Language Selection

English French German Italian Portuguese Spanish

Free Software Foundation (FSF) Tackling Proprietary JavaScript

Filed under
GNU
  • FSF announces JShelter browser add-on to combat threats from nonfree JavaScript

    The Free Software Foundation (FSF) today announced the JShelter project, an anti-malware Web browser extension to mitigate potential threats from JavaScript, including fingerprinting, tracking, and data collection. The project is supported by NLnet Foundation's Next Generation Internet (NGI) Zero Privacy & Trust Enhancing Technologies fund. Collaborators include Libor Polčák and Bednář Martin (Brno University of Technology), Giorgio Maone (NoScript), and Ana Isabel Carvalho and Ricardo Lafuente (Manufactura Independente). The JShelter browser add-on is in development and the first release is available.

    Most modern Web sites contain a growing number of programs that the user's Web browser downloads and runs automatically as pages are loaded. While these JavaScript programs can provide functionality to a site in conjunction with native browser features, they are also a significant liability both from security and privacy perspectives. Moreover, the software is typically licensed under unethical terms by the FSF's standards, disempowering users and hampering learning and security. With a thirty-six year history of defending software ethics, The FSF recognizes the importance and urgency of both aspects of the problem and its role in solving this significant challenge. In response, the FSF has been working on an ambitious new initiative, the JShelter browser extension. This browser add-on will limit the potential for JavaScript programs to do harmful actions by restricting default behavior and adding a layer of control. JShelter is a significant next step in the FSF's "Free JavaScript Campaign," providing a new tool that can be used in conjunction with another related extension, GNU LibreJS, which allows the user to identify and run only freely licensed scripts.

  • Keeping your freedom intact when registering or renewing as a DMCA agent

    DMCA agent registration only lasts three years before it must be renewed. Use these add-ons to register and renew without the use of nonfree JavaScript.
    Users shouldn't be forced to use nonfree software when interacting with their own government. Every user has the right to control their own computing, and the government shouldn't be forcing you to download and install proprietary software just to take advantage of its services. But when it comes to registering and renewing the status as an agent under the Digital Millennium Copyright Act (DMCA) in the United States, that's exactly what the government expects you to do.

    The U.S. Copyright Office requires a registered agent to renew their status every three years to help ensure that the agent directory stays up to date. However, the renewal can only be done online, and you are required to use nonfree software. We find this unacceptable. Fortunately, three years ago we devised a way to complete an agent’s registration circumventing the use of nonfree Javascript. Today, we confirm the process still works and it can be applied to renewal as well. We encourage everyone to learn more about these tools to access your government services in software freedom.

FSF job opportunity: Outreach and communicat\ions coordinator

  • FSF job opportunity: Outreach and communications coordinator

    The Free Software Foundation (FSF), a Massachusetts 501(c)(3) charity with a worldwide mission to protect computer user freedom, seeks a motivated and organized Boston-based individual to be our full-time outreach and communications coordinator.

    Reporting to the executive director, the outreach and communications coordinator works closely with our campaigns, licensing, technical, and operations teams to plan, write, edit, publish, and promote high-quality, effective materials, both digital and printed. These materials are a critical part of advancing the FSF's work in support of the GNU Project, free software adoption, copyleft licensing, and freedom on the Internet; and against Digital Restrictions Management (DRM), software patents, and proprietary software. Nearly every publication from the FSF goes through this public-facing position, tying together our work across various constituencies.

Free Software Foundation Introduces JShelter Browser Add-on...

  • Free Software Foundation Introduces JShelter Browser Add-on to Restrict JavaScript API

    The Free Software Foundation has unveiled the project JShelter , which develops a browser add-on to protect against threats posed by JavaScript on websites, including hidden identification , movement tracking, and user data collection. The project code is distributed under the GPLv3 license. The add-on is prepared for Firefox , Google Chrome , Opera , Brave, Microsoft Edge and other browsers based on the Chromium engine.

    The project is being developed as a joint initiative funded by the foundation NLnet Foundation. JShelter has also been joined by Giorgio Maone, the creator of the add-on NoScript , as well as the founders of the project J ++ and the authors of the add ons JS-Shield – and JavaScript Restrictor . The add-on is used as a basis for the new project JavaScript Restrictor .

    JShelter can be thought of as a firewall for JavaScript APIs available to sites and web applications. The add-on provides four levels of protection, as well as a flexible API access configuration mode. Level zero completely allows access to all APIs, the first one includes minimal locks that do not disrupt the work of pages, the second level balances between locks and compatibility, and the fourth level includes strict blocking of everything unnecessary.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Jive Search is your private self-hosted search engine

Ever wanted your own search engine that you can host, control and make sure your searches are not leaked or recorded?. Then it is time to check Jive Search. Jive Search is a free, open-source search self-hosted search engine that you can run on your machine or server. The app is written using the Go programming language for better performance. Read more Also: MinIO is an open-source multi-cloud object storage for Amazon S3 for enterprise

EasyOS: CONFIG_TASK_DELAY_ACCT, ZRAM, and Ventoy

  • iotop partly broken in Easy Dunfell and Bookworm

    Running iotop (from "System" menu), there is a message: CONFIG_TASK_DELAY_ACCT not enabled in kernel, cannot determine SWAPIN and IO This problem arrived with the 5.15 kernel. It is configured with CONFIG_TASK_DELAY_ACCT, but is not activated. It has to be activated with a kernel commandline parameter. Apparently, this change was made because this feature imposes a very slight performance overhead on I/O.

