Language Selection

English French German Italian Portuguese Spanish

In January, the EU starts running Bug Bounties on Free and Open Source Software

Filed under
OSS

In January the European Commission is launching 14 out of a total of 15 bug bounties on Free Software projects that the EU institutions rely on. A bug bounty is a prize for people who actively search for security issues. The amount of the bounty depends on the severity of the issue uncovered and the relative importance of the software. The software projects chosen were previously identified as candidates in the inventories and a public survey.

You can contribute to the projects below by analysing the software, and by submitting any bugs or vulnerabilities you find to the involved bug bounty platforms. Here is the list of Software projects and the bug bounties: [...]

Read more

Now in CBS/ZDNet

  • EU to fund bug bounty programs for 14 open source projects starting January 2019

    The 14 projects are, in alphabetical order, 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player, and WSO2.

    The bug bounty programs are being sponsored as part of the third edition of the Free and Open Source Software Audit (FOSSA) project.

    EU authorities first approved FOSSA in 2015, after security researchers discovered a year earlier severe vulnerabilities in the OpenSSL library, an open source project used by many websites to support HTTPS connections.

EU Offering Cash Bounty Incentives For Finding Security Flaws

  • EU Offering Cash Bounty Incentives For Finding Security Flaws in Open Source Tools

    FOSSA aims at bringing together the developer community to ensure better security of open source systems, such as CMS or other standard software used by the EU.

    There are several open-source software that is widely used by the authorities, as well as the public at large. Reportedly some of these are used as part of the EU’s IT Infrastructure, and therefore they are keen on ensuring better security for such projects.

By Mark Wycislik-Wilson

Engadget

EU puts up bug bounties to find flaws in open source software

  • EU puts up bug bounties to find flaws in open source software

    The European Union (EU) has put up a bug bounty for security researchers to spot flaws in the open source software used by the regional bloc.

    In a post on her website, European Parliament member Julia Reda of Germany said the bounty to be launched in 2019 by the European Commission – EU's executive branch – will cover a total of 15 free and open source software "that the EU institutions rely on."

EU to fund bug bounties for open source projects

  • EU to fund bug bounties for open source projects including PuTTY, Notepad++, KeePass, Filezilla and VLC

    Why it matters: The internet largely relies on open source projects to survive, but these are often developed by hardworking and charitable developers rather than well-paid employees. An unfortunate consequence of this is that developers simply don’t get the time and resources they require to hunt down the vulnerabilities that are so pervasive in complex code.

    The European Union has recognized this problem, and as part of their Free and Open Source Software Audit (FOSSA) they’ve set up a bug bounty for 15 applications. The bounty ranges from $30,000 to $100,000 depending on the software in question, and of course, on the seriousness of the vulnerability discovered.

BY DUNCAN RILEY

  • European Union to fund bug bounties for leading open-source software projects

    The European Union is an unexpected entrant into the world of bug bounties, funding 14 of them for open-source software projects on which the organization relies.

    Bug bounties are payments provided to security researchers and others who detect and report vulnerabilities in software. The EU’s funding will begin at the start of January.

    Announced late last week by Julia Reda, an elected representative of the EU Parliament, the program will fund bug bounties for a variety of software: 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services, Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player and WSO2.

    The funding will be provided through the Free and Open Source Software Audit project that was approved by the EU in 2015. That project was founded after flaws were found in OpenSSL, the open-source library used for the encryption of internet traffic.

EU to Launch Bug Bounty Program for Open Source Software

  • EU to Launch Bug Bounty Program for Open Source Software

    The bounties are offered as part of the Free and Open Source Software Audit project (FOSSA), originally launched in 2015 following the discovery of security flaws in OpenSSL encryption.

    Julia Reda, a German member of the European Parliament, says the bug bounty program will include 14 projects that the EU itself relies on.

    “The amount of the bounty depends on the severity of the issue uncovered and the relative importance of the software. The software projects chosen were previously identified as candidates in the inventories and a public survey,” she says.

