Language Selection

English French German Italian Portuguese Spanish

Web

Chrome's Latest

Filed under
Google
Web

The world’s biggest curl installations

Filed under
OSS
Web

curl is quite literally used everywhere. It is used by a huge number of applications and devices. But which applications, devices and users are the ones with the largest number of curl installations? I've tried to come up with a list...

I truly believe curl is one of the world's most widely used open source projects.

If you have comments, other suggestions or insights to help me polish this table or the numbers I present, please let me know!

Read more

The 'New' Microsoft

Filed under
Google
Microsoft
Moz/FF
Web
  • Windows derails Chrome, Firefox installation, promotes Microsoft Edge instead [iophk: "Where are the Microsoft apologists on this? They sure have been quiet."]

    Microsoft is trying a new tactic to get people to use its Edge browser: a warning dialog box that interrupts the installation of other browsers like Mozilla Firefox or Google Chrome.

  • Microsoft tests ‘warning’ Windows 10 users not to install Chrome or Firefox

    While the prompts can be turned off, they’re yet another example of Microsoft infesting Windows 10 with annoying ads and pop-ups. Some similar prompts already appear and attempt to push Chrome or Firefox users to use Edge, but this latest one steps up Microsoft’s war against Chrome even further. It’s not clear why Microsoft thinks it’s a good idea to include these irritating prompts, as all they’re likely to do is anger Windows 10 users rather than convince them to switch to Edge.

  • Microsoft Tests Warning Windows 10 Users About Installing Google Chrome or Mozilla Firefox [iophk: "yeah, Microsoft "loves" FOSS"]

    While the warning does not block the installation, it is a blatant move from Microsoft to try and stop users from downloading a rival's Web browser. As per a CNET report, test was confirmed in Windows 10 version 1809, build 17758.1. It is worth noting that it is a preview release, which will not be available to the general public for another month or so. In a statement to CNET, Microsoft referred to its Windows test programme, and said, "We're currently testing this functionality with insiders only. The Windows Insider Program enables Microsoft to test different features, functionality and garner feedback before rolling out broadly. Customers remain in control and can choose the browser of their choice." The Verge, on the other hand, cites its sources to say the warning will not make its way to the Windows 10 October 2018 Update.

Chrome 69 Tip for GNU/Linux and Beta of Next Chrome Release

Filed under
Google
Web
  • Change UI theme in Google Chrome 69

    Say what you will about Chrome, but over the years, it has maintained a rather consistent look & feel. The changes are mostly done under the hood and they do not interfere with how the user interacts with the browser. But occasionally, mostly guided by their wider influence in the OS space, especially the mobile world, Google has made some stylistic changes. Most notably, they introduced Material Design to the Chrome UI, and now, there's another facelift.

    I noticed the new looks in the freshly updated Chrome 69 in Kubuntu Beaver, and I wasn't too happy. The font is gray and pale, ergo contrast isn't as good as it should be, and the new round design feels odd. So I decided to change this back to the older style. Let me show you how you can do this.

    [...]

    There you go. If you don't like the aesthetically pleasing but ergonomically dubious change to the Chrome's UI look in version 69 onwards, then you can change (we don't know for how long) the layout back to what it was, or try one of the several available themes. The goal is to retain maximum visual clarity and efficiency. The old looks offer that. The new ones hamper that.

    I am quite alarmed by this trend. The only solace I get is the knowledge that a few Google shares in me possession are generating profit, which I shall use to heal my soul of all this sub-IQ100 touch-led destruction of the desktop and fast productivity, a crusade that started worldwide around 2011 or so.

  • Chrome 70 beta: shape detection, web authentication, and more

    Unless otherwise noted, changes described below apply to the newest Chrome Beta channel release for Android, Chrome OS, Linux, macOS, and Windows. View a complete list of the features in Chrome 70 on ChromeStatus.com. Chrome 70 is beta as of September 13, 2018.

  • Chrome 70 In Beta With TLS 1.3, Opus Support In MP4 & AV1 Decode

    Following last week's Chrome 69 release, Chrome 70 is now in beta as the latest feature-update to Google's browser.

