Language Selection

English French German Italian Portuguese Spanish

Web

Brave Web Browser 1.20.108 Is Released With Fix For Major Security Flaw In Private Tor Windows

Filed under
Web

Several recent version of the Brave Web Browser have had a very unfortunate DNS-leak flaw in the "private" Tor-based browsing feature. The latest version 1.20.208 has a new version of the Chromium core it is based on (88.0.4324.182), a fix for DNS leaks in supposedly "private" web browser windows and two fixes specific to macOS. You should upgrade if you rely on Brave for "private" web browsing or use it to access Tor onion sites.

[...]

You should upgrade and ensure that you are using version 1.20.108 or newer if you occasionally use the Brave Web Browser to access Tor onion sites or rely on it's "private" Tor-browsing mode for anything even remotely critical. You can acquire the latest version from brave.com.

Read more

3 Best Free and Open Source Web-Based XMPP Clients

Filed under
OSS
Web

XMPP (also known as Jabber) is an open and free alternative to commercial messaging and chat providers. It is a secure battle-tested protocol developed by an independent standards organization.

XMPP was designed for real-time communication, which powers a wide range of applications including instant messaging, presence, media negotiation, whiteboarding, collaboration, lightweight middleware, content syndication, EDI, RPC and more.

The “X” in XMPP stands for “Extensible”, which means the core protocol is updated and extended with more features through a transparent process at the non-profit XMPP Standards Foundation every now and then. This results in some clients not implementing every feature of XMPP; for example, a typical instant messaging client won’t implement Internet-of-Things functionality.

Read more

John Goerzen: Recovering Our Lost Free Will Online: Tools and Techniques That Are Available Now

Filed under
Web

As I’ve been thinking and writing about privacy and decentralization lately, I had a conversation with a colleague this week, and he commented about how loss of privacy is related to loss of agency: that is, loss of our ability to make our own choices, pursue our own interests, and be master of our own attention.

In terms of telecommunications, we have never really been free, though in terms of Internet and its predecessors, there have been times where we had a lot more choice. Many are too young to remember this, and for others, that era is a distant memory.

The irony is that our present moment is one of enormous consolidation of power, and yet also one of a proliferation of technologies that let us wrest back some of that power. In this post, I hope to enlighten or remind us of some of the choices we have lost — and also talk about the ways in which we can choose to regain them, already, right now.

I will talk about the possibilities and then go into more detail about the solutions.

[...]

Back in the late 90s, I worked at a university. I had a 386 on my desk for a workstation – not a powerful computer even then. But I put the boa webserver on it and could just serve pages on the Internet. I didn’t have to get permission. Didn’t have to pay a hosting provider. I could just DO it.

And of course that is because the university had no firewall and no NAT. Every PC at the university was a full participant on the Internet as much as the servers at Microsoft or DEC. All I needed was a DNS entry. I could run my own SMTP server if I wanted, run a web or Gopher server, and that was that.

There are many reasons why this changed. Nowadays most residential ISPs will block SMTP for their customers, and if they didn’t, others would; large email providers have decided not to federate with IPs in residential address spaces. Most people have difficulty even getting a static IP address in the first place. Many are behind firewalls, NATs, or both, meaning that incoming connections of any kind are problematic.

Do you see what that means? It has weakened the whole point of the Internet being a network of peers. While IP still acts that way, as a practical matter, there are clients that are prevented from being servers by administrative policy they have no control over.

Imagine if you, a person with an Internet connection to your laptop or phone, could just decide to host a website, or a forum on it. For moderate levels of load, they are certainly capable of this. The only thing in the way is the network management policies you can’t control.

Elaborate technologies exist to try to bridge this divide, and some, like Tor or cjdns, can work quite well. More on this below.

Read more

5 Free and Open Source Lightweight Alternatives to WordPress

Filed under
Server
Web

Now don’t get us wrong, WordPress is one of our favorite applications. With good reason, it’s a high quality, open source blog publishing application. It’s a mature and highly polished application with development starting in 2003, and it has an active community. The largest self-host blogging tool, a full content management system, which can be extended through thousands of widgets, plugins, and themes, is a good fit for many projects. The software was born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL.

WordPress instantly springs to mind when any project is planned that needs a content management system. However, WordPress can be complicated, offering more bells and whistles than actually needed or wanted. While it’s always tempting to stick with familiar territory, this can actually stifle creativity and does not enhance an individual’s skill-set.

