Language Selection

English French German Italian Portuguese Spanish

Google

Chrome users gloriously freed from obviously treacherous and unsafe uBlock Origin

Filed under
Google
Moz/FF
OSS
Web

Thank you, O Great Chrome Web Store, for saving us from the clearly hazardous, manifestly unscrupulous, overtly duplicitous uBlock Origin. Because, doubtlessly, this open-source ad-block extension by its very existence and nature could never "have a single purpose that is clear to users." I mean, it's an ad-blocker. Those are bad.
Really, this is an incredible own goal on Google's part. Although I won't resist the opportunity to rag on them, I also grudgingly admit that this is probably incompetence rather than malice and likely yet another instance of something falling through the cracks in Google's all-powerful, rarely examined automatic algorithms (though there is circumstantial evidence to the contrary). Having a human examine these choices costs money in engineering time, and frankly when the automated systems are misjudging something that will probably cost Google's ad business money as well, there's just no incentive to do anything about it. But it's a bad look, especially with how two-faced the policy on Manifest V3 has turned out to be and its effect on ad-blocker options for Chrome.

It is important to note that this block is for Chrome rather than Chromium-based browsers (like Edge, Opera, Brave, etc.). That said, Chrome is clearly the one-ton gorilla, and Google doesn't like you sideloading extensions. While Mozilla reviews extensions too, and there have been controversial rejections on their part, speaking as an add-on author of over a decade there is at least a human on the other end even if once in a while the human is a butthead. (A volunteer butthead, to be sure, but still a butthead.) Plus, you can sideload with a little work, even unsigned add-ons. So far I think they've reached a reasonable compromise between safety and user choice even if sometimes the efforts don't scale. On the other hand, Google clearly hasn't by any metric.

Read more

Google Helps With Linux Scheduling With SchedViz

Filed under
Linux
Google

Google has just open sourced a tool that lets you visualize how your program is being treated under Linux scheduling. The idea is that you can use SchedViz to tune the system.

We all know the best scheduling algorithm to use - my program runs, everything else is suspended. Effective, but not cooperative. To achieve the same result while allowing other programs a chance to use the CPU we need to tune, and perhaps even select, the scheduling algorithm.

The problem is that the basic Linux tools to do the job are lacking and what generally happens is that you guess what might be best. In a modern system such a guess is unlikely to be correct because there are too many variables. Each thread has a priority and these interact under the scheduling policy. It can make a difference which core a thread is assigned to and changing cores is something best avoided.

Read more

Browsers: Opera 64 (Proprietary), Firefox and Chrome Benchmarks, New Firefox Features

Filed under
Google
Moz/FF
Web
  • Opera 64 is out: New tracker blocker promises you up to 20% faster page loads

    Browser maker Opera is releasing Opera 64 to the stable channel, offering users improved privacy protections from online tracking and updates to its Snapshot tool.

  • Firefox 69 + Chrome 77 On Windows 10 vs. Ubuntu / Clear Linux Benchmarks

    With running some fresh cross-OS benchmarks now that Ubuntu 19.10 is imminent followed by Ubuntu 19.10, a new Windows 10 update coming in the days ahead, and also the release of macOS 10.15, a lot of fun benchmarks are ahead. In today's article is a quick look at the Windows 10 vs. Ubuntu 19.10 vs. Clear Linux web browser performance for both Mozilla Firefox and Google Chrome.

  • Firefox 71 Landing Wayland DMA-BUF Textures Support

    Landing recently into the Mozilla code-base for the Firefox 71 release is DMA-BUF textures support on Wayland. When using Firefox with the OpenGL compositor enabled, the DMA-BUF EGL texture back-end is used that allows for sharing of buffers between the main/compositor process, working directly in GPU memory, and other benefits with this DMA-BUF usage. That code has been merged as another step forward for Firefox on Linux/Wayland.

Codecs and Google

Filed under
Google
Movies
OSS
  • Google Has Been Developing "libgav1" As New AV1 Decoder

    While there exists DAV1D as one of the most promising AV1 decoders to date, Google has been developing libgav1 as its own AV1 decoder and focused on Arm-powered Android devices but also x86_64 desktop CPUs as well.

