Language Selection

English French German Italian Portuguese Spanish

Web

These Weeks in Firefox, Mozilla on Privacy, FSFE Blogs on Tor, Purism’s CEO Todd Weaver Testifies at California Congressional Privacy Commission

Filed under
Web
  • These Weeks in Firefox: Issue 53
  • Mozilla Future Releases Blog: Enhanced Tracking Protection Testing: Protecting users’ privacy by default

    Over the past couple of months since we announced that we would broaden our approach to anti-tracking we’ve been experimenting and testing Enhanced Tracking Protection, a feature that blocks cookies and storage access from third-party trackers. Recently, we published a set of policies that define which tracking practices will be blocked in Firefox, and a new set of redesigned controls for the Content Blocking section where users can choose their desired level of privacy protection. As the next step in our path to enable Enhanced Tracking Protection by default, this week we launched a study to observe how enabling this functionality for a group of Firefox users in our Release Channel would impact the online experience.

  • I am up to no good.

    am a user of “the darknet”. I use Tor to secure my communications from curious eyes. At the latest since Edward Snowden’s leaks we know, that this might be a good idea. There are many other valid, legal use-cases for using Tor. Circumventing censorship is one of them.

    But German state secretary Günter Krings (49, CDU) believes something else. Certainly he “understand[s], that the darknet may have a use in autocratic systems, but in my opinion there is no legitimate use for it in a free, open democracy. Whoever uses the darknet is usually up to no good.”

    [...]

    Instead of trying to ban our democratic people from using tor, we should celebrate the fact that we are a democracy that can afford having citizens who can avoid surveillance and that have access to uncensored information.

  • Purism’s CEO Todd Weaver Testifies at California Congressional Privacy Commission

    My name is Todd Weaver, and I think you’ll find I’m an unusual witness here today, while I may be sitting side-by-side with impressive privacy protection groups, I am here as the CEO of a rapidly growing technology company based in California.

    I am here calling for much stronger consumer privacy protections – starting with giving consumers the power to opt IN rather than opt OUT of sharing their personal data.

    I am here to tell you it’s time for California’s extraordinary tech industry to stop harvesting and “sharing” our most personal private data without our meaningful consent and knowledge.

    I am not here to tell you AB 375 (or stronger) protections are tough to implement, history is filled with wrongdoers complaining that doing right will put them out of business only to comply and thrive later. Incidentally, this same tech industry complained about Europe’s GDPR that certainly did not put them out of business.

    I am here to tell you the new law (or stronger) is easy to technically comply with – if we companies simply begin to honor our customer’s privacy rights and design our services to be privacy-protecting rather than privacy-exploiting.

gitgeist: a git-based social network proof of concept

Filed under
Development
Web

Are you tired of not owning the data or the platform you use for social postings? I know I am.

It's hard to say when I "first" used a social network. I've been on email for about 30 years and one of the early ad-hoc forms of social networks were chain emails. Over the years I was asked to join all sorts of "social" things such as IRC, ICQ, Skype, MSN Messenger, etc. and eventually things like Orkut, MySpace, Facebook, etc. I'll readily admit that I'm not the type of person that happily jumps onto every new social bandwagon that appears on the Internet. I often prefer preserving the quietness of my own thoughts. That, though, hasn't stopped me from finding some meaningfulness participating in Twitter, Facebook, LinkedIn and more recently Google+. Twitter was in fact the first social network that I truly embraced. And it would've remained my primary social network had they not killed their own community by culling the swell of independently-developed Twitter clients that existed. That and their increased control of their API effectively made me look for something else. Right around that time Google+ was being introduced and many in the open source community started participating in that, in some ways to find a fresh place where techies can aggregate away from the noise and sometimes over-the-top nature of Facebook. Eventually I took to that too and started using G+ as my primary social network. That is, until Google recently decided to pull the plug on G+.

While Google+ might not have represented a success for Google, it had become a good place for sharing information among the technically-inclined. As such, I found it quite useful for learning and hearing about new things in my field. Soon-to-be-former users of G+ have gone in all sorts of directions. Some have adopted a "c'mon guys, get over it, Facebook is the spot" attitude, others have adopted things like Mastodon, others have fallen back to their existing IDs on Twitter, and yet others, like me, are still looking.

Read more

WWW and OSS Leftovers

Filed under
OSS
Web
  • WWW = Woeful, er, winternet wendering? CERN browser rebuilt after 30 years barely recognizes modern web

    In preparation for next month's 30th anniversary of the proposal that gave us the world wide web, boffins at the behest of CERN have recreated the world's first web browser, and made it accessible as a modern web page.

