Language Selection

English French German Italian Portuguese Spanish

jozmak's blog

Gimp Tutorial: Creating a Push Button

Push buttons are widely used both web and interface designers. You can see all kinds of push buttons on the web varying in design and shape. In the following tutorial we are going to create one particular kind of push button that is attractive and easy to make even in the Gimp.

http://jozmak.blogspot.com/

Gimp Tutorial: Creating a Navigation Button

Filed under
Howtos

Navigation buttons are essential features of both web pages and application interfaces. In the following tutorial, we create an attractive navigation button in a few simple steps that can be followed even with limited Gimp knowledge.

http://jozmak.blogspot.com/

Gimp Tutorial: Creating Glassy Buttons

Most Photoshop techniques make heavy use of "layer effects" when it comes to creating glassy buttons. I modified one of those techniques so that it could be applied to the Gimp environment that lacks this feature. The following tutorial shows you how to create a glassy button in 5 easy steps.

http://jozmak.blogspot.com/

Optimizing Xubuntu's user interface

Filed under
Linux

Xubuntu targets slower older hardware with limited resources and display size like my IBM Thinkpad with 1 Gig Intel processor 250 Mb memory, 30 Gig hard drive and 14 inch display size.

Beautifying Debian Etch

Filed under
Howtos

Debian is one of my favorite distros; but in terms of look, I hate it. At each release, I am hoping for visual improvements but each time I get disappointed. Etch is no different, the artworks are unpolished, the icon set (Rodent on the Xfce desktop) is prehistoric and in general, the desktop has a poor aesthetic appearance.

The Magic of Simultaneous Contrast

Filed under
Howtos

The purpose of this article is to introduce the reader to the idea of simultaneous contrast and to the amazing effects of color interactions. Color is the single most important tool that artists and designers used throughout the ages to beautify their environment. But to use color effectively one has to understand its basic functions, its psychological and visual impacts on the environment.

Studies in Illumination Part II

In the second part of the article, I will touch upon the interaction of light and environment in terms of colors.

Studies in Illumination I

The following explorations in illumination effects have been based on Faber Birren's ground-breaking research in color theory. Birren summarized some of his findings in a book called Color Perception in Art that was an instant success among artists and designers all over the world.

Syndicate content

More in Tux Machines

Programming: Perl, Git/Emacs and Compilers

  • Listen to Larry Wall's State of the Onion 2000 on YouTube

    It’s a typical Larry talk filled with quirky, humorous observations about life and programming, and notably he announces the Perl 6 project. Unfortunately the audio is low quality (hey it was 20 years ago at a low-budget conference); you can read a transcript of the talk here (with mp3 download links at the bottom). We also have collection of attendees’ reports from the conference.

  •        
  • Chicago.pm Virtual Meeting: July 23

    In case you are not familiar with gather.town, after you join the conversation, you will have a small avatar on a 2d map and can walk around. When you are close to somebody or a group of people, you can video chat with them over video. Perlmongers is supposed to be a social gathering, and we are experimenting with this venue to see if it'll make that possible!

  • The Magit Git Client Is The "Killer Feature" In Emacs

    Users of other text editors often ask "why should I switch to Emacs?" or, more specifically, "what is the killer feature that Emacs offers?" Depending on your workflow, the killer feature for Emacs could be a number of things, one them being Magit!

  • Alder Lake-S Compiler Update Points to big.LITTLE Desktop Chips

    This design builds upon the big.LITTLE (Big.BIGGER in Intel parlance) design that debuted in the company's 3D Lakefield chips. These designs incorporate one large Sunny Cove core combined with four Atom Tremont smaller cores in an ARM-like design. With the architecture proven and already working its way through the ecosystem, it's rational to expect Intel to scale it up to tackle desktop PCs, too. The GNU compiler updates include a list of compatible instructions for both Intel's upcoming data center Sapphire Ridge chips and Alder Lake desktop chips, with the latter noticeably missing support for AVX-512, a SIMD instruction that Intel recently introduced to its desktop chips. These instructions are disabled in Intel's hybrid Lakefield chips to keep the instruction set consistent between cores (Atom doesn't support AVX instructions), therefore easing operating system scheduling routines that target different workloads at the cores best suited for the task. Therefore, the lack of AVX-512 support for Alder Lake could serve as further evidence that Intel will bring its hybrid architecture to desktop PCs.

Security: Patches, Web Security Books, SecWeb – Designing Security for the Web

  • Security updates for Friday

    Security updates have been issued by Fedora (curl, LibRaw, python-pillow, and python36), Mageia (coturn, samba, and vino), openSUSE (opera), and Ubuntu (openssl).

