Language Selection

English French German Italian Portuguese Spanish

Web

More Malware-Like Behaviour From Chrome and Firefox Introduces Firefox Monitor, Other News

Filed under
Google
Moz/FF
Web
  • Now Chrome Doesn’t Delete “Google Cookies” Even If You Clear All Cookies

    Yet another privacy concern for Google Chrome users! Previously, we talked about Google’s auto-login mechanism which is hijacking our local Google Chrome data. Now, another Chrome 69 setting has come to light which is risking our freedom to remove data.

  • Introducing Firefox Monitor, Helping People Take Control After a Data Breach

    Data breaches, when information like your username and password are stolen from a website you use, are an unfortunate part of life on the internet today. It can be hard to keep track of when your information has been stolen, so we’re going to help by launching Firefox Monitor, a free service that notifies people when they’ve been part of a data breach. After testing this summer, the results and positive attention gave us the confidence we needed to know this was a feature we wanted to give to all of our users.

  • Firefox Monitor, take control of your data

    That sinking feeling. You’re reading the news and you learn about a data breach. Hackers have stolen names, addresses, passwords, survey responses from a service that you use. It seems like we’re having that sinking feeling more and more. But we don’t have to despair. While technology will never be impervious to attacks, we can make sure that we’re able to respond when we learn that our personal data and passwords are part of a breach.

  • Firefox Quantum, Beta and Nightly Affected by ‘Reap Firefox’ Crash Attack

    A particular vulnerability in the present Firefox browser has been unraveled by the security researcher and basically the creater of this bug, Sabri Haddouche in his blog post. He pointed towards a bug which brings the browser and also the operating system possibly with a ‘Reap Firefox’ attack crash. This vulnerability affects Firefox versions working under Linux, macOS and Windows.

  • $1.6 Million to Connect Unconnected Americans: Our NSF-WINS Grand Prize Winners

    After months of prototyping and judging, Mozilla and the National Science Foundation are fueling the best and brightest ideas for bringing more Americans online

    Today, Mozilla and the National Science Foundation (NSF) are announcing the grand prize winners in our Wireless Innovation for a Networked Society (NSF-WINS) Challenges — an audacious competition to connect millions of unconnected Americans.

    The grand prize winners are as novel as they are promising: An 80-foot tower in rural Appalachia that beams broadband connectivity to residents. And, an autonomous network that fits in two suitcases — and can be deployed after earthquakes and hurricanes.

More curl bug bounty

Filed under
OSS
Web

The idea is that sponsors donate money to the bounty fund, and we will use that fund to hand out rewards for reported issues. It is a way for the curl project to help compensate researchers for the time and effort they spend helping us improving our security.

Right now the bounty fund is very small as we just started this project, but hopefully we can get a few sponsors interested and soon offer "proper" rewards at decent levels in case serious flaws are detected and reported here.

If you're a company using curl or libcurl and value security, you know what you can do...

Read more

Chrome's Latest

Filed under
Google
Web

The world’s biggest curl installations

Filed under
OSS
Web

curl is quite literally used everywhere. It is used by a huge number of applications and devices. But which applications, devices and users are the ones with the largest number of curl installations? I've tried to come up with a list...

I truly believe curl is one of the world's most widely used open source projects.

If you have comments, other suggestions or insights to help me polish this table or the numbers I present, please let me know!

Read more

The 'New' Microsoft

Filed under
Google
Microsoft
Moz/FF
Web
  • Windows derails Chrome, Firefox installation, promotes Microsoft Edge instead [iophk: "Where are the Microsoft apologists on this? They sure have been quiet."]

    Microsoft is trying a new tactic to get people to use its Edge browser: a warning dialog box that interrupts the installation of other browsers like Mozilla Firefox or Google Chrome.

  • Microsoft tests ‘warning’ Windows 10 users not to install Chrome or Firefox

    While the prompts can be turned off, they’re yet another example of Microsoft infesting Windows 10 with annoying ads and pop-ups. Some similar prompts already appear and attempt to push Chrome or Firefox users to use Edge, but this latest one steps up Microsoft’s war against Chrome even further. It’s not clear why Microsoft thinks it’s a good idea to include these irritating prompts, as all they’re likely to do is anger Windows 10 users rather than convince them to switch to Edge.