    Created by Sir Tim Berners-Lee, the ur-browser, first called WorldWideWeb, and later Nexus, was built from Objective-C in 1990 on a NeXT workstation to display its maker's HyperText Markup Language.

    The browser's resurrection – click here to try it out – follows five days of hacking by an international team of nine developers, reunited after a previous effort to revive the original Line Mode Browser in 2013.

  • Web Design Survey Findings and Next Steps

    Now we need your help again! The main takeaway from the first survey was that developers and designers of every experience level want to better understand CSS issues like unexpected scrollbars and sizing. We’ve started researching and prototyping potential tool ideas for investigating specific types of CSS bugs, but we need your feedback to guide our work.

    Please take a moment with our quick single-page CSS Layout Debugging survey and help us rank the most time-consuming bugs. Your feedback will be immensely helpful in clarifying our plans in 2019 and beyond.

  • How donations helped LibreOffice and TDF in 2018

    Donations to The Document Foundation, the non-profity entity behind LibreOffice, help us to grow our community, share knowledge about the software (and its development), maintain our infrastructure, organise events and much more. The image below shows what was made possible in 2018, thanks to your generous donations – click for a larger version!

  • NomadBSD 1.2-RC2 released!

    The second release candidate of NomadBSD 1.2 is now available! We would like to thank all the RC1 testers who sent us feedback and bug reports. If you notice any problems, please let us know.

  • Mi 9 kernel source code available on launch day

    Xiaomi literally declared war against Samsung by setting the launch date of Mi 9 on the same day with Galaxy S10. The Chinese launch event by Xiaomi completed just now – Mi 9, Mi 9 Transparent Edition and Mi 9 SE are now official.

  • Bell Labs, Skunk Works, and the Crowd Sourcing of Innovation

    I’ve noticed that we hear a lot less from corporate research labs than we used to. They still exist, though. Sure, Bell Labs is owned by Nokia and there is still some hot research at IBM even though they quit publication of the fabled IBM Technical Disclosure Bulletin in 1998. But today innovation is more likely to come from a small company attracting venture capital than from an established company investing in research. Why is that? And should it be that way?

Software Code’s “Wayback Machine” Gets a Boost

Filed under
OSS
Web

Call it the Wayback Machine of code: a searchable open archive of software source code across iterations; from buggy beta versions, to sophisticated contemporary release.

Software Heritage is a non-profit initiative developed and hosted by the French Institute for Research in Computer Science and Automation.

Officially created in 2015, the project has been growing over the years. It now spans 5.6 billion source files from more than 88 million projects.

Software Heritage is itself built on open-source code. It gathers source files by trawling through repositories that developers uses to create and share code, such as Github, Gitlab, GoogleCode, Debian, GNU and the Python Package Index, with users able to trace detailed revision history of all the codebase versions that it stores.

Read more

Free/Open Source Software on IoT and the Net/WWW

Filed under
Web
  • Security Vulnerabilities Pose a Challenge to IoT/IIoT Mass Adoption

    Statista, a leading market and consumer data research firm, estimates that by 2020, the utilities, transportation and logistics, and discrete manufacturing industries are each projected to spend $40 billion on Internet of Things (IoT) platforms, systems and services. The next largest spending category will be business-to-consumer vendors, at $25 billion, while the health-care, energy and retail industries are each projected to spend north of $10 billion. These numbers add up to a significant investment in the IoT. In fact, the Boston Consulting Group predicts that the IoT market will reach $267 billion by 2020.

  • Decentralised IoT Network Gets Tencent Investment

    Wienke Giezeman is a man on a mission: since 2015, he’s been busy creating a decentralized LoRaWAN based internet of things (IoT) network which has no single owner and no single point of control. His goal is to make it easy for people to focus on the business value created by IoT, and not have to worry about the technology.

    Giezeman stood on the stage at his The Things Conference here earlier this month to announce some major breakthroughs that could just tip the balance for mass deployment of LoRaWAN devices and gateways. This includes a very low cost $69 indoor gateway, a generic software defined IoT node device incorporating multiple sensors, a security chip in conjunction with Microchip Technology, and a partnership with Tencent to accelerate LoRaWAN network expansion among the Chinese developer community.

