Language Selection

English French German Italian Portuguese Spanish

Web

W3C DRM Backlash

Filed under
Security
Web
  • "W3C Embraces DRM - Declares War on Humanity" - Lunduke Hour

    The W3C has voted to standardize DRM for all of the Web -- in direct opposition to their own Mission Statement. What they are doing could have dire consequences for the entire Web. I yell about that for an hour. Because I'm mad.

  • DRM free Smart TV

    Libreboot is a free BIOS replacement which removes the Intel Management Engine. The Intel Management Engine is proprietary malware which includes a back door and some DRM functions. Netflix uses this hardware DRM called the Protected Audio/Video Path on Windows 10 when watching 4K videos. The Thinkpad T400 does not even have an HDMI port, which is known to be encumbered by HDCP, an ineffective DRM that has been cracked.

    Instead of using DRM encumbered streaming services such as Netflix, Entertain or Vodafone TV, I still buy DVDs and pay them anonymously with cash. In my home there is a DVB-C connector, which I have connected to a FRITZ!WLAN Repeater DVB-C which streams the TV signal to the ThinkPad. The TV set is switched on and off using a FRITZ!DECT 200 which I control using a python script running on the ThinkPad. I also reuse an old IR remote and an IRDuino to control the ThinkPad.

  • Over many objections, W3C approves DRM for HTML5

    A narrower covenant not to sue was proposed, but even this much narrower covenant was rejected. The various members of W3C appeared unlikely agree to any particular set of terms, and ultimately were never polled to see if consensus could be reached. Since the original EME proposal didn't include such a covenant, Berners-Lee decreed that failure to form one should not be allowed to block publication as an official W3C Recommendation.

July 9th - International Day Against DRM

Filed under
Web
  • The W3C has overruled members' objections and will publish its DRM for videos

    The final vote was more controversial than any in W3C history. As the months ticked by afterward without a decision from W3C Director Tim Berners-Lee, one W3C member proposed an even more modest compromise: a promise by W3C members not to sue security researchers who revealed defects in DRM that exposed users to privacy breaches. This was immediately rejected by Netflix and the CEO of the W3C and all discussion on it halted.

  • Disposition of Comments for Encrypted Media Extensions and Director's decision

    After consideration of the issues, the Director reached a decision that the EME specification should move to W3C Recommendation. [...]

  • A DRM standard has been approved for the web, and security researchers are worried

    Doctorow calls out a few specific points that have come up in the five-year-long debate over whether this standard should be approved. One is that there’s no protection for security researchers — in the US, breaking DRM, even for otherwise legal purposes, can be a crime, and the fact that EME doesn’t do anything about that keeps security researchers exposed to prosecution.

Action Against DRM on the Web

Filed under
Web
  • Leaders needed for International Day Against DRM (July 9, 2017)

    In the last year, we've seen cracks appearing in the foundation of the DRM status quo.

    Of course, the companies that profit from Digital Restrictions Management (DRM) are still trying to expand the system of law and technology that weakens our security and curtails our rights, in an effort to prop up their exploitative business models.

  • Tim Berners-Lee approves Web DRM, but W3C member organizations have two weeks to appeal

    Yesterday Tim Berners-Lee, the chief arbiter of Web standards, approved the controversial proposed Digital Restrictions Management (DRM) standard for the Web, Encrypted Media Extensions (EME).

  • Tim Berners-Lee Sells Out His Creation: Officially Supports DRM In HTML

    For years now, we've discussed the various problems with the push (led by the MPAA, but with some help from Netflix) to officially add DRM to the HTML 5 standard. Now, some will quibble with even that description, as supporters of this proposal insist that it's not actually adding DRM, but rather this "Encrypted Media Extensions" (EME) is merely just a system by which DRM might be implemented, but that's a bunch of semantic hogwash. EME is bringing DRM directly into HTML and killing the dream of a truly open internet. Instead, we get a functionally broken internet. Despite widespread protests and concerns about this, W3C boss (and inventor of the Web), Tim Berners-Lee, has signed off on the proposal. Of course, given the years of criticism over this, that signoff has come with a long and detailed defense of the decision... along with a tiny opening to stop it.

