• El mundo es distinto ahora, pero los errores son los de siempre - Daniel Cantos Pardo
  • Era el primer viaje que realizaban sin tutor y saboreaban la libertad que con esa excitación que produce todo lo nuevo - Pablo Gonz
  • La falta de créditos retardó en tres años la partida de una verdadera expedición solarista - Stanislav Lem
  • El futuro ya está aquí, sólo que desigualmente repartido - W. Gibson
  • Me sentí como un punk que hubiera salido a comprar una navaja automática y volviera a casa con una pequeña bomba de neutrones - W. Gibson
  • A la mañana siguiente, realizaron su primer anochecer estelar - Diane Duane
  • —¿Un sol azul? —dijo Karellen, no muchas horas más tarde—. La identificación no puede ser muy difícil - Arthur C. Clarke
  • Aun así, en ese brillante interior había un núcleo oscuro, un indicio de algo encapsulado - Alastair Reynolds
  • El cielo sobre el puerto tenía el color de una pantalla de televisor sintonizado en un canal muerto - W. Gibson
  • Hace frío señor, en este campo —dijo el señor Tagomi—. Podemos regresar al centro de la ciudad en el helicóptero de la Misión, ¿le parece correcto? - Philip K. Dik
  • ¿Que es el ciberespacio? - El mundo - W. Gibson
  • Tengo sus anotaciones, estaban en su escritorio - Philip K. Dik
  • Esta formación constituye, en su totalidad, un desarrollo tridimensional de algún tipo de ecuación de orden superior - Stanislaw Lem
  • De nuevo la mezcla de rojo y verde, mirándole desde la naturaleza - Kim Stanley Robinson
  • Había un lugar en el Nostromo donde Dallas ocasionalmente encontraba algunos momentos de completa intimidad y al mismo tiempo se sentía razonablemente seguro. Era como una matriz artificial - Alan Dean Foster

#SAILFISHOS BY #JOLLA. Sailfish OS Suomenlinna brings increased security, stability and reliability

Entrada escrita por: Fernando Lanero Barbero

(https://blog.jolla.com/suomenlinna/) Sailfish OS Suomenlinna brings increased security, stability and reliability
Nov 10th 2021, 07:00

