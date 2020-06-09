Language Selection

Mozilla: Firefox Mistakes, Mozilla Politics, Outsourcing to Microsoft, and More

Moz/FF
  • Anti-cheat works on Linux, Firefox stumbles again, and HDR support - Linux news - September 2021 - Invidious

    This time, we have Red Hat hiring for HDR support on Linux, Firefox making more controversial decisions, and support for Linux from the major anti cheat providers, among a LOT of other linux gaming news.

  • Addressing gender-based online harms in the DSA [Ed: Mozilla spends money on politics and lobbying while firing actual engineers]

    Last year the European Commission published the Digital Services Act (DSA) proposal, a draft law that seeks to set a new standard for platform accountability. We welcomed the draft law when it was published, and since then we have been working to ensure it is strengthened and elaborated as it proceeds through the mark-up stage. Today we’re confirming our support for a new initiative that focuses on improving the DSA with respect to gender-based online harm, an objective that aligns with our policy vision and the Mozilla Manifesto addendum.

    An overarching focus of our efforts to improve the DSA have focused on the draft law’s risk assessment and auditing provisions. In order to structurally improve the health of the internet ecosystem, we need laws that compel platforms to meaningfully assess and mitigate the systemic risks stemming from the design and operation of their services. While the draft DSA is a good start, it falls short when it comes to specifying the types of systemic risks that platforms need to address.

  • MDN Web Docs at Write the Docs Prague 2021 [Ed: Mozilla does not mention the awful tragedy of outsourcing to to proprietary software of Microsoft, an attack on the Web itself]

    The MDN Web Docs team is pleased to sponsor Write the Docs Prague 2021, which is being held remotely this year. We’re excited to join hundreds of documentarians to learn more about collaborating with writers, developers, and readers to make better documentation. We plan to take part in all that the conference has to offer, including the Writing Day, Job Fair, and the virtual hallway track.

  • Superhero passwords may be your kryptonite wherever you go online [Ed: So Mozilla wants your passwords. Should you trust it?]

    A password is like a key to your house. In the online world, your password keeps your house of personal information safe, so a super strong password is like having a superhero in a fight of good vs. evil. In recognition of Cybersecurity Awareness month, we revisited our “Princesses make terrible passwords for Disney+ and every other account,” and took a look to see how fortified superhero passwords are in the fight against hackers and breaches. According to haveibeenpwned.com, take a look at the how many times these superhero passwords have showed up in breached datasets....

  • How to delete your jQuery Reject Plugin in 1 easy step.

    In my last post on testing Chrome version 100, I encouraged everyone to flip on that flag and report bugs. It’s with a heavy heart that I announce that Ian Kilpatrick did so, and found a bug.

    [...]

    Also, if you happen to work on any of the following 1936 sites using this script, you know what to do (pick option Roman numeral 3, just to be super clear).

  • The Mozilla Blog: Analysis of Google’s Privacy Budget Proposal [Ed: The person who wrote it receives his salary from Google via Mozilla]

    Fingerprinting is a major threat to user privacy on the Web. Fingerprinting uses existing properties of your browser like screen size, installed add-ons, etc. to create a unique or semi-unique identifier which it can use to track you around the Web. Even if individual values are not particularly unique, the combination of values can be unique (e.g., how many people are running Firefox Nightly, live in North Dakota, have an M1 Mac and a big monitor, etc.)

    This post discusses a proposal by Google to address fingerprinting called the Privacy Budget. The idea behind the Privacy Budget is to estimate the amount of information revealed by each piece of fingerprinting information (called a “fingerprinting surface”, e.g., screen resolution) and then limit the total amount of that information a site can obtain about you. Once the site reaches that limit (the “budget”), further attempts to learn more about you would fail, perhaps by reporting an error or returning a generic value. This idea has been getting a fair amount of attention and has been proposed as a potential privacy mitigation in some in-development W3C specifications.

  • Niko Matsakis: Dyn async traits, part 2

    In the previous post, we uncovered a key challenge for dyn and async traits: the fact that, in Rust today, dyn types have to specify the values for all associated types. This post is going to dive into more background about how dyn traits work today, and in particular it will talk about where that limitation comes from.

    [...]