Now Forbes

  • EU To Offer Almost $1M In Bug Bounties On Open Source Software

    The full list of programs includes 7-zip, Apache Tomcat, Drupal, Filezilla, VLC, KeePass, Notepad++ and other popular tools that the EU institutions rely on, with rewards ranging from €25,000 to €90,000 ($28,600 to $103,000), for a total offered amount of €851,000 ($973,000).

Lots more coverage yesterday

  • 14 open source projects get EU funding for bug bounty payments

    Starting from the New Year, the European Union has decided to fund bug bounty programmes for a plethora of important open source projects. There are 14 projects covered by this initiative, starting from January 2019. The EU reckons its funding will shore up the integrity and reliability of the internet and other infrastructure, benefitting organisations and intuitions not just in Europe, but worldwide.

  • The EU Opens Bug Hunting Season in 2019 for 15 Open-Source Projects It Uses

    From January 7, 2019, researchers can submit security flaws for Filezilla, Apache Kafka, Notepad++, PuTTY, and VLC Media Player via the HackerOne bug bounty and vulnerability coordination platform. midPoint, a platform for identity management governance, is another product the EU wants to be more secure and offers rewards for vulnerabilities reported through HackerOne, starting March 1, 2019.

    The rest of nine software products for which the EU set up a bug bounty are FLUX TL, KeePass, 7-zip, Digital Signature Services (DSS), Drupal, GNU C Library (glibc), PHP Symfony, Apache Tomcat, and WSO2; security flaws for them are coordinated through Intigrity, a Brussels-based crowdsourced security platform. The security reward programs for these start on January 15 and January

  • EU to sponsor bug bounty programs for 14 open source projects from January 2019

    Julia Reda, EU member of the parliament, announced, last week, that EU will be funding the internet bug bounty programs for 14 out of the total 15 open source projects, starting January 2019.

    The Internet Bug Bounty programs are rewards for friendly hackers who actively search for security vulnerabilities and issues. The program is managed by a group of volunteers that are selected from the security community. The amount of the bounty depends on how severe the issue uncovered is and the importance of the software. The amount ranges from 25,000,00 Euros and all the way up to 89,000,00 Euros.

  • EU to fund bug bounty program for top open-source software

    The European Union will help cover the expenses of bug bounty programs for 14 open-source projects according to an announcement made by EU Member of Parliament Julia Reda.

    The projects that will receive funding for their bug bounty programs are 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player and WSO2.

    The bug bounty programs are being sponsored as part of the third edition of the Free and Open Source Software Audit (FOSSA) project.

  • EU to fund open-source bug bounty program

    Here's a cool way for white hat hackers to earn themselves some nice greens. The European Union is funding a bounty hunter program for a bunch of open-source projects.

    Starting next year, cybersecurity-savvy individuals can get their hands dirty with a total of 14 projects: 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player, and WSO2.

'Ethical' hackers could make up to £80,000 breaking into EU

  • 'Ethical' hackers could make up to £80,000 breaking into EU computer software as part of new European Commission security project

    The Commission is funding 15 'bug bounties' in total, with the total prize fund topping £800,000.

    EU officials are looking to paper over the cracks in open source programmes – software available for free online – that the Union uses in its computer systems.

    The full list of programs includes 7-zip, Apache Tomcat, Drupal, Filezilla, VLC, KeePass, Notepad++ and other popular tools used in systems across the globe.

    Rewards for 'ethical hackers' who get involved range from £22,000 to £80,000 per bug found, depending on how serious the flaw is.

EU to fund bug bounties

  • EU to fund bug bounties

    Ethical hackers could earn up to $100,000 if they can spot vulnerabilities in the free open source software used by the European Union
    The European Union (EU) has set up a bug bounty for 15 applications to help uncover security flaws in the most popular free and open source software on the web.

    Bug bounties are a prize for people who actively search for security issues and the EU is calling on ethical hackers and developers to help find vulnerabilities in the open source projects it relies on.

