Language Selection

English French German Italian Portuguese Spanish

OSS and Sharing Leftovers

Filed under
OSS
  • Crowdfunding for extension management in GIMP (and other improvements)

    Well that’s the big question! Let’s be clear: currently security of plug-ins in GIMP sucks.

    So the first thing is that our upload website should make basic file type checks and compare them with the metadata listing. If your metadata announces you ship brushes, and we find executables in there, we would block it.

    Also all executables (i.e. plug-ins or scripts) would be held for manual review. That also means we’ll need to find people in the community to do the review. I predict that it will require some time for things to set up smoothly and the road may be bumpy at first.

    Finally we won’t accept built-files immediately. If code is being compiled, we would need to compile it ourselves on our servers. This is obviously a whole new layer of complexity (even more because GIMP can run on Linux, Windows, macOS, BSDs…). So at first, we will probably not allow C and C++ extensions on our repository. But WAIT! I know that some very famous and well-maintained extensions exist and are compiled. We all think of G’Mic of course! We may make exceptions for trustworthy plug-in creators (with a well-known track record), to allow them to upload their compiled plug-ins as extensions. But these will be really exceptional.

    Obviously this will be a difficult path. We all know how security is a big deal, and GIMP is not so good here. At some point, we should even run every extension in a sandbox for instance. Well some say: the trip is long, but the way is clear.

  • Python's founder steps down, India's new net neutrality regulations, and more open source news

    The head of one of the most popular free software/open source software projects is stepping down. Guido van Rossum announced that he's giving up leadership of the project he founded, effective immediately.

    van Rossum, affectionately known as Python's "benevolent dictator for life," made the move after the bruising process of approving a recent enhancement proposal to the scripting language. He also cited some undisclosed medical problems as another factor in his resignation. van Rossum stated that he "doesn't want to think as hard about his creation and is switching to being an 'ordinary core developer'," according to The Inquirer.

    van Rossum, who "has confirmed he won't be involved in appointing his replacement. In fact, it sounds very much like he doesn't think there should be one," believes that Python's group of committers can do his job.

  • FLIR Creates Open-Source Dataset for Driving Assistance

    Sensor systems developer FLIR Systems Inc. has announced an open-source machine learning thermal dataset designed for advanced driver assistance systems (ADAS) and self-driving vehicle researchers, developers, and auto manufacturers, featuring a compilation of more than 10,000 annotated thermal images of day and nighttime scenarios.

    The first of its kind to include annotations for cars, other vehicles, people, bicycles, and dogs, the starter thermal dataset enables developers to begin testing and evolving convolutional neural networks with the FLIR Automotive Development Kit (ADKTM). The dataset empowers the automotive community to quickly evaluate thermal sensors on next-generation algorithms. When combined with visible light cameras, lidar, and radar, thermal sensor data paired with machine learning helps create a more comprehensive and redundant system for identifying and classifying roadway objects, especially pedestrians and other living things.

  • Open-source map of accessible restaurants in Calgary growing into something beautiful

    A call on Twitter for a list of accessible restaurants has led to an online mapping movement to plot out user-friendly restaurants around the city.

    On Monday, Calgary-based tech entrepreneur Travis Martin saw a tweet from Natasha Gibson (@ktash) asking Councillor Druh Farrell if she knew of some accessible restaurants for her senior parents.

  • Universities in Germany and Sweden Lose Access to Elsevier Journals [iophk: "sci-hub to the rescue"]

    This month, approximately 300 academic institutions in Germany and Sweden lost access to new papers published in Elsevier’s journals due to a standstill in negotiations for nationwide subscription contracts. While Elsevier’s papers remain inaccessible, academics are turning to alternative means of obtaining them, such as using inter-library loan services, emailing authors, finding earlier versions on preprint servers, or buying individual papers.

  • Open Source Laboratory Rocker is Super Smooth

    Lab equipment is often expensive, but budgets can be tight and not always up to getting small labs or researchers what they need. That’s why [akshay_d21] designed an Open Source Lab Rocker with a modular tray that uses commonly available hardware and 3D printed parts. The device generates precisely controlled, smooth motion to perform automated mild to moderately aggressive mixing of samples by tilting the attached tray in a see-saw motion. It can accommodate either a beaker or test tubes, but since the tray is modular, different trays can be designed to fit specific needs.

