Language Selection

English French German Italian Portuguese Spanish

Web

Epiphany 3.36 and WebKitGTK 2.28

Filed under
Web

So, what’s new in Epiphany 3.36?

Once upon a time, beginning with GNOME 3.14, Epiphany had supported displaying PDF documents via the Evince NPAPI browser plugin developed by Carlos Garcia Campos. Unfortunately, because NPAPI plugins have to use X11-specific APIs to draw web content, this didn’t suffice for very long. When GNOME switched to Wayland by default in GNOME 3.24 (yes, that was three years ago!), this functionality was left behind. Using an NPAPI plugin also meant the code was inherently unsandboxable and tied to a deprecated technology. Epiphany disabled support for NPAPI plugins by default in Epiphany 3.30, hiding the functionality behind a hidden setting, which has now finally been removed for Epiphany 3.36, killing off NPAPI for good.

Read more

ChromeOS, Chrome and Chromium-based Brave

Filed under
Google
OSS
Web
  • Installing the latest version of Inkscape on Chrome OS just got a whole lot easier

    We use Gravit Designer on the daily as our go-to vector editing and design tool but for a long time, Inkscape was always in the old tool bag. Problem was, using Inkscape on Chrome OS in the past required Crouton and the unofficial path to dual-booting Linux on your Chromebook. With the advent of the Crostini Project and Linux apps support, that has changed and for many, installing Inkscape free software on a Chromebook has been a game-changer for productivity. While we no longer use Inkscape, it is still an incredible vector editor and we recommend it for users who aren’t ready to make the jump to the pro version of Gravit that runs you $49.99/year.

  • Chrome OS 80 makes graphic intensive Linux apps so much better

    As we’ve seen in the past few months, Linux apps on Chrome OS have come a long way. There’s still work to be done and there are new features that are on the way or that have just launched, but the overall feel of Linux apps on Chromebooks is way more cohesive than it was just 6 months ago.

  • Chrome browser may get an official Snap package for Linux

    As of late, I spend a good majority of my time digging into Linux on Chrome OS and testing what works and what doesn’t. As the Command Line series takes shape, we’ve become a little keener to Linux-related commits in the Chromium repository. There’s so much that you can do with Linux apps on Chrome OS but the Crostini project still has its limitations due to the nature of the technology. Running applications in containers requires some workarounds for certain things that are normally native on full Linux distributions.

  • Brave Browser Has Reached 12 Million Monthly Active Users

    Brave, the popular crypto-integrated browser, has surpassed its previous adoption records.

    As of Mar. 5, Brave had 4 million daily active users (DAU) and 12 million monthly active users (MAU). Based on Brave’s previous usership statistics, this means that Brave attracted approximately 2 million monthly active users and 700,000 daily active users over the past three months.

Web Browsers: Mozilla Statement on EARN IT Act, You-Get and Privacy Benchmarks

Filed under
Web
  • Mozilla Open Policy & Advocacy Blog: Mozilla Statement on EARN IT Act

    On March 5th, Sens. Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) introduced the Eliminating Abusive and Rampant Neglect of Interactive Technologies (EARN IT) Act. The bill would threaten free speech on the internet and make the internet less secure by undermining strong encryption.

    While balancing the needs of national and individual security in today’s fragile cybersecurity landscape is challenging, this bill creates problems rather than offering a solution.

  • You-Get – downloader that scrapes the web

    A common complaint about YouTube is that to watch the material you need to use a web browser. Fortunately, some funky developers have created applications that allow you to bypass the web-only barrier of YouTube.

    You-Get is a small command-line utility to download media contents (videos, audios, images) from the web. This software lets you access material from YouTube, Youku, Niconico and a whole of other sites without ever leaving the console.

    You-Get is written in Python 3. It’s free and open source software.

  • Brave deemed most private browser in terms of 'phoning home'

    New academic research published last month looked at the phone-home features of six of today's most popular browsers and found that the Brave browser sent the smallest amount of data about its users back to the browser maker's servers.

Basilisk: A Firefox Fork For The Classic Looks and Classic Extensions

Filed under
OSS
Web

Even though it is better to stick with the regular web browsers like Firefox or Chromium available for Linux – it doesn’t hurt to know about other browsers. Recently, I stumbled upon a Firefox fork, Basilisk web browser that features the classic Firefox user interface along with legacy add-ons support (just like Waterfox).