Suomenlinna is a Fortress built spanning four islands in the Suomenlahti (Gulf of Finland) just South of Helsinki. While Jolla just celebrated its tenth year, (https://www.suomenlinna.fi/en/) Suomenlinna, which literally translates to Finnish Castle, is somewhat older. Construction was started 267 years ago, with many thousands of workers building for nearly ten years before it was completed. Nowadays it's designated as a World Heritage Site and you can visit it by ferry all year round to see it for yourself.
It's an appropriate codename for the Sailfish OS 4.3.0 Suomenlinna release given the emphasis we've placed on security improvements for this version of the operating system.
For while we saw a tranche of new features included in the (https://blog.jolla.com/verla/) Sailfish OS 4.2.0 Verla release, in 4.3.0 Suomenlinna it's much more about stability, bug-fixes and security improvements.
Deeper integration and improved security
The headline improvement is one that was already trailed by Ville in his recent (https://blog.jolla.com/whats-up-with-sandboxing/) Sandboxing blog post. From now on, any app that defines an application profile will be automatically sandboxed. This is currently an opt-in process; any app that isn't updated in this way will still run outside the sandbox. As a user this means you will start to see some third party apps bring up the sandboxing dialogue on first run. You should already be familiar with this from 4.2.0, in which the Jolla apps were already sandboxed. In 4.3.0 Suomenlinna you'll start to see this more often. Users can of course still run apps however they want, but can feel more confident when running apps inside the sandbox.
This is an important security advancement, and follows the roadmap Ville described towards having all apps sandboxed. We've been careful to increase security without compromising user-control, and we think you'll appreciate the extra peace-of-mind that sandboxing brings.
Updates to Android App Support
There have also been some welcome improvements to Android App Support in this release.
Behind-the-scenes the Android platform has been updated to security patch level 10.0.0_r58. In addition the Android system image is now signed, which means that apps that previously refused to run due to appearing as a rooted system should now work correctly. This is particularly important for banking apps, and a change that many users have been looking forward to.
On centre stage you'll see that Android Apps can now appear in the Open link or file dialogue. This means that when you try to open a file or link that an Android app knows about, you'll be invited to use the Android app alongside the native Sailfish apps that have also registered an interest. This continues the Sharing developments we made in 4.2.0 for native apps, now extended to Android apps in order to make their use more seamless and well-integrated with the rest of the system. This is still beta functionality at this stage since it can depend on the behaviour of individual apps, so expect it to be refined in future releases too.
Backstage there have also been numerous Android App Support bugs fixed for this release. The most prominent related to connectivity issues that some users have been experiencing. We've worked hard to try to address as many as we can, and were able to trace and fix several underlying connectivity issues. We've seen big improvements as a result, but continue to work on fixing more. Overall we believe it's a big step forwards for allowing Android apps to work effectively within Sailfish OS.
Stronger foundations and squashing bugs
There were many fixes outside of Android App Support as well, including improved memory efficiency for the email app, fixing some video playback bumps in the Gallery App, haptic feedback fixes, fixes for a word prediction bug that users of some specific languages were experiencing, and a bunch of fixes related to the captive portal for logging in to public Wifi access points. There are honestly way too many fixes to mention, but if you've been experiencing a particular bug on your device, hopefully it'll be one of the many we squashed this release.
Another big step forwards is the inclusion of Tracker 3 for indexing. The indexer is the service that runs in the background, looking for images, video and documents on your device so that interested apps can easily find and access them. The tracker has been pretty stable for a long time now, providing comprehensive coverage and rapid indexing speeds. We actually harness the (https://wiki.gnome.org/Projects/Tracker) Gnome Tracker for this, and since this was recently updated to Tracker 3, we wanted to follow suit as quickly as possible to benefit from all of the performance and security improvements it brings. So this is exactly what we did, bringing our version to 3.1.2. The jump to version three will also make future updates easier.
The browser has continued to advance, with several improvements made to the UI in this release based on both our own design plans and your feedback The previous release saw a new browser menu style designed to better accommodate all of the new functionality we've added recently. Following feedback we've added a handle following the style of those used elsewhere in the UI to make clear that the menu can be dragged; we've also made extending, scrolling and closing the menu more intuitive. We've also made a number of other improvements elsewhere, including support for camera permissions to allow better integration of the camera with websites that support it.
Last, but by no means least, with the Sailfish OS 4.3.0 Suomenlinna release we'll also for the first time be allowing the Amber Web Authorisation API for official use by apps in Harbour. This means that apps can now easily support OAuth authorisation using a standardised and supported process. This brings security benefits on multiple fronts since for services that support it there's now no need for apps to revert to more insecure password usage, or for developers to roll their own OAuth process.
We hope you'll agree that all of these changes are well worthwhile, even if they don't all appear as big changes in the user interface. Instead, the increased security, stability and reliability of the system represents an important quality advance that we think everyone will appreciate and benefit from.

The post (https://blog.jolla.com/suomenlinna/) Sailfish OS Suomenlinna brings increased security, stability and reliability appeared first on (https://blog.jolla.com) Jolla Blog.



Toda la información y las últimas novedades relativas al software libre y a Ubuntu las puedes encontrar en (http://linuxleon.org) linuxleon.org y (http://ubuntuleon.com) ubuntuleon.com.

(https://blogtrottr.com/unsubscribe/nx2/dXBH7w) unsubscribe from this feed
Leer más...

#SAILFISHOS BY #JOLLA. Happy Birthday Jolla!

Entrada escrita por: Fernando Lanero Barbero

(https://blog.jolla.com/happy-birthday-jolla/) Happy Birthday Jolla!
Oct 14th 2021, 12:00

Ten years back from today, our super excited founding crew including myself (Sami Pienimäki), Marc Dillon, Stefano Mosconi, Jussi Hurmola, and Antti Saarnio, took the founding papers of Jolla Ltd to the Finnish Patent and Registration Office, and the story of Jolla started officially. Soon after this, many individuals from the former MeeGo team joined the Jolla company to give birth to Sailfish OS.
I say 'officially' for Jolla, since as most of you know, the story had already begun years before this in the vibrant and enthusiastic MeeGo team at Nokia, and the passionate community around it. Back in 2010, Nokia was on full speed to make MeeGo its primary smartphone operating system, but after a change in strategy, MeeGo was discontinued in February 2011.
The 10 years of Jolla has been a spectacular ride with loads of significant milestones, unforgettable moments, ups and downs. Already from the beginning it was clearly a 'David vs. Goliath' type of story, which was very accurately pictured by the graphical designer of Helsingin Sanomat, the main daily newspaper in Finland:

(https://blog.jolla.com/content/uploads/2020/11/boats.png) Full page illustration in Helsingin Sanomat, the largest newspaper in Finland.