  • Comparing 3 Great Web Security Books

    I thought about using a clickbait title like “Is this the best web security book?”, but I just couldn’t do that to you all. Instead, I want to compare and contrast 3 books, all of which I consider great books about web security. I won’t declare any single book “the best” because that’s too subjective. Best depends on where you’re coming from and what you’re trying to achieve.

  • Hardening Firefox against Injection Attacks – The Technical Details

    In a recent academic publication titled Hardening Firefox against Injection Attacks (to appear at SecWeb – Designing Security for the Web) we describe techniques which we have incorporated into Firefox to provide defense in depth against code injection attacks. Within this blogpost we are going to provide insights into the described hardening techniques at a technical level with pointers to the actual code implementing it. Note that links to source code are perma-linked to a recent revision as of this blog post. More recent changes may have changed the location of the code in question. [...] Firefox ships with a variety of built-in pages, commonly referred to as about: pages. Such about: pages allow the user to view internal browser information or change settings. If one were able to inject script into a privileged about: page it would represent a complete browser takeover in many cases. To reduce this injection attack surface, we apply a strong Content Security Policy (CSP) of default-src chrome: to all about: pages. The applied CSP restricts script to only JavaScript files bundled and shipped with the browser and accessible only via the Firefox internal chrome:// protocol. Whenever loading any kind of JavaScript, Firefox internally consults its CSP implementation by calling the function ShouldLoad() for external resources, or GetAllowsInline() for inline scripts. If the script to be executed is not allow-listed by the added CSP then Firefox will block the script execution, rendering the code injection attack obsolete. Further, we verify that any newly added about: page within Firefox exposes a strong CSP by consulting the function AssertAboutPageHasCSP(). This function basically acts as a commit guard to our codebase and ensures that no about: page makes it into the Firefox codebase without a strong CSP. Before we started to protect about: pages with a CSP we faced a bug where text and markup controlled by a web application was reused in a permission prompt, which led to a Universal Cross-Site Scripting (UXSS) attack in the browser interface (CVE-2018-5124). These scripts run with elevated privileges that get access to internal APIs and can result in a full system compromise. What raises the severity of such bugs is the high-level nature of the vulnerability and the highly deterministic nature of the exploit code which allowed comparably trivial exploitation.

Screencasts and Audiocasts: Linux Mint 20 "MATE", Linux Headlines and More

  • Linux Mint 20 "MATE" overview | Stable, robust, traditional

    In this video, I am going to show an overview of Linux Mint 20 "MATE" and some of the applications pre-installed.

  • 2020-07-10 | Linux Headlines

    Possible changes on the horizon for LibreOffice are raising concerns in the community, industry players decry Google's gifting of Istio intellectual property to the Open Usage Commons, and both Ubuntu and Docker push further into the AWS ecosystem.

  • Tech Means Business: Best of Series 1

    Artificial intelligence with Darktrace Big data and Splunk IoT with Ubuntu/Canonical The Linux effect with Positive Internet Career paths, with DocuSign Thanks go to the people I spoke with, and who featured on the episodes that aren’t featured here. It was literally through lack of time that has meant this “best of” show is necessarily limited in scope. Series two already shaping up nicely: MasterCard, Red Hat, ARM, SuperMicro, and plenty more. Watch this space!

Graphics: Zink, VA-API, NVIDIA's NVAPI SDK

  • Mike Blumenkrantz: Extensions

    Usually I cover in-depth looks at various chunks of code I’ve been working on, but today it’s going to be a more traditional style of modern blogging: memes and complaining.

  • New VA-API H.264 decoder in gst-plugins-bad

    Recently, a new H.264 decoder, using VA-API, was merged in gst-plugins-bad. Why another VA-based H.264 decoder if there is already gstreamer-vaapi? As usual, an historical perspective may give some clues. It started when Seungha Yang implemented the GStreamer decoders for Windows using DXVA2 and D3D11 APIs. Perhaps we need one step back and explain what are stateless decoders.

  • NVIDIA open sourced part of NVAPI SDK to aid 'Windows emulation environments'

    NVIDIA sneakily put out a little open source release recently, with a part of the NVAPI SDK now under the MIT license. This was mentioned by the crew working on the DXVK translation layer in the VKx Discord, who sent along word to me as well. NVAPI is NVIDIA's core software development kit that allows direct access to NVIDIA GPUs and drivers on all Windows platforms. Now, that doesn't sound interesting for Linux obviously but here's why this actually is important: in the NVAPI Open Source SDK, it directly mentions that the contained "nvapi.h" file that's now provided under the MIT license was done to enable "open source re-implementations of NVAPI for Windows emulation environments"—so the Wine and Proton compatibility layers are what they're getting at without naming them directly.