Language Selection

English French German Italian Portuguese Spanish

Software

Brave Privacy and Wayback Machine

Filed under
Software
Web
  • Brave beats other browsers in privacy study

    Users looking for a privacy-focused browser might want to consider Brave first, according to a study published this week.

    Douglas Leith, professor of computer systems at Trinity University, examined six browsers for his report – Web Browser Privacy: What Do Browsers Say When They Phone Home? He found that Brave’s Chromium-based browser is the least likely to reveal unique identifying information about the computer using it.

    The study examined six browsers: Chrome, Firefox, Safari, Brave, Edge, and Yandex. It used several tests to deduce whether the browser can track the user’s IP address over time, and whether it leaks details of web page visits. To do this, it looked at the data shared on startup after a fresh install, on a restart, and after both pasting and typing a URL into the address bar. It also explored what the browser did when it was idle.

    Even though Mozilla makes a talking point of privacy in Firefox, it was Brave, developed by Mozilla’s founder (and creator of JavaScript) Brendan Eich, that won out. Brave, which has accused Google of privacy violations, is “by far the most private of the browsers studied” when used with its out of the box settings, according to the paper.

  • Brave browser now automatically points to Wayback Machine on 404

    The Brave web browser can now automatically detect when a webpage is unavailable and will offer to search the Wayback Machine for a backup, the Internet Archive has announced. Although the 404 error code is the most well known, the announcement notes that the feature also works for 408, 410, 451, 500, 502, 503, 504, 509, 520, 521, 523, 524, 525, and 526 errors.

    If you visit a missing page (such as this one) using Brave then the browser will generate a notification that reads “Sorry, that page is missing. Do you want to check if a saved version is available on the Wayback Machine?” Clicking the prompt takes you to an archived version of the page, where you can then scroll through different snapshots of the page taken over time. It makes it easier to find information that’s disappeared from the internet, regardless of whether it’s been deliberately removed or has just disappeared by accident.

Proprietary: Apple's 'Image' Obsession, TurboTax Scam, Nokia's Demise and Microsoft Being Microsoft

Filed under
Software
  • Apple Won't Allow Movie Villains to Use iPhones
  • TurboTax’s Bid to Buy Free Tax Prep Competitor Might Violate Antitrust Law, Experts Say

    TurboTax, the long-standing dominant player in the tax preparation software market, has recently faced a nascent threat to its lucrative business: A company that specializes in pitching its users financial products has entered the fray with a completely free tax prep service.

    This week, TurboTax’s parent company, Intuit, unveiled a solution to this problem: spending $7.1 billion to buy the rapidly growing upstart, Credit Karma, before it could become a major competitor.

  • Nokia to Weigh Strategic Options as Profit Pressure Mounts [Ed: Microsoft killed Nokia]

    The December announcement that Nokia Chairman Risto Siilasmaa would step down stirred speculation about deeper changes at the company. The firm is in a fierce rivalry with Ericsson and China’s Huawei Technologies Co., as the three dominant players seek to benefit from phone carriers’ investments in next-generation mobile networks.

  • 'Developers have lost hope Microsoft will do the right thing'... Redmond urged to make WinUI cross-platform

    Microsoft's roadmap for developing Windows applications is opposed by some programmers who want to see a cross-platform solution, rather than just being Windows-only.

    Spanish developer José Nieto this week raised an issue on GitHub, stating that WinUI, which Microsoft is positioning as “the native UI platform for Windows 10,” should target not only Windows, but also Linux, Mac, iOS, Android and WebAssembly – this last so it would also run in a web browser.

    This would go against the normal pattern, where a native UI platform is able to take advantage of all the features of the operating system, fits in seamlessly with its look and feel, and is optimized for performance. Supporting cross-platform is a burden that requires compromises.

Revive your RSS feed with Newsboat in the Linux terminal

Filed under
Software
Web

Psst. Word on the web is that RSS died in 2013. That's when Google pulled the plug on Google Reader.

Don't believe everything that you hear. RSS is alive. It's well. It's still a great way to choose the information you want to read without algorithms making the decision for you. All you need is the right feed reader.

Back in January, Opensource.com Correspondent Kevin Sonney introduced a nifty terminal RSS reader called Newsboat. In his article, Kevin scratched Newsboat's surface. I figured it was time to take a deeper dive into what Newsboat can do.

