Language Selection

English French German Italian Portuguese Spanish

Web

Graphics and Standards

Filed under
Graphics/Benchmarks
Web
Legal
  • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

    SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

  • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

    Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension.

    Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

  • Making Movies Accessible for Everyone

    For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

Chrome users gloriously freed from obviously treacherous and unsafe uBlock Origin

Filed under
Google
Moz/FF
OSS
Web

Thank you, O Great Chrome Web Store, for saving us from the clearly hazardous, manifestly unscrupulous, overtly duplicitous uBlock Origin. Because, doubtlessly, this open-source ad-block extension by its very existence and nature could never "have a single purpose that is clear to users." I mean, it's an ad-blocker. Those are bad.
Really, this is an incredible own goal on Google's part. Although I won't resist the opportunity to rag on them, I also grudgingly admit that this is probably incompetence rather than malice and likely yet another instance of something falling through the cracks in Google's all-powerful, rarely examined automatic algorithms (though there is circumstantial evidence to the contrary). Having a human examine these choices costs money in engineering time, and frankly when the automated systems are misjudging something that will probably cost Google's ad business money as well, there's just no incentive to do anything about it. But it's a bad look, especially with how two-faced the policy on Manifest V3 has turned out to be and its effect on ad-blocker options for Chrome.

It is important to note that this block is for Chrome rather than Chromium-based browsers (like Edge, Opera, Brave, etc.). That said, Chrome is clearly the one-ton gorilla, and Google doesn't like you sideloading extensions. While Mozilla reviews extensions too, and there have been controversial rejections on their part, speaking as an add-on author of over a decade there is at least a human on the other end even if once in a while the human is a butthead. (A volunteer butthead, to be sure, but still a butthead.) Plus, you can sideload with a little work, even unsigned add-ons. So far I think they've reached a reasonable compromise between safety and user choice even if sometimes the efforts don't scale. On the other hand, Google clearly hasn't by any metric.

Read more

Digital Restrictions (DRM) Watch

Filed under
Security
Web
Legal
  • One Weird Law That Interferes With Security Research, Remix Culture, and Even Car Repair

    How can a single, ill-conceived law wreak havoc in so many ways? It prevents you from making remix videos. It blocks computer security research. It keeps those with print disabilities from reading ebooks. It makes it illegal to repair people's cars. It makes it harder to compete with tech companies by designing interoperable products. It's even been used in an attempt to block third-party ink cartridges for printers.

    It's hard to believe, but these are just some of the consequences of Section 1201 of the Digital Millennium Copyright Act, which gives legal teeth to "access controls" (like DRM). Courts have mostly interpreted the law as abandoning the traditional limitations on copyright's scope, such as fair use, in favor of a strict regime that penalizes any bypassing of access controls (such as DRM) on a copyrighted work regardless of your noninfringing purpose, regardless of the fact that you own that copy of the work.  

  • One Weird Law That Interferes With Security Research, Remix Culture, and Even Car Repair
  • Spotify is Defective by Design

    I never used Spotify, since it contains DRM. Instead I still buy DRM-free CDs. Most of my audio collection is stored in free formats such as FLAC and Ogg Vorbis, or Red Book in the case of CDs, everything can be played by free players such as VLC or mpd.

    Spotify, which uses a central server, also spies on the listener. Everytime you listen a song, Spotify knows which song you have listened and when and where. By contrast free embedded operating systems such as Rockbox do not phone home. CDs can be baught anonymously and ripped using free software, there is no need for an internet commection.

Mastodon 3.0

Filed under
OSS
Web

It’s finally here! Mastodon 3.0 is live! The team has been hard at work on making sure that this release is one of our most user-friendly yet with some exciting new features! Here are just a few: [...]

Read more

SerenityOS: From zero to HTML in a year

Filed under
OS
Development
Web

The Serenity operating system turns 1 year old today. I'm counting from the first commit in the git repository, on October 10, 2018. Parts of the code had been around for a while before that, so this first commit was really about putting everything I was tinkering with into a shared repo.

Read more

Browsers: Opera 64 (Proprietary), Firefox and Chrome Benchmarks, New Firefox Features

Filed under
Google
Moz/FF
Web
  • Opera 64 is out: New tracker blocker promises you up to 20% faster page loads

    Browser maker Opera is releasing Opera 64 to the stable channel, offering users improved privacy protections from online tracking and updates to its Snapshot tool.

  • Firefox 69 + Chrome 77 On Windows 10 vs. Ubuntu / Clear Linux Benchmarks

    With running some fresh cross-OS benchmarks now that Ubuntu 19.10 is imminent followed by Ubuntu 19.10, a new Windows 10 update coming in the days ahead, and also the release of macOS 10.15, a lot of fun benchmarks are ahead. In today's article is a quick look at the Windows 10 vs. Ubuntu 19.10 vs. Clear Linux web browser performance for both Mozilla Firefox and Google Chrome.

