The latest version of the powerful Thunar file manager for the leading Linux desktop environment Xfce fixes six bugs. There is also translation updates for seven languages. There is nothing new in terms of features, just small fixes in preparation for the launch of Xfce 4.14 stable.
Thunar browsing a Samba share.
The bugs closed in this release are:
Do not register "send to" as last used app (Bug #14118)
Use https where possible
Dont restart the folder monitor on each refresh (Bug #13364)
Fix XML declaratation in uca.xml (Bug #13623)
Always show the executable checkbox (Bug #15605)
Replace Trash action with Delete as needed (Bug #15352)
And there's also translation updates for Armenian, Finnish, Kazakh, Portuguese (Brazil), Swedish, Thai and Turkish.
One of the bugs, #13364, does not entirely solve the problem of ghost files after moving in all cases - which was caused by the folder monitoring technology. The remaining corner-case problems are tracked as bug #15704 and there is no fix for this in thunar 1.8.8.
The Ubuntu Linux distributions non-LTS releases are supported for nine months and then you're on your own. Their KDE flavored variant Kubuntu 18.10 Cosmic Cuttlefish was released October 18th 2018 which means that it's life is over, it's done and there will be no more package updates. Users will have to move on.
This is why Long Term Support releases are preferable.
The newer Kubuntu 19.04 Disco Dingo is, of course, still supported and it will be until January 2020.
A brand new version of Kubuntu can be acquired from kubuntu.org/getkubuntu/. There are two versions to choose from. The 18.04 LTS release will be supported until April 2021 while Kubuntu 19.04 is a short-lived release which will only receive support until January 2020. There is also the possibility of installing KDE's own KDE Neon which is, in reality, just KUbuntu 18.04 LTS with bleeding edge KDE packages on top.
published 2019-07-19 - last edited 2019-07-19
The latest version of the Ristretto image viewer fixes some memory leaks and some minor bugs. It is still based on GTK 2 and it is still too cumbersome to use as a general-purpose image viewer. The new version does not fix the very fundamental problems with this particular image viewer.
The complete change-log since the last release is as follows:
Fix a few memory leaks
Fix "Sort type unsupported" when sorting by file type
Add support for Canon CR2 format
Drop saturation and brightness support as no more supported by xfdesktop
Show info on focal length and ISO in statusbar (bug #13993)
Fix Glib-Critical errors "Source ID X was not found"
Place appdata.xml to metainfo dir (bug #15382)
Fix Xfce wallpaper manager (for single monitor only) (bug #14571)
Fix corrupted (large) GIF images (bug #15177)
Update thumbnail bar on changing the sorting order (bug #10246)
Improve "Sorting" menu (bug #15539)
appdata.xml: Remove releases info and update URLs (bug #15482)
None of this changes addresses the very fundamental problems with this particular image viewer: There is no easy way to quickly switch between folders and it does not remember zoom settings from one image to the next. While it's nice that there's improvements it's just not enough.
Ristretto 0.8.5 is still based on GTK 2. This will be the last version of Ristretto based on GTK2. The next version of Ristretto will be based on GTK 3. An anonymous source in the Xfce developer community tell us that Ristretto 0.8.5 is based on GTK 2 because "the gtk3 port is not finished (yet)"
Valve has released both a new stable and a new beta version of their immoral Digital Rights Management riddled game store. The new clients have better logic for choosing what servers it's clients use to download games and updates which should result in faster downloads for those who happen to live close to one of their servers. This is good news for those willing to trade freedom for hours or weeks of temporary entertainment.
Steam 1563346602 (Stable)
The new stable Steam client which was released on July 17th fixes a crash that would occur when starting steam with no active audio card port. It's also got better detection of the specific Linux version it is running on.
The Steam Linux version will now look for and use the handy little dialog display program zenity to display basic dialog boxes on startup. Why Valve prefers to use this simple program for displaying gtk dialogs is unclear but that's what the new version does. You can try this handy little program if you have it. It's basic syntax is zenity followed by --text="something" followed by a dialog type. There are many dialog types such as --info, --error, --warning and many more available.
Output ofzenity --text="Your computer is on fire" --warning
There are two network-related changes in the new Steam client. P2P connections are now migrated to other relays if the relay you are using goes down. Steam will also better choose servers used for the rather large downloads some games require. This should result in faster downloads if Steam has a mirror near your location.
