Podcasts about Firefox

Show DescriptionWho's the person to hire when your home network isn't working as reliably as it should? And while we're at it - can you also fix Dave's Find My notifications? What's the plan with Firefox in 2025? And Dave blogs (and mouth blogs) about his struggles with the MVP car. Listen on WebsiteWatch on YouTubeLinks Why I hate the MVP car - daverupert.com TalkShop Show w/ Macho Man Randy Standards - Whiskey Web and Whatnot: Web Development, Neat - Episode 212 SponsorsAtomic Design Certification CourseMaster tokens AND atomic design to elevate your design systems game. Get access to both courses, which include hours of comprehensive video lessons, sample token architecture for Figma & Code, process diagrams, exercises, and exclusive Slack!

Eight Grade 1 races are spread across America this week. Fifteen Breeders' Cup qualifiers make this an overflow weekend that includes super Saturday at Aqueduct, Keeneland and Santa Anita. All this makes for a stacked episode of the Ron Flatter Racing Pod. The Keeneland fall season opens this week with five Grade 1s. In her new role with the racetrack, former FanDuel TV host Gabby Gaudet offers a preview. Fourteen graded stakes feature 2-year-olds including It's Our Time, the buzz horse who won by 17 3/4 lengths in his August debut at Saratoga. Trainer Tom Amoss discusses the Not This Time colt when he previews the Champagne Stakes (G1) at the Belmont at Aqueduct meet. Horse Racing Nation handicapper Ed DeRosa offers weekend handicapping for races across the country. Co-hosts John Cherwa of the Los Angeles Times and Keith Nelson of Fairmount Park help go through listener and reader feedback. The Ron Flatter Racing Pod via Horse Racing Nation is available via free subscription from Apple, Firefox, iHeart and Spotify as well as HorseRacingNation.com.

Daniel Stenberg, Swedish Internet protocol expert and founder and lead developer of the Curl project, speaks with SE Radio host Gavin Henry about removing Rust from Curl. They discuss why Hyper was removed from curl, why the last five percent of making it a success was difficult, what the project gained from the 5-year attempt to tackle bringing Rust into a C project, lessons learned for next time, why user support is critical, and the positive long-lasting impact this attempt had. Brought to you by IEEE Computer Society and IEEE Software magazine.

(Sermon) Hebrews: Warning Against Unbelief 2 of 2, Rev. Henry Kelly, Bible Education Institute Hebrews 3:1-19 Jesus Greater Than Moses: Hebrews chapter3 verses 1-6 Warning Against Unbelief: Hebrews chapter 3 verses 7-19 (Resources) YouTube: Apologia Studios & Church w/ Pastor Jeff Durbin apologiastudios.com; Voddie Baucham ; Dr. R C. Sproul: Ligonier Ministries; Ray Comfort-Living Waters livingwaters.com; Ken Ham-Answers In Genesis answersingenesis.org; Wall Builders w/ David Barton wallbuliders.com; Dr. Walter Martin waltermartin.org; Bible Education Institute is on Video Plarforms: YouTube & Rumble; Podcast Platforms: Stitcher, Apple, Spotify, Amazon , Audible, Amazon Music, Facebook, Overcast,, Chrome, gPodder, Firefox, Safari,, iTunes, Alexia, Podbean, Internet Explorer & Podcast Addict, Listen Notes, Luminary Podcast, Player FM& others. Website: 5dbe1182e5831.site123.me Email: bibleeducationinstitute@gmail.com Donate: We greatly appreciate your donations to help reach as many people as possible. Thank you Please copy / paste and put on your computer or phone top search engine. https://www.paypal.com/donate?hosted_button_id=TYN64GZ6YLD7C Wanted: The Brave, Joshua 1:9, Kirk Cameron https://youtu.be/fBTv07MjwAA Watch "Christians Will Win Down Here | Jeff Durbin" on YouTube https://www.youtube.com/live/IZ6EqLug0Sc?feature=share (Sermon) How to Save a Nation, Rev. Henry Kelly, Bible Education Institute https://youtu.be/bEyNvfRGQyc

This is a recap of the top 10 posts on Hacker News on September 26, 2025. This podcast was generated by wondercraft.ai (00:30): Open SocialOriginal post: https://news.ycombinator.com/item?id=45388021&utm_source=wondercraft_ai(01:53): Britain to introduce compulsory digital ID for workersOriginal post: https://news.ycombinator.com/item?id=45381810&utm_source=wondercraft_ai(03:16): Pop OS 24.04 LTS BetaOriginal post: https://news.ycombinator.com/item?id=45384481&utm_source=wondercraft_ai(04:39): Evanston orders Flock to remove reinstalled camerasOriginal post: https://news.ycombinator.com/item?id=45382434&utm_source=wondercraft_ai(06:02): No reachable chess position with more than 218 movesOriginal post: https://news.ycombinator.com/item?id=45382755&utm_source=wondercraft_ai(07:25): Fast UDP I/O for Firefox in RustOriginal post: https://news.ycombinator.com/item?id=45387462&utm_source=wondercraft_ai(08:48): SimpleFold: Folding proteins is simpler than you thinkOriginal post: https://news.ycombinator.com/item?id=45389267&utm_source=wondercraft_ai(10:11): Investigating a Forged PDFOriginal post: https://news.ycombinator.com/item?id=45381010&utm_source=wondercraft_ai(11:34): My Deus Ex lipsyncing fix modOriginal post: https://news.ycombinator.com/item?id=45382397&utm_source=wondercraft_ai(12:57): Translating a Fortran F-16 Simulator to Unity3DOriginal post: https://news.ycombinator.com/item?id=45383637&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

The Grade 1 Goodwood Stakes at Santa Anita and the return of a familiar media personality are the focus of the Ron Flatter Racing Pod.  Former FanDuel TV host Ken Rudulph talks about what he is doing now and his thoughts about the sport he used to cover daily. He also weighs in with his forecast for the Goodwood. Trainer Brad Cox discusses First Mission's bid to get his first Grade 1 win when he races in the feature at Santa Anita. He also talks about multimillionaire Hit Show's bid to win the Lukas Classic (G2) for the second year in a row as well as some of his other potential Breeders' Cup horses. Paddock Prince handicapper David Levitch zeroes in on weekend races at the Belmont at Aqueduct and Churchill Downs September meets. Co-hosts John Cherwa of the Los Angeles Times and Keith Nelson of Fairmount Park help go through listener and reader feedback. The Ron Flatter Racing Pod via Horse Racing Nation is available via free subscription from Apple, Firefox, iHeart and Spotify as well as HorseRacingNation.com.

Na semana que passou o Diogo andou a arrumar tudo em caixotes e aumentou o PIB Chinês em 127%! Toda a Glória ao Celestial Comprador de Electrónica dos Povos! E num verdadeiro Pro-Dígio de velocidade, brincou com RJ45, sfp+, OpenWRT e demais jigajogas para espremer 10 Gbps até ao último bit. Ainda trouxemos muitas novidades do Firefox 143, Questing Quokka, Gnome 49, Ubuntu Touch e coisas com nomes esquisitos, como Dracut, Cuda, Loupe, Rust e Ptyxis (pronuncia-se «Ptyxis»).

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

This week Noah and Steve dig into an npm attack that Red Hat has issued an alert for. We talk about small and portable laptops, and of course answer your questions. -- During The Show -- 00:52 Intro ZFS Win Meld (https://meldmerge.org/) Domain knowledge scaling 07:32 NPM Supply Chain Attack No compromised packages used in Red Hat software NPM and Node.js What the malicious code does Red Hat is on top of it Reaction to finding a compromise Red Hat Article (https://access.redhat.com/security/supply-chain-attacks-NPM-packages) Aikido Article 1 (https://www.aikido.dev/blog/popular-nx-packages-compromised-on-npm) Aikido Article 2 (https://www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised) Aikido Article 3 (https://www.aikido.dev/blog/s1ngularity-nx-attackers-strike-again) 18:21 Registrar - Josh CloudFlare PorkBun (https://porkbun.com/) Great Nerds 21:47 Small Laptop - Ziggy HP ProBook Noah's GPD Pocket v1 Surface Pro 1 Dell Latitude 2 in 1 StarLabs Star Lite (https://us.starlabs.systems/pages/starlite) 34:56 Ham Radio - Brett Open Source Ham Radio Plan to sell a kit Have a prototype Reddit Post (https://www.reddit.com/r/HamRadio/s/TTodwCYuyG) Arkos Engineering (https://arkosengineering.com/) HT-15 GitHub (https://github.com/Arkos-Engineering/HT-15) 37:58 News Wire Systemd 258 - phoronix.com (https://www.phoronix.com/news/systemd-258) Rust 1.90 - rust-lang.org (https://blog.rust-lang.org/2025/09/18/Rust-1.90.0) Gnome 49 - gnome.org (https://release.gnome.org/49) Firefox 143 - firefox.com (https://www.firefox.com/en-US/firefox/143.0/releasenotes) Thunderbird 143 - thunderbird.net (https://www.thunderbird.net/en-US/thunderbird/143.0/releasenotes) Rayhunter - helpnetsecurity.com (https://www.helpnetsecurity.com/2025/09/17/rayhunter-eff-open-source-tool-detect-cellular-spying) TernFS - phoronix.com (https://www.phoronix.com/news/TernFS-File-System-Open-Source) BCacheFS DKMS - hackaday.com (https://hackaday.com/2025/09/19/bcachefs-is-now-a-dkms-module-after-exile-from-the-linux-kernel) Tails 7.0 - torproject.org (https://blog.torproject.org/new-release-tails-7_0) Porteux - github.com (https://github.com/porteux/porteux/releases/tag/v2.3) Oreon 10 - oreonproject.org (https://oreonproject.org/oreon-10) Azure Linux 3.0 - webpronews.com (https://www.webpronews.com/microsoft-releases-azure-linux-3-0-with-optional-6-12-lts-kernel) Tongyi-DeepResearch-30B-A3B - marktechpost.com (https://www.marktechpost.com/2025/09/18/alibaba-releases-tongyi-deepresearch-a-30b-parameter-open-source-agentic-llm-optimized-for-long-horizon-research) Qwen3-Omni - venturebeat.com (https://venturebeat.com/ai/chinas-alibaba-challenges-u-s-tech-giants-with-open-source-qwen3-omni-ai) AI Risks - scmp.com (https://www.scmp.com/tech/big-tech/article/3326214/deepseek-warns-jailbreak-risks-its-open-source-models) Hugging Face GitHub CoPilot Integration - infoq.com (https://www.infoq.com/news/2025/09/hugging-face-vscode) 40:06 OBS OBS 32.0 Pipewire video capture Lots of other features Pipewire is professional qpwgraph (https://github.com/rncbc/qpwgraph) 9 to 5 Linux (https://9to5linux.com/obs-studio-32-0-pipewire-video-capture-improvements-basic-plugin-manager) 44:53 Tails on Trixie Tails teaches you reproduce-ability Privacy tools Changes New min requirements Persistent Apps 9 to 5 Linux (https://9to5linux.com/tails-7-0-anonymous-linux-os-released-based-on-debian-13-trixie) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/460) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

If you like what you hear, please subscribe, leave us a review and tell a friend!Recent cyber incidents show a surge in attacks targeting both public and private sectors. Threat actors exploited vulnerabilities in software like GeoServer and Pandoc, leading to breaches in U.S. federal agencies and cloud environments. Malware campaigns, such as BadIIS, spread via SEO poisoning, while SonicWall and Boyd Gaming faced rootkits and data breaches, respectively. Security firms like Cloudflare successfully mitigated record-breaking DDoS attacks, and Mozilla introduced safeguards allowing Firefox add-on developers to roll back problematic updates. Law enforcement, including the Secret Service, has intervened to dismantle telecom threats impacting global operations like the UN.