    There are many issues underlying this decision, but there are two key ones that we want to discuss here: whether EME is necessary at all and whether or not the W3C should have included a special protection for security researchers.

Web Browsers and Blockchain

Filed under
OSS
Web
  • Mozilla Rolls Out First Firefox 54 Point Release to Fix Netflix Issue on Linux

    More than two weeks after Mozilla unveiled Firefox 54 as the first branch of the web browser to use multiple operating system processes for web page content, we now see the availability of the first point release.

    Mozilla Firefox 54.0.1 was first offered to the stable release channel users on June 29, 2017, and, according to the official release notes, it fixes a Netflix issues for users of Linux-based operating systems, addresses a PDF printing issue, and resolves multiple tab-related issues that have been reported from Firefox 54.0.

  • The Top Four Open-Source Blockchain Projects in Media

    1. Brave Web Browser

    Once upon a time, getting users to pay attention to ads on webpages was the biggest problem facing online marketers. Today, that challenge has grown even more daunting. Convincing users not to block online ads entirely has become a major task in online media.

    Brave is an open-source web browser that gives users the option to block the ads that they would normally see when they visit a website. If the user so chooses, Brave replaces those blocked ads with ones tailored to a user's preferences. The browser gives the users a slice of the advertising revenue from the tailored ads. By paying users to view ads tailored to them, Brave delivers a better user experience, while also making it easier for advertisers to reach qualified leads through online ads.

    Blockchain technology enters the picture in two ways. First, Bitcoin is used to facilitate financial transactions between Brave and its advertising partners and users. Second, Brave uses the Bitcoin ledger to store data about user browsing behavior. This eliminates the need for a centralized database where specific users' behavior would be linked to their names. Instead, browsing behavior remains anonymous and essentially un-hackable.

  • Blockstack: An Open Source Browser Powered By Blockchain For Creating A New Internet

    Blockstack, a blockchain startup, has released a decentralized browser to make an internet that would be free from dependence on large organizations and key players. The makers of Blockstack browser have called it the Netscape of the decentralized internet for running and making apps. A developer release of Blockstack browser is available, and a user version will arrive in six months.

  • Colu Launches Bankbox, an Open-Source Protocol to Help Banks Issue Digital Currencies
  • BloqLabs from Bloq goes live to connect enterprises with open source blockchain projects
  •  

  • Bloq Launches BloqLabs to Bring Open Source Blockchain Technologies to Enterprise

    Bloq, a leader in the development of enterprise-grade Blockchain solutions, has launched BloqLabs to expand its ongoing sponsorship and support of critical open source projects in the bitcoin and Blockchain ecosystems.

  • [Older] Blockchain pioneers back open source code, Greenwich Associates

    81% view permissioned blockchains as inherently more secure than public blockchains. “In the end, a blockchain-enabled financial market will likely consist of a core plumbing of market infrastructure developed by the open source community, operating beneath proprietary applications that provide a higher level of security,” says Johnson.

Chromium, Chrome, and Mozilla Firefox

Filed under
Google
Moz/FF
Web
  • Chromium Mus/Ozone update (H1/2017): wayland, x11

    Since January, Igalia has been working on a project whose goal is to make the latest Chromium Browser able to run natively on Wayland-based environments. The project has various phases, requires us to carve out existing implementations and align our work with the direction Chromium’s mainline is taking.

    In this post I will provide an update on the progresses we have made over 2017/H1, as well as our plans coming next.

    In order to jump straight to the latest results section (including videos) without the details, click here.

  • Browse Against the Machine

    I head up Firefox marketing, but I use Chrome every day. Works fine. Easy to use. Like most of us who spend too much time in front of a laptop, I have two browsers open; Firefox for work, Chrome for play, customized settings for each. There are multiple things that bug me about the Chrome product, for sure, but I‘m OK with Chrome. I just don’t like only being on Chrome.

  • Firefox hogs less memory and gets a speed bump in its latest update

    In an attempt to even the playing field with competitors, Mozilla Firefox stepped up its game Tuesday by releasing an update that will increase browser speeds and cut down on memory usage.