There's also a lot of input related changes. Counter-Strike: Global Offensive no longer crashes when the game is started with a joystick plugged in. That particular game is better played with a keyboard and mouse anyway so it was not a huge deal - but having to unplug the gamepad to play it was annoying. There is no specific mention of this in Steam's Client Update announcement but there is a list of Input-related fixes. One of those probably resulted in this bug being fixed.
The rest of the changes to Steam's new stable client are dull and not interesting. There are some fixes for Steam Remote Play, the Big Picture mode and Shader Pre-Caching.
Steam 1563411792 (Beta)
Steam's new Beta version of their client, released on July 18th, fixes the "details" button not working in the grid game view. It also blacklists a "problematic" USB device but does not admit which. And there's a fix for Steam Controllers sometimes turning off when reconnecting a wireless dongle. And that's it, that's all the new features in their shiny new beta version.
Steam is available in the repositories of most Linux distributions. You can simply install steam on Fedora, Ubuntu and even Debian if you enable "non-free" repositories. Manjaro Linux installs it by default as part of the base installation.
published 2019-07-18 - last edited 2019-07-18
A major update to the simple and easy to use XMPP/Jabber messaging program Kaidan was released one week ago following one and a half year of hard development word. That long-awaited 0.4.0 release had the minor problem of not being able to connect to the Internet on some Linux distributions. Version 0.4.1 has fixed that bug as well as some other minor issues discovered after the 0.4.0 release. Kaidan is available for Linux, Android, macOS and Windows.
It may look like this is the mobile version of Kaidan but it is actually the the desktop version. They look and feel and behave the exact same way.
XMPP, also known as "Jabber", is a very old protocol for text chat which never gained much popularity. Some still use it since it works just fine. Kaidan is a very fresh and friendly chat client for that protocol.
The new Kaidan has a very simple and easy to use interface which looks like it's made with mobile phones in mind. The simplicity does work for this chat client since there is no need for a whole lot of UI elements on a simple chat program. The window can be resized and made bigger.
Kaidan supports sending files in addition to text messages. There is no support for voice or video chat.
Kaidan 0.4.1 does not have a system tray icon for hiding and showing the application.
Kaidan is available for Windows, Linux and MacOS and to some degree Android. A Linux Appimage and standalone binaries for macOS and Windows can be acquired from www.kaidan.im/download/. The download page also lists a "Flatpak" for Linux. The Flatpak is currently broken and will not let you connect to the Internet. This is due to a build server problem affecting Flatpak. The Linux AppImage version works fine. You will have to download it, Kaidan is not yet available in any major Linux distributions repositories.
There is also a Android version listed on the download page. The Android version is "very experimental". It is not available in the F-Droid app-store and it will not be for some time.
Linux kernel creator and architect Linus Torvalds has accepted the proposed Direct Rendering Management code required for AMD Navi GPU support from DRM maintainer Dave Airlie and merged it into the Linux kernel git tree. This ensures that the upcoming 5.3 version of the Linux Kernel will support these new GPUs. Kernel support is required for the Vulkan and OpenGL support the upcoming 19.2 version of the Mesa graphics stack will have for the newly released AMD Navi GPUs.
The code was pulled in be8454afc50f43016ca8b. DRM maintainer Dave Airlie had this to say about the pull request:
"The biggest thing in this is the AMD Navi GPU support, this again contains a bunch of header files that are large. These are the new AMD RX5700 GPUs that just recently became available."
DRM maintainer Dave Airlie on the DRM updates to Linux Kernel 5.3
Fully working support for AMD Navi graphics cards on the average Linux desktops is still far away. Kernel support is just one piece of the puzzle, the Mesa driver handles vast majority of the actual work related to graphics on Linux desktops. Version 19.2 of the Mesa graphics graphics stack will be the first version to have support for AMD Navi technology. It is not scheduled to be released until the end of August. Distributions spend some time testing new Mesa versions, some more than others, before adding them to their repositories. Do not expect AMD Navi to be usable on the common Linux distributions such as Manjaro Linux, Mageia and Fedora until late September and you should also not expect any Debian support for AMD Navi until sometime next year.
It is of course possible to get AMD Navi working right away by using git versions of everything. If you love random crashes all day long then that option may be for you. The better option is to hold off on buying the newly released AMD cards until stable drivers land in the distribution(s) you use.
published 2019-06-17 - last edited 2019-07-18
KDE Connect is a multi-platform project for securely synchronizing and controlling one device from another. It has so far been been limited to synchronization between Linux desktops and Android phones. This technology is now available to Mac and Windows users thanks to KDEs Summer of Code students Weixuan Xiao and Piyush Aggarwal.