  • Open IoT Network Adds Devices, Expands in China

    Giezeman stood on the stage at his The Things Conference here earlier this month to announce some major breakthroughs that could just tip the balance for mass deployment of LoRaWAN devices and gateways. This includes a very low cost $69 indoor gateway, a generic software defined IoT node device incorporating multiple sensors, a security chip in conjunction with Microchip Technology, and a partnership with Tencent to accelerate LoRaWAN network expansion among the Chinese developer community.

  • How Tim Berners-Lee's Inrupt project plans to fix the web

    Tim Berners-Lee wants to change the face of the internet he created. In September 2018, the father of the world wide web announced the launch of startup Inrupt, co-founded with cybersecurity entrepreneur John Bruce, which has as its mission “to restore rightful ownership of data back to every web user.”

    Since 2015, Berners-Lee has been working on a new web infrastructure called Solid, which rethinks how web apps store and share personal data. Inrupt aims to drive the development of the Solid platform and transform it from an innovative idea to a viable platform for businesses and consumers. “My group in the CSAIL [Computer Sciences and Artifical Intelligence Laboratory] Lab at MIT had been working on Solid for some years,” Berners-Lee says. “The initial goal of Inrupt is to add the energy and resources of a startup to the open-source efforts to make the Solid movement happen.”

    Over the past three decades, the web has evolved into something very different to Berners-Lee's original vision of openness, co-operation and creativity. Most of the data we put online is now siloed on the servers of companies like Google, Facebook and Twitter, and used to sell us as an audience for targeted advertising. We can download and delete our online histories, but we still can't easily move our data between services. “Innovation and value creation are choked by powerful forces whose focus is primarily on what generates profit or serves political agendas,”says John Bruce, who takes the role of CEO at Inrupt (Berners-Lee is CTO).

Here Is Why I Finally Switched To Firefox

Filed under
Web

The web browser market is an active war zone. You never know what can happen next. I am a guy who has always used Chrome. I’d never even bother using anything else. The first thing that I’d ever do on a new system is install Google Chrome. I would say I actively avoided even having to use anything else. I do install Firefox and opera but they are always used for separating my personal and work environment.

Read<br />
more

Session Sync - A nice session manager for Firefox Quantum

Filed under
Moz/FF
Web

Back in the good ole days, Firefox had a wealth of excellent, powerful extensions. Among them, Tab Mix Plus with a superb built-in session manager. Come Firefox Quantum (57 onwards) and WebExtensions, a lot of goodies have gone away, forever. We are left with diminished functionality.

One of the things that I've been hunting after the most is a flexible session manager akin to the old stuff, with the ability to manage multiple sessions in a smart, simple, elegant way. I think I've finally found an addon that does the trick. It's called Session Sync, and I'm happy enough to actually write a whole article about this.

Read more

16 Best Linux IRC Clients (Updated 2019)

Filed under
GNU
Linux
Software
Web

Internet Relay Chat (IRC) is a form of real-time Internet text messaging (chat) or synchronous conferencing. IRC was born during summer 1988 when Jarkko Oikarinen wrote the first IRC client and server when he was working in the Department of Information Processing Science at the University of Oulu, Finland. This system enables millions of people around the world to communicate in real time. While IRC has lost some popularity, IRCv3 looks interesting with some advanced client features such as instant notifications, improved security and more.

IRC is mainly designed for group communication in discussion forums, called channels, but it also allows one-to-one communication via private message as well as chat and data transfers via Direct Client-to-Client.

IRC is used for many different purposes such as obtaining technical support from developers and users, for conducting meetings and even for rolegaming.

Users typically connect to an IRC network using an IRC client. The client takes the raw IRC traffic and turns it into an easy-to-use interface.

Read more

curl 7.64.0 – like there’s no tomorrow

Filed under
OSS
Web

I know, has there been eight weeks since the previous release already? But yes it has – I double-checked! And then as the laws of nature dictates, there has been yet another fresh curl version released out into the wild.

Read more

Web Browsers: Chrome and Firefox

Filed under
Google
Moz/FF
Web
  • Firefox 65 takes a long time to close & high CPU usage

    Well, well, I've encountered a new, interesting and - ultimately - annoying problem. On one of my Windows machines, I upgraded Firefox to version 65. Then I noticed that the close sequence for the browser takes a very long time. Previously, this would be a very short thing - 1-2 seconds max. Now, it was taking a whole minute and eating one core worth of CPU. So I decided to dig into this issue more deeply and figure out whether this is something in my own setup or a fresh issue in Firefox.

    As always, the Internet wasn't very helpful. I had the usual slew of recommendations - update drivers, refresh this, refresh that. The worst kind of suggestions that completely ignore the problem or the reasons why it manifested. After all, if you don't understand the issue, making changes only masks the whole thing in the long run. To that end, I set about doing this the right way. Follow me.

