Tech News

Just two days ago, Perfecto, a Perforce Software company introduced Perfecto Codeless, an AI-driven codeless testing solution for eliminating the need for coding skills in the dev testing process. Perfecto Codeless will help the development teams to automate the process of writing test scripts as it comes with machine learning (ML) capabilities. The scripts will be allowed to run continuously and fix themselves without disrupting operations. Eran Yaniv, Founder, and CEO at Perfecto wrote to us in an email, “Across our customer base, the number one cause of automation failure is scripting issues. This a huge barrier for achieving good test automation and teams making their way towards continuous testing. With the introduction of Perfecto Codeless, we are harnessing the power of machine learning to offer the next generation of codeless automation testing capabilities. By eliminating the need to write and maintain test scripts, teams save time and can focus on more complex tasks.” The development teams have the coding skills for writing Selenium or Appium scripts but it is better if their time is spent on product development and innovation. Perfecto Codeless comes with tools that help the teams to quickly generate quality test scripts and maintain them. Features of Perfecto Codeless Smart capabilities to maintain scripts Perfecto’s ML capabilities address object maintenance issues within the code. If there is a need for deleting, moving or changing the code, Perfecto Codeless makes it happen agnostically without delaying the process. Interconnected components All the components of the testing process are connected right from creation to execution and analysis. Codeless automation in the cloud Perfecto Codeless provides codeless test automation in the cloud that allows teams to manage the pace and demands that come with test automation. Perfecto Codeless also provides the flexibility, performance, and scalability needed to ensure quality throughout the SDLC. Eran Kinsbruner, Chief Evangelist at Perfecto wrote to us in an email, “In recent years, codeless test automation has become a top priority for testers, as well as the developers that aim to expedite their test creation and maximize testing reliability. These professionals are looking at codeless as a preferred solution to embed into their testing responsibilities. Perfecto Codeless will take DevOps to the next level, relieving testers and developers of the time-intensive responsibility of coding and giving them time back to focus on product development and innovation to help accelerate the software delivery lifecycle (SDLC) for their business.” Rachel Batish’s 3 tips to build your own interactive conversational app DeepMind researchers provide theoretical analysis on recommender system, ‘echo chamber’ and ‘filter bubble effect’ Waymo to sell its 3D perimeter LIDAR sensors to companies outside of self-driving  

The biggest interruption ever suffered by Facebook goes beyond 14 hours at a stretch. Twitter was flooded with tweets about Facebook, Instagram and Whatsapp been down intermittently in some parts of the world on all of Wednesday. Facebook itself had to turn to its rival Twitter to explain that its group of hugely popular apps are having difficulties. Some users of Facebook and other platforms owned by the tech giant — including Instagram, Messenger and WhatsApp — reported problems accessing the services and posting content. According to DownDetector, it looks like the outages are mainly in New England; Texas; Seattle, Washington; parts of Latin America, including Peru; the UK; India; Japan; Malaysia and the Philippines. Users have written in from Canada, Las Vegas, and Turkey to confirm outages there as well. The outage caused a bigger hit to the revenue of advertisers on Facebook that spend large amounts of money to reach potential customers on Facebook platforms. The Facebook spokesperson says we are investigating the possibility of refunds to the advertisers. The cause of the interruption has not yet been made public. "We're aware that some people are currently having trouble accessing the Facebook family of apps," tweeted from the official Facebook account. "We're working to resolve the issue as soon as possible." In response to rumours posted on other social networks, the company said the outages were not a result of a Distributed Denial of Service attack, known as DDoS - a type of cyber-attack that involves flooding a target service with extremely high volumes of traffic. The last time Facebook had a disruption of this magnitude was in 2008, when the site had 150m users - compared to around 2.3bn monthly users today. Users funnily turn to Twitter in absence of Facebook and Instagram While Facebook and Instagram have been down, many have turned to Twitter to make jokes about the outage. The hashtags #FacebookDown and #InstagramDown have been used more than 150,000 times so far. Some Twitter users who work in "Facebook-centric" jobs, expressed their panic and distress at being unable to use the platform. Many shared jokes about the social media outage leading to the collapse of society, as "nobody remembers how to reach loved ones or eat food without posting updates". Many tweeted about Facebook users tweeting for the first time. https://twitter.com/slaylegend_13/status/1106049260288499712 Others have shared a version of the "distracted boyfriend" meme, referencing people turning to Twitter in their hour of need. https://twitter.com/Ahmadridhopp_/status/1106018690217107456 Some joked that the lack of access to Facebook would deprive them of validation. https://twitter.com/Jayanliyanage2/status/1106040536866148353 Apart from Twitter there are interesting reactions from users on Hacker News which goes like a sudden increase in worker productivity, a brief glimpse into your neighbor's vacation story, or Facebook launching tools to manage spending time on social media, etc. It's been a good couple of hours that Facebook tweeted about resolving the issue. The company has provided no further updates in the fourteen hours since then. Facebook open-sources homomorphic hashing for secure update propagation Facebook announces ‘Habitat’, a platform for embodied Artificial Intelligence research UK lawmakers publish a report after 18 month long investigation condemning Facebook’s disinformation and fake news practices    