The origins of the company, the heritage from Nokia, the infamous burning platform memo, and the excitement of the team, were only a few reasons why the beginning of the company was BIG news worldwide. Jolla was on the cover of the New York Times, and Forbes, Financial Times, TechCrunch and several others started to follow our journey very closely. During the ten years, the media worldwide has written over 10,000 articles about our amazing and adventurous project.
From an outsider's perspective it might seem that Jolla has made huge changes and turns in its strategy along the ten years. Looking from inside, this is far from the truth. Jolla's eye has always been on the ball, in building and offering a true alternative open mobile operating system for the world. – one with fundamentally different values to the mainstream advertising or closed proprietary assets of Android and iOS.   The tactics, target groups etc. have changed and developed along the years, but the vision has always remained the same and clear: Jolla is to offer a Freedom of Choice with open approach.

The Next Chapter
Looking at the Jolla story on a timeline (below), you can clearly see the company's development and focus areas from the early MeeGo times and original Sailfish OS release in 2012, until the recent Sailfish 4, and new business line thinking.
The current phase in Jolla's strategy is to continue to push further the Sailfish OS go-to-market operations, and secure new industrial clients for the asset to serve various corporate and governmental sectors.
A very interesting new strategic development area for Jolla in 2021 and further is our unique (https://jolla.com/appsupport) AppSupport for Linux Platforms. Having the capability to run both native Qt apps and common Android apps in one user experience and with consistent integration with the underlying platform has been a key feature in Sailfish OS from day one. Without it, Sailfish OS probably would not even exist to begin with. Jolla is now offering this technology also as a standalone product for various use cases, and there has already been significant interest e.g. in the automotive industry for it.

Sailfish X community program
Sailfish X is our designated community program offering all interested techies to enjoy always the latest & greatest Sailfish OS as their daily driver. As a part of the 10-year celebrations we also have a few great updates regarding Sailfish X for you:
Sailfish X sales expansion
Since the introduction of our community program (https://shop.jolla.com) Sailfish X, we've received lots of requests from all around the world for the product. We are now looking to expand the sales to several new markets around the world starting in early 2022. We are targeting to open the sales in phases e.g. in the US, Australia, New Zealand and re-open the sales to the UK.
The next reference device – Sony Xperia 10 IIIThe next reference device for Sailfish X will be the new Xperia 10 III, which we're working hard to bring available to all of you in early 2022.
10 year special discount
As a birthday treat, we also offer a special discount to all interested to experience Sailfish OS: get a (https://shop.jolla.com) Sailfish X license for your preferred device for only 34.90€! This is a limited time offer. See our (https://shop.jolla.com) shop for more details.

A massive thank you to YOU!
Jolla's story would not have been possible without a passionate and active developer community. Personally, and from the Jolla company, a HUGE THANK YOU for being part of this journey so far!
Thanks also to all our customers, partners, fans and followers – there are too many to mention by name, but you know who you are.
And finally, an extra BIG thank you to each and every one who has been a sailor during these 10 years. You have truly shown your love & passion to the company!
Online event today October 14, 2021: you can participate our 10 year celebration event in Berlin today at 6.30pm CET through our (https://www.facebook.com/jollaofficial/) Facebook Live event.
Let the sailing continue!
Your Jolla captain, sincerely,


The post (https://blog.jolla.com/happy-birthday-jolla/) Happy Birthday Jolla! appeared first on (https://blog.jolla.com) Jolla Blog.



Toda la información y las últimas novedades relativas al software libre y a Ubuntu las puedes encontrar en (http://linuxleon.org) linuxleon.org y (http://ubuntuleon.com) ubuntuleon.com.

(https://blogtrottr.com/unsubscribe/nx2/dXBH7w) unsubscribe from this feed
Leer más...

#SAILFISHOS BY #JOLLA. What’s up with Sandboxing?

Entrada escrita por: Fernando Lanero Barbero

(https://blog.jolla.com/whats-up-with-sandboxing/) What's up with Sandboxing?
Sep 27th 2021, 14:00

In February 2021 we released Sailfish OS 4.0.1 Koli, which introduced a new concept into the OS: Application sandboxing. For the device user, the sandboxing is mostly visible in the permissions dialogs,  displayed when a sandboxed app is run for the first time. In this blog post, I'll dig into the current status, our plans for the future, and what this all means for application developers.
In case you haven't heard about sandboxing in the context of Sailfish OS before, here's a short primer: the purpose of sandboxing is to
improve user privacy, by limiting what applications can do. This is done using a security technology in the Linux kernel called namespaces. This is a lightweight but effective mechanism, which lets us define quite nicely which resources each app can use. All in all, the end result is that the device user is in charge of what resources each app can access.

Where are we now?
When we first introduced sandboxing, it was limited to a selection of the Jolla apps. In Sailfish OS 4.2.0 Verla, this has not changed. But things have progressed under the hood, as we are preparing sandboxing to be applied to all 3rd party applications.
Eventually, we are planning to run all apps in a sandbox. If we want to sandbox an app, the app needs to have a set of required permissions, also known as an application profile. Currently, there aren't any 3rd party apps with defined profiles. Our intention is that when we turn the sandboxing on for all apps, the current existing apps will not be broken. Therefore, we need a default profile, which will be used in case an app hasn't defined an application profile of its own. The default profile will have broad enough permissions to allow any previously Harbour-allowed app to function.
While the sandboxing has been in use for the Jolla apps, we have noticed that the original set of permissions was not quite granular enough. Since the 4.0.1 release, we have added separate permissions for microphone  and external storage access. Common user directory access (Documents, Downloads, Music, etc.) can now be granted via a single permission. Some quite wide permissions were split into more detailed ones – e.g. the permission to read communication history was split out from the Phone permission. In practice what this means is that developers have better control of their app's permissions, users can understand better what an app is requesting, and some capabilities which couldn't be used before will now be available for use by third party apps.

What I've written above has mainly touched on the current situation. What I'm a about to write here is a short glimpse of our plan for the near future. As with any plan, it is almost certain that it will change – it is only a matter of how much. So take the next few sections with a grain of salt.
As I already mentioned, we are planning to eventually sandbox all Sailfish apps by default. Currently we are planning to do this in the Sailfish OS 4.4.0 release. What does that mean for application developers? It means that there is plenty of time to test and verify that your app works well in the sandbox. You can start testing already now – and I will demonstrate how you can do that a bit later. Starting from Sailfish OS 4.3.0 those apps which have explicitly defined their own application profile will be sandboxed. And also starting with Sailfish OS 4.3.0, you can test the default profile. However between the 4.3.0 and 4.4.0 releases, apps that don't define their own profile will run outside the sandbox. We've been experimenting with various default permissions for some time now, what we have running internally is already working well. That permission set will be released with the 4.3.0 release, but even at that stage they should still be considered work in progress, as we continue to fine tune the set until the final release in 4.4.0.
Besides preparing for sandboxing of all applications, we are improving application boosting. Boosting refers to improving application launch times by having commonly-used libraries preloaded in memory. In 4.3.0 we will have boosting enabled for some sandboxed applications – camera, browser and email apps will have it enabled by default. Before sandboxing we used to have general purpose booster processes that were used by all applications, but with sandboxing this is no longer possible. The application permissions are defined already when we construct the sandboxes, so in practice this means that for each boosted application we need to have a specific booster process running in the background, resulting in a constant memory overhead even when the application is not running. So it's a trade off between memory consumption and application startup time. Nevertheless, you can expect to see certain apps start up faster as this is rolled out.

Testing your app
Already with Sailfish OS 4.2.0 you can test application specific sandboxing profiles. If you're an app developer it's quite easy: you just need to make some modifications to your desktop file. First of all, you need to add an X-Sailjail section, configure your application name and organization, and add the required permissions there. Something like:
In Sailfish OS 4.2.0, you also need to remove the X-Nemo-Application-Type=sailfish-qt5 definition, and  change the Exec-line to invoke sailjail:
Exec=sailjail -p sandbox-test.desktop /usr/bin/sandbox-test
In Sailfish OS 4.3.0 that change should no longer be necessary. Please note that the Exec line change is not Harbour compatible, so after you have verified that your profile works, you should remove it before uploading your app to Harbour.
Please also note that starting the app directly from the SDK does not invoke Sailjail – you have to start the application from the icon in the app grid.

With the upcoming Sailfish OS 4.3.0, you can also test if your application works with the default profile. You can enable the default profile by adding a file called "50-enable-sandboxing.conf" in /etc/sailjail/config, with the content:
[Default Profile]
This will turn on sandboxing for all apps – something that will also happen by default from Sailfish OS 4.4.0 onwards. With this, when you start your app, you will see the familiar permissions dialog with the default permissions.

Now if you want you can also test opting out from sandboxing, by adding the following lines to your app desktop file:
Note that disabling the sandbox will not be allowed in the Jolla Store, but it might be useful in your own apps which you do not plan to share via the Jolla Store.
There is one difference between the default profile and defining an application profile with otherwise identical permissions: with the default profile you will get ~/{.local/share,.config,.cache}/packagename directories mounted inside the sandbox. With an application profile you will get ~/{.local/share,.config,.cache}/OrganizationName/ApplicationName/ directories instead, i.e. using the definitions from your X-Sailjail section.

Application Sandboxing as a concept has been part of Sailfish OS for a while now. It will soon be enabled for all 3rd party apps. When this happens, the only change end users should notice will be the permission dialog when launching an app for the first time. Now is the time for application developers to check that their applications work as expected inside sandboxes.
While all applications in the Jolla Store are expected to work inside sandboxes even without changes, it's always a good idea to verify that your app works beforehand. And while you're at it, you might want to consider defining the specific set of permissions which are needed for your app. The default list of permissions is quite long, and for the end user it will always look better if the application only requests those permissions which it actually needs.

The post (https://blog.jolla.com/whats-up-with-sandboxing/) What's up with Sandboxing? appeared first on (https://blog.jolla.com) Jolla Blog.



Toda la información y las últimas novedades relativas al software libre y a Ubuntu las puedes encontrar en (http://linuxleon.org) linuxleon.org y (http://ubuntuleon.com) ubuntuleon.com.

(https://blogtrottr.com/unsubscribe/nx2/dXBH7w) unsubscribe from this feed
Leer más...

#SAILFISHOS BY #JOLLA. Sailfish OS Verla introduces a new sharing system, camera updates, and more

Entrada escrita por: Fernando Lanero Barbero

(https://blog.jolla.com/verla/) Sailfish OS Verla introduces a new sharing system, camera updates, and more
Sep 16th 2021, 12:30