  • Microsoft Tests Warning Windows 10 Users About Installing Google Chrome or Mozilla Firefox [iophk: "yeah, Microsoft "loves" FOSS"]

    While the warning does not block the installation, it is a blatant move from Microsoft to try and stop users from downloading a rival's Web browser. As per a CNET report, test was confirmed in Windows 10 version 1809, build 17758.1. It is worth noting that it is a preview release, which will not be available to the general public for another month or so. In a statement to CNET, Microsoft referred to its Windows test programme, and said, "We're currently testing this functionality with insiders only. The Windows Insider Program enables Microsoft to test different features, functionality and garner feedback before rolling out broadly. Customers remain in control and can choose the browser of their choice." The Verge, on the other hand, cites its sources to say the warning will not make its way to the Windows 10 October 2018 Update.

Chrome 69 Tip for GNU/Linux and Beta of Next Chrome Release

Filed under
Google
Web
  • Change UI theme in Google Chrome 69

    Say what you will about Chrome, but over the years, it has maintained a rather consistent look & feel. The changes are mostly done under the hood and they do not interfere with how the user interacts with the browser. But occasionally, mostly guided by their wider influence in the OS space, especially the mobile world, Google has made some stylistic changes. Most notably, they introduced Material Design to the Chrome UI, and now, there's another facelift.

    I noticed the new looks in the freshly updated Chrome 69 in Kubuntu Beaver, and I wasn't too happy. The font is gray and pale, ergo contrast isn't as good as it should be, and the new round design feels odd. So I decided to change this back to the older style. Let me show you how you can do this.

    [...]

    There you go. If you don't like the aesthetically pleasing but ergonomically dubious change to the Chrome's UI look in version 69 onwards, then you can change (we don't know for how long) the layout back to what it was, or try one of the several available themes. The goal is to retain maximum visual clarity and efficiency. The old looks offer that. The new ones hamper that.

    I am quite alarmed by this trend. The only solace I get is the knowledge that a few Google shares in me possession are generating profit, which I shall use to heal my soul of all this sub-IQ100 touch-led destruction of the desktop and fast productivity, a crusade that started worldwide around 2011 or so.

  • Chrome 70 beta: shape detection, web authentication, and more

    Unless otherwise noted, changes described below apply to the newest Chrome Beta channel release for Android, Chrome OS, Linux, macOS, and Windows. View a complete list of the features in Chrome 70 on ChromeStatus.com. Chrome 70 is beta as of September 13, 2018.

  • Chrome 70 In Beta With TLS 1.3, Opus Support In MP4 & AV1 Decode

    Following last week's Chrome 69 release, Chrome 70 is now in beta as the latest feature-update to Google's browser.

Browsh and Firefox on Old PCs (Better on GNU/Linux)

Filed under
GNU
Linux
Moz/FF
Web
  • Browsh – A Modern Text Based Browser Which Supports Graphics And Video

    We had wrote many articles about text based browser in the past such as Links, Links2, ELinks, Lynx, w3m and Netrik.

    Why we need a text-based browser in Linux? As you already know most of the Linux servers are running without GUI. It helps Linux administrator to browse the website from CLI.

    As i know, all these text-based browsers renders only web pages and supports color but browsh is advanced, well-established, feature-rich modern text based browser which supports graphics and video.

  • Firefox Just Dropped Windows XP and Vista Support, and Soon Steam Will Too

    Version 52 of Firefox’s Extended Support Edition (ESR) was the last version of Firefox compatible with Windows XP and Vista machines, but it is no longer getting security updates as of last week. This means any security flaws will never be patched, potentially putting users in danger of breaches.

WordPress Gutenberg will be the end of WordPress

Filed under
OSS
Web

WordPress is the most popular Content Management System (CMS) and blogging platform in the world. There are a lot of good reasons for that. It is accessible, simple and intuitive to use, and highly flexible, with a bewildering range of professional plugins and themes. Over the years, it has asserted itself as the dominant choice for those looking to create dynamic, responsive websites. I am a happy user, too. I've been using it myself since 2012, on my book writing blog. Unfortunately, all this goodness is poised to go down the drain.