Yesterday, the team behind Sublime Text released Sublime Text 3.2, a text editor that comes with Git integration, improved diff markers, new theme functionality and much more. What’s new in Sublime Text 3.2? GIT integration With this release, the files and folders in the sidebar will now display badges for indicating Git status. In this release, the ignored files and folders are de-emphasized. In Sublime Text 3.2, the Git branch and number of modifications are displayed in the status bar. The commands have now been added to open a repository. Now there are few themes that customize the display of sidebar badges and status bar information. A new setting show_git_status has been added that disables Git integration. Improved editor control This release comes with block_caret setting. The positioning and sizing of gutter icons have now been improved. This release comes with improved IME support for Windows and improved input method (IM) support - fcitx, ibus, etc for Linux. Improved diff markers With this release, diff markers now display added, modified and deleted lines. A new setting called mini_diff now controls incremental diff behavior. With the new Git functionality, diffs can now be calculated against HEAD or the index. Few diff-related commands such as Next Modification, Previous Modification, and Revert Modification have been added. Improved files and folders For Windows, the paths are treated as case-sensitive and the unlock directories are closed. Enhanced themes/UI This release comes with added support for variables and revised JSON format with variables key. Performance has been improved with large numbers of rules in a .sublime-theme. Also, support for macOS native tabs has been added. Window placement and resize performance has been improved. API This release comes with View.set_reference_document() and View.reset_reference_document() for controlling diff generation. Phantoms can now be  drawn correctly in conjunction with draw_centered. Major bug fixes In this release, the Goto Symbol in Project has been fixed. The draw_minimap_border setting is now working. Few users are comparing the performance of Sublime Text with VScode as they think VScode is better. One of the users commented on HackerNews, “I hope Sublime steps up their game, as I think VScode is standing on their shoulders, and competition is good.” Few others think that Sublime is the best editor. Another comment reads, “If all I needed was a great text editor, I would use Sublime. It's everything I want in an editor.” To know more about this news, check out Sublime Text’s blog post. Meet Sublime Merge, a new Git client from the makers of Sublime Text Introducing R-Factor, a refactoring tool for React and Redux Typescript 3.3 is finally released!

Last year in October, the Node.js and JS Foundations announced their intent to create a joint organization. After six months of analyzing community feedback, deliberation, and collaboration, the two foundations finally merged into the OpenJS Foundation on Tuesday. https://twitter.com/nodejs/status/1105500455864598528 Dave Methvin, Technical Advisory Committee Chair, JS Foundation, explaining the motivation behind this merger said in the announcement, “This is an exciting step forward for the entire open source JavaScript community, as it strengthens the impact of our collective efforts under one united Foundation. A new merged Foundation is able to better serve the community and members to grow the JavaScript ecosystem from a technology and standards perspective.” The OpenJS Foundation is backed by 30 corporate and end-user members including Google, Microsoft, IBM, PayPal, and GoDaddy. It currently hosts a wide range of projects including Appium, Dojo, jQuery, Node.js, webpack, and many more. Goals of the OpenJS Foundation Providing resources and accelerating the development The OpenJS Foundation is responsible for expanding the JavaScript community and accelerating the development of JavaScript and other key ecosystem projects. It will provide financial and marketing resources to support projects and working groups. It will act as one stop for all projects within the open JavaScript community for fulfilling their infrastructure, technical, and marketing needs. Combined governance structure The merger will provide a combined governance structure to enable all projects, regardless of their sizes, to benefit from experienced mentors as they progress through the project life cycle. It will encourage collaboration across the JavaScript ecosystem and affiliated standard bodies to create a single home for any project in the JavaScript ecosystem. Improved membership experience The OpenJS Foundation brings together the goals of both the JavaScript and Node.js foundations, so companies or organizations that want to support JavaScript will no longer have to choose between the two. This will also eliminate the operational redundancies between the two organizations and streamline the experience for member companies that provide financial support. Additionally, it will provide a single point of entry to new and prospective members for getting involved in open source JavaScript project and create a simpler and more engaging experience for them. Many Twitter users were excited about this announcement and believe that this a major step towards the overall growth of the JavaScript open source ecosystem. https://twitter.com/gauravseth/status/1105888912608681984 https://twitter.com/agoric/status/1105534569992806400 To know more in detail, check out the official announcement. Node.js and JS Foundation announce intent to merge; developers have mixed feelings Node.js announces security updates for all their active release lines for August 2018 Why use JavaScript for machine learning?  

