Language Selection

English French German Italian Portuguese Spanish

Web

Browsers That Spy

Filed under
Google
Moz/FF
Web
  • Firefox Advance Uses Your Browser History to Recommend Web Content

    If you’re short on things to read — seriously? — be sure to check out the latest experiment in the Firefox Test Pilot program.

    It’s called Advance and it aims to ‘advance’ you past the site you’re currently gawping at and on to the next. How? By giving you a list of articles and web pages based on your browsing history, of course.

    Don’t scream. Honestly. This feature is not part of the default browser (not yet, anyway). You have to explicitly choose to enable it.

    [...]

    Now, before anyone screams “I already use this! It’s called Google Chrome!” let me stress that this is an entirely optional, opt-in feature for Firefox. You have to go out of your way to install it. It is not part of the default install. If you don’t want it, you don’t have to use it.

    You remain in control when Advance is running. You can, at any point, see what browser history Laserlike has processed and — GDPR box check — request the deletion of that information.

    Advance by Firefox limits its remit to your search history, specifically web page addresses. It doesn’t monitor what you write/say/do when using a website, or the specific content that’s on it.

  • Dev Channel Update for Desktop

    The dev channel has been updated to 70.0.3514.0 for Windows & Linux, and 70.0.3514.2 for Mac.  

  • Chrome 70 Dev Release With Shape Detection API

    While Chrome 69 was released last week, today Google has shipped their latest "dev" release of Chrome 70 for interested testers.

    New Chrome 70 dev channel releases are available today for Linux, macOS, and Windows. Key features for Chrome 70 is the introduction of the Shape Detection API, disabling some touch event APIs by default on desktop hardware, CSS Grid Layout behavior updates, WebUSB support within dedicated worker contexts, several security enhancements, and various other minor updates.

Thunderbird 60 Released

Filed under
Moz/FF
Web
  • Thunderbird Release Notes

    Thunderbird version 60 is currently only offered as direct download from thunderbird.net and not as upgrade from Thunderbird version 52 or earlier. If you have installed Lightning, Mozilla's Calendar add-on, it will automatically be updated to match the new version of Thunderbird. Refer to this troubleshooting article in case of problems.

  • Thunderbird 60.0 Released With WebExtension Themes, Attachment Improvements

    For those of you that have been waiting for a big update to the Thunderbird mail/RSS client, Thunderbird 60.0 is now available with plenty of changes.

  • What’s New in Thunderbird 60

    Thunderbird 60, the newest stable release of everyone’s favorite desktop Email client, has been released. This version of Thunderbird is packed full of great new features, fixes, and changes that improve the user experience and make for a worthwhile upgrade. I’ll highlight three of the biggest changes in Thunderbird 60 in this post, check out the full release notes over on our website.

Reddit Cracked

Filed under
Security
Web
  • We had a security incident. Here's what you need to know.
  • Reddit suffers breach, says user data between 2005 and 2007 accessed

    American social news aggregation, Web content rating, and discussion website Reddit has says someone broke into its systems and accessed user data including email addresses, plus a 2007 database back-up containing encrypted passwords.

    [...]

    The attacker intercepted text messages for employees containing one-time login codes. "...we learned that SMS-based authentication is not nearly as secure as we would hope, and the main attack was via SMS intercept," Slowe said. "We point this out to encourage everyone here to move to token-based 2FA."

  • Reddit says hackers [sic] accessed some user data

    Reddit said on June 19 it learned that an attacker compromised a few of its employees’ accounts between June 14 and June 18.

  • Reddit Got Hacked Thanks to a Woefully Insecure Two-Factor Setup

    Reddit also noted that logs from June 3 to June 17, 2018, related to the platform’s “email digests” were exposed. This is a problem, because access to that information would allow attackers to see the usernames connected to each user email address—helpful information if you’re trying to compromise accounts. The digests also make suggestions about posts and subreddits a user might like, which potentially gives attackers additional information about individuals on Reddit.