When embarking on a new project, there’s a lot to be said experimenting with new software. Fortunately, WordPress is not the only option. There’s a good range of lightweight open source content management systems ready to be deployed that can transform a web site.

Some of the content management systems featured in this article are well publicised, but there are many good management systems that you may not have heard of that are perfectly suited for small projects.

Here is our verdict with our recommendations. They are all free and open source goodness.

Read more

Also: HOWTO: Migrate from Ghost v3 to Squarespace

WordPress 5.7 Beta 3

Filed under
Server
Software
Web

This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with it.

Read more

Federated/Decentralised Communications With Movim and P2P VoIP

Filed under
Server
OSS
Security
Web
  • Movim | Basic Review & Beginner's Guide

    Once you read about Movim, immediately you will find about Xmpp. It is Jabber, also known as Xmpp, a secure, decentralized, and federated technology everyone can use to chat online existed strongly since 1990's. To give you how great Xmpp network is, actually when you use WhatsApp you use Xmpp, so does with Google Talk and Jitsi, so when you use those you are using Xmpp. To give you a few of its benefits, Xmpp is not controlled by a single company (so unlike Twitter) it is hard to shut down by anyone.


  • Daniel Pocock: Comparing private and peer-to-peer VoIP solutions

    One of the top questions people ask RTC developers around Valentine's Day is whether we finally have a private solution people can use to communicate with their partner.

    There is fresh attention on the issue this year after Twitter and other large providers flexed their muscles and demonstrated that they are more powerful than the US President.

    [...]

    Achieving independence from cloud services doesn't necessarily give you privacy. There are trade-offs to be made. John Goerzen recently published a blog about privacy issues in current P2P tools.

Brave and Mozilla: uBlock, Mozilla Localization and More

Filed under
Moz/FF
Web
  • Brave browser adds native support for uBlock and Fanboy annoyances lists and social list - gHacks Tech News

    Brave browser's built-in ad-blocker has been boosted by some additional options. The Chromium fork's Brave Shield now supports three popular privacy-friendly filter lists, namely uBlock Annoyances List, Fanboy Annoyances List and Fanboy Social List.

  • Mozilla Localization (L10N): L10n Report: February 2021 Edition
  • Hacks.Mozilla.Org: MDN localization update, February 2021

    Previously on MDN, we allowed translators to localize document URL slugs as well as the document title and body content. This sounds good in principle, but has created a bunch of problems. It has resulted in situations where it is very difficult to keep document structures consistent.

    If you want to change the structure or location of a set of documentation, it can be nearly impossible to verify that you’ve moved all of the localized versions along with the en-US versions — some of them will be under differently-named slugs both in the original and new locations, meaning that you’d have to spend time tracking them down, and time creating new parent pages with the correct slugs, etc.

    As a knock-on effect, this has also resulted in a number of localized pages being orphaned (not being attached to any parent en-US pages), and a number of en-US pages being translated more than once (e.g. localized once under the existing en-US slug, and then again under a localized slug).

  • Karl Dubost: Whiteboard Reactionaries

    I simply and firmly disagree and throw my gauntlet at Bruce's face. Choose your weapons, time and witnesses.

    The important part of this tweet is how Mike Taylor points out how the Sillycon Valley industry is a just a pack of die-hard stick-in-the-mud reactionaries who have promoted the whiteboard to the pinnacle of one's dull abilities to regurgitate the most devitalizing Kardashianesque answers to stackoverflow problems. Young programmers! Rise! In front of the whiteboard, just walk out. Refuse the tiranny of the past, the chalk of ignorance.

Developers Continue New Push With LibreOffice In The Web Browser Via WebAssembly

Filed under
LibO
Web

While there has been LibreOffice Online as a collaborative, web-based version of LibreOffice making use of the HTML5 Canvas for its UI, there hasn't been much activity there recently outside of the Collabora Online commercial variant. But developers are working on a current port of LibreOffice to the web browser using WebAssembly.

Developers Thorsten Behrens and Jan-Marek Glogowski presented at last weekend's FOSDEM Online 2021 on the work being done to port LibreOffice to work gracefully with WebAssembly for running the open-source office suite within the web browser.

Read more

Viper Browser: A Lightweight Qt5-based Web Browser With A Focus on Privacy and Minimalism

Filed under
Software
Web

Viper Browser is a Qt-based browser that offers a simple user experience keeping privacy in mind.