On Tuesday, Microsoft open sourced its Accessibility tools, allowing developers to easily find and fix common accessibility issues early in the development cycle. This includes Accessibility Insights for Windows and Accessibility Insights for Web, both built on Deque’s open source axe technology. You can run quick tests, easily create audits that you can export and share with others, and even file issues to GitHub. Accessibility Insights for Web Accessibility Insights for Web is basically a Chrome extension that helps developers find and fix accessibility issues in web apps and sites. The tool comes with a lightweight, two-step process called FastPass that helps developers identify common, high-impact accessibility issues. Fast Pass uses automated checks to check compliance with approximately 50 accessibility requirements. It also makes use of Tab stops to provide clear instructions and a visual helper for identifying accessibility issues related to keyboard access, such as missing tab stops, keyboard traps, and incorrect tab order. The second part of Accessibility Insights is Assessment which helps HTML developers in verifying if a web app or web site is 100% compliant with Web Content Accessibility Guidelines (WCAG) 2.0 Level AA. It also comes with Automated checks and also Manual Testing to provide step-by-step instructions, examples, and how-to-fix guidance for approximately 20 tests. Deque Systems provides GitHub issue filing for Accessibility Insights for Web, and color contrast detection heuristics for Accessibility Insights for Windows. On why Accessibility Insights is open sourced, Microsoft writes in a blog post, “We are driven by the promise of more accessible products for more people.  That’s why we’re releasing Accessibility Insights to the open source and accessibility communities – it’s all of ours now, and together we’ll continue to make it a better tool and build a more accessible future.” You can read more about Accessibility Insights on its website. It’s a win for Web accessibility as courts can now order companies to make their sites WCAG 2.0 compliant W3C and FIDO Alliance declare WebAuthn as the web standard for password-free logins Microsoft open sources the Windows Calculator code on GitHub

Yesterday, Google released version 73 of its popular web browser. Chrome 73 comes with support for PWAs for MacOS, signed HTTP exchanges for creating portable content, and constructable style sheets. DuckDuckGo now a default search engine Interestingly, Chrome 73 comes with a feature to change its default search engine to a to DuckDuckGo which is a more privacy-friendly option. Google acknowledges that it updated the available search engines based on "new usage statistics" from "recently collected data." DuckDuckGo is the preferred search option in more than 60 markets including the United States and the United Kingdom. Mac OS related updates Chrome 73 adds support for bringing Progressive Web Apps to Mac OS bringing PWAs to all desktop platforms - Mac, Windows, Chrome OS and Linux. Chrome 73 also includes the long-awaited dark mode for macOS. Dark mode was first announced for Chrome last month, but yesterday’s release has made it official. Signed HTTP Exchanges Chrome 73 comes with Signed HTTP Exchanges (SGX) which makes it “possible to create “portable” content that can be delivered by other parties, and this is the key aspect, it retains the integrity and attribution of the original site.” SGX is a part of Web Packages. Signed HTTP exchanges enables faster content delivery for users, making it possible to get the benefits of a CDN without having to cede control of your certificate’s private key. Check out Kinuko’s Signed HTTP Exchanges post for details on how to get started. Constructable style sheets Chrome 73 users can now create and distribute reusable styles using Constructable Stylesheets. Constructable Stylesheets make it possible to define and prepare shared CSS styles, and then apply those styles to multiple Shadow Roots or the Document easily and without duplication. To get started, you can create a new instance of CSSStyleSheet, then use either replace or replaceSync to update the stylesheet rules. Other updates There is a new regular expression called matchAll(). It is a matching method on the string prototype, and returns an array containing the complete matches. The <link> element now supports imagesrcset and imagesizes properties to correspond to srcsetand sizes attributes of HTMLImageElement. Blink's shadow blur radius implementation, now matches Firefox and Safari. These are just a select few updates. For more details, visit the Google’s developer blog. Chrome announces KV Storage, the first built-in module for Web You can now publish PWAs in the Google Play Store as Chrome 72 for Android ships with Trust Web Activity feature. Google releases a fix for the zero day vulnerability in its Chrome browser while it was under active attack.

