Language Selection

English French German Italian Portuguese Spanish

Web

Mozilla Thunderbird 78.1 Released with Full OpenPGP Support, Search in Preferences Tab

Filed under
Moz/FF
Web

Mozilla Thunderbird 78.1 is now rolling out today to all supported platforms as the first point release to the latest major Mozilla Thunderbird 78 release with a bunch of exciting new features.

As you know, Mozilla Thunderbird 78 arrived two weeks ago with many exciting changes, including OpenPGP support, new minimum runtime requirements for Linux systems, DM support for Matrix, a new, centralized Account Hub, Lightning integration, and support for the Red Hat Enterprise Linux 7 operating system series.

Probably the most exciting new feature in Mozilla Thunderbird 78 is support for the OpenPGP open standard of PGP encryption, which lets users send encrypted emails without relying on a third-party add-on. However, OpenPGP support wasn’t feature complete in the Thunderbird 78 release and it was disable by default.

With the Thunderbird 78.1 point release, Mozilla says that OpenPGP support is now feature complete, including the new Key Wizard, the ability to search online for OpenPGP keys, and many other goodies. But it’s still disable by default to allow more time for testing, so you need to enable it manually to take full advantage of the new Thunderbird release.

Read more

Chrome and Firefox: Chrome 85 Beta, #StopHateForProfit in FB, Firefox 79 Credits and MDN Web Docs

Filed under
Google
Moz/FF
Web

  • Chrome 85: Upload Streaming, Human Interface Devices, Custom Properties with Inheritance and More

    Unless otherwise noted, changes described below apply to the newest Chrome beta channel release for Android, Chrome OS, Linux, macOS, and Windows. Learn more about the features listed here through the provided links or from the list on ChromeStatus.com. Chrome 85 is beta as of July 23, 2020.

  • Chrome 85 Beta Brings WebHID API For Better Gamepad Support, AVIF Image Decode

    Following the recent Chrome 84 stable release, Google has now promoted Chrome 85 to beta as their latest feature update to this cross-platform web browser.

    Chrome 85 Beta brings initial fetch upload streaming capabilities, the WebHID API is taking shape to improve gamepad support within web browsers, a declarative shadow DOM API is now available as an origin trial, and auto-upgrading of images served over HTTP from HTTPS sites.

  • Use your voice to #StopHateForProfit

    Facebook is still a place where it’s too easy to find hate, bigotry, racism, antisemitism and calls to violence.

    Today, we are standing alongside our partners in the #StopHateForProfit coalition and joining the global day of action to tell Facebook CEO Mark Zuckerberg: Enough is Enough.

  • Firefox 79 new contributors

    With the release of Firefox 79, we are pleased to welcome the 21 developers who contributed their first code change to Firefox in this release, 18 of whom were brand new volunteers!

  • MDN Web Docs: 15 years young

    On July 23, MDN Web Docs turned 15 years old. From humble beginnings, rising out of the ashes of Netscape DevEdge, MDN has grown to be one of the best-respected web platform documentation sites out there. Our popularity is growing, and new content and features arrive just about every day.

    When we turned 10, we had a similar celebration, talking about MDN Web Docs’ origins, history, and what we’d achieved up until then. Refer to MDN at ten if you want to go further back!

    In the last five years, we’ve broken much more ground. These days, we can boast roughly 15 million views per month, a comprehensive browser compatibility database, an active beginner’s learning community, editable interactive examples, and many other exciting features that didn’t exist in 2015. An anniversary to be proud of!

Web/WWW: WordPress and Mozilla

Filed under
Moz/FF
Web

  • Safely reviving shared memory (Mozilla Hacks)

    The Mozilla Hacks blog covers some recent Firefox changes that will allow code from web sites to use shared memory and high-resolution timers in a (hopefully) safe manner.

  • Hacks.Mozilla.Org: Safely reviving shared memory

    At Mozilla, we want the web to be capable of running high-performance applications so that users and content authors can choose the safety, agency, and openness of the web platform. One essential low-level building block for many high-performance applications is shared-memory multi-threading. That’s why it was so exciting to deliver shared memory to JavaScript and WebAssembly in 2016. This provided extremely fast communication between threads.