  • Firefox 71 Landing Wayland DMA-BUF Textures Support

    Landing recently into the Mozilla code-base for the Firefox 71 release is DMA-BUF textures support on Wayland. When using Firefox with the OpenGL compositor enabled, the DMA-BUF EGL texture back-end is used that allows for sharing of buffers between the main/compositor process, working directly in GPU memory, and other benefits with this DMA-BUF usage. That code has been merged as another step forward for Firefox on Linux/Wayland.

Standards/Consortia: HTML and Media Format

Filed under
OSS
Web
  • Why much of the [WWW] is closed off to blind people

    Ultimately, those pushing for digital accessibility argue that businesses have no excuse for dragging their feet over it.

    "It's not hard to do, it should just be part of best practice, not an additional line item, just like making sure a website loads quickly is," says Laura Kalbag, a website designer and author of Accessibility for Everyone.

    "It basically just involves HTML coding, which even a blogger can do. If it is a huge website, it might take some time, but the work itself is not complicated."

    She adds it is a myth that making a website accessible makes it ugly, there is no correlation - you can still have snazzy images and graphics.

  • Neil Young’s Boring, Prophetic Message to Readers

    To Feel the Music is the story of Pono, which was Neil Young’s quixotic attempt to create and sell a new kind of portable music player and download service. Something that didn’t crush recorded sound into nasty little MP3s. If you’ve read either of his previous books, Waging Heavy Peace and Special Deluxe, you’ll be familiar with his preoccupation—his obsession, his foreboding—in this area. Young has long contended that with digitization, the conversion of music into data, has come a terrible shriveling of our sonic universe. You’ll also be familiar with his distinctively dazed, American Primitive prose style: “You have to give your body a chance to absorb [music] and recognize how good it feels to hear it. The human body is incredible. It’s great! It’s made by God/nature, depending on your beliefs.”

    MP3s, and I’ll try to be as scientific as I can here, are evil. They go against God/nature by chopping music into numbers. I’m with Young 100 percent on this. Beautiful flowing music, sliced to bits! And what is the devil’s price for having the entire Tangerine Dream back catalog at your fingertips? Why, shitty sound quality. The sound coming out of my Bluetooth speaker is no longer a dimension; it’s a narrow pulse, a serrated wave. Bass-blurts, ragged spikes of treble, a terrible crowdedness or crammedness in the midrange. My old-fart ears are squeaking in discomfort. The acoustic environment, like every other environment, is being degraded.

    But it doesn’t have to be, is Young’s point. We’ve all settled for this, because Steve Jobs said so. [...]

Standards/Consortia Leftovers

Filed under
Web
  • The Decentralized Web Is Coming

    The goal is to build a better, more decentralized web.

    "There are so many different possible ways of decentralizing the internet, and what's lacking is the legal right to interoperate and the legal support to stop dirty tricks from preventing you from exercising that legal right," says Cory Doctorow, a science fiction author and tech journalist who's been thinking and writing about the web since Tim Berners-Lee introduced it to the public in the early 1990s.

    Berners-Lee and other web pioneers intended for their creation to be decentralized and open-source. "The cyber-utopian view was not merely that seizing the means of information would make you free, but that failing to do so would put you in perpetual chains," says Doctorow.

    There are many theories about why the web became centralized. Doctorow largely blames the abuse of intellectual property law to defeat the decentralized "free software" movement championed by the programmer and activist Richard Stallman. Stallman helped create the popular open-source operating system Linux after freely modifying Unix, Bell Labs' proprietary system.

    But the Digital Millennium Copyright Act, passed in 1998, became an impediment to the open and permissionless approach to software development. The law was intended to prevent duplication of copryrighted works and was eventually applied to all software. Breaking "digital locks" to learn from, interact with, and improve upon the code of dominant web platforms became a federal crime. It's standard practice for today's tech companies to shield their proprietary code from would-be competitors by wielding the power of an increasingly expansive intellectual property regime.

  • Open source version of OPC UA spec for M2M launches

    OSADL announced OPC Foundation certification of its open source, C-developed “open62541” v1.0 implementation of the TSN-enabled OPC UA standard for M2M Ethernet communications. Kalycito has launched an open62541 starter kit that runs on a Linux-ready TQ gateway.

    You may have noticed an increase in products on LinuxGizmos that support Time-Sensitive Networking (TSN), which is built into some new networking SoCs such as NXP’s Cortex-A72 based LS1028A. More recently we’ve seen products that claim to support the OPC Foundation’s TSN-enabled Open Platform Communications Unified Architecture (OPC UA), such as Advantech’s new WISE-710 gateway.

  • HTTP 1, 2, and 3 in a Nutshell

Chromium/Mozilla Firefox: Chrome 78 Beta, Keygen Setback and iframes

Filed under
Google
Moz/FF
Web
  • Chrome 78 Beta: a new Houdini API, native file system access and more

    Unless otherwise noted, changes described below apply to the newest Chrome Beta channel release for Android, Chrome OS, Linux, macOS, and Windows. Find more information about the features listed here through the provided links or from the list on ChromeStatus.com. Chrome 78 is beta as of September 19, 2019.

  • Chrome 78 Hits Beta With Native File System API, Much Faster WebSockets

    Google on Friday released the Chrome 78 web-browser beta following last week's release of Chrome 77.

