Language Selection

English French German Italian Portuguese Spanish

Is Phoenix about to Enter GPL Violation HyperSpace?

Filed under

If ultraportables were last year's big surprise success for GNU/Linux, one of the potentially exciting technologies for this year is the instant-on pre-operating system that loads in seconds when you power up a desktop or portable. DeviceVM’s Splashtop is probably the best known example. These are highly relevant to the free software world, since such instant-on systems are usually based on GNU/Linux, and once people start trying them out, they may simply stay there using the free software apps available, rather than wait minutes for the full glory of Windows Vista to chunder into its vitiated life.

Indeed, the Linux Foundation's Jim Zemlin was quite bullish on the subject (well, you'd expect him to be, wouldn't you?)

The last point is the interesting one. Does Phoenix hope to get away without respecting the GNU GPL? Or is it just a little slow to code the free links into its Web site? As Cisco is currently discovering, you really don't want to mess with the FSF

rest here

More in Tux Machines

Mozilla: Facebook-Mozilla Rift, MDN, No More Notifications (If You Want)

  • Mozilla stops Facebook advertising, demands privacy changes
    It’s probably not top of Mark Zuckerberg’s worry list this week but Mozilla Corporation, developer of the Firefox browser, is officially unhappy with Facebook.
  • Results of the MDN “Competitive Content Analysis” SEO experiment
    The next SEO experiment I’d like to discuss results for is the MDN “Competitive Content Analysis” experiment. In this experiment, performed through December into early January, involved selecting two of the top search terms that resulted in MDN being included in search results—one of them where MDN is highly-placed but not at #1, and one where MDN is listed far down in the search results despite having good content available. The result is a comparison of the quality of our content and our SEO against other sites that document these technology areas. With that information in hand, we can look at the competition’s content and make decisions as to what changes to make to MDN to help bring us up in the search rankings.
  • No More Notifications (If You Want)
    Online, your attention is priceless. That’s why every site in the universe wants permission to send you notifications about new stuff. It can be distracting at best and annoying at worst. The latest version of Firefox for desktop lets you block those requests and many others.

EUPL planned actions

A revised set of guidelines and recommendations on the use of the open source licence EUPL v1.2 published by the Commission on 19 May 2017 will be developed, involving the DIGIT unit B.3 (Reusable Solutions) and the JRC 1.4 (Joint Research Centre – Intellectual Property and Technology Transfer). The existing licence wizard will be updated. New ways of promoting public administrations' use of open source will be investigated and planned (such as hackathons or app challenges on open source software). The target date for the release of this set of guidelines on the use of the European Public Licence EUPL v1.2, including a modified Licence Wizard, is planned Q2 2018. Read more

Security: Dropbox, FUD, CNCF, 'Cloud'

  • Dropbox has some genuinely great security reporting guidelines, but reserves the right to jail you if you disagree

    Dropbox's position, however reasonable in many of its aspects, is woefully deficient, because the company reserves the right to invoke DMCA 1201 and/or CFAA and other tools that give companies the power to choose who can say true things abour mistakes they've made.

    This is not normal. Before DRM in embedded software and cloud connectivity, became routine there were no restrictions on who could utter true words about defects in a product. [...]

  • Hackers Infect Linux Servers With Monero Miner via 5-Year-Old Vulnerability [Ed: A five-year-old vulnerability implies total neglect by sysadmins, not a GNU/Linux weakness]
    Attackers also modified the local cron jobs to trigger a "watchd0g" Bash script every three minutes, a script that checked to see if the Monero miner was still active and restarted XMRig's process whenever it was down.
  • GitHub: Our dependency scan has found four million security flaws in public repos [Ed: No, GitHub just ran a scan for old versions being used and reused. It cannot do this for proprietary software, but the issues are there and the risks are no better.]
    GitHub says its security scan for old vulnerabilities in JavaScript and Ruby libraries has turned up over four million bugs and sparked a major clean-up by project owners. The massive bug-find total was reached within a month of the initiative's launch in November, when GitHub began scanning for known vulnerabilities in certain popular open-source libraries and notifying project owners that they should be using an updated version.
  • Envoy CNCF Project Completes Security Audit, Delivers New Release
    The Cloud Native Computing Foundation (CNCF) has begun a process of performing third-party security audits for its projects, with the first completed audit coming from the Envoy proxy project. The Envoy proxy project was created by ride-sharing company Lyft and officially joined the CNCF in September 2017. Envoy is a service mesh reverse proxy technology that is used to help scale micro-services data traffic.
  • Hybrid cloud security: Emerging lessons [Ed: 'Cloud' and security do not belong in the same headline because 'cloud' is a data breach, typically involving a company giving all its (and customers') data to some spying giant abroad]

A Look At The Relative Spectre/Meltdown Mitigation Costs On Windows vs. Linux

The latest in our Windows versus Linux benchmarking is looking at the relative performance impact on both Linux and Windows of their Spectre and Meltdown mitigation techniques. This round of tests were done on Windows 10 Pro, Ubuntu 18.04 LTS, and Clear Linux when having an up-to-date system on each OS where there is Spectre/Meltdown protection and then repeating the same benchmarks after reverting/disabling the security functionality. Read more