Just two days ago, the team at Google announced Season of Docs, a new program which will connect technical writers with open source projects. Season of Docs will help in bringing technical writers and open source projects together in order to work on open source documentation. https://twitter.com/GoogleOSS/status/1105138318826627072 According to Open Source Survey, documentation is valued in open source communities but it is still difficult to work on it. A person dealing with the documentation needs to know how to structure a documentation site so that people can easily understand the content and only technical writers can do that. Another plus point is that they are aware of the procedures of writing docs that can fit the needs of their audience. Technical writers can help in optimizing a community’s processes for open source contribution and onboarding new contributors. With Season of Docs, technical writers can spend a few months working closely with open source communities. Writes can work with their chosen open source project and also explore the latest technologies. Mentors from open source organizations can share their knowledge based on their communities’ processes and tools. The technical writers and mentors together can build a new doc set and improve the structure of the existing docs. They can also work on tutorials and further improve contribution processes and guides. According to the team, this project will raise awareness about open source, docs, and technical writing. The open source organizations can apply for participating in Season of Docs starting from 2nd to 23rd of April. Google will then publish the list of accepted mentoring organizations, along with their ideas for documentation projects from 30th April. In July, Google will announce the accepted technical writer projects. The technical writers will get a chance to work with mentors on the accepted projects and submit their work between 2nd September and 29th November. Google will then publish the list of successfully completed projects by 10th December. To know more about this news, check out Google’s blog post. Google Cloud Console Incident Resolved! Google confirms it paid $135 million as exit packages to senior execs accused of sexual harassment Researchers input rabbit-duck illusion to Google Cloud Vision API and conclude it shows orientation-bias  

Google Chrome announced details regarding an experimental new ‘built-in modules’ feature, called, KV Storage, yesterday. KV Storage is the first asynchronous key/value storage module, shipped by Chrome. Built-in modules are very similar to regular JavaScript modules except that they don’t need to be downloaded--since they’re shipped with the browser. Built-in modules need to go through a standardization process where each of the modules has their own specification requiring a design review and positive signs of support. Users can import a built-in module using a prefix ‘std:’ followed by the built-in module's identifier. KV Storage module is quite simple and similar to the localStorage API. However, instead of getItem(), setItem(), and removeItem(), it consists of get(), set(), and delete(). It also includes different map-like methods that are not available to localStorage such as keys(), values(), and entries(). Also, similar to a Map, its keys are not strings. However, unlike Map, all the KV Storage methods return either promises or async iterators. Other than that, the KV Storage module has two named exports: storage and StorageArea. Storage is an instance of the StorageArea class consisting of the name 'default', and this is what developers use most often as a part of their application code. For the StorageArea class, additional isolation is needed. Also, StorageArea data gets stored in an IndexedDB database with the name kv-storage:${name}. Moreover, you don’t have to wait to use KV storage in your code until all browsers support it. This is because Chrome is currently working on another feature called import maps that lets you use built-in modules as soon as even one browser supports them. Import maps refer to a mechanism that allows developers to alias import identifiers to one or more alternate identifiers. This is quite efficient as it allows users to resolve a particular import identifier across your entire application. However, for cases where the browsers don't support modules at all, you have to use import statements, to conditionally load the built-in modules. This also means that you’d have to use module scripts, i.e. <script type="module">. For more information, check out the official Google blog post. Google releases a fix for the zero day vulnerability in its Chrome browser while it was under active attack Google Chrome developers “clarify” the speculations around Manifest V3 after a study nullifies their performance hit argument Chrome 72 Beta releases with public class fields, user activation, and more