If you are in the dire need of using a legacy extensions or miss the classic look and feel of Firefox, the Basilisk web browser can save your day. The web browser is being maintained by the team behind Pale Moon browser (which is another Firefox fork I will be looking at next).

If you’re looking for open-source Chrome alternatives, you may have a quick look at what Basilisk offers.

Read more

Drupal, Moodle and More

Filed under
Web
  • Sessions Announced for Top Open Source Conference

    The Drupal Association, an international nonprofit organization, announces a rigorous DrupalCon Minneapolis lineup of sessions, all of which will be presented at DrupalCon Minneapolis on May 20-21. DrupalCon is a gathering of 3000 of the top minds in Open Source technology. The recurring event features dozens of curated sessions and panels from some of the most influential people and contributors within the Drupal community and beyond, as well as countless opportunities for networking, contributing to Drupal itself, informal conversations, introductions and more.

  • TYPO3 v10.3 Feature Freeze, Drupal Seeks Sponsors, More Open Source News

    The final sprint release of TYPO3 version 10.3 is now available. This is the “feature freeze” version — meaning no new features will be developed — until the long term service (LTS) release in April. The TYPO3 community will now shift its focus to testing, polishing, and refining the v10 LTS release. Here are some of the key changes.

  • Build great distance learning and collaborative experiences with open source technology

    Due to the outbreak of Coronavirus, many schools around the world remain closed and millions of people are being restricted from leaving their homes. In several countries, governments have mandated that schools should remain closed until March and April 2020.

    Because of this, millions of students worldwide are not able to attend school or University. In view of this situation, many educational organisations worldwide are relying on remote teaching and moving lessons to online environments. Through learning platforms, conferencing tools and virtual classrooms, Universities and schools are providing online tuition so learners can continue their studies without interruption.

    [...]

    Certainly, not only schools are seeing their operations affected by the Coronavirus outbreak. As thousands of companies worldwide are encouraging remote work to safeguard their employees’ health, tools like MoodleCloud and BBB combined can help shift business and operations towards digital, as well as keep remote teams connected. And, of course, our LMS designed specifically for organisational learning, Moodle Workplace, offers a great range of functionalities for online learning and communication within companies.

  • Lakshminarasimha Jayaram Haravu

    A long-time resident of Hyderabad, Lakshminarasimha started his career as a school teacher in Mumbai and had developed country’s first open-source library management system.

AndEX Pie, Android 9 for PC, Now Uses the Brave Browser

Filed under
Android
GNU
Linux
Web

As I reported last month, Android-x86 9.0 finally arrived to let you run the Android 9 Pie mobile operating system on your personal computer. AndEX developer has thoroughly tested the latest Android-x86 release and reports that he experienced lots of freezes and crashes.

Therefore, he decided to build a special version of his AndEX project, which also lets you run Android on your PC, based on Android 9.0 Pie. AndEX already had a version that let you run Android 10 on your desktop or laptop computer.

Built using the Android Open Source Project (AOSP) sources, the new AndEX Pie release is comes with the same features as Android-x86 9.0 Pie, as well as numerous other pre-installed applications.

Read more

Web/CMS/Sysadmin: Cockpit 214, Gutenberg in Drupal, Kiwi TCMS 8.1, Going Static With Hugo

Filed under
OSS
Web
  • Cockpit 214

    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 214.

  • Getting started with the Gutenberg editor in Drupal

    Since 2017, WordPress has had a really great WYSIWYG editor in the Gutenberg plugin. But the Drupal community hasn't yet reached consensus on the best approach to the content management system's (CMS) editorial experience. But a strong new option appeared when, with a lot of community effort, Gutenberg was integrated with Drupal.

  • Kiwi TCMS 8.1

    We're happy to announce Kiwi TCMS version 8.1!

  • The Beauty of a Static Website with Hugo

    I love static websites. No PHP. No big server-side databases. None of that stuff. Just pure, static files being served up and displayed in a browser. The way “The World Wide Web” used to be. Not that there's anything inherrently wrong with non-static webpages, mind you. Sure, they serve a purpose. eCommerce websites with inventory loaded from a database. Sites focused on communication and constantly changing content (like forums or social media type things).

