Language Selection

English French German Italian Portuguese Spanish

Web

Mozilla: Rust, Socorro, and 'Healthier' Internet (Openwashing)

Filed under
Development
Moz/FF
Web
  • Another Rust-y OS: Theseus joins Redox in pursuit of safer, more resilient systems

    Rust, a modern system programming language focused on performance, safety and concurrency, seems an ideal choice for creating a new operating system, and several such projects already exist. Now there is a new one, Theseus, described by creator Kevin Boos as "an Experiment in Operating System Structure and State Management."

    The key thinking behind Theseus is to avoid what Boos and three other contributors from Rice and Yale universities call "state spill".

  • This Week In Rust: This Week in Rust 373
  • Socorro Engineering: Half in Review 2020 h2 and 2020 retrospective

    2020h1 was rough. 2020h2 was also rough: more layoffs, 2 re-orgs, Covid-19.

    I (and Socorro and Tecken) got re-orged into the Data Org. Data Org manages the Telemetry ingestion pipeline as well as all the things related to it. There's a lot of overlap between Socorro and Telemetry and being in the Data Org might help reduce that overlap and ease maintenance.

    [...]

    2020 sucked. At the end, I was feeling completely demoralized and deflated.

  • Reimagine Open: Building a Healthier Internet

    Does the “openness” that made the [Internet] so successful also inevitably lead to harms online? Is an open [Internet] inherently a haven for illegal speech, for eroding privacy and security, or for inequitable access? Is “open” still a useful concept as we chart a future path for the [Internet]?

    A new paper from Mozilla seeks to answer these questions. Reimagine Open: Building Better Internet Experiences explores the evolution of the open [Internet] and the challenges it faces today. The report catalogs findings from a year-long project of outreach led by Mozilla’s Chairwoman and CEO, Mitchell Baker. Its conclusion: We need not break faith with the values embedded in the open [Internet]. But we do need to return to the original conceptions of openness, now eroded online. And we do need to reimagine the open [Internet], to address today’s need for accountability and online health.

TabFS Makes Your Browser A File System

Filed under
Software
Web

Like Unix, old-fashioned Linux has the philosophy that everything should look like a file. That paradigm works well and most of the operating system’s core features follow that pattern. However, many modern additions don’t really treat things as files or, at least, not files you can easily manipulate with the other tools. [Omar Rizwan] has a handy Chrome extension, though, that will make your browser tabs look like part of your file system. Not only is it a novel idea, but it is also surprisingly handy.

The extension feels like a bit of a proof of concept, so installation is a bit rough, but it does work and it allows you to do things that you would otherwise have to write an extension or a sophisticated program to screen scrape which is always less than desirable.

Read more

9 Decentralized, P2P and Open Source Alternatives to Mainstream Social Media Platforms Like Twitter, Facebook, YouTube and Reddit

Filed under
Web

Tired of Big Tech prying on your data and invading your privacy? Here are some open source, decentralized alternate social platforms.
Read more

GNU Wget 1.21 and GNU Wget 1.21.1 Released

Filed under
GNU
Web
  • GNU Wget 1.21 Released

    Noteworthy changes in this release:

    Improve the number of translated strings
    Remove all uses of alloca. In some places the length of untrusted strings has been used, e.g. strings from the command line or from remote.
    Fix buffer overflows in progress bar code in some locales
    Fix two null pointer accesses
    Amend cookie file header to be recognized by the 'file' command
    Post Handshake Authentication for OpenSSL
    Require gettext version 0.19.3+
    Add configure flags --enable-fsanitize-ubsan, --enable-fsanitize-asan and --enable-fsanitize-msan for gcc and clang
    Make several smaller fixes, enhance fuzzing, enhance building

  • GNU Wget 1.21.1 Released

    Noteworthy changes in this release:

    Fix compilation on MacOS and Solaris 9
    Remove bashism from configure.ac
    Fix a compilation warning on 32-bit systems

Mozilla Firefox Flips On AVIF Image Decoding By Default

Filed under
Moz/FF
Web

As noted before the holidays that Mozilla Firefox was ready to enable AVIF image decoding by default, now that the holidays have passed and developers back to their keyboards, Firefox today has re-enabled AVIF by default.