    Early on in Rust, we debated whether dyn DoTheThing ought to implement the trait DoTheThing or not. This was, indeed, the origin of the term “dyn safe” (then called “object safe”). At the time, I argued in favor of the current approach: that is, creating a binary property. Either the trait was dyn safe, in which case dyn DoTheThing implements DoTheThing, or it was not, in which case dyn DoTheThing is not a legal type. I am no longer sure that was the right call.

Games: Debian GNU/Linux Experience, Godot 3.3.4, and Steam

  • Wine, Windows programs, and gaming on Debian GNU/Linux. The XBOX 360 controller is “just working” now!

    PC gaming, for me, is sort of a hit or miss thing. Even though Wine (If you’re feeling cheeky, the “Linux Subsystem for Windows”) and, for that matter, Steam with Proton, a Wine fork optimized for gaming, have advanced a lot. I use laptops, and the only way to get a GPU upgrade with a laptop is to buy a new laptop. (Well, external GPUs are becoming more of a thing, but I’m not really sure where the GNU/Linux support stands on that, and if it would mean a proprietary driver, no thanks anyway.) Anyway, even up to a couple of years ago, controllers under Wine were dicey and even getting an XBOX 360 controller to be recognized involved terrible hacks involving a userspace driver, blacklisting a kernel module (xpad), and then installing an XBOX 360 controller emulator program for Windows in Wine so you could map the output of the actual hardware to an emulated version of the controller, which would send it along to video games. What a pain in the ass! I mean, not as much of one as installing a GNU/Linux distribution in the 90s with winmodems and having to tell X your modelines, under pains and penalties of potentially frying your computer monitor. (How uncivilized!). Modern GNU/Linux should be no more difficult than a small tweak here, a tweak there, and you’re done. At it’s very worst, no problem is likely to come up that would be worse than something that could come up under Windows.

  • Maintenance release: Godot 3.3.4

    While we're busy working on both the upcoming Godot 4.0 and 3.4 releases (with a dev snapshot for 3.4 beta 5 available now), we still cherry-pick important bug fixes to the 3.3 branch regularly for maintenance releases (see our release policy). Godot 3.3.3 was released a month ago, and a handful of important fixes have been queued in the 3.3 branch since then. Most notably, users of the GDScript LSP in Visual Studio Code have been experiencing crashes in 3.3.3, which are fixed in this new Godot 3.3.4. Note: Version numbers can be confusing with three branches worked on in parallel - this release is 3.3.4, i.e. a maintenance update to the 3.3 branch. This is not the upcoming 3.4 feature release. Godot 3.3.4, like all future 3.3.x releases, focuses purely on bug fixes, and aims to preserve compatibility. It is a recommended upgrade for all Godot 3.3 users.

  • Steam Next Fest is live again with demos, livestreams and more | GamingOnLinux

    It's that time again! From now until October 7 you get to try out various new demos on Steam, watch developer livestreams and much more. This is another wonderful chance to test out various games before they see a full release. For the games included in the event, they are supposed to be releasing somewhere between October 7, 2021 and May 1, 2022 so even if you find something you like it might be a while before you get to see the full complete thing.

LLVM 13.0.0 Released, Work on LLVM 14.0.0 Starts

This document contains the release notes for the LLVM Compiler Infrastructure, release 14.0.0. Here we describe the status of LLVM, including major improvements from the previous release, improvements in various subprojects of LLVM, and some of the current users of the code. All LLVM releases may be downloaded from the LLVM releases web site. For more information about LLVM, including information about the latest release, please check out the main LLVM web site. If you have questions or comments, the LLVM Developer’s Mailing List is a good place to send them. Note that if you are reading this file from a Git checkout or the main LLVM web page, this document applies to the next release, not the current one. To see the release notes for a specific release, please see the releases page. Read more Also: LLVM 13.0 Released With Official Flang Binary Packages, Improved OpenCL Clang Support - Phoronix

today's howtos

  • How To Install Apache Maven on Debian 11 - idroot

    In this tutorial, we will show you how to install Apache Maven on Debian 11. For those of you who didn’t know, Apache Maven is a software project management and comprehension tool. Based on the concept of a project object model, Maven can manage a project’s build, reporting, and documentation from a central piece of information. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Apache Maven on a Debian 11 (Bullseye).