WordPress 5.0, the next major release, is going to feature a revised UI (the backend) using a framework called Gutenberg. This new UI looks like it's going to take away all the good things that made WordPress so cool, and destroy the beautiful elegance, efficiency and simplicity with something that feels like an abstract, touch-optimized experiment. Let's discuss.

[...]

Unholy Crusade against the desktop

Ever since mobile (touch) became the prevalent consumer platform, there's been a lot of focus on developing mobile solutions. This is fine. Except these mobile solutions are also pushed onto the desktop, where they utterly fail. Touch software does not work on the desktop. It just does not.

Moreover, there's a bigger problem here. While most of the content is consumed on the mobile, most of the content is created on the desktop. It makes sense. The desktop is an infinitely superior platform for writing and image processing. The full keyboard + mouse combo and the multi-application usability beat all and any touch solution.

I do not consider social media "updates" content. I consider content to be meaningful articles that provide new and unique information, of which there is less and less every day. I am extremely confident than the vast majority of actually valuable articles and posts are made using the classic desktop formula. Just imagine writing 500 words on a keyboard versus touch.

Read more

The WebExtocalypse

Filed under
Moz/FF
Web

Mozilla recently dropped support for Firefox XUL extensions.

The initial threat of this prompted me to discover how to re-enable XUL extensions by modifying Firefox's omni.ja file. That clearly is not going to last very long since Mozilla is also deleting XPCOM interfaces but I note the Tor Browser is temporarily still using XUL extensions.

Since I have some extensions I wrote for myself, I will need to rewrite them as WebExtension add-ons.

The first thing to do is check how to install WebExtension add-ons. My local XUL extensions are run from the corresponding git trees. Using an example extension I discovered that this no longer works. The normal way to install add-ons is to use the web-ext tool, upload to the Mozilla app store and then install from there. This seems like overkill for an unpolished local add-on. One way to workaround this is to disable signing but that seems suboptimal if one has installed Mozilla-signed add-ons, which I will probably have to do until Debian packages more add-ons. Luckily Mozilla offers alternative "sideloading" distribution mechanisms and Debian enables these by default for the Debian webext-* packages. Installing a symlink to the git repository into the extensions directory and adding a gecko identifier to the add-on manifest.json file works.

Read more

Latest on Chrome and Mozilla

Filed under
Google
Moz/FF
Web
  • Google Wants to Kill the URL

     

    The focus right now, they say, is on identifying all the ways people use URLs to try to find an alternative that will enhance security and identity integrity on the web while also adding convenience for everyday tasks like sharing links on mobile devices.

  • Keybase: "Our browser extension subverts our encryption, but why should we care?"

    Two days ago I decided to take a look at Keybase. Keybase does crypto, is open source and offers security bug bounties for relevant findings — just the perfect investigation subject for me. It didn’t take long for me to realize that their browser extension is deeply flawed, so I reported the issue to them via their bug bounty program. The response was rather… remarkable. It can be summed up as: “Yes, we know. But why should we care?”

  • Daniel Stenberg: DoH in curl

    DNS-over-HTTPS (DoH) is being designed (it is not an RFC quite yet but very soon!) to allow internet clients to get increased privacy and security for their name resolves. I've previously explained the DNS-over-HTTPS functionality within Firefox that ships in Firefox 62 and I did a presentation about DoH and its future in curl at curl up 2018.

    We are now introducing DoH support in curl. I hope this will not only allow users to start getting better privacy and security for their curl based internet transfers, but ideally this will also provide an additional debugging tool for DoH in other clients and servers.

    Let's take a look at how we plan to let applications enable this when using libcurl and how libcurl has to work with this internally to glue things together.

  • Firefox 63 Beta On Linux Finally Runs WebExtensions In Their Own Process

    With Firefox 62.0 having shipped, Mozilla promoted Firefox 63.0 to beta as part of their usual release cadence.

    With Firefox 63.0 there are several Windows 10 and macOS improvements including better multi-GPU handling on Macs, faster tab switching, and better Windows 10 integration. But for Linux users there is one notable platform-specific change and that is WebExtensions now running in their own process.

Syndicate content