KDE Connect on Android controlling a music player on a Linux machine. We do not have any iToddler toys and can therefore not test the new MacOS version.
Features implemented in the KDE Connect Mac version so far
The Mac version will so far allow you to do the following from a connected phone:
Run pre-configured commands on your Mac
Control the volume
Keep the Mac's screen connected when the phone's connected
The Mac version can also be used to do to the following with a connected phone:
Make the phone ring so you can find it if you forgot where you put it
View the phone's battery status from your desktop
It will soon be possible tor receive phone notifications as desktop notifications on a Mac. This is still work in progress. A input-plugin for controlling a Mac's mouse from a phone is also in the works.
More features coming, including Siri integration
We asked developer Weixuan Xiao what we can expect in future versions of KDE Connect for Mac.
- What were your biggest challenges making a Mac OS version of KDE Connect?
"The dev group chooses to adapt KDE Connect rather than making an entirely new one. So, it reduced much work. But the difficult part is something like DBus, we are extremely familiar with it. But to run it on macOS, there were lots of work."
- Are you happy with the result?
- What, if anything, remains to be fixed?
There are some more plugins to be fixed, such as sftp plugin, virtual input plugin, etc. But most of plugins work well. All of them will be fixed in one month. And a production-ready one will be released next month.
- What are your plans for the future?
I'm going to add more features of macOS, such as Siri integration, and fix HiRes for KDE Connect.
The current iteration of the most advanced GNU/Linux desktop environment is five year old today; KDE Plasma 5.0 was launched July 16th, 2014. KDE itself is much older, it's launch date of October 14th, 1996 makes it 22 years old. Plasma itself is also older with the first version being introduced with KDE 4 on 23rd October 2007 - nearly 12 years ago.
KDE Plasma 5 is available as an alternative on most GNU/Linux distributions. It is the default desktop on KDE's own KDE Neon distribution. It is also available on Debian, Manjaro Linux and other leading Linux distributions.
Microsoft just spammed us informing that they are updating their terms of service. Their new terms are even more big-brother like than their previous terms. Their e-mail spam claims that you agree them reading your e-mails and sharing the content with contractors and partners just by using any of their products. You should absolutely resist and close your Microsoft accounts and remove all traces of Microsoft software from computing devices in your vicinity.
Microsoft claims that not closing your accounts with them before August 30th, 2019 is the same as accepting their terms of service. We recently signed up with their "Webmaster" services to see if it was possible to make their utterly stupid web crawler "bingbot" not do silly things like request a low-case version of every URL in addition to the mixed-case version.
Here's one of the more important points: Microsoft, in their Services Agreement, claims that "your content" is "your communications with others" including the documents on your computer, videos and livestreams and your e-mail. They then go on to claim that "your content" is magically "their data". They refer to their Microsoft Privacy Statement for information about how they use the data they collect. The more important point from that "privacy" statement is: "We also share data with Microsoft-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our products; and to protect the rights and property of Microsoft and its customers."
What this means, concretely, is this: Microsoft is spies on you and shares that data with anyone who's even remotely connected to them. Basically everyone who asks.
It is important to note that Microsoft claims that just using their products given them consent to read your e-mail and share it's contents with contractors, partners and basically anyone who asks for a sneak peak. You need to disinfect any and all computers infected by a malicious piece of software called "Windows" to avoid being spied on. This software is often pre-installed on new computers. There are various methods which can be used to remove Windows infections from computers. Good options for most people include Debian, Manjaro Linux and FreeBSD. HarmoniKR is a great option for South Korean people. You can find a list of more software which can be used to clean Windows infestations at https://www.gnu.org/distros/free-distros.html
You should also take care to remove any traces of "Windows" software from friends and family members computers or you run the risk of their devices spying on you when you are in their presence.
Remember: You do not have to simply bend over and agree when multi-national corporations make their "terms" increasingly draconian and in direct violation of local laws. You can resist by not using their products.
You can close individual Microsoft accounts by visiting their "close your account" service which, ironically, will in some cases require you to "verify" your account using a phone number.
published 2019-07-15 - last edited 2019-07-15
AntiX is a systemd-free Linux distribution forked off Debian with IceWM as the default desktop environment. It is essentially Debian with a really light-weight default configuration. The current stable 17.4 release is based on Debian Stretch. AntiX 19 is based on the newly released Debian 10 Buster. There is not much new since the first AntiX 19 beta was released, there's some new themes, icons and wallpapers included in the default installation and that's about it. The difference between 17.4 and the 19-series is huge.
AntiX is essentially Debian with the latest version of the very light-weight IceWM window manager as the default desktop and really light-weight applications as defaults. The long discontinued ROX filer, last updated in 2011, is the default file manager. mtPaint is the default graphics editor. The really light-weight Dillo web browser and Firefox are the default browser options. xmms and gnome-mpv are the default media-players. These are all very light and fast applications suitable for older hardware.
The default Live environment on AntiX 19b2
There are both i386 and x86-64 images available. Do note that the 32-bit version is for i386, not just i686 and newer. If you are looking for something to run on a machine that's on display at a museum exhibit then AntiX may be for you. It may also be a great choice if you have an very old laptop or just want a real snappy system on a modern machine. This is a distribution which is so light it will seem snappy and responsive on weak ancient hardware.
There is no ARM option architectures beyond i386 or x86-84 so you are out of luck if you want to run it on a Raspberry Pi.
AntiX beta 2 uses kernel version 4.9.182 with the SACK patches. That is a bit strange since the Debian 10 uses the 4.19 stable kernel branch. 4.19 and 5.1 kernels are optionally available for those who prefer them.
The list of other changes since AntiX 19 beta 1 is rather short. There's some new firmware for bluetooth, a minor change to the menu, some under the hood bug-fixes and new icons, themes and wallpapers. And that's it.
The changes between AntiX 17.4 and 19 are, on the other hand, significant. It uses connman instead of wicd as a default graphical network manager and roxterm has replaced lxterminal as the default terminal emulator. And there are new versions of all the software AntiX ships like Firefox, gnome-mpv, xmms and so on since Debian updated everything between Stretch and Buster. There's also more software such as screenlight and the graphical synaptic package manager included in the default installation.
The differences between Debian and AntiX
The much lighter default desktop environment is the most immediately visible difference between Debian 10 and AntiX 19 but there are other huge and important differences under the hood. First of all, AntiX does not have systemd. The init system is instead based on good old-fashioned scripts in /etc/init.d/. Secondly, one of the biggest changes between Debian 9 and Debian 10 Buster is the introduction of a access control framework called AppArmor. This is not enabled or present in AntiX. There's no apparmor_status or other related binaries. Oddly, there's /etc/apparmor.d/ with some policy files - but there is no framework to use them. We can only guess if this is due to performance considerations or because enabling AppArmor without systemd would require too much work. It is not a big deal, just something to be aware of. This distribution is not targeting cloud deployments or financial institutions so AppArmor is not really a requirement.
We will do a full review of AntiX 19 at a later date. First impressions: It's a stripped-down light-weight systemd-free Debian 10. If you are looking for a distribution for an old Athlon XP or a Pentium II then this distribution is likely a great choice.
AMD claims to have figured out why their new Ryzen 3000 CPUs are unable to produce random data when the RDRAND instruction is called. They promise that a BIOS update will be made available shortly. This is good news for those who want to run modern Linux distributions or Windows games like Destiny 2 on these chips since it is currently impossible to use any software which takes advantage of the RDRAND instruction on AMDs flawed new CPUs.
AMD story, according to German publication heise.de, is:
"AMD has identified the root cause and implemented a BIOS fix for an issue impacting the ability to run certain Linux distributions and Destiny 2 on Ryzen 3000 processors. We have distributed an updated BIOS to our motherboard partners, and we expect consumers to have access to the new BIOS over the coming days."
AMD has not issued any press release or replied to our inquiries or otherwise publicly admitted that RDRAND is plain broken on Ryzen 3000 series CPUs. The common Linux system manager systemd uses this instruction as of version 240. Linux distributions using systemd 240+ will therefore simply not boot on Ryzen 3000 series CPUs. There is apparently also some Windows game called "Destiny 2" which relies on this instruction.
We consider heise.de to be a reputable publication and believe the AMD statement to be accurate even though AMD does not appear to have published or admitted anything related to this major flaw in their new CPUs anywhere on their website or their own asocial media channels. We do not have any information beyond the above statement since AMD has not provided any.
It is a bit telling that AMD flat out ignored all question relating to this defect and only gave the larger outlet heise.de a brief statement.
published 2019-07-12 - last edited 2019-07-12
Curiosity will sometime result in a complete waste of time and that's exactly what benchmarking Firefox 68 directly from Mozilla vs the Firefox 68 update shipped by Fedora in that distributions repositories. There is absolutely no difference.
We used Mozilla's version when we tested the newly released Firefox 68's performance against Chromium 75 and Firefox Nightly since Fedora had not yet shipped an updated version. This is why we were curious to see if there would be any difference if we tested the distribution's version of Firefox 68.
The numbers weren't exactly identical but they were within less than half a percentage of each other in all the tests on both the Intel i7-5500U laptop and the Ryzen 2600 desktop used for the web browser performance comparison.
Apparently, it makes no difference if you use a version of Firefox downloaded from the Mozilla Corporation or a version from the Linux distribution's repositories - in the case of Fedora.
published 2019-07-12 - last edited 2019-07-12
The latest stable version of the best free software video editor has a really long list of bug-fixes, 12 of which were causing crashes. Cursor tools now work as they should when hovering a timeline and the clip selection code, which previously would cause lags when working with lots of clips, is now a whole lot faster.
The kdenlive team has been working hard on the next-generation kdelive which will be released as version 19.08 "in less than a month". The git development branch is already indicating kdenlive's version as 19.07.70. This upcoming kdenlive release's codebase has already got quite a few really neat new features.
The git versions allows you to preview the clips in the Project Bin by holding shift and hovering the mouse above the small thumbnails. Moving the mouse to the beginning or end of the small thumbnails let you preview clips as if the thumbnail was a time-line. This really cool feature lets you quickly get an idea what the clip's about before opening it in the clip monitor or adding it to the timeline.
Some features that are scheduled to be in 19.08 are not yet finished. There may or may not be an improved speed effect and a new 3 point workflow system in the new version.
Wizards can try the latest kdenlive 19.08 beta which is currently named 19.7.70 by cloning git://anongit.kde.org/kdenlive.git
The annoyance when you just want to watch Oh My Girls new music video and you find that you can't because your shiny new kernel's got a broken driver for your Intel iGPU can be avoided by either not upgrading kernel 5.2 or by not using Chromium the VAAPI accelerated video patch.
Playing video with mpv using the VAAPI API works just fine with Linux Kernel 5.2 and the i915 Intel graphics driver. Playing video in Chromium with without hardware video acceleration is also working just fine.
Playing video in Chromium with video acceleration on kernel 5.2 with HD Graphics 5500 powered by the i915 graphics driver results in The Hang and this dmesg output:
[ 86.016975] i915 0000:00:02.0: GPU HANG: ecode 8:1:0xfffffffe, in chromium-vaapi , hang on rcs0
[ 86.016976] [drm] GPU hangs can indicate a bug anywhere in the entire gfx stack, including userspace.
[ 86.016977] [drm] Please file a _new_ bug report on bugs.freedesktop.org against DRI -> DRM/Intel
[ 86.016978] [drm] drm/i915 developers can then reassign to the right component if it's not a kernel issue.
[ 86.016978] [drm] The gpu crash dump is required to analyze gpu hangs, so please always attach it.
[ 86.016979] [drm] GPU crash dump saved to /sys/class/drm/card0/error
[ 86.017989] i915 0000:00:02.0: Resetting rcs0 for hang on rcs0
[ 94.004437] i915 0000:00:02.0: Resetting rcs0 for hang on rcs0
We tested Mesa 19.0.8 and 19.1.2 because why not and there is no difference: Linux kernel 5.2 has this problem using both Mesa versions.Kernel 5.1.16 does not.
This may not affect you since about half of the Linux distributions ship Chromium versions without the VAAPI patch-set which enabled hardware video decoding. You can find out what your chromium version supports by entering the magic address chrome://gpu in the address bar. There should be a section called "Video Acceleration Information" at the bottom of that informative page.
The hang is 100% reproducible on kernel 5.2 with VAAPI enabled Chromium 75.x. Yet nothing else appears to trigger The Hang.
What else is broken in kernel 5.2?
Perhaps nothing, after using it since it's release the only problem or freeze we've seen is the GPU hang when chromium is playing video using the video acceleration API VAAPI which, for some reason, works just fine with other media players.
Chromium is the fastest web browser on Linux when it comes to everything and anything graphics-intensive. Is is not that clear-cut when it comes to overall performance and real-world use. What is clear is that both Firefox and Chromium appear to get slower with each new release and that is specially true if they are running on Intel hardware.
All test were done using Linux kernel 5.2 and Mesa 19.0.8. The browsers were tested on a typical desktop with a AMD CPU and a AMD GPU and a typical laptop with a Intel CPU using it's integrated graphics capabilities. The Firefox Nightly version used to test identifies itself as Firefox 70.0a1.