The summer is turning into autumn and it's again time for a new Sailfish release – the third one this year, having the version number 4.2.0 and bearing the name Verla. The name follows our scheme  of Unesco world heritage sites in Finland and (https://www.verla.fi/en/) Verla is a factory museum and its surrounding area, including an old groundwood mill founded at the end of the 19th century, a part of the history of  the paper industry in Finland.
As usual, the changes go all over, some easier to notice and some deeper in the software stack. Let's go now through some of the main items. More details can be found in the (https://forum.sailfishos.org/t/release-notes-verla-4-2-0/7092) release notes.
Sharing system redone
One of the more visible changes in this release is the new sharing system. In the earlier versions, the content sharing UI  was embedded into the applications that had content sharing capabilities. The UI itself was a common component, but it's use was not allowed by third party apps due to many sharing methods needing privileges either already restricted to the system UI side, or being something that we wanted to make more protected.
This has now been reworked and instead of embedding the sharing UI in the initiating app, we've implemented a system pop-up for handling the sharing method selection and the following details. By doing this we've been able to cut down on a lot of the permissions from our applications and thus made them more secure. For example, since sharing a note  from the Notes app by email no longer needs to embed an email composer in the app, there's no need anymore to allow it access to all the email and account related bits, etc.
This is also good news for third party developers. Without the need to access any privileged functionality we are finally now able to allow the sharing system for (https://github.com/sailfishos/sdk-harbour-rpmvalidator/pull/136) others to use too.
More changes you can see
On the App grid there's now something we call the Sticky App Grid. On tall devices like the new Xperias it can be difficult to reach the top of the screen in one-handed use. To make it easier to launch the top items, you can now drag the launcher grid upwards a bit and then just leave it there.
The calendar app main view is now slightly different. We changed the indicators in the month grid cells from simple rounded rectangles shown if there are events on the day to colored dots indicating which notebooks they are from. With this simple change the view becomes more useful, making it easier to spot what kind of events there are. Deeper in the same app it's also now possible to open contact cards for invitees.
The browser has continued very active development. In earlier releases we provided engine upgrades to the Gecko ESR60 level and now it's been polished further. On the feature side we've introduced the ability to configure the download folder and to edit login data. There have also been some adjustments to the page menu and the tab list.
In the old days a phone had one camera on the back and one in the front. Then more cameras started to appear, and maybe still some more. For us this became more topical with the Xperia 10 II and we've now added support for switching between the different zoom-level back cameras with buttons near the capture key.
Speaking of the camera, people taking a closer look at the changelogs might have noticed mentions of HDR and such. We've experimented a bit with the different exposure modes (e.g. sports mode and HDR), but as the different devices don't work consistently with them, and given some have problems with specific modes, we didn't yet make the UI for these visible. Maybe in some later release we'll get the hardware specific details sorted out enough to enable the setting.
And finally, specific to the Xperia 10 II, we've now made the virtual keyboard text prediction available. As you might remember, this was the first device where we shipped the operating system as a 64-bit version and due to the text prediction relying on an external prediction engine we weren't initially able to include the feature. We've now been able to bypass the problem by running the prediction side on a separate service for the keyboard.
And some more sandboxing work under the hood
App sandboxing has been progressing since it was first shipped in February. We've been running the applications shipped with the operating system in sandboxes for a while now and with good results. There's been continuing improvements to the sandbox implementation and fixes to permission-related regressions.
For the community, we've noted that some developers have already tried out the new sandbox system, and for others the time for all 3rd party applications to be run in sandboxes is approaching. We will shortly publish detailed technical instructions in the forum and an overview blog post, so stay tuned.
And there are many more improvements besides; this is only a brief overview of the changes. There have been bug fixes, paper cut UI fixes here and there, and package upgrades. As always. The story will continue and the next upcoming release is already brewing.
The post (https://blog.jolla.com/verla/) Sailfish OS Verla introduces a new sharing system, camera updates, and more appeared first on (https://blog.jolla.com) Jolla Blog.



Toda la información y las últimas novedades relativas al software libre y a Ubuntu las puedes encontrar en (http://linuxleon.org) linuxleon.org y (http://ubuntuleon.com) ubuntuleon.com.

(https://blogtrottr.com/unsubscribe/nx2/dXBH7w) unsubscribe from this feed
Leer más...


Entrada escrita por: Fernando Lanero Barbero
A estas alturas todos sabemos que para ganar permisos de súper usuario en SailfishOS tenemos el comando:

Pero en SailfishOS, al igual que en cualquier otro Linux del mundo mundial, se puede configurar "sudo" para ejecutar programas con los privilegios de seguridad de otro usuario (normalmente el usuario root) de manera segura, convirtiéndose así temporalmente en súper usuario. Y el tema no es tan trivial como parece, ya que esto nos permitirá tener un fichero "/etc/sudoers" en el que poder añadir usuarios como administradores, evitar que aplicaciones nos soliciten directamente permisos de administración, etc.

Para configurar "sudo" en SailfishOS basta con seguir estos pasos.

Instalar "sudo":

devel-su pkcon install sudo

Pero "sudo", aún correctamente instalado, no funciona "out-of-the-box". Para ello tenedremos que hacer a mayores:

devel-su pkcon install nano

Y añadir "defaultuser" como "sudoer" usando "nano":

devel-su nano /etc/sudoers

Y poniendo en la última fila del fichero:

defaultuser ALL=(ALL) ALL
Leer más...