    Google made its first libgav1 code drop on Friday for this AV1 decoder focused on AV1 profile 0 and profile 1 content. GAV1 is focused on decoding IVF files and so far features the likes of Arm NEON and x86 SSE4.1 CPU optimizations.

  • DAV1D vs. LIBGAV1 Performance - Benchmarking Google's New AV1 Video Decoder

    With the surprise code drop of Google developing a new open-source AV1 video decoder as "libgav1", I set out this Saturday to run benchmarks on various systems for seeing how the performance is looking for this CPU-based decoder in relation to the more well known DAV1D decoder.

    Libgav1 is now available alongside the many other video encoders/decoders for benchmarking via the Phoronix Test Suite with OpenBenchmarking.org. I fired up a number of different Linux systems so far in seeing how the performance compares with a wide array of AMD and Intel processors.

Google Uncovers CPU Bug For Geminilake, Affecting At Least Firefox & Chrome

Filed under
Google
Security

We were alerted this morning to a CPU bug resulting in crashes for Intel Geminilake processors. At least Chrome and Firefox are affected but sounds like other software may be affected too, just that Google has enough engineering resources for investigating the issue.

Google's Chrome team have been receiving "many "impossible" crashes on Intel Gemini Lake, Family 6 Model 122 Stepping 1 CPUs" in recent months. These crashes happen with 64-bit Chrome and span multiple versions of Chrome.

Read more

Related: Google Finds Hundreds Of Data-Race Conditions In The Linux Kernel

Systemd Starts Tapping ChromeOS For USB Devices That Support Auto-Suspend Well

Filed under
Linux
Google

Systemd has begun harvesting the automatic suspend rules from ChromeOS for determining which USB devices support automatic suspend well out-of-the-box on Linux.

Thanks to Google's extensive testing infrastructure and validation of devices around ChromeOS, systemd is now using rules setup by ChromeOS for also marking those same USB device IDs as fine for enabling automatic suspend under Linux. Adapting the auto-suspend rules list from ChromeOS to systemd was done by Dell's Mario Limonciello and should mean more USB devices seeing auto-suspend power savings by default.

Read more

Kernel: ABI, GNU C Library, Core Scheduling, Linux 5.4, Randomness, Kernel Concurrency Sanitizer (KCSAN)

Filed under
Linux
Google
Security
  • Monitoring the internal kernel ABI

    As part of the Distribution Kernels microconference at Linux Plumbers Conference 2019, Matthias Männich described how the Android project monitors changes to the internal kernel ABI. As Android kernels evolve, typically by adding features and bug fixes from more recent kernel versions, the project wants to ensure that the ABI remains the same so that out-of-tree modules will still function. While the talk was somewhat Android-specific, the techniques and tools used could be applied to other distributions with similar needs (e.g. enterprise distributions).

    Männich is on the Google Android kernel team, but is relatively new to the kernel; his background is in build systems and the like. He stressed that he is not talking about the user-space ABI of the kernel, but the ABI and API that the kernel exposes to modules. The idea is to have a stable ABI over the life of an Android kernel. He knows that other distributions have been doing this "for ages", but the Android kernel and build system are different so it made sense to look at other approaches to this problem.

  • System-call wrappers for glibc

    The GNU C Library has long had a reputation for being hostile to the addition of wrappers for new Linux system calls; that has resulted in many system calls being unsupported by the library for years. That situation is changing, though. During the Toolchain microconference at the 2019 Linux Plumbers Conference, Maciej Rozycki talked about glibc's new attitude toward system-call wrappers, but also served notice that there is still significant work to do for the addition of any new system call.
    Rozycki, who put together the talk with Dmitry Levin, is not the person doing most of this work. He was, instead, "delivering a message from Florian Weimer", who was unable to attend the event.

    For those who might appreciate a bit of background: applications running in user space do not call directly into the kernel; instead, they will call a wrapper function that knows how to invoke the system call of interest. If nothing else, the wrapper will place the system-call arguments in the right locations and do whatever is necessary to invoke a trap into kernel mode. In some cases, the interface implemented by the wrapper can be significantly different from what the kernel provides.