  • Google Chrome 72 for Android Improves Privacy with Updated Incognito Mode

    Google released today the Chrome 72 mobile web browser for Android devices ahead of the desktop platforms (Linux, Mac, and Windows), an update that improves privacy and security.
    If you're a fan of the Google Chrome web browser and you use it on your Android smartphone or tablet, you should know that it's been updated to version 72.0.3626.76, a new stable release adding stability and performance improvements, as the company noted in the brief release announcement.

    To tackle various security and privacy issues that users have reported since previous updates, Google decided to update the built-in Incognito Mode of the Chrome web browser by making the media player controls and notifications incognito as well, which means that they're now invisible to the naked eye.

  • Chrome is right to remove the webRequest extension API

    …but the proposed declarativeNetRequest API isn’t a good replacement. So where does that leave us?

    Headline writers have had their fun over the last week playing on people’s mistrust of Google’s motivations and their governance of the Chromium web browser project. Despite the headlines: Google is not about to kill ad-blocking extensions in Chrome.

Syndicate content

More in Tux Machines

today's leftovers

  • Clear Linux Has A Goal To Get 3x More Upstream Components In Their Distro
    For those concerned that running Clear Linux means less available packages/bundles than the likes of Debian, Arch Linux, and Fedora with their immense collection of packaged software, Clear has a goal this year of increasing their upstream components available on the distribution by three times. Intel Fellow Arjan van de Ven provided an update on their bundling state/changes for the distribution. In this update he shared that the Clear Linux team at Intel established a goal this year to have "three times more upstream components in the distro. That's a steep growth, and we want to do that with some basic direction and without reducing quality/etc. We have some folks figuring out what things are the most desired that we lack, so we can add those with most priority... but this is where again we more than welcome feedback."
  • The results from our past three Linux distro polls
    You might think this annual poll would be fairly similar from year to year, from what distros we list to how people answer, but the results are wildly different from year to year. (At the time of the creation of each poll, we pull the top 15 distributions according to DistroWatch over the past 12 months.) Last year, the total votes tallied in at 15,574! And the winner was PCLinuxOS with Ubuntu a close second. Another interesting point is that in 2018, there were 950 votes for "other" and 122 comments compared to this year with only 367 votes for "other" and 69 comments.
  • Fedora Strategy FAQ Part 3: What does this mean for Fedora releases?
    Fedora operating system releases are (largely) time-based activity where a new base operating system (kernel, libraries, compilers) is built and tested against our Editions for functionality. This provides a new source for solutions to be built on. The base operating systems may continue to be maintained on the current 13 month life cycle — or services that extend that period may be provided in the future. A solution is never obligated to build against all currently maintained bases.
  • How open data and tools can save lives during a disaster
    If you've lived through a major, natural disaster, you know that during the first few days you'll probably have to rely on a mental map, instead of using a smartphone as an extension of your brain. Where's the closest hospital with disaster care? What about shelters? Gas stations? And how many soft story buildings—with their propensity to collapse—will you have to zig-zag around to get there? Trying to answer these questions after moving back to earthquake-prone San Francisco is why I started the Resiliency Maps project. The idea is to store information about assets, resources, and hazards in a given geographical area in a map that you can download and print out. The project contributes to and is powered by OpenStreetMap (OSM), and the project's entire toolkit is open source, ensuring that the maps will be available to anyone who wants to use them.
  • Millions of websites threatened by highly critical code-execution bug in Drupal

    Drupal is the third most-widely used CMS behind WordPress and Joomla. With an estimated 3 percent to 4 percent of the world's billion-plus websites, that means Drupal runs tens of millions of sites. Critical flaws in any CMS are popular with hackers, because the vulnerabilities can be unleashed against large numbers of sites with a single, often-easy-to-write script.

  • Avoiding the coming IoT dystopia
    Bradley Kuhn works for the Software Freedom Conservancy (SFC) and part of what that organization does is to think about the problems that software freedom may encounter in the future. SFC worries about what will happen with the four freedoms as things change in the world. One of those changes is already upon us: the Internet of Things (IoT) has become quite popular, but it has many dangers, he said. Copyleft can help; his talk is meant to show how. It is still an open question in his mind whether the IoT is beneficial or not. But the "deep trouble" that we are in from IoT can be mitigated to some extent by copyleft licenses that are "regularly and fairly enforced". Copyleft is not the solution to all of the problems, all of the time—no idea, no matter how great, can be—but it can help with the dangers of IoT. That is what he hoped to convince attendees with his talk. A joke that he had seen at least three times at the conference (and certainly before that as well) is that the "S" in IoT stands for security. As everyone knows by now, the IoT is not about security. He pointed to some recent incidents, including IoT baby monitors that were compromised by attackers in order to verbally threaten the parents. This is "scary stuff", he said.