Consumer Reports on Windows 10 updates. Waste (not fraud or abuse) within DoD Cyberoperations. China's DeepSeek produces deliberately flawed code. WebAssembly v3.0 officially released. Firefox v143 updates and new features. Firefox for Android now offers DoH. A nearly terminal flaw in Microsoft's Entra ID. Chrome hits its 6th 0-day this year. Emergency update. DRAM (now DDR5) still vulnerable to RowHammer. SAMSUNG kitchen refrigerators begin showing ads. China says no to NVIDIA. 300 more (new) NPM maliciouspackages found and removed. The EU is already testing proper online age verification. Show Notes - https://www.grc.com/sn/SN-1044-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: bigid.com/securitynow go.acronis.com/twit zscaler.com/security 1password.com/securitynow hoxhunt.com/securitynow

Coming up in this episode * We took a break over the break * Windows 10 pulls a fast one * Firefox brings in another clanker 0:00 Cold Open 2:27 A Distro, a Router and a Choice 25:26 Windows 10 Isn't Dead Yet... 43:45 Browser Watch (feat. Firefox) 1:09:58 Next Time! 1:14:57 Stinger The Video Version! (https://youtu.be/Rsn57QtNsiI) https://youtu.be/Rsn57QtNsiI

The Pennsylvania Derby and Cotillion, a pair of Grade 1, $1 million stakes for 3-year-olds, will be run this weekend at Parx. They also are the focus of the Ron Flatter Racing Pod. Track announcer Jessica Paquette checks in from Parx to discuss the two races and their context in the 2025 championship picture. She also provides perspective on the arc of the 3-year-old season for both males and females. Breeder and co-owner Robert Clay talks about Pennsylvania Derby favorite Baeza, the productivity and sale of his dam Puca and how he changed the direction of his Grandview Equine operation to focus on colts who have turned into classic winners. Super Screener creator Mike Shutty offers tips on the Gallant Bob (G2), the Cotillion and the Pennsylvania Derby at Parx. Co-hosts John Cherwa of the Los Angeles Times and Keith Nelson of Fairmount Park help field feedback from listeners and readers about Churchill Downs continuing to penalize Kentucky Derby preps that lure small fields. The Ron Flatter Racing Pod via Horse Racing Nation is available via free subscription from Apple, Firefox, iHeart and Spotify as well as HorseRacingNation.com.

This show has been flagged as Clean by the host. Hello, this is your host, Archer72 for another episode of Hacker Public Radio. In this episode, I continue to fall for the AI trap. Here I was, minding my own business, when I was bothered by the icon only showing a generic icon for the Beeper app. Now, I'm not saying that Duck.ai is not useful, but be very careful what you ask for. It was probably a combination of the early morning, and not reading completely through the AI suggestions, but I ended up losing all icons on the Gnome desktop except for a few like Firefox. I won't leave the problematic command so I don't trip up the listener, but it involved updating a desktop database. This in turn left a dash or blank where the icons should be. If that wasn't bad enough, it was suggested to reset Gnome settings, and nothing was as it seemed before. Things that I had taken for granted were not there. You forget what custom settings are there when mistakes like this are made. So the short answer is that the icons directory, located on my Debian system should be located in .local/share/icons. Instead it was in a sub-directory .local/share/icons/icons Correcting the directory location solved everything, but I was still left to reset my custom Gnome keybindings. • Swap Escape and Caps lock key I used this because I am a Vim user, and this feels more natural when I need to hit Escape to change modes. In Gnome, the setting is under Gnome Tweaks > Keyboard > Additional Layout Options > Swap Esc and Caps Lock Key As of this show release the current stable version is Trixie. Gnome Tweaks - Debian Trixie can be installed by sudo apt install gnome-tweaks on any Debian based system. • Compose key • Compose key shortcuts The Compose key is found at Settings > Keyboard > Compose Key. I selected the Menu key, because this is rarely used, and can still be accessed by the track pad. • Shortcut to open MPV with a clipboard URL from Youtube This can be found in Setting > Keyboard > View and Customize Shortcuts > Custom Shortcuts Shift+Ctrl+P Code placed in /usr/local/bin/ #!/bin/bash ## mpv-url url=`xsel -o -b` echo $url mpv $url Now I can get back to what I started in the first place, creating a .desktop file for Beeper. I created a beeper-desktop.desktop file in `~/.local/share/applications' with the follow contents. [Desktop Entry] Name=Beeper Desktop Exec=/home/mark/AppImages/Beeper-4.1.169.AppImage Icon=/home/mark/.local/share/icons/beeper.png Type=Application Categories=Network;InstantMessaging; Terminal=false StartupWMClass=Beeper The last part of the config file can be found by xprop | grep WM_CLASS Provide feedback on this episode.

