Language Selection

English French German Italian Portuguese Spanish

Web

Horde vs Roundcube vs Squirrelmail - Which Works Best

Filed under
Server
Software
Web

Webmail is a great way to access your emails from different devices and when you are away from your home. Now, most web hosting companies include email with their server plans. And all of them offer the same three, webmail clients as well: RoundCube, Horde, and SquirrelMail. They are part of the cPanel - most popular hosting control panel.

Read more

Proprietary Vivaldi 2.6 Released

Filed under
Software
Web
  • Vivaldi browser blocks abusive ads, improves profile management and more

    At Vivaldi, we continue to focus on our two hallmarks – privacy and customization. We are always looking to enhance what a browser should provide, and the latest version of Vivaldi has a handful of new features that do just that.

    We’ve improved security by blocking advertisements on sites with abusive ad practices. There are new ways to navigate quicker, customize user profiles along with overall improvements that add more flexibility to Vivaldi’s intuitive user interface.

  • Vivaldi 2.6 Released with Improved Security & User Profile

    Vivaldi web browser released new stable version 2.6 today with improved security, profile management and more.

  • Browse the Web More Securely with Vivaldi Browser 2.6

    Vivaldi 2.6 released with improvements and new features.

    Vivaldi is free and open source cross platform web browser. Vivaldi is fairly new in web world where Chrome, Firefox, Opera are already playing. Vivaldi is a Chromium based browser targeted to the technical users than generic users having a minimal UI, icons and tabs. Here’s a quick rundown of Vivaldi’s features.

  • Vivaldi to give abusive sites the middle finger with built-in ad blocking

    Amid Google's huffing and puffing over ad blockers, an update to Chromium-based browser Vivaldi puts privacy squarely in its sights.

    The release, version 2.6, is not quite the feature-fest of previous builds, but contains a couple of standout tweaks to please those fed up with advertisers and online trackers, and others who like things just so.

Tails 3.14.1 is out

Filed under
GNU
Linux
Security
Web
Debian

This release is an emergency release to fix a critical security vulnerability in Tor Browser.

It also fixes other security vulnerabilities. You should upgrade as soon as possible.

Read more

Also: It's Time to Switch to a Privacy Browser

12 Best Web Browsers for Ubuntu

Filed under
Web
Ubuntu

Selecting the best web browsers for Ubuntu largely depends on your personal needs, but usually, browsers are used for accessing/browsing websites.

In this article, we will look under the hood and highlight some of the best web browsers for Ubuntu.

Read more

Browsers: Firefox Upselling and Branding, Chromium-Based Browsers Will Ignore Google’s Ad-Blocking Ban

Filed under
Google
Moz/FF
Web
  • This Free software ain't free to make, pal, it's expensive: Mozilla to bankroll Firefox with paid-for premium extras

    Mozilla is planning to launch a suite of paid-for subscription services to complement its free and open-source Firefox browser in October.

    CEO Chris Beard elaborated on the plan, mentioned in the company's bug reporting system eleven months ago, to German technology site T3N last week. In an interview, he said Mozilla's premium service plan will include VPN bandwidth above what's available from Mozilla's ProtonMail VPN partnership.

    He suggested the arrangement will augment a free VPN tier. That would be a change from the current $10 per month ProtonMail VPN arrangement, one that resembles the free VPN offering from the competing Opera browser. He also suggested the service bundle will include an allotment of secure cloud storage, though it isn't yet clear how much storage will be included or whether "secure" means user-held encryption keys.

  • Firefox 68 Beta 10 Testday, June 14th

    We are happy to let you know that Friday, June 14th we are organizing Firefox 68 Beta 10 Testday. We’ll be focusing our testing on: Sync & Firefox Account and Browser notifications & prompts.

    Check out the detailed instructions via this etherpad.

  • Mozilla Open Design Blog: Firefox: The Evolution Of A Brand

    Consider the fox. It’s known for being quick, clever, and untamed — attributes easily applied to its mythical cousin, the “Firefox” of browser fame. Well, Firefox has another trait not found in earthly foxes: stretchiness. (Just look how it circumnavigates the globe.) That fabled flexibility now enables Firefox to adapt once again to a changing environment.

