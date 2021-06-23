Linux Foundation and SPDX
SPDX Becomes Internationally Recognized Standard for Software Bill of Materials - Linux Foundation
The Linux Foundation, Joint Development Foundation, and the SPDX community, today announced the Software Package Data Exchange® (SPDX®) specification has been published as ISO/IEC 5962:2021 and recognized as the international open standard for security, license compliance, and other software supply chain artifacts. ISO/IEC JTC 1 is an independent, non-governmental standards body.
Linux Foundation's SPDX becomes ISO/IEC JTC 1 standard to address supply chain security - Neowin
For secure and compliant development throughout global software supply chains, VMware, Synopsys, Texas Instruments, Sony, Philips, Microsoft, and Intel are among the companies employing SPDX to relay Software Bill of Materials (SBOM) information in tools or policies. SBOMs are employed as a segment of a fundamental system to track and trace components across software supply chains. They are also used to aid in identifying software component problems and risks, and determining a starting point for remediation.
SPDX Becomes New Standard for Open-Source Software, Security
Backed by many of the world’s largest companies for more than a decade, the Software Package Data Exchange (SPDX) specification is now an internationally recognized ISO/IEC JTC 1 standard.
The Linux Foundation announced Thursday that the SPDX specification has been published as ISO/IEC 5962:2021. It is now the open standard for security, license compliance, and other software supply chain artifacts.
This comes during a transformational time for software and supply chain security.
Android Leftovers
Quad-bay Raspberry Pi NAS starts at $127
Argon40 has gone to Kickstarter with a $127 “Argon Eon” NAS server for the Raspberry Pi 4 equipped with 2x 2.5-inch and 2x 3.5-inch SATA bays for up to 40TB plus a 12V/5A supply, fan, RTC, and OLED display. Hong Kong based Argon40, which makes Raspberry Pi accessories including the Argon One, Argon One M.2, and Argon Neo, has won over $30K on Kickstarter to fund its first network-attached storage (NAS) case for the Raspberry Pi. The Argon Eon Pi NAS offers up to 40TB of shared storage via dual 2.5-inch bays with SSD and HDD support and dual 3.5-inch bays for HDDs. The system is available for $127 or $181 with a built-in Raspberry Pi 4 Model B with 4GB RAM. Shipments are due in December.
An Overview of PostmarketOS, Ubuntu Touch and Plasma Mobile
This article is for you who wants to know about libre mobile phone. Continuing the previous overview, this article now briefly overviews the central technologies of this topic, namely Ubuntu Touch, and PostmarketOS, and Plasma Mobile. These are all GNU/Linux family and not Android. By discussing these software pieces we will understand and introduce ourselves to practical secure, private communication with software freedom.
Raspberry Pi 4 Car Dash Computer Takes Linux on the Road
It’s not uncommon to find touch screen computers in the dashboard of modern vehicles but if yours doesn’t have one, you’re not out of the game just yet. Developer David Burgess recently created his own from scratch using a Raspberry Pi and detailed the process along the way. To power this automotive Linux machine, he’s using a Raspberry Pi 4. Fitting hardware into places it wasn’t designed for often requires ingenuity. In this case, Burgess 3D-printed a custom mounting plate for the Pi and a case used to house a touch screen. In addition to the Raspberry Pi, the system uses the original car stereo to help control the speakers and subwoofer.