    Firefox 54 has opened up its upper limit of processes from one to four, although users can customize it to be more by entering “about:config” in the address bar and adjusting the settings themselves.

    This new version of Firefox feels faster and it scores higher on an online browser speed test than Chrome or Safari, even after opening 20 tabs, although it still gives the old loading sign on all of the pages. Firefox product vice president Nick Nguyen calls this upgrade “the largest change to Firefox code in our history,” according to his blog post detailing the changes.

  • [Older] Firefox memory usage with multiple content processes

    My previous measurements found that four content processes are a sweet spot for both memory usage and performance. As a follow up we wanted to run the tests again to confirm my conclusions and make sure that we’re testing on what we plan to release. Additionally I was able to work around our issues testing Microsoft Edge and have included both 32-bit and 64-bit versions of Firefox on Windows; 32-bit is currently our default, 64-bit is a few releases out.

    The methodology for the test is the same as previous runs, I used the atsy project to load 30 pages and measure memory usage of the various processes that each browser spawns during that time.

Chrome 60 Beta, New Firefox, Thunderbird Themes

Filed under
Google
Moz/FF
OSS
Web
  • Chrome 60 Beta Rolls Out With VP9 Improvements, New Developer Features

    Chrome 60 Beta adds a Paint Timing API to provide more insight to developers about their "first paint" performance, CSS font-display support, improvements to the Credential Management API, the Payment Request API has been added to desktop Chrome, there's a new Web Budget API to allow sites using push notifications to send a limited number of push messages that will trigger background work, support for Web Push Encryption was added, and a range of other CSS/JavaScript features and APIs.

  • The Best Firefox Ever

    On the Firefox team, one thing we always hear from our users is that they rely on the web for complex tasks like trip planning and shopping comparisons. That often means having many tabs open. And the sites and web apps running in those tabs often have lots of things going on– animations, videos, big pictures and more. Complex sites are more and more common. The average website today is nearly 2.5 megabytes – the same size as the original version of the game Doom, according to Wired. Up until now, a complex site in one Firefox tab could slow down all the others. That often meant a less than perfect browsing experience.

  • Thunderbird Arc Theme Updated With Support for Arc Variants

    An update to the Arc Thunderbird theme add-on is now available for download, and brings support for the 3 Arc GTK theme variants.

WordPress 4.8 Overview and Working From Home

Filed under
OSS
Web

Browsers: Chrome 61, Mozilla Against Software Patents, Firefox Photon, and Tor 7.0

Filed under
Google
Moz/FF
OSS
Security
Web

How open source is advancing the Semantic Web

Filed under
OSS
Web

The Semantic Web, a term coined by World Wide Web (WWW) inventor Sir Tim Berners-Lee, refers to the concept that all the information in all the websites on the internet should be able to interoperate and communicate. That vision, of a web of knowledge that supplies information to anyone who wants it, is continuing to emerge and grow.

In the first generation of the WWW, Web 1.0, most people were consumers of content, and if you had a web presence it was comprised of a series of static pages conveyed in HTML. Websites had guest books and HTML forms, powered by Perl and other server-side scripting languages, that people could fill out. While HTML provides structure and syntax to the web, it doesn't provide meaning; therefore Web 1.0 couldn't inject meaning into the vast resources of the WWW.

Read more

Chrome 59 and Chromium

Filed under
Google
OSS
Web
Syndicate content

More in Tux Machines

Security: WPA2, Smartwatches, Google, NSA, Microsoft and Flexera FUD

  • WPA2 flaw's worst impact on Android, Linux devices

    The flaw in the WPA2 wireless protocol revealed recently has a critical impact on Android phones running version 6.0 of the mobile operating system and Linux devices, a security researcher says.

  • Why the Krack Wi-Fi Mess Will Take Decades to Clean Up

    But given the millions of routers and other IoT devices that will likely never see a fix, the true cost of Krack could play out for years.

  • 'All wifi networks' are vulnerable to hacking, security expert discovers

    WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers, highlighting potential for internet traffic to be exposed

  • Kids' smartwatches can be 'easily' hacked, says watchdog

    Smartwatches bought for children who do not necessarily need them can be hacked [sic], according to a warning out of Norway and its local Consumer Council (NCC).