Read more

Introducing Jcat

Filed under
Software

Jcat is a gzipped JSON file of detached signatures. Because it’s gzipped it’s easy to compress and decompress in basically any language, and because it’s JSON it’s dead simple to parse and generate in any framework. There is a little overhead of some metadata (e.g. signing ID, creation time, etc) and but it’s all the kind of thing you can just edit in vim if you needed to. There’s also support for storing binary stuff like DER certificates (base64 to the rescue…), but if possible I’d like it to be all readable in a text editor. The jcat command line tool can import existing detached signatures into the Jcat file, and can also verify the existing .jcat file against all the files in a directory or archive. You can include multiple signatures for the same file (using the AppStream ID as the key) and of course sign multiple files using all the cryptographic engines you need. There’s also rudimentary support for actually creating signatures in the jcat command line client too, although it’s WIP for the GNUTLS engine and completely missing for GPGME at the moment.

This new thing also lets us fix another glaring issue in fwupd. Some companies can’t use PKCS-7, and some can’t use GPG for equally bad and nonsensical reasons – at the moment you need to specify the remote keyring when enabling a remote as we need to know if we need to download the metadata.xml.gz.asc or the .p7b version. Using a .jcat file allows to to not care, and just download one detached thing that can be used no matter how you’ve compiled your system. By adding SHA-256 as an additional not-to-be-used-for-trust engine, Jcat also lets you verify the download of your metadata and cabinet files even when you don’t have GPG or PKCS-7 available, which I know at least one company does on an IOT project. Jcat allows us to move the scary cryptographic verification code out of fwupd and makes the update-your-firmware codebase easier to maintain without worrying about potential landmines.

Read more

Also: Jcat: A New Alternative To Microsoft Catalog Files

Wine 5.3 Released

Filed under
Software
  • Wine Announcement

    he Wine development release 5.3 is now available.

    What's new in this release (see below for details):
    - More work towards Ucrtbase runtime support.
    - Full support for Unicode normalization.
    - Improvements in Shell Folders handling.
    - Various bug fixes.

    The source is available from the following locations:

    https://dl.winehq.org/wine/source/5.x/wine-5.3.tar.xz
    http://mirrors.ibiblio.org/wine/source/5.x/wine-5.3.tar.xz

    Binary packages for various distributions will be available from:

    https://www.winehq.org/download

    You will find documentation on https://www.winehq.org/documentation

    You can also get the current source directly from the git
    repository. Check https://www.winehq.org/git for details.

    Wine is available thanks to the work of many people. See the file
    AUTHORS in the distribution for the complete list.

  • Wine 5.3 Released With Various Improvements

    Wine 5.3 is out as the latest bi-weekly development snapshot on the road to Wine 6.0 next year.

    Notable this release is work coming together on Ucrtbase run-time support, which is the UCRT library used by Microsoft Visual C++ for compiler-independent components like the standard C library and various extensions. The Ucrtbase run-time support isn't yet wired up in full but it's getting there.

  • Compatibility layer Wine 5.3 is out with Unicode improvements and a number of bug fixes

    Hey, got any…grapes? Another development release for the compatibility layer Wine is out today, following their regular release cycle we have Wine 5.3.

Security, Proprietary Software and Openwashing

Filed under
Software
Security
  • Linux 4.4.215 / 4.9.215 / 4.14.172 / 5.5.7 Kernels Bringing Intel KVM Security Fix

    A few days back we reported on a security vulnerability within Intel's KVM virtualization code for the Linux kernel. That vulnerability stems from unfinished kernel code and was fixed for Linux 5.6 Git and is now being back-ported to the 4.4 / 4.9 / 4.14 / 5.5 supported kernels.

    Back on Monday when the CVE-2020-2732 patches first came to light, little was publicly known about the issue but that it stemmed from incomplete code in the vmx_check_intercept functionality in not checking all possible intercepts and in turn could end up emulating instructions that should be disabled by the hypervisor.

  • Let's Encrypt Has Issued a Billion Certificates

    We issued our billionth certificate on February 27, 2020. We’re going to use this big round number as an opportunity to reflect on what has changed for us, and for the Internet, leading up to this event. In particular, we want to talk about what has happened since the last time we talked about a big round number of certificates - one hundred million.

    One thing that’s different now is that the Web is much more encrypted than it was. In June of 2017 approximately 58% of page loads used HTTPS globally, 64% in the United States. Today 81% of page loads use HTTPS globally, and we’re at 91% in the United States! This is an incredible achievement. That’s a lot more privacy and security for everybody.

    Another thing that’s different is that our organization has grown a bit, but not by much! In June of 2017 we were serving approximately 46M websites, and we did so with 11 full time staff and an annual budget of $2.61M. Today we serve nearly 192M websites with 13 full time staff and an annual budget of approximately $3.35M. This means we’re serving more than 4x the websites with only two additional staff and a 28% increase in budget. The additional staff and budget did more than just improve our ability to scale though - we’ve made improvements across the board to provide even more secure and reliable service.