  • Reddit Hacked: Here’s How To Know If You Were Compromised

    The popular news aggregator website Reddit has revealed that it suffered a data breach between June 14 and 18. While Reddit calls the attack “serious,” it hasn’t disclosed the number of users affected and said no data was altered. The hacker got read-only access to “some systems that contained backup data, source code, and other logs.”

The Brave browser basics – what it does, how it differs from rivals

Filed under
Web

Boutique browsers try to scratch out a living by scratching out a niche underserved by the usual suspects. Brave is one of those browsers.

Brave has gotten more attention than most new browsers, partly because a co-founder was one of those who kick-started Mozilla's Firefox, partly because of its very unusual - some say parasitical - business model.

That model, which relies on stripping every site of every ad, then substituting different ads, came under attack almost immediately from publishers that depended on online advertising for theirlivelihood. "Your plan to use our content to sell your advertising is indistinguishable from a plan to steal our content to publish on your own website [emphasis in original]," lawyers for 17 newspaper publishers wrote in a letter to Brave Software in April 2016.

Read more

Vivaldi, Opera and Chrome

Filed under
Web
  • Vivaldi Browser Adds Privacy-Focused Search Engine Qwant as New Search Option

    Vivaldi Technologies informed Softpedia today that they've added a new search engine to the growing list of search options of their Chromium-based Vivaldi web browser.

    We're talking about Qwant, a search engine designed from the ground up by a French-based company to respect users' privacy when searching the World Wide Web for anything that interest them every single day. Qwant achieves its privacy goal by not storing any cookies, nor your search history.

  • Vivaldi's New Qwant Privacy-Focused Search Engine, Microsoft Makes PowerShell Core a Snap, Red Hat Ansible Engine 2.6 Now Available, Apache Software Foundation's Annual Report and More

    Vivaldi Technologies has added a new privacy-focused search engine called Qwant to its Vivaldi web browser. Qwant doesn't store cookies or search history. Softpedia News quotes CEO and co-founder of Vivaldi Jon von Tetzchner: "We believe that the Internet can do better. We do not believe in tracking our users or in data profiling." You need version 1.15 of Vivaldi in order to enable Qwant.

  • Opera 55 Web Browser Enters Beta with Support for Installing Chrome Extensions

    The Chromium-based Opera web browser continues development with two upcoming versions, Opera 55 and Opera 56, and the former recently entered beta testing with a bunch of goodies.

    Based on Chromium 68.0.3440.42, Opera 55 beta introduces a revamped settings page that promises to help users better and easier configure their favorite web browser by splitting the settings into two categories, namely basic and advanced. Also, users will now be able to search for specific settings via the integrated search bar.

  • Google Chrome on Android will stop background tabs after 5 minutes to improve performance

    What once was dominated by Microsoft’s Internet Explorer, Google Chrome has done a great job at dominating the overall web browser market. Various reports project Chrome’s usage numbers between 50% to just over 62%, and this has actually been both a blessing and a curse. Google has been under the investigation from both Russia and Europe for their actions and their practices just may have to change in the near future. Still, even with the popularity of the Chrome browser, users have a number of complaints. Google engineers have been working on improving these lately and Chrome for Android will soon stop background tabs after 5 minutes of inactivity.

  • Google Chrome To Stop Background Tab Loading After 5 Mins Of Inactivity

Browsers: Firefox, Browsh and Chrome

Filed under
Moz/FF
Web
  • Mozilla B-Team: happy bmo push day!
  • Mozilla VR Blog: This week in Mixed Reality: Issue 12

    This week we landed a bunch of core features: in the browsers space, we landed WebVR support and immersive controllers; in the social area, added media tools to Hubs; and in the content ecosystem, we now have WebGL2 support on the WebGLRenderer in three.js.

  • Robert Kaiser: VR Map - A-Frame Demo using OpenStreetMap Data

    The prime driver for writing my first such demo was that I wanted to do something meaningful with A-Frame. Previously, I had only played around with the Hello WebVR example and some small alterations around the basic elements seen in that one, which is also pretty much what I taught to others in the WebVR workshops I held in Vienna last year. Now, it was time to go beyond that, and as I had recently bought a HTC Vive, I wanted something where the controllers could be used - but still something that would fall back nicely and be usable in 2D mode on a desktop browser or even mobile screens.

