Page 3 of 5 FirstFirst 12345 LastLast
Results 21 to 30 of 46

Thread: Maxthon Web Browser Being Ported To Linux

  1. #21
    Join Date
    Feb 2008
    Location
    Linuxland
    Posts
    5,333

    Default

    Quote Originally Posted by jntesteves View Post
    They're just building a new UI over Chromium much like Opera is doing nowadays.
    ...
    Maxthon is shit and must be avoided for real Web browsers from organizations and companies that do the real work of implementing and standardizing the Web APIs: Mozilla, Google and Opera.
    I would argue Opera no longer does any "real work". Afterall they laid off all the Presto people; I rather doubt the UI folks or managers bother with Blink's html5 conformance.

  2. #22
    Join Date
    Dec 2010
    Location
    MA, USA
    Posts
    1,485

    Default

    Quote Originally Posted by uid313 View Post
    If other people want to use it fine, if they don't, then fine with me, I don't care what other people use.
    ...what? You started out telling closed source software to fuck off, as though you were speaking for everyone.

    Windows is hundred times bigger than Linux. Yet Linux have more free software than Windows.
    Why is this?
    If Linux were to have greater proprietary influence with more proprietary software, then the result may be less free software.
    I'm pretty sure you're VERY wrong about that. Proportionally, windows has a lot more closed source software, but MOST open source (userland) software works on Windows. In fact, I've encountered several open source projects that are explicitly linux incompatible.

    The free software is the part of Linux that appeals to me.
    I can run an operating system and everything can be free open source software. That is very appealing to me.

    If Linux wasn't free software, or the Linux software eco system wasn't so strongly centered and focused around free software, then I probably wouldn't use Linux.
    Yes but WHY do you want that? Maxthon is free to use, just not open source. If the product is free to use, why do you personally care if it's open source? I understand the idea of having an entirely free OS (maybe you can't afford for paid alternatives) but what I don't get is why you demand open source when I'm sure you have never edited a single line of code from a well known program.

    The great thing about Linux is free software.
    Technically Windows is a superior operating system. It is more much stable, crashes less often, everything just works, you don't have audio glitches, the graphics performance is better, there is much less bugs and regressions, etc.
    I don't know what universe you've been living in but linux is one of the most popular server OSes for almost the opposite of what you said. Corporations use linux, not because it's free but because linux is more stable, more secure, and less buggy than Windows. Linux audio is generally pretty good, the only thing I personally hate about it is configuring .asoundrc files, but pulseaudio is a way around that. As a PC platform, linux is still overall superior to Windows (as an OS), it just depends on how you have it set up and what hardware you decide to use.

  3. #23
    Join Date
    Jan 2013
    Posts
    1,462

    Default

    Quote Originally Posted by schmidtbag View Post
    Yes but WHY do you want that? Maxthon is free to use, just not open source. If the product is free to use, why do you personally care if it's open source? I understand the idea of having an entirely free OS (maybe you can't afford for paid alternatives) but what I don't get is why you demand open source when I'm sure you have never edited a single line of code from a well known program.
    There's a very good reason to prefer open source software in some things: security. Even if you yourself won't touch the code, you can be confident that a lot of people who are very knowledgeable will, and if there's anything shady in it they'll find it. It's strength in numbers. Especially now that we know that NSA has the capability to force companies to install backdoors in their software, and to mandate them to keep it secret from the public.

    Now this isn't really an issue on trivial programs, like games and such. But when it comes to things like operating systems, all kernel side code, build systems, compilers... and also, anything that you have to trust with outgoing communications - especially if you use it in a context where you have to type your personal information - online banking comes to mind... then yes, we should demand open source software.

    However, I don't really care that there exists closed source programs for these things. If someone wants to use them, that's their problem, not mine. I don't want to "ban" them from Linux and, there isn't any real way of doing such a thing, anyway - Linux is free software, but the GPL license doesn't care about userland at all, anyone can port whatever userland applications they want on it and release/sell them under whatever license they want. If this weren't possible, Linux would never succeed as a platform, that's just how it is.

    Linux distros should still favor open-source software whenever possible, but they shouldn't make it impossible or hard to install proprietary software if the user so wants. I think at some point we just have to trust the users to know what they want to run on their own computers.

  4. #24
    Join Date
    Jun 2011
    Location
    Scotland
    Posts
    117

    Default

    Quote Originally Posted by dee. View Post
    There's a very good reason to prefer open source software in some things: security. Even if you yourself won't touch the code, you can be confident that a lot of people who are very knowledgeable will, and if there's anything shady in it they'll find it. It's strength in numbers. Especially now that we know that NSA has the capability to force companies to install backdoors in their software, and to mandate them to keep it secret from the public.