    Nothing drives adoption like ease of use, and the foundation for ease of use in the certificate space is our ACME protocol. ACME allows for extensive automation, which means computers can do most of the work. It was also standardized as RFC 8555 in 2019, which allows the Web community to confidently build an even richer ecosystem of software around it. Today, thanks to our incredible community, there is an ACME client for just about every deployment environment. Certbot is one of our favorites, and they’ve been working hard to make it even easier for people to use.

  • The “Cloud Snooper” malware that sneaks into your Linux servers [Ed: Sophos citing itself, hyping up the threat is installing malicious software on one's own server]

    SophosLabs has just published a detailed report about a malware attack dubbed Cloud Snooper.

    The reason for the name is not so much that the attack is cloud-specific (the technique could be used against pretty much any server, wherever it’s hosted), but that it’s a sneaky way for cybercrooks to open up your server to the cloud, in ways you very definitely don’t want, “from the inside out”.

    The Cloud Snooper report covers a whole raft of related malware samples that our researchers found deployed in combination.

  • OpenSMTPD Email Server Vulnerability Threatens Many Linux and BSD Systems [Ed: It is this package, not the operating systems (GNU/Linux rarely uses this)]

    A critical vulnerability has been discovered in the OpenBSD email server OpenSMTPD. Exploiting the flaw could allow remote code execution attacks. The seriousness of the vulnerability poses a threat to the integrity of OpenBSD and Linux systems.

  • A billion Wi-Fi devices suffer from a newly discovered security fla

    More than a billion internet-connected devices—including Apple's iPhone and Amazon's Echo—are affected by a security vulnerability that could allow [attackers] to spy on traffic sent over Wi-Fi.

  • New ‘Haken’ Malware Found On Eight Apps In Google Play Store

    Eight apps – mostly camera utilities and children’s games – were discovered spreading a new malware strain that steals data and signs victims up for expensive premium services.

  •                            

  • What does it take to commit to 100% open source?

                                 

                                   

    While experts in the database market in particular agree that open source is becoming the norm, the question remains, just how open is this sector’s open-source software? Can software providers realistically succeed with a company that’s 100% open source? Furthermore, would a proprietary infrastructure software provider with a freemium tier be able to achieve the same benefits as those committing to open source?

                                   

    The short answer is, yes — a proprietary infrastructure software company with a freemium tier could theoretically achieve the same benefits as companies going fully open source. However, it’s important to recognize that it would take a freemium model company a significantly longer period of time for its software to mature to the same level as that of an open-source company. Also, the loss of collaborative development and slower feedback loops would likely lead to a higher probability of the software never achieving market traction and ultimately fading away into oblivion.

  • Mirantis: Balancing Open Source With Guardrails

    Mirantis, an open infrastructure company that rose to popularity with its OpenStack offering, is now moving into the Kubernetes space very aggressively. Last year, the company acquired the Docker Enterprise business from Docker. This week, it announced that they were hiring the Kubernetes experts from the Finnish company Kontena and established a Mirantis office in Finland, expanding the company’s footprint in Europe. Mirantis already has a significant presence in Europe due to large customers such as Bosch and Volkswagen.

Software: HPLIP, MuseScore, TeamViewer

Filed under
Software
  • HPLIP 3.20.2 Released with Linux Mint 19.3 Support

    HPLIP 3.20.2, HP developed open source Linux driver for HP printers and scanners, was released today with many new devices and Linux Mint 19.3 support.

  • MuseScore – Create, play, and print beautiful sheet music

    Do you need a top-notch musical notation editor for your Linux PC? MuseScore should be the software of your choice. A good music notation app requires to provide the user with features like quick corrections, fast editing, reliable sharing, and provision of a uniform layout of sheet music. It should make the whole process of creating, editing, and printing music a lot easier and fast.

    MuseScore is one of the powerful and versatile open-source music score editors in the market. It might not offer all the editing features provided by high-end paid software, but it provides users with the core functionality needed.

  • Best 14 teamviewer alternatives for Linux/Ubuntu

    One of the most popular software enabling computers to be controlled remotely is TeamViewer, but there are many other options that are available as well, which have just as many features (desktop sharing, online conferences, and data transfers). Since TeamViewer dominates the major online users, it has long ranked number one by many users.
    However, for many, TeamViewer isn’t their number one choice and so in the true spirit of ope n source, let’s talk about thousands of similar software. Since I can’t discuss it all, let’s talk about the top 14 alternatives of TeamViewer for Linux in 2020.