  • Firefox Test Pilot: The Evolution of Side View

    Side View is a new Firefox Test Pilot experiment which allows you to send any webpage to the Firefox sidebar, giving you an easy way to view two webpages side-by-side. It was released June 5 through the Test Pilot program, and we thought we would share with you some of the different approaches we tried while implementing this idea.

  • Browsh – A Modern Text Browser That Supports Graphics And Video

    Browsh is a modern, text-based browser that supports graphics including video. Yes, you read that right! It supports HTML5, CSS3, JavaScript, photos, WebGL content and of course video as well. Technically speaking, it is not much of a browser, but some kind of terminal front-end of browser. It uses headless Firefox to render the web page and then converts it to ASCII art. According to the developer, Browsh significantly reduces the bandwidth and increases the browsing speed. Another cool feature of browsh is you can ssh from, for example an old laptop, to a regular computer where you have Browsh installed, and browse HTML5 webpages without much lag. Browsh is free, open source and cross-platform.

  • The most ambitious browser mitigation yet for Spectre attacks comes to Chrome

    Google’s Chrome browser is undergoing a major architectural change to enable a protection designed to blunt the threat of attacks related to the Spectre vulnerability in computer processors. If left unchecked by browsers or operating systems, such attacks may allow hackers to pluck passwords or other sensitive data out of computer memory when targets visit malicious sites.

Mozilla and Chrome: Lockbox, New Site for Thunderbird and SeaMonkey Add-ons and More

Filed under
Google
Moz/FF
Web
  • Mozilla Announces Firefox Lockbox, a Face ID-Compatible Password Manager for iOS

    After it made sure Firefox is one of the most popular web browsers on the desktop, Mozilla continues their quest to conquer the mobile world with new and innovative apps.

    Today, Mozilla announced that it had developed two new apps for Apple's iOS and Google's Android mobile operating systems, Firefox Lockbox for iOS and Notes by Firefox for Android. The two apps are currently available for testing through the company's Mobile Test Pilot Experiments initiative.

    The Firefox Lockbox for iOS promises to be a password manager that you can take anywhere, so you won't have to reset your new passwords when you forget them. While the app can sync passwords across devices, it's only compatible with passwords save through the Firefox web browser via a Firefox Sync account.

  • New Site for Thunderbird and SeaMonkey Add-ons

    When Firefox Quantum (version 57) launched in November 2017, it exclusively supported add-ons built using WebExtensions APIs. addons.mozilla.org (AMO) has followed a parallel development path to Firefox and will soon only support WebExtensions-based add-ons.

    As Thunderbird and SeaMonkey do not plan to fully switch over to the WebExtensions API in the near future, the Thunderbird Council has agreed to host and manage a new site for Thunderbird and SeaMonkey add-ons. This new site, addons.thunderbird.net, will go live in July 2018.

    Starting on July 12th, all add-ons that support Thunderbird and SeaMonkey will be automatically ported to addons.thunderbird.net. The update URLs of these add-ons will be redirected from AMO to the new site and all users will continue to receive automatic updates. Developer accounts will also be ported and developers will be able to log in and manage their listings on the new site.

  • A Vision for Engineering Workflow at Mozilla (Part Three)

    This is the last post in a three-part series on A Vision for Engineering Workflow at Mozilla.

  • Why Isn't Debugging Treated As A First-Class Activity?

    One thing developers spend a lot of time on is completely absent from both of these lists: debugging! Gitlab doesn't even list anything debugging-related in its missing features. Why isn't debugging treated as worthy of attention? I genuinely don't know — I'd like to hear your theories!

    One of my theories is that debugging is ignored because people working on these systems aren't aware of anything they could do to improve it. "If there's no solution, there's no problem." With Pernosco we need to raise awareness that progress is possible and therefore debugging does demand investment. Not only is progress possible, but debugging solutions can deeply integrate into the increasingly cloud-based development workflows described above.