    However, we also want the web to be secure from attackers. Keeping users safe is paramount, which is why shared memory and high-resolution timers were effectively disabled at the start of 2018, in light of Spectre. Unfortunately, Spectre-attacks are made significantly more effective with high-resolution timers. And such timers can be created with shared memory. (This is accomplished by having one thread increment a shared memory location in a tight loop that another thread can sample as a nanosecond-resolution timer.)

  • Extension Spotlight: SponsorBlock for YouTube

    Have you ever been engrossed in music or a great video when YouTube suddenly interrupts your experience to inject an ad? It’s jarring and ruins the mood of any moment.

    [...]

    A new SponsorBlock feature offers the ability to skip different types of unwanted sections like intros, outros, and those incessant pleas to subscribe to the channel. Ajay says future plans involve developing distinct section categories that will allow users to submit labels for different parts of the video, in case you want to skip forward or back to certain spots.

    The SponsorBlock extension for Firefox is one of the more original content blockers we’ve seen developed in some time. It’s a perfect example of the creative problem-solving potential of browser extensions. So give SponsorBlock a spin and enjoy fewer interruptions while you let loose for your solo living room dance party set to YouTube music.

  • WordPress 5.5 Beta 3

    This software is still in development,so it’s not recommended to run this version on a production site. Consider setting up a test site to play with the new version.

    [...]

    WordPress 5.5 is slated for release on August 11th, 2020, and we need your help to get there!

    Thank you to all of the contributors who tested the beta 2 development release and gave feedback. Testing for bugs is a critical part of polishing every release and a great way to contribute to WordPress.

    [...]

    WordPress 5.5 has lots of refinements to polish the developer experience. To keep up, subscribe to the Make WordPress Core blog and pay special attention to the developers’ notes for updates on those and other changes that could affect your products.

Project V: Open-source Tools to Build your Own Private Network

Filed under
OSS
Security
Web

If you are interesting to build your own internet-ready privacy network, You are in luck with this open-source project (Project V).

But wait, Why would any one would be interested to go through all of the troubles to build his own configured structure instead of choosing a service from the free dozens up-there?

For many the thrill of learning and see how it works, for others they like to be in-control of their own tools.

Project V is a multi-platform production-ready set of tools to build privacy-ready networks. It's core called V2Ray; a tool that manages network protocols and communications.

Read more

Love RSS? Check out NewsFlash Feed Reader for Linux Desktops

Filed under
Software
Web

I rely on desktop feed reader apps to keep tabs on the multitude of projects, repos, blogs, and developer postings needed to feed this site (and thus you) with fresh content regularly.

Overall I prefer the simplicity of Feeds (formerly GNOME Feeds, sometimes referred to as gFeeds) to NewsFlash. While the former isn’t as featured as the latter it feels leaner in use, renders posts cleaner, and yields to convention more.

But if NewsFlash ever adds Feedly support though, I’d adopt it in a heart beat!

One small note: this app uses its own built-in scraper to ‘fetch’ blog posts so that you can read them in-app, without needing to use a browser. This is convenient but be aware that when reading our site you won’t be able to see in-article ‘elements’ such as info boxes, review boxes, image comparisons, image galleries, in-post callouts, themed Flatpak, Snap and other buttons, one-line article summaries, or pull quotes.

Read more

GNUnet 0.13.1 released

Filed under
GNU
Web

This is a bugfix release for gnunet and gnunet-gtk specifically.
For gnunet, no changes to the source have been made. However, the default configuration had to be modified to support the changes made in 0.13.0.
For gnunet-gtk, this fixes a more serious issue where the 0.13.0 tarball failed to build.

Read more

Tor and Mozilla on Politics

Filed under
Moz/FF
Web
  • #MoreOnionsPorfavor: Onionize your website and take back the internet
  • Anti-censorship team report: June 2020

    Tor's anti-censorship team writes monthly reports to keep the world updated on its progress. This blog post summarizes the anti-censorship work we got done in June 2020. You can find a Chinese translation of this blog post below. Let us know if you have any questions or feedback!

  • New Release: Tor Browser 10.0a3

    Tor Browser 10.0a3 is now available from the Tor Browser Alpha download page and also from our distribution directory. This is an Android-only release.

    Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

  • Mozilla Open Policy & Advocacy Blog: Criminal proceedings against Malaysiakini will harm free expression in Malaysia

    The Malaysian government’s decision to initiate criminal contempt proceedings against Malaysiakini for third party comments on the news portal’s website is deeply concerning. The move sets a dangerous precedent against intermediary liability and freedom of expression. It ignores the internationally accepted norm that holding publishers responsible for third party comments has a chilling effect on democratic discourse. The legal outcome the Malaysian government is seeking would upend the careful balance which places liability on the bad actors who engage in illegal activities, and only holds companies accountable when they know of such acts.

    Intermediary liability safe harbour protections have been fundamental to the growth of the internet. They have enabled hosting and media platforms to innovate and flourish without the fear that they would be crushed by a failure to police every action of their users. Imposing the risk of criminal liability for such content would place a tremendous, and in many cases fatal, burden on many online intermediaries while negatively impacting international confidence in Malaysia as a digital destination.

GNUnet 0.13.0 released

Filed under
GNU
Web

We are pleased to announce the release of GNUnet 0.13.0.
This is a new major release. It breaks protocol compatibility with the 0.12.x versions. Please be aware that Git master is thus henceforth INCOMPATIBLE with the 0.12.x GNUnet network, and interactions between old and new peers will result in signature verification failures. 0.12.x peers will NOT be able to communicate with Git master or 0.13.x peers.
In terms of usability, users should be aware that there are still a large number of known open issues in particular with respect to ease of use, but also some critical privacy issues especially for mobile users. Also, the nascent network is tiny and thus unlikely to provide good anonymity or extensive amounts of interesting information. As a result, the 0.13.0 release is still only suitable for early adopters with some reasonable pain tolerance.

Read more

Also: Glibc-HWCAPS To Help With AMD Zen Optimizations, Other Per-CPU Performance Bits

Mozilla, the Web, and Standards

Filed under
Moz/FF
Web
  • Firefox UX: UX Book Club Recap: Writing is Designing, in Conversation with the Authors

    Beyond the language that appears in our products, Michael encouraged the group to educate themselves, follow Black writers and designers, and be open and willing to change. Any effective UX practitioner needs to approach their work with a sense of humility and openness to being wrong.

    Supporting racial justice and the Black Lives Matter movement must also include raising long-needed conversations in the workplace, asking tough questions, and sitting with discomfort. Michael recommended reading How To Be An Antiracist by Ibram X. Kendi and So You Want to Talk About Race by Ijeoma Oluo.

    [...]

    In the grand scheme of tech things, UX writing is still a relatively new discipline. Books like Writing for Designing are helping to define and shape the practice.

    When asked (at another meet-up, not our own) if he’s advocating for a ‘content-first approach,’ Michael’s response was that we need an ‘everything first approach’ — meaning, all parties involved in the design and development of a product should come to the planning table together, early on in the process. By making the case for writing as a strategic design practice, this book helps solidify a spot at that table for UX writers.

  • Tantek Çelik: Changes To IndieWeb Organizing, Brief Words At IndieWebCamp West

    A week ago Saturday morning co-organizer Chris Aldrich opened IndieWebCamp West and introduced the keynote speakers. After their inspiring talks he asked me to say a few words about changes we’re making in the IndieWeb community around organizing. This is an edited version of those words, rewritten for clarity and context. — Tantek

  • H.266/VVC Standard Finalized With ~50% Lower Size Compared To H.265

    The Versatile Video Coding (VVC) standard is now firmed up as H.266 as the successor to H.265/HEVC.

    H.266/VVC has been in the works for several years by a multitude of organizations. The schedule had been aiming for finalizing the standard by July 2020.

  • DSA Is Past Its Prime

    DSA is not only broken from an engineering point of view, though, it’s also cryptographically weak as deployed. The strength of an N-bit DSA key is approximately the same as that of an N-bit RSA key4, and modern cryptography has painstakingly moved away from 1024-bit RSA keys years ago considering them too weak. Academics computed a discrete logarithm modulo a 795-bit prime last year. NIST 800-57 recommends lengths of 2048 for keys with security lifetimes extending beyond 2010. The LogJam attack authors estimated the cost of breaking a 1024-bit DLP to be within reach of nation-states in 2015.5 And yet, DSA with keys larger than 1024 bits is not really a thing!