Francois Daost is a W3C staff member and co-chair of the Web Developer Experience Community Group. We discuss the W3C's role and what it's like to go through the browser standardization process. Related links W3C TC39 Internet Engineering Task Force Web Hypertext Application Technology Working Group (WHATWG) Horizontal Groups Alliance for Open Media What is MPEG-DASH? | HLS vs. DASH Information about W3C and Encrypted Media Extensions (EME) Widevine PlayReady Media Source API Encrypted Media Extensions API requestVideoFrameCallback() Business Benefits of the W3C Patent Policy web.dev Baseline Portable Network Graphics Specification Internet Explorer 6 CSS Vendor Prefix WebRTC Transcript You can help correct transcripts on GitHub. Intro [00:00:00] Jeremy: today I'm talking to Francois Daoust. He's a staff member at the W3C. And we're gonna talk about the W3C and the recommendation process and discuss, Francois's experience with, with how these features end up in our browsers. [00:00:16] Jeremy: So, Francois, welcome [00:00:18] Francois: Thank you Jeremy and uh, many thanks for the invitation. I'm really thrilled to be part of this podcast. What's the W3C? [00:00:26] Jeremy: I think many of our listeners will have heard about the W3C, but they may not actually know what it is. So could you start by explaining what it is? [00:00:37] Francois: Sure. So W3C stands for the Worldwide Web Consortium. It's a standardization organization. I guess that's how people should think about W3C. it was created in 1994. I, by, uh, Tim Berners Lee, who was the inventor of the web. Tim Berners Lee was the, director of W3C for a long, long time. [00:01:00] Francois: He retired not long ago, a few years back. and W3C is, has, uh, a number of, uh. Properties, let's say first the goal is to produce royalty free standards, and that's very important. Uh, we want to make sure that, uh, the standard that get produced can be used and implemented without having to pay, fees to anyone. [00:01:23] Francois: We do web standards. I didn't mention it, but it's from the name. Standards that you find in your web browsers. But not only that, there are a number of other, uh, standards that got developed at W3C including, for example, XML. Data related standards. W3C as an organization is a consortium. [00:01:43] Francois: The, the C stands for consortium. Legally speaking, it's a, it's a 501c3 meaning in, so it's a US based, uh, legal entity not for profit. And the, the little three is important because it means it's public interest. That means we are a consortium, that means we have members, but at the same time, the goal, the mission is to the public. [00:02:05] Francois: So we're not only just, you know, doing what our members want. We are also making sure that what our members want is aligned with what end users in the end, need. and the W3C has a small team. And so I'm part of this, uh, of this team worldwide. Uh, 45 to 55 people, depending on how you count, mostly technical people and some, uh, admin, uh, as well, overseeing the, uh, the work, that we do, uh, at the W3C. Funding through membership fees [00:02:39] Jeremy: So you mentioned there's 45 to 55 people. How is this funded? Is this from governments or commercial companies? [00:02:47] Francois: The main source comes from membership fees. So the W3C has a, so members, uh, roughly 350 members, uh, at the W3C. And, in order to become a member, an organization needs to pay, uh, an annual membership fee. That's pretty common among, uh, standardization, uh, organizations. [00:03:07] Francois: And, we only have, uh, I guess three levels of membership, fees. Uh, well, you may find, uh, additional small levels, but three main ones. the goal is to make sure that, A big player will, not a big player or large company, will not have more rights than, uh, anything, anyone else. So we try to make sure that a member has the, you know, all members have equal, right? [00:03:30] Francois: if it's not perfect, but, uh, uh, that's how things are, are are set. So that's the main source of income for the W3C. And then we try to diversify just a little bit to get, uh, for example, we go to governments. We may go to governments in the u EU. We may, uh, take some, uh, grant for EU research projects that allow us, you know, to, study, explore topics. [00:03:54] Francois: Uh, in the US there, there used to be some, uh, some funding from coming from the government as well. So that, that's, uh, also, uh, a source. But the main one is, uh, membership fees. Relations to TC39, IETF, and WHATWG [00:04:04] Jeremy: And you mentioned that a lot of the W3C'S work is related to web standards. There's other groups like TC 39, which works on the JavaScript spec and the IETF, which I believe worked, with your group on WebRTC, I wonder if you could explain W3C'S connection to other groups like that. [00:04:28] Francois: sure. we try to collaborate with a, a number of, uh, standard other standardization organizations. So in general, everything goes well because you, you have, a clear separation of concerns. So you mentioned TC 39. Indeed. they are the ones who standardize, JavaScript. Proper name of JavaScript is the EcmaScript. [00:04:47] Francois: So that's tc. TC 39 is the technical committee at ecma. and so we have indeed interactions with them because their work directly impact the JavaScript that you're going to find in your, uh, run in your, in your web browser. And we develop a number of JavaScript APIs, uh, actually in W3C. [00:05:05] Francois: So we need to make sure that, the way we develop, uh, you know, these APIs align with the, the language itself. with IETF, the, the, the boundary is, uh, uh, is clear as well. It's a protocol and protocol for our network protocols for our, the IETF and application level. For W3C, that's usually how the distinction is made. [00:05:28] Francois: The boundaries are always a bit fuzzy, but that's how things work. And usually, uh, things work pretty well. Uh, there's also the WHATWG, uh, and the WHATWG is more the, the, the history was more complicated because, uh, t of a fork of the, uh, HTML specification, uh, at the time when it was developed by W3C, a long time ago. [00:05:49] Francois: And there was been some, uh, Well disagreement on the way things should have been done, and the WHATWG took over got created, took, took this the HTML spec and did it a different way. Went in another, another direction, and that other, other direction actually ended up being the direction. [00:06:06] Francois: So, that's a success, uh, from there. And so, W3C no longer works, no longer owns the, uh, HTML spec and the WHATWG has, uh, taken, uh, taken up a number of, uh, of different, core specifications for the web. Uh, doing a lot of work on the, uh, on interopoerability and making sure that, uh, the algorithm specified by the spec, were correct, which, which was something that historically we haven't been very good at at W3C. [00:06:35] Francois: And the way they've been working as a, has a lot of influence on the way we develop now, uh, the APIs, uh, from a W3C perspective. [00:06:44] Jeremy: So, just to make sure I understand correctly, you have TC 39, which is focused on the JavaScript or ECMAScript language itself, and you have APIs that are going to use JavaScript and interact with JavaScript. So you need to coordinate there. The, the have the specification for HTML. then the IATF, they are, I'm not sure if the right term would be, they, they would be one level lower perhaps, than the W3C. [00:07:17] Francois: That's how you, you can formulate it. Yes. The, the one layer, one layer layer in the ISO network in the ISO stack at the network level. How WebRTC spans the IETF and W3C [00:07:30] Jeremy: And so in that case, one place I've heard it mentioned is that webRTC, to, to use it, there is an IETF specification, and then perhaps there's a W3C recommendation and [00:07:43] Francois: Yes. so when we created the webRTC working group, that was in 2011, I think, it was created with a dual head. There was one RTC web, group that got created at IETF and a webRTC group that got created at W3C. And that was done on purpose. Of course, the goal was not to compete on the, on the solution, but actually to, have the two sides of the, uh, solution, be developed in parallel, the API, uh, the application front and the network front. [00:08:15] Francois: And there was a, and there's still a lot of overlap in, uh, participation between both groups, and that's what keep things successful. In the end. It's not, uh, you know, process or organization to organization, uh, relationships, coordination at the organization level. It's really the fact that you have participants that are essentially the same, on both sides of the equation. [00:08:36] Francois: That helps, uh, move things forward. Now, webRTC is, uh, is more complex than just one group at IETF. I mean, web, webRTC is a very complex set of, uh, of technologies, stack of technologies. So when you, when you. Pull a little, uh, protocol from IETFs. Suddenly you have the whole IETF that comes with you with it. [00:08:56] Francois: So you, it's the, you have the feeling that webRTC needs all of the, uh, internet protocols that got, uh, created to work Recommendations [00:09:04] Jeremy: And I think probably a lot of web developers, they may hear words like specification or standard, but I believe the, the official term, at least at the W3C, is this recommendation. And so I wonder if you can explain what that means. [00:09:24] Francois: Well. It means it means standard in the end. and that came from industry. That comes from a time where. As many standardization organizations. W3C was created not to be a standardization organization. It was felt that standard was not the right term because we were not a standardization organization. [00:09:45] Francois: So recommend IETF has the same thing. They call it RFC, request for comment, which, you know, stands for nothing in, and yet it's a standard. So W3C was created with the same kind of, uh thing. We needed some other terminology and we call that recommendation. But in the end, that's standard. It's really, uh, how you should see it. [00:10:08] Francois: And one thing I didn't mention when I, uh, introduced the W3C is there are two types of standards in the end, two main categories. There are, the de jure standards and defacto standards, two families. The de jure standards are the ones that are imposed by some kind of regulation. so it's really usually a standard you see imposed by governments, for example. [00:10:29] Francois: So when you look at your electric plug at home, there's some regulation there that says, this plug needs to have these properties. And that's a standard that gets imposed. It's a de jure standard. and then there are defacto standards which are really, uh, specifications that are out there and people agree to use it to implement it. [00:10:49] Francois: And by virtue of being used and implemented and used by everyone, they become standards. the, W3C really is in the, uh, second part. It's a defacto standard. IETF is the same thing. some of our standards are used in, uh, are referenced in regulations now, but, just a, a minority of them, most of them are defacto standards. [00:11:10] Francois: and that's important because that's in the end, it doesn't matter what the specific specification says, even though it's a bit confusing. What matters is that the, what the specifications says matches what implementations actually implement, and that these implementations are used, and are used interoperably across, you know, across browsers, for example, or across, uh, implementations, across users, across usages. [00:11:36] Francois: So, uh, standardization is a, is a lengthy process. The recommendation is the final stage in that, lengthy process. More and more we don't really reach recommendation anymore. If you look at, uh, at groups, uh, because we have another path, let's say we kind of, uh, we can stop at candidate recommendation, which is in theoretically a step before that. [00:12:02] Francois: But then you, you can stay there and, uh, stay there forever and publish new candidate recommendations. Um, uh, later on. What matters again is that, you know, you get this, virtuous feedback loop, uh, with implementers, and usage. [00:12:18] Jeremy: So if the candidate recommendation ends up being implemented by all the browsers, what's ends up being the distinction between a candidate and one that's a normal recommendation. [00:12:31] Francois: So, today it's mostly a process thing. Some groups actually decide to go to rec Some groups decide to stay at candidate rec and there's no formal difference between the, the two. we've made sure we've adopted, adjusted the process so that the important bits that, applied at the recommendation level now apply at the candidate rec level. Royalty free patent access [00:13:00] Francois: And by important things, I mean the patent commitments typically, uh, the patent policy fully applies at the candidate recommendation level so that you get your, protection, the royalty free patent protection that we, we were aiming at. [00:13:14] Francois: Some people do not care, you know, but most of the world still works with, uh, with patents, uh, for good, uh, or bad reasons. But, uh, uh, that's how things work. So we need to make, we're trying to make sure that we, we secure the right set of, um, of patent commitments from the right set of stakeholders. [00:13:35] Jeremy: Oh, so when someone implements a W3C recommendation or a candidate recommendation, the patent holders related to that recommendation, they basically agree to allow royalty-free use of that patent. [00:13:54] Francois: They do the one that were involved in the working group, of course, I mean, we can't say anything about the companies out there that may have patents and uh, are not part of this standardization process. So there's always, It's a remaining risk. but part of the goal when we create a working group is to make sure that, people understand the scope. [00:14:17] Francois: Lawyers look into it, and the, the legal teams that exist at the all the large companies, basically gave a green light saying, yeah, we, we we're pretty confident that we, we know where the patterns are on this particular, this particular area. And we are fine also, uh, letting go of the, the patterns we own ourselves. Implementations are built in parallel with standardization [00:14:39] Jeremy: And I think you had mentioned. What ends up being the most important is that the browser creators implement these recommendations. So it sounds like maybe the distinction between candidate recommendation and recommendation almost doesn't matter as long as you get the end result you want. [00:15:03] Francois: So, I mean, people will have different opinions, uh, in the, in standardization circles. And I mentioned also W3C is working on other kind of, uh, standards. So, uh, in some other areas, the nuance may be more important when we, but when, when you look at specification, that's target, web browsers. we've switched from a model where, specs were developed first and then implemented to a model where specs and implementing implementations are being, worked in parallel. [00:15:35] Francois: This actually relates to the evolution I was mentioning with the WHATWG taking over the HTML and, uh, focusing on the interoperability issues because the starting point was, yeah, we have an HTML 4.01 spec, uh, but it's not interoperable because it, it's not specified, are number of areas that are gray areas, you can implement them differently. [00:15:59] Francois: And so there are interoperable issues. Back to candidate rec actually, the, the, the, the stage was created, if I remember correctly. uh, if I'm, if I'm not wrong, the stage was created following the, uh, IE problem. In the CSS working group, IE6, uh, shipped with some, version of a CSS that was in the, as specified, you know, the spec was saying, you know, do that for the CSS box model. [00:16:27] Francois: And the IE6 was following that. And then the group decided to change, the box model and suddenly IE6 was no longer compliant. And that created a, a huge mess on the, in the history of, uh, of the web in a way. And so the, we, the, the, the, the candidate recommendation sta uh, stage was introduced following that to try to catch this kind of problems. [00:16:52] Francois: But nowadays, again, we, we switch to another model where it's more live. and so we, you, you'll find a number of specs that are not even at candidate rec level. They are at the, what we call a working draft, and they, they are being implemented, and if all goes well, the standardization process follows the implementation, and then you end up in a situation where you have your candidate rec when the, uh, spec ships. [00:17:18] Francois: a recent example would be a web GPU, for example. It, uh, it has shipped in, uh, in, in Chrome shortly before it transition to a candidate rec. But the, the, the spec was already stable. and now it's shipping uh, in, uh, in different browsers, uh, uh, safari, uh, and uh, and uh, and uh, Firefox. And so that's, uh, and that's a good example of something that follows, uh, things, uh, along pretty well. But then you have other specs such as, uh, in the media space, uh, request video frame back, uh, frame, call back, uh, requestVideoFrameCallback() is a short API that allows you to get, you know, a call back whenever the, the browser renders a video frame, essentially. [00:18:01] Francois: And that spec is implemented across browsers. But from a W3C specific, perspective, it does not even exist. It's not on the standardization track. It's still being incubated in what we call a community group, which is, you know, some something that, uh, usually exists before. we move to the, the standardization process. [00:18:21] Francois: So there, there are examples of things where some things fell through the cracks. All the standardization process, uh, is either too early or too late and things that are in spec are not exactly what what got implemented or implementations are too early in the process. We we're doing a better job, at, Not falling into a trap where someone ships, uh, you know, an implementation and then suddenly everything is frozen. You can no longer, change it because it's too late, it shipped. we've tried, different, path there. Um, mentioned CSS, the, there was this kind of vendor prefixed, uh, properties that used to be, uh, the way, uh, browsers were deploying new features without, you know, taking the final name. [00:19:06] Francois: We are trying also to move away from it because same thing. Then in the end, you end up with, uh, applications that have, uh, to duplicate all the properties, the CSS properties in the style sheets with, uh, the vendor prefixes and nuances in the, in what it does in, in the end. [00:19:23] Jeremy: Yeah, I, I think, is that in CSS where you'll see --mozilla or things like that? Why requestVideoFrameCallback doesn't have a formal specification [00:19:30] Jeremy: The example of the request video frame callback. I, I wonder if you have an opinion or, or, or know why that ended up the way it did, where the browsers all implemented it, even though it was still in the incubation stage. [00:19:49] Francois: On this one, I don't have a particular, uh, insights on whether there was a, you know, a strong reason to implement it,without doing the standardization work. [00:19:58] Francois: I mean, there are, it's not, uh, an IPR (Intellectual Property Rights) issue. It's not, uh, something that, uh, I don't think the, the, the spec triggers, uh, you know, problems that, uh, would be controversial or whatever. [00:20:10] Francois: Uh, so it's just a matter of, uh, there was no one's priority, and in the end, you end up with a, everyone's happy. it's, it has shipped. And so now doing the spec work is a bit,why spend time on something that's already shipped and so on, but the, it may still come back at some point with try to, you know, improve the situation. [00:20:26] Jeremy: Yeah, that's, that's interesting. It's a little counterintuitive because it sounds like you have the, the working group and it, it sounds like perhaps the companies or organizations involved, they maybe agreed on how it should work, and maybe that agreement almost made it so that they felt like they didn't need to move forward with the specification because they came to consensus even before going through that. [00:20:53] Francois: In this particular case, it's probably because it's really, again, it's a small, spec. It's just one function call, you know? I mean, they will definitely want a working group, uh, for larger specifications. by the way, actually now I know re request video frame call back. It's because the, the, the final goal now that it's, uh, shipped, is to merge it into, uh, HTML, uh, the HTML spec. [00:21:17] Francois: So there's a, there's an ongoing issue on the, the WHATWG side to integrate request video frame callback. And it's taking some time but see, it's, it's being, it, it caught up and, uh, someone is doing the, the work to, to do it. I had forgotten about this one. Um, [00:21:33] Jeremy: Tension from specification review (horizontal review) [00:21:33] Francois: so with larger specifications, organizations will want this kind of IPR regime they will want commit commitments from, uh, others, on the scope, on the process, on everything. So they will want, uh, a larger, a, a more formal setting, because that's part of how you ensure that things, uh, will get done properly. [00:21:53] Francois: I didn't mention it, but, uh, something we're really, uh, Pushy on, uh, W3C I mentioned we have