WWW: WordPress 5.4 Release Candidate, Worldwide Radio, and Firefox Nightly

Filed under
Moz/FF
Web
  • WordPress 5.4 Release Candidate

    This is an important milestone as we progress toward the WordPress 5.4 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.4 is currently scheduled to be released on March 31, 2020, but we need your help to get there—if you haven’t tried 5.4 yet, now is the time!

  • Extension Spotlight: Worldwide Radio

    Before Oleksandr Popov had the idea to build a browser extension that could broadcast thousands of global radio stations, his initial motivation was as abstract as it was aspirational. “I wanted to create something that was simple for people to use,” explains Popov, while adding his creation sought to also “bring together users from different countries.”

    [...]

    Worldwide Radio includes some nifty features, like the ability to create your own favorites list, random shuffle between stations, add your own stations that don’t appear on the default list, and set a “sleep” timer so the broadcast will automatically stop at your discretion.

  • Firefox Nightly: These Weeks in Firefox: Issue 70

Linux Foundation Publishes Puff Pieces While Its Certificate Blunder Quietly Takes Shape

Filed under
Security
Web
  • How Contributing to Diversity in Technology Made Me a Better Engineer

    Because my family couldn’t afford tuition, I couldn’t pursue my true interest Computer Science and, instead, studied Metallurgical Engineering — a field that I had absolutely no interest in.

    As I waited in line for the interview with an Iron extraction company, millions of thoughts running through my mind:

    “Will be able to work in a field with no interest for my entire life?”,

    “Will I be happy and satisfied here?”

    “Is this opportunity big enough for the ambitions I have?”, “Has fortune done justice to all the sleepless nights of mine?”.

    There was a part of me that kept asking whether this is what I wanted to do.

    The very next moment, I left the line and went back to my room, skipping my interview.

    After doing a lot of research for the next two days, I came to know about Google Summer of Code (GSoC), a program run by Google where students make contributions to open source software in return for recognition in the technology industry. I had 6 months in hand, for the only chance of getting selected in GSoC and steering my career path into software engineering.

  • Let’s Encrypt Hits One Billion Certificate Milestone

    Free HTTPS tool Let’s Encrypt yesterday announced it has issued its billionth certificate, in what it claims to be a milestone for user privacy and security.

    Backed by the non-profit Internet Security Research Group (ISRG), the initiative has good reason to make such claims, having made what was once a complex and expensive process — registering and managing TLS certificates — free and easy.

    In a blog post from executive director, Josh Aas, and VP of comms, Sarah Gran, the two revealed how HTTPS page loads have risen from 58% of the global total in 2017 to 81%, and even higher (91%) in the US.

    “When you combine ease of use with incentives, that’s when adoption really takes off. Since 2017 browsers have started requiring HTTPS for more features, and they’ve greatly improved the ways in which they communicate to their users about the risks of not using HTTPS,” they explained.

  • Let’s Encrypt issues one billionth free certificate

    Last week was a big one for non-profit digital certificate project Let’s Encrypt – it issued its billionth certificate. It’s a symbolic milestone that shows how important this free certificate service has become to web users.

    Publicly announced in November 2014, Let’s Encrypt offers TLS certificates for free. These certificates are integral to the encryption used by HTTPS websites.

    HTTPS is HTTP that uses the Transport Layer Security (TLS) protocol for privacy and authentication. Your browser uses it to be confident that you’re not visiting an evil website that’s impersonating your real destination using a DNS spoofing attack. It also encrypts the information passing between your browser and the web server so that someone who can snoop on your traffic still can’t tell what you’re doing.

  • Let’s Encrypt to Revoke Millions of TLS Certs

    Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security (TLS) certificates Wednesday, because of a Certificate Authority Authorization (CAA) bug. The move could mean that millions of websites and machine identities that rely on those certificates to protect sensitive data flow could be identified as insecure, or rendered unavailable.

    Certificate users contacted by Threatpost said they were notified of the revocation Tuesday and given 24 hours to resolve the issue. Certificates will be revoked March 4, 9:00 p.m. EST.

    “I manage 200 domains across 20 servers and have until the end of the day to fix the problem,” said Mark Engelhardt, IT consultant with Intuitive Engineering, in Montpelier, Vt. “Let’s Encrypt did not handle this in an ideal fashion at all.”

  • Let's Encrypt? Let's revoke 3 million HTTPS certificates on Wednesday, more like: Check code loop blunder strikes

    On Wednesday, March 4, Let's Encrypt – the free, automated digital certificate authority – will briefly become Let's Revoke, to undo the issuance of more than three million flawed HTTPS certs.

