Firefox to block Backspace key from working as "Back" button

Found on ZD Net on Monday, 18 January 2021
Browse Software

The change is currently active in the Firefox Nightly version and is expected to go live in Firefox 86, scheduled to be released next month, in late February 2021.

As with most disrupting changes like these, some users are most likely to be disgruntled about the browser maker's decision.

Hooray for Mozilla who, once again, make their browser less and less interesting.

From today, Adobe Flash Player no longer works.

Found on The Register on Wednesday, 13 January 2021
Browse Software

What's happened is that Adobe snuck a logic bomb into its Flash software some releases ago that activates on January 12, and causes the code to refuse to render any more content from that date. Adobe has also removed previous versions from its site, and "strongly recommends all users immediately uninstall Flash Player to help protect their systems."

After years of assaults, and the rise of alternatives, Adobe announced the demise of Flash in July 2017, saying support will be dropped on December 31, 2020.

It was about time. Flash has been a major reason for exploits because it was riddled with bugs.

Mozilla is working on a Firefox design refresh

Found on ghacks on Tuesday, 05 January 2021
Browse Software

Mozilla did change several interface elements after the release of Firefox 57, recently the controversial address bar overhaul that it launched in Firefox 75 Stable.

He notes that Firefox will look more modern when the designs land and that Mozilla plans to introduce useful improvements, especially in regards to the user experience.

Be afraid. Mozilla has a history of turning attempts at being "more modern" into horrible UI solutions.

A lightweight, fast browser that won't slurp your data

Found on The Register on Monday, 04 January 2021
Browse Software

Originally written as a SVG browser ("because SVG was way faster than HTML," according to Ekioh CEO Piers Wombwell), everything is rendered entirely on the GPU.

The Flow executable weighed in at just under 34MB and was blessedly free of the chaff other browser makers tend to include with their wares. It was also, however, free of such fripperies as a history, navigation buttons, or even somewhere to type in a URL.

To be clear, this is very much a browser in development, and the fact that a small team has been able to produce a rendering engine that not only handles some of the more esoteric CSS out there but also with decent performance is not to be sniffed at.

It's great to see that new players enter the browser market.

How Long Should a Vendor Support a Distro?

Found on Slashdot on Sunday, 27 December 2020
Browse Software

Long-term Slashdot reader couchslug believes that "Howls of anguish from betrayed CentOS 8 users highlight the value of its long support cycles..." Earlier this month it was announced that at the end of 2021, the community-supported rebuild of Red Hat Enterprise Linux, CentOS 8, "will no longer be maintained," though CentOS 7 "will stick around in a supported maintenance state until 2024."

That's up to the vendor, but suddenly axing the EOL in the middle of a release, along with making it effectively beta (from stable) is not the right way to communicate this.

CloudLinux to invest more than a million dollars a year into CentOS clone

Found on ZD Net on Sunday, 20 December 2020
Browse Software

Igor Seletskiy, CloudLinux CEO and founder, explained, "Red Hat's announcement has left users looking for an alternative with all that CentOS provides and without the disruption of having to move to alternative distributions. We promise to dedicate the resources required to Project Lenix that will ensure impartiality and a not-for-profit community initiative. CloudLinux already has the assets, infrastructure, and experience to carry out the mission, and we promise to be open about the process of developing Project Lenix."

They just need to join forces with Rocky.

Rocky Linux is go: CentOS founder's new project aims to be 100% compatible with RHEL

Found on The Register on Friday, 18 December 2020
Browse Software

Just days after Red Hat CTO Chris Wright declared that "we will shift our investments to CentOS Stream exclusively on December 31, 2021," the Rocky Linux project has been formed with a new distro "currently under major intensive development by the community," although there is "no ETA at present for a release."

What's wrong with CentOS Stream? "It is going to be upstream to RHEL instead of downstream," he said. "It's being used as a development platform more than a free, incredibly stable, secure operating system. And with that is going to come a lot of problems with updates, support long-term and things like that."

Thumbs up. Let's hope Rocky picks up the torch and marches on from where CentOS fell.

CentOS project changes focus, no more rebuild of Red Hat Enterprise Linux

Found on The Register on Tuesday, 15 December 2020
Browse Software

The implication may be that Red Hat has decided that the availability of CentOS undermines the commercial side of its business. "If you are using CentOS Linux 8 in a production environment, and are concerned that CentOS Stream will not meet your needs, we encourage you to contact Red Hat about options," said CentOS Community Manager Rich Bowen.

CentOS Stream, by contrast, is a development preview of what is soon to come in RHEL, focused on the next minor release. Another distro, Fedora, is further ahead and more experimental.

When your server gets from stable to beta, then it's time to think. RedHat tries to pull the same card Oracle did back then with OpenOffice and MySQL. That did not work out too well for them, so now we have LibreOffice and MariaDB.

Malicious npm packages caught installing remote access trojans

Found on ZD Net on Monday, 14 December 2020
Browse Software

The name of the two packages was jdb.js and db-json.js., and both were created by the same author and described themselves as tools to help developers work with JSON files typically generated by database applications.

The post-install script performed basic reconnaissance of the infected host and then attempted to download and run a file named patch.exe (VT scan) that later installed njRAT, also known as Bladabindi, a very popular remote access trojan that has been used in espionage and data theft operations since 2015.

Pulling in software managed by unknown third parties with unknown backgrounds is such a great idea.

PHP 8.0 brings big updates. Here's what's new

Found on Tech Republic on Wednesday, 09 December 2020
Browse Software

Version 8.0 of PHP brings optimizations and enhancements to the language's type system, syntax, error handling and consistency.

PHP programmer and stitcher.io developer, Brent Roose, said in a blog post in January that the language had acquired "a reputation of messy codebases, inexperienced developers, insecure code, and [an] inconsistent core library" over the years, though added that it still offered "a great choice for web development if used wisely and correctly".

The core issues have always been an annoyance. Various functions doing bascially the same, unexpected behaviour, naming oddities and inconsistencies with haystack/needle orders are just a few of the problems.