Browsh and Firefox on Old PCs (Better on GNU/Linux)

Filed under
GNU
Linux
Moz/FF
Web
  • Browsh – A Modern Text Based Browser Which Supports Graphics And Video

    We had wrote many articles about text based browser in the past such as Links, Links2, ELinks, Lynx, w3m and Netrik.

    Why we need a text-based browser in Linux? As you already know most of the Linux servers are running without GUI. It helps Linux administrator to browse the website from CLI.

    As i know, all these text-based browsers renders only web pages and supports color but browsh is advanced, well-established, feature-rich modern text based browser which supports graphics and video.

  • Firefox Just Dropped Windows XP and Vista Support, and Soon Steam Will Too

    Version 52 of Firefox’s Extended Support Edition (ESR) was the last version of Firefox compatible with Windows XP and Vista machines, but it is no longer getting security updates as of last week. This means any security flaws will never be patched, potentially putting users in danger of breaches.

WordPress Gutenberg will be the end of WordPress

Filed under
OSS
Web

WordPress is the most popular Content Management System (CMS) and blogging platform in the world. There are a lot of good reasons for that. It is accessible, simple and intuitive to use, and highly flexible, with a bewildering range of professional plugins and themes. Over the years, it has asserted itself as the dominant choice for those looking to create dynamic, responsive websites. I am a happy user, too. I've been using it myself since 2012, on my book writing blog. Unfortunately, all this goodness is poised to go down the drain.

WordPress 5.0, the next major release, is going to feature a revised UI (the backend) using a framework called Gutenberg. This new UI looks like it's going to take away all the good things that made WordPress so cool, and destroy the beautiful elegance, efficiency and simplicity with something that feels like an abstract, touch-optimized experiment. Let's discuss.

[...]

Unholy Crusade against the desktop

Ever since mobile (touch) became the prevalent consumer platform, there's been a lot of focus on developing mobile solutions. This is fine. Except these mobile solutions are also pushed onto the desktop, where they utterly fail. Touch software does not work on the desktop. It just does not.

Moreover, there's a bigger problem here. While most of the content is consumed on the mobile, most of the content is created on the desktop. It makes sense. The desktop is an infinitely superior platform for writing and image processing. The full keyboard + mouse combo and the multi-application usability beat all and any touch solution.

I do not consider social media "updates" content. I consider content to be meaningful articles that provide new and unique information, of which there is less and less every day. I am extremely confident than the vast majority of actually valuable articles and posts are made using the classic desktop formula. Just imagine writing 500 words on a keyboard versus touch.

Read more

The WebExtocalypse

Filed under
Moz/FF
Web

Mozilla recently dropped support for Firefox XUL extensions.

The initial threat of this prompted me to discover how to re-enable XUL extensions by modifying Firefox's omni.ja file. That clearly is not going to last very long since Mozilla is also deleting XPCOM interfaces but I note the Tor Browser is temporarily still using XUL extensions.

Since I have some extensions I wrote for myself, I will need to rewrite them as WebExtension add-ons.

The first thing to do is check how to install WebExtension add-ons. My local XUL extensions are run from the corresponding git trees. Using an example extension I discovered that this no longer works. The normal way to install add-ons is to use the web-ext tool, upload to the Mozilla app store and then install from there. This seems like overkill for an unpolished local add-on. One way to workaround this is to disable signing but that seems suboptimal if one has installed Mozilla-signed add-ons, which I will probably have to do until Debian packages more add-ons. Luckily Mozilla offers alternative "sideloading" distribution mechanisms and Debian enables these by default for the Debian webext-* packages. Installing a symlink to the git repository into the extensions directory and adding a gecko identifier to the add-on manifest.json file works.

Read more

Latest on Chrome and Mozilla

Filed under
Google
Moz/FF
Web
  • Google Wants to Kill the URL

     

    The focus right now, they say, is on identifying all the ways people use URLs to try to find an alternative that will enhance security and identity integrity on the web while also adding convenience for everyday tasks like sharing links on mobile devices.

  • Keybase: "Our browser extension subverts our encryption, but why should we care?"

    Two days ago I decided to take a look at Keybase. Keybase does crypto, is open source and offers security bug bounties for relevant findings — just the perfect investigation subject for me. It didn’t take long for me to realize that their browser extension is deeply flawed, so I reported the issue to them via their bug bounty program. The response was rather… remarkable. It can be summed up as: “Yes, we know. But why should we care?”