  • How To Install PIP on Debian 11 Linux – TecAdmin

    Pip is a popular package management tool for Python. It allows the Python developers to install and manage additional Python libraries in their applications. This is a similar application to nvm for Node.js and composer for PHP. Pip stands for Preferred Installer Program. Rather than a package management utility, Pip can create a completely isolated environment for the Python application. In this tutorial, you will learn about the installation of Pip on the Debian 11 Linux system.

  • How To Install Samba File Sharing Server on Linux System

    The Samba file-sharing server of the SMB, in short, is an open-source file-sharing server specially designed for Linux systems. It allows sharing files among client PCs from a hosted server. It’s not a conventional FTP server type server, and it does not require hosted files for the client users. You can use the Samba file-sharing server on Linux to access the Windows files over a network. Samba can be used for both personal and business usage. In Samba, users get both read and write permission for file accessing. They can change, revise, edit files over the server, and the changes go live immediately. In a word, using the Samba for sharing files with clients with access permission is hassle-free and strong in Linux.

  • How To Voice Video Calls on XMPP and Matrix Made Simple

    This tutorial explains how to quickly voice and video call with friends and family using XMPP and Matrix telecommunication services. This tutorial's aimed for people who want easy calls without technical knowledge especially school teachers and computing beginners. Thus, we will use Movim and Schildi via web browser so we can call everywhere both on desktop and mobile. Let's do it.

  • How to Access Clipboard (Copy & Paste) History in Ubuntu via GPaste | UbuntuHandbook

    For those doing copy & paste actions frequently in Ubuntu Linux, GPaste remembers the clipboard history and allows to find them easily via few click. The clipboard is the place to store the text, image, file path and all the stuff that you last copied (or cut). The content in clipboard will be overwritten once you do another copy & paste action. So, when you trying to find out what you’ve copied earlier, a clipboard manager will be helpful.

  • How to Install and Set Up PM2 on Linux Servers

    Deployment is one of the most crucial and conclusive stages of software development. A proper deployment strategy is vital in delivering the best experience to your users while utilizing your services efficiently. However, this process also brings its own set of challenges with it. Node.js, the open-source JavaScript runtime, is a popular choice for building the backend infrastructure of your application by allowing you to run JavaScript outside web browsers. But what if your Node.js application crashes in production? Find out how you can avoid such scenarios in this article.

  • How to enable server-side FastCGI caching with Nginx and PHP – VITUX

    Nginx is an open-source and high-performance web server that can be used to speed up content and application delivery. Nginx enhances security, improves scalability, and also can be used as a high availability load balancer. It can be used as a reverse proxy and one of the most important uses of Nginx is content caching. One of the best approaches is to use Nginx as content caching. In this article, we will discuss Nginx FastCGI content caching for better performance of websites.

  • 4 Ways to Hide Desktop Icons in Ubuntu - Make Tech Easier

    If hiding the top bar and side panel isn’t enough, and you want everything removed from your Ubuntu desktop, then you’d probably also like to get rid of those pesky icons on its surface. Read on to learn how you can hide desktop icons in Ubuntu.

Security Leftovers

  • Security updates for Friday

    Security updates have been issued by Debian (curl, krb5, openssl1.0, and taglib), Fedora (cifs-utils), SUSE (libqt5-qtbase and rubygem-activerecord-4_2), and Ubuntu (linux-raspi, linux-raspi-5.4 and linux-raspi2).

  • Baby’s Death Alleged to Be Linked to Ransomware [Ed: This happens on a much grander scale due to Microsoft]

    Access to heart monitors disabled by the attack allegedly kept staff from spotting blood & oxygen deprivation that led to the baby’s death. A U.S. hospital paralyzed by ransomware in 2019 will be defending itself in court in November over the death of a newborn, allegedly caused by the cyberattack. As the Wall Street Journal reported on Thursday, the baby’s mother, Teiranni Kidd, gave birth to her daughter, Nicko Silar, on July 16, 2019, without knowing that the hospital was entering its eighth day of clawing its way back from the attack.

  • A Hospital Hit by Hackers, a Baby in Distress: The Case of the First Alleged Ransomware Death

    When Teiranni Kidd walked into Springhill Medical Center on July 16, 2019, to have her baby, she had no idea the Alabama hospital was deep in the midst of a ransomware attack.

  • A Death Due to Ransomware

    What will be interesting to see is whether the courts rule that the hospital was negligent in its security, contributing to the success of the ransomware and by extension the death of the infant.