    Now this isn't really an issue on trivial programs, like games and such. But when it comes to things like operating systems, all kernel side code, build systems, compilers... and also, anything that you have to trust with outgoing communications - especially if you use it in a context where you have to type your personal information - online banking comes to mind... then yes, we should demand open source software.

    However, I don't really care that there exists closed source programs for these things. If someone wants to use them, that's their problem, not mine. I don't want to "ban" them from Linux and, there isn't any real way of doing such a thing, anyway - Linux is free software, but the GPL license doesn't care about userland at all, anyone can port whatever userland applications they want on it and release/sell them under whatever license they want. If this weren't possible, Linux would never succeed as a platform, that's just how it is.

    Linux distros should still favor open-source software whenever possible, but they shouldn't make it impossible or hard to install proprietary software if the user so wants. I think at some point we just have to trust the users to know what they want to run on their own computers.
    Do you realise that open source is not a sign of security? Unless you personally check all of the code you cannot know it's secure and don't think for a moment that the "community" does this either, because they don't.

    Truecrypt, the software so many people trust to keep their data safe, provides binaries and this is what most people use when they use truecrypt. However, a team of security researchers could not find any means of reproducing the binaries that truecrypt provide and on top of that, found that the "Truecrypt Foundation" resides at a fake address and there's no information about who they are. Now add to this the recent revelations that most common encryption protocols were supposedly bypassed by NSA and GCHQ, makes for an interesting thought.

    So take a more considered approach when you talk about the "security" of open source.

  5. #25
    Join Date
    Jan 2013
    Posts
    1,462

    Default

    Quote Originally Posted by scottishduck View Post
    Do you realise that open source is not a sign of security? Unless you personally check all of the code you cannot know it's secure and don't think for a moment that the "community" does this either, because they don't.
    Sure they do. At least code that is being properly maintained, gets seen by many developers constantly. The more people see the code, the harder it is to get away with shady things.

    Truecrypt, the software so many people trust to keep their data safe, provides binaries and this is what most people use when they use truecrypt. However, a team of security researchers could not find any means of reproducing the binaries that truecrypt provide and on top of that, found that the "Truecrypt Foundation" resides at a fake address and there's no information about who they are. Now add to this the recent revelations that most common encryption protocols were supposedly bypassed by NSA and GCHQ, makes for an interesting thought.

    So take a more considered approach when you talk about the "security" of open source.
    I don't use truecrypt. Of course you still have to consider the developers of the software, if the source is shady, if the development process is closed and sources only get published with releases, that's of course a sign to be careful.

  6. #26
    Join Date
    Feb 2013
    Posts
    275

    Default

    Quote Originally Posted by dee. View Post
    Sure they do. At least code that is being properly maintained, gets seen by many developers constantly. The more people see the code, the harder it is to get away with shady things.



    I don't use truecrypt. Of course you still have to consider the developers of the software, if the source is shady, if the development process is closed and sources only get published with releases, that's of course a sign to be careful.
    The more important point, that seems to get lost here, is that very few users compile the software they use. The vast majority of users install pre-compiled binaries. It is unrealistic to check binaries against their sources with every version update.

  7. #27
    Join Date
    May 2013
    Posts
    639

    Default Adobe/Microsoft subscription software is worst-case nonfree greed

    Quote Originally Posted by finalzone View Post
    Newer version of Adobe Photoshop is part of Creative Cloud meaning subscription only unless someone is willing to pirate a copy.
    That is an example of application Linux system does not need.
    Subscription software is the absolute worst-case of unfree software short of trusted computing/DRM. From what I heard, what originally drive Microsoft's interest in trusted computing (Palladium) may have been a desire to switch MS Office to a proprietary format, then force-push updates to use it, then switch to subscription-only. Then they could hold all the documents posessed by law firms, etc hostage for huge annual subscription fees. Word of this got out years ago, I would not be surprised if that was what stopped discussions in the early 2000's of mandating that the Internet connect only to "trusted" computers.