  • Zram with lz4 compression in kernel

    Oh man, I recompiled the kernel yet again! Having very recently become enamoured of lz4, I saw that zram only has lzo and lzo-rle compression enabled. So, have also enabled lz4.

  • Simpler labels for desktop icons
  • Using EasyOS with Ventoy

    If you want to put EasyOS into Ventoy, it used to work -- only just -- now doesn't. The Ventoy website has a tick alongside EasyOS, meaning it works. However, there is this problem... When Easy is on its own on a USB-stick, at first bootup, the ext4 working-partition is expanded to fill the drive, then it is populated. That population includes 'vmlinuz', 'initrd' and 'easy.sfs' copied from the boot-partition to the working-partition.

SUSE: seidl, SUSE Manager, and SUSECON Digital 22

  • seidl - display current SUSE publiccloud images in your terminal - openQA bites

    seidl is a small pint query utility designed to easily list the current publiccloud images in the terminal. Pint (Public Cloud Information Tracker) is the SUSE service to provide data about the current state of publiccloud images across all supported public cloud service providers. The public-cloud-info-client is an already existing versitale client, however I find its usage a bit bulky if it comes to the task of displaying the current images. This is where seidl complements the existing client. See for yourself:

  • SUSE Manager 4.3 Public RC is out!

    We are happy to announce our Public Release Candidate for SUSE Manager 4.3!

  • Journey to the Edge at SUSECON Digital 22

    It is just a few short weeks until SUSECON Digital 2022, which goes live June 7-9, and I am thrilled to be delivering the Edge keynote at the show. In support of SUSE’s mission to become the most trusted and secure infrastructure stack in the market I’m going to be discussing why our Edge computing offering stands out in enabling business applications to run where they are best suited.

Fedora Family / IBM and Red Hat Leftovers

  • Downstream automation is here | Packit

    As the first step on our way to Fedora users, we need to get the new upstream release to the Fedora dist-git.

  • 5 tips to prevent IT team burnout

    During the pandemic shutdown, the concept of 24/7 employee availability became normalized – especially for IT professionals, many of whom who found themselves within reach of their laptops at all times. This new normal led many IT folks to experience burnout, with stress and frustration negatively impacting the quality of their work, their personal relationships, and even their mental health. As a leader, you can help prevent your IT team from succumbing to burnout. Here are five tips to help ensure that your team stays happy, healthy, and productive.

  • Hybrid work: 3 technology questions CIOs should be asking [Ed: More buzzwords (about working from home and centrralised office space)]

    Hybrid work is here to stay, as workers around the globe are now insisting on that flexibility. According to a Frost & Sullivan survey of global IT decision-makers, 93 percent of business leaders expect one-quarter or more of their employees to work from home moving forward, with most likely moving between home and the office. As we look to assess the impact of this new way of working, CIOs need to set guidelines for what their hybrid workplace will look like and determine how they can help employees and employers navigate new workflows effectively and productively. Here are some questions to help start that process.

  • Use this open source screen reader on Windows [Ed: Red Hat promoting Microsoft Windows stuff]
  • Near zero marginal cost societies and the impact on why we work

    I have read Jeremy Rifkin's book The Zero Marginal Cost Society: The Internet of Things, the Collaborative Commons, and the Eclipse of Capitalism, which has a strong connection to open organization principles, particularly community building. Rifkin also writes about the future of green energy generation and energy use in logistics. This is the second of three articles in this series. In my previous article, I examined the Collaborative Commons. In this article, I look at its impact on energy production and supply. Within the next 25 years, Rifkin believes most of our energy for home heating, running appliances, powering businesses, driving vehicles, and operating the whole economy will be nearly free with on-site power solar, wind and geothermal energy generation. This is starting already, through both individual and micropower plants. The payback is around two to eight years.

  • Manage JMX credentials on Kubernetes with Cryostat 2.1

    Cryostat is a tool for managing JDK Flight Recorder data on Kubernetes. If you have Java Management Extensions (JMX) authentication enabled on your containerized Java Virtual Machines (JVMs), Cryostat will prompt you to enter your JMX credentials before it can access the JDK flight recordings on your target JVMs. On the Cryostat console, the Automated Rules, Recordings, and Events tabs will require you to enter your JMX credentials if you want to view existing flight recordings or perform a recording operation on a target with JMX authentication enabled. When monitoring multiple target JVMs with Cryostat features such as automatic rules, you may want Cryostat to remember and reuse your JMX credentials for each target connection.

  • Approaches to implementing multi-tenancy in SaaS applications

    The SaaS architecture checklist is a series of articles that cover the software and deployment considerations for Software as a Service (SaaS) applications. This article discusses architectural approaches for separating and isolating SaaS tenants to provide multi-tenancy, the provisioning of services to multiple clients in different organizations. For the approaches, the type and level of isolation provided are compared, along with their tradeoffs. The approaches laid out in different sections of the article are not mutually exclusive and can be combined to provide the levels of separation and isolation necessary to satisfy the requirements of your SaaS customers and markets. We'll also discuss how to incorporate existing single-tenant applications into a SaaS environment.