  • Email Isn’t Broken, Email Clients Are!

    You wouldn’t say “the Web” is broken (or HTTP for those reading who happen to be technologists). Actually some of you (of the HTTPS all-the-things variety) might but that’s beside the point. The real problem with email is managing the massive volume received in a way that’s relatively sane. You can’t fix this problem at the protocol level, it’s an application-level problem. The only real solution to dealing with massive amounts of email is automation (maybe even massive amounts of it). The uninitiated might be shocked to realize how much preprocessing their email messages undergo before they make it to the inbox, researching spam filtering is a great way to get a glimpse into what’s happening, but it’s not enough because it’s not personalized in a way that’s truly effective for the end-user.

German Translation in the Brave Desktop Browser: A moan about localisation

Filed under
Web

In Linux, smaller distributions in particular have an issue with well done localisation, the bigger ones have this sorted as far as I can tell. It also seems to depend on the desktop environment but this alone is not an axcuse. For instance, the Cinnamon desktop in a standard Linux Mint Debian install is well translated and fully localised from the start. Trying the same in Artix though with their Cinnamon edition offering yields a half-baked, half-localised desktop where parts of the menu, the submenus and application entries themselves, and interestingly all Gnome and other applications that are not part of the Cinnamon desktop tools have fully translated menus and options but the Cinnamon desktop, including its control panel/ system settings and file manager are not. This can hardly be due to missing support because it works in LMDE, so the use of English is certainly not hard-coded. Perhaps it's missing a language pack somewhere, but the real reason is down to QA and probably, in the case of smaller projects like Artix, lack of manpower. And that's understandable.

What I am trying to say here is that localisation in Linux is still an issue in 2020, but one would only notice if actually trying to use something other than American English, or any form of English. That reminds me, I've never tried the South African English locale.

Brave is a browser I've been enjoying quite a bit lately as a well supported Chrome and Chromium alternative where you do actually get updates, in contrast to the Debian world where even using the latest stable release means outdated libraries are keeping us on Chromium 73. That or install the privacy invading Google-Chrome. Brave has got a few good features incl. effective built-in ad-blocking and stripping out a lot of Google's tracking and API's so that I'm now using it in all my installs.

Read more

Syndicate content

More in Tux Machines

5 tips for making documentation a priority in open source projects

Open source software is now mainstream; long gone are the days when open source projects attracted developers alone. Nowadays, users across numerous industries are active consumers of open source software, and you can't expect everyone to know how to use the software just by reading the code. Even for developers (including those with plenty of experience in other open source projects), good documentation serves as a valuable onboarding tool when people join a community. People who are interested in contributing to a project often start by working on documentation to get familiar with the project, the community, and the community workflow. Read more

5 reasons to run Kubernetes on your Raspberry Pi homelab

There's a saying about the cloud, and it goes something like this: The cloud is just somebody else's computer. While the cloud is actually more complex than that (it's a lot of computers), there's a lot of truth to the sentiment. When you move to the cloud, you're moving data and services and computing power to an entity you don't own or fully control. On the one hand, this frees you from having to perform administrative tasks you don't want to do, but, on the other hand, it could mean you no longer control your own computer. This is why the open source world likes to talk about an open hybrid cloud, a model that allows you to choose your own infrastructure, select your own OS, and orchestrate your workloads as you see fit. However, if you don't happen to have an open hybrid cloud available to you, you can create your own—either to help you learn how the cloud works or to serve your local network. Read more

today's howtos and leftovers

  • Linux commands for user management
  • CONSOOM All Your PODCASTS From Your Terminal With Castero
  • Install Blender 3D on Debian 10 (Buster)
  • Things To Do After Installing openSUSE Leap 15.2
  • GSoC Reports: Fuzzing Rumpkernel Syscalls, Part 2

    I have been working on Fuzzing Rumpkernel Syscalls. This blogpost details the work I have done during my second coding period.