principles, we have priorities, and we have, uh, specific several, uh, properties at W3C. And one of them is that we we're very strong on horizontal reviews of our specs. We really want them to be reviewed from an accessibility perspective, from an internationalization perspective, from a privacy and security, uh, perspective, and, and, and a technical architecture perspective as well. [00:22:23] Francois: And that's, these reviews are part of the formal process. So you, all specs need to undergo these reviews. And from time to time, that creates tension. Uh, from time to time. It just works, you know. Goes without problem. a recurring issue is that, privacy and security are hard. I mean, it's not an easy problem, something that can be, uh, solved, uh, easily. [00:22:48] Francois: Uh, so there's a, an ongoing tension and no easy way to resolve it, but there's an ongoing tension between, specifying powerful APIs and preserving privacy without meaning, not exposing too much information to applications in the media space. You can think of the media capabilities, API. So the media space is a complicated space. [00:23:13] Francois: Space because of codecs. codecs are typically not relative free. and so browsers decide which codecs they're going to support, which audio and video codecs they, they're going to support and doing that, that creates additional fragmentation, not in the sense that they're not interoperable, but in the sense that applications need to choose which connect they're going to ship to stream to the end user. [00:23:39] Francois: And, uh, it's all the more complicated that some codecs are going to be hardware supported. So you will have a hardware decoder in your, in your, in your laptop or smartphone. And so that's going to be efficient to decode some, uh, some stream, whereas some code are not, are going to be software, based, supported. [00:23:56] Francois: Uh, and that may consume a lot of CPU and a lot of power and a lot of energy in the end. So you, you want to avoid that if you can, uh, select another thing. Even more complex than, codecs have different profiles, uh, lower end profiles higher end profiles with different capabilities, different features, uh, depending on whether you're going to use this or that color space, for example, this or that resolution, whatever. [00:24:22] Francois: And so you want to surface that to web applications because otherwise, they can't. Select, they can't choose, the right codec and the right, stream that they're going to send to the, uh, client devices. And so they're not going to provide an efficient user experience first, and even a sustainable one in terms of energy because they, they're going to waste energy if they don't send the right stream. [00:24:45] Francois: So you want to surface that to application. That's what the media, media capabilities, APIs, provides. Privacy concerns [00:24:51] Francois: Uh, but at the same time, if you expose that information, you end up with ways to fingerprint the end user's device. And that in turn is often used to track users across, across sites, which is exactly what we don't want to have, uh, for privacy reasons, for obvious privacy reasons. [00:25:09] Francois: So you have to balance that and find ways to, uh, you know, to expose. Capabilities without, without necessarily exposing them too much. Uh, [00:25:21] Jeremy: Can you give an example of how some of those discussions went? Like within the working group? Who are the companies or who are the organizations that are arguing for We shouldn't have this capability because of the privacy concerns, or [00:25:40] Francois: In a way all of the companies, have a vision of, uh, of privacy. I mean, the, you will have a hard time finding, you know, members saying, I don't care about privacy. I just want the feature. Uh, they all have privacy in mind, but they may have a different approach to privacy. [00:25:57] Francois: so if you take, uh, let's say, uh, apple and Google would be the, the, I guess the perfect examples in that, uh, in that space, uh, Google will have a, an approach that is more open-ended thing. The, the user agents has this, uh, should check what the, the, uh, given site is doing. And then if it goes beyond, you know, some kind of threshold, they're going to say, well, okay, well, we'll stop exposing data to that, to that, uh, to that site. [00:26:25] Francois: So that application. So monitor and react in a way. apple has a more, uh, you know, has a stricter view on, uh, on privacy, let's say. And they will say, no, we, the, the, the feature must not exist in the first place. Or, but that's, I mean, I guess, um, it's not always that extreme. And, uh, from time to time it's the opposite. [00:26:45] Francois: You will have, uh, you know, apple arguing in one way, uh, which is more open-ended than the, uh, than, uh, than Google, for example. And they are not the only ones. So in working groups, uh, you will find the, usually the implementers. Uh, so when we talk about APIs that get implemented in browsers, you want the core browsers to be involved. [00:27:04] Francois: Uh, otherwise it's usually not a good sign for, uh, the success of the, uh, of the technology. So in practice, that means Apple, uh, Microsoft, Mozilla which one did I forget? [00:27:15] Jeremy: Google. [00:27:16] Francois: I forgot Google. Of course. Thank you. that's, uh, that the, the core, uh, list of participants you want to have in any, uh, group that develops web standards targeted at web browsers. Who participates in working groups and how much power do they have? [00:27:28] Francois: And then on top of that, you want, organizations and people who are directly going to use it, either because they, well the content providers. So in media, for example, if you look at the media working group, you'll see, uh, so browser vendors, the ones I mentioned, uh, content providers such as the BBC or Netflix. [00:27:46] Francois: Chip set vendors would, uh, would be there as well. Intel, uh, Nvidia again, because you know, there's a hardware decoding in there and encoding. So media is, touches on, on, uh, on hardware, uh, device manufacturer in general. You may, uh, I think, uh, I think Sony is involved in the, in the media working group, for example. [00:28:04] Francois: and these companies are usually less active in the spec development. It depends on the groups, but they're usually less active because the ones developing the specs are usually the browser again, because as I mentioned, we develop the specs in parallel to browsers implementing it. So they have the. [00:28:21] Francois: The feedback on how to formulate the, the algorithms. and so that's this collection of people who are going to discuss first within themselves. W3C pushes for consensual dis decisions. So we hardly take any votes in the working groups, but from time to time, that's not enough. [00:28:41] Francois: And there may be disagreements, but let's say there's agreement in the group, uh, when the spec matches. horizontal review groups will look at the specs. So these are groups I mentioned, accessibility one, uh, privacy, internationalization. And these groups, usually the participants are, it depends. [00:29:00] Francois: It can be anything. It can be, uh, the same companies. It can be, but usually different people from the same companies. But it the, maybe organizations with a that come from very, a very different angle. And that's a good thing because that means the, you know, you enlarge the, the perspectives on your, uh, on the, on the technology. [00:29:19] Francois: and you, that's when you have a discussion between groups, that takes place. And from time to time it goes well from time to time. Again, it can trigger issues that are hard to solve. and the W3C has a, an escalation process in case, uh, you know, in case things degenerate. Uh, starting with, uh, the notion of formal objection. [00:29:42] Jeremy: It makes sense that you would have the, the browser. Vendors and you have all the different companies that would use that browser. All the different horizontal groups like you mentioned, the internationalization, accessibility. I would imagine that you were talking about consensus and there are certain groups or certain companies that maybe have more say or more sway. [00:30:09] Jeremy: For example, if you're a browser, manufacturer, your Google. I'm kind of curious how that works out within the working group. [00:30:15] Francois: Yes, it's, I guess I would be lying if I were saying that, uh, you know, all companies are strictly equal in a, in a, in a group. they are from a process perspective, I mentioned, you know, different membership fees with were design, special specific ethos so that no one could say, I'm, I'm putting in a lot of money, so you, you need to re you need to respect me, uh, and you need to follow what I, what I want to, what I want to do. [00:30:41] Francois: at the same time, if you take a company like, uh, like Google for example, they send, hundreds of engineers to do standardization work. That's absolutely fantastic because that means work progresses and it's, uh, extremely smart people. So that's, uh, that's really a pleasure to work with, uh, with these, uh, people. [00:30:58] Francois: But you need to take a step back and say, well, the problem is. Defacto that gives them more power just by virtue of, uh, injecting more resources into it. So having always someone who can respond to an issue, having always someone, uh, editing a spec defacto that give them more, uh, um, more say on the, on the directions that, get forward. [00:31:22] Francois: And on top of that, of course, they have the, uh, I guess not surprisingly, the, the browser that is, uh, used the most, currently, on the market so there's a little bit of a, the, the, we, we, we, we try very hard to make sure that, uh, things are balanced. it's not a perfect world. [00:31:38] Francois: the the role of the team. I mean, I didn't talk about the role of the team, but part of it is to make sure that. Again, all perspectives are represented and that there's not, such a, such big imbalance that, uh, that something is wrong and that we really need to look into it. so making sure that anyone, if they have something to say, make making sure that they are heard by the rest of the group and not dismissed. [00:32:05] Francois: That usually goes well. There's no problem with that. And again, the escalation process I mentioned here doesn't make any, uh, it doesn't make any difference between, uh, a small player, a large player, a big player, and we have small companies raising formal objections against some of our aspects that happens, uh, all large ones. [00:32:24] Francois: But, uh, that happens too. There's no magical solution, I guess you can tell it by the way. I, uh, I don't know how to formulate the, the process more. It's a human process, and that's very important that it remains a human process as well. [00:32:41] Jeremy: I suppose the role of, of staff and someone in your position, for example, is to try and ensure that these different groups are, are heard and it isn't just one group taking control of it. [00:32:55] Francois: That's part of the role, again, is to make sure that, uh, the, the process is followed. So the, I, I mean, I don't want to give the impression that the process controls everything in the groups. I mean, the, the, the groups are bound by the process, but the process is there to catch problems when they arise. [00:33:14] Francois: most of the time there are no problems. It's just, you know, again, participants talking to each other, talking with the rest of the community. Most of the work happens in public nowadays, in any case. So the groups work in public essentially through asynchronous, uh, discussions on GitHub repositories. [00:33:32] Francois: There are contributions from, you know, non group participants and everything goes well. And so the process doesn't kick in. You just never say, eh, no, you didn't respect the process there. You, you closed the issue. You shouldn't have a, it's pretty rare that you have to do that. Uh, things just proceed naturally because they all, everyone understands where they are, why, what they're doing, and why they're doing it. [00:33:55] Francois: we still have a role, I guess in the, in the sense that from time to time that doesn't work and you have to intervene and you have to make sure that,the, uh, exception is caught and, uh, and processed, uh, in the right way. Discussions are public on github [00:34:10] Jeremy: And you said this process is asynchronous in public, so it sounds like someone, I, I mean, is this in GitHub issues or how, how would somebody go and, and see what the results of [00:34:22] Francois: Yes, there, there are basically a gazillion of, uh, GitHub repositories under the, uh, W3C, uh, organization on GitHub. Most groups are using GitHub. I mean, there's no, it's not mandatory. We don't manage any, uh, any tooling. But the factors that most, we, we've been transitioning to GitHub, uh, for a number of years already. [00:34:45] Francois: Uh, so that's where the work most of the work happens, through issues, through pool requests. Uh, that's where. people can go and raise issues against specifications. Uh, we usually, uh, also some from time to time get feedback from developers and countering, uh, a bug in a particular implementations, which we try to gently redirect to, uh, the actual bug trackers because we're not responsible for the respons implementations of the specs unless the spec is not clear. [00:35:14] Francois: We are responsible for the spec itself, making sure that the spec is clear and that implementers well, understand how they should implement something. Why the W3C doesn't specify a video or audio codec [00:35:25] Jeremy: I can see how people would make that mistake because they, they see it's the feature, but that's not the responsibility of the, the W3C to implement any of the specifications. Something you had mentioned there's the issue of intellectual property rights and how when you have a recommendation, you require the different organizations involved to make their patents available to use freely. [00:35:54] Jeremy: I wonder why there was never any kind of, recommendation for audio or video codecs in browsers since you have certain ones that are considered royalty free. But, I believe that's never been specified. [00:36:11] Francois: At W3C you mean? Yes. we, we've tried, I mean, it's not for lack of trying. Um, uh, we've had a number of discussions with, uh, various stakeholders saying, Hey, we, we really need, an audio or video code for our, for the web. the, uh, png PNG is an example of a, um, an image format which got standardized at W3C and it got standardized at W3C similar reasons. There had to be a royalty free image format for the web, and there was none at the time. of course, nowadays, uh, jpeg, uh, and gif or gif, whatever you call it, are well, you know, no problem with them. But, uh, um, that at the time P PNG was really, uh, meant to address this issue and it worked for PNG for audio and video. [00:37:01] Francois: We haven't managed to secure, commitments by stakeholders. So willingness to do it, so it's not, it's not lack of willingness. We would've loved to, uh, get, uh, a royalty free, uh, audio codec, a royalty free video codec again, audio and video code are extremely complicated because of this. [00:37:20] Francois: not only because of patterns, but also because of the entire business ecosystem that exists around them for good reasons. You, in order for a, a codec to be supported, deployed, effective, it really needs, uh, it needs to mature a lot. It needs to, be, uh, added to at a hardware level, to a number of devices, capturing devices, but also, um, uh, uh, of course players. [00:37:46] Francois: And that takes a hell of a lot of time and that's why you also enter a number of business considerations with business contracts between entities. so I'm personally, on a personal level, I'm, I'm pleased to see, for example, the Alliance for Open Media working on, uh, uh, AV1, uh, which is. At least they, uh, they wanted to be royalty free and they've been adopting actually the W3C patent policy to do this work. [00:38:11] Francois: So, uh, we're pleased to see that, you know, they've been adopting the same process and same thing. AV1 is not yet at the same, support stage, as other, codecs, in the world Yeah, I mean in devices. There's an open question as what, what are we going to do, uh, in the future uh, with that, it's, it's, it's doubtful that, uh, the W3C will be able to work on a, on a royalty free audio, codec or royalty free video codec itself because, uh, probably it's too late now in any case. [00:38:43] Francois: but It's one of these angles in the, in the web platform where we wish we had the, uh, the technology available for, for free. And, uh, it's not exactly, uh, how things work in practice.I mean, the way codecs are developed remains really patent oriented. [00:38:57] Francois: and you will find more codecs being developed. and that's where geopolitics can even enter the, the, uh, the play. Because, uh, if you go to China, you will find new codecs emerging, uh, that get developed within China also, because, the other codecs come mostly from the US so it's a bit of a problem and so on. [00:39:17] Francois: I'm not going to enter details and uh, I would probably say stupid things in any case. Uh, but that, uh, so we continue to see, uh, emerging codecs that are not royalty free, and it's probably going to remain the case for a number of years. unfortunately, unfortunately, from a W3C perspective and my perspective of course. [00:39:38] Jeremy: There's always these new, formats coming out and the, rate at which they get supported in the browser, even on a per browser basis is, is very, there can be a long time between, for example, WebP being released and a browser supporting it. So, seems like maybe we're gonna be in that situation for a while where the codecs will come out and maybe the browsers will support them. Maybe they won't, but the, the timeline is very uncertain. Digital Rights Management (DRM) and Media Source Extensions [00:40:08] Jeremy: Something you had, mentioned, maybe this was in your, email to me earlier, but you had mentioned that some of these specifications, there's, there's business considerations like with, digital rights management and, media source extensions. I wonder if you could talk a little bit about maybe what media source extensions is and encrypted media extensions and, and what the, the considerations or challenges are there. [00:40:33] Francois: I'm going to go very, very quickly over the history of a, video and audio support on the web. Initially it was supported through plugins. you are maybe too young to, remember that. But, uh, we had extensions, added to, uh, a realplayer. [00:40:46] Francois: This kind of things flash as well, uh, supporting, uh, uh, videos, in web pages, but it was not provided by the web browsers themselves. Uh, then HTML5 changed the, the situation. Adding these new tags, audio and video, but that these tags on this, by default, support, uh, you give them a resources, a resource, like an image as it's an audio or a video file. [00:41:10] Francois: They're going to download this, uh, uh, video file or audio file, and they're going to play it. That works well. But as soon as you want to do any kind of real streaming, files are too large and to stream, to, to get, you know, to get just a single fetch on, uh, on them. So you really want to stream them chunk by chunk, and you want to adapt the resolution at which you send the stream based on real time conditions of the user's network. [00:41:37] Francois: If there's plenty of bandwidth you want to send the user, the highest possible resolution. If there's a, some kind of hiccup temporary in the, in the network, you really want to lower the resolution, and that's called adaptive streaming. And to get adaptive streaming on the web, well, there are a number of protocols that exist. [00:41:54] Francois: Same thing. Some many of them are proprietary and actually they remain proprietary, uh, to some extent. and, uh, some of them are over http and they are the ones that are primarily used in, uh, in web contexts. So DASH comes to mind, DASH for Dynamic Adaptive streaming over http. HLS is another one. Uh, initially developed by Apple, I believe, and it's, uh, HTTP live streaming probably. Exactly. And, so there are different protocols that you can, uh, you can use. Uh, so the goal was not to standardize these protocols because again, there were some proprietary aspects to them. And, uh, same thing as with codecs. [00:42:32] Francois: There was no, well, at least people wanted to have the, uh, flexibility to tweak parameters, adaptive streaming parameters the way they wanted for different scenarios. You may want to tweak the parameters differently. So they, they needed to be more flexibility on top of protocols not being truly available for use directly and for implementation directly in browsers. [00:42:53] Francois: It was also about providing applications with, uh, the flexibility they would need to tweak parameters. So media source extensions comes into play for exactly that. Media source extensions is really about you. The application fetches chunks of its audio and video stream the way it wants, and with the parameters it wants, and it adjusts whatever it wants. [00:43:15] Francois: And then it feeds that into the, uh, video or audio tag. and the browser takes care of the rest. So it's really about, doing, you know, the adaptive streaming. let applications do it, and then, uh, let the user agent, uh, the