    I am never in favor of trying to make someone's locked, corporate software impossible to run on a distro, that would be acting like Apple. On the other hand, I do feel that distros should provide zero support to such things. I will make one exception to that: Steam, on the grounds that they are a toy and not productivity software, with a record of causing people to keep a Windows install. If Microsoft wanted to make Office365 run on my private fork of UbuntuStudio and Mint, I would not lift a finger to help them, same for Adobe's subscription software. Free software means they have the freedom to do it themselves, and we have the freedom to ignore them, and ignore any service or network tied to their products. In my machines, I normally remove any software that adds support for a paid product. With Flash I break the DRM support by avoiding installing Flash and Hal on the same box and keeping .macromedia cleaned out.

    Never forget-there are a LOT of people out there that want to turn your computer into a cable box and the Internet into another cable TV. What do you think this whole push to "cloud computing" is all about? It's about getting you to give major corporations control of your data and everything you do with it, while your computer becomes a thin client to Corporate America and by extension not only the NSA but every two-bit police department with a warrant and every crooked private investigator.

  8. #28
    Join Date
    Jul 2013
    Location
    USA
    Posts
    715

    Default

    Quote Originally Posted by Serge View Post
    I have read that Maxthon's user base is primarily in China. The porting of Maxthon to Linux may be a sign that Linux's popularity in China is growing.
    Steam OS will take Over China!!

  9. #29
    Join Date
    Mar 2013
    Posts
    75

    Default

    Quote Originally Posted by vk512 View Post
    ...Maxthon . . . has been leading html5 compatibility tests for quite some time - html5test.com
    As jntesteves said, there were some issues with Maxthon's score in the past, but perhaps these have been resolved.
    ex. https://twitter.com/rakaz/status/220489915186688000
    Last edited by eidolon; 09-29-2013 at 01:12 AM.

  10. #30
    Join Date
    May 2013
    Posts
    639

    Default NSA bypasses implementations, not methods of encryption

    Quote Originally Posted by scottishduck View Post
    Do you realise that open source is not a sign of security? Unless you personally check all of the code you cannot know it's secure and don't think for a moment that the "community" does this either, because they don't.

    Truecrypt, the software so many people trust to keep their data safe, provides binaries and this is what most people use when they use truecrypt. However, a team of security researchers could not find any means of reproducing the binaries that truecrypt provide and on top of that, found that the "Truecrypt Foundation" resides at a fake address and there's no information about who they are. Now add to this the recent revelations that most common encryption protocols were supposedly bypassed by NSA and GCHQ, makes for an interesting thought.

    So take a more considered approach when you talk about the "security" of open source.
    If the NSA's backdoors were in AES (a common high security encryption protocol) itself, than the NSA could not permit its use for Top Secret US government use, even with the specified 35 character random number passphrase. This would be for fear that any backdoor they added could be found by an adversary and quietly exploited. With known commercial encryption products being tampered with instead, the NSA can simply direct government agencies to use known good implementations.

    The typical way the NSA is believed to bypass closed commercial encryption products is by getting the authors to limit the keyspace. If the keyspace is fixed, as in AES-128/192/256, tampering with the random number generator can limit the number of keys. Remember that OpenSSH key generation issue, where most of the randomness had been commented out, and all keys from those versions had to be blacklisted? Similar things, done on purpose and known to the NSA, can easily bypass any encryption protocol. When the NSA themselves use AES, they simply would make sure to use a non-tampered random number generator for making any keys where random numbers are used. A closed-source product can also get away with using an outright keylogger to store the passphrase somewhere.

    OK, let's talk open source. An attempt by the NSA to keylogger DM-crypt would mean having to drop a keylogger into the Linux kernel, the Cryptsetup binary, or the "cryptroot" script. In the script it would be caught within hours. In the binary it would require obfuscated code-but obfuscated code in source code for encryption triggers automatic suspicion. One reason many trusted GPG but not PGP in the middle of the last decade was 8 lines of code for PGP that activist hackers could not figure out the purpose of. A "contributor" attempting to add a non-obfuscated keylogger to the Cryptsetup code would be caught. Trying to drop a keylogger into the Linux kernel would be REALLY asking to get caught.

    The compromised random number generator method won't work against raw DM-crypt/cryptsetup, as a key made by hashing the passphrase doesn't need the random number generator (/dev/random or /dev/urandom for lower security work). On the other hand, a poorly chosen passphrase becomes vulnerable to dictionary attacks. With LUKS, a dictionary attack becomes much more difficult due to the long compute time to unlock the key with the passphrase, but the security of /dev/random must be good. It seems to me that to compromise /dev/random or even weaken /dev/urandom in the closely watched linux kernel would be really asking to get caught, especially after the OpenSSH issue. If LUKS uses its own system to generate random numbers, that would be even more closely watched, and someone would surely try to match up source with binaries.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •