Language Selection

English French German Italian Portuguese Spanish

Web

Brave Web Browser 1.20.108 Is Released With Fix For Major Security Flaw In Private Tor Windows

Filed under
Web

Several recent version of the Brave Web Browser have had a very unfortunate DNS-leak flaw in the "private" Tor-based browsing feature. The latest version 1.20.208 has a new version of the Chromium core it is based on (88.0.4324.182), a fix for DNS leaks in supposedly "private" web browser windows and two fixes specific to macOS. You should upgrade if you rely on Brave for "private" web browsing or use it to access Tor onion sites.

[...]

You should upgrade and ensure that you are using version 1.20.108 or newer if you occasionally use the Brave Web Browser to access Tor onion sites or rely on it's "private" Tor-browsing mode for anything even remotely critical. You can acquire the latest version from brave.com.

Read more

3 Best Free and Open Source Web-Based XMPP Clients

Filed under
OSS
Web

XMPP (also known as Jabber) is an open and free alternative to commercial messaging and chat providers. It is a secure battle-tested protocol developed by an independent standards organization.

XMPP was designed for real-time communication, which powers a wide range of applications including instant messaging, presence, media negotiation, whiteboarding, collaboration, lightweight middleware, content syndication, EDI, RPC and more.

The “X” in XMPP stands for “Extensible”, which means the core protocol is updated and extended with more features through a transparent process at the non-profit XMPP Standards Foundation every now and then. This results in some clients not implementing every feature of XMPP; for example, a typical instant messaging client won’t implement Internet-of-Things functionality.

Read more

John Goerzen: Recovering Our Lost Free Will Online: Tools and Techniques That Are Available Now

Filed under
Web

As I’ve been thinking and writing about privacy and decentralization lately, I had a conversation with a colleague this week, and he commented about how loss of privacy is related to loss of agency: that is, loss of our ability to make our own choices, pursue our own interests, and be master of our own attention.

In terms of telecommunications, we have never really been free, though in terms of Internet and its predecessors, there have been times where we had a lot more choice. Many are too young to remember this, and for others, that era is a distant memory.

The irony is that our present moment is one of enormous consolidation of power, and yet also one of a proliferation of technologies that let us wrest back some of that power. In this post, I hope to enlighten or remind us of some of the choices we have lost — and also talk about the ways in which we can choose to regain them, already, right now.

I will talk about the possibilities and then go into more detail about the solutions.

[...]

Back in the late 90s, I worked at a university. I had a 386 on my desk for a workstation – not a powerful computer even then. But I put the boa webserver on it and could just serve pages on the Internet. I didn’t have to get permission. Didn’t have to pay a hosting provider. I could just DO it.

And of course that is because the university had no firewall and no NAT. Every PC at the university was a full participant on the Internet as much as the servers at Microsoft or DEC. All I needed was a DNS entry. I could run my own SMTP server if I wanted, run a web or Gopher server, and that was that.

There are many reasons why this changed. Nowadays most residential ISPs will block SMTP for their customers, and if they didn’t, others would; large email providers have decided not to federate with IPs in residential address spaces. Most people have difficulty even getting a static IP address in the first place. Many are behind firewalls, NATs, or both, meaning that incoming connections of any kind are problematic.

Do you see what that means? It has weakened the whole point of the Internet being a network of peers. While IP still acts that way, as a practical matter, there are clients that are prevented from being servers by administrative policy they have no control over.

Imagine if you, a person with an Internet connection to your laptop or phone, could just decide to host a website, or a forum on it. For moderate levels of load, they are certainly capable of this. The only thing in the way is the network management policies you can’t control.

Elaborate technologies exist to try to bridge this divide, and some, like Tor or cjdns, can work quite well. More on this below.

Read more

5 Free and Open Source Lightweight Alternatives to WordPress

Filed under
Server
Web

Now don’t get us wrong, WordPress is one of our favorite applications. With good reason, it’s a high quality, open source blog publishing application. It’s a mature and highly polished application with development starting in 2003, and it has an active community. The largest self-host blogging tool, a full content management system, which can be extended through thousands of widgets, plugins, and themes, is a good fit for many projects. The software was born out of a desire for an elegant, well-architectured personal publishing system built on PHP and MySQL.

WordPress instantly springs to mind when any project is planned that needs a content management system. However, WordPress can be complicated, offering more bells and whistles than actually needed or wanted. While it’s always tempting to stick with familiar territory, this can actually stifle creativity and does not enhance an individual’s skill-set.

When embarking on a new project, there’s a lot to be said experimenting with new software. Fortunately, WordPress is not the only option. There’s a good range of lightweight open source content management systems ready to be deployed that can transform a web site.

Some of the content management systems featured in this article are well publicised, but there are many good management systems that you may not have heard of that are perfectly suited for small projects.

Here is our verdict with our recommendations. They are all free and open source goodness.

Read more

Also: HOWTO: Migrate from Ghost v3 to Squarespace

WordPress 5.7 Beta 3

Filed under
Server
Software
Web

This software is still in development, so it’s not recommended to run this version on a production site. Consider setting up a test site to play with it.

Read more

Federated/Decentralised Communications With Movim and P2P VoIP

Filed under
Server
OSS
Security
Web
  • Movim | Basic Review & Beginner's Guide

    Once you read about Movim, immediately you will find about Xmpp. It is Jabber, also known as Xmpp, a secure, decentralized, and federated technology everyone can use to chat online existed strongly since 1990's. To give you how great Xmpp network is, actually when you use WhatsApp you use Xmpp, so does with Google Talk and Jitsi, so when you use those you are using Xmpp. To give you a few of its benefits, Xmpp is not controlled by a single company (so unlike Twitter) it is hard to shut down by anyone.


  • Daniel Pocock: Comparing private and peer-to-peer VoIP solutions

    One of the top questions people ask RTC developers around Valentine's Day is whether we finally have a private solution people can use to communicate with their partner.

    There is fresh attention on the issue this year after Twitter and other large providers flexed their muscles and demonstrated that they are more powerful than the US President.

    [...]

    Achieving independence from cloud services doesn't necessarily give you privacy. There are trade-offs to be made. John Goerzen recently published a blog about privacy issues in current P2P tools.

Brave and Mozilla: uBlock, Mozilla Localization and More

Filed under
Moz/FF
Web
  • Brave browser adds native support for uBlock and Fanboy annoyances lists and social list - gHacks Tech News

    Brave browser's built-in ad-blocker has been boosted by some additional options. The Chromium fork's Brave Shield now supports three popular privacy-friendly filter lists, namely uBlock Annoyances List, Fanboy Annoyances List and Fanboy Social List.

  • Mozilla Localization (L10N): L10n Report: February 2021 Edition
  • Hacks.Mozilla.Org: MDN localization update, February 2021

    Previously on MDN, we allowed translators to localize document URL slugs as well as the document title and body content. This sounds good in principle, but has created a bunch of problems. It has resulted in situations where it is very difficult to keep document structures consistent.

    If you want to change the structure or location of a set of documentation, it can be nearly impossible to verify that you’ve moved all of the localized versions along with the en-US versions — some of them will be under differently-named slugs both in the original and new locations, meaning that you’d have to spend time tracking them down, and time creating new parent pages with the correct slugs, etc.

    As a knock-on effect, this has also resulted in a number of localized pages being orphaned (not being attached to any parent en-US pages), and a number of en-US pages being translated more than once (e.g. localized once under the existing en-US slug, and then again under a localized slug).

  • Karl Dubost: Whiteboard Reactionaries

    I simply and firmly disagree and throw my gauntlet at Bruce's face. Choose your weapons, time and witnesses.

    The important part of this tweet is how Mike Taylor points out how the Sillycon Valley industry is a just a pack of die-hard stick-in-the-mud reactionaries who have promoted the whiteboard to the pinnacle of one's dull abilities to regurgitate the most devitalizing Kardashianesque answers to stackoverflow problems. Young programmers! Rise! In front of the whiteboard, just walk out. Refuse the tiranny of the past, the chalk of ignorance.

Developers Continue New Push With LibreOffice In The Web Browser Via WebAssembly

Filed under
LibO
Web

While there has been LibreOffice Online as a collaborative, web-based version of LibreOffice making use of the HTML5 Canvas for its UI, there hasn't been much activity there recently outside of the Collabora Online commercial variant. But developers are working on a current port of LibreOffice to the web browser using WebAssembly.

Developers Thorsten Behrens and Jan-Marek Glogowski presented at last weekend's FOSDEM Online 2021 on the work being done to port LibreOffice to work gracefully with WebAssembly for running the open-source office suite within the web browser.

Read more

Viper Browser: A Lightweight Qt5-based Web Browser With A Focus on Privacy and Minimalism

Filed under
Software
Web

Viper Browser is a Qt-based browser that offers a simple user experience keeping privacy in mind.

While the majority of the popular browsers run on top of Chromium, unique alternatives like Firefox, Beaker Browser, and some other chrome alternatives should not cease to exist.

Especially, considering Google’s recent potential thought of stripping Google Chrome-specific features from Chromium giving an excuse of abuse.

In the look-out for more Chrome alternatives, I came across an interesting project “Viper Browser” as per our reader’s suggestion on Mastodon.

Read more

The "snob RSS" Hall of (constructive!) Shame

Filed under
Web

It is half hilarious, half depressing, how many officially tech-savvy organisations advertise on their websites every possible way to follow them… as long as it is a non-portable, non-future-proof, intrusive walled garden. I am talking of those websites that never, never miss links and icons to their social accounts…

But never show in plain sight also a far better solution to follow them. A solution that, I am sure, they already have for free, courtesy of whatever website management system they may be using: the good, old, far superior Really Simple Syndication (RSS).

RSS is a much, much, MUCH better way to follow what one publishes online than Twitter, Facebook or any other social media. Because only RSS is unfiltered, not centrally tracked, free from addictive distraction and 100% usable from any device.

Read more

Syndicate content

More in Tux Machines

today's howtos

  • GNU Linux (CentOS8) – how to enable power tools repository and install sshfs
  • Apt Update and Apt Upgrade Commands - What's the difference?

    In an earlier article, we looked at the APT command and various ways that you can make use of the package manager to manage packages. That was a general overview, but in this guide, we pause and shine the spotlight on 2 command usages. These are apt update and apt upgrade commands. The apt update and apt upgrade are two of the most commonly used yet misunderstood commands for many Linux users. For some, these play the same role, which is not the case. In this guide, we seek to distinguish the differences between the two and how each one of them is used.

  • Remap custom keyboard keys in Linux - Tutorial

    Modern problems require modern solutions. I've recently got meself a new Linux test laptop, one IdeaPad 3, which I bought (unfortunately, due to market shortages) with the UK keyboard layout instead of the US layout. This means suboptimal physical key placement - even if you do use a different keyboard variant. Namely, the bar and backspace keys and such are placed all wrong, plus the Enter key is too small. Moreover, this also means, muscle memory and all, you end up typing \ when you actually want to jump to a new line, and this can be quite annoying. So I thought, perhaps I can remap keyboard keys in a small way? But I didn't want to just remap the backspace key (bearing the UK tilde and hash symbols) to a "second" Enter, thus effectively making a larger Enter key, I still wanted to have the bar and backspace keys available. Hence a more complex exercise. Let me show you how you can this somewhat convoluted but super-nice setup.

  • Linux server certifications becoming a must-have for IT pros | Network World

    Linux certification is increasingly significant for tech workers as the public cloud and software-defined networking become ever more important. A Linux cert can set IT professionals apart from the herd and potentially put a lot more money in their bank accounts. Once these certifications were a gauge of reliability, according to CompTIA chief tech evangelist James Stanger. “Twenty years ago, Linux tended to attract people who were a little edgier,” he said. “So certification was traditionally used in the Linux side just to find people you can work with—will they show up on time?” Now, these certifications are a demonstration not only of proficiency but also dedication to self-improvement. “You can’t go wrong with a certification,” said Joe Faletra, director of infrastructure services at Modis, a technology staffing and consulting firm. “I’ll lean towards certs over experience [in hiring], because this person has put the effort into learning and passing the exam.”

  • How to install Discord on a Chromebook in 2021 - Desktop version

    Today we are looking at how to install Discord, the desktop version, on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • How to fix Ubuntu boot issues

    There can be many reasons behind Ubuntu being unable to boot, like, GRUB error, broken package installation, or even a faulty hardware issue. We will be looking at these issues one-by-one and try to solve it.Here are some of the most common Linux Boot issues and their solutions. Bear in mind that these steps are generally for Ubuntu, but could be applied to any Linux system.

  • How To Install AnyDesk on Manjaro 20 - idroot

    In this tutorial, we will show you how to install AnyDesk on Manjaro 20. For those of you who didn’t know, AnyDesk is the world’s so much completely satisfied remote computing device application. Access all your programs, documents, and documents from anywhere, without needing to entrust your information to a cloud service. You could say it is an alternative to the TeamViewer, that’s available free. Anydesk offers a faster remote connection than any other current distant computer application. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of AnyDesk Remote desktop on a Manjaro 20 (Nibia).