  • Bug futures: business models

    Recent question about futures markets on software bugs: what's the business model?

    As far as I can tell, there are several available models, just as there are multiple kinds of companies that can participate in any securities or commodities market.

  • Are You a Fan of Google Chrome’s New Look?

    Perhaps it’s just me, but I don’t think the look of Google Chrome has altered all that much since it blinked into life in 2009.

    But that will shortly change.

    Rumour has it that Google plans to debut a new-look Google Chrome ahead of the browser’s 10th birthday in September.

    And if you’re a spoiler fan, the new look is already available for testing.

    Now, we’re not talking a revamp based on the old ‘boxy’ Material Design here. Oh no. The visual rejig Is based on the rounder, softer and more tactile Material Design 2 (on full display in Android P and arriving piecemeal to the Chrome OS desktop).

PHP 7.3.0 Alpha 3 Released

Filed under
Development
Web
  • PHP 7.3.0 alpha 3 Released

    The PHP team is glad to announce the release of the third PHP 7.3.0 version, PHP 7.3.0 Alpha 3. The rough outline of the PHP 7.3 release cycle is specified in the PHP Wiki.

    For source downloads of PHP 7.3.0 Alpha 3 please visit the download page. Windows sources and binaries can be found on windows.php.net/qa/.

    Please carefully test this version and report any issues found in the bug reporting system.

  • PHP 7.3 Alpha 3 Released

    The third alpha of this year's PHP7 update, PHP 7.3, is now available for evaluation.

    PHP 7.3 has been crafting improved PHP garbage collection, WebP support within the image create from string function, and a variety of other features and improvements. PHP 7.3 is looking very good in early benchmarks.

    PHP 7.3 Alpha 3 introduces a lot of bug fixes from core PHP to various extensions, min_proto_version/max_proto_version options added to OpenSSL for maximum/minimum TLS version protocol values, and various other code improvements.

When Firefox Meets Chrome and Former Mozilla CEO Meets Chromium

Filed under
Google
Moz/FF
Web
  • How to Install Firefox in Chrome OS
  • Brave should have its own User-Agent, but here is how you detect it anyway

    The User-Agent string is the name that web browsers and other web clients send to web servers to identify their make and model to the server. This data is primarily used for statistical and troubleshooting purposes. The Brave web browser isn’t brave enough to have their own User-Agent and instead tries to camouflage as Google Chrome.

    Brave is a very opinionated web browser. This makes it easy to reliably detect it even without a unique User-Agent, and I’ll spend most of the article advocating for why Brave should have their own User-Agent. You can skip to the last two sections if you’re only interested in the detection code.

    Brave actually had a User-Agent of its own in the first few months of its existence, but removed it in April 2016. The history books (git commit logs) show that Brave removed the “Brave/Version” component from their User-Agent string to make it more difficult to fingerprint the browser.

  • How Larry Page Inspired Young Sundar Pichai Into Making Chrome A Success Story

    When Google Chrome was first launched in 2008, Firefox and Internet Explorer users had a good laugh looking at the new browser since it had no extensions, no theme support, nothing that competitors provided to users. But, slowly, people started turning to Google Chrome, and they liked it instantly. It was the fastest of all, pages loaded immediately, and people believed it could evolve into something big (the minimalist design helped there).

    Presently, Google Chrome stands at the top in browsers market with 60.98% market share against IE and Firefox who hold 12% and 11% share, respectively.

Brave Does Tor

Filed under
Security
Web
  • Brave Introduces Beta of Private Tabs with Tor for Enhanced Privacy while Browsing

    Today we’re releasing our latest desktop browser Brave 0.23 which features Private Tabs with Tor, a technology for defending against network surveillance. This new functionality, currently in beta, integrates Tor into the browser and gives users a new browsing mode that helps protect their privacy not only on device but over the network. Private Tabs with Tor help protect Brave users from ISPs (Internet Service Providers), guest Wi-Fi providers, and visited sites that may be watching their Internet connection or even tracking and collecting IP addresses, a device’s Internet identifier.