KDE: Slackware's Plasma5, KDE Community 'Riot' (Matrix), Kdenlive Call for Testers/Testing

  • [Slackware] Python3 update in -current results in rebuilt Plasma5 packages in ktown
    Pat decided to update the Python 3 to version 3.7.2. This update from 3.6 to 3.7 broke binary compatibility and a lot of packages needed to be rebuilt in -current. But you all saw the ChangeLog.txt entry of course. In my ‘ktown’ repository with Plasma5 packages, the same needed to happen. I have uploaded a set of recompiled packages already, so you can safely upgrade to the latest -current as long as you also upgrade to the latest ‘ktown’. Kudos to Pat for giving me advance warning so I could already start recompiling my own stuff before he uploaded his packages.
  • Alternatives to rioting
    The KDE Community has just announced the wider integration of Matrix instant messaging into its communications infrastructure. There are instructions on the KDE Community Wiki as well. So what’s the state of modern chat with KDE-FreeBSD? The web client works pretty well in Falkon, the default browser in a KDE Plasma session on FreeBSD. I don’t like leaving browsers open for long periods of time, so I looked at the available desktop clients. Porting Quaternion to FreeBSD was dead simple. No compile warnings, nothing, just an hour of doing some boilerplate-ish things, figuring out which Qt components are needed, and doing a bunch of test builds. So that client is now available from official FreeBSD ports. The GTK-based client Fractal was already ported, so there’s choices available for native-desktop applications over the browser or Electron experience.
  • Ready to test [Kdenlive]?
    If you followed Kdenlive’s activity these last years, you know that we dedicated all our energy into a major code refactoring. During this period, which is not the most exciting since our first goal was to simply restore all the stable version’s features, we were extremely lucky to see new people joining the core team, and investing a lot of time in the project. We are now considering to release the updated version in April, with KDE Applications 19.04. There are still a few rough edges and missing features (with many new ones added as well), but we think it now reached the point where it is possible to start working with it.

Preliminary Support Allows Linux KVM To Boot Xen HVM Guests

As one of the most interesting patch series sent over by an Oracle developer in quite a while at least on the virtualization front, a "request for comments" series was sent out on Wednesday that would enable the Linux Kernel-based Virtual Machine (KVM) to be able to boot Xen HVM guests. The 39 patches touching surprisingly just over three thousand lines of code allow for Linux's KVM to run unmodified Xen HVM images as well as development/testing of Xen guests and Xen para-virtualized drivers. This approach is different from other efforts in the past of tighter Xen+KVM integration. Read more

Servers: Kubernetes, SUSE Enterprise Storage and Microsoft/SAP

  • Kubernetes and the Cloud
    One of the questions I get asked quite often by people who are just starting or are simply not used to the “new” way things are done in IT is, “What is the cloud?” This, I think, is something you get many different answers to depending on who you ask. I like to think of it this way: The cloud is a grouping of resources (compute, storage, network) that are available to be used in a manner that makes them both highly available and scalable, either up or down, as needed. If I have an issue with a resource, I need to be able to replace that resource quickly — and this is where containers come in. They are lightweight, can be started quickly, and allow us to focus a container on a single job. Containers are also replaceable. If I have a DB container, for instance, there can’t be anything about it that makes it “special” so that when it is replaced, I do not lose operational capability.
  • iSCSI made easy with SUSE Enterprise Storage
    As your data needs continue to expand, it’s important to have a storage solution that’s both scalable and easy to manage. That’s particularly true when you’re managing common gateway resources like iSCSI that provide interfaces to storage pools built in Ceph. In this white paper, you’ll see how to use the SUSE Enterprise Storage openATTIC management console to create RADOS block devices (RBDs), pools and iSCSI interfaces for use with Linux, Windows and VMware systems.
  • Useful Resources for deploying SAP Workloads on SUSE in Azure [Ed: SUSE never truly quit being a slave of Microsoft. It's paid to remain a slave.]
    SAP applications are a crucial part of your customer’s digital transformation, but with SAP’s move to SAP S/4HANA, this can also present a challenge.