The Debian Project is an association of individuals who have made common cause to create a free operating system. One of the traditional rites of the northern hemisphere spring is the elections for the Debian project leader. Over a six-week period in the month of March they hold the elections, interested candidates put their names forward, describe their vision for the project as a whole, answer questions from Debian developers, then wait and watch while the votes come in. But what would happen if Debian were to hold an election and no candidates stepped forward? The Debian project has just found itself in that situation this year and is trying to figure out what will happen next. The Debian project scatters various types of authority widely among its members, leaving relatively little for the project leader. As long as they stay within the bounds of Debian policy, individual developers have nearly absolute control over the packages they maintain, for example: Difficult technical disagreements between developers are handled by the project's technical committee. The release managers and FTP masters make the final decisions on what the project will actually ship (and when). The project secretary ensures that the necessary procedures are followed. The policy team handles much of the overall design for the distribution. So, in a sense, there is relatively little leading left for the leader to do. The roles that do fall to the leader fit into a couple of broad areas; the first of those is representing the project to the rest of the world. The leader gives talks at conferences and manages the project's relationships with other groups and companies. The second role is, to a great extent, administrative: the leader manages the project's money appoints developers to other roles within the project and takes care of details that nobody else in the project is responsible for Leaders are elected to a one-year term; for the last two years, this position has been filled by Chris Lamb. The February "Bits from the DPL" by Chris gives a good overview of what sorts of tasks the leader is expected to carry out. The Debian constitution describes the process for electing the leader. Six weeks prior to the end of the current leader's term, a call for candidates goes out. Only those recognized as Debian developers are eligible to run; they get one week to declare their intentions. There follows a three-week campaigning period, then two weeks for developers to cast their votes. This being Debian, there is always a "none of the above" option on the ballot; should this option win, the whole process restarts from the beginning. This year, the call for nominations was duly sent out by project secretary Kurt Roeckx on March 3. But, as of March 10, no eligible candidates had put their names forward. Lamb has been conspicuous in his absence from the discussion, with the obvious implication that he does not wish to run for a third term. So, it would seem, the nomination period has come to a close and the campaigning period has begun, but there is nobody there to do any campaigning. This being Debian, the constitution naturally describes what is to happen in this situation: the nomination period is extended for another week. Any Debian developers who procrastinated past the deadline now have another seven days in which to get their nominations in; the new deadline is March 17. Should this deadline also pass without candidates, it will be extended for another week; this loop will repeat indefinitely until somebody gives in and submits their name. Meanwhile, though, there is another interesting outcome from this lack of candidacy: the election of a new leader, whenever it actually happens, will come after the end of Lamb's term. There is no provision for locking the current leader in the office and requiring them to continue carrying out its duties; when the term is done, it's done. So the project is now certain to have a period of time where it has no leader at all. Some developers seem to relish this possibility; one even suggested that a machine-learning system could be placed into that role instead. But, as Joerg Jaspert pointed out: "There is a whole bunch of things going via the leader that is either hard to delegate or impossible to do so". Given enough time without a leader, various aspects of the project's operation could eventually grind to a halt. The good news is that this possibility, too, has been foreseen in the constitution. In the absence of a project leader, the chair of the technical committee and the project secretary are empowered to make decisions — as long as they are able to agree on what those decisions should be. Since Debian developers are famously an agreeable and non-argumentative bunch, there should be no problem with that aspect of things. In other words, the project will manage to muddle along for a while without a leader, though various aspects of processes could slow down and become more awkward if the current candidate drought persists. One might well wonder, though, why there seems to be nobody who wants to take the helm of this project for a year. Could the fact that it is an unpaid position requiring a lot of time and travel have something to do with it? If that were indeed to prove to be part of the problem, Debian might eventually have to consider doing what a number of similar organizations have done and create a paid position to do this work. Such a change would not be easy to make. But, if the project finds itself struggling to find a leader every year, it's a discussion that may need to happen. Are Debian and Docker slowly losing popularity? It is supposedly possible to increase reproducibility from 54% to 90% in Debian Buster! Debian 9.7 released with fix for RCE flaw  

After a long break from fundraising, yesterday Cloudflare, a U.S. based company that provides content delivery network services, Internet security, etc, announced that it raised $150 million of funding. The company also announced the joining of Stan Meresman, board member and chair of the Audit Committee of Guardant Health (GH) and Maria Eitel, founder and co-chair of the Nike Foundation as the board of directors. In 2014, Cloudflare raised around $110 million funding and the company has raised more than $330 million till date from investors including New Enterprise Associates, Union Square Ventures, Microsoft, Baidu, and many more. During the latest round of funding Franklin Templeton, an investment management company joined these investors and further extending its support to Cloudflare’s growth. Matthew Prince, co-founder and CEO of Cloudflare, said, “I’m honored to welcome Maria and Stan to our board of directors. Both of them bring a wealth of knowledge and experience to our board and know what it takes to propel companies forward. Our entire board looks forward to working with them as we continue to help build a better Internet.” Eitel has previously run European corporate affairs for Microsoft and worked in media affairs at the White House, and also had been an assistant to President George H.W. Bush. Eitel said, “My career has been focused on creating global change, and the Internet is a huge part of that. The Internet has the ability to unleash human potential, and I believe that Cloudflare is one of the major players able to drive the change that’s necessary for the world and Internet community.” Stan Meresman was previously CFO of Silicon Graphics (SGI) and Cypress Semiconductor (CY). He said, “Cloudflare’s technologies, customer base, and global network have helped propel the company to a position of leadership in the Internet ecosystem. I look forward to lending my skills and expertise to Cloudflare’s board in order to continue this growth and make even more of an impact.” According to a report by Reuters, last year, Cloudflare was considering an IPO in the first half of 2019, that could have valued the company more than $3.5 billion. According to this latest funding round, it seems that the company isn’t yet in the direction of going public, but Cloudflare is growing and public offering could possibly be the next big step. Few users are expecting the company to go public this year and are happy that the company is moving in a good direction. One of the users commented on HackerNews, “I do wonder how people feel about this internally though. There's a lot of expectation that the company would go public this year (and some even expected it would go public last year). Hopefully, no one needs the money they put in to early exercise any time soon!” Another comment reads, “Cloudflare is undergoing a lot of big projects to break away from the image that they are "just a CDN". Raising a round now instead of going public allows them to invest more on those projects instead of focusing on quarter to quarter results. Also, avoiding brain-drains post-IPO while they need those talents the most.” Few others think that the company might start monetizing over the data flow. A user commented, “Doesn't raising this kind of money scream that you're eventually going to start to monetize the data flowing through your network (e.g. telecoms selling location data to bounty hunters)?” To know more about this news, check out the official announcement. Cloudflare takes a step towards transparency by expanding its government warrant canaries workers.dev will soon allow users to deploy their Cloudflare Workers to a subdomain of their choice Cloudflare’s 1.1.1.1 DNS service is now available as a mobile app for iOS and Android  