    Private Tabs with Tor are easily accessible from the File menu by clicking New Private Tab with Tor. The integration of Tor into the Brave browser makes enhanced privacy protection conveniently accessible to any Brave user directly within the browser. At any point in time, a user can have one or more regular tabs, session tabs, private tabs, and Private Tabs with Tor open.

  • Brave Browser Goes Beyond Private Browsing With Tor-powered Tabs

    The ad blocking browser Brave is presently counted as one of the top net surfing browsers of 2018, primarily for its steady privacy and secure browsing experience. It is now advancing towards perfecting private browsing

    An update (Brave 0.23) launched on Thursday for its desktop clients has integrated Private tabs with Tor to defend users from leaving digital footprints on the internet.

Syndicate content

More in Tux Machines

OSS Leftovers

  • Uber Open Sources Its Large Scale Metrics Platform M3
    Uber's engineering team released its metrics platform M3, which it has been using internally for some years, as open source. The platform was built to replace its Graphite based system, and provides cluster management, aggregation, collection, storage management, a distributed time series database (TSDB) and a query engine with its own query language M3QL. [...] M3's query engine provides a single global view of all metrics without cross region replication. Metrics are written to local regional M3DB instances and replication is local to a region. Queries go to both the regional local instances as well as to coordinators in remote regions where metrics are stored. The results are aggregated locally, and future work is planned wherein  any query aggregation would happen at the remote coordinators.
  • SD Times Open-Source Project of the Week: Dev.to
    This week’s highlighted project comes courtesy of a community of developers who hope that their codebase will be used to foster communities like theirs, focused on education and collaboration among peers of any skill level. Dev.to’s codebase is open-source as of last week week and the community-building platform’s developers think that further community involvement in development will lead to great things. [...] Halpern made sure to clarify in the post that this release is not simply a library for creating the types of community-driven communication platforms that dev.to embodies, but the for-profit company’s entire codebase. “However, that is a perfectly valid use case in the future,” Halpern wrote in a post leading up to the release. “If you are interested in contributing such that we can eventually help people stand up their own version of this platform for their own business or society, we’ll definitely welcome that input.” The platform is a Ruby on Rails app with a Preact front-end. The company is hard at work on native apps for iOS and Android but say its technology choices are fluid.
  • RLS 1.0 release candidate
    The current version of the Rust Language Server (RLS), 0.130.5, is the first 1.0 release candidate. It is available on nightly and beta channels, and from the 3rd September will be available with stable Rust. 1.0 for the RLS is a somewhat arbitrary milestone. We think the RLS can handle most small and medium size projects (notable, it doesn't work with Rust itself, but that is large and has a very complex build system), and we think it is release quality. However there are certainly limitations and many planned improvements. It would be really useful if you could help us test the release candidate! Please report any crashes, or projects where the RLS gives no information or any bugs where it gives incorrect information.
  • Mozilla brings back Stylish Add-on to Firefox after it was Banned Last Year
    The Stylish add-on, with which you can give websites their very own style, is back for Firefox. This improvement has been welcomed by many users. The history of this Add-on is quite complicated as it was supposedly twice removed and added back before it was removed again. Now it has been added back as reported by Vess (@VessOnSecurity). [...] The add-on Stylish has been brought back in the Mozilla’s add-on storehouse. What users should know: This expansion was criticized some time prior as a user data collector and has been prohibited and banned a year back from Mozilla’s Add-on store. Owing to its notoriety of collecting data of users’ website visits in a way which makes it convenient to reveal users’ identity to third parties, Google and Mozilla banned it last year. It is indeed surprising as to why Mozilla decided to bring it back to its browser after it was criticized for compromising users’ identity.
  • LibreOffice 6.1: A week in stats
    On August 8, we announced LibreOffice 6.1, a new version of the suite with many great features and updates created by our worldwide community. Let’s look at some stats from the last week!
  • Graphos 0.7 released
    Graphos 0.7 has been released a couple of days ago!
  • Tesla open sources its security software, Hollywood goes open source, and more news
  • How Changa Bell is taking an ‘open source’ approach to grow the Black Male Yoga Intiative
  • As Academic Publishers Fight And Subvert Open Access, Preprints Offer An Alternative Approach For Sharing Knowledge Widely
    That's certainly true, but is easy to remedy. Academics who plan to publish a preprint could offer a copy of the paper to the group of trusted journalists under embargo -- just as they would with traditional papers. One sentence describing why it would be worth reading is all that is required by way of introduction. To the extent that the system works for today's published papers, it will also work for preprints. Some authors may publish without giving journalists time to check with other experts, but that's also true for current papers. Similarly, some journalists may hanker after full press releases that spoon-feed them the results, but if they can't be bothered working it out for themselves, or contacting the researchers and asking for an explanation, they probably wouldn't write a very good article anyway. The other concern relates to the quality of preprints. One of the key differences between a preprint and a paper published in a journal is that the latter usually goes through the process of "peer review", whereby fellow academics read and critique it. But it is widely agreed that the peer review process has serious flaws, as many have pointed out for years -- and as Sheldon himself admits. Indeed, as defenders note, preprints allow far more scrutiny to be applied than with traditional peer review, because they are open for all to read and spot mistakes. There are some new and interesting projects to formalize this kind of open review. Sheldon rightly has particular concerns about papers on public health matters, where lives might be put at risk by erroneous or misleading results. But major preprint sites like bioRxiv (for biology) and the upcoming medRxiv (for medicine and health sciences) are already trying to reduce that problem by actively screening preprints before they are posted.
  • MUMPS Masochism part I: Line and Block Scope