While the majority of the popular browsers run on top of Chromium, unique alternatives like Firefox, Beaker Browser, and some other chrome alternatives should not cease to exist.

Especially, considering Google’s recent potential thought of stripping Google Chrome-specific features from Chromium giving an excuse of abuse.

In the look-out for more Chrome alternatives, I came across an interesting project “Viper Browser” as per our reader’s suggestion on Mastodon.

Read more

The "snob RSS" Hall of (constructive!) Shame

Filed under
Web

It is half hilarious, half depressing, how many officially tech-savvy organisations advertise on their websites every possible way to follow them… as long as it is a non-portable, non-future-proof, intrusive walled garden. I am talking of those websites that never, never miss links and icons to their social accounts…

But never show in plain sight also a far better solution to follow them. A solution that, I am sure, they already have for free, courtesy of whatever website management system they may be using: the good, old, far superior Really Simple Syndication (RSS).

RSS is a much, much, MUCH better way to follow what one publishes online than Twitter, Facebook or any other social media. Because only RSS is unfiltered, not centrally tracked, free from addictive distraction and 100% usable from any device.

Read more

Syndicate content

More in Tux Machines

today's howtos

  • Encryption at Rest in MariaDB – Linux Hint

    Encryption-at-rest prevents an attacker from accessing encrypted data stored on the disk even if he has access to the system. The open-source databases MySQL and MariaDB now support encryption-at-rest feature that meets the demands of new EU data protection legislation. MySQL encryption at rest is slightly different from MariaDB as MySQL only provides encryption for InnoDB tables. Whereas MariaDB also provides an option to encrypt files such as redo logs, slow logs, audit logs, error logs, etc. However, both can’t encrypt data on a RAM and protect it from a malicious root. In this article, we will learn to configure database-level encryption for MariaDB.

  • How To Install ERPNext on CentOS | RoseHosting Blog

    ERPNext is a completely robust ERP framework intended for small and medium-sized businesses. It covers an extensive variety of features, including accounting, CRM, inventory, selling, purchasing, manufacturing, projects, HR and payroll, website, e-commerce, and more – all of which make it profoundly adaptable and extendable. ERPNext is developed in Python and depends on the Frappe Framework. It utilizes Node.js for the front end, Nginx for the web server, Redis for caching, and MariaDB for the database.

  • How To Find Out Which Groups A User Belongs To In Linux

    A Linux group is a collection of one or more users with identical permission requirements on files and directories. An user can be a member of more than group at a time. In Linux, each group information is stored in the "/etc/group" file. In this tutorial, we will see all the possible ways to easily find out which groups a user belongs to in Linux and Unix-like operating systems. Finding out the groups to which a user account belongs will be helpful in many occasions. For instance, the other day I was installing Dropbox on my Ubuntu server. When configuring Dropbox, I had to enter my current user name and the group name. You could also be in a situation where you need to identify the groups a user belongs to. If so, use any one of the following methods to know what group a user is in.

  • How Do I Perform a Traceroute on Linux Mint 20? – Linux Hint

    Traceroute is a very useful utility that is used to track the path that a packet takes to reach a destination within a network. It can also act as a tool to report network congestion. In today’s article, we will discuss different examples that will demonstrate the usage of Traceroute on Linux Mint 20.

  • How do I Completely Remove a Package in Linux Mint 20? – Linux Hint

    The task of removing an installed package from any operating system can surely be a hassle if handled carelessly. It is because whenever you attempt to remove a package, you expect it not to leave any of its traces behind. In other words, you want a clean removal of the desired package. However, such a complete removal cannot be achieved without taking certain measures. That is why today’s article will be focused on the method of completely removing a package in Linux. Note: The method that we have attempted and shared with you in this article has been performed on a Linux Mint 20 system. However, the very same steps can also be performed on Ubuntu 20.04 and Debian 10.