  • Daniel Stenberg: DoH in curl

    DNS-over-HTTPS (DoH) is being designed (it is not an RFC quite yet but very soon!) to allow internet clients to get increased privacy and security for their name resolves. I've previously explained the DNS-over-HTTPS functionality within Firefox that ships in Firefox 62 and I did a presentation about DoH and its future in curl at curl up 2018.

    We are now introducing DoH support in curl. I hope this will not only allow users to start getting better privacy and security for their curl based internet transfers, but ideally this will also provide an additional debugging tool for DoH in other clients and servers.

    Let's take a look at how we plan to let applications enable this when using libcurl and how libcurl has to work with this internally to glue things together.

  • Firefox 63 Beta On Linux Finally Runs WebExtensions In Their Own Process

    With Firefox 62.0 having shipped, Mozilla promoted Firefox 63.0 to beta as part of their usual release cadence.

    With Firefox 63.0 there are several Windows 10 and macOS improvements including better multi-GPU handling on Macs, faster tab switching, and better Windows 10 integration. But for Linux users there is one notable platform-specific change and that is WebExtensions now running in their own process.

Chrome 69

Filed under
Google
Web
  • Google Chrome Update Brings A UI Revamp And New Password Manager With More Accurate Auto Filling

    Google Chrome is the go to browser for most people. With a simple UI and great performance, it has been the most dominant browser for quite sometime.

    Today Google dropped a big update for Chrome, on it’s 10th Birthday. There are a lot of changes, including a UI revamp, a new password manager and more.

  • Chrome 69 Brings UI Refinement, Initial AV1 Decoder, Picture-In-Picture API

    While Firefox is hitting version 62 this week, Google has introduced Chrome 69 as the newest version of their cross-platform web-browser that recently celebrated its tenth birthday.

    With this Chrome 69 browser update there is a visual refresh to the user-interface as Google developers adopted the Material 2 design principles for the desktop browser. Chrome 69 also has various security improvements, CSS conic gradients support, CSS scroll snap positions, and various other developer additions.

Firefox Extensions and Google Code-in 2018

Filed under
Development
Google
Moz/FF
Web
  • Extensions in Firefox 63

    Firefox 63 is rolling into Beta and it’s absolutely loaded with new features for extensions. There are some important new API, some major enhancements to existing API, and a large collection of miscellaneous improvements and bug fixes. All told, this is the biggest upgrade to the WebExtensions API since the release of Firefox Quantum.

    An upgrade this large would not have been possible in a single release without the hard work of our Mozilla community. Volunteer contributors landed over 25% of all the features and bug fixes for WebExtensions in Firefox 63, a truly remarkable effort. We are humbled and grateful for your support of Firefox and the open web. Thank you.

    Note: due to the large volume of changes in this release, the MDN documentation is still catching up. I’ve tried to link to MDN where possible, and more information will appear in the weeks leading up to the public release of Firefox 63.

  • Mozilla Addons Blog: September’s featured extensions
  • Announcing Google Code-in 2018: nine is just fine!

    We are excited to announce the 9th consecutive year of the Google Code-in (GCI) contest! Students ages 13 through 17 from around the world can learn about open source development by working on real open source projects, with mentorship from active developers. GCI begins on Tuesday, October 23, 2018 and runs for seven weeks, ending Wednesday, December 12, 2018.

    Google Code-in is unique because, not only do the students choose what they want to work on from the 2,500+ tasks created by open source organizations, but they have mentors available to help answer their questions as they work on each of their tasks.

  • A small HTTP debug server in Go

    Lately, I found myself to work on an application that was communicating via SOAP with a server. My goal was to understand how this application worked with the SOAP server to emulate its behavior. Even if I had access to the source code of the application, I thought it would have been easier, faster and more fun to do the work without actually reading the code. It’s important to note that actually, the application is fairly small and self-contained. Otherwise, I would have probably taken a different approach.

    Since I was not very interested in the application itself, but more to the SOAP API, I decided to handle the whole situation as a reverse-engineering effort. One nice thing about this application, like many others, is that it’s possible to set the server URL with a command line configuration.