  • John Lewis pulls children's smartwatch from sale over spying fears

    The Norwegian Consumer Council (NCC) revealed that several brands of children’s smartwatch, have such poor security controls that hackers [sic] could easily follow their movements and eavesdrop on conversations.

  • Google's 'Advanced Protection' Locks Down Accounts Like Never Before

    Google hasn't shared the details of what that process entails. But the CDT's Hall, whom Google briefed on the details, says it will include a "cooling-off" period that will lock the account for a period of time while the user proves his or her identity via several other factors. That slowed-down, intensive check is designed to make the account-recovery process a far less appealing backdoor into victims' data.

  • NSA won't say if it knew about KRACK, but don't look to this leaked doc for answers
    Given how involved the NSA has been with remote and local exploitation of networks, systems, devices, and even individuals, many put two and two together and assumed the worst. What compounded the matter was that some were pointing to a 2010-dated top secret NSA document leaked by whistleblower Edward Snowden, which detailed a hacking tool called BADDECISION, an "802.11 CNE tool" -- essentially an exploit designed to target wireless networks by using a man-in-the-middle attack within range of the network. It then uses a frame injection technique to redirect targets to one of the NSA's own servers, which acts as a "matchmaker" to supply the best malware for the target device to ensure it's compromised for the long-term. The slide said the hacking tool "works for WPA/WPA2," suggesting that BADDECISION could bypass the encryption. Cue the conspiracy theories. No wonder some thought the hacking tool was an early NSA-only version of KRACK.
  • You're doing open source wrong, Microsoft tsk-tsk-tsks at Google: Chrome security fixes made public too early [Ed: Says the company that gives back doors to the NSA and attacks FOSS with patents, lobbying etc.]
  • Why Open Source Security Matters for Healthcare Orgs [Ed: marketing slant for firms that spread FUD]
    Open source software can help healthcare organizations remain flexible as they adopt new IT solutions, but if entities lack open source security measures it can lead to larger cybersecurity issues. A recent survey found that organizations in numerous industries might not be paying enough attention to potential open source risk factors. Half of all code used in commercial and Internet of Things (IoT) software products is open source, but only 37 percent of organizations have an open source acquisition or usage policy, according to a recent Flexera report. More than 400 commercial software suppliers and in-house software development teams were interviewed, with respondent roles including software developers, DevOps, IT, engineering, legal, and security.

Games: JASEM, openage, Riskers, Rise to Ruins, Slime Rancher

The most promising linux distributions in 2017

Linux distributions have already gained recognition of its users and with every year new products appear in the market. Many of them focus on the certain tasks, so you can’t create a single list of the best ones. Here we have chosen several fields of Linux use and those distributions that have all chances to take the initial positions in their niche in 2017. Read more

Ubuntu 17.10 (Artful Aardvark) released

Codenamed "Artful Aardvark", Ubuntu 17.10 continues Ubuntu's proud tradition of integrating the latest and greatest open source technology into a high-quality, easy-to-use Linux distribution. As always, the team has been hard at work through this cycle, introducing new features and fixing bugs. Under the hood, there have been updates to many core packages, including a new 4.13-based kernel, glibc 2.26, gcc 7.2, and much more. Ubuntu Desktop has had a major overhaul, with the switch from Unity as our default desktop to GNOME3 and gnome-shell. Along with that, there are the usual incremental improvements, with newer versions of GTK and Qt, and updates to major packages like Firefox and LibreOffice. Read more Also: Ubuntu 17.10 Debuts Officially with GNOME 3.26 on Top of Wayland, Linux 4.13 How to: Upgrade Ubuntu 17.04 to Ubuntu 17.10 Ubuntu 17.10 ISOs Officially Released 10 Things To Do After Installing Ubuntu 17.10 Ubuntu 17.10 Now Available to Download, This Is What’s New How to Enable Night Light on Ubuntu 17.10 Ubuntu 17.10 Artful Aardvark Released With New Features — Download Torrents And ISO Files Here Ubuntu Flavors, Including Ubuntu MATE 17.10, Are Available to Download Ubuntu 17.10 'Artful Aardvark' ditches Unity for Gnome