IBM

New OS/2 Warp Operating System 'ArcaOS' 5.0 Released (arcanoae.com) 144

The long-awaited modern OS/2 distribution from Arca Noae was released Monday. martiniturbide writes: ArcaOS 5.0 is an OEM distribution of IBM's discontinued OS/2 Warp operating system. ArcaOS offers a new set of drivers for ACPI, network, USB, video and mouse to run OS/2 in newer hardware. It also includes a new OS installer and open source software like Samba, Libc libraries, SDL, Qt, Firefox and OpenOffice... It's available in two editions, Personal ($129 with an introductory price of $99 for the first 90 days [and six months of support and maintenance updates]) and Commercial ($239 with one year of support and maintenance).

The OS/2 community has been called upon to report supported hardware, open source any OS/2 software, make public as much OS/2 documentation as possible and post the important platform links. OS2World insists that open source has helped OS/2 in the past years and it is time to look under the hood to try to clone internal components like Control Program, Presentation Manager, SOM and Workplace Shell.

By Tuesday Arca Noae was reporting "excessive traffic on the server which is impacting our ordering and delivery process," though the actual downloads of the OS were unaffected, the server load issues were soon mitigated, and they thanked OS/2 enthusiasts for a "truly overwhelming response."
Firefox

Firefox 55: Flash Will Become 'Ask To Activate' For Everyone (bleepingcomputer.com) 114

An anonymous reader quotes a report from BleepingComputer: Starting with the release of Firefox 55, the Adobe Flash plugin for Firefox will be set to "Ask to Activate" by default for all users. This move was announced in August 2016, as part of Mozilla's plan to move away from plugins built around the NPAPI technology. Flash is currently the only NPAPI plugin still supported in Firefox, and moving its default setting from "Always Activate" to "Ask to Activate" is just another step towards the final step of stop supporting Flash altogether. This new Flash default setting is already live in Firefox's Nightly Edition and will move through the Alpha and Beta versions as Firefox nears its v55 Stable release. By moving Flash to a click-to-play setting, Firefox will indirectly start to favor HTML5 content over Flash for all multimedia content. Other browsers like Google Chrome, Brave, or Opera already run Flash on a click-to-play setting, or disabled by default. Firefox is scheduled to be released on August 8, 2017.
Businesses

'WannaCry Makes an Easy Case For Linux' (techrepublic.com) 408

An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.
Chrome

Should You Leave Google Chrome For the Opera Browser? (vice.com) 303

mspohr shares a report written by Jason Koebler via Motherboard who makes the case for why you should break up with Chrome and switch to the Opera browser: Over the last few years, I have grown endlessly frustrated with Chrome's resource management, especially on MacOS. Admittedly, I open too many tabs, but I'd wager that a lot of you do, too. With Chrome, my computer crawls to complete unusability multiple times a day. After one too many times of having to go into Activity Monitor to find that one single Chrome tab is using several gigs of RAM, I decided enough was enough. I switched to Opera, a browser I had previously thought was only for contrarians. This, after previous dalliances with Safari and Firefox left me frustrated. Because Opera is also based on Blink, I almost never run into a website, plugin, script, or video that doesn't work flawlessly on it. In fact, Opera works almost exactly like Chrome, except without the resource hogging that makes me want to throw my computer against a brick wall. This is exactly the point, according to Opera spokesperson Jan Standal: "What we're doing is an optimized version of Chrome," he said. "Web developers optimize most for the browser with the biggest market share, which happens to be Chrome. We benefit from the work of that optimization."

Slashdot reader mspohr adds: "I should note that this has also been my experience. I have a 2010 MacBook, which I was ready to trash since it had become essentially useless, coming to a grinding halt daily. I tried Opera and it's like I have a new computer. I never get the spinning wheel of death. (Also, the built-in ad blocker and VPN are nice.)" What has been your experience with Google Chrome and/or Opera? Do you prefer one over the other?

Microsoft

Microsoft Finally Bans SHA-1 Certificates In Its Browsers (zdnet.com) 38

An anonymous reader quotes ZDNet: With this week's monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft's browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January's stable release of Chrome 56, and Firefox's February cut-off... Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3... Once Tuesday's updates are installed, Microsoft's browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site's certificate.
Security

Ambient Light Sensors Can Be Used To Steal Browser Data (bleepingcomputer.com) 37

An anonymous reader writes: "Over the past decade, ambient light sensors have become quite common in smartphones, tablets, and laptops, where they are used to detect the level of surrounding light and automatically adjust a screen's intensity to optimize battery consumption... and other stuff," reports Bleeping Computer. "The sensors have become so prevalent, that the World Wide Web Consortium (W3C) has developed a special API that allows websites (through a browser) to interact with a device's ambient light sensors. Browsers such as Chrome and Firefox have already shipped versions of this API with their products." According to two privacy and security experts, Lukasz Olejnik and Artur Janc, malicious web pages can launch attacks using this new API and collect data on users, such as URLs they visited in the past and extract QR codes displayed on the screen. This is possible because the light coming from the screen is picked up by these sensors. Mitigating such attacks is quite easy, as it only requires browser makers and the W3C to adjust the default frequency at which the sensors report their readings. Furthermore, the researcher also recommends that browser makers quantize the result by limiting the precision of the sensor output to only a few values in a preset range. The two researchers filed bug reports with both Chrome and Firefox in the hopes their recommendations will be followed.
The Internet

Newest Firefox Browser Bashes Crashes (cnet.com) 134

Nobody likes it when a web browser bombs instead of opening up a website. Mozilla is addressing that in the newly released v53 of its Firefox browser, which it claims crashes 10 percent fewer times. CNET adds: The improvement comes through the first big debut of a part of Project Quantum, an effort launched in 2016 to beef up and speed up Firefox. To improve stability, Firefox 53 on Windows machines isolates software called a compositor that's in charge of painting elements of a website onto your screen. That isolation into a separate computing process cuts down on trouble spots that can occur when Firefox employs computers' graphics chips, Mozilla said.
Firefox

Mozilla Kills Firefox Aurora Channel, Builds Will Move Directly From Nightly To Beta (venturebeat.com) 49

Mozilla said today it is killing the Firefox Aurora channel, six years after it was first introduced in April 2011. The move comes as, Aurora failed to live up to the company's expectations as a "first stabilization channel." Moving forward, the absence of Aurora will help the company streamline its browser's release process and bring stable new features to users and developers faster. From a report: The Firefox Aurora channel sat between the Nightly and Beta channels. Until now, Firefox development started with Nightly, which consists of the latest Firefox code packaged up every night for bleeding-edge testers, and was then followed by Aurora, which includes everything that is labeled as "experimental," then Beta, and then finally the release channel for the broader public. Going forward, builds will move from Nightly to Beta to Release. The Firefox Developer Edition, which the company calls "the first browser created specifically for developers," will be based on the Beta channel instead of Aurora. Developer Edition users should keep their existing profile, themes, tools, preferences, and "should not experience any disruption," Mozilla promises.
Chrome

Microsoft Edge Beats Chrome By Over Three Hours In New Battery Usage Test (bleepingcomputer.com) 236

An anonymous reader writes: With the launch of the Windows 10 Creators Update and Edge 40 (EdgeHTML 15), Microsoft has released a new battery usage test that, naturally, trashes the company's competition. This new test shows that Edge uses less power than both Chrome 57 and Firefox 52, and is bound to draw a response from its competition, especially Google, who doesn't like it when Microsoft takes a jab at Chrome's efficiency. The same thing happened last year, in June, when a similar test showcasing Edge's longer battery life was met with responses from both Google and Opera.

The most recent tests were performed for the launch of Windows 10 Creators Update. Two tests were carried out until a laptop's battery gave out. For each browser, a minimum of 16 iterations were recorded per test. The first test measured normal browsing performance and the second ran a looped Vimeo fullscreen video. In the normal browsing performance test, Microsoft claims Edge used 31% less power than Chrome 57, and 44% less power than Firefox 52. In the second test, Edge played a looped Vimeo video in fullscreen for 751 minutes (12:31:08), while Chrome lasted 557 minutes (9:17:03) and Firefox for only 424 minutes (7:04:19). That's a whopping three hours over Chrome, and five hours above Firefox.

Firefox

Firefox To Let Users Control Memory Usage (bleepingcomputer.com) 213

An anonymous reader quotes a report from BleepingComputer: Mozilla engineers are working on a new section in the browser's preferences that will let users control the browser's performance. Work on this new section started last Friday when an issue was opened in the Firefox bug tracker. Right now, the Firefox UI team has proposed a basic sketch of the settings section and its controls. Firefox developers are now working to isolate or implement the code needed to control those settings [1, 2, 3]. According to the current version of the planned Performance settings section UI, users will be able to control if they use UI animations (to be added in a future Firefox version), if they use page prefetching (feature to preload links listed on a page), and how many "content" processes Firefox uses (Firefox currently supports two processes [one for the Firefox core and one for content], but this will expand to more starting v54).
The Internet

Server Snafu Exposes Ask.com User Search Queries Via Internal Status Page (bleepingcomputer.com) 10

"The Ask.com search engine went through some sort of technical issue late Friday night, as its servers were exposing the internal Apache server status page, revealing recently processed search queries," reports BleepingComputer. An anonymous reader writes: The issue is now fixed, but a copy of the server status page with some search queries can still be viewed in Google's search engine cache. "Some of the weirdest search queries were collected by users in a Hacker News thread," reports BleepingComputer, adding "As you'd expect, the server page included plenty of searches for porn."