    It's sort of an open secret that I sometimes use ANSI M, better known as MUMPS. It was developed in the 60's, and it definitely still looks like something from the 60's. But it's 1,000 times uglier than anything from that decade. I've made plenty of people, from software testers at work to other developers on IRC, recoil in horror from showing them samples of even relatively mundane code like a simple "Hello, World!".

  • OpenSSH Username Enumeration
     

    We realized that without this patch, a remote attacker can easily test whether a certain user exists or not (username enumeration) on a target OpenSSH server

Microsoft Openwashing

  • Microsoft open sources new framework for Windows driver development [Ed: openwashing Microsoft Windows by pretending that when you write proprietary drivers for a proprietary O/S that does DRM, spies on users etc. you actually do something "open"]
  • Microsoft to Open Source Its Network Replication Software [Ed: Microsoft is openwashing some more of its entirely proprietary 'offerings', a hallmark of a company of liars. Come to us! The traps are free, the cages will be "open".]
  • GitHub goes off the Rails as Microsoft closes in [Ed: Microsoft will take GitHub off the rail like it did Skype and LinkedIn (totally lost)]
    GitHub's platform group is about 155 people at the moment and growing, said Lambert. And much of the group's focus is on breaking GitHub apart. GitHub is about a third of the way through an architectural change that began last year. The company is moving away from Ruby on Rails toward a more heterogeneous, composable infrastructure. Ruby still has a place at GitHub – Lambert referred to the company as a Ruby shop, but he said there's more Go, Java and even some Haskell being deployed for services. The goal, he explained, is to make GitHub's internal capabilities accessible to integrators and partners. "Our monolith is starting to break up and we're starting to abstract things into services," said Lambert. "The platform we've chosen to put them on is Kubernetes."

Android Leftovers

Benchmarks Of Btrfs RAID On Four Samsung 970 EVO NVMe SSDs

With the MSI MEG X399 CREATION that we received as part of the launch package for the Threadripper 2950X and Threadripper 2990WX it includes the XPANDER-AERO that provides 4-way M.2 NVMe SSD slots on a PCI Express x16 card. The XPANDER-AERO is actively cooled and could be passed off as a small form factor graphics card upon a very cursory examination. With this card I've been running tests on four Samsung 970 EVO NVMe SSDs in RAID to offer stellar Linux I/O performance. Here are some initial benchmarks using Btrfs. Read more