Since Google's Chrome 85 there has been AVIF support enabled by default while the Firefox support has been disabled by default for now. But as of today in their nightly code the functionality is there out-of-the-box.

Read more

Also: We need more than deplatforming

19 Free open-source self-hosted Invoicing and billing solutions

Filed under
Server
OSS
Web

In a dynamic business environment invoices are created regularly and require custom workflow according to the enterprise business process.

Invoice and order management solutions are built to manage billing and invoicing documents generally. Some of them manage orders and post-sale subscription billing.

Most of ERP (Enterprise Resources Planning) solutions include invoice, billing and order management features.

Read more

Beginner's Guide To Get Email Account At Disroot

Filed under
Web
HowTos

This tutorial explains to you how to have a free email account on the internet. Your email address will look like yourname@disroot.org and people will send you emails using it. This tutorial covers the step by step registration process, how to access your inbox, how to send your first email, and how to integrate your computer with it using a program called email client, all with pictures. This includes the reason why Disroot is chosen here. Now let's go and happy emailing!

Read more

Daniel Stenberg: The curl year 2020

Filed under
Development
Software
Web

As we’re approaching the end of the year, I just want to sum up the curl year with a few words.

2020 has been another glorious year in the curl project. We’ve seen a series of accomplishments and introductions of new things during this the year of the plague.

[...]

139 authors wrote commits that were merged (so far).

We did nine curl releases, out of which two unfortunately were quicker “panic releases” that patched up problems in the previous release.

Read more

Mozilla Leftovers

Filed under
Moz/FF
Web
  • Scammers use Chrome, Firefox extensions in widespread ad fraud campaign

    The scammers are using malicious browser extensions— a tried and tested fraud tactic — to inject bogus advertisements into the results displayed on a search engine page. The more users who visit the fraudulent ad pages, the more money the perpetrators earn via a traffic-driven advertising program. Microsoft did not identify who was responsible for the attacks, or how much money they had netted.

  • Firefox Browser updated to 84.0.1 [in] PCLinuxOS

    The Mozilla Firefox browser has been updated to 84.0.1 and is a minor bug fix update. This update will appear in your Synaptic Package Manager if you are using Firefox.

  • David Humphrey: SnowyOwls.ca

    But as the snow begins to fall each December, my attention turns to another owl: the Snowy Owl. Normally at this time of year I'm seeing Snowy Owls on my long commutes to and from work. With COVID, I'm not out driving anymore, and as such, I'm not having as easy a time finding them.

    I decided that this year's marking-side-project would be a tool to help people find Snowy Owls near where they live. I've long wanted to play with eBird and the eBird API, and hoped that I could get recent sighting data this way. To use the eBird API, you have to create an account and then request an API key. After that you can do all sorts of interesting queries to get current or historical data about sightings by species, region, or location.

    [...]

    As we enter our tenth month of the pandemic, I wanted to make something for the current moment. Christmas won't be the same this year: we won't be able to celebrate or visit our parents, siblings, or their families; I can't get together with any friends for a meal; and many of the usual traditions our family has are off the table. I'm sad at all of it.

    I can't fix any of this, but I wanted to do something to give some small bit of joy over the holidays. While the pandemic forces us to avoid each other, we're still allowed to go outside, to drive in the country, to walk in the park or along the shoreline, and to look for Snowy Owls.

    As I was finishing up the app's code, I noticed that a new owl had been spotted 15 minutes from our house. My wife and I drove off into the falling snow in search of it, creeping along an old fence line stretched across a farmer's field. It was really beautiful to be out, to be hopeful, and to be focused on what is yet to come.

Web Browsers: Brave, Web Surveillance and Mozilla

Filed under
Moz/FF
Web
  • What is Brave browser’s market share [Ed: Those are not legitimate measures.

