind of ROM (official or not) you must root your phone2.

    And, all the tutorials I found on the web drives me crazy. But I succeeded. There is how I made it, with more details as possible.

  • Hunting for Malicious Packages on PyPI

    About a year ago, the Python Software Foundation opened a Request for Information (RFI) to discuss how we could detect malicious packages being uploaded to PyPI. Whether it’s taking over abandoned packages, typosquatting on popular libraries, or hijacking packages using credential stuffing, it’s clear this is a real issue affecting nearly every package manager.

  • Everyone Talks About Insecure Randomness, But Nobody Does Anything About It

    I think machine learning provides the bridge here. The thought has hung in my mind for a few years, in fact; I've picked the brains of everyone I know remotely related to the field, and I've even hired some people to take a crack at it. So far, I haven't seen any prior literature suggesting that it's been possible or done, and nobody was really sure how to approach it. Finally, thanks to a generous grant from the Phil Brass Weird Ideas FoundationAKA DirectDefense who was happy to sponsor this research while I was not busy bug hunting for them! I was able to take a few weeks to think about it methodically.

    The rest of this blog is structured in a pretty straightforward way: I talk about how numbers are generated at random in a computer, then talk about how to transform that notion of randomness into a learnable problemA basic knowledge of machine learning, and especially gradient descent will be helpful for understanding some of my thought process through this blog.. Not surprisingly, I will then solve that problem, and propose a roadmap for how to continue chipping away at the distance between my current progress and a usable attack.

  • How to play Phasmophobia on Linux

    Phasmophobia is an indie survival horror video game released on Steam for Windows in September of 2020. In the game, the player takes control of one member of a group of ghost hunters as they hunt for ghosts. Here’s how to play it on Linux.

  • How To Install VNC Server on Ubuntu 20.04 LTS - idroot

    In this tutorial, we will show you how to install VNC Server on Ubuntu 20.04 LTS. For those of you who didn’t know, VNC (Virtual Network Computing) server is a free and open-source software which is designed for allowing remote access to the Desktop Environment of the server to the VNC Client whereas VNC viewer is used on the remote computer to connect to the server. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step by step installation of the VNC Server on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian based distribution like Linux Mint.

  • How to Install PowerShell 7.1.0 via Apt Repository in Ubuntu 20.04, 18.04 [Ed: Very bad idea and hard to see why anybody would wish to do this]
  • How To Remove Docker Images, Containers & Volumes - LinuxBuz

    Docker is an open-source tool that helps you to build, test and deploy the applications in the containerized environments. However, there are lots of unused containers, images, volumes and networks may reside in your system. They consume a significant amount of disk space of the host operating system. Docker does not remove those objects without clean up it manually. It is a good habit to clean up these unused disk space regularly and keep your system organized. Docker has several commands to clean up those unused objects.

This week in KDE: Tons of improvements to our core apps

A bunch of KDE apps received many lovely new features, bugfixes, and user interface improvements this week! And Plasma too, of course. Read more Also: KDE Sees A Number Of Fixes To Dolphin, Plasma On Wayland

