15 December 2016

WebP: A new image format for the Web

WebP is a modern image format that provides superior lossless and lossy compression for images on the web. Using WebP, webmasters and web developers can create smaller, richer images that make the web faster.

WebP lossless images are 26% smaller in size compared to PNGs. WebP lossy images are 25-34% smaller than comparable JPEG images at equivalent SSIM quality index.

Lossless WebP supports transparency (also known as alpha channel) at a cost of just 22% additional bytes. For cases when lossy RGB compression is acceptable, lossy WebP also supports transparency, typically providing 3× smaller file sizes compared to PNG.


28 November 2016

GIT: Comparación de metodologías de trabajo

Traducido del documento original en inglés "Comparing Workflows." Traducción por Alejandro Egas e ideaPort LLC con autorización de Atlassian.

La variedad de posibles metodologías de trabajo hace difícil saber por dónde empezar cuando se implementa Git en el lugar de trabajo. Esta página ofrece un punto de partida revisando las metodologías de trabajo más comunes de Git para equipos al interior de empresas.

Mientras lees, ten en cuenta que estas metodologías de trabajo están diseñadas como directrices generales y no como reglas estrictas. Queremos mostrar lo que se puede hacer para que tú tomes, mezcles y acoples aspectos de distintas metodologías de trabajo adecuándolas a tus necesidades individuales.

Metodología de Trabajo Centralizada

La transición a un sistema de control de versiones distribuido puede parecer una tarea de enormes proporciones, pero no es a fuerzas necesario cambiar la metodología de trabajo ya existente para sacar provecho a Git. Tu equipo puede desarrollar sus proyectos tal como lo hace con Subversion.

Sin embargo, el uso de Git en el trabajo de desarrollo evidencia varias ventajas con respecto a SVN. La primera es que cada desarrollador recibe su propia copia local del proyecto completo. Este entorno aislado le permite a cada desarrollador trabajar independiente de todos los demás cambios que se hagan al proyecto. Pueden añadir commits a su repositorio local y olvidarse por completo lo que se esté desarrollando en el resto del proyecto hasta que les resulte conveniente.

La segunda ventaja es que Git da acceso a un robusto modelo de ramas (branchs) y fusión (merging). A diferencia de SVN, las ramas de Git están diseñadas para ser un proceso seguro para la integración de código y para compartir los cambios entre repositorios.

Cómo funciona

Al igual que en Subversion, la metodología de trabajo centralizada utiliza un repositorio central como punto de entrada único para todos los cambios del proyecto. En lugar de trunk, la rama de desarrollo por defecto se llama master, y todos los cambios son agregados como commits a esta rama. Esta metodología de trabajo no requiere de ninguna rama aparte de master.

Para empezar, los desarrolladores deben clonar el repositorio central. Luego, en sus propias copias locales del proyecto, se editan los archivos y se agregan commits tal como se hace en SVN. Sin embargo, estos nuevos cambios son guardados de manera local. Están completamente aislados del repositorio central. Esto le permite a los desarrolladores aplazar la sincronización con upstream hasta que lleguen a un punto conveniente.

Leer más...

Git: Comparing Workflows

Source: Atlassian Git Tutorials. Read it in Spanish: En español.

The array of possible workflows can make it hard to know where to begin when implementing Git in the workplace. This page provides a starting point by surveying the most common Git workflows for enterprise teams.

As you read through, remember that these workflows are designed to be guidelines rather than concrete rules. We want to show you what’s possible, so you can mix and match aspects from different workflows to suit your individual needs.

Centralized Workflow

Transitioning to a distributed version control system may seem like a daunting task, but you don’t have to change your existing workflow to take advantage of Git. Your team can develop projects in the exact same way as they do with Subversion.

However, using Git to power your development workflow presents a few advantages over SVN. First, it gives every developer their own local copy of the entire project. This isolated environment lets each developer work independently of all other changes to a project—they can add commits to their local repository and completely forget about upstream developments until it's convenient for them.

Second, it gives you access to Git’s robust branching and merging model. Unlike SVN, Git branches are designed to be a fail-safe mechanism for integrating code and sharing changes between repositories.

How It Works

Like Subversion, the Centralized Workflow uses a central repository to serve as the single point-of-entry for all changes to the project. Instead of trunk, the default development branch is called master and all changes are committed into this branch. This workflow doesn’t require any other branches besides master.

Developers start by cloning the central repository. In their own local copies of the project, they edit files and commit changes as they would with SVN; however, these new commits are stored locally—they’re completely isolated from the central repository. This lets developers defer synchronizing upstream until they’re at a convenient break point.


26 July 2016

Your wireless keyboard is giving up your secrets

Flaws in wireless keyboards let hackers snoop on everything you type

Many popular, low-cost wireless keyboards don't encrypt keystrokes.

By Zack Whittaker for Zero Day | July 26, 2016 -- 13:30 GMT (06:30 PDT) 

Source: ZDNet http://www.zdnet.com/article/millions-of-wireless-keyboards-at-risk-of-spying-by-hackers-in-new-attack/?ftag=TRE17cfd61&bhid=25967687726448640586564689554337

This nondescript USB dongle can be used to spy on wireless keyboards from hundreds of feet away. (Image: Bastille)

Your wireless keyboard is giving up your secrets -- literally.

With an antenna and wireless dongle worth a few bucks, and a few lines of Python code, a hacker can passively and covertly record everything you type on your wireless keyboard from hundreds of feet away. Usernames, passwords, credit card data, your manuscript or company's balance sheet -- whatever you're working on at the time.

It's an attack that can't be easily prevented, and one that almost nobody thought of -- except the security researchers who found it.

Security firm Bastille calls it "KeySniffer," a set of vulnerabilities in common, low-cost wireless keyboards that can allow a hacker to eavesdrop from a distance.

Here's how it works: a number of wireless keyboards use proprietary and largely unsecured and untested radio protocols to connect to a computer -- unlike Bluetooth, a known wireless standard that's been tried and tested over the years. These keyboards are always transmitting, making it easy to find and listen in from afar with the right equipment. But because these keystrokes aren't encrypted, a hacker can read anything on a person's display, and directly type on a victim's computer.

The attack is so easy to carry out that almost anyone can do it -- from petty thieves to state-actors.

Marc Newlin, a researcher at the company who was credited with finding the flaw said it was "pretty alarming" to discover.

"A hacker can 'sniff' all of the keystrokes, as well as inject their own keystrokes on the computer," he explained on the phone this week.

The researchers found that eight out of 12 keyboards from well-known vendors -- including HP, Kensington, and Toshiba -- are at risk of eavesdropping, but the list is far from exhaustive.

The scope of the problem is so large that the researchers fully expect that "millions" of devices are vulnerable to this new attack.

Worst of all? There's no fix.

"I think a lot of consumers reasonably expect that the wireless keyboard they're using won't put them at risk, but consumers might not have a high awareness of this risk," he said.

Ivan O'Sullivan, the company's chief research officer, admitted that the ease of this attack had him unsettled. "As a consumer, I expect that the keyboard that I buy won't transmit my keystrokes in plain-text."

"We were shocked. And consumers should be, too," he said.

This isn't the first time wireless devices have put their users at risk. Bastille was the company behind the now-infamous MouseJack flaw, which let hackers compromise a person's computer through their wireless mouse. Even as far back as 2010, it was known that some keyboards with weak encryption could be easily hacked.

Over half a decade later, Newlin said he was hopeful that his research will make more people aware, but he doesn't think this problem "will be resolved."

"Most of the vendors have not responded to our disclosure information," he said. "Many of the vendors haven't responded past an acknowledgement, or they haven't responded at all to our inquiries."

Though not all wireless keyboards are created equal and many are not vulnerable to the eavesdropping vulnerability, there is an easy fix to a simple problem.

"Get a wired keyboard," the researchers said.

20 July 2016

The procrastinator's guide to free Windows 10 upgrades

The year-long free upgrade offer for Windows 10 ends in a matter of days. If you're on the fence, it's decision time. Here's how to streamline the upgrade process to make it fast, simple, and nearly foolproof.

By Ed Bott for The Ed Bott Report | July 20, 2016 -- 17:39 GMT (10:39 PDT)

You have only a few days left to claim your free upgrade.

Time is running out.

If you have a PC that's currently running Windows 7 or Windows 8.1, you qualify for a free upgrade to Windows 10. But that offer ends in a little over a week, on July 29, 2016, which means it's decision time.

You can stop right here if you're certain you don't want the upgrade. Just say no to the upgrade prompt and the nagging will stop at the end of this mon you're reasonably certain you'll want to upgrade in the next year, you should claim your upgrade now, then roll back to your current operating system. (Details here.)

For those who are ready to make the leap before the closing bell rings, here's how to do it with the maximum safety and minimum hassle.

1. Create an image-based backup of your current Windows installation.

This step is optional but highly recommended. Everyone should have a full backup anyway, and this is as good an excuse as any to make that happen. Both operating systems that support the free Windows 10 upgrade include the Windows 7 Backup tool, which has this capability built in.


17 March 2016

Sticking with Windows 7? The forecast calls for pain

For small businesses and consumers without enterprise deployment tools, a clean install of the aging Windows 7 can take a full day. And the problem's getting worse. Here's why.

By Ed Bott for The Ed Bott Report | March 17, 2016

On Monday morning, I began installing Windows 7 Pro on a clean virtual machine.

On Tuesday morning, more than 24 hours later, the installation was still not finished.

That, in a nutshell, is the unpleasant reality that consumers and small businesses face in sticking with Windows 7 as it counts down to the end of support, 1398 days from today.

The biggest problem, of course, is that Microsoft released Windows 7 Service Pack 1 on February 22, 2011, more than five years ago. Despite occasional rumors and hopes, Microsoft has never released a Service Pack 2 or even a post-SP1 update rollup. Which means that if you try to do a clean install, as I did on Monday, this is what you see when you run Windows Update.

Yes, 216 Important updates are available, and you'd have to be crazy to connect to the Internet without installing those patches first.

But that's not the worst of it.