    The “Firefox” you’ve always known as a browser is stretching to cover a family of products and services united by putting you and your privacy first. Firefox is a browser AND an encrypted service to send huge files. It’s an easy way to protect your passwords on every device AND an early warning if your email has been part of a data breach. Safe, private, eye-opening. That’s just the beginning of the new Firefox family.

    Now Firefox has a new look to support its evolving product line. Today we’re introducing the Firefox parent brand — an icon representing the entire family of products. When you see it, it’s your invitation to join Firefox and gain access to everything we have to offer. That includes the famous Firefox Browser icon for desktop and mobile, and even that icon is getting an update to be rolled out this fall.

  • Chromium-Based Browsers Will Ignore Google’s Ad-Blocking Ban

    Brave Opera and Vivaldi will not implement Google’s changes that will cripple ad-blockers.

    Commercial web browsers including Brave, Opera, and Vivaldi won’t be disabling ad blocker extensions as desired by Google. These browsers are based on the the same open source codebase that is used with Google Chrome. Google maintains an open source project called Chromium as the base of its Chrome browsers.

    According to ZDnet, “At the end of May, Google made a new announcement in which it said that the old technology that ad blockers were relying on would only be available for Chrome enterprise users, but not for regular users.”

Deluge BitTorrent Client 2.0

Filed under
Software
Web
  • Deluge BitTorrent Client 2.0 Released With Sequential Downloads, Now Uses Python3 And Gtk3

    Deluge BitTorrent client has reached version 2.0 stable recently, after more than 2 years since the previous stable release. The new stable Deluge version comes with major changes, including code ported to Python 3, Gtk UI ported to Gtk 2, sequential downloads support, a new logo, and much more.

    Deluge is a free and open source BitTorrent client that runs on Linux, Windows, macOS and *BSD. It's written in Python, and it includes a text console, a web interface, and a graphical desktop interface that uses Gtk.

  • Deluge 2.0.0 Major version is Released after continuous development of 2 Years and 5 Months

    The Deluge development team is proudly announced the new major version release of Deluge 2.0.0 on 06 June, 2019.

    In the following days (Deluge 2.0.1 on 07 June, 2019 & Deluge 2.0.2 on 08 June, 2019), they had been released the minor version of Deluge in the same branch to fix some of the issue, which have reported by users.

  • Welcome to the Deluge BitTorrent Project

    Latest Deluge release 2.0.2 available for Linux, Mac OS X and Windows.

From student message board to open-source CMS: a Q&A with the creator of Drupal

Filed under
Software
Interviews
Drupal
Web

Drupal has completely changed the way large organisations think about and build their digital estate.

The open source content management system (CMS), which was founded in the year 2000, is now used by some of the world’s biggest brands like Warner Music, Virgin Sport, Princess Cruises and Wilson because of its ability to handle huge spikes of web traffic and because of how it enables marketers to manage their brand digitally on a global level.

TechRadar Pro recently had the opportunity to interview the creator of Drupal, Dries Buytaert who told us how he came to create the CMS and gave us insight into what's in store for future versions...

Read more

Also: Acquia Lightning Revamped, Enonic 7.0 Released, More Open Source News [Ed: Drupal founder now selling better performance]

Exim and GNU Screen Patched

Filed under
GNU
Security
Web
  • New RCE vulnerability impacts nearly half of the internet's email servers

    A critical remote command execution (RCE) security flaw impacts over half of the Internet's email servers, security researchers from Qualys have revealed today.

    The vulnerability affects Exim, a mail transfer agent (MTA), which is software that runs on email servers to relay emails from senders to recipients.

    According to a June 2019 survey of all mail servers visible on the Internet, 57% (507,389) of all email servers run Exim -- although different reports would put the number of Exim installations at ten times that number, at 5.4 million.

  • CVE-2019-10149 Exim 4.87 to 4.91

    We received a report of a possible remote exploit. Currently there is no evidence of an active use of this exploit.

    A patch exists already, is being tested, and backported to all versions we released since (and including) 4.87.

    The severity depends on your configuration. It depends on how close to the standard configuration your Exim runtime configuration is. The closer the better.

    Exim 4.92 is not vulnerable.

  • GNU Screen MScrollV Function Denial of Service Vulnerability [CVE-2015-6806]

    A vulnerability in the MScrollV function of GNU Screen could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

    The vulnerability exists because the MScrollV function, as defined in the ansi.c source code file of the affected software, does not properly limit recursion. An attacker could exploit this vulnerability by sending a request that submits malicious input to the targeted system. A successful exploit could trigger a stack overflow condition, resulting in a DoS condition.Proof-of-concept (PoC) code that demonstrates an exploit of this vulnerability is publicly available. GNU has confirmed the vulnerability and released software updates.

Google: Chrome OS, Chrome and Antitrust

Filed under
GNU
Linux
Google
Web
  • It’s Not Just You – Linux Apps Are Completely Broken With The Latest Dev Channel Update

    For those of us that hang around in the Beta, Dev and Canary Channels of Chrome OS on a regular basis, we’re pretty accustomed to bugs and issues. It is part of the territory when you live on the bleeding edge of technology, and as you climb the ladder of Chrome releases, the OS becomes more and more unstable.

    Today’s bug report is a pretty big one, however, and we wanted to make sure that everyone that lives in the Dev Channel on a regular basis is aware that this particular issue in the latest update that rolled out yesterday looks to be affecting everyone.

    So, what is happening, exactly? From what we can tell so far, the Linux container will install just fine, but as soon as anything is run or installed, the container will not ever come back online. No restarts will help, unfortunately, and the only way to get Linux containers to respond again is to fully remove them and re-install.

  • Google to restrict modern ad blocking Chrome extensions to enterprise users

    Back in January, Google announced a proposed change to Chrome’s extensions system, called Manifest V3, that would stop current ad blockers from working efficiently. In a response to the overwhelming negative feedback, Google is standing firm on Chrome’s ad blocking changes, sharing that current ad blocking capabilities will be restricted to enterprise users.

  • Google's API changes mean only paid enterprise users of Chrome will be able to access full adblock

    Google has warned investors that "New and existing technologies could affect our ability to customize ads and/or could block ads online, which would harm our business," and ad blocker developers like Raymond Hill of Ublock Origin have speculated that "Google’s primary business is incompatible with unimpeded content blocking. Now that Google Chrome product has achieve high market share, the content blocking concerns as stated in its 10K filing are being tackled."

  • Google is facing an imminent antitrust investigation from the US Justice Department

    Citing anonymous sources, the WSJ says the Federal Trade Commission, which works alongside the DOJ to bring federal antitrust cases, will defer to the Justice Department in this case. Prior to this, the FTC brought a case against the company in 2011 related to the placement of tracking cookies in Apple’s Safari browser. That case was resolved a year later with a $22.5 million civil penalty judgement, at the time the largest such judgement the FTC had ever earned in court. According to the WSJ, the FTC then investigated Google in 2013 for broad antitrust violations, but closed the case without taking any action against the search giant. Now, the DOJ is leading the charge on a new, potentially unprecedented antitrust evaluation of the company.

New Release: Tor Browser 8.5

Filed under
Moz/FF
Security
Web

Tor Browser 8.5 is the first stable release for Android. Since we released the first alpha version in September, we've been hard at work making sure we can provide the protections users are already enjoying on desktop to the Android platform. Mobile browsing is increasing around the world, and in some parts, it is commonly the only way people access the internet. In these same areas, there is often heavy surveillance and censorship online, so we made it a priority to reach these users.