  • Many uses for Core scheduling

    Some new kernel features are welcomed by the kernel development community, while others are a rather harder sell. It is fair to say that core scheduling, which makes CPU scheduling harder by placing constraints on which processes may run simultaneously in a core, is of the latter variety. Core scheduling was the topic of (at least) three different sessions at the 2019 Linux Plumbers Conference. One of the most interesting outcomes, perhaps, is that there are use cases for this feature beyond protection from side-channel attacks.

  • 5.4 Merge window, part 1

    As of this writing, 9,632 non-merge changesets have been merged for the 5.4 kernel. This merge window is thus off to a strong start. There has been a wide range of changes merged across the kernel tree, including vast numbers of cleanups and fixes.

  • Following Buggy AMD RdRand, The Linux Kernel Will Begin Sanity Checking Randomness At Boot Time

    The Linux kernel will begin doing a basic sanity check of x86_64 CPUs with the RdRand instruction to see if it's at least returning "random looking" data otherwise warn the user at boot time. This stems from a recent issue where AMD's RdRand behavior with some hardware (particularly, buggy motherboards) could have borked RdRand issues.

  • Google Is Uncovering Hundreds Of Race Conditions Within The Linux Kernel

    One of the contributions Google is working on for the upstream Linux kernel is a new "sanitizer". Over the years Google has worked on AddressSanitizer for finding memory corruption bugs, UndefinedBehaviorSanitizer for undefined behavior within code, and other sanitizers. The Linux kernel has been exposed to this as well as other open-source projects while their newest sanitizer is KCSAN and focused as a Kernel Concurrency Sanitizer.

  • Kernel Concurrency Sanitizer (KCSAN)
    We would like to share a new data-race detector for the Linux kernel:
    Kernel Concurrency Sanitizer (KCSAN) --
    https://github.com/google/ktsan/wiki/KCSAN  (Details:
    https://github.com/google/ktsan/blob/kcsan/Documentation/dev-tools/kcsan.rst)
    
    To those of you who we mentioned at LPC that we're working on a
    watchpoint-based KTSAN inspired by DataCollider [1], this is it (we
    renamed it to KCSAN to avoid confusion with KTSAN).
    [1] http://usenix.org/legacy/events/osdi10/tech/full_papers/Erickson.pdf
    
    In the coming weeks we're planning to:
    * Set up a syzkaller instance.
    * Share the dashboard so that you can see the races that are found.
    * Attempt to send fixes for some races upstream (if you find that the
    kcsan-with-fixes branch contains an important fix, please feel free to
    point it out and we'll prioritize that).
    
    There are a few open questions:
    * The big one: most of the reported races are due to unmarked
    accesses; prioritization or pruning of races to focus initial efforts
    to fix races might be required. Comments on how best to proceed are
    welcome. We're aware that these are issues that have recently received
    attention in the context of the LKMM
    (https://lwn.net/Articles/793253/).
    * How/when to upstream KCSAN?
    
    Feel free to test and send feedback.
    
    Thanks,
    -- Marco
    

OverGrive is the Linux Google Drive client you've been waiting for

Filed under
Linux
Google

If there's one piece of advice I always give Google Drive power users it's that they should make sure to back up their data. Period. Yes, it should be assumed that Google has your back. After all, they are a massive company, storying enormous amounts of data in the cloud. However, you simply never know when disaster might strike. And it does strike. Should that occur, you'll be relieved to know you have a backup copy of your data.

But how do you backup a Google Drive cloud account? For Windows and macOS users, there's the official Google Drive desktop client. For Linux users, there are a few options, many of which are not truly viable for business or other types of Google Drive power users. That brings me to Insync. I've been using that tool for quite some time, with fairly good results. However, upon upgrading from version 1.x to 3.x, my Insync license was invalidated. Being the paranoid person I am (and always wanting to make sure I have a backup), I sent them a message with the assumption they wouldn't get back to me right away. And so, I went in search of a replacement.

Read more

Google: Chrome OS 77 and FOSS on Android (Isolated Space on Android With Shelter)

Filed under
Google
  • Chrome OS 77 Brings Google Assistant to More Chromebooks, Updated Files App

    Google has begin the rollout of the latest Chrome OS 77 operating system for Chromebooks, a release that brings the Google Assistant to more devices and several other updates.
    Google's Linux-based operating system for Chrome devices, Chrome OS, has been promoted to version 77, based on the recently released Google Chrome 77 web browser. Chrome OS 77 is here to bring the Google Assistant intelligent voice assistant to more Chromebooks, making it easier for users to do things on their devices and be more productive.