  • How to Install Spotify in Fedora Linux – Linux Hint

    Spotify is a popular audio and video streaming service used by millions of people. Spotify is available for download on smartphones, tablets, and desktops for Windows, Mac, and Linux. Though Spotify works in Linux, this application is not actively supported, as it is on Windows and Mac. You can also enjoy Spotify on wearable gadgets. For example, if you have a Samsung smartwatch, you can listen to and control Spotify using the watch only. You need only install the app on your smartphone from the Play Store to start listening to tracks on Spotify. The free version of the application provides access to limited audio streaming services with advertisements. The premium service offers many features, including the ability to download media, ad-free browsing, better sound quality, and more. There are also other plans offered to specific individuals and groups. Spotify also supports various devices, such as Wireless Speakers, Wearables, Smart TVs, and Streamers.

  • How to Install Official Wallpaper Packs on Fedora? – Linux Hint

    Wallpapers are great for improving the user experience of any operating system. In the case of Fedora, one of its iconic features is the wallpapers it comes with. Every single Fedora release gets its own set of wallpaper, and these are some of the most anticipated components of any of its releases. In this guide, check out how to install official wallpaper packs on Fedora.

  • How to Reset Your Gnome Desktop to Default Settings

    Linux is a very versatile platform for not only power users, but also tweakers and tinkerers. With the rise of Linux desktop distros have come a whole new level of options for these users. Gnome is one of the most popular desktop environments on Linux and Ubuntu. The most popular desktop Linux distro now comes with Gnome out of the box following the shelving of Ubuntu’s Unity desktop environment. It, therefore, follows that there are countless ways to tweak your Gnome and make it truly yours.

  • How to Find Files Based on Timestamp in Linux

    The find command in Linux is used to search for files and folders based on different parameters. These parameters can be the filename, size, type of file, etc.

  • How to Delete Files Older Than Specified Days in Linux

    As you might already know, we use the rm command in Linux to delete files and folders. The filenames to be deleted have to be passed as arguments to rm. However, rm does not offer other options by itself, like deleting files based on timestamps. That’s the reason, we use the find command in Linux, which is used to search for files and folders based on different parameters. It is a complex command which can be used to search with parameters like the filename, size, type of file, etc. There is an option in the find command to search for files based on how old they are and today we will see how to use find and rm together to delete files older than the specified number of days.

  • How Can I Sudo Another User Without A Password? – Linux Hint

    In Linux platforms, a sudo user is a tool that implies “superuser do” to run various systems’ commands. A sudo user is typically a root user or any other user who has some privileges. To delegate important tasks like server rebooting or restarting the Apache server, or even to create a backup using the sudo command, you can use the sudo without having to enter the password again and again. By default, sudo user needs to provide some user authentication. At times, user requirements are to run a command with these root privileges, but they do not desire to type a password multiple times, especially while scripting. This is easily doable in Linux systems. In this article, we will check the method to sudo another user without entering their password.

  • How to configure Route53 with our DomainName to access a static website from S3 on AWS

    This article will help you with the steps to host a static website on S3 and redirect traffic from your subdomain to the static website on the S3 bucket. For this, you will need a domain purchased on AWS. Once you have the domain on AWS, you can create a subdomain and redirect requests from it to the S3 bucket.

  • How to install Zoom on Ubuntu, Lubuntu (latest version) using terminal

    What is zoom? Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, chat, and webinars. You can use free and payed versios.

  • How to install mutliple Ubuntu VMs using Multipass on Ubunut 20.04 - Linux Shout

    Multipass is a platform developed by Canonical to launch and run Ubuntu virtual machines while offering a user the ability to configure them with cloud-init like a public cloud. Here we learn how to install Multipass on Ubuntu 20.04 Linux and use the same to launch Virtual machine instance. Although when it comes to launching lightweight pre-built virtual machine images with just a command, Docker comes to mind, however, Multipass could be another option for those who love to work on Ubuntu Server. Yes, if you want to launch Ubuntu Linux command line server VMs instantly on Windows, Linux and macOS then cross-platform Multipass is one of the good options to consider.

  • How to use the sipcalc Linux command line tool | Enable Sysadmin

    The only network numbers I can keep in my head are now and always have been a Class C network with a 24-bit netmask, such as 192.168.1.0/24. I know there are 254 usable host addresses available with a broadcast address of 192.168.1.255, a gateway/router address of 192.168.1.1 or 192.168.1.254 (depending on who's running the network), and a human-readable netmask of 255.255.255.0. That's my standard network. After all, 254 hosts are enough for any subnet, right? Wrong. A few years back, I had to step outside of my standard 254 hosts per subnet scenario when I decided to use a 22-bit netmask (255.255.252.0) to get a 1022 usable address space. I knew little about this address space, and it was frustrating to try to search for the simple information that I needed without scrolling through forums with all the idle chatter and off-topic rhetoric. I guess some people just need a space in which to air their grievances about everything. I digress.