    In a post to the service's online forum on Saturday, Jacob Hoffman-Andrews, senior staff technologist at the EFF, said a bug had been found in the code for Boulder, Let's Encrypt's automated certificate management environment.

    Boulder checks Certificate Authority Authorization (CAA) records to ensure that a Let's Encrypt subscriber controls the domain names for which they are requesting HTTPS certificates. The bug, introduced on July 25, 2019, was an error in the way the tool's Go code iterated over the domain names.

  • Let's Encrypt to revoke 3 million certificates on March 4 due to software bug
  • Millions of websites face 'insecure' warnings

    Some well-known websites could stop functioning properly on Wednesday, 4 March, after a bug was found in the digital certificates used to secure them.
    The organisation that issues the certificates revealed that three million need to be immediately revoked.
    Visitors to affected sites will be greeted with an alert warning them the site is insecure.
    One expert said the issue could result in a "loss of trust".
    The internet security research group (ISRG) is the non-profit organisation behind the project, Let's Encrypt, and last month celebrated issuing its billionth certificate.
    The project has some high-profile backers, including Cisco, Facebook and Google, and is widely credited as one of the driving forces behind businesses securing their websites.
    In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code.
    "Unfortunately, this means we need to revoke the certificates that were affected by this bug, which includes one or more of your certificates. To avoid disruption, you'll need to renew and replace your affected certificate(s) by Wednesday, March 4, 2020. We sincerely apologise for the issue."

    [...]

    He said that while it had "responsibly" revealed the bug, its clients faced uncertainty.
    "Nobody knows how they will deal with it. Businesses will have to apply for a new certificate so there could be an interruption to services which will result in a loss of trust. Users will experience websites that say they have a security problem."
    While the organisation has issued a list of the certificate numbers, it has not made public the names behind them but Prof Woodward said it would probably affect "well-known" websites.

  • Letsencrypt is revoking certificates on March 4

    Let’s Encrypt is a non-profit certificate authority that provides X.509 certificates for Transport Layer Security (TLS) encryption free of cost. The TLS certificate is valid for 90 days only. However, Due to the bug, they need to revoke many (read as “certain”) Let’s Encrypt TLS/SSL certificates. Let us see how to find out if you are affected by this bug and how you can fix it to avoid any problems with your TLS/SSL certificates.

    The revocations start on 04 March 2020, and you need to renew your certificate before that; otherwise, your visitors will get an error about Invalid and expired/revoked certificate error.

Spreading WordPress

Filed under
OSS
Web
  • Elementor Raises $15 Million, Plans to Invest in the Team, Product, and Community

    Elementor, which has quickly become one of the leading WordPress page builders and companies, announced Wednesday it raised $15 million in its first round of funding, led by Lightspeed Venture Partners. The investment round comes on the heels of the plugin surpassing four million active installations.

    Founded in 2016, Yoni Luksenberg and Ariel Klikstein wanted to create a platform for web creators to drag and drop elements on a page to quickly build sites to their specifications. It took two years for the plugin to gather its first million users. Since then, the user base has continued to rapidly grow, adding an extra million users at an average rate of six months.

  • Elementor raises $15M for its WordPress website builder

    WordPress has become so ubiquitous, it’s easy to forget that it still drives a huge ecosystem of startups that build tools and services around the platform. One of these is Elementor, a graphical website building platform that you can plug into WordPress to design and publish sites. More than 4 million sites have already been built with the tool — and it’s now seeing a million new sites every six months.

  • Bloomreach brXM 14 Released, Crafter Launches Marketplace, More News

    WordPress announced that it’s bringing the new Block Editor — which allows for a smoother drafting experience — to native apps. That means users can utilize the editor on-the-go with across a number of mobile devices.

    The new editor makes creating content more intuitive because the interface is simplified for a wide array of devices. This update will bring more efficiency to the content creation and editing process for WordPress websites.

Syndicate content

More in Tux Machines

Security Leftovers

  • What sort of SSH keys our users use or have listed in their authorized keys files

    My first surprise is that we have so many DSA keys listed, since they're no longer supported (and those 380 ssh-dss keys are across 203 different people). People clearly don't clean out their authorized keys files very often. 670 people have RSA keys, 13 have Ed25519 keys, and 15 have some form of ECDSA keys (which implies that a few people list a bunch of ECDSA keys).

