free software

  • Firefox Focus – first impressions

    Steve WoodsBristol, Open Source, Privacy, Security, Tech

    Your ‘umble scribe is a great fan of the free and open source Firefox web browser and has been using the desktop version since version 0.x many years ago. One of its major attractions has been its emphasis on security and privacy.

    Until recently it was also the default browser on my smartphone, until I discovered Firefox Focus. Firefox Focus is a free and open-source privacy-focused mobile browser based on Firefox which is available for Android and iOS devices. First released in December 2015, it was initially a tracker-blocking application for mobile iOS devices, but was developed into a minimalistic web browser shortly afterwards.

    Firefox Focus iconAccording to Mozilla, Firefox Focus is a dedicated privacy browser with automatic tracking protection. meaning web pages load faster and your data stays private. It’s also easy to delete history, passwords and cookies, so advertisers and other ne’er-do-wells don’t follow you around online. Just tap the erase button on the search field and all that data is gone. Tracking protection is also very strong. The browser blocks a wide range of common trackers by default, including social trackers and those sticky ones that come from things like Facebook ads.

    After using Firefox Focus for one week, I can say I’m impressed with the way it works. Although it required me to learn how to use tabbed browsing (hint: hold down a link in your search results and a menu appears, offering the option to open the link in a new tab. Ed.), once that was cracked, I was away. As for fast page loading, that’s not disappointing either, even on notoriously slow-loading sites, like that of Bristol City Council, which still seems to be powered by a horse turning a shaft in the basement of the Counts Louse (which some call City Hall. Ed.). 😉

    If you value your privacy and security, I’d recommend Firefox Focus on your mobile device.

  • Happy 25th, curl!

    Steve WoodsLinux, Open Source, Tech

    Version 8 of the curl command line too has been released, German It news website reports. This coincides with the software’s 25th birthday.

    The release of a new major version (8.0O of curl (Client for URLs) has been released just in time for the software’s 25th birthday. The data transfer command line tool has barely changed. The new release has far more to do with publicising the birthday of the software and its libcurl program library. This was explained by curl’s initiator and maintainer Daniel Stenberg when announcing the release. In moving to a version 8Stenberg also wanted to avoid ending up with a curl version seven with point releases running to three figures (7.xxx).

    Little has changed within curl itself with this release: 8.0 is just the first release of curl that no longer runs on systems without working 64-bit data types, as can be gathered from the release notes. Otherwise, the new version contains 130 bug fixes, including six vulnerabilities of which Stenberg classifies five as “low” and one as “medium“. Furthermore, there are rewards ranging from $480 to $2,400 for those who successfully squash curl’s bugs.

    To celebrate the release, some of the project’s figures have also been released. There have been 215 releases, whilst 41 contributors (of whom 23 were new) collaborated on version 8.0. A total of 2,841 persons have contributed to curl’s code; mostly only once, as Stenberg comments in his Youtube video.

    Curl itself is a very popular command line tool for sending and receiving data with URL syntax, whilst libcurl is a transfer program library which handles most internet protocols and is used in many third party applications.

  • Czech government using open source web analytics

    Steve WoodsGDPR, Open Source, Privacy, Security, Tech

    Czechia coat of armsJoinup, the EU’s open source news site, reports that the Czech Republic is to begin using the Matomo open source web analytics tool on the Czech citizen portal and gov.cz websites, where it will replace Google Analytics.

    This change will ensure that the data by the sites collected will stay within the EU and, as the Czech administration will be using its own instance of Matomo, it will retain full control of the records.

    The change was triggered by an open letter sent by the Czech the digital freedom watchdog luridicum Remedium after it noticed the Czech state vaccination system website was using Google Analytics during the COVID-19 crisis. The Czech Data Protection Authority and public sector strategic partner NAKIT then pursued the matter and replaced Google Analytics with Matomo on Czechia’s Ministry of Health website. This move later led to further action and the country will continue following this trend on public sector websites.

    Previously named Piwik, Matomo has been in development since 2007 and is presently deployed on 1.4 million websites, including those of NASA, the European Commission, the United Nations and Amnesty International.

    The Czech decision to choose Matomo follows those of other European countries seeking to keep control of their citizens’ data. Last year the French and Austrian data protection authorities determined that Google Analytics was not compliant with EU data privacy standards, in particular because Google’s data transfers to the United States are contrary to the EU’s General Data Protection Regulation (GDPR).

