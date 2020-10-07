Free Software and OSS
Open source software is everywhere these days—which is great—but how can you be sure that you should trust the software you've downloaded to do what you want? The area of software supply chain management—of which this discussion forms a part—is fairly newly visible in the industry but is growing in importance. I'm going to consider a particular example.
First, though, this isn't one of those police dramas where a suspect parcel arrives at the precinct and someone realises just in time that it may be a bomb. What I'm talking about here are open source software packages (although the impact on your application may be similar if you're not sufficiently suspicious). There's a huge conversation to be had about what trust means as a starting point (and I have a forthcoming book on Trust in Computing and the Cloud for Wiley).
FFmpeg Lands VA-API AV1 Decode Support Led By Intel - Phoronix
With Intel Gen12 Xe-LP / Tiger Lake supporting AV1 accelerated decoding, Intel has provided this support via their open-source media stack on Linux that is then exposed via the Video Acceleration API (VA-API). Intel has now landed their patches for supporting VA-API AV1 decode with FFmpeg.
The FFmpeg patch we talked about back in September has now been merged for allowing AV1 decode over the VA-API interface with this widely-used multimedia library.
PeaZip - Versatile, powerful and just a wee buggy
PeaZip is a rather nice archiving program. It works well - overall - and comes with some neat options and extras. It supports a wide range of formats, which is a bonus if you have to work with odd and arcane files sent by friends and colleagues. You can quickly automate and script tasks, as every job log is available. Conversion is also a nice bonus.
But then, there were niggles - the fact I couldn't archive every single filename, the self-check issue with password-protected 7z archives, the inability to change themes, and the weird default looks. The application does the job, but there's no reason why any of these bugs should be present. They will deter ordinary users and annoy advanced ones. If you're looking for something to zip and rar and tar and whatnot your files, then PeaZip is a good choice. I hope the problems can be ironed out, and ideally, the UI will be refreshed. Not because we need new and modern, because the ergonomics are somewhat off. Anyway, rather recommended if ever so slightly rough. Take care, zip away.
The journey to a curl domain | daniel.haxx.se
When I created and started hosting the first websites for curl I didn’t care about the URL or domain names used for them, but after a few years I started to think that maybe it would be cool to register a curl domain for its home. By then it was too late to find an available name under a “sensible” top-level domain and since then I’ve been on the lookout for one.
JupyterCon 2020: Code of Conduct Reports
In his keynote at JupyterCon 2020, Jeremy Howard gave a point-by-point rebuttal of a presentation given at JupyterCon two years prior. Two attendees filed reports to the CoC committee as they felt that the content was unwelcoming and disrespectful.
The board of directors voted that the talk of Jeremy Howard adhered to the JupyterCon Code of Conduct. Jeremy’s talk offers the kind of exchange of ideas that makes an intellectual community vibrant and healthy.
[Older] Watch and share "Rewind" to help explain free software
"Rewind" is an animated video made for the Free Software Foundation (FSF) about a scientist in a dystopian reality who modifies the code of a program, leading to a groundbreaking discovery. But in our world, which is dominated by proprietary software, would she have the freedom she needs to make a difference?
Sonatype’s 2020 State of the Software Supply Chain Report found that next generation cyber-attacks actively targeting open-source soft- ware projects increased 430% over the past 12 months. Industry and the Open Source communities recognize heightened security risks and are working to solve these.
Open Source Groups Merge for Better High-Tech Traction
The Linux Foundation is doubling down on open source collaboration to drive more innovation in technology that uses artificial intelligence (AI), machine learning (ML), and deep learning (DL). The LF AI Foundation and ODPi merged on Oct. 25 to form the LF AI & Data Foundation.
This new organization, under the auspices of the LF, will build and support an open community and a growing ecosystem of open source AI, data, and analytics projects.
The LF AI Foundation built an ecosystem to enable and sustain open source innovation in AI, ML and DL. ODPi was a nonprofit organization accelerating the open ecosystem of big data solutions. The merger is significant as AI and data are inseparable and codependent on each other.
Raspberry Pi security add-on helps evaluate Connected Home over IP spec
Infineon’s “Optiga Trust-M eval kit” is a Pi add-on for evaluating the ZigBee Alliance’s Connected Home over IP home automation standard. The eval kit is built around a Trust-M Shield2Go board equipped with the EAL6+-compliant Trust-M security chip. Infineon Technologies, which is primarily known in these pages for its widely used Optiga TPM security chips, has announced a Raspberry Pi add-on equipped with a different security technology called Optiga Trust. Specifically it integrates an Optiga Trust-M Shield2Go board equipped with its Optiga Trust-M security chip, which complies with the Common Criteria Certified EAL6+ (high) spec. Although the Optiga Trust-M eval kit can be used to evaluate the Trust-M technology, which provides anchor of trust security technology for connecting IoT devices to the cloud, it’s primary purpose is to evaluate the ZigBee Alliance’s Connected Home over IP automation standard.
today's howtos
Games: Retro, Desperados III, Unity (Microsoft Mono) and DualSense Controller on Linux
Linux desktop distributions: Best of 2020
It's time to crown the best of the best Linux desktop distributions for 2020. I'm going to say this up front: Chances are pretty good your distribution isn't on this list. If not, there's no need to fret. The very fact that you are using Linux on the desktop should be reward enough. Why? Because you are using an operating system that is superior in many ways. It may not be perfect (no operating system is), but it's still Linux, which means you're working with a desktop platform that's flexible, reliable, and fun to use. In the end, I have to claim a few of the vast number of distributions to be somehow above the rest. With the exception of a couple of distributions, this is never an easy task. And this year, it's even harder because some of the usual candidates have fallen by the wayside. But who knows what next year will bring? Besides, the one thing you can count on with the Linux community is that they are always working hard to develop something new and impressive. Such is the case with this year's candidates. With that, let's get on with the list. '