    "The Assistant on Chromebook helps you stay productive, control your smart devices, and have a little fun along the way. To get started, enable the Assistant in your Chromebook's settings and then try asking or typing some of these queries," said Alexander Kuscher, Director of Chrome OS. "It’s starting to roll out now to more non-managed, consumer devices."

    Google Assistant will help you quickly create new documents, sheets or slides in your Google Drive account, check your schedule or add a new event to your calendar, set reminders, play music through supported speakers, control smart devices in your home, as well as thousands other actions.

  • Shelter, Application To Create An Isolated Space On Android!

    Creating an application clone on a smartphone is one way to open 2 different accounts for an application for certain purposes. Actually, cloning an application is not necessary when the application has a feature to open more than one account. Examples are Applications made by Google.

    Many applications created by Google are connected to our Google account, so we only need to add the desired account to open several Google applications such as Youtube, Gmail, Drive, and others. In fact, Telegram has also added features to be able to use more than one telegram account in one application. However, some applications not provide this feature. we need an application to create multiple applications in one devices.

    One application that can be used to create multiple applications is Shelter. Shelter is an application that is included in the FOSS (Free and Open Source Software) category. You will not find ads on this app. In fact, you can find the source code from shelters on this site.

The /e/ Google-free, pro-privacy Android clone is now available

Filed under
Android
Google

Gaël Duval, creator of the popular early Linux distribution, Mandrake Linux, wanted a smartphone, which was open source, would run a wide variety of popular software, and protect your privacy. His answer was the Android-based /e/ operating system and smartphones. While it's still in beta, both its code and refurbished Samsung phones running it are now available.

There have been many attempts to create an alternative to Google-based Android and Apple's iOS -- Ubuntu One, FirefoxOS, and Windows Mobile all quickly spring to mind -- but none of them caught on. More recently, Huawei is working on its own Android alternative: Harmony OS. Duval's approach hasn't been to reinvent the mobile operating system wheel, but instead to clean up Android of its Google privacy-invading features and replace them with privacy-respecting one, in which, as Duval said in an interview, "Your data is your data."

To do this, he's started with LineageOS. This is an Android-based operating system, which is descended from the failed CyanogenMod Android fork. According to Duval, the /e/ operating system is a Lineage OS fork. It also blends in features from the Android Open Source Project (AOSP) 7, 8, and 9 source-code trees.

Read more

Syndicate content

More in Tux Machines

Debian and Ubuntu Leftovers

  • Ritesh Raj Sarraf: Bpfcc New Release

    bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

  • Utkarsh Gupta: Joining Debian LTS!

    Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail. [...] I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates. And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former). Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them. With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads! :D

  • Ubucon Europe 2019 in local media

    News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air. The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software. For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning. Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

Devices/Embedded: Win Enterprises and Raspberry Pi 4

  • Win Enterprises unveils Atom-based LAN gateway and compact SBC

    Win Enterprises unveiled a fanless “PL-82000” networking gateway with 6x GbE and 2x SFP ports based on an Atom C3000. It also launched a Raspberry Pi sized “MB-5000” SBC that runs Ubuntu or Win 10 on Intel Apollo Lake. We tend to forget Win Enterprises because as its name suggests, the company typically sticks to Windows-supported products. Yet, they have increasingly produced barebones products without listed OS support, such as the new PL-82000 networking appliance, as well as Linux supported systems such as the MB-5000 SBC announced back in June. (In 2017, we covered an Intel Bay Trail based MB-80580 SBC and Win IoT-380 Gateway with Linux support.)

  • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

    Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

  • Raspberry Pi 4 B+ - PCI Express

    Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn't lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

    I'm sharing it to allow people to learn from this - and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

OSS: Odoo, WordPress, MongoDB vs. MySQL

  • What's New in Odoo 13?

    Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations. With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

  • Becoming Better Digital Citizens Through Open Source

    The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen. [...] Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us. All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations.  Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

  • MongoDB vs. MySQL: How to choose

    During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database. Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

Security: XML External Entity (XXE) Example and the Latest Patches

  • XML External Entity (XXE) Example

    According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

  • Security updates for Monday

    Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).