    The initiative was announced by Julia Reda, a member of the European Pirate Party and the co-founder of The Free and Open Source Software Audit Project (FOSSA), and will see the EU fund 15 bug bounties ranging from $30,000 to $100,000 depending on the software in question and the size of the vulnerability.

The EU opens its own bug bounty program for open source software

  • The EU opens its own bug bounty program for open source software

    IN PRECISELY 86 DAYS - unless something dramatic happens - Britain's 73 MEPs will lose their hard-earned (citation needed) European Union salary. For those that want one more hit of EU gravy after handing in the door pass, there is another way: finding bugs in open source software.

    Bug bounties are nothing new, but they tend to be offered by companies with deep enough cash reserves to fund them, for obvious reasons. Facebook, Google, Microsoft and many others essentially pay people to find flaws in their software, so they can patch them before somebody else uses it to cause them bigger headaches further down the line.

    So why is the EU getting in on the act? Simply because it uses open source software, and said programmes rely on the community to catch potential exploits. That's proved pretty efficient in the past, but with the EU representing the interest of 28 countries - well, 27 and one putting on its coat to leave - one small exploit could cause a lot of big problems.

    As such, German Pirate Party MEP Julia Reda has unveiled the bug bounty program for 15 pieces of software favoured in Brussels and beyond: 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player and WSO2.

Still covered today/yesterday

  • EU to fund open-source bug bounty programmes
  • EU Offers Bug Bounties For 14 Open Source Projects

    The European Commission in January is funding 14 bug bounty programs in hopes of sniffing out vulnerabilities in the free open source projects that EU institutions rely on.

    The bug bounty programs span 14 open source software projects and offers a total of almost $1 million for all bounties combined. The bug bounty programs have varying rewards, start and end dates, and platforms. The first bug bounty programs – for Filezilla, Apache Kafka, Notepad++, PuTTy, and VLC Media Player – begin next week on Jan. 7.

    The initiative stems back to the Free and Open Source Software Audit project (FOSSA), first created by European Parliament member Julia Reda. Reda proposed FOSSA with the hopes of securing open source software, after the Heartbleed vulnerability was discovered in open source encryption library OpenSSL in 2014.

  • European Union is Encouraging Coders in Open Source Projects with Bug Bounty Programs

    For anyone who has played around with the coding side of things, or even had a peek under the bonnet, names such as notepad++, GNU C library and Putty will be immediately recognizable.

    These are some of the commonly used Open Source Software (OSS); software that is freely distributed with it source code that allows the user to read or modify it. Due to this, they are widely used in IT and programming.

    Appreciating the important purpose they serve, and also the possibility of abuse, Julia Reda, an EU Member of Parliament has announced that the European Commission is launching what they term as “ bug bounty programs,” in a bid to encourage and support open source software.

    The Member of Parliament noted that this is part of an ongoing effort, Free and Open Source Software Audit (FOSSA) in a concerted effort to get people to look debug these projects. At this time there will be up to fifteen programs that will be supported, in a bid to make the Internet safer and more reliable.

More on EU

  • EU launches Bug Bounty program for 14 free open-source products

    Bug bounty program for 14 of its open source projects will commence from January 2019 while the last one will start from March 1. These programs are sponsored as part of the 3rd edition of the FOSSA project, which was approved by the EU authorities in 2015 after severe vulnerabilities were identified in the OpenSSL library in 2014.

  • EU to offer bug bounties for finding security flaws in open-source software

    Bug bounties are a way for companies to check the security of their software by offering cash to freelancers who hunt for security exploits and then report them so that they can be fixed. The idea is that everyone benefits from this process: the company gets its software checked by a larger variety of people than they could employ by themselves, the bug hunters get offered legitimate cash for finding a security flaw instead of selling that information on the black market, and the public gets software which has been more thoroughly checked for security issues. Big tech companies like Google and Intel have been running bug bounty programs for years.