    However, that's just what people have sitting around in their authorized keys files, not what actually gets used. What actually gets used is a somewhat different picture. Here are the numbers for how many different keys of each type have been used over the course of 2020 so far: [...]

  • Microsoft is blocking the Windows 10 May 2020 Update on lots of devices [Ed: Microsoft cannot even patch its own software without breaking it]

    Microsoft is preventing a large number of devices from updating to the Windows 10 May 2020 Update. While the software company released the update last week, Microsoft has quietly acknowledged that there are a number of known issues preventing the update from being installed on a variety of PCs. Microsoft has a list of 10 issues it’s currently investigating, and 9 of them have resulted in a “compatibility hold” which stops the Windows 10 May 2020 Update from being installed via Windows Update. One issue involving unexpected errors or reboots with always-on, always-connected devices, affects devices like Microsoft’s Surface Pro 7 or Surface Laptop 3.

  • Security updates for Tuesday

    Security updates have been issued by Arch Linux (ant, bind, freerdp, and unbound), CentOS (bind, freerdp, and git), Debian (python-httplib2), Fedora (ant, kernel, sqlite, and sympa), openSUSE (java-11-openjdk and qemu), Oracle (bind), Red Hat (freerdp), Scientific Linux (python-pip and python-virtualenv), Slackware (firefox), SUSE (qemu), and Ubuntu (Apache Ant, ca-certificates, flask, and freerdp2).

Android Leftovers

Mozilla Firefox 77 Is Now Available for Download, Here’s What’s New

Highlights of the Firefox 77 release include improved accessibility by allowing screen reader users to access the applications list in Firefox Options, providing labels for date/time inputs for users of accessibility tools and updated text in the JAWS screen reader for some live regions. This release also implements support for viewing and managing web certificates via a new about:certificate page, and adds Pocket recommendations on the New Tab page for users located in the United Kingdom (UK). Among other changes, Firefox 77 removes the browser.urlbar.oneOffSearches preference. Users will now have to uncheck the search engines on the One-Click Search Engines option in the about:preferences#search page if they want to hide the one-off search buttons. Read more Direct: 77.0 Firefox Release Also: Firefox 77 Released With Security Fixes, AV1 Image File Support Firefox 77.0 Released with Pocket Recommendations for UK users Firefox 77.0

IBM/Red Hat/Fedora Leftovers

  • Red Hat OpenShift 4 now available on IBM Power Systems

    Clients can exploit the unique capabilities of OpenShift 4 to incrementally modernize the capabilities of their IT infrastructure and streamline their deployment of cloud native applications with continuous integration and deployment. They will be primed to exploit the performance of the Power architecture as they begin to infuse AI and ML insights and Open Source innovations into Linux® applications running on Power Systems. OpenShift 4 combines the industry’s most comprehensive and trusted enterprise container and Kubernetes platform with single step installation, automated upgrades and lifecycle management for every part of our client’s container stack.

  • How to scale an open, energetic community

    Now we're undergoing what may be our largest evolution yet. We're reimagining our mission and vision. We're re-branding. We're renovating our spaces of community conversation and collaboration. We're recruiting new contributors. We're implementing new governance structures to make the project more inclusive. It's incredibly exciting. And in this series, members of the Open Organization project will share the community's journey with you—so you can see firsthand how community evolutions occur, how tough they can be, and how rewarding they become.

  • Ben Williams: F32-20200601 Updated Live isos Released

    The Fedora Respins SIG is pleased to announce the latest release of Updated F32-20200518-Live ISOs, carrying the 5.6.14-300 kernel. Welcome to Fedora 32. This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 840+MB of updates)). A huge thank you goes out to irc nicks dowdle, Southern-Gentleman for testing these iso.

  • Insights into hybrid cloud: Here's what to consider

    Our interactions with businesses can happen in person, on the web, on our mobile devices, in marketplaces or via APIs. To enable these interactions, IT organizations are increasingly being driven towards hybrid IT architectures involving private cloud, public cloud, edge computing, AI/ML and more to provide multiple different routes to the customer. This mixed use of public and private clouds, possibly with some degree of workload portability, integration, orchestration, and unified management across those clouds is often referred to as hybrid cloud computing. Research shows that improving business agility and increasing IT agility are key drivers for organizations that are implementing a hybrid cloud strategy.