Today's Leftovers and Proprietary Software Addenda
-
Making Dynamically Required Package Names More Discoverable in Perl
I’ve been using perlimports a lot at $work. I’m generally quite happy with perlimports, but it can get confused by modules which are being dynamically used. Consider the following case, where we are using a function to create new objects.
We’ll be using Git::Helpers::CPAN to look up the Git repository for a CPAN module (or distribution).
-
A year of README reviews
A year ago I published an offer to review the README of free and open source projects. I didn’t expect much interest, but someone posted the link to Hacker News, and I got enough requests that it was a little overwhelming. I’ve now reviewed 196 READMEs, my queue is empty, and I’m suspending the offer for now, even if it has been fun.
I especially wanted to help people new to FOSS development, and I know that for one’s first project it can be scary to open oneself up for critique. Thus I made it possible to request a review in private, and sent my feedback in private, and I haven’t published the projects I reviewed. However, I feel it might be of interest to read a summary of my experience doing this.
Overall, I was pleasantly surprised at how good the READMEs were. People put in a lot of effort into them. There might be some selection bias here: someone who doesn’t care about making a good README probably won’t ask for a review, either.
-
Generics can make your Go code slower
This blog post does not take sides in that debate, or advise where and when to use Generics in Go. Instead, this blog post is about the third side of the generics conundrum: It’s about systems engineers who are not excited about generics per se, but about monomorphization and its performance implications. There are dozens of us! Dozens! And we’re all due for some serious disappointment.
-
SiFive Becomes Open Source RISC-V’s First Unicorn Company
The fabless processor designer SiFive has another feather in its cap. It’s become the first startup focused primarily on the open source RISC-V processor specification to reach unicorn status. A couple of weeks back the company announced that it had raised $175 million in a Series F financing round, which values the company at over $2.5 billion, which is well over the $1 billion valuation needed to be considered a unicorn.
Actually, the successful fundraising round, led by the investment firm Coatue Management, was the least of the good financial news coming from the seven-year-old Silicon Valley startup this month. Two days earlier it announced it was selling its OpenFive connectivity business to Alphawave for $210 million, in order to focus on its RISC-V CPU cores.
-
Chinese villager with no engineering expertise stopped from ‘test-flying’ home-made helicopter by alarmed police
Chen Ruihua has no aeronautic or engineering qualifications, but has so far built three home-made helicopters, he says
-
The delusions of debian
What I don't understand is why these projects aren't open and clear about the problems they are facing rather than writing this misleading information to their users!
Stop saying that you focus on security. Stop saying that you provide long term support. Stop lying to your users, because it is a lie.
These Linux project could learn a lesson from both OpenBSD and FreeBSD in which all the maintenance problems of both the operating systems themselves and third party packages are out in the open. In OpenBSD, prior to version 6.5, no third party package would receive any kind of bug fix or security update unless you where running with OpenBSD current. Since 6.5, the normal release also gets important bug fixes and security updates, but OpenBSD has always been very open about how that is handled: [...]
-
How security is handled by package maintainers
I will not consider small dependent Linux distributions, small BSD variants, or one-man projects, because the question almost becomes irrelevant in very small projects. Often they simply cannot keep up with upstream security updates if their project has even a small amount of third party packages.
Regarding the major Linux distributions and BSD variants, such as e.g. Debian Linux, Arch Linux, Artix Linux, OpenBSD, and FreeBSD, generally speaking, a package maintainer or ports maintainer is not a programmer and as such he or she cannot do any coding. The package maintainer is only responsible for making sure that the package is installable and working and that it is updated according to the project guidelines.
-
Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill
On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes.
-
Apple forced to issue emergency fixes for two zero-days
Exploitation could allow an attacker to read kernel memory and this could the enabling of apps to execute arbitrary code with kernel privileges.
-
Pay a monthly fee to use a phone that you’ll never own? Apple thinks that could work
Apple wants to take this instalment thing even further and are reported to be working on a hardware subscription service. The service is expected to launch later this year or early 2023. They want to sell the iPhone and other Apple devices as subscription services.
It would work like Netflix does. On Netflix you pay $9.99 a month and get to browse through their video catalogue but you don’t own any of the videos. If you fail to pay in a particular month, you are cut off.
Imagine that for a phone. You would lease an iPhone from Apple and pay your ‘rentals’ each month. The phone would never become yours, you’d merely be paying for the privilege of using it.
-
MangoPi new hardware is smaller than an SD Card
The world is moving toward nanotechnology. Did anyone ever think that we could use computers the size of an SD card, which we use in DSLRs to capture photos? The first IBM hard disk stored 3.75 MB of data, and metaphorically, it was compared to approximately the size of two medium-sized refrigerators. Recently, MangoPI SBC shared an image on Twitter where they compared their product with the size of SD card, and new hardware of MangoPi is smaller than an SD card. Surprisingly, it’s running on Tina-Linux.
Android Leftovers
