All posts by Contributor

Epiphany 3.20

So, what’s new in Epiphany 3.20? First off: overlay scrollbars. Because web sites have the ability to style their scrollbars (which you’ve probably noticed on Google sites), WebKit embedders cannot use a normal GtkScrolledWindow to display content; instead, WebKit has...

/ March 31, 2016

Been a little quiet

So I been a little quiet on the blogging front due to a combination of a lot of things, not the least becoming a dad for the second time 🙂 Hope to pick up pace with some blogging on our...

/ March 16, 2016

Do you trust this package?

Your distribution’s package manager probably uses GPG signature checking to provide an extremely strong guarantee that the software packages you download have not been maliciously modified by a man in the middle (MITM) attacker when traveling over the Internet from...

/ March 13, 2016

Do you trust this application?

Much of the software you use is riddled with security vulnerabilities. Anyone who reads Matthew Garrett knows that most proprietary software is a lost cause. Some Linux advocates claim that free software is more secure than proprietary software, but it’s an open...

/ March 13, 2016

Do you trust this website?

TLS certificate validation errors are much less common on today’s Internet than they used to be, but you can still expect to run into them from time to time. Thanks to a decade of poor user interface decisions by web...

/ March 12, 2016

GNOME Nibbles 3.20

GNOME Nibbles is probably my favorite GNOME game. This Snake game has been around for a while, and unfortunately the current version is showing its age: Nibbles 3.18 Iulian Radu, my Google Summer of Code student, worked on modernizing this...

/ March 6, 2016

WebKitGTK+ Gets Security Updates

My recent blog post On WebKit Security Updates has attracted some not-unexpected attention. Since I knew poorly-chosen words could harm the image of the WebKit project, I prefaced that blog post with a disclaimer which I hoped few would miss:...

/ February 19, 2016

On Subresource Certificate Validation

Ryan Castellucci has a quick read on subresource certificate validation. It is accurate; I fixed this shortly after joining Igalia. (Update: This was actually in response to a bug report from him.) Run his test to see if your browser...

/ February 3, 2016