    Chrome 78 Beta is coming with a new Houdini API or more formally known as the CSS Properties and Values API Level 1, which lets developers register variables as fully custom CSS properties and can better handle animations and other use-cases.

  • Firefox 69 dropped support for <keygen>

    With version 69, firefox removed the support for the <keygen> feature to easily deploy TLS client certificates.
    It's kind of sad how used I've become to firefox giving me less and less reasons to use it...

  • [Mozilla] Restricting third-party iframe widgets using the sandbox attribute, referrer policy and feature policy

    Adding third-party embedded widgets on a website is a common but potentially dangerous practice. Thankfully, the web platform offers a few controls that can help mitigate the risks. While this post uses the example of an embedded SurveyMonkey survey, the principles can be used for all kinds of other widgets.

    Note that this is by no means an endorsement of SurveyMonkey's proprietary service. If you are looking for a survey product, you should consider a free and open source alternative like LimeSurvey.

The Vivaldi 2.8 Release (Proprietary)

Filed under
Software
Web
  • Vivaldi 2.8 Released with Unified Sync Support for Desktop and Android

    Vivaldi Technologies released today the Vivaldi 2.8 web browser for desktop platforms, including GNU/Linux, macOS, and Windows, an incremental update that adds significant improvements.
    With Vivaldi 2.8, Vivaldi Technologies continues to give desktop users full control over their browsing experience by adding various improvements across the board, starting with Vivaldi Sync, which now lets you sync bookmarks, passwords, history, notes, and autofill information across desktop and mobile.

    That's right, starting with Vivaldi 2.8, all your browsing data will be automatically synchronized between your installations of Vivaldi on desktop platforms, such as Linux, Mac, or Windows, and your mobile device where Vivaldi for Android is installed if you use Vivaldi Sync.

  • New Version Vivaldi Web Browser Has Been Released, Install in Ubuntu/Linux

    Vivaldi is the new web browser compare to other famous browsers, the initial release of Vivaldi was in January, 2015. It has improved a lot and evolved since the first release. Basically it is based on the open-source frameworks of Chromium, Blink and Google's V8 JavaScript engine and has a lot of great feature which I will table later. It is known to be the most customizable browser for power users, debuts features that make browsing more personal than ever before.
    Do we really need another browser? Since we already have a lot of them such as mostly used Firefox, Chrome, Opera and so on. The former CEO of Opera Software Jon Von Tetzchner didn't liked the direction of Opera Web Browser and said "Sadly, it is no longer serving its community of users and contributors - who helped build the browser in the first place." Then created a web browser which has to be fast, rich feature, highly flexible and puts the user first, so Vivaldi was born.

  • Vivaldi 2.8: Inspires new desktop and mobile experiences

    Today we are launching a new upgrade to our desktop version – Vivaldi 2.8.

    We’re always focused on giving you complete control over your desktop experience, while also making sure to protect your privacy and security online.

    Vivaldi on the desktop has been our foundation. And now – our inspiration. It continuously pushes us forward to deliver a browser that is made for you.

  • Privacy and the rise of the alternative search engine

    Over the summer we opened our blog to guest bloggers eager to share their perspectives on privacy. In this story, Finn Brownbill explains how we can put an end to tracking in search for the purpose of data collection.

Syndicate content

More in Tux Machines

Debian and Ubuntu Leftovers

  • Ritesh Raj Sarraf: Bpfcc New Release

    bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

  • Utkarsh Gupta: Joining Debian LTS!

    Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail. [...] I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates. And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former). Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them. With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads! :D

  • Ubucon Europe 2019 in local media

    News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air. The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software. For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning. Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

Devices/Embedded: Win Enterprises and Raspberry Pi 4

  • Win Enterprises unveils Atom-based LAN gateway and compact SBC

    Win Enterprises unveiled a fanless “PL-82000” networking gateway with 6x GbE and 2x SFP ports based on an Atom C3000. It also launched a Raspberry Pi sized “MB-5000” SBC that runs Ubuntu or Win 10 on Intel Apollo Lake. We tend to forget Win Enterprises because as its name suggests, the company typically sticks to Windows-supported products. Yet, they have increasingly produced barebones products without listed OS support, such as the new PL-82000 networking appliance, as well as Linux supported systems such as the MB-5000 SBC announced back in June. (In 2017, we covered an Intel Bay Trail based MB-80580 SBC and Win IoT-380 Gateway with Linux support.)

  • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

    Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

  • Raspberry Pi 4 B+ - PCI Express

    Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn't lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

    I'm sharing it to allow people to learn from this - and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

OSS: Odoo, WordPress, MongoDB vs. MySQL

  • What's New in Odoo 13?

    Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations. With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

  • Becoming Better Digital Citizens Through Open Source

    The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen. [...] Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us. All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations.  Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

  • MongoDB vs. MySQL: How to choose

    During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database. Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

Security: XML External Entity (XXE) Example and the Latest Patches

  • XML External Entity (XXE) Example

    According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

  • Security updates for Monday

    Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).