browser takes, take care of the rendering itself. That's media source extensions. [00:43:32] Francois: Initially it was pushed by, uh, Netflix. They were not the only ones of course, but there, there was a, a ma, a major, uh, proponent of this, uh, technical solution, because they wanted, uh, they, uh, they were, expanding all over the world, uh, with, uh, plenty of native, applications on all sorts of, uh, of, uh, devices. [00:43:52] Francois: And they wanted to have a way to stream content on the web as well. both for both, I guess, to expand to, um, a new, um, ecosystem, the web, uh, providing new opportunities, let's say. But at the same time also to have a fallback, in case they, because for native support on different platforms, they sometimes had to enter business agreements with, uh, you know, the hardware manufacturers, the whatever, the, uh, service provider or whatever. [00:44:19] Francois: and so that was a way to have a full back. That kind of work is more open, in case, uh, things take some time and so on. So, and they probably had other reasons. I mean, I'm not, I can't speak on behalf of Netflix, uh, on others, but they were not the only ones of course, uh, supporting this, uh, me, uh, media source extension, uh, uh, specification. [00:44:42] Francois: and that went kind of, well, I think it was creating 2011. I mean, the, the work started in 2011 and the recommendation was published in 2016, which is not too bad from a standardization perspective. It means only five years, you know, it's a very short amount of time. Encrypted Media Extensions [00:44:59] Francois: At the same time, and in parallel and complement to the media source extension specifications, uh, there was work on the encrypted media extensions, and here it was pushed by the same proponent in a way because they wanted to get premium content on the web. [00:45:14] Francois: And by premium content, you think of movies and, uh. These kind of beasts. And the problem with the, I guess the basic issue with, uh, digital asset such as movies, is that they cost hundreds of millions to produce. I mean, some cost less of course. And yet it's super easy to copy them if you have a access to the digital, uh, file. [00:45:35] Francois: You just copy and, uh, and that's it. Piracy uh, is super easy, uh, to achieve. It's illegal of course, but it's super easy to do. And so that's where the different legislations come into play with digital right management. Then the fact is most countries allow system that, can encrypt content and, uh, through what we call DRM systems. [00:45:59] Francois: so content providers, uh, the, the ones that have movies, so the studios here more, more and more, and Netflix is one, uh, one of the studios nowadays. Um, but not only, not only them all major studios will, uh, would, uh, push for, wanted to have something that would allow them to stream encrypted content, encrypted audio and video, uh, mostly video, to, uh, to web applications so that, uh, you. [00:46:25] Francois: Provide the movies, otherwise, they, they are just basically saying, and sorry, but, uh, this premium content will never make it to the web because there's no way we're gonna, uh, send it in clear, to, uh, to the end user. So Encrypting media extensions is, uh, is an API that allows to interface with, uh, what's called the content decryption module, CDM, uh, which itself interacts with, uh, the DR DRM systems that, uh, the browser may, may or may not support. [00:46:52] Francois: And so it provides a way for an application to receive encrypted content, pass it over get the, the, the right keys, the right license keys from a whatever system actually. Pass that logic over to the, and to the user agent, which passes, passes it over to, uh, the CDM system, which is kind of black box in, uh, that does its magic to get the right, uh, decryption key and then the, and to decrypt the content that can be rendered. [00:47:21] Francois: The encrypted media extensions triggered a, a hell of a lot of, uh, controversy. because it's DRM and DRM systems, uh, many people, uh, uh, things should be banned, uh, especially on the web because the, the premise of the web is that the, the user has trusts, a user agent. The, the web browser is called the user agent in all our, all our specifications. [00:47:44] Francois: And that's, uh, that's the trust relationship. And then they interact with a, a content provider. And so whatever they do with the content is their, I guess, actually their problem. And DRM introduces a third party, which is, uh, there's, uh, the, the end user no longer has the control on the content. [00:48:03] Francois: It has to rely on something else that, Restricts what it can achieve with the content. So it's, uh, it's not only a trust relationship with its, uh, user agents, it's also with, uh, with something else, which is the content provider, uh, in the end, the one that has the, uh, the license where provides the license. [00:48:22] Francois: And so that's, that triggers, uh, a hell of a lot of, uh, of discussions in the W3C degenerated, uh, uh, into, uh, formal objections being raised against the specification. and that escalated to, to the, I mean, at all leverage it. It's, it's the, the story in, uh, W3C that, um, really, uh, divided the membership into, opposed camps in a way, if you, that's was not only year, it was not really 50 50 in the sense that not just a huge fights, but the, that's, that triggered a hell of a lot of discussions and a lot of, a lot of, uh, of formal objections at the time. [00:49:00] Francois: Uh, we were still, From a governance perspective, interestingly, um, the W3C used to be a dictatorship. It's not how you should formulate it, of course, and I hope it's not going to be public, this podcast. Uh, but the, uh, it was a benevolent dictatorship. You could see it this way in the sense that, uh, the whole process escalated to one single person was, Tim Burners Lee, who had the final say, on when, when none of the other layers, had managed to catch and to resolve, a conflict. [00:49:32] Francois: Uh, that has hardly ever happened in, uh, the history of the W3C, but that happened to the two for EME, for encrypted media extensions. It had to go to the, uh, director level who, uh, after due consideration, uh, decided to, allow the EME to proceed. and that's why we have a, an EME, uh, uh, standard right now, but still re it remains something on the side. [00:49:56] Francois: EME we're still, uh, it's still in the scope of the media working group, for example. but the scope, if you look at the charter of the working group, we try to scope the, the, the, the, the updates we can make to the specification, uh, to make sure that we don't reopen, reopen, uh, a can of worms, because, well, it's really a, a topic that triggers friction for good and bad reasons again. [00:50:20] Jeremy: And when you talk about the media source extensions, that is the ability to write custom code to stream video in whatever way you want. You mentioned, the MPEG-DASH and http live streaming. So in that case, would that be the developer gets to write that code in JavaScript that's executed by the browser? [00:50:43] Francois: Yep, that's, uh, that would be it. and then typically, I guess the approach nowadays is more and more to develop low level APIs into W3C or web in, in general, I guess. And to let, uh. Libraries emerge that are going to make lives of a, a developer, uh, easier. So for MPEG DASH, we have the DASH.js, which does a fantastic job at, uh, at implementing the complexity of, uh, of adaptive streaming. [00:51:13] Francois: And you just, you just hook it into your, your workflow. And that's, uh, and that's it. Encrypted Media Extensions are closed source [00:51:20] Jeremy: And with the encrypted media extensions I'm trying to picture how those work and how they work differently. [00:51:28] Francois: Well, it's because the, the, the, the key architecture is that the, the stream that you, the stream that you may assemble with a media source extensions, for example. 'cause typically they, they're used in collaboration. When you hook the, hook it into the video tag, you also. Call EME and actually the stream goes to EME. [00:51:49] Francois: And when it goes to EME, actually the user agent hands the encrypted stream. You're still encrypted at this time. Uh, encrypted, uh, stream goes to the CDM content decryption module, and that's a black box well, it has some black, black, uh, black box logic. So it's not, uh, even if you look at the chromium source code, for example, you won't see the implementation of the CDM because it's a, it's a black box, so it's not part of the browser se it's a sand, it's sandboxed, it's execution sandbox. [00:52:17] Francois: That's, uh, the, the EME is kind of unique in, in this way where the, the CDM is not allowed to make network requests, for example, again, for privacy reasons. so anyway, the, the CDM box has the logic to decrypt the content and it hands it over, and then it depends, it depends on the level of protection you. [00:52:37] Francois: You need or that the system supports. It can be against software based protection, in which case actually, a highly motivated, uh, uh, uh, attacker could, uh, actually get access to the decoded stream, or it can be more hardware protected, in which case actually the, it goes to the, uh, to your final screen. [00:52:58] Francois: But it goes, it, it goes through the hardware in a, in a mode that the US supports in a mode that even the user agent doesn't have access to it. So it doesn't, it can't even see the pixels that, uh, gets rendered on the screen. There are, uh, several other, uh, APIs that you could use, for example, to take a screenshot of your, of your application and so on. [00:53:16] Francois: And you cannot apply them to, uh, such content because they're just gonna return a black box. again, because the user agent itself does not see the, uh, the pixels, which is exactly what you want with encrypted content. [00:53:29] Jeremy: And the, the content decryption module, it's, if I understand correctly, it's something that's shipped with the browsers, but you were saying is if you were to look at the public source code of Chromium or of Firefox, you would not see that implementation. Content Decryption Module (Widevine, PlayReady) [00:53:47] Francois: True. I mean, the, the, um, the typical examples are, uh, uh, widevine, so wide Vine. So interestingly, uh, speaking in theory, these, uh, systems could have been provided by anyone in practice. They've been provided by the browser vendors themselves. So Google has Wide Vine. Uh, Microsoft has something called PlayReady. Apple uh, the name, uh, escapes my, uh, sorry. They don't have it on top of my mind. So they, that's basically what they support. So they, they also own that code, but in a way they don't have to. And Firefox actually, uh, they, uh, don't, don't remember which one, they support among these three. but, uh, they, they don't own that code typically. [00:54:29] Francois: They provide a wrapper around, around it. Yeah, that's, that's exactly the, the crux of the, uh, issue that, people have with, uh, with DRMs, right? It's, uh, the fact that, uh, suddenly you have a bit of code running there that is, uh, that, okay, you can send box, but, uh, you cannot inspect and you don't have, uh, access to its, uh, source code. [00:54:52] Jeremy: That's interesting. So the, almost the entire browser is open source, but if you wanna watch a Netflix movie for example, then you, you need to, run this, this CDM, in addition to just the browser code. I, I think, you know, we've kind of covered a lot. Documenting what's available in browsers for developers [00:55:13] Jeremy: I wonder if there's any other examples or anything else you thought would be important to mention in, in the context of the W3C. [00:55:23] Francois: There, there's one thing which, uh, relates to, uh, activities I'm doing also at W3C. Um. Here, we've been talking a lot about, uh, standards and, implementations in browsers, but there's also, uh, adoption of these browser, of these technology standards by developers in general and making sure that developers are aware of what exists, making sure that they understand what exists and one of the, key pain points that people, uh. [00:55:54] Francois: Uh, keep raising on, uh, the web platform is first. Well, the, the, the web platform is unique in the sense that there are different implementations. I mean, if you, [00:56:03] Francois: Uh, anyway, there are different, uh, context, different run times where there, there's just one provided by the company that owns the, uh, the, the, the system. The web platform is implemented by different, uh, organizations. and so you end up the system where no one, there's what's in the specs is not necessarily supported. [00:56:22] Francois: And of course, MDN tries, uh, to document what's what's supported, uh, thoroughly. But for MDN to work, there's a hell of a lot of needs for data that, tracks browser support. And this, uh, this data is typically in a project called the Browser Compat Data, BCD owned by, uh, MDN as well. But, the Open Web Docs collective is a, uh, is, uh, the one, maintaining that, uh, that data under the hoods. [00:56:50] Francois: anyway, all of that to say that, uh, to make sure that, we track things beyond work on technical specifications, because if you look at it from W3C perspective, life ends when the spec reaches standards, uh, you know, candidate rec or rec, you could just say, oh, done with my work. but that's not how things work. [00:57:10] Francois: There's always, you need the feedback loop and, in order to make sure that developers get the information and can provide the, the feedback that standardization can benefit from and browser vendors can benefit from. We've been working on a project called web Features with browser vendors mainly, and, uh, a few of the folks and MDN and can I use and different, uh, different people, to catalog, the web in terms of features that speak to developers and from that catalog. [00:57:40] Francois: So it's a set of, uh, it's a set of, uh, feature IDs with a feature name and feature description that say, you know, this is how developers would, uh, understand, uh, instead of going too fine grained in terms of, uh, there's this one function call that does this because that's where you, the, the kind of support data you may get from browser data and MDN initially, and having some kind of a coarser grained, uh, structure that says these are the, features that make sense. [00:58:09] Francois: They talk to developers. That's what developers talk about, and that's the info. So the, we need to have data on these particular features because that's how developers are going approach the specs. Uh. and from that we've derived the notion of baseline badges that you have, uh, are now, uh, shown on MDN on can I use and integrated in, uh, IDE tool, IDE Tools such as visual, visual studio, and, uh, uh, libraries, uh, linked, some linters have started to, um, to integrate that data. [00:58:41] Francois: Uh, so, the way it works is, uh, we've been mapping these coarser grained features to BCDs finer grained support data, and from there we've been deriving a kind of a, a batch that says, yeah, this, this feature is implemented well, has limited availability because it's only implemented in one or two browsers, for example. [00:59:07] Francois: It's, newly available because. It was implemented. It's been, it's implemented across the main browser vendor, um, across the main browsers that people use. But it's recent, and widely available, which we try to, uh, well, there's been lots of discussion in the, in the group to, uh, come up with a definition which essentially ends up being 30 months after, a feature become, became newly available. [00:59:34] Francois: And that's when, that's the time it takes for the, for the versions of the, the different versions of the browser to propagate. Uh, because you, it's not because there's a new version of a, of a browser that, uh, people just, Ima immediately, uh, get it. So it takes a while, to propagate, uh, across the, uh, the, the user, uh, user base. [00:59:56] Francois: And so the, the goal is to have a, a, a signal that. Developers can rely on saying, okay, well it's widely available so I can really use that feature. And of course, if that doesn't work, then we need to know about it. And so we are also working with, uh, people doing so developer surveys such as state of, uh, CSS, state of HTML, state of JavaScript. [01:00:15] Francois: That's I guess, the main ones. But also we are also running, uh, MDN short surveys with the MDN people to gather feedback on. On the, on these same features, and to feed the loop and to, uh, to complete the loop. and these data is also used by, internally, by browser vendors to inform, prioritization process, their prioritization process, and typically as part of the interop project that they're also running, uh, on the site [01:00:43] Francois: So a, a number of different, I've mentioned, uh, I guess a number of different projects, uh, coming along together. But that's the goal is to create links, across all of these, um, uh, ongoing projects with a view to integrating developers, more, and gathering feedback as early as possible and inform decision. [01:01:04] Francois: We take at the standardization level that can affect the, the lives of the developers and making sure that it's, uh, it affects them in a, in a positive way. [01:01:14] Jeremy: just trying to understand, 'cause you had mentioned that there's the web features and the baseline, and I was, I was trying to picture where developers would actually, um, see these things. And it sounds like from what you're saying is W3C comes up with what stage some of these features are at, and then developers would end up seeing it on MDN or, or some other site. [01:01:37] Francois: So, uh, I'm working on it, but that doesn't mean it's a W3C thing. It's a, it's a, again, it's a, we have different types of group. It's a community group, so it's the Web DX Community group at W3C, which means it's a community owned thing. so that's why I'm mentioning a working with a representative from, and people from MDN people, from open Web docs. [01:02:05] Francois: so that's the first point. The second point is, so it's, indeed this data is now being integrated. If you, and you look, uh, you'll, you'll see it in on top of the MDN pages on most of them. If you look at, uh, any kind of feature, you'll see a, a few logos, uh, a baseline banner. and then can I use, it's the same thing. [01:02:24] Francois: You're going to get a baseline, banner. It's more on, can I use, and it's meant to capture the fact that the feature is widely available or if you may need to pay attention to it. Of course, it's a simplification, and the goal is not to the way it's, the way the messaging is done to developers is meant to capture the fact that, they may want to look, uh, into more than just this, baseline status, because. [01:02:54] Francois: If you take a look at web platform tests, for example, and if you were to base your assessment of whether a feature is supported based on test results, you'll end up saying the web platform has no supported technology because there are absolutely no API that, uh, where browsers pass 100% of the, of the, of the test suite. [01:03:18] Francois: There may be a few of them, I don't know. But, there's a simplification in the, in the process when a feature is, uh, set to be baseline, there may be more things to look at nevertheless, but it's meant to provide a signal that, uh, still developers can rely on their day-to-day, uh, lives. [01:03:36] Francois: if they use the, the feature, let's say, as a reasonably intended and not, uh, using to advance the logic. [01:03:48] Jeremy: I see. Yeah. I'm looking at one of the pages on MDN right now, and I can see at the top there's the, the baseline and it, it mentions that this feature works across many browsers and devices, and then they say how long it's been available. And so that's a way that people at a glance can, can tell, which APIs they can use. [01:04:08] Francois: it also started, uh, out of a desire to summarize this, uh, browser compatibility table that you see at the end of the page of the, the bottom of the page in on MDN. but there are where developers were saying, well, it's, it's fine, but it's, it goes too much into detail. So we don't know in the end, can we, can we use that feature or can we, can we not use that feature? [01:04:28] Francois: So it's meant as a informed summary of, uh, of, of that it relies on the same data again. and more importantly, we're beyond MDN, we're working with tools providers to integrate that as well. So I mentioned the, uh, visual Studio is one of them. So recently they shipped a new version where when you use a feature, you can, you can have some contextual, uh. [01:04:53] Francois: A menu that tells you, yeah, uh, that's fine. You, this CSS property, you can, you can use it, it's widely available or be aware this one is limited Availability only, availability only available in Firefox or, or Chrome or Safari work kit, whatever. [01:05:08] Jeremy: I think that's a good place to wrap it up, if people want to learn more about the work you're doing or learn more about sort of this whole recommendations process, where, where should they head? [01:05:23] Francois: Generally speaking, we're extremely open to, uh, people contributing to the W3C. and where should they go if they, it depends on what they want. So I guess the, the in usually where, how things start for someone getting involved in the W3C is that they have some