The R Core Team released R 3.5.3, last week. R 3.5.3 explores bug fixes to the functions writeLines, setClassUnion, and stopifnot. R 3.5.3 is a minor release and does not consist of many new changes or improvements. What’s new in R 3.5.3? Detection of flags has been improved for C++ 98/11/14/17. There’s a new macro ‘F_VISIBILITY’ chosen as an alternative for ‘F77_VISIBILITY’. This new macro will now become the preferred form in R 3.6.0. The issue in writeLines (readLines (fnam), fnam) has been fixed. It now works as expected. setClassUnion () no longer sends warnings to its users. It instead uses message() on encountering “non local” subclasses in class members. The failure issue in stopifnot (exprs = T) has been fixed. R team usually use the release names that are in references to Peanuts strips/films. The code-name for this release ( R 3.5.3) has been selected as "Great Truth" by the R team, which left its users with a bit of a mystery. R core team also gave a hint to its users, saying that the clue is in the date of the release i.e. 11th March 2019. The code-name has been debunked, with one user tweeting out the reference in one of the Peanuts strips: https://twitter.com/AdelmoFilho42/status/1105079537749184512 For more information, check out the official R 3.5.3 release notes. Android Studio 3.5 Canary 7 releases! LXD 3.11 releases with configurable snapshot expiry, progress reporting, and more GNU Octave 5.1.0 releases with new changes and improvements

Yesterday Mozilla announced Firefox Send to be publicly available, which initially was a “Test Pilot” experiment. Firefox Send is a free file sharing service that allows users to easily and securely share files with end-to-end encryption from any browser. By the end of this week, a beta version of its Android app will also be available to the users. How does Firefox Send work? Firefox Send is intended to be an alternative to email, where larger file attachments are not supported. Users do have cloud storage options like Google Drive and Dropbox, but these can be time-consuming in cases where we just need to share a single file for a limited amount of time. You can use the service by visiting the Firefox Send website, upload your file, and set an expiration period. Additionally, it also provides users an option to password protect their files before sending. You will then get a link that you can share with a recipient. Check out the following video to know how exactly it works: https://www.youtube.com/watch?v=eRHpEn2eHJA Firefox Send comes with various features and advantages Firefox Send maintains the security of your files by providing end-to-end encryption from the moment a file is sent until it is opened. With Firefox Send, you can share files of size up to 1 GB. If you want to share files of size up to 2.5 GB you need to sign up for a free Firefox account. For the file recipients, it is not compulsory to have a Firefox account to access the shared file. They just need to simply click on the received link and download the file. It puts control in the hands of a user by allowing them to choose when a file link gets expired, the number of times their file can be downloaded, and also allows adding an optional password. These features come in handy when you want to give the recipient only one-time or limited access to your files and hence ensures that your information is not available online indefinitely. To know more about Firefox Send, check out the Mozilla official announcement. Mozilla Firefox will soon support ‘letterboxing’, an anti-fingerprinting technique of the Tor Browser Mozilla engineer shares the implications of rewriting browser internals in Rust Common Voice: Mozilla’s largest voice dataset with approx 1400 hours of voice clips in 18 different languages  