    How large is the Brave browser’s market share in the browser wars? A slew of technical hurdles make it difficult to count Brave’s user base, so no one has shared any market share analysis numbers that include Brave. Until now.

    [...]

    Brave blocks the tracking scripts from these two companies by default, so its users are excluded from these datasets.

  • Kartikaya Gupta: 9 years and change

    I should probably note here that November 20 was my last day as a Mozilla employee. In theory, that shouldn't really change much, given the open-source nature of Mozilla. In practice, of course, it does. I did successfully set up a non-staff account and migrate things to that, so I still retain some level of access. I intend to continue contributing; however, my contributions will likely be restricted to things that don't require paging in huge chunks of code, or require large chunks of time. In other words, mostly cleanup-type stuff, or smaller bugfixes/enhancements.

    [...]

    Working at Mozilla was in many ways a dream come true. It was truly an honour to work alongside so many world-class engineers, on so many different problems. I'm going to miss it, for sure, but I am also excited to see what the future holds.

  • Mozilla Firefox Appears Ready To Enable AVIF Image Handling Support By Default

    It looks like Mozilla Firefox very soon will be enabling support for AVIF as the image format based on AV1 video coding.

    Google added support for AVIF to Chrome/Chromium earlier this year and shipped with Chrome 85. There has been other industry adoption as well around AVIF images, even by the likes of Microsoft with Windows. Now in an upcoming Firefox release, AVIF image support will be present too.

Syndicate content

More in Tux Machines

Programming Leftovers

  • Ravgeet Dhillon: Offline Toast notification in Nuxt/Vue app

    We have often seen apps telling us that “You are offline. Check your network status.”. It is not only convenient to do so but adds to a great UX. In this blog, we will look at how can we display a toast notification in a Nuxt/Vue app whenever the user goes offline or online. This will also help us to understand how to use computed and watch properties together. [...] Hurray! Our toast notifications are working perfectly fine. So using the combined magic of computed and watch properties, we can create outstanding workflows and take our Nuxt/Vue app to next level. If you any doubts or appreciation for our team, let us know in the comments below. We would be happy to assist you.

  • Stephen Michael Kellat: Leveraging LaTeX In This Time

    From time to time I like to bring up fun adventures in LaTeX. In these stranges times in the United States it is important to look at somewhat practical applications beyond the normal reports and formal papers most people think of. With a Minimum Working Example we can mostly look at an idea. The Comprehensive TeX Archive Network has a package known as newspaper which is effectively subject to nominative determinism. You can make things with it that look like newspapers out of the 1940s-1960s in terms of layout. The page on CTAN shows nice examples of its use and provides a nice story as to why the package was created. The example source file on CTAN has a bug in it, though. We're going to make a new one based on it. I am also going to add but not yet utilize the markdown package to the example.

  • 2021.03 Course Topped – Rakudo Weekly News

    The course of the Raku Programming Language by Andrew Shitov made it to the top 20 of Hacker News and spurred quite a few comments. The first associated Grant Report was also published.

  • GCC 11 Is On The Final Stage Of Development With 60+ High Priority Regressions - Phoronix

    GCC 11 entered its final stage of development today as it works towards releasing around the end of Q1 / early Q2 if their past cadence holds up. Before GCC 11.1 can debut as the first stable version, there are some 60+ "P1" high priority regressions that need to be resolved or otherwise demoted to lesser priority regressions. GCC 11 release manager Richard Biener this morning announced GCC 11 is now in stage four development meaning only regression fixes and documentation fixes are allowed. As of this morning the code-base is at 62 P1 regressions, another 334 P2 regressions, 35 P3 regressions, and more than 200 regressions of the lower P4/P5 status.

Devices: Xtra-PC, Arduino and Inventor Coding Kit

  • Xtra-PC Reviews – Best Linux USB-Stick? - Product Review by Rick Finn

    The Xtra-PC Linux USB-Stick might be your solution if you have problems with your old and slow PC. It's a small flash drive stick and it's using Linux OS to boost you PC's operations. Check out now.