This week Microsoft Open Sources one of its oldest codebases, Firefox is blitzing its codebase, and Apache (the name) is no more. Pipewire, CUPS, and Fwupd all ships updates. Bcachefs's future is a bit uncertain, and VDPAU is certainly out of Mesa. For tips we have default handling with wpctl, server management with ansible, and Wine performance with ntsync. You can find the show notes at https://bit.ly/3K26caz and See you next week! Host: Jonathan Bennett Co-Hosts: Rob Campbell and Ken McDonald Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

African Enterprise is a Christian organization that has been working in Africa for nearly 60 years, with a focus on evangelism, youth empowerment, and community development. Today on The Evangelism Podcast, Zweli Sokhela, an evangelist from South Africa, shared his personal testimony of how he came to know Jesus and became involved with African Enterprise's Foxfire program, which trains and empowers young people to share the gospel through various creative means such as music, drama, and storytelling.

The first race carrying points toward qualifying for Kentucky Derby 2026 arrives this weekend, and it is the focus of the Ron Flatter Racing Pod. TV analyst Kaitlin Free offers a preview of Saturday's Grade 3 Iroquois Stakes at Churchill Downs and the context it has not only for next year's Triple Crown series but the final four months of the 2025 racing season. Eddie Kenneally trains Comport, the morning-line favorite for the Iroquois. He is at the Keeneland September yearling sale, which is where he identified the colt around this time last year. Handicapper Ed DeRosa has tips for the Iroquois as well as Saturday's Pocahontas (G3), the first points race for the Kentucky Oaks (G1), and the Woodbine Mile (G1).  Co-hosts John Cherwa of the Los Angeles Times and Keith Nelson of Fairmount Park join in the reading of feedback from listeners and readers. The Ron Flatter Racing Pod via Horse Racing Nation is available via free subscription from Apple, Firefox, iHeart and Spotify as well as HorseRacingNation.com.

Windows 11 • Patch Tuesday arrives with several new features for all Windows 11 users • A few new features added for Copilot+ PCs • This may be the last cumulative update before 25H2 Windows Insider • New Canary build includes features we've seen before • Copilot+ PCs bring Windows Studio Effects to secondary cameras in Dev and Beta channels Hardware • 40-year Intel veteran now leads PC chips business • Paul's continued criticism of Lunar Lake problems • Lenovo's three IFA concept devices should become shipping products Apps • Atlassian acquires The Browser Company, potentially threatening the Dia browser Microsoft • Microsoft mandates employees return to office three days per week • Microsoft accused of "gross cybersecurity negligence" Dev • Microsoft open sources 6502 BASIC • First Visual Studio 2026 preview now available • Individual developers can register for Microsoft Store for free Mobile • Google ships Android 16 QPR1 with Material 3 Expressive on Pixel devices plus September Pixel Drop • Apple announces iPhone 17 lineup, iPhone Air, AirPods Pro 3, and new Apple Watches • Comparison of OS updating styles between Apple, Google, and Microsoft and their impact on hardware upgrades AI • Microsoft to pay almost $20 billion for third-party AI infrastructure • Microsoft may turn to Anthropic for Office apps • Anthropic settles with book authors, then judge rejects the settlement (Apple faces similar lawsuit) • Google details all Gemini tier offerings • Firefox will use Apple Intelligence on iPhones with iOS 26 Xbox and Games • Lenovo Legion Go 2 coming in October with new Xbox Ally OS in early 2026 • Xbox to announce games at Tokyo Game Show on September 25 • Xbox Cloud Gaming coming to select cars • PlayStation 6 will be modular Tips and Picks • Something to read: iWar by Tim Higgins • Something to watch: New Dave Plumber interview on YouTube • Something to get for free: Microsoft 365 free for US students for one year • Something to plan for: Proton offers emergency access on accounts • RunAs Radio this week: Training for AI with Stephanie Donahue • Brown liquor pick of the week: Boplaas 8 Single Grain Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit bitwarden.com/twit

Windows 11 just dropped one of its biggest updates yet, but new features and relentless AI integrations are making right-click menus bigger—and more confusing—than ever. Is Windows getting better, or just busier? Windows 11 • Patch Tuesday arrives with several new features for all Windows 11 users • A few new features added for Copilot+ PCs • This may be the last cumulative update before 25H2 Windows Insider • New Canary build includes features we've seen before • Copilot+ PCs bring Windows Studio Effects to secondary cameras in Dev and Beta channels Hardware • 40-year Intel veteran now leads PC chips business • Paul's continued criticism of Lunar Lake problems • Lenovo's three IFA concept devices should become shipping products Apps • Atlassian acquires The Browser Company, potentially threatening the Dia browser Microsoft • Microsoft mandates employees return to office three days per week • Microsoft accused of "gross cybersecurity negligence" Dev • Microsoft open sources 6502 BASIC • First Visual Studio 2026 preview now available • Individual developers can register for Microsoft Store for free Mobile • Google ships Android 16 QPR1 with Material 3 Expressive on Pixel devices plus September Pixel Drop • Apple announces iPhone 17 lineup, iPhone Air, AirPods Pro 3, and new Apple Watches • Comparison of OS updating styles between Apple, Google, and Microsoft and their impact on hardware upgrades AI • Microsoft to pay almost $20 billion for third-party AI infrastructure • Microsoft may turn to Anthropic for Office apps • Anthropic settles with book authors, then judge rejects the settlement (Apple faces similar lawsuit) • Google details all Gemini tier offerings • Firefox will use Apple Intelligence on iPhones with iOS 26 Xbox and Games • Lenovo Legion Go 2 coming in October with new Xbox Ally OS in early 2026 • Xbox to announce games at Tokyo Game Show on September 25 • Xbox Cloud Gaming coming to select cars • PlayStation 6 will be modular Tips and Picks • Something to read: iWar by Tim Higgins • Something to watch: New Dave Plumber interview on YouTube • Something to get for free: Microsoft 365 free for US students for one year • Something to plan for: Proton offers emergency access on accounts • RunAs Radio this week: Training for AI with Stephanie Donahue • Brown liquor pick of the week: Boplaas 8 Single Grain Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit bitwarden.com/twit