  • Holger Levsen: DebConf7

    DebConf7 was also special because it had a very special night venue, which was in an ex-church in a rather normal building, operated as sort of community center or some such, while the old church interior was still very much visible as in everything new was build around the old stuff. And while the night venue was cool, it also ment we (video team) had no access to our machines over night (or for much of the evening), because we had to leave the university over night and the networking situation didn't allow remote access with the bandwidth needed to do anything video. The night venue had some very simple house rules, like don't rearrange stuff, don't break stuff, don't fix stuff and just a few little more and of course we broke them in the best possible way: Toresbe with the help of people I don't remember fixed the organ, which was broken for decades. And so the house sounded in some very nice new old tune and I think everybody was happy we broke that rule.

Programming Leftovers

  • Podcast: COBOL development on the mainframe

    Nic reached out when COBOL hit the news this spring to get some background on what COBOL is good for historically, and where it lives in the modern infrastructure stack. I was able to talk about the basics of COBOL and the COBOL standard, strengths today in concert with the latest mainframes, and how COBOL back-end code is now being integrated into front ends via intermediary databases and data-interchange formats like JSON, which COBOL natively supports.

  • What I learned while teaching C programming on YouTube

    The act of breaking something down in order to teach it to others can be a great way to reacquaint yourself with some old concepts and, in many cases, gain new insights. I have a YouTube channel where I demonstrate FreeDOS programs and show off classic DOS applications and games. The channel has a small following, so I tend to explore the topics directly suggested by my audience. When several subscribers asked if I could do more videos about programming, I decided to launch a new video series to teach C programming. I learned a lot from teaching C, and in the process, I came across some meaningful takeaways I think others will appreciate. Make a plan For my day job, I lead training and workshops to help new and emerging IT leaders develop new skills. Outside of regular work, I also enjoy teaching as an adjunct professor. So I'm very comfortable constructing a course outline and designing a curriculum. That's where I started. If you want to teach a subject effectively, you can't just wing it. Start by writing an outline of what topics you want to cover and figure out how each new topic will build on the previous ones. The "building block" method of adding new knowledge is key to an effective training program.

  • Google's Flutter 1.20 framework is out: VS Code extension and mobile autofill support
  • Google Engineers Propose "Machine Function Splitter" For Faster Performance

    Google engineers have been working on the Machine Function Splitter as their means of making binaries up to a few percent faster thanks to this compiler-based approach. They are now seeking to upstream the Machine Function Splitter into LLVM. The Machine Function Splitter is a code generation optimization pass for splitting code functions into hot and cold parts. They are doing this stemming from research that in roughly half of code functions that more than 50% of the code bytes are never executed but generally loaded into the CPU's data cache.

  • Modernize network function development with this Rust-based framework

    The world of networking has undergone monumental shifts over the past decade, particularly in the ongoing move from specialized hardware into software defined network functions (NFV) for data plane1 and packet processing. While the transition to software has fashioned the rise of SDN (Software-defined networking) and programmable networks, new challenges have arisen in making these functions flexible, efficient, easier to use, and fast (i.e. little to no performance overhead). Our team at Comcast wanted to both leverage what the network does best, especially with regards to its transport capacity and routing mechanisms, while also being able to develop network programs through a modern software lens—stressing testing, swift iteration, and deployment. So, with these goals in mind, we developed Capsule, a new framework for network function development, written in Rust, inspired by Berkeley's NetBricks research, and built-on Intel's Data Plane Development Kit (DPDK).

  • This Week in Rust 350
  • Firefox extended tracking protection

    This Mozilla Security Blog entry describes the new redirect-tracking protections soon to be provided by the Firefox browser.

  • Karl Dubost: Browser developer tools timeline

    I was reading In a Land Before Dev Tools by Amber, and I thought, Oh here missing in the history the beautifully chiseled Opera Dragonfly and F12 for Internet Explorer. So let's see what are all the things I myself didn't know.

  • Daniel Stenberg: Upcoming Webinar: curl: How to Make Your First Code Contribution

    Abstract: curl is a wildly popular and well-used open source tool and library, and is the result of more than 2,200 named contributors helping out. Over 800 individuals wrote at least one commit so far. In this presentation, curl’s lead developer Daniel Stenberg talks about how any developer can proceed in order to get their first code contribution submitted and ultimately landed in the curl git repository. Approach to code and commits, style, editing, pull-requests, using github etc. After you’ve seen this, you’ll know how to easily submit your improvement to curl and potentially end up running in ten billion installations world-wide.