One More, Now From SC Magazine

  • European Union announces bug bounty program

    Payouts have ranged from 25.000,00 € for a Digital Signature Services (DSS) vulnerability to 90.000,00 € for a PuTTy vulnerability.

    “The issue made lots of people realise how important Free and Open Source Software is for the integrity and reliability of the Internet and other infrastructure,” Reda said in an announcement. “Like many other organisations, institutions like the European Parliament, the Council and the Commission build upon Free Software to run their websites and many other things.”

EU primes open source bug bounty effort

  • EU primes open source bug bounty effort

    Security researchers have welcomed a European Union-funded scheme to offer bug bounties on free and open source software projects that begins its roll-out this month.

    The bounty scheme is an extension of the Free and Open Source Software Audit (FOSSA) project, and will reward ethical hackers who uncover flaws in key components of internet technologies such as Drupal and Apache Tomcat as well as consumer utilities such as the VLC Media Player.

    Maximum payouts will range between €25k and €90k under a total of 15 programs, administered by either HackerOne or Intigriti/Deloitte, funded in large part by the EU.

Europe to Fund Open Source Software Bug Bounty Programme

  • Europe to Fund Open Source Software Bug Bounty Programme

    From Monday 7 January the European Commission (EC) will start paying out bug bounties to security researchers who find vulnerabilities in 14 open source projects.

    The funding pot is part of the EU Free and Open Source Software Audit (FOSSA) project, overseen by the EC’s Directorate General of Informatics (DIGIT).

    The bounty programmes, run on the HackerOne and Intigriti platforms, cover open source software (OSS) used in European infrastructure, including streaming software Apache Kafka, content management framework Drupal and puTTY; a free SSH and telnet client for Windows.

    But the project has not been without its critics, who have warned it will place a growing workload on volunteer-led projects, potentially alienating code maintainers who will see little personal benefit as a result.

Open Source Software Needs Funding, Not Bug Bounty Programs

  • Open Source Software Needs Funding, Not Bug Bounty Programs

    While the European Union’s latest bug bounty program for widely used open source projects sounds like a step towards improving the security of the overall Internet ecosystem, these programs may wind up complicating efforts to secure these applications.

    The European Union has committed to pay €850,000 (nearly $1 million) in bug bounties for vulnerabilities found in 15 open source projects as part of the edition of the Free and Open Source Software Audit (FOSSA) project, said Julia Reda, a member of the European Parliament representing the German Pirate Party. The projects are 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PuTTY, the Symfony PHP framework, VLC Media Player, and WSO2. Six of the projects will accept vulnerability reports until the summer, six until the end of the year, and three will accept reports through 2020. Drupal, a powerful content management system, and PuTTY, a terminal emulator, serial console and network file transfer application, have the largest amounts allocated under this program, at €89,000 ($101,000) and €90,000 ($102,000), respectively.

EU Launches Bug Bounty for 15 Open Source Projects

  • EU Launches Bug Bounty for 15 Open Source Projects

    Working in partnership with HackerOne and Intigriti, the EU announced that the European Commission will launch a bug bounty program as part of the Free and Open Source Software Audit (FOSSA).

    The third edition of FOSSA will include 15 software programs: 7-zip, Apache Kafka, Apache Tomcat, Digital Signature Services (DSS), Drupal, Filezilla, FLUX TL, the GNU C Library (glibc), KeePass, midPoint, Notepad++, PHP Symfony, PuTTY, VLC Media Player and WSO2, according to EU Parliament member Julia Reda.

    Reda, who has written extensively about the security risks in Open SSL, launched the FOSSA project with her colleague Max Andersson in 2015, which is moving into phase three. The first 14 bug bounty projects will commence in January 2019, with the final project beginning in March.