  • LibreOffice & Nextcloud for EU Institutions

    Steve WoodsOpen Source, Politics, Security, Tech

    EU flagEU data protection authorities have negotiated a contract for the use of Nextcloud and LibreOffice Online in EU institutions. They are now testing the solutions, German IT news heise reports.

    Data protection-friendly alternatives

    It was announced last Wednesday that the European Data Protection Supervisor Wojciech Wiewiórowski and his team have begun testing both solutions this month. In coming months they want to examine “how these can tools support EU day-to-day work“. This pilot phase is part of a larger IT reflection process that the EDPS already started last year aimed at encouraging EUIs to consider alternatives to large-scale service providers to ensure better compliance with Regulation (EU) 2018/1725.

    By procuring the Open Source Software from one single entity in the EU, the use of sub-processors is avoided. In doing so, the EDPS avoids data transfers to non-EU countries such as the USA and allows for more effective control over the processing of personal data.

    According to Mr Wiewiórowski, “Open Source Software offers data protection-friendly alternatives to commonly used large-scale cloud service providers that often imply the transfer of individuals’ personal data to non-EU countries. Solutions like this may therefore minimise reliance on monopoly providers and detrimental vendor lock-in. By negotiating a contract with an EU-based provider of cloud services, the EDPS is delivering on its commitments, as set out in its 2020-2024 Strategy, to support EUIs in leading by example to safeguard digital rights and process data responsibly“.

    Microsoft Office in the sights

    Mr Wiewiórowski has already examined the contracts which EU institutions have with Microsoft and reached the conclusion in 2020 that the data processing purposes when using Windows or Microsoft Office had been defined far too openly. Processing contractors were not adequately audited and data could be transferred too easily by EU institutions to countries outside the Union. At the time, he demanded that Microsoft should only retain user information within the EU. The roles of all those involved with all their rights and obligations must be clearly regulated. Furthermore, Users should look around for alternatives that “enable higher data protection standards“.

    The EDPS started further investigations into the use of Microsoft and Amazon cloud services by EU institutions. These entailed the use Microsoft Office 365 by the EU Commission. According to Wiewiórowski many contracts were concluded prior to the “Schrems II Judgment” and had to be examined in the light of the European Court of Justice case law.

  • German Federal Ministry promotes open source

    Steve WoodsOpen Source, Politics, Tech

    Min. of Economic Affairs and Climate Action sponsorship logoThe German Federal Ministry for Economic Affairs and Climate Action’s Sovereign Tech Fund (STF) is promoting seven open source projects in a pilot round. The Fund shall therefore be increasing safety and data security on the internet, as well as digital sovereignty, according to German IT news site heise.

    A vulnerability in the Log4j open source Java library at the end of last year resulted in millions of potentially endangered systems. A discussion ensued about open source projects, which often represent crucial elements of the digital infrastructure.

    In the pilot round the Fund is supporting the OpenMLS library, which is used for end-to-end encryption, curl, the popular command line data transfer tool and an open implementation of the BGP internet routing protocol, which communicates between network segments and autonomous systems. The Ruby package manager RubyGems and Bundler, which facilitates the integration of Ruby packages in applications will also be supported, as will the WireGuard VPN software. In addition to this, the Fund is supporting GopenPGP, a modern OpenPGP implementation in Go, and OpenPGP.js, which can be executed in the browser. Furthermore, a projects is being promoted with OpenSSH, which is the standard for secure remote connections and is one of an administrator’s most important tools. STF pilot round projects as shown on STF website

    Software must adapt

    The STF characterises the projects as software belonging to digital base technologies and used extensively in business, the public sector and civil society. In a feasibility study (DE, PDF) the STF justifies the need to promote open basic technologies by the fact that although the importance and use of open source software is high, the projects nevertheless do not ‘adapt‘ accordingly and maintenance is often dependent upon committed individuals, thus increasing the risk of safety-critical vulnerabilities.

    In their coalition agreement, the SPD, the Greens and the FDP emphasise the importance of open source software for strengthening digital sovereignty.However, no funds were originally earmarked for the Sovereign Tech Fund in the federal government’s draft budget for 2022. In the end, coalition partners increased the funds provided so that the fund can now get started.