The tests were done using clean profiles with no browser extensions. The only setting that was changes was Webrender on Firefox to see how it compares to the default "Basic" rendering.
The 2018 Unity Web Browser benchmark, which you can try using this link, is a almost pure graphics test. This test is reflective of the performance you can expect playing web browser games and not much else.
Chromium is by far the clear winner of this test on AMD machines with AMD GPUs. One odd detail is that Chromium 75.x appears to be slower than the two previous versions.
Firefox's new rendering technology WebRender, which is for now disabled on Linux systems, does not appear to make Firefox better. Actually, it makes it perform worse on the newly released Firefox 68. This new rendering engine can be enabled by typing about:config in Firefox's address bar to get to the secret advanced configuration options. The key gfx.webrender.enabled can be set to true to enable it. Typing about:support in Firefox's address bar will show all kinds of incriminating information about it and your machine. There is a graphics section there were you can see what kind of rendering is being used. Enabling it on Firefox 68 is clearly a bad idea. However, a close-up inspection of the numbers reveals that WebRender is marginally faster on Firefox Nightly on this specific system.
Firefox 68 using the "Basic" rendering system is a lot faster than Firefox 66 with both basic and webrender on this system.
Chromium is the clear winner on Intel too. The latest Chromium 75 is slower than the previous versions on this machine as well.
One interesting difference between the AMD results and the Intel results is that Firefox Nightly is slower when using WebRender on this machine. It is slower on Firefox 68 on both test systems. Nightly was slightly faster on AMD when WebRender was turned on, that is not the case on the Intel machine.
It is noteworthy that Firefox 68 is much slower than Firefox 66 when using both rendering options on the Intel-powered laptop and Nightly has lowest scores. This differs from the AMD system where Firefox 68 is faster and Nightly is fastest.
We did not run any more tests using Firefox's WebRender rendering engine since it appears to lower performance in a big way in all cases with Nightly on AMD being the one and only exception.
Non-graphical theoretical performance
Chromium wins over Firefox in the JetStream 2 number-crunching benchmark. However, Chromium 75's performance stands out as being noteworthy worse than Chromium 74 on both test-systems. It is also interesting to note that Firefox 68 is faster than both Firefox Nightly and Firefox 66 on both machines.
One not very visible or immediately noticeable takeaway from this test is the lack of difference between the test systems using both browsers.. The i7-5500U is a slow chip compared to the AMD Ryzen 2600. The i7-5500U is a two core/four thread part. The Ryzen is a six core twelve thread part. The hardware is vastly different yet the browser performance is almost identical.
Basemark 3 is a rather long and comprehensive tests which reflects real-world performance better than the synthetic tests above. You can try it and see what it does at http://web.basemark.com/ - do note that it is a very long test which takes ages.
Chromium is the clear winner of this test - by a much lower margin in version 75 compared to Chromium 74. It's getting slower.
Firefox 68 is faster than Firefox 66 on both systems. Firefox 68 is also faster than Firefox Nightly on the Intel machine.
The Firefox Nightly score in this test is a bit odd. Nightly is the fastest Firefox version on the AMD system yet it is significantly slower on the Intel laptop.
Webxprt3 is another benchmark which aims to reflect real-world performance. It is made by the almost wholly Intel-funded "independent" Intel-front Principledtechnologies. It is a comprehensive test with many aspects, some of which are strange. Why they are testing a web browsers ability to do things like OCR is a good question. Still, it is a good test which reflects real-world browser performance. You can try this Intel-front's test at http://www.principledtechnologies.com/benchmarkxprt/webxprt/
Principledtechnologies's test appear to favor Firefox which is, in this particular test, getting slower and slower with each version. Chromium 75's score is lower here too compared to earlier versions of this browser.
Webxprt3 is the only test where Firefox absolutely crushes Chromium.
Chromium is the clear winner when graphics is involved. It wins all the tests expect for the Webxprt3 test by a wide margin. Why this is the case is a good question. We have no idea, it is somewhat of a mystery. Webxprt3 does not have any graphics rendering tests and that does help Firefox's score. However, the purely synthetic Jetstream 2 test does not test graphics elements and Chromium wins that test hands down.
Webxprt3 stands out in another curious way: It is the only tests where browser performance appears to get increasingly worse with each new browser version. Firefox 68 is faster than Firefox 66 in all the other tests - except that one.