Read more

Syndicate content

More in Tux Machines

One Mix Yoga 3 mini laptop demostrated running Ubuntu

If you are in interested in seeing how the Ubuntu Linux operating system runs on the new One Mix Yoga 3 mini laptop. You are sure to be interested in the new video created by Brad Linder over at Liliputing. “ I posted some notes about what happened when I took Ubuntu 19.04 for a spin on the One Mix 3 Yoga in my first-look article, but plenty of folks who watched my first look video on YouTube asked for a video… so I made one of those too.” The creators of the One Mix Yoga 3 have made it fairly easy to boot an alternative operating system simply by plugging in a bootable flash drive or USB storage device. As the mini laptop is powering up simply hit the delete key and you will be presented by the BIOS/UEFI menu. Simply change the boot priority order so that the computer will boot from a USB device and you are in business. Read more

Security: Curl, Fedora, Windows and More

  • Daniel Stenberg: openssl engine code injection in curl

    This flaw is known as CVE-2019-5443. If you downloaded and installed a curl executable for Windows from the curl project before June 21st 2019, go get an updated one. Now.

  • Fedora's GRUB2 EFI Build To Offer Greater Security Options

    In addition to disabling root password-based SSH log-ins by default, another change being made to Fedora 31 in the name of greater security is adding some additional GRUB2 boot-loader modules to be built-in for their EFI boot-loader. GRUB2 security modules for verification, Cryptodisk, and LUKS will now be part of the default GRUB2 EFI build. They are being built-in now since those using the likes of UEFI SecureBoot aren't able to dynamically load these modules due to restrictions in place under SecureBoot. So until now using SecureBoot hasn't allowed users to enjoy encryption of the boot partition and the "verify" module with ensuring better integrity of the early boot-loader code.

  • Fedora 31 Will Finally Disable OpenSSH Root Password-Based Logins By Default

    Fedora 31 will harden up its default configuration by finally disabling password-based OpenSSH root log-ins, matching the upstream default of the past four years and behavior generally enforced by other Linux distributions. The default OpenSSH daemon configuration file will now respect upstream's default of prohibiting passwords for root log-ins. Those wishing to restore the old behavior of allowing root log-ins with a password can adjust their SSHD configuration file with the PermitRootLogin option, but users are encouraged to instead use a public-key for root log-ins that is more secure and will be permitted still by default.

  • Warning Issued For Millions Of Microsoft Windows 10 Users

    Picked up by Gizmodo, acclaimed Californian security company SafeBreach has revealed that software pre-installed on PCs has left “millions” of users exposed to hackers. Moreover, that estimate is conservative with the number realistically set to be hundreds of millions. The flaw lies in PC-Doctor Toolbox, systems analysis software which is rebadged and pre-installed on PCs made by some of the world’s biggest computer retailers, including Dell, its Alienware gaming brand, Staples and Corsair. Dell alone shipped almost 60M PCs last year and the company states PC-Doctor Toolbox (which it rebrands as part of ‘SupportAssist’) was pre-installed on “most” of them. What SafeBreach has discovered is a high-severity flaw which allows attackers to swap-out harmless DLL files loaded during Toolbox diagnostic scans with DLLs containing a malicious payload. The injection of this code impacts both Windows 10 business and home PCs and enables hackers to gain complete control of your computer. What makes it so dangerous is PC-makers give Toolbox high-permission level access to all your computer’s hardware and software so it can be monitored. The software can even give itself new, higher permission levels as it deems necessary. So once malicious code is injected via Toolbox, it can do just about anything to your PC.

  • Update Your Dell Laptop Now to Fix a Critical Security Flaw in Pre-Installed Software

    SafeBreach Labs said it targeted SupportAssist, software pre-installed on most Dell PCs designed to check the health of the system’s hardware, based on the assumption that “such a critical service would have high permission level access to the PC hardware as well as the capability to induce privilege escalation.” What the researchers found is that the application loads DLL files from a folder accessible to users, meaning the files can be replaced and used to load and execute a malicious payload. There are concerns the flaw may affect non-Dell PCs, as well. The affected module within SupportAssist is a version of PC-Doctor Toolbox found in a number of other applications, including: Corsair ONE Diagnostics, Corsair Diagnostics, Staples EasyTech Diagnostics, Tobii I-Series Diagnostic Tool, and Tobii Dynavox Diagnostic Tool. The most effective way to prevent DLL hijacking is to quickly apply patches from the vendor. To fix this bug, either allow automatic updates to do its job, or download the latest version of Dell SupportAssist for Business PCs (x86 or x64) or Home PCs (here). You can read a full version of the SafeBreach Labs report here.