Proprietary: Opera 67 Released and TurboTax Swindle

Filed under
Software
  • Opera 67 Released with ‘Workspaces’ for Tab Organization

    Opera web browser 67 was released a few days ago with tab organization redefined via a new tool called ‘Workspaces’.

    Often have your browser with too many tabs open? With Opera 67, opened tabs can be grouped into different workspaces. And you can easily switch workspaces via the icons in the left sidebar.

    You can add up to 5 workspaces, name them, and designate their icons. Tabs can be moved to the workspace of your choice via their context (right-click) menu.

  • Ars takes the new Opera R2020 browser for a spin

    Opera R2020 is available on Windows, MacOS, and Linux—meanwhile, Opera Touch, for mobile devices, is available on Android and iOS. We tested Opera on both Linux and Windows, and we also tested Opera Touch on Android. MacOS and iOS ports were not tested.

  • Tax Software Companies Mislead Citizens about Free Tax Filing Options - Validated Independent News

    The average household income in the United States is just under $62,000, meaning most US citizens are entitled to file their taxes for free since they fall below the $64,000/year income line set by the IRS. But, as Justin Elliott and colleagues at ProPublica reported in a series of articles, internal documents and current or former company employees show how TurboTax and H&R Block “steered customers away from the government-sponsored free option and made them pay.”

OSS, Free Software, Programming and Proprietary Traps

Filed under
Software
  • EnterpriseDB looks to grow market for PostgreSQL

    One of key vendors in the PostgreSQL community is EnterpriseDB, which provides a commercially supported distribution of Postgres. A primary competitor of EnterpriseDB Postgres has long been Oracle's namesake database, but simply replacing Oracle isn't the only use case for PostgreSQL, according to Ed Boyajian, president and CEO of EnterpriseDB.

  • Hot off the presses: A sneak peek at the LibrePlanet 2020 schedule

    LibrePlanet 2020 is organized by the FSF. Hundreds of people from across the globe will converge to explore this year's theme, "Free the Future." We'll be delving into the threats to user freedom that we've all been reading about every day in the media, as well as the unique role the free software movement plays in solving these problems.

    In addition to the first keynote we announced last month, Brewster Kahle, LibrePlanet 2020 will feature a panoply of presentations. Our lineup includes some talks we absolutely can't wait to see, and we think you'll feel the same way! You can now dive in to the speakers already confirmed and start planning your itinerary.

    [...]

    LibrePlanet 2020 offers lots of opportunities for socializing, too! The annual FSF open house will take place on the evening of Friday, March 13th, at the FSF office. And the LibrePlanet Saturday night party will feature a sparkling new location. As we have in the past, we'll organize a dinner specifically for women, genderqueer, nonbinary, and gender non-conforming attendees, please mail campaigns@fsf.org if you're interested in joining. If you are looking to organize your own dinner or meetup, you can do so using the LibrePlanet wiki 2020 conference social and dinner pages as a central place for communication about this.

  •      

  • The History of Pong | Code the Classics

           

             

    One topic explored in Code the Classics from Raspberry Pi Press is the origin story and success of Pong, one of the most prominent games in early video game history.

  •      

  • 2020.08 Altered Noise

           

             

    Jonathan Stowe announced a long overdue migration to the Raku era of their NoiseGang portal, a group for the promotion and support of audio and music application development. Definitely a place to check out if you’re into making music using your computer!

  •       

  • Larry Tesler's Copy-Paste A Mixed Blessing For The Software World
  • Secure IoT Linux Platform FoundriesFactory Sees Adoption from Startups to Enterprise
  • Microsoft's Azure Sphere, its Linux-based microcontroller plus cloud service, hits general availability
  • Hey, remember Microsoft's IoT Linux gear? After two years, Azure Sphere is finally here
  • Microsoft Wants To Bring Defender For Linux Users

    In an announcement, Microsoft revealed that they wants to bring the Defender antivirus to Linux operating system. Right now, Microsoft Defender for Linux is in public preview.

Ethical Code Hosting Services in 2020

Filed under
Development
Software

I was really inspired by Free Software Foundation's list of ethical repositories in which I saw GitLab.com service there among other old longstanding services. The Foundation (often called FSF) is a serious organization with long consideration if they wish to update that list. However, in fact, there are many more services coming by time and now there are several interesting ones worth to try and enjoy. Although I myself am not a programmer, but code hosting is not unfamiliar to me, as a free software community member (just like you all, dear readers) I often get so many useful information and sometimes submit bug report to projects I love. You can, for example, take information here as reference to host a Git server software at your home as you see perhaps many serious projects also using it. As an author and mere free software user, I hope this list could be useful for everybody and particularly for programmers. Happy hacking!

Read more

Syndicate content

More in Tux Machines