Windows 11 just dropped one of its biggest updates yet, but new features and relentless AI integrations are making right-click menus bigger—and more confusing—than ever. Is Windows getting better, or just busier? Windows 11 • Patch Tuesday arrives with several new features for all Windows 11 users • A few new features added for Copilot+ PCs • This may be the last cumulative update before 25H2 Windows Insider • New Canary build includes features we've seen before • Copilot+ PCs bring Windows Studio Effects to secondary cameras in Dev and Beta channels Hardware • 40-year Intel veteran now leads PC chips business • Paul's continued criticism of Lunar Lake problems • Lenovo's three IFA concept devices should become shipping products Apps • Atlassian acquires The Browser Company, potentially threatening the Dia browser Microsoft • Microsoft mandates employees return to office three days per week • Microsoft accused of "gross cybersecurity negligence" Dev • Microsoft open sources 6502 BASIC • First Visual Studio 2026 preview now available • Individual developers can register for Microsoft Store for free Mobile • Google ships Android 16 QPR1 with Material 3 Expressive on Pixel devices plus September Pixel Drop • Apple announces iPhone 17 lineup, iPhone Air, AirPods Pro 3, and new Apple Watches • Comparison of OS updating styles between Apple, Google, and Microsoft and their impact on hardware upgrades AI • Microsoft to pay almost $20 billion for third-party AI infrastructure • Microsoft may turn to Anthropic for Office apps • Anthropic settles with book authors, then judge rejects the settlement (Apple faces similar lawsuit) • Google details all Gemini tier offerings • Firefox will use Apple Intelligence on iPhones with iOS 26 Xbox and Games • Lenovo Legion Go 2 coming in October with new Xbox Ally OS in early 2026 • Xbox to announce games at Tokyo Game Show on September 25 • Xbox Cloud Gaming coming to select cars • PlayStation 6 will be modular Tips and Picks • Something to read: iWar by Tim Higgins • Something to watch: New Dave Plumber interview on YouTube • Something to get for free: Microsoft 365 free for US students for one year • Something to plan for: Proton offers emergency access on accounts • RunAs Radio this week: Training for AI with Stephanie Donahue • Brown liquor pick of the week: Boplaas 8 Single Grain Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit bitwarden.com/twit

Windows 11 • Patch Tuesday arrives with several new features for all Windows 11 users • A few new features added for Copilot+ PCs • This may be the last cumulative update before 25H2 Windows Insider • New Canary build includes features we've seen before • Copilot+ PCs bring Windows Studio Effects to secondary cameras in Dev and Beta channels Hardware • 40-year Intel veteran now leads PC chips business • Paul's continued criticism of Lunar Lake problems • Lenovo's three IFA concept devices should become shipping products Apps • Atlassian acquires The Browser Company, potentially threatening the Dia browser Microsoft • Microsoft mandates employees return to office three days per week • Microsoft accused of "gross cybersecurity negligence" Dev • Microsoft open sources 6502 BASIC • First Visual Studio 2026 preview now available • Individual developers can register for Microsoft Store for free Mobile • Google ships Android 16 QPR1 with Material 3 Expressive on Pixel devices plus September Pixel Drop • Apple announces iPhone 17 lineup, iPhone Air, AirPods Pro 3, and new Apple Watches • Comparison of OS updating styles between Apple, Google, and Microsoft and their impact on hardware upgrades AI • Microsoft to pay almost $20 billion for third-party AI infrastructure • Microsoft may turn to Anthropic for Office apps • Anthropic settles with book authors, then judge rejects the settlement (Apple faces similar lawsuit) • Google details all Gemini tier offerings • Firefox will use Apple Intelligence on iPhones with iOS 26 Xbox and Games • Lenovo Legion Go 2 coming in October with new Xbox Ally OS in early 2026 • Xbox to announce games at Tokyo Game Show on September 25 • Xbox Cloud Gaming coming to select cars • PlayStation 6 will be modular Tips and Picks • Something to read: iWar by Tim Higgins • Something to watch: New Dave Plumber interview on YouTube • Something to get for free: Microsoft 365 free for US students for one year • Something to plan for: Proton offers emergency access on accounts • RunAs Radio this week: Training for AI with Stephanie Donahue • Brown liquor pick of the week: Boplaas 8 Single Grain Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit bitwarden.com/twit

Windows 11 just dropped one of its biggest updates yet, but new features and relentless AI integrations are making right-click menus bigger—and more confusing—than ever. Is Windows getting better, or just busier? Windows 11 • Patch Tuesday arrives with several new features for all Windows 11 users • A few new features added for Copilot+ PCs • This may be the last cumulative update before 25H2 Windows Insider • New Canary build includes features we've seen before • Copilot+ PCs bring Windows Studio Effects to secondary cameras in Dev and Beta channels Hardware • 40-year Intel veteran now leads PC chips business • Paul's continued criticism of Lunar Lake problems • Lenovo's three IFA concept devices should become shipping products Apps • Atlassian acquires The Browser Company, potentially threatening the Dia browser Microsoft • Microsoft mandates employees return to office three days per week • Microsoft accused of "gross cybersecurity negligence" Dev • Microsoft open sources 6502 BASIC • First Visual Studio 2026 preview now available • Individual developers can register for Microsoft Store for free Mobile • Google ships Android 16 QPR1 with Material 3 Expressive on Pixel devices plus September Pixel Drop • Apple announces iPhone 17 lineup, iPhone Air, AirPods Pro 3, and new Apple Watches • Comparison of OS updating styles between Apple, Google, and Microsoft and their impact on hardware upgrades AI • Microsoft to pay almost $20 billion for third-party AI infrastructure • Microsoft may turn to Anthropic for Office apps • Anthropic settles with book authors, then judge rejects the settlement (Apple faces similar lawsuit) • Google details all Gemini tier offerings • Firefox will use Apple Intelligence on iPhones with iOS 26 Xbox and Games • Lenovo Legion Go 2 coming in October with new Xbox Ally OS in early 2026 • Xbox to announce games at Tokyo Game Show on September 25 • Xbox Cloud Gaming coming to select cars • PlayStation 6 will be modular Tips and Picks • Something to read: iWar by Tim Higgins • Something to watch: New Dave Plumber interview on YouTube • Something to get for free: Microsoft 365 free for US students for one year • Something to plan for: Proton offers emergency access on accounts • RunAs Radio this week: Training for AI with Stephanie Donahue • Brown liquor pick of the week: Boplaas 8 Single Grain Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit bitwarden.com/twit

Windows 11 just dropped one of its biggest updates yet, but new features and relentless AI integrations are making right-click menus bigger—and more confusing—than ever. Is Windows getting better, or just busier? Windows 11 • Patch Tuesday arrives with several new features for all Windows 11 users • A few new features added for Copilot+ PCs • This may be the last cumulative update before 25H2 Windows Insider • New Canary build includes features we've seen before • Copilot+ PCs bring Windows Studio Effects to secondary cameras in Dev and Beta channels Hardware • 40-year Intel veteran now leads PC chips business • Paul's continued criticism of Lunar Lake problems • Lenovo's three IFA concept devices should become shipping products Apps • Atlassian acquires The Browser Company, potentially threatening the Dia browser Microsoft • Microsoft mandates employees return to office three days per week • Microsoft accused of "gross cybersecurity negligence" Dev • Microsoft open sources 6502 BASIC • First Visual Studio 2026 preview now available • Individual developers can register for Microsoft Store for free Mobile • Google ships Android 16 QPR1 with Material 3 Expressive on Pixel devices plus September Pixel Drop • Apple announces iPhone 17 lineup, iPhone Air, AirPods Pro 3, and new Apple Watches • Comparison of OS updating styles between Apple, Google, and Microsoft and their impact on hardware upgrades AI • Microsoft to pay almost $20 billion for third-party AI infrastructure • Microsoft may turn to Anthropic for Office apps • Anthropic settles with book authors, then judge rejects the settlement (Apple faces similar lawsuit) • Google details all Gemini tier offerings • Firefox will use Apple Intelligence on iPhones with iOS 26 Xbox and Games • Lenovo Legion Go 2 coming in October with new Xbox Ally OS in early 2026 • Xbox to announce games at Tokyo Game Show on September 25 • Xbox Cloud Gaming coming to select cars • PlayStation 6 will be modular Tips and Picks • Something to read: iWar by Tim Higgins • Something to watch: New Dave Plumber interview on YouTube • Something to get for free: Microsoft 365 free for US students for one year • Something to plan for: Proton offers emergency access on accounts • RunAs Radio this week: Training for AI with Stephanie Donahue • Brown liquor pick of the week: Boplaas 8 Single Grain Whisky Hosts: Leo Laporte, Paul Thurrott, and Richard Campbell Download or subscribe to Windows Weekly at https://twit.tv/shows/windows-weekly Check out Paul's blog at thurrott.com The Windows Weekly theme music is courtesy of Carl Franklin. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: helixsleep.com/twit bitwarden.com/twit

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Firefox finally pulls the plug on 32-bit support, Raspberry Pi announces a 1TB SSD, lossless audio over WiFi with JackTrip, and dispelling some popular Linux myths.

Is the U.S. on the verge of legalizing "hack back" missions, turning private companies into sanctioned cyber warriors? Steve and Leo unpack Google's plan for a cyber disruption unit and why the lines between defense and digital retaliation are suddenly blurring. My experience with 'X' vs email. Google TIG blackmailed to fire two security researchers. 1.1.1.1 DNS TLS certificate mis-issued. Artists blackmailed with threats of training AI on their art. Firefox extended end-of-life for Windows 7 to next March. Is the renewal of cybersecurity info sharing coming soon. Should security analysis be censored due to vibe-coding. UK versus Apple may not be settled after all. Another very serious supply chain attack. Can the software supply-chain ever be trustworthy. Why did BYTE Magazine die. What happens if Google and others go on the attack Show Notes - https://www.grc.com/sn/SN-1042-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: uscloud.com canary.tools/twit - use code: TWIT bigid.com/securitynow zscaler.com/security expressvpn.com/securitynow

Ubuntu 25.10 has a release date and Rust Coreutils still looks good. Pop OS 24.04 is finally almost ready, Kazeta brings back the game carts, and Arch Linux is still under attack. Torvalds takes out the Trash, Firefox has announced the end of 32, and KDE is nearing an exciting 6.5. For tips we have wpctl set-default for controlling WirePlumber defaults, Feral's gamemode for optimized game performance, and strings for pulling ASCII strings out of binaries. You can find the show notes at https://bit.ly/4g88VLk and have a great week! Host: Jonathan Bennett Co-Hosts: Jeff Massie and Ken McDonald Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

The boys are back! With a new format, now 100% more news. This week we talk about Google's court win, Linus and bcachefs, and more. ==== Special Thanks to Our Patrons! ==== https://thelinuxcast.org/patrons/ ===== Follow us

The climactic weekend on the turf at Kentucky Downs is the focus this week of the Ron Flatter Racing Pod. Trainer Brendan Walsh has four horses in the multimillion-dollar weekend stakes. He discusses Spanish Eyes, New Century, Pondering and Z Z's and their strategies this weekend. Walsh also talks about Special Wan, who won for him at Kentucky Downs last Saturday in the Grade 3 Ladies Turf, and a couple of his standout 3-year-olds. Dr. Ronald Tang, the California oncologist who won last year's King of the Turf handicapping contest at Kentucky Downs, shares his basics for betting the boutique, all-turf meet on the Tennessee border. He is asked whether he will go all in again on Grand Sonata, the defender in the Grade 2, $2.5 million Kentucky Turf Cup who was key to his contest triumph last summer. Horse Racing Nation's Mark Midland offers weekend handicapping for Kentucky Downs and Colonial Downs. Co-hosts John Cherwa of the Los Angeles Times and Keith Nelson of Fairmount Park join in the response to listener and reader feedback. The Ron Flatter Racing Pod via Horse Racing Nation is available via free subscription from Apple, Firefox, iHeart and Spotify as well as HorseRacingNation.com.