The issue also affected localized Ask.com servers, such as uk.ask.com/server-status, us.ask.com/server-status, and de.ask.com/server-status, but no user data was exposed, as the search queries passed through load balancers and already hid user IPs.

Mozilla

Tor Browser Will Feature More Rust Code (bleepingcomputer.com) 149

An anonymous reader writes: "The Tor Browser, a heavily modified version of the Firefox browser with many privacy-enhancing features, will include more code written in the Rust programming language," reports BleepingComputer. In a meeting held last week in Amsterdam, Tor developers decided to slowly start using Rust to replace the C++ code. The decision comes after Mozilla started shipping Rust components with Firefox in 2016. Furthermore, Rust is a memory-safe(r) language than C++, the language used for Firefox and the customized Tor code, which means less memory corruption errors. Less of these errors means better privacy for all.
"Part of our interest in using safer languages like Rust in Tor is because a tiny mistake in C could have real consequences for real people," Tor developer Isis Agora Lovecruft posted on Twitter, adding "Also the barrier to entry for contributing to large OSS projects written in C is insanely high."
IBM

A 21st-Century Version Of OS/2 Warp May Be Released Soon (arcanoae.com) 232

dryriver writes: A company named Arca Noae is working on a new release of the X86 OS/2 operating system code named "Blue Lion" and likely called ArcaOS 5 in its final release. Blue Lion wants to be a modern 21st Century OS/2 Warp, with support for the latest hardware and networking standards, a modern accelerated graphics driver, support for new cryptographic security standards, full backward compatibility with legacy OS/2, DOS and Windows 3.1 applications, suitability for use in mission-critical applications, and also, it appears, the ability to run "ported Linux applications". Blue Lion, which appears to be in closed beta with March 31st 2017 cited as the target release date, will come with up to date Firefox browser and Thunderbird mail client, Apache OpenOffice, other productivity tools, a new package manager, and software update and support subscription to ensure system stability. It is unclear from the information provided whether Blue Lion will be able to run modern Windows applications.
Software

FedEx Will Pay You $5 To Install Flash (theregister.co.uk) 90

FedEx's Office Print department is offering customers $5 to enable Adobe Flash in their browsers. Why would they do such a thing you may ask? It's because they want customers to design posters, signs, manuals, banners and promotional agents using their "web-based config-o-tronic widgets," which requires Adobe Flash. The Register reports: But the web-based config-o-tronic widgets that let you whip and order those masterpieces requires Adobe Flash, the enemy of anyone interested in security and browser stability. And by anyone we mean Google, which with Chrome 56 will only load Flash if users say they want to use it, and Microsoft which will stop supporting Flash in its Edge browser when the Windows 10 Creators Update debuts. Mozilla's Firefox will still run Flash, but not for long. The impact of all that Flash hate is clearly that people are showing up at FedEx Office Print without the putrid plug-in. But seeing as they can't use the service without it, FedEx has to make the offer depicted above or visible online here. That page offers a link to download Flash, which is both a good and a bad idea. The good is that the link goes to the latest version of Flash, which includes years' worth of bug fixes. The bad is that Flash has needed bug fixes for years and a steady drip of newly-detected problems means there's no guarantee the software's woes have ended. Scoring yourself a $5 discount could therefore cost you plenty in future.
Bug

LastPass Bugs Allow Malicious Websites To Steal Passwords (bleepingcomputer.com) 126

Earlier this month, a Slashdot reader asked fellow Slashdotters what they recommended regarding the use of password managers. In their post, they voiced their uncertainty with password managers as they have been hacked in the past, citing an incident in early 2016 where LastPass was hacked due to a bug that allowed users to extract passwords stored in the autofill feature. Flash forward to present time and we now have news that three separate bugs "would have allowed a third-party to extract passwords from users visiting a malicious website." An anonymous Slashdot reader writes via BleepingComputer: LastPass patched three bugs that affected the Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website. All bugs were reported by Google security researcher Tavis Ormandy, and all allowed the theft of user credentials, one bug affecting the LastPass Chrome extension, while two impacted the LastPass Firefox extension [1, 2]. The exploitation vector was malicious JavaScript code that could be very well hidden in any online website, owned by the attacker or via a compromised legitimate site.
Firefox

Firefox for Linux is Now Netflix Compatible (betanews.com) 71

Brian Fagioli, writing for BetaNews: For a while, Netflix was not available for traditional Linux-based operating systems, meaning users were unable to enjoy the popular streaming service without booting into Windows. This was due to the company's reliance on Microsoft Silverlight. Since then, Netflix adopted HTML5, and it made Google Chrome and Chromium for Linux capable of playing the videos. Unfortunately, Firefox -- the open source browser choice for many Linux users -- was not compatible. Today this changes, however, as Mozilla's offering is now compatible with Netflix!
Firefox