    The STF is promoting the above-mentioned projects until the end of the year with a total of €1 mn. Fiona Krakenbürger, the STF’s joint chief executive said: “This pilot round makes a small contribution to the sustainability of these important projects, which we hope to be able to expand in the years to come.” Projects worth funding will in future be determined in future by a committee of experts and an open application process. The STF intends to publish details of the application process in 2023.

  • French open source market still dynamic

    Steve WoodsOpen Source, Tech

    CNLL logoThe CNLL (France’s Free Software and Open Digital Enterprise Union), Numeum and Systematic Paris-Region commissioned MARKESS to carry out a study of the open source market in France and Europe (PDF), analysing the sector by identifying the main underlying trends since 2019 and anticipating future developments up to 2027.

    At the heart of the most dynamic digital sectors, free and open source software is continuing its progress which started more than 20 years ago and currently accounts for a market of nearly €6bn. in France.

    “Year after year, open source continues to grow, with a very encouraging outlook of almost 8% per year between 2022 and 2027. This strong growth shows the growing influence of open source on the digital economy in France and in Europe”, states Marc Palazon, chairman of Numeum.

    This progress is long-term. After having grown fortyfold in less than 20 years, the turnover of the open source sector in France must is still expected to grow faster than that of the overall software and digital services market over the next 5 years. France is also confirming its European leadership, along with Germany and the UK.

    For Philippe Montargès, chairman of Systematic Paris-Region’s Open Source Hub: “Open source is emerging as the quiet force of the digital sector. The growth of open source remains strong and has been for more than 20 years! France is reinforcing its European leadership with earnings of almost €6 bn. in 2022 and more than 60,000 direct jobs. These are two pieces of good news, especially since this lasting and positive dynamic is reflected in a strong increase in the penetration of free software into many innovative technologies and solutions (cybersecurity, cloud infrastructures, AI/Data, IoT, telecoms, SaaS, etc.) and extends widely throughout Europe.”

    The study therefore confirms the overall dynamism of free software in Europe. Open source is becoming more and more European by being structured around companies, communities and user organisations that make it the core of their development strategies. The main reasons for adopting open source are still costs savings and the strategic leverage effect, but also increasingly the ease of collaboration and skills development. The support of the European Commission, which has been announced since the publication of the last study in 2019, has gone hand in hand with the implementation of national policies in many member states and contributes to the dynamism of the open source sector.

    Furthermore, this growth is giving rise to a massive recruitment within the sector and the entire ecosystem which will have to train and recruit more than 26,000 new full-time equivalents (FTEs) between now and 2027, who will join and swell the ranks of the 64,000 employees currently developing and integrating open source solutions. The skills needed in free software are numerous and varied – developers, DevOps or marketing professionals, architects and consultants – as can be seen by browsing recruitment websites..

    Beyond training, a real industrial policy must be defined and implemented in France and Europe to take full advantage of the contribution of free software to innovation, technological independence and a more ethical and responsible digital sector.

    “Companies in the sector have long been calling for an industrial policy to make it an asset in a strategy to regain European digital sovereignty. Among the measures we expect: a proactive public sector purchasing policy; dedicated funding that takes economic models specific to free software into account; pro-competitive measures that limit the ability of dominants stakeholders to close down the market to the detriment of SMEs; more stringent open standards requirements and a dedicated training policy”, concludes CNLL Joint Chairman Stéfane Fermigier.

  • A good 404

    Steve WoodsOddities, Open Source, Tech

    Those whose fingers get into a tangle will be familiar with the HTML 404 error code page, just one of a number of HHTP status codes, of which the 400 series deals with client errors.

    A moment’s digital dyslexia this morning meant your ‘umble scribe was treated to Shropshire Council‘s 404 error page, as shown below.

    Shropshire's Council 404 page

    Umbraco is the open source content management system (CMS) used by the council to manage its website.

    Your correspondent particularly likes the final line: “This page is intentionally left ugly ;-)”.

    Computer scientist Brett Victor has an artistic 404 page, which pays homage to surrealist artist René Magritte.

    404 page of a pipe reading this is not a page

    However, my favourite 404 page of all time assumes the persona of Marvin the Paranoid Android from Douglas Adams’ Hithchiker’s Guide to the Galaxy and can be seen here in all its glory.