Local standouts Journalism and Nysos face eastern shipper Fierceness in the Pacific Classic at Del Mar, and Mindframe gets a high-profile rematch with Sierra Leone in the Jockey Club Gold Cup at Saratoga. These 1 1/4-mile, Grade 1, $1 million races are spotlighted this week on the Ron Flater Racing Pod. Christina Blacker of FanDuel TV provides insight on the east vs. west matchup in California. She discusses Preakness and Haskell (G1) winner Journalism's first time facing older horses like Nysos and Fierceness in their audition for the Breeders' Cup Classic over the same course and distance in a little more than two months. Co-owner Brook T. Smith talks about whether Sierra Leone can reverse the trend against Mindframe when they have their third meeting, this time at Saratoga. He also outlines plans for the 4-year-old colt between now and the Breeders' Cup as well as after the $7 million race in which Sierra Leone is the defending winner. Super Screener creator Mike Shutty checks in from his home base near Del Mar to provide handicapping advice for the big weekend races. Co-hosts John Cherwa of the Los Angeles Times and Keith Nelson of Fairmount Park join in a tribute to Secretariat's late jockey Ron Turcotte. The Ron Flatter Racing Pod via Horse Racing Nation is available via free subscription from Apple, Firefox, iHeart and Spotify as well as HorseRacingNation.com.

En este nuevo episodio de "atareao con Linux", me sumerjo en uno de mis temas favoritos: cómo optimizar nuestras herramientas de trabajo para ser más productivos. Si eres de los que vive en el terminal, con los scripts de Bash, los contenedores de Docker o los proyectos de Rust y Python, sabrás que un navegador eficiente es tan importante como un buen editor de código. Por eso, en este capítulo, vamos a vitaminar Firefox.Dejaremos atrás la experiencia de usuario predeterminada y exploraremos una configuración que realmente eleva tu productividad. Hablaremos de la solución a uno de los mayores dolores de cabeza: la gestión de pestañas. ¿Te has encontrado alguna vez con una docena de pestañas abiertas, sin poder distinguir una de la otra? La solución es simple y visualmente espectacular: pestañas verticales. Te contaré cómo implementarlas con extensiones como Sidebery y cómo usar atajos de teclado para moverte entre ellas con la velocidad de un rayo.Pero no nos quedaremos ahí. Te mostraré cómo transformar la barra lateral de Firefox en un panel de control personal. Descubrirás cómo integrar un chatbot de inteligencia artificial directamente en tu navegador, lo que te permitirá hacer preguntas, revisar código o generar texto sin perder el foco en la tarea principal. Además, aprenderás a tener a mano tu historial, tus marcadores y las pestañas abiertas en otros dispositivos, todo en un solo lugar.Para redondear la experiencia, te presentaré dos extensiones que considero imprescindibles en mi flujo de trabajo:Page Sidebar: Si necesitas comparar dos páginas web, revisar la documentación de una API o simplemente tener dos vistas en paralelo, esta extensión es la respuesta. Te permite abrir cualquier URL en la barra lateral, convirtiendo tu navegador en un espacio de trabajo de dos paneles.Tabliss: La primera impresión cuenta, y la página de nueva pestaña de Firefox no tiene por qué ser aburrida. Con Tabliss, podrás personalizarla con fondos espectaculares, un reloj minimalista y tus enlaces más importantes, convirtiendo cada nueva pestaña en una fuente de inspiración y orden.Este episodio es una guía práctica para cualquier entusiasta de Linux, el software libre, la programación o el self-hosted que quiera llevar su productividad al siguiente nivel. Hablaremos de cómo estas pequeñas configuraciones pueden marcar una gran diferencia en tu día a día, permitiéndote ser más eficiente y disfrutar más del proceso de trabajo.Recuerda que todos los enlaces y recursos mencionados en este episodio están disponibles en las notas del programa en mi blog, atareao.es.Más información y enlaces en las notas del episodio

video: https://youtu.be/vSfDyg8OxsI Comment on the TWIL Forum (https://thisweekinlinux.com/forum) This week in Linux, we've got a bunch of new releases from the super popular open source office suite LibreOffice to a couple releases from Mozilla and one of the best open source video editors has a new release with Kdenlive. We're also going to take a look back at seven years of Proton as we celebrate the current state of Linux gaming. Plus, CachyOS is currently on the rise as they just took the number one spot on DistroWatch. We'll talk about what that means and what it doesn't. All of this and more on This Week in Linux, the weekly news show that keeps you up to date with what's going on in the Linux and open source world. And we are so close to 100,000 subscribers for the channel. If you haven't subscribed yet, please do. Now, let's jump right into Your Source for Linux GNews. Download as MP3 (https://aphid.fireside.fm/d/1437767933/2389be04-5c79-485e-b1ca-3a5b2cebb006/2a839f6b-6a88-422d-b343-774a9ecd98f5.mp3) Support the Show Become a Patron = tuxdigital.com/membership (https://tuxdigital.com/membership) Store = tuxdigital.com/store (https://tuxdigital.com/store) Chapters: 00:00 Intro 01:06 LibreOffice 25.8 03:45 7 Years of Proton 06:24 CachyOS becomes #1 on DistroWatch 09:34 Sandfly Security, agentless Linux security 12:01 Firefox 142 14:03 Thunderbird 142 17:24 LibreELEC 12.2 18:51 OSMC August 2025 Update 20:49 Kdenlive 25.08 22:49 Humble Bundle Summer Sale 24:06 Arch's AUR Battles DDoS Attacks and Malware 27:08 Outro Links: LibreOffice 25.8 https://blog.documentfoundation.org/blog/2025/08/20/libreoffice-25-8/ https://wiki.documentfoundation.org/ReleaseNotes/25.8 7 Years of Proton https://www.gamingonlinux.com/2025/08/7-years-later-valves-proton-has-been-an-incredible-game-changer-for-linux/ CachyOS becomes #1 on DistroWatch https://distrowatch.com/ https://distrowatch.com/dwres.php?resource=popularity https://cachyos.org/ Sandfly Security, agentless Linux security https://thisweekinlinux.com/sandfly Firefox 142 https://www.firefox.com/en-US/firefox/142.0/releasenotes/ Thunderbird 142 https://blog.thunderbird.net/2025/08/tbpro-august-2025-update/ https://www.thunderbird.net/en-US/thunderbird/142.0/releasenotes/ LibreELEC 12.2 https://libreelec.tv/2025/08/15/libreelec-omega-12-2-0/ OSMC August 2025 Update https://osmc.tv/2025/08/osmcs-august-update-is-here-4/ Kdenlive 25.08 https://kdenlive.org/news/releases/25.08.0/ Humble Bundle Summer Sale https://humblebundleinc.sjv.io/19353m Arch's AUR Battles DDoS Attacks and Malware https://fossforce.com/2025/08/archs-aur-battles-ddos-attacks-and-persistent-malware-all-summer-so-far Support the show https://tuxdigital.com/membership https://store.tuxdigital.com/

The 156th running of the Grade 1, $1.25 million Travers Stakes at Saratoga is not only the mid-summer derby. It also is the centerpiece this week for the Ron Flatter Racing Pod. Racing analyst and TV host Andy Serling of New York Racing Association TV and Fox Sports is along to discuss the race, the Grade 1s on Saturday's card and the Saratoga summer. He also will talk about the 3-year-old male division and how the Travers could go a long way toward determining the Eclipse Award. Jockey Júnior Alvarado rides Kentucky Derby and Belmont Stakes winner Sovereignty in the Travers talks about the five-horse field this weekend and his strategy for the race. Paddock Prince handicapper David Levitch examines the Travers and has tips for other races on the Saratoga card. Co-hosts John Cherwa of the Los Angeles Times and Keith Nelson of Fairmount Park have their thoughts about the Travers as well as reaction to listener and reader feedback. The Ron Flatter Racing Pod via Horse Racing Nation is available via free subscription from Apple, Firefox, iHeart and Spotify as well as HorseRacingNation.com.

Matt & Oren discuss the feeling dogging every freelancer: "Will I ever work again?" They dig into who they recommend when they can't take an awesome job, and how that has paid it forward in good ways. Maybe it's all about who you vibe with. But what is that, exactly? And what if a brand or agency does a vibe check on you? Surprisingly, it's like a date, and more of sales pitch so be prepared!But there's a way to show up with a certain enthusiasm for a project and demonstrate a personal connection without sounding like a cold email that falls on its face. This episode is definitely worth a listen if you're trying to rack up more jobs this year!Matt's Endorsement: Deschute's Fresh Squeezed Non-Alcohoilc IPA https://deschutesbrewery.com/products/fresh-squeezed-non-alcoholicOren's Endorsement: Tab Groups in Google Chrome. R-Click on a tab > Add Tab to New Group. Also on Chromium-based browsers like Firefox and Brave. https://support.google.com/chrome/answer/2391819?hl=en&sjid=9324260012388965296-NC#zippy=%2Cgroup-your-tabs Hosted on Acast. See acast.com/privacy for more information.

Microsoft releases emergency out-of-band (OOB) Windows updates. Trump targets NSA's leading AI and cyber expert in clearance revocations. A breach may have compromised the privacy of Ohio medical marijuana patients. Cybercriminals exploit an AI website builder to rapidly create phishing sites. Warlock ransomware operators target Microsoft's SharePoint ToolShell vulnerability. Google and Mozilla patch Chrome and Firefox. European officials report two cyber incidents targeting water infrastructure. A federal appeals court has upheld fines against T-Mobile and Sprint for illegally selling customer location data. Authorities dismantle DDoS powerhouse Rapper Bot. On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, speaking about ShinyHunters and the problems with securing Salesforce. Microsoft Copilot gets creative with compliance.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Matt Radolec, VP - Incident Response, Cloud Operations, and Sales Engineering at Varonis, who is speaking about ShinyHunters and the problems with securing Salesforce. You can hear more from Matt here. Selected Reading Microsoft releases emergency updates to fix Windows recovery (Bleeping Computer) Trump Revokes Security Clearances of 37 Former and Current Officials (The New York Times) Highly Sensitive Medical Cannabis Patient Data Exposed by Unsecured Database (WIRED) AI Website Builder Lovable Abused for Phishing and Malware Scams (Hackread) Warlock Ransomware Hitting Victims Globally Through SharePoint ToolShell Exploit (InfoSecurity Magazine) High-Severity Vulnerabilities Patched in Chrome, Firefox (SecurityWeek) Russia-linked European attacks renew concerns over water cybersecurity (CSO Online) T-Mobile claimed selling location data without consent is legal, judges disagree (Ars Technica) Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator (CyberScoop) Copilot Broke Your Audit Log, but Microsoft Won't Tell You (Pistachio Blog) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Techish is taking a short summer break, but we'll be back in September! In the meantime, we've got a fantastic episode to share from our friends over at the IRL Podcast. You might remember we had IRL host Bridget Todd on Techish recently for our Falling in Love With Your AI episode. So trust us, you're gonna love this one.———————————————————— Decoding the Planet: From Whales to Whistleblowers From season eight of the IRL podcast: AI and Us.AI may be able to talk to animals, but at what cost to the planet. Who is making those decisions, and why it matters. From decoding whale language to protecting our oceans from unchecked offshore drilling, Bridget Todd talks to visionaries seeking to preserve our beautiful, fragile world. Holly Alpine left her job with Microsoft over the company's role in providing fossil fuel companies with AI tools that could accelerate their production of oil and gas. As the AI and climate lead at Hugging Face, a platform for sharing open-source AI models, Sasha Luccioni calls for more transparency from tech companies about how much energy it takes to power AI. Aza Raskin, co-founder and president of the Earth Species Project, explains why using AI to decode animal communication could be the key to protecting our planet.IRL is an original podcast from Mozilla, the non-profit behind Firefox.A Case Study In Corporate Fear"A Case Study in Corporate Fear" deconstructs how fear transforms successful...Listen on: Apple Podcasts SpotifySupport the show————————————————————Join our Patreon for extra-long episodes and ad-free content: https://www.patreon.com/techish Watch us on YouTube: https://www.youtube.com/@techishpod/Advertise on Techish: https://goo.gl/forms/MY0F79gkRG6Jp8dJ2———————————————————— Stay in touch with the hashtag #Techishhttps://www.instagram.com/techishpod/https://www.instagram.com/abadesi/https://www.instagram.com/michaelberhane_/ https://www.instagram.com/hustlecrewlive/https://www.instagram.com/pocintech/Email us at techishpod@gmail.com