Yesterday, ProtonMail, reported that the Russian government has blocked Russian citizens from sending any messages to the encrypted email provider. This block was issued by the Federal Security Service via a secret letter dated 25 February. According to the letter, the Russian intelligence agency ordered two of the largest Internet service providers in Russia, MTS and Rostelecom, to block traffic from Russia going to our mail servers, thus preventing Russian mail servers from communicating with ProtonMail. On Monday, March 11, a firm called TechMedia obtained a copy of the letter and published it on the Russian tech blogging platform, Habr. The blog also accused ProtonMail and several other email companies of facilitating fake bomb threats. During late January, the Russian police received several anonymous bomb threats via email, which led to a forced evacuation of government buildings schools, rail stations, shopping centers, and offices. A total of 26 IP addresses were blocked after the order was issued. This also included servers used to scramble the final connection for Tor users. “Internet providers were told to implement the block “immediately,” using a technique known as BGP blackholing, a way that tells internet routers to simply throw away internet traffic rather than routing it to its destination”, TechCrunch reports. ProtonMail chief executive Andy Yen, said, “ProtonMail is not blocked in the normal way, it’s actually a bit more subtle. They are blocking access to ProtonMail mail servers. So Mail.ru — and most other Russian mail servers — for example, is no longer able to deliver email to ProtonMail, but a Russian user has no problem getting to their inbox.” The two ProtonMail servers listed by the order are its back-end mail delivery servers, rather than the front-end website that runs on a different system. Yen said, “The wholesale blocking of ProtonMail in a way that hurts all Russian citizens who want greater online security seems like a poor approach”. He further added, “We have also implemented technical measures to ensure continued service for our users in Russia and we have been making good progress in this regard. If there is indeed a legitimate legal complaint, we encourage the Russian government to reconsider their position and solve problems by following established international law and legal procedures.” According to the ProtonMail blog, “Due to the timing of the block, some ProtonMail users in Russia suspect that the block may be related to the mass protests this past weekend in Russia where 15,000 people took to the streets to protest for more online freedom.” Meanwhile, ProtonMail has listed down a few recommendations for its Russians users, which include: 1) Using a VPN service as this allows most blocks to be circumvented. All ProtonMail users also have access to ProtonVPN, a free VPN service that the email provider operates on. 2) Encouraging other contacts to use ProtonMail. The blocks attempted by the Russian government do not and cannot impact communications between ProtonMail accounts in Russia. 3) Complain to MTS and Rostelecom. According to ProtonMail, if enough people complain, these ISPs and the Russian government may reconsider their approach. One of the users wrote on HackerNews, “This situation really pissed me off. FSB (Russian FBI) had problems with receiving bomb threats coming from Protonmail addresses. So, they secretly ordered (with an almost classified order) major ISPs to block Protonmail bypassing Russian's existing website/IP addresses blocking scheme.” To know more about this news in detail, visit ProtonMail’s official blog post. ProtonMail shares guidelines to help organizations achieve EU GDPR compliance Hackers claim to have compromised ProtonMail, but ProtonMail calls it ‘a hoax and failed extortion attempt’ A security researcher reveals his discovery on 800+ Million leaked Emails available online

ACME (Automated Certificate Management Environment) is no longer just a Let's Encrypt effort as it is now standardized by the Internet Engineering Task Force (IETF). The ACME protocol can be used by a Certificate Authority (CA) to automate the process of verification and certificate issuance. The open-source Let's Encrypt project has been an innovating force on the security landscape over the last several years. It provides millions of free SSL/TLS certificates to help secure web traffic. Aside from the disruptive model of providing certificates for free, Let's Encrypt has also helped to pioneer new technology to help manage and deliver certificates as well, including the Automated Certificate Management Environment (ACME). Let's Encrypt is a non-profit effort that was announced in November 2014 and became a Linux Foundation Collaborative Project in April 2015. Let's Encrypt exited its beta period in April 2016 and currently is helping to secure over 43 million websites."The protocol also provides facilities for other certificate management functions, such as certificate revocation," as per the IETF draft of the ACME standard states. The ACME protocol being standardized at the IETF is version 2 of the protocol and benefits from the wider participation of other internet organizations' viewpoint on certificate management, beyond Let's Encrypt. Though the IETF standardization process is a multi-stakeholder effort, Josh Aas, Executive Director and Co-Founder of Internet Security Research Group (ISRG) and Let's Encrypt, noted that the process has gone as expected with no real surprises. "We expect the standardization process to conclude in the next few months," Josh mentioned on the blog. Josh said that the ACME v1 protocol is what Let's Encrypt uses today, and version 2 will be standardized by the IETF and supported by Let's Encrypt as of January 2018. The main difference between the two versions is the order of operations. "In v1, clients authorize a set of domains and then request a certificate," Aas said. "In v2 clients request a certificate and then authorize domains for the certificate. The latter ordering offers more flexibility to us and other CAs who might be interested in using ACME." As a Certificate Authority (CA), to date Let's Encrypt has only provided Domain Validated (DV) certificates. DV certificates do not specifically identify or validate the organization using the certificate, but rather validate a request against a domain registry. In contrast, an Organization Validated (OV) certificate identifies the organization and validates the identity against a business registry. An Extended Validation (EV) provides the highest level of validation for an organization and involves a comprehensive vetting process. "ACME v1 was designed primarily with DV issuance in mind," Aas said. "ACME v2 can probably not be used to issued OV or EV certificates on its own, but it can play a role in issuing OV or EV certificates." Aas added that ACME V2 could potentially be used in OV and EV certificate issuance by automating the parts of the validation process that can be automated. While Let's Encrypt will be making use of the IETF ACME v2 protocol, other Certificate Authorities are taking a cautious approach. "Symantec offers an automation agent, SSL Assistant Plus, which implements a proprietary certificate lifecycle protocol," Rick Andrews, Symantec Distinguished Engineer told, "We follow the ACME development discussions in the IETF, and are considering adding support for the ACME protocol." Google’s Adiantum, a new encryption standard for lower-end phones and other smart devices Microsoft open sources (SEAL) Simple Encrypted Arithmetic Library 3.1.0, with aims to standardize homomorphic encryption 4 Encryption options for your SQL Server  