  • Second YH4F launches

    Steve WoodsOpen Source, Tech

    FSFE logoRegistration for for the second edition of “Youth Hacking 4 Freedom “, the Free Software Foundation Europe’s hacking competition for teenagers from all over Europe, has opened. The contest offers young people aged between 14 and 18 the opportunity to challenge themselves, meet like-minded people and win cash prizes of €4,096, €2048 and €1024.

    Registration is open until 31 December, after which the six-month coding phase will start, ending at the end of June 2023.

    YH4F graphic

    YH4F aims to inspire young people by giving them the chance to hack on a software project in a fair and fun way while meeting other young developers from all around Europe. The winners will receive a cash prize and a two-day trip to Brussels with other hackers for the award ceremony.

    The first edition of the competition was a huge success with broad participation and well-coded winning projects. Over a hundred people coming from 25 different countries registered and submitted 35 project at the end of a five-month coding phase. The six winning entries offered sign language transcription, a smart table robot, a personal assistant, a music tutorial, a file sharing program and a homework manager. All the programs are licensed under free software licences, thus granting everybody the right to use, understand, share and improve them.

    Ekaterina, one of the winners of the first edition of the YH4F competition, states: “Taking part in this competition was personally a big step as before it I have never ever programmed something and I did not have knowledge to do so. During the project I learned a lot more about programming concepts, how can I implement the modules and generally the programming language Python“.

    To be eligible to enter participants must be between 14 and 18 years old and live in a European country. The YH4F competition includes an introductory online event in which the FSFE team will present the competition and answer questions about it. Participants are free to use their imagination to the competition as any type of software can be coded as long as it is free software. The projects submitted can therefore be stand-alone programs written from scratch or a modification and combination of existing programs, in addition to which participants will be able to follow each other’s work and exchange ideas.

    Projects will be submitted to the expert jury at the end of June 2023.

  • Introducing Ubuntu Pro beta

    Steve WoodsLinux, Open Source, Security, Tech

    Ubuntu logoCanonical is currently offering a public beta version of Ubuntu Pro, giving Ubuntu Linux users extended maintenance and security compliance for software packages ranging from the Node.js runtime to Python 2 and Rust. Security cover will be extended for average and high common vulnerabilities and exposures (CVE) for thousands of applications and toolchains including Ansible, Apache Tomcat, Apache Zookeeper, Docker, Drupal, Node.js, Puppet, Python 2, Rust and others.

    A free thirty days trial is available for businesses. Ubuntu Pro is available for data centres and workstations. A free level is being offered for small-scale personal use (up to 5 machines).

    Since the launch of Ubuntu LTS with 5 years support for the main operating system, businesses have asked the supplier to cover a larger area of the open source landscape under private commercial agreements. These benefits are now offered free of charge to anyone with a free personal subscription to Ubuntu Pro. This may also be combined with 24/7 enterprise level for the Ubuntu operating system.

    Ubuntu Pro is available for all Long Term Support (LTS) versions of Ubuntu from version 16.04 LTS upwards. The standard Ubuntu Pro subscription covers security updates for all Ubuntu packages. In addition, Canonical’s Ubuntu Advantage for Infrastructure subscription has been renamed Ubuntu Pro (Infra-only) with no change in its price or range. The Infra-Only subscription covers the base operating system and the private cloud components required for large-scale and bare metal and excludes wider cover for applications. Subscribing to Ubuntu Pro costs US $25 dollars per year excl. tax for one workstation or US $500 dollars per year for a server. On public clouds Ubuntu Pro costs some 3.5% of the average cost of the underlying processing environment.

  • Amazon Workspaces offers Ubuntu virtual desktops

    Steve WoodsLinux, Open Source, Tech

    The AWS blog writes that the company loves to give its customers choices: the choice of infrastructure to deploy their workloads, store their most important data, or the operating systems for their virtual desktops.

    To this end it has started offering Ubuntu virtual desktops, based partly on the premise that “Ubuntu is the most widely used operating system among professional developers (66 percent Ubuntu, 61 percent Windows, and 57 percent macOS)”.

    AWS Ubuntu virtual desktop

    To date your correspondent has seen both Ubuntu’s Unity desktop – as shown above – and the lightweight Xfce desktop as an alternative.

    It has been a quip of open source enthusiasts that next year will be the year of Linux on the desktop (instead of the Beast of Redmond’s ubiquitous operating system.

    AWS is now demonstrating that 2022 is the year of the Linux desktop on someone else’s computer. 😀

Posts navigation