EU to launch bug bounties for 14 open source projects

  • EU to launch bug bounties for 14 open source projects

    Starting this month the European Commission (EC) will kick off a series of bug bounties aimed at finding and patching security bugs in open source software (OSS).
    Each of the bug bounties, which offer prize pools of between €25,000 and €90,000 (AUD$40,518 and AUD$145,868), target open source programs that are widely used within the EC.
    The EC selected software it would fund bug bounties for based on previous inventories of software usage within the EC and a public survey about what projects should be supported.
    Open source projects that will get EC-incentivised attention in coming months include Filezilla FTP software, the KeyPass password manager, Drupal CMS software, and the Apache Software Foundation’s implementation of Java technologies, Apache Tomcat.

EU to offer nearly $1m in bug bounties for open-source software

  • EU to offer nearly $1m in bug bounties for open-source software

    The full list of 15 bounty programs includes the file archiver 7-zip, the Java servlet container Apache Tomcat, the content management framework Drupal, the cross-platform FTP application Filezilla, the media player VLC, the password manager KeePass, the text/source code editor Notepad++, plus other popular tools. Rewards start at €25,000 and go on up to €90,000 ($28,600 to $103,000), for a total offered amount of €851,000 ($973,000).

Pirate Party MEP serves up €1m Brussels-backed bug program

  • Pirate Party MEP serves up €1m Brussels-backed bug program for open source

    The European Union is ponying up close to €1m under a bug bounty programme spanning a range of open source projects.

    The cash drop represents the latest milestone for the Free and Open Source Software Audit Project (FOSSA) the brainchild of German Pirate Party MEP Julia Reda and her colleague, Max Andersson.

    In a pre-NYE blog post announcing the bounties, and recapping progress on FOSSA, Reda said that, “In January the European Commission is launching 14 out of a total of 15 bug bounties on Free Software projects that the EU institutions rely on.

EU Offers up to $100,000 in Bug Bounties for Open Source

  • EU Offers up to $100,000 in Bug Bounties for Open Source Projects

    The European Commission has provided funding for bug bounties in 14 open source projects it relies on. The bounties are designed to find gaps in its security after a year of successful attacks across the world.

    The idea has roots in the Heartbleed vulnerability, whose discovery in OpenSSL caused a mad scramble and widespread concern. This led to the proposal of the Open Source Software Audit (FOSSA) by Julia Reda.

    The bounties include popular applications like Filezilla, Notepad++, PuTTy, VLC Media Player, KeePass, and 7-zip. They were chosen by a historical look at application usage in the EC and a public survey by Reda.

    Of course, while the discovery of the bugs will aid the European Commission, they’ll play a wider role in protecting the public as a whole. The bounties are open to all on HackerOne and Intigriti, meaning anyone holding on to relevant exploits has a financial incentive to divulge them.

Still in the news yesterday.

  • EU launches bug bounties on free and open source software

    After setting up a bug bounty program for VLC Media Player in late 2017, the European Commission (EC) has announced the launch of 14 new ones that will cover other free and open source software used by European Union institutions.

Still in the news this week...

  • EU launches open source bug bounty

    The European Union (EU) has announced it is to support several open source bug bounty programmes. It is doing so in order to protect the open source software that the EU is becoming ever more reliant upon. The move was announced by Member of the European Parliant (MEP) Julia Reda who listed 15 projects. However, only 14 will receive funding although it is not clear which one will be left out.

    The European Union (EU) has announced it is to support several open source bug bounty programmes. It is doing so in order to protect the open source software that the EU is becoming ever more reliant upon. The move was announced by Member of the European Parliant (MEP) Julia Reda who listed 15 projects. However, only 14 will receive funding although it is not clear which one will be left out.

EU offers bug bounties on popular open source software

  • EU offers bug bounties on popular open source software

    The European Union (EU) is rolling out a bug bounty scheme on some of the most popular free and open source software around in a bid to ultimately make the internet a safer place.

    A total of €851,000 (not too far from US$1 million) is up for grabs as rewards for identifying security vulnerabilities in 15 widely used software projects (a full breakdown is shown below). A portion of the cash-for-bugs scheme is kicking off today, while nearly all others are scheduled to begin later this month.

    The program was announced by Julia Reda, a member of the European Parliament, who – together with fellow EU parliamentarian Max Andersson – has spearheaded the Free and Open Source Software Audit (FOSSA) project since 2014.

EU Bug Bounty - Software Security as a Civil Right

  • EU Bug Bounty - Software Security as a Civil Right

    This EU initiative is part of the Free and Open Source Software Audit (FOSSA) project, thanks to Julia Reda MEP of the EU Pirate Party, who started the project thinking that enough is enough after severe vulnerabilities were discovered in key infrastructure components like OpenSSL. This prompted her to involve the EU Commission in contributing to the security of the Internet.

    It is amazing to think that the OpenSSL Software Foundation which is responsible for the maintenance of the OpenSSL library, the cornerstone of safe transactions on the Internet used by millions of websites and organizations, receives just $2000 of donation money per year and has only ONE full-time employee working on the library. All that was revealed after the discovery of the Heartbleed bug, something that finally shook the waters and motivated the big industry names to support the foundation with proper funding.

    Saying that, aren't Governments supposed to jump in and protect the public when the private sector cannot? That's the philosophy behind this novel initiative.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

today's leftovers

  • Hardware Review - The ZaReason Virtus 9200 Desktop
  • Chrome OS 76 will disable Crostini Linux backups by default
    Essentially, this is still a work in progress feature. And I shouldn’t be terribly surprised by that, even though in my experience, the functionality hasn’t failed me yet. That’s because we know that the Chromium team is considering on a way to backup and restore Linux containers directly from the Files app on a Chromebook. That proposal is targeted for Chrome OS 78, so this gives the team more time to work that out, as well as any other nits that might not be quite right with the current implementation.
  • Andrei Lisita: Something to show for
    Unfortunately along with the progress that was made we also encountered a bug with the NintendoDS core that causes Games to crash if we attempt to load a savestate. We are not yet 100% sure if the bug is caused by my changes or by the NintendoDS core itself. I hope we are able to fix it by the end of the summer although I am not even sure where to start since savestates are working perfectly fine with other cores. Another confusing matter about this is that the Restart/Resume Dialog works fine with the NintendoDS core and it also uses savestates. This led me to believe that perhaps cores can be used to load savestates only once, but this can’t be the problem since we re-instantiate the core every time we load a savestate. In the worst case we might just have to make a special case for the NintendoDS core and not use savestates with it, except for the Resume/Restart dialog. This would sadden me deeply since there are plenty of NintendoDS games which could benefit from this feature.
  • OSMC's June update is here with Kodi v18.3
    Team Kodi recently announced the 18.3 point release of Kodi Leia. We have now prepared this for all supported OSMC devices and added some improvements and fixes. Here's what's new:

OSS Leftovers

  • A comparison of open source, real-time data streaming platforms
    A variety of open source, real-time data streaming platforms are available today for enterprises looking to drive business insights from data as quickly as possible. The options include Spark Streaming, Kafka Streams, Flink, Hazelcast Jet, Streamlio, Storm, Samza and Flume -- some of which can be used in tandem with each other. Enterprises are adopting these real-time data streaming platforms for tasks such as making sense of a business marketing campaign, improving financial trading or recommending marketing messages to consumers at critical junctures in the customer journey. These are all time-critical areas that can be used for improving business decisions or baked into applications driven by data from a variety of sources.
  • Amphenol’s Jason Ellison on Signal Integrity Careers and His Free, Open Source PCB Design Software
    Ellison, Senior Staff Signal Integrity Engineer at Amphenol ICC, gives his insight on the importance of networking, giving to the EE community, and his open-source signal integrity project. How does signal integrity engineering compare to other EE fields? What are open-source resources worth these days? What makes for a good work life for an engineer? Learn this and more in this Engineer Spotlight! Jason Ellison started down the path to becoming an electrical engineer because someone told him it was "fun and easy if you're good at math." In this interview with AAC's Mark Hughes, Ellison—a Senior Staff Signal Integrity Engineer at Amphenol ICC—describes how his career has grown from these beginnings into the rewarding and diverse work of signal integrity engineering.
  • Cruise open-sources Webviz, a tool for robotics data analysis [Ed: Releasing a little tool that's part of proprietary software so that it 'feels' more "open"]
    Cruise, the self-driving startup that General Motors acquired for nearly $1 billion in 2016, generates an enormous amount of data by any measure. It orchestrates 200,000 hours of driving simulation jobs daily in Google Cloud Platform, spread across 30,000 virtual cars in an environment running on 300,000 processor cores and 5,000 graphics cards. Both those cars and Cruise’s fleet of over 180 real-world autonomous Chevrolet Bolts make thousands of decisions every second, and they base these decisions on observations captured in binary format from cameras, microphones, radar sensors, and lidar sensors.
  • EWF launches world’s first open source blockchain for the energy industry
    The Energy Web Foundation this week announced that it has launched the world’s first public, open-source, enterprise-grade blockchain tailored to the energy sector: the Energy Web Chain (EW Chain). More than ten Energy Web Foundation (EWF) Affiliates — including utilities, grid operators, and blockchain developers — are hosting validator nodes for the live network, according to the company.
  • Pimcore Releases Pimcore 6.0, Amplifying User-Friendly Digital Experiences Through Open Source
    Pimcore, the leading open-source platform for data and customer experience management, has released the most powerful version of the Pimcore platform, Pimcore 6.0. The updated platform includes a new user interface that seamlessly connects MDM/PIM, DAM, WCM, and digital commerce capabilities to create more advanced and user-friendly experiences quickly and efficiently.
  • VCV Rack reaches version 1.0.0: free and open-source modular synth gets a full release
    VCV Rack is a free, open-source modular software synth that’s been gaining ground for a couple of years, but only now has it reached the significant milestone of version 1.0. Designed to replicate the feeling of having a hardware modular synth on your desktop, VCV Rack enables you to add both free and paid-for modules, and now supports polyphony of up to 16 voices. There’s MIDI Output, too with CV-Gate, CV-MIDI and CV-CC modules enabling you to interface with drum machines, desktop synths and Eurorack gear.
  • Flying Above the Shoulders of Giants
    Thanks to open-source platforms, developers can stand on the shoulders of software giants to build bigger and better things. Linux is probably the biggest...
  • MIT Researchers Open-Source AutoML Visualization Tool ATMSeer
    A research team from MIT, Hong Kong University, and Zhejiang University has open-sourced ATMSeer, a tool for visualizing and controlling automated machine-learning processes. Solving a problem with machine learning (ML) requires more than just a dataset and training. For any given ML tasks, there are a variety of algorithms that could be used, and for each algorithm there can be many hyperparameters that can be tweaked. Because different values of hyperparameters will produce models with different accuracies, ML practitioners usually try out several sets of hyperparameter values on a given dataset to try to find hyperparameters that produce the best model. This can be time-consuming, as a separate training job and model evaluation process must be conducted for each set. Of course, they can be run in parallel, but the jobs must be setup and triggered, and the results recorded. Furthermore, choosing the particular values for hyperparameters can involve a bit of guesswork, especially for ones that can take on any numeric value: if 2.5 and 2.6 produce good results, maybe 2.55 would be even better? What about 2.56 or 2.54?
  • Open-Source Cybersecurity Tool to Enhance Grid Protection
    A revolutionary new cybersecurity tool that can help protect the electric power grid has been released to the public on the code-hosting website GitHub.
  • Quick notes for Mozilla Whistler All Hands 2019
  • Deeper into the data fabric with MongoDB
    However, to gain access to rich search functionality, many organisations pair their database with a search engine such as Elasticsearch or Solr, which MongoDB claims can complicate development and operations — because we end up with two entirely separate systems to learn, maintain and scale.

Raspberry Pi 4 is here!