Syndicate content

More in Tux Machines

Red Hat's "DevOps" Hype Again and Analysis of last Night's Financial Results

OSS Leftovers

  • Deutsche Telekom and Aricent Create Open Source Edge Software Framework
    Deutsche Telekom and Aricent today announced the creation of an Open Source, Low Latency Edge Compute Platform available to operators, to enable them to develop and launch 5G mobile applications and services faster. The cost-effective Edge platform is built for software-defined data centers (SDDC) and is decentralized, to accelerate the deployment of ultra-low latency applications. The joint solution will include a software framework with key capabilities for developers, delivered as a platform-as-a-service (PaaS) and will incorporate cloud-native Multi-access edge computing (MEC) technologies.
  • A Deeper Look at Sigma Prime's Lighthouse: An Open-Source Ethereum 2.0 Client
  • Notable moments in Firefox for Android UA string history
  • Dweb: Creating Decentralized Organizations with Aragon
    With Aragon, developers can create new apps, such as voting mechanisms, that use smart contracts to leverage decentralized governance and allow peers to control resources like funds, membership, and code repos. Aragon is built on Ethereum, which is a blockchain for smart contracts. Smart contracts are software that is executed in a trust-less and transparent way, without having to rely on a third-party server or any single point of failure. Aragon is at the intersection of social, app platform, and blockchain.
  • LLVM 7.0.0 released
  • Parabola GNU/Linux-libre: Boot problems with Linux-libre 4.18 on older CPUs
    Due to a known bug in upstream Linux 4.18, users with older multi-core x86 CPUs (Core 2 Duo and earlier?) may not correctly boot up with linux-libre 4.18 when using the default clocksource.
  • Visual Schematic Diffs in KiCAD Help Find Changes
    In the high(er)-end world of EDA tools like OrCAD and Altium there is a tight integration between the version control system and the design tools, with the VCS is sold as a product to improve the design workflow. But KiCAD doesn’t try to force a version control system on the user so it doesn’t really make sense to bake VCS related tools in directly. You can manage changes in KiCAD projects with git but as [jean-noël] notes reading Git’s textual description of changed X/Y coordinates and paths to library files is much more useful for a computer than for a human. It basically sucks to use. What you really need is a diff tool that can show the user what changed between two versions instead of describe it. And that’s what plotgitsch provides.

