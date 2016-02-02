FOSSID, a leader in open source software compliance and security, and BearingPoint, a leader in open source management services, today announced their strategic partnership around free and open source software governance. After successfully cooperating in selected projects for more than two years, BearingPoint decided to choose FOSSID as its strategic provider of open source analysis tools. FOSSID’s technology provides high performance and accuracy in the code analysis services performed by BearingPoint. [...] BearingPoint’s modular FOSS services provide companies with streamlined processes and infrastructure to deploy, manage, and govern their software throughout the product lifecycle, helping them to manage open source compliance and security. BearingPoint’s FOSS analysis services provide a timely and confidential analysis of the customers’ code base, including comprehensive compliance and security reports for their business decisions.

I would like to point out a security problem with a classic variant of web space hosting. While this issue should be obvious to anyone knowing basic web security, I have never seen it being discussed publicly. Some server operators allow every user on the system to have a personal web space where they can place files in a directory (often ~/public_html) and they will appear on the host under a URL with a tilde and their username (e.g. https://example.org/~username/). The Apache web server provides such a function in the mod_userdir module. While this concept is rather old, it is still used by some and is often used by universities and Linux distributions. From a web security perspective there is a very obvious problem with such setups that stems from the same origin policy, which is a core principle of Javascript security. While there are many subtleties about it, the key principle is that a piece of Javascript running on one web host is isolated from other web hosts. To put this into a practical example: If you read your emails on a web interface on example.com then a script running on example.org should not be able to read your mails, change your password or mess in any other way with the application running on a different host. However if an attacker can place a script on example.com, which is called a Cross Site Scripting or XSS vulnerability, the attacker may be able to do all that.

Start by downloading Rust. After downloading the relevant file, follow the instructions on the installation page to continue the installation. I recommend using the tool "rustup." Once you are done, configure the path variable. All this is detailed on the download link above.

Devices/Embedded With GNU/Linux Open source near ubiquitous in IoT, report finds Open provide is an growing variety of regular working course of in software, nonetheless nowhere is that this more true than Net of Points building. In keeping with a model new VisionMobile survey of three,700 IoT builders, 91% of respondents use open provide software in a minimal of 1 area in their software stack. This is good news for IoT because of best open provide ensures to chop again or put off the potential of lock-in imposed by way of proprietary “necessities.” What’s in all chance most attention-grabbing on this affection for open provide, then again, is that concurrently endeavor builders have eschewed the politics of open provide licensing, IoT builders seem to need open provide because of “it’s free as in freedom.”

MIOTY Silicon Vendor Agnostic, Scalable LPWAN Standard to Take on LoRaWAN, NB-IoT There are plenty of LPWAN (Low Power Wide Area Networks) standards designed for low power, low bitrate and long-range connectivity with the most popular currently being NB-IoT and LoRaWAN. But Texas Instruments has joined other smaller companies (Fraunhofer, Ragsol, STACKFORCE, WIKA…) to form the MIOTY alliance in order to develop and promote a new LPWAN standard operating in the sub-GHz range called MIOTY.

Rugged embedded PC supports Linux on Apollo Lake Nexcom’s rugged, Linux-ready “NISE 108” embedded computer has an Apollo Lake Celeron, triple display support with dual DP, 2x GbE, 4x USB, 3x COM, and M.2 and mini-PCIe expansion. [...] Designed for rugged industrial automation applications in factory, agricultural, and service settings, with special suitability for agro-industrial jobs, the aluminum and metal constructed NISE 108 supports -5 to 55°C operation with ambient air flow. The IEC60068-2-27 compliant shock protection is listed as 20G (HDD) or 50G (SSD) at half-sine, 11ms. Random vibration resistance is rated at 0.5Grms @ 5~500 Hz per IEC60068-2-64 for an HDD and 2Grms with SSD. There’s also 10% to 95% (non-condensing) relative humidity tolerance. The NISE 108 supports up to 8GB DDR3L-1866 via a single socket. There’s a 2.5-inch storage bay and an M.2 2242 socket, both with the older SATA 2.0 support. A mini-PCIe slot supports WiFi and cellular connections with the help of dual antenna holes.