It is difficult to draw and concrete conclusions from the browser test data. It is somewhat all over the place. Chromium seems to be the clear winner if you want to run WebGL applications or play games. The difference between the browsers and the versions is not that clear when it comes to regular web browsing.
published 2019-07-11 - last edited 2019-07-11
30 bugs have been eradicated since the last release of the double-entry bookkeeping program KMyMoney which is self-described as "the BEST Personal Finance Manager for FREE Users". It is similar to the more well-known commercial product Quicken. KMyMoney is cross-platform and the most important bugfix in this release is only for macOS users who could previously not open saved files.
Users of KMyMoney who actually have some may find it useful that it's now possible to print charts thanks to bug #405061 being fixed. The Print Charts function has been there for some time, it just didn't work. There is also a bug-fix for those who have used it a long time: KMyMoney will no longer crash if you remove 5000+ transactions at once.
The most interesting item in the bug list as far as we can tell is "Bug 405828" which is described as "Budget problems". This is exactly the kind of bug KMyMoney is supposed help it's users solve. KMyMoney's own "Budget problems" are now "RESOLVED FIXED" thanks to a simple 5 line patch. If only it was that easy to solve real-world "budget problems".
The software's homepage with downloadable ancient and "preview" versions for Windows and macOS as well as the current Linux version can be found at https://kmymoney.org/. The "Preview" versions are probably the best option for non-Linux users as the "regular" version for Windows and macOS that are listed on the homepage are years old. KMyMoney is available in all the commonly used distributions repositories, just search for "kmymoney".
published 2019-07-10 - last edited 2019-07-10
The GnuPG hackers have released a new version of GnuPG with a simple fix for the not-ongoing key-server signature spam problem: The new version will simply ignore all key-signatures received from key-servers. There is also a new "self-sigs-only" import option.
It has been little more than a week since we wrote about how OpenPGP keys were being spammed to the point where GnuPG became "useless". Someone decided to generate a whole lot of news keys which were used to sign a few select people's GnuPG keys. These new keys and their signatures were then dumped onto the public gnupg key-servers. The targeted keys got so many signatures that they have effectively become useless as the gnupg client spends 20+ minutes doing who knows what if you import one of them.
The above chart indicates that whoever did the signature spamming stopped after two days. Perhaps they decided their time was better spent sunbathing at the beach. Whatever the reason: It stopped.
GnuPG 2.2.17 has some features which will help those who want to communicate with victims of the attack who got their key spammed and it also ensures that future attacks will have little effect. The simple fix is to just ignore all key-signatures provided by key-servers. This does make sharing and validating signatures more burdensome than the previous automatic solution - but we can't have nice things when random people are hell-bent on breaking them.
The complete list of changes new in GnuPG 2.2.17 are as follows:
gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. [#4607]
gpg: If an imported keyblocks is too large to be stored in the keybox (pubring.kbx) do not error out but fallback to an import using the options "self-sigs-only,import-clean". [#4591]
gpg: New command --locate-external-key which can be used to refresh keys from the Web Key Directory or via other methods configured with --auto-key-locate.
gpg: New import option "self-sigs-only".
gpg: In --auto-key-retrieve prefer WKD over keyservers. [#4595]
dirmngr: Support the "openpgpkey" subdomain feature from draft-koch-openpgp-webkey-service-07. [#4590].
dirmngr: Add an exception for the "openpgpkey" subdomain to the CSRF protection. [#4603]
dirmngr: Fix endless loop due to http errors 503 and 504. [#4600]
dirmngr: Fix TLS bug during redirection of HKP requests. [#4566]
gpgconf: Fix a race condition when killing components. [#4577]
Linux distributions will probably make this new GnuPG version available in their repositories as soon as possible. As we alluded to when we first wrote about this attack: Attacks on keys belonging to people isn't really the biggest concern. Such attacks are of course annoying for those who are affected but they aren't really a huge concern compared to keys used by package repositories and things like that.
published 2019-07-10 - last edited 2019-07-10
The FreeBSD Release Engineering Team have updated the ELF toolchain and the clang, llvm and compiler-rt utilities as well as OpenSSL and other system libraries. Desktop environments have also been updated. Devil OS 11.3 ships KDE Plasma 5.15.3 and GNOME 3.28 for those who use it as a desktop OS.
The KDE Plasma and GNOME versions are comparable to those offered by Linux distributions. The GNOME version in Debian is slightly newer and the KDE Plasma version is slightly older.
