Language Selection

English French German Italian Portuguese Spanish

OSS Leftovers

Filed under
OSS
  • Spinnaker is the next big open source project to watch

    Spinnaker is an open source continuous delivery (CD) platform from Netflix and Google, though it now also has the backing of other major software companies. Spinnaker 1.0 launched last July, so it’s not the newest kid on the block, but the service is slowly but surely gaining momentum now, with users that include Target, Adobe, Daimler and Capital One, as well as a growing ecosystem of vendors who support it.

    Today, after a few years of working on the project without any formal structure in place, the Spinnaker project announced that it is growing up and putting a formal governance system in place at the project’s second community summit in Seattle this week.

  • Andy Wingo: heap object representation in spidermonkey

    I was having a look through SpiderMonkey's source code today and found something interesting about how it represents heap objects and wanted to share.

    I was first looking to see how to implement arbitrary-length integers ("bigints") by storing the digits inline in the allocated object. (I'll use the term "object" here, but from JS's perspective, bigints are rather values; they don't have identity. But I digress.) So you have a header indicating how many words it takes to store the digits, and the digits follow. This is how JavaScriptCore and V8 implementations of bigints work.

    Incidentally, JSC's implementation was taken from V8. V8's was taken from Dart. Dart's was taken from Go. We might take SpiderMonkey's from Scheme48. Good times, right??

    When seeing if SpiderMonkey could use this same strategy, I couldn't find how to make a variable-sized GC-managed allocation. It turns out that in SpiderMonkey you can't do that! SM's memory management system wants to work in terms of fixed-sized "cells". Even for objects that store properties inline in named slots, that's implemented in terms of standard cell sizes. So if an object has 6 slots, it might be implemented as instances of cells that hold 8 slots.

    Truly variable-sized allocations seem to be managed off-heap, via malloc or other allocators. I am not quite sure how this works for GC-traced allocations like arrays, but let's assume that somehow it does.

  • Pocket Offers New Features to Help People Read, Watch and Listen across iOS, Android and Web

    We know that when you save something to Pocket, there is a reason why. You are saving something you want to learn about, something that fascinates you, something that will help shape and change you. That’s why we’ve worked hard to make Pocket a dedicated, quiet place to focus so that you can come back and absorb what you save when you are ready.

    The trick is, in the reality of our lives, it’s not always that simple. Our lives don’t always have a quiet moment with a coffee cup in hand with Pocket in the other. We have work to do, kids to take care of, school to attend. But with Pocket we’ve always worked hard to ensure that Pocket gives you tools to fit content around your life, freeing you from the moment of distraction and putting you in control.

  • OpenBSD's unveil()

    One of the key aspects of hardening the user-space side of an operating system is to provide mechanisms for restricting which parts of the filesystem hierarchy a given process can access. Linux has a number of mechanisms of varying capability and complexity for this purpose, but other kernels have taken a different approach. Over the last few months, OpenBSD has inaugurated a new system call named unveil() for this type of hardening that differs significantly from the mechanisms found in Linux.

    The value of restricting access to the filesystem, from a security point of view, is fairly obvious. A compromised process cannot exfiltrate data that it cannot read, and it cannot corrupt files that it cannot write. Preventing unwanted access is, of course, the purpose of the permissions bits attached to every file, but permissions fall short in an important way: just because a particular user has access to a given file does not necessarily imply that every program run by that user should also have access to that file. There is no reason why your PDF viewer should be able to read your SSH keys, for example. Relying on just the permission bits makes it easy for a compromised process to access files that have nothing to do with that process's actual job.

  • digest 0.6.18

    Earlier today, digest version 0.6.18 arrived on CRAN. It will get uploaded to Debian in due course.

    digest creates hash digests of arbitrary R objects (using the md5, sha-1, sha-256, sha-512, crc32, xxhash32, xxhash64 and murmur32 algorithms) permitting easy comparison of R language objects.

  • Did your first pull request get accepted?
  • Clazy 1.4 released

    Clazy 1.4 has been released and brings 10 new checks.

    Clazy is a clang compiler plugin which emits warnings related to Qt best practices. We’ll be showing Clazy at Qt World Summit in Boston, Oct 29-30, where we are a main Sponsor.

  • I'd like to interject for a moment

    Mastodon is merely an implementation of Fediverse. As it happens, only one of my Fediverse channels runs on Mastodon (the Japanese language one at Pawoo). Main one still uses Gnusocial, the anime one was on Gnusocial and migrated to Pleroma a few months ago. All of them are communicating using the OStatus protocol, although a movement is afoot to switch to ActivityPub. Hopefully it's more successful than the migration from RSS to Atom was.

    Yet, I noticed that a lot of people fall to the idea that Mastodon is an exclusive brand. Rarely one has to know or care what MTA someone else uses. Microsoft was somewhat successful in establishing Outlook as such a powerful brand to the exclusion of the compatible e-mail software. The maintainer of Mastodon is doing his hardest to present it as a similar brand, and regrettably, he's very successful at that.

  • How to level up your organization's security expertise

    IT security is critical to every company these days. In the words of former FBI director Robert Mueller: “There are only two types of companies: Those that have been hacked, and those that will be.”

    At the same time, IT security is constantly evolving. We all know we need to keep up with the latest trends in cybersecurity and security tooling, but how can we do that without sacrificing our ability to keep moving forward on our business priorities?

    No single person in your organization can handle all of the security work alone; your entire development and operations team will need to develop an awareness of security tooling and best practices, just like they all need to build skills in open source and in agile software delivery. There are a number of best practices that can help you level up the overall security expertise in your company through basic and intermediate education, subject matter experts, and knowledge-sharing.

More in Tux Machines

Android Leftovers

ODROID-XU4: Much Better Performance Than The Raspberry Pi Plus USB3 & Gigabit Ethernet @ $60

Hardkernel recently sent over the ODROUD-XU4 for benchmarking. This ARM SBC that just measures in at about 82 x 58 x 22 mm offers much better performance than many of the sub-$100 ARM SBCs while also featuring dual USB 3.0 ports, Gigabit Ethernet, eMMC storage, and is software compatible with the older XU3 ARM SBCs. Here's a look at the performance of the ODROID-XU4 compared to a variety of other single board computers. This ~$60+ ARM single board computer is built around a Samsung Exynos5422 SoC that features four Cortex-A15 cores at 2.0GHz and four Cortex-A7 cores at 1.3GHz while the graphics are provided by a Mali-T628. Read more

Six-port network appliance runs Linux on Atom C3558

Acrosser’s compact “AND-DNV3N2” networking appliance runs Linux on a quad-core, 2.2GHz Atom C3558 and offers a SATA-III bay, 2x mini-PCIe and USB 3.0 ports, and 6x GbE ports, two of which can be outfitted as fiber SFP ports. Acrosser, which says it is now an Intel IoT Solutions Alliance partner, announced a desktop network appliance available with 6x copper Gigabit Ethernet ports or 4x GbE and 2x fiber-optic SFP ports. Like Advantech’s 6x port FWA-1012VC appliance, the AND-DNV3N2 Micro Box Networking Appliance runs on a quad-core, 2.2GHz Atom C3558 “Denverton” server SoC. (The Advantech model also sells an 8-port variant with an octa-core C3758.) Read more

today's leftovers

  • Director v1.6.0 is available
    Icinga Director v1.6.0 has been released with Multi-Instance Support, Configuration Baskets and improved Health Checks. We’re excited to announce new features that will help you to work more efficiently.
  • Fedora Looks To Build Firefox With Clang For Better Performance & Compilation Speed
    Following the move by upstream Mozilla in switching their Linux builds of Firefox from being compiled by GCC to LLVM Clang, Fedora is planning the same transition of compilers in the name of compilation speed and resulting performance. FESCo Ticket 2020 laid out the case, "Mozilla upstream switches from gcc to clang and we're going to follow upstream here due to clang performance, maintenance costs and compilation speed. Tom Stellard (clang maintainer) has asked me to file this ticket to comply with Fedora processes."
  • Work in progress: PHP stack for EL-8
  • Sandwich-style SBC offers four 10GbE SFP+ ports
    SolidRun’s “ClearFog CX 8K” SBC is built around a “CEx7 A8040” COM Express Type 7 module that runs Linux on a quad -A72 Armada A8040. Features include 4x 10GbE SFP+ ports and mini-PCIe, M.2, and SATA expansion. In August, SolidRun updated its ClearFog line of Linux-driven router boards with a high-end ClearFog GT 8K SBC with the same 2GHz, quad-core, Cortex-A72 Marvell Armada A8040 SoC found on its MacchiatoBIN Double Shot Mini-ITX board. Now, the company has returned to the headless (no graphics) Armada A8040 with the ClearFog CX 8K. [..] It’s rare to see an Arm-based Type 7 module.
  • Watch Out: Clicking “Check for Updates” Still Installs Unstable Updates on Windows 10
    Microsoft hasn’t learned its lesson. If you click the “Check for Updates” button in the Settings app, Microsoft still considers you a “seeker” and will give you “preview” updates that haven’t gone through the normal testing process. This problem came to everyone’s attention with the release of the October 2018 Update. It was pulled for deleting people’s files, but anyone who clicked “Check for Updates” in the first few days effectively signed up as a tester and got the buggy update. The “Check for Updates” button apparently means “Please install potentially updates that haven’t gone through a normal testing process.”