  • Arduino Blog » Old keyboard turned into a new children’s learning toy

    Peter Turczak’s toddler son loves “technical stuff,” especially things like keyboards and computers that adults use. After discussing this with other likeminded technical parents, the idea of giving new life to an old (PS/2 or AT) keyboard as a teaching tool was hatched.

  • SiFive Helping To Teach Kids Programming With RISC-V HiFive Inventor Coding Kit

    SiFive in cooperation with Tynker and BBC Learning have launched a Doctor Who themed HiFive Inventor Coding Kit. This Initial HiFive Inventor Coding Kit is intended to help kids as young as seven years of age get involved with computer programming through a variety of fun exercises and challenges involving the RISC-V powered mini computer and related peripherals like LED lighting and speaker control. [...] So for those looking to get their kids involved with computer programming and looking for an IoT-type device with some fun sensors and various themed exercises to get them experimenting, the HiFive Inventor Coding Kit is worth looking into further. More details on the programming platform can be found via Tynker.com and on the hardware at HiFiveInventor.com. The HiFive Inventor Kit is available from Amazon.com and other Internet retailers for $75 USD.

Security Leftovers

  • Security updates for Monday

    Security updates have been issued by Arch Linux (atftp, coturn, gitlab, mdbook, mediawiki, nodejs, nodejs-lts-dubnium, nodejs-lts-erbium, nodejs-lts-fermium, nvidia-utils, opensmtpd, php, python-cairosvg, python-pillow, thunderbird, vivaldi, and wavpack), CentOS (firefox and thunderbird), Debian (chromium and snapd), Fedora (chromium, flatpak, glibc, kernel, kernel-headers, nodejs, php, and python-cairosvg), Mageia (bind, caribou, chromium-browser-stable, dom4j, edk2, opensc, p11-kit, policycoreutils, python-lxml, resteasy, sudo, synergy, and unzip), openSUSE (ceph, crmsh, dovecot23, hawk2, kernel, nodejs10, open-iscsi, openldap2, php7, python-jupyter_notebook, slurm_18_08, tcmu-runner, thunderbird, tomcat, viewvc, and vlc), Oracle (dotnet3.1 and thunderbird), Red Hat (postgresql:10, postgresql:12, postgresql:9.6, and xstream), SUSE (ImageMagick, openldap2, slurm, and tcmu-runner), and Ubuntu (icoutils).

  • About CVE-2020-27348

    Well this is a doozey. Made public a while back was a security vulnerability in many Snap Packages and the Snapcraft tool used to create them. Specifically, this is the vulnerability identified as CVE-2020-27348. It unfortunately affects many many snap packages… [...] The problem arises when the LD_LIBRARY_PATH includes an empty element in its list. When the Dynamic Linker sees an empty element it will look in the current working directory of the process. So if we construct our search paths with an accidental empty element the application inside our Snap Package could be caused to load a shared library from outside the Snap Package’s shipped files. This can lead to an arbitrary code execution. It has been common to put a definition of the LD_LIBRARY_PATH variable into a Snap Package’s snapcraft.yaml that references a predefined $LD_LIBRARY_PATH as if to extend it. Unfortunately, despite this being common, it was poorly understood that SnapD ensures that the $LD_LIBRARY_PATH is unset when starting a Snap Package’s applications. What that means is that where the author tried to extend the variable they have inadvertantly inserted the bad empty element. The empty element appears because $LD_LIBRARY_PATH is unset so the shell will expand it to an empty string.

  • Wait, What? Kids Found A Security Flaw in Linux Mint By Mashing Keys!

    Security flaws can be incredibly stupid and dangerous. Of course, I’m not judging anyone, we are humans after all. But this little incident is quite funny.

Audiocasts/Shows: Blender 2.91, Server Security, Linux in the Ham Shack and More