ZFS, which is one of the primary reasons to use FreeBSD, has been updated. It can now do parallel mounting.
FreeBSD 11.3 is available for the amd64, i386, powerpc, powerpc64, sparc64, armv6, and aarch64 architectures.
This is both a regular release and a Extended Support Release which makes it more important than other releases since some distributions tend to use the ESR release for years. It is also the basis for Firefox re-brands like GNU IceCat.
The security vulnerabilities fixed in Firefox 68 appear to be the biggest reason to upgrade. Apparently, earlier versions have a sandbox escape vulnerability, a script injection problem, NPAPI plugins can do cross-origin POST requests and the list goes on and on.
There will hopefully be a new GNU IceCat release based on 68esr soon. IceCat is a GNU re-brand of Firefox ESR releases and the current IceCat is using 60esr.
The other changes in Firefox 68 seem insignificant compared to all the security problems that are fixed.
Better "Dark Mode"
"Dark Mode" is very popular these days. The latest Open Broadcaster Studio version changes the theme to a dark one even if another theme was chosen using an earlier version. Both Krita and GIMP has defaulted to dark themes for quite some time.
Being sad in a dark corner is very popular these days
GIMPs interface can easily be changed to a happy and colorful one. Luckily, you do not have to do anything to keep Firefox looking colorful and happy on Linux as of Firefox 68. It's sad and depressing dark mode has to be enabled by clicking the small "Reader mode" icon on the toolbar. Then you have to click the Aa control icon and choose Dark. Firefox 68 will now make makes sidebars, toolbars and other controls dark in addition to making the page dark when you enable dark mode. How well it works does depend on the theme, Firefox will not override the theme you are using if it has configured certain aspects.
Better "Dark Mode" is among the high-lights of this new Firefox release
New Addons View
The about:addons page for managing Firefox addsons has been changed in several ways:
It has a new "report" feature which can be used to report security and performance issues.
There is also a new feature for viewing what data and settings extensions are storing.
The area below your installed addons is spammed with "recommendations" for additional addons
There is, of course, no mention of how Mozilla can remotely disable both addons and the Firefox browser itself "for your protection" on the addons-page. Their back-door is not new to this version of Firefox, it's just still there.
No WebRender rendering by default
Firefox's new WebRender rendering engine is still not enabled by default on Linux. AMD users on Windows 10 will have it enabled by default in Firefox 68. Linux users will still have to visit about:config and set gfx.webrender.enabled to get access to this new rendering technology. The special page about:support will tell you what kind of rendering Firefox is using.
Initial tests of Firefox 68 on a machine with a Intel GPU and a Ryzen machine with a RX570 reveals that Firefox 68 is actually slower when WebRender is enabled than it is when the default "Basic" rendering is used.
More Corporate Control Options
Enterprise IT administrators will be happy to learn that Firefox 68 has several new policies they can use to restrict employees. It is now possible to configure and disable
Local file links
Managed storage for using policies in Webextensions
Extension whitelisting and blacklisting by ID and website
A subset of commonly used Firefox preferences
New Version, Same Browser
Using Firefox 68 esr for some hours reveals that it's basically exactly the same as it was in version 67. The about:addons page looks slightly different. And that's it. The security issues under the hood are, of course, nice even though they are not noticeable.
Free Software which restricts the user in certain ways is not a new concept. Gentoo Linux started shipping a modified version of the Bitcoin crypto currency software which restricted who users were allowed to send BTC to using a big blacklist in 2014. The question of censorship in free software is becoming increasingly important as more and more developers are building blacklists restricting what the end-user can do into their software. Does user-restricting censoring software qualify as being free software? We asked the senior authority on this matter and apparently, it does.
Honorary doctor Richard Stallman, who wrote the original GNU GCC Compiler and the GNU General Public License, had this to say about user-restricting free software with built-in blacklists in an e-mail reply to us on July 9th, 2019 (answers in bold):
An increasing amount of software licensed under the GNU GPL have built-in blacklist which restricts what web servers end-users of the software are able to use.
Authors of such restrictive software argue that it is still free software because more technically adept users are able to download the source, remove the built-in censorship blacklists and recompile their own non-censoring version.
"That is correct."
Others argue that the distributed binaries are not free software even though they have a GNU GPL license because they do place restrictions on the user, restrictions most of the people using the software are not able to by-pass since they do not know how to compile software.
"Someone can publish a modified version which works with any web site, and distros can include that. Then non-wizard users will get around those restrictions."
"I will look at posting something about this point."