  • Update on our planned move from Azure to Google Cloud Platform

    Improving the performance and reliability of GitLab.com has been a top priority for us. On this front we've made some incremental gains while we've been planning for a large change with the potential to net significant results: running GitLab as a cloud native application on Kubernetes.

    The next incremental step on our cloud native journey is a big one: migrating from Azure to Google Cloud Platform (GCP). While Azure has been a great provider for us, GCP has the best Kubernetes support and we believe will the best provider for our long-term plans. In the short term, our users will see some immediate benefits once we cut over from Azure to GCP including encrypted data at rest on by default and faster caching due to GCP's tight integration with our existing CDN.

More in Tux Machines

Red Hat: OpenShift and Awards

  • OpenShift Commons Briefing: OpenShift 3.11 Release Update with Scott McCarty (Red Hat)
    In this briefing, Red Hat’s Scott McCarty and numerous other members of the OpenShift Product Management team gave an in-depth look at Red Hat’s OpenShift’s latest release 3.11 and some insights in to the road ahead.
  • Awards roll call: Red Hat awards, June to October 2018
    Depending on the weather in your region, it’s safe to say that the seasons are changing so it’s a good time to look back at what was a busy few months for Red Hat, especially when it came to industry awards for our technical and product leadership. In recent months, Red Hat products and technologies took home twenty awards, highlighting the breadth and depth of our product portfolio as well as the expertise that we provide to our customers. In addition, Red Hat as a company won five awards recognizing its growth and culture as a leader in the industry.
  • More advice from a judge - what it takes to win a Red Hat Innovation Award
    Last year I penned the below post to provide insight into what the judges of the Red Hat Innovation Awards are looking for when reviewing submissions. Looking back, I would give almost the identical advice again this year...maybe with a few tweaks. With all the stellar nominations that we receive, the question I often get is, “how can we make our entry standout?” There’s no magic formula for winning the Red Hat Innovation Awards, but there are things that the other judges and I look for in the entries. Overall, we’re looking for the project that tells a compelling story. It’s not just about sharing what Red Hat products and services you used, we want to hear the full narrative. What challenges did you face; how you implemented the project; and ultimately, what was the true business impact and transformation that took place? Submissions that are able to showcase how open source culture and values were key to success, or how the project is making a difference in the lives of others, are the entries that most often rise to the top.