GhostBSD Review: Simple and Lightweight

Because there are so many different options out there for your free and open-source operating system, it can be hard to figure out what the best option is for you. Sifting between Linux distros is difficult – Debian and its derivatives, Ubuntu and its derivatives, Fedora, Arch, openSUSE, the list goes on. However, what if the best choice for you isn’t actually technically Linux? Here we review GhostBSD, a FreeBSD-based Unix OS designed for a simple desktop experience, to see if it’s the right fit for you. [...] The applications that are installed are all necessary. It’s exactly what you might expect to find in your typical lean open-source desktop OS configuration, with no frills and just the essential applications. There is not much to remark on with the user experience – it is a very simple and friendly version of the MATE desktop that’s designed to be light on system resources and simple to use. Overall, I think there is no way you could go wrong. Read more

Games: Predictions, Free Software, and Titles Developed on GNU/Linux

  • Thrilling Linux Gaming Predictions for 2021 - Boiling Steam

    Last week we reached out to the community at large with a simple question: What do you predict will happen in the world of Linux Gaming by the end of 2021? To make things a little more fun, we asked everyone to limit their Linux Gaming predictions to 5 items, and be as specific as possible as to what they expect to occur. We also asked everyone to work on their predictions individually to avoid any potential bias. Now, we are sharing with you all the predictions we received, from quite a few places across the world as you can see from the below map. The Linux Gaming Community knows no frontiers.

  • Team Cherry upgrade the excellent Hollow Knight with Vulkan for Linux | GamingOnLinux

    Team Cherry have given their excellent action-platformer metroidvania Hollow Knight a bit of an upgrade, which you can test out on Steam in a fresh Beta test. Not played it before? You're missing out. Hollow Knight is a classically styled 2D action adventure across a vast interconnected world. Explore twisting caverns, ancient cities and deadly wastes; battle tainted creatures and befriend bizarre bugs; and solve ancient mysteries at the kingdom's heart.

  • OpenLoco is a free and open source re-implementation of Chris Sawyer's Locomotion | GamingOnLinux

    Just like there's the awesome OpenTTD for fans of Transport Tycoon Deluxe, there's also OpenLoco for players who want to play through the classic Locomotion. Not a project we've covered here before it seems, so we're making that right today. Originally released back in 2004, it's actually a spiritual successor to Transport Tycoon but it was not as loved due to various problems with the original release. Perhaps though it can have a new life thanks to OpenLoco.

  • VRWorkout is a free and open source VR fitness rhythm game

    Well, that's certainly one way to get a bit more exercise in. Whatever helps right? No judgement here, I could probably do with a little more myself… It's built with the free and open source game engine Godot Engine, so not only is the source code open for the game itself it's properly open for anyone to put it together from the source and will remain so. Speaking about VRWorkout to us on Twitter, the developer mentioned they actually do develop for it on Linux but they use a Quest headset not supported on Linux so they have to work with that on Windows. Perhaps though, in time, Monado might break down that barrier.

  • Free and open source voxel game engine Minetest 5.4 is out, makes mods easier for users | GamingOnLinux

    Minetest, the Minecraft-like voxel game engine (and a basic game that comes with it) has a big new release out with Minetest 5.4.0 and it's worth trying again. As we covered before during the Release Candidate stage, one of the big features for users in this release is vastly easier modding with both small mod packs and entire games. Minetest had a way to browse and download them all directly in the game for a while, but now it will also actually download all the dependencies mods need - making it vastly easier to get what you want and then into a game. No more downloading one mod, then finding all the individual bits it needs.

GNOME 40 Beta Released for Public Testing, Here’s What’s New

As you already know, GNOME 40 will introduce a new Activities Overview design that promises better overview spatial organization, improved touchpad navigation using gestures, more engaging app browsing and launching, as well as better boot performance. But the GNOME 40 beta release is packed with many other goodies, including the ability to switch workspaces with Super+scroll on Wayland, the implementation of a Welcome dialog after major updates, improved fingerprint login support, better handling of a large number of window previews, on-screen keyboard improvements, support for handling monitor changes during screencasts, as well as integration of the clipboard with remote desktop sessions. Read more