Just getting to that screen took more than eight hours, thanks to a bug that was documented last fall in Microsoft Knowledge Base article 3102810: Installing and searching for updates is slow and high CPU usage occurs in Windows 7 and Windows Server 2008 R2.

"Slow" does not even begin to describe the glacial pace at which Windows 7 works before even displaying the list of available updates.


Even then you have many hours of work ahead of you. When I started over, using that workaround, it still took nearly three and a half hours from the time I started the clean install until those 216 important updates were finished downloading and installing.

And then, after rebooting and checking Windows Update again, there were three more updates. And 26 more after the next restart, and two more after the next restart...

In all, I spent about eight hours to finish installing Windows 7 and something like 300 Important and Optional updates (I lost count, honestly). And each restart along the way demanded my manual intervention.


If I had to point to one feature in Windows 10 that makes it a slam-dunk upgrade over Windows 7, this is it. Updates are cumulative, which means that after a clean install you have to snag only one update (plus a handful of odds and ends, like the latest update for Adobe Flash). Not 216. Or 47. Or even 16

And you can reset a Windows 10 PC--keeping your data files while rebuilding the operating system in place with the latest version, followed by a single update.

And it's not going to get any easier between now and January 14, 2020, when the extended support phase finally ends. I wouldn't be surprised if the update count is up over 350 by then, with a clean install taking days.

Good luck with that.

04 February 2016

Why switch to Windows 10 or a Mac when you can use Linux Mint 17.3 instead?

Linux Mint 17.3 is the best Linux desktop operating system and it might be the best PC operating system, period, for you.

By Steven J. Vaughan-Nichols for Linux and Open Source | February 3, 2016

My buddy David Gewirtz recently wrote about the question of whether you should move from Windows 7 to Windows 10 or a Mac. I have another suggestion: Linux. Specifically Linux Mint 17.3, Rosa, with the Cinnamon desktop.

Yes, I'm serious. I use all the above desktops -- yes I'm a Windows 7 and 10 user as well as a Linux guy -- and for people I think Mint 17.3 makes a great desktop.
I've been using Mint as my main Linux desktop for years now. Unlike some desktops I could name -- cough, Windows 8, cough -- Linux Mint has never had a flop. Every year that goes by, this operating system keeps getting better. The other desktops? Not so much.
Let's take a closer look.at Windows 7 vs. Linux Mint 17.3
UI Differences
There's really not much. While it's even easier for a Windows XP user to move to Mint than a Windows 7 user, any Windows user won't have any trouble picking up Linux Mint with Cinnamon. There's a Start Menu and settings are easy to find.

03 February 2016

Microsoft as the Godfather, with an offer you can't refuse

From now on, Windows 10 will start to install automatically on your computer

MICROSOFT has stepped up its next-generation operating system to a "recommended" update for all Windows 7 and Windows 8.1 users. The 3GB installer file will now download automatically to your machine.


As promised, Microsoft has upgraded its Windows 10 operating system from an "optional" to a "recommended" update for all Windows 7 and Windows 8.1 users.

The Redmond technology firm first announced the change, which rolled out across Windows Update this week, back in October.

Microsoft is getting increasingly aggressive with its plans to get users to upgrade.

Terry Myerson, Executive Vice President of Windows and Devices Group, posted in the company blog: "As we shared in late October on the Windows Blog, we are committed to making it easy for our Windows 7 and Windows 8.1 customers to upgrade to Windows 10.

"We updated the upgrade experience today to help our customers, who previously reserved their upgrade, schedule a time for their upgrade to take place"

So what does the change to an "recommended" update really mean?

Depending on your Windows Update settings, this change could cause the Windows 10 upgrade process to automatically start on your device.

Microsoft will start to download the 3GB installer to your PC with your input, so that it's ready for whenever you chose to commit to Windows 10.

This is a hefty sized file, and could cause issues with users who have a download limit attached to thier monthly broadband contract.

Fortunately, before the upgrade completely changes the operating system on your machine, you will asked to choose whether or not to continue. 

And if you do upgrade from an older version of Windows to Windows 10 – intentionally or accidentally – there is a months grace when you can rollback to your previous OS without hassle.
"If you’re already running Windows 10 – thank you!" Mr Myerson published.

19 January 2016

New zero-day flaw affects millions of Linux servers, Android devices

The flaw is said to affect "tens of millions" of Linux PCs and servers, and most modern devices running the latest Android KitKat 4.4 software and later.

By Zack Whittaker | January 19, 2016 | ZDNet

A new, previously undiscovered flaw that allows an attacker to escalate local user privileges to the highest "root" level is said to hit "tens of millions" of Linux PCs and servers.

Because some of the code is shared, the zero-day flaw also affects more than two-thirds of all Android devices.

Israeli security firm Perception Point disclosed the flaw in a blog post Tuesday, but it wasn't immediately clear if the bug had been privately reported to Google, which develops the Android software.

Perception Point did not immediately return a request for comment.

The flaw, said to date back to 2012, affects Linux kernel versions 3.8 and higher, which extends to devices running Android KitKat 4.4 and higher.