today's howtos

OSS Leftovers

  • How to be an effective and professional member of the Samba user and development Community
    For many years we have run these lists dedicated to developing and promoting Samba, without any set of clear guidelines for people to know what to expect when participating.  What do we require? What kind of behavior is encouraged?
  • Blockcerts Updates Open Source Blockchain Architecture
    Learning Machine is making changes to its Blockcerts Credential Issuer, Verifier and Wallet to enable native support for records issuance and verification using any blockchain. Blockcerts was launched by Learning Machine and MIT Media Lab in 2016 as new way to allow students to receive digital diplomas through an app, complementing a traditional paper degree. Blockcerts was originally designed to be blockchain-agnostic, which means that open standards can be used to anchor records in any blockchain. The Blockcerts Universal Identifier recognizes which blockchain is being used and verifies accordingly. Currently, the open source project has added support for bitcoin and Ethereum blockchains, but anyone can add support through the project's GitHub page.
  • First full featured open-source Ethereum block explorer BlockScout launched by POA Network
  • Amsterdam-based ING Bank Introduces Open-Source Zero Knowledge Technology
  • ING Bank Launches Open Source Privacy Improvement Add-On for Blockchains
  • Imec tool accelerates DNA sequencing 10x
    As a result, in a typical run, elPrep is up to ten times faster than other software tools using the same resources. It is designed as a seamless replacement that delivers the exact same results as GATK4.0 developed by the Broad Institute. elPrep has been written in the Go programming language and is available through the open-source GNU Affero General Public License v3 (AGPL-3.0).
  • On the low adoption of automated testing in FOSS
    A few times in the recent past I've been in the unfortunate position of using a prominent Free and Open Source Software (FOSS) program or library, and running into issues of such fundamental nature that made me wonder how those issues even made it into a release. In all cases, the answer came quickly when I realized that, invariably, the project involved either didn't have a test suite, or, if it did have one, it was not adequately comprehensive. I am using the term comprehensive in a very practical, non extreme way. I understand that it's often not feasible to test every possible scenario and interaction, but, at the very least, a decent test suite should ensure that under typical circumstances the code delivers all the functionality it promises to. [...] Most FOSS projects, at least those not supported by some commercial entity, don't come with any warranty; it's even stated in the various licenses! The lack of any formal obligations makes it relatively inexpensive, both in terms of time and money, to have the occasional bug in the codebase. This means that there are fewer incentives for the developer to spend extra resources to try to safeguard against bugs. When bugs come up, the developers can decide at their own leisure if and when to fix them and when to release the fixed version. Easy! At first sight, this may seem like a reasonably pragmatic attitude to have. After all, if fixing bugs is so cheap, is it worth spending extra resources trying to prevent them?
  •  
  • Chrome for Linux, Mac, and Windows Now Features Picture-in-Picture by Default
    Chromium evanghelist at Google François Beaufort announced today that Picture-in-Picture (PiP) support is now enabled by defualt in the Google Chrome web browser for Linux, Mac, and Windows platforms. Google's engineers have been working for months to add Picture-in-Picture (PiP) support to the Google Chrome web browser, but the long-anticipated feature is finally here, enabled by default in the latest version for Linux, Mac, and Windows operating systems. The feature lets you detach a video in a floating window so you can watch it while doing something else on your computer.
  • Teaching With an Index Card: the Benefits of Free, Open-Source Tools
  • Decentralized Authentication for Self-Sovereign Identities using Name Systems
    The GNU Name System (GNS) is a fully decentralized public key infrastructure and name system with private information retrieval semantics. It serves a holistic approach to interact seamlessly with IoT ecosystems and enables people and their smart objects to prove their identity, membership and privileges - compatible with existing technologies. In this report we demonstrate how a wide range of private authentication and identity management scenarios are addressed by GNS in a cost-efficient, usable and secure manner. This simple, secure and privacy-friendly authentication method is a significant breakthrough when cyber peace, privacy and liability are the priorities for the benefit of a wide range of the population. After an introduction to GNS itself, we show how GNS can be used to authenticate servers, replacing the Domain Name System (DNS) and X.509 certificate authorities (CAs) with a more privacy-friendly but equally usable protocol which is trustworthy, human-centric and includes group authentication. We also built a demonstrator to highlight how GNS can be used in medical computing to simplify privacy-sensitive data processing in the Swiss health-care system. Combining GNS with attribute-based encryption, we created ReclaimID, a robust and reliable OpenID Connect-compatible authorization system. It includes simple, secure and privacy-friendly single sign-on to seamlessly share selected attributes with Web services, cloud ecosystems. Further, we demonstrate how ReclaimID can be used to solve the problem of addressing, authentication and data sharing for IoT devices. These applications are just the beginning for GNS; the versatility and extensibility of the protocol will lend itself to an even broader range of use-cases. GNS is an open standard with a complete free software reference implementation created by the GNU project. It can therefore be easily audited, adapted, enhanced, tailored, developed and/or integrated, as anyone is allowed to use the core protocols and implementations free of charge, and to adopt them to their needs under the terms of the GNU Affero General Public License, a free software license approved by the Free Software Foundation.
  • Make: an open source hardware, Arduino-powered, 3D-printed wire-bending machine
    How To Mechatronics has pulled together detailed instructions and a great video explaining how to make an Arduino-powered, 3D-printed wire-bending machine whose gears can create arbitrary vector images out of precision-bent continuous lengths of wire.
  • RApiDatetime 0.0.4: Updates and Extensions
    The first update in a little while brings us release 0.0.4 of RApiDatetime which got onto CRAN this morning via the lovely automated sequence of submission, pretest-recheck and pretest-publish. RApiDatetime provides seven entry points for C-level functions of the R API for Date and Datetime calculations. The functions asPOSIXlt and asPOSIXct convert between long and compact datetime representation, formatPOSIXlt and Rstrptime convert to and from character strings, and POSIXlt2D and D2POSIXlt convert between Date and POSIXlt datetime. This releases brings asDatePOSIXct as a seventh courtesy of Josh Ulrich. All these functions are all fairly useful, but not one of them was previously exported by R for C-level use by other packages. Which is silly as this is generally extremely carefully written and tested code.
  • 6 JavaScript books you should know
    If there was ever the potential for a giant book list it's one based on our favorite Javascript books. But, this list is short and easy to digest. Maybe it will help you get started, gently. Plus, check out three of our top Javascript articles with even more books, resources, and tips.

Security: Telstra, Google+ and Facebook Incidents, and Latest Updates