  • How to use scp command in Linux to transfer files securely using ssh

    On Unix or Linux operating systems, the scp utility, stands for secure copy, is similar to the more famous command, cp, but is used to transfer files and directories between hosts on a secure encrypted network. Since it relies on ssh for data transfer, it offers the same security and uses the same authentication ssh. The scp command will prompt for passwords for authentication (if needed), unlike rcp. In this article, we will dive into the world of secure transfer of files in Linux and learn how to use scp command. You will see how to use this utility through detailed explanations and example use cases of the commonly used scp switches and options.

Kali Linux 2021.1 Release (Command-Not-Found)

How you choose to interact with Kali is completely up to you. You may want to access Kali locally or remotely, either graphically or on the command line. Even when you pick a method, there are still options you can choose from, such as a desktop environment. By default, Kali uses Xfce, but during the setup process, allows for GNOME, KDE, or no GUI to be selected. After the setup is complete, you can install even more. We have pre-configurations for Enlightenment, i3, LXDE, and MATE as well. [...] When we use Kali, we spend a significant amount of time using the command line. A lot of the time, we do it using a local terminal (rather than in a console or remote SSH). With the options of desktop environments, there are also choices when it comes to the terminals (same with what shell to use). Read more Also: Kali Linux 2021.1 released: Tweaked DEs and terminals, new tools, Kali ARM for Apple Silicon Macs

Kernel: Millennium Prize, Compute Express Link 2.0, HP Platform Profile Support

  • Millennium prize problems but for Linux

    There is a longstanding tradition in mathematics to create a list of hard unsolved problems to drive people to work on solving them. Examples include Hilbert's problems and the Millennium Prize problems. Wouldn't it be nice if we had the same for Linux? A bunch of hard problems with sexy names that would drive development forward? Sadly there is no easy source for tens of millions of euros in prize money, not to mention it would be very hard to distribute as this work would, by necessity, be spread over a large group of people. Thus it seems is unlikely for this to work in practice, but that does not prevent us from stealing a different trick from mathematicians' toolbox and ponder how it would work in theory. In this case the list of problems will probably never exist, but let's assume that it does. What would it contain if it did exist? Here's one example I came up with. it is left as an exercise to the reader to work out what prompted me to write this post. [...] A knee-jerk reaction many people have is something along the lines of "you can solve this by limiting the number of linker processes by doing X". That is not the answer. It solves the symptoms but not the underlying cause, which is that bad input causes the scheduler to do the wrong thing. There are many other ways of triggering the same issue, for example by copying large files around. A proper solution would fix all of those in one go.

  • Compute Express Link 2.0 Support Sent In For Linux 5.12, Enabling CXL 2.0 Memory Devices - Phoronix

    Immediately following the publishing of the Linux enablement patches for CXL 2.0 and that continued in the months since over several rounds of patches. That initial CXL 2.0 code is now slated for mainlining with the Linux 5.12 kernel. The initial Compute Express Link 2.0 focus for the Linux kernel has been on supporting Type-3 Memory Devices. The CXL 2.0 type-3 memory device support being fleshed out first is for serving as a memory expander for RAM or persistent memory and can optionally be interleaved with other CXL devices. For the lack of any CXL 2.0 hardware yet even within the confines of Intel, Widawsky worked out this initial enablement code thanks to writing up support around the specification within QEMU for emulation.

  • Linux 5.13 Should See HP Platform Profile Support - Phoronix

    Linux 5.12 is bringing the initial infrastructure around ACPI Platform Profile support and with this kernel it's implemented for newer Lenovo ThinkPad and IdeaPad laptops. The support allow for altering the system's power/performance characteristics depending upon your desire for a speedy, quiet, or cool experience. With Linux 5.13 it looks like HP laptops with this capability will begin to see working Platform Profile support too. Lenovo is the initial Linux user/supporter of this Platform Profile support while Dell has also expressed interest in supporting it on Linux for letting users manipulate their desire desired balance of performance vs. cool/quiet operation. There has been an HP patch implementing the support and it's looking like that is now ready to be queued into the x86 platform driver tree once the current Linux 5.12 merge window is over, which would mark it as material for 5.13.

Open Source Community Critical Of Chessbase, Fat Fritz 2

The development teams behind the two most successful and influential open-source chess programs, Stockfish and Leela Chess Zero, have issued statements denouncing the commercial program Fat Fritz 2 and the company Chessbase that is selling the program for 99,90 euros. The statements (Stockfish blog, lichess announcement) assert that the engine in Fat Fritz 2 is Stockfish with minimal changes, that Fat Fritz 2 has violated the GNU General Public License under which Stockfish is released, and that Chessbase's marketing has made false claims about Fat Fritz 2's playing strength. Read more