LWN's Latest (Today Outside Paywall) Articles About the Kernel, Linux

  • Toward better handling of hardware vulnerabilities
    From the kernel development community's point of view, hardware vulnerabilities are not much different from the software variety: either way, there is a bug that must be fixed in software. But hardware vendors tend to take a different view of things. This divergence has been reflected in the response to vulnerabilities like Meltdown and Spectre which was seen by many as being severely mismanaged. A recent discussion on the Kernel Summit discussion list has shed some more light on how things went wrong, and what the development community would like to see happen when the next hardware vulnerability comes around. The definitive story of the response to Meltdown and Spectre has not yet been written, but a fair amount of information has shown up in bits and pieces. Intel was first notified of the problem in July 2017, but didn't get around to telling anybody in the the Linux community about it until the end of October. When that disclosure happened, Intel did not allow the community to work together to fix it; instead each distributor (or other vendor) was mostly left on its own and not allowed to talk to the others. Only at the end of December, right before the disclosure (and the year-end holidays), were members of the community allowed to talk to each other. The results of this approach were many, and few were good. The developers charged with responding to these problems were isolated and under heavy stress for two months; they still have not been adequately thanked for the effort they put in. Many important stakeholders, including distributions like Debian and the "tier-two" cloud providers, were not informed at all prior to the general disclosure and found themselves scrambling. Different distributors shipped different fixes, many of which had to be massively revised before entry into the mainline kernel. When the dust settled, there was a lot of anger left simmering in its wake.
  • Writing network flow dissectors in BPF
    Network packet headers contain a great deal of information, but the kernel often only needs a subset of that information to be able to perform filtering or associate any given packet with a flow. The piece of code that follows the different layers of packet encapsulation to find the important data is called a flow dissector. In current Linux kernels, the flow dissector is written in C. A patch set has been proposed recently to implement it in BPF with the clear goal of improving security, flexibility, and maybe even performance.
  • Coscheduling: simultaneous scheduling in control groups
    The kernel's CPU scheduler must, as its primary task, determine which process should be executing in each of a system's processors at any given time. Making an optimal decision involves juggling a number of factors, including the priority (and scheduling classes) of the runnable processes, NUMA locality, cache locality, latency minimization, control-group policies, power management, overall fairness, and more. One might think that throwing another variable into the mix — and a complex one at that — would not be something anybody would want to attempt. The recent coscheduling patch set from Jan Schönherr does exactly that, though, by introducing the concept of processes that should be run simultaneously. The core idea behind coscheduling is the marking of one or more control groups as containing processes that should be run together. If one process in a coscheduled group is running on a specific set of CPUs (more on that below), only processes from that group will be allowed to run on those CPUs. This rule holds even to the point of forcing some of the CPUs to go idle if the given control group lacks runnable processes, regardless of whether processes outside the group are runnable. Why might one want to do such a thing? Schönherr lists four motivations for this work, the first of which is virtualization. That may indeed be the primary motivation, given that Schönherr is posting from an Amazon address, and Amazon is rumored to be running a virtualized workload or two. A virtual machine usually contains multiple processes that interact with each other; these machines will run more efficiently (and with lower latencies) if those processes can run simultaneously. Coscheduling would ensure that all of a virtual machine's processes are run together, maximizing locality and minimizing the latencies of the interactions between them.
  • Machine learning and stable kernels
    There are ways to get fixes into the stable kernel trees, but they require humans to identify which patches should go there. Sasha Levin and Julia Lawall have taken a different approach: use machine learning to distinguish patches that fix bugs from others. That way, all bug-fix patches could potentially make their way into the stable kernels. Levin and Lawall gave a talk describing their work at the 2018 Open Source Summit North America in Vancouver, Canada. Levin began with a quick introduction to the stable tree and how patches get into it. When a developer fixes a bug in a patch they can add a "stable tag" to the commit or send a mail to the stable mailing list; Greg Kroah-Hartman will then pick up the fix, evaluate it, and add it to the stable tree. But that means that the stable tree is only getting the fixes that are pointed out to the stable maintainers. No one has time to check all of the commits to the kernel for bug fixes but, in an ideal world, all of the bug fixes would go into the stable kernels. Missing out on some fixes means that the stable trees will have more security vulnerabilities because the fixes often close those holes—even if the fixer doesn't realize it.
  • Trying to get STACKLEAK into the kernel
    The STACKLEAK kernel security feature has been in the works for quite some time now, but has not, as yet, made its way into the mainline. That is not for lack of trying, as Alexander Popov has posted 15 separate versions of the patch set since May 2017. He described STACKLEAK and its tortuous path toward the mainline in a talk [YouTube video] at the 2018 Linux Security Summit. STACKLEAK is "an awesome security feature" that was originally developed by The PaX Team as part of the PaX/grsecurity patches. The last public version of the patch set was released in April 2017 for the 4.9 kernel. Popov set himself on the goal of getting STACKLEAK into the kernel shortly after that; he thanked both his employer (Positive Technologies) and his family for giving him working and free time to push STACKLEAK. The first step was to extract STACKLEAK from the more than 200K lines of code in the grsecurity/PaX patch set. He then "carefully learned" about the patch and what it does "bit by bit". He followed the usual path: post the patch, get feedback, update the patch based on the feedback, and then post it again. He has posted 15 versions and "it is still in progress", he said.

PostgreSQL 11: something for everyone

PostgreSQL 11 had its third beta release on August 9; a fourth beta (or possibly a release candidate) is scheduled for mid-September. While the final release of the relational database-management system (currently slated for late September) will have something new for many users, its development cycle was notable for being a period when the community hit its stride in two strategic areas: partitioning and parallelism. Partitioning and parallelism are touchstones for major relational database systems. Proprietary database vendors manage to extract a premium from a minority of users by upselling features in these areas. While PostgreSQL has had some of these "high-tier" items for many years (e.g., CREATE INDEX CONCURRENTLY, advanced replication functionality), the upcoming release expands the number considerably. I may be biased as a PostgreSQL major contributor and committer, but it seems to me that the belief that community-run database system projects are not competitive with their proprietary cousins when it comes to scaling enterprise workloads has become just about untenable. Read more