  • TCP SACK PANIC Kernel Vulnerabilities Reported by Netflix Researchers

    On June 17th, Researchers at Netflix have identified several TCP networking vulnerabilities in FreeBSD and Linux kernels.

  • DNS Security - Getting it Right

    This paper addresses the privacy implications of two new Domain Name System (DNS) encryption protocols: DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH). Each of these protocols provides a means to secure the transfer of data during Internet domain name lookup, and they prevent monitoring and abuse of user data in this process. DoT and DoH provide valuable new protection for users online. They add protection to one of the last remaining unencrypted ‘core’ technologies of the modern Internet, strengthen resistance to censorship and can be coupled with additional protections to provide full user anonymity. Whilst DoT and DoH appear to be a win for Internet users, however, they raise issues for network operators concerned with Internet security and operational efficiency. DoH in particular makes it extremely difficult for network operators to implement domain-specific filters or blocks, which may have a negative impact on UK government strategies for the Internet which rely on these. We hope that a shift to encrypted DNS will lead to decreased reliance on network-level filtering for censorship.

Drawpile 2.1.11 release

Version 2.1.11 is now out. In addition to bug fixes, this release adds one long awaited feature: the ability to detach the chat box into a separate window. Another important change is to the server. IP bans now only apply to guest users. When a user with a registered account is banned, the ban is applied to the account only. This is to combat false positives caused by many unrelated people sharing the same IP address because of NAT. Read more Also: Drawpile 2.1.11 Released! Allow to Detach Chat Box into Separate

Audiocasts/Shows: Going Linux, Linux Action News, TechSNAP, GNU World Order, Linux in the Ham Shack, Python Podcast

  • Going Linux #371 · Listener Feedback

    Bill continues his distro hopping. We discuss the history of Linux and a wall-mountable timeline. Troy gives feedback on Grub. Grubb give feedback on finding the right distribution. Highlander talks communication security and hidden files. Ro's Alienware computer won't boot. David provides liks to articles.

  • Linux Action News 111

    Ubuntu sets the Internet on fire, new Linux and FreeBSD vulnerabilities raise concern, while Mattermost raises $50M to compete with Slack. Plus we react to Facebook’s Libra confirmation and the end of Google tablets.
  • SACK Attack | TechSNAP 406

    A new vulnerability may be the next ‘Ping of Death’; we explore the details of SACK Panic and break down what you need to know. Plus Firefox zero days targeting Coinbase, the latest update on Rowhammer, and a few more reasons it’s a great time to be a ZFS user.

  • GNU World Order 13x26
  • LHS Episode #289: Linux Deep Dive

    Hello and welcome to Episode #289 of Linux in the Ham Shack. In this episode, LHS gets a visit from Jon "maddog" Hall, a legend in the open source and Linux communities. He discusses--well--Linux. Everything you ever wanted to know about Linux from its early macro computing roots all the way up to the present. If there's something you didn't know about Linux, you're going to find it here. Make sure to listen to the outtake after the outro for 30 more minutes on Linux you problem didn't know anything about. Thanks to Jon for an illuminating and fascinating episode.

  • Podcast.__init__: Behind The Scenes At The Python Software Foundation

    One of the secrets of the success of Python the language is the tireless efforts of the people who work with and for the Python Software Foundation. They have made it their mission to ensure the continued growth and success of the language and its community. In this episode Ewa Jodlowska, the executive director of the PSF, discusses the history of the foundation, the services and support that they provide to the community and language, and how you can help them succeed in their mission.