The latest version of the Raspberry Pi—Raspberry Pi 4—was released today, earlier than anticipated, featuring a new 1.5GHz Arm chip and VideoCore GPU with some brand new additions: dual-HDMI 4K display output; USB3 ports; Gigabit Ethernet; and multiple RAM options up to 4GB. The Raspberry Pi 4 is a very powerful single-board computer and starts at the usual price of $35. That gets you the standard 1GB RAM, or you can pay $45 for the 2GB model or $55 for the 4GB model—premium-priced models are a first for Raspberry Pi. Read more

Open Data, Open Access and Open Hardware

  • DoD’s Joint AI Center to open-source natural disaster satellite imagery data set
    As climate change escalates, the impact of natural disasters is likely to become less predictable. To encourage the use of machine learning for building damage assessment this week, Carnegie Mellon University’s Software Engineering Institute and CrowdAI — the U.S. Department of Defense’s Joint AI Center (JAIC) and Defense Innovation Unit — open-sourced a labeled data set of some of the largest natural disasters in the past decade. Called xBD, it covers the impact of disasters around the globe, like the 2010 earthquake that hit Haiti. “Although large-scale disasters bring catastrophic damage, they are relatively infrequent, so the availability of relevant satellite imagery is low. Furthermore, building design differs depending on where a structure is located in the world. As a result, damage of the same severity can look different from place to place, and data must exist to reflect this phenomenon,” reads a research paper detailing the creation of xBD. [...]

    xBD includes approximately 700,000 satellite images of buildings before and after eight different kinds of natural disasters, including earthquakes, wildfires, floods, and volcanic eruptions. Covering about 5,000 square kilometers, it contains images of floods in India and Africa, dam collapses in Laos and Brazil, and historic deadly fires in California and Greece.

    The data set will be made available in the coming weeks alongside the xView 2.0 Challenge to unearth additional insights from xBD, coauthor and CrowdAI machine learning lead Jigar Doshi told VentureBeat. The data set collection effort was informed by the California Air National Guard’s approach to damage assessment from wildfires.

  • Open-source textbooks offer free alternative for UC Clermont students
    Some UC Clermont College students are avoiding paying hundreds of dollars for textbooks — and getting the content for free — thanks to online open-source textbooks, a growing trend among faculty at the college and throughout higher education. UC Clermont Dean Jeff Bauer, who is also a professor of business, said the benefits of open textbooks are many. “All students have the book on the first day of class, it saves them a lot of money, and the information can be accessed anywhere, anytime, without carrying around a heavy textbook,” Bauer said. “They don’t need to visit the bookstore before or after each semester to buy or sell back books, either.”
  • Open Source Computer Controlled Loom Knits Pikachu For You
    The origin story of software takes us back past punch card computers and Babbage's Difference Engine to a French weaver called Joseph Marie Jacquard.
  • Successful open-source RISC-V microcontroller launched through crowdfunding
    X-FAB Silicon Foundries, together with crowd-sourcing IC platform partner Efabless Corporation, launched the first-silicon availability of the Efabless RISC-V SoC reference design. This open-source semiconductor project went from start of design to tape-out in less than three months employing the Efabless design flow produced on open-source tools. The mixed-signal SoC, called Raven, is based on the community developed ultra-low power PicoRV32 RISC-V core. Efabless has bench-tested the Raven at 100MHz, and based on simulations, the solution should operate at up to 150MHz.
  • Open Hardware: Open-Source MRI Scanners Could Bring Enormous Cost Savings
    Wulfsberg explore the possibilities of open source MRI scanning. As open-source technology takes its place around the world—everywhere from makerspaces to FabLabs, users on every level have access to design and innovation. In allowing such access to MRI scanning, the researchers realize the potential for ‘technological literacy’ globally—and with MRIs specifically, astronomical sums could be saved in healthcare costs. The authors point out that medical technology is vital to the population of the world for treating not only conditions and illnesses, but also disabilities. As so many others deeply involved in the world of technology and 3D printing realize, with greater availability, accessibility, and affordability, huge strides can be made to improve and save lives. Today, with so many MRI patents expiring, the technology is open for commercialization.