Firefox Goes PulseAudio Only, Leaves ALSA Users With No Sound (omgubuntu.co.uk) 322

An anonymous reader shares a report: If you're a Linux user who upgraded to Firefox 52 only to find that the browser no longer plays sound, you're not alone. Firefox 52 saw release last week and it makes PulseAudio a hard dependency -- meaning ALSA only desktops are no longer supported. Ubuntu uses PulseAudio by default (as most modern Linux distributions do) so the switch won't affect most -- but some Linux users and distros do prefer, for various reasons, to use ALSA, which is part of the Linux kernel. Lubuntu 16.04 LTS is one of the distros that use ALSA by default. Lubuntu users who upgraded to Firefox 52 through the regular update channel were, without warning, left with a web browser that plays no sound. Lubuntu 16.10 users are not affected as the distro switched to PulseAudio.
Firefox

Will WebAssembly Replace JavaScript? (medium.com) 235

On Tuesday Firefox 52 became the first browser to support WebAssembly, a new standard "to enable near-native performance for web applications" without a plug-in by pre-compiling code into low-level, machine-ready instructions. Mozilla engineer Lin Clark sees this as an inflection point where the speed of browser-based applications increases dramatically. An anonymous reader quotes David Bryant, the head of platform engineering at Mozilla. This new standard will enable amazing video games and high-performance web apps for things like computer-aided design, video and image editing, and scientific visualization... Over time, many existing productivity apps (e.g. email, social networks, word processing) and JavaScript frameworks will likely use WebAssembly to significantly reduce load times while simultaneously improving performance while running... developers can integrate WebAssembly libraries for CPU-intensive calculations (e.g. compression, face detection, physics) into existing web apps that use JavaScript for less intensive work... In some ways, WebAssembly changes what it means to be a web developer, as well as the fundamental abilities of the web.
Mozilla celebrated with a demo video of the high-resolution graphics of Zen Garden, and while right now WebAssembly supports compilation from C and C++ (plus some preliminary support for Rust), "We expect that, as WebAssembly continues to evolve, you'll also be able to use it with programming languages often used for mobile apps, like Java, Swift, and C#."
Firefox

Firefox 52 Is The Last Version of Firefox For Windows XP and Vista (mspoweruser.com) 119

Mozilla has confirmed that Firefox 52, the new version of its browser it made available earlier this week, will be the last major version to support two legacy operating systems - Windows XP and Windows Vista. The company said future versions will require Windows users to be on a machine that has at a minimum Windows 7 running on it.
Firefox

Developer Proclaims Death of Cyberfox Web Browser (ghacks.net) 52

In a forum entitled "Cyberfox and its future direction," the lead developer of Cyberfox proclaimed the death of their web browser. The lead developer, Toady, writes: "Over the years the Cyberfox project has grown immensely and its thanks to all the amazing support of our users and has been an amazing couple of years this however has demanded far more of my time causing me to drop allot of projects and passions id like to pursue, the time factor this project has demanded has also take a toll lifestyle wise as have the changes made by Mozilla requiring more and more time to maintain so its come to a point where i recently had to assess the direction of this project and the direction i wish to head for the future. This has being no easy choice and the last few months allot of thinking about the direction of this project has taken place." He continues, "This project has been amazing no one could ask for a better project or community sadly as much as i love this project my heart is no longer fully in it, dreams of pursuing game development were pushed aside and lifestyle steadily declined ultimately slowly coming to this point where changes and choices have to be made ones that will affect this project and the future of what i have spent all these years building." Ghacks Technology News reports: The death of Cyberfox, or more precisely, the announcement of end of life for the web browser may come as a shock to users who run it. It should not be too much of a surprise though for users who keep an eye on the browser world and especially Mozilla and Firefox. Mozilla announced major changes to Firefox, some of which landed already, some are in process, and others are announced for 2017. [Some of the critical changes:] Multi-process Firefox is almost done, plugins are out except for Flash and Firefox ESR, Windows XP and Vista users are switched to Firefox ESR so that the operating systems are supported for eight additional releases, and WebExtensions will replace all other add-on systems of the browser. That's a lot of change, especially for projects that are maintained by a small but dedicated group of developers such as Cyberfox. The author of Cyberfox made the decision to switch the browser's release channel to Firefox 52.0 ESR. This means that Cyberfox will be supported with security updates for the next eight release cycles, but new features that Mozilla introduces in Firefox Stable won't find their way into the browser anymore. UPDATE 3/07/17: We have updated the headline to clarify that Cyberfox, specifically, is the browser that will be coming to an end. We have also added an excerpt from the developer's post. Toady clarified at the end of his post: "The largest factor was lifestyle a nicer way of saying health issues without making it to personalized."

Slashdot Top Deals