Facebook has removed several ads placed by 2020 presidential hopeful, Senator Elizabeth Warren, that called for the breakup of Facebook and other tech giants. Last week, Warren announced that if elected president in 2020, her administration will make big, structural changes to the tech sector to promote more competition by breaking up competition killing big mergers. The ads being deleted from Facebook was first revealed by Politico. The advertisements read, “Three companies have vast power over our economy and our democracy. Facebook, Amazon, and Google. We all use them. But in their rise to power, they’ve bulldozed competition, used our private information for profit, and tilted the playing field in their favor.” Source: Politico The ads were taken down and a message was displayed stating, “This ad was taken down because it goes against Facebook's advertising policies.” However, later a Facebook spokesperson confirmed to Politico that the company is in the process of restoring them. “We removed the ads because they violated our policies against the use of our corporate logo," the spokesperson said. "In the interest of allowing robust debate, we are restoring the ads.” Elizabeth Warren also tweeted about this development, stating that she wants a social media marketplace that isn't dominated by a single censor. https://twitter.com/ewarren/status/1105256905058979841 This news sparked a massive discussion on Hacker News. People called it a win-win situation for Warren. A comment on Hacker News reads, “This is smart politics. Rather than simply telling people FB is a monopoly, she runs a limited experiment that had it been left alone, would have limited effect since the budget was so small ($100). Now, this puts FB in a bind. If they really are a middleman for content, then these ads don't violate any laws and shouldn't be blocked. However, FB as a company with a product should block it just like a coffee shop wouldn't allow a banner on the wall saying "better coffee down the street". Another user appreciated Warren for her smart move. “It’s very smart, her ad campaign people must have known misusing the Facebook logo would get them denied, but now she gets press for being the victim. You or I couldn’t run those ads, this is special treatment for her”, the comment states. A user also condemned Facebook for its dumb move. “I would say this is ordinary politics, an obviously calculated provocation we see every day. What is surprising is a such dumb FB reaction. Why such intelligent people make such dumb moves? Are they really that arrogant? Maybe that arrogance is caused by revenue increases after all these scandals. Maybe they treated politicians, in the same way, many times, but in other countries.” It looks like Warren has won the golden ticket to US presidential elections 2020 as comments like ‘Slay Queen!’ and ‘My Cherokee Princess’ dominated Twitter. Warren’s plan is by far one of the biggest tech regulation plan proposed so far in the 2020 presidential cycle. Other Democrats running for the 2020 presidential bid include senator Kamala Harris, Congresswoman Tulsi Gabbard, entrepreneur Andrew Yang, governor Jay Inslee, and Senator Bernie Sanders. Most of them are also keen on tech regulation. Andrew Yang described Warren's anti-monopoly position as "unimaginative" and "retrograde," yet he does believe in taxing tech. Yang says because artificial intelligence is destroying jobs, the tech industry should pay for a universal basic income. However, Klobuchar and Yang's messages didn't excite people as much as Warren's bold move did. Elizabeth Warren wants to break up tech giants like Amazon, Google Facebook, and Apple and build strong antitrust laws UK lawmakers publish a report after 18-month long investigation condemning Facebook’s disinformation and fake news practices. Facebook and Google pressurized to work against ‘Anti-Vaccine’ trends after Pinterest blocks anti-vaccination content from its pinboards.