Language Selection

English French German Italian Portuguese Spanish

Leftovers: OSS

Filed under
OSS
  • Open source for products in four rules (and 10 slides)
  • Apache Twill: real abstraction is a decoupled algorithm

    To be clearer, this term decoupling arises time & time again in relation to the cloud computing model of service-based processing and storage power.

  • Great Open Source Collaborative Editing Tools

    In a nutshell, collaborative writing is writing done by more than one person. There are benefits and risks of collaborative working. Some of the benefits include a more integrated / co-ordinated approach, better use of existing resources, and a stronger, united voice. For me, the greatest advantage is one of the most transparent. That's when I need to take colleagues' views. Sending files back and forth between colleagues is inefficient, causes unnecessary delays and leaves people (i.e. me) unhappy with the whole notion of collaboration. With good collaborative software, I can share notes, data and files, and use comments to share thoughts in real-time or asynchronously. Working together on documents, images, video, presentations, and tasks is made less of a chore.

  • Parse open sources its SDKs

    Earlier this month, mobile backend-as-a-service provider Parse open sourced its iOS, OS X, and Android SDKs, and will be open sourcing additional SDKs in the future.

    Parse, which was acquired by Facebook in 2013, says that its SDKs are used by more than 800 million active app-device pairs per month. By open sourcing those SDKs, Parse believes it can help developers facing challenges similar to those it faced. Specifically, according to Parse, "We’ve had to figure out a way to make a public-facing API easy to understand and use, but continue shipping features fast without breaking any existing functionality. To solve this, we structured our public API as a facade for internal code and functionality that could be consistently changing."

  • A word to the Wise…

    I have been recently reminded that while it may be hard enough to discuss the role and importance of communities for Free and Open Source Software, it is equally important to understand the complexities and the challenges that a Free and Open Source Software foundation has to meet.

  • Mozilla’s self-destruct course continues: major add-on compatibility changes announced

    Mozilla announced major upcoming changes to Firefox add-ons on the official Add-ons Blog today. These changes affect add-on developers and Firefox users alike, and will have a major effect on add-on compatibility and permissions.

  • Holes found in Pocket Firefox add-on

    Information security man Clint Ruoho has detailed server-side vulnerabilities in the popular Pocket add-on bundled with Firefox that may have allowed user reading lists to be populated with malicious links.

    The since-patched holes were disclosed July 25 and fixed August 17 after a series of botched patches, and gave attackers access to the process running as root on Amazon servers.

    Ruho says the bookmarking app functioned as an internal network proxy and subsequent poor design choices meant he could glean information on users including IP address data and the URLs customers saved for later reading. Adding redirects meant he gained access to the etc/passwd file.

  • Intel and Others Lead Massive New Funding Round for Mirantis

    It was just last October that I put up a post noting that Mirantis, which has steadily remained a nimble player in the OpenStack cloud computing arena, had nailed down a massive $100 million Series B funding round led by Insight Venture Partners. The financing was billed then as the largest Series B open source investment in history.

  • Intel backs OpenStack’s Mirantis with $100 million
  • Intel puts engineering and financial muscle behind OpenStack with $100m Mirantis funding boost

    The OpenStack open-source cloud-computing platform stands to gain more enterprise features thanks to a major financial and engineering deal between Intel and Mirantis.

  • Airbnb’s pricing algorithm and Aerosolve, its open-source machine learning tool

    Dan Hill, product lead at Airbnb, wrote the company’s pricing algorithm after the British-based rival startup he cofounded, Crashpadder, was acquired by Airbnb, the short-term rental giant, a few years ago.

  • Open vSwitch 2.4.0 Available
  • Open source part of Poland’s animal tracking project

    Poland’s Agency for Restructuring and Modernisation of Agriculture (ARMA) wants to modernise its animal identification and tracking system. The new solution is required to use Zabbix, an open source solution for IT security monitoring.

  • DataLook Hosts #openimpact to Encourage Replication of Civic Good Open Source Projects
  • Port of Rotterdam preparing for annual World Port Hackaton

    On September 4-5, the Port of Rotterdam is to hold the third edition of what has now become its annual World Port Hackaton. Hackers, programmers, stakeholders and enthusiasts are invited to attend the two-day event and join the teams. Together they will work on concepts and prototypes that deploy new technologies and (open) data, aiming to strengthen the safety, sustainability and competitiveness of the port.

  • FPGAs get into open source virtual reality eco

    Fully upgradable virtual reality headset, the Open-Source Virtual Reality (OSVR) Hacker Development Kit is now powered by Xilinx FPGAs. Buyers of this kit are provided with modules based platform, positioning and head tracking device, a display, and double lens optics.

  • PHP 7 drops first release candidate

    Faster PHP is approaching. PHP 7.0.0, which has been promoted as a much quicker upgrade to the server-side scripting language, has just gone into a release candidate stage, bringing its general availability even closer to fruition.

  • Infinity

    I’m writing a replacement for libthread_db. It’s called Infinity.

  • We’re still catching up to Perl

    That’s from a great little article by Chromatic about modern Perl in the latest issue of PragPub. The article goes in to discuss a number of other strengths of Perl, such as its strong community dedication to testing across numerous architectures, services for understanding package dependencies (that sound like they go beyond anything presently available for Ruby), and legendary standards of documentation.

  • Government seeks open standards feedback

    The government has launched a consultation on how best to proceed with several open standards proposals that will support inter-connected systems and more cost efficient digital transformation across Whitehall.

  • UK launches its next OGP Action Plan

    Open policy making, Open Data and international cooperation are three pillars that UK Minister for the Cabinet Office Matt Hancock wants to be included in the 2015 UK Action Plan, according to a speech given by the minister to mark the launch of a new Open Government Partnership (OGP) action plan (Transcript is accessible on the gov.uk website).

  • Flash is dying a death by 1,000 cuts, and that's a good thing

    Adobe’s Flash, hated the world over for slowing down computers, containing more holes in security than swiss cheese and stubbornly being the video carrier of choice until recently, is dying.

    Video players are migrating to other systems, even if Microsoft’s Silverlight isn’t much better. HTML5-based video and animations are becoming mainstream, and uploaders and other more advanced web-based features can now be replaced with code that doesn’t rely on Flash.

  • Kill Flash? Be careful what you wish for

    Back when Steve Jobs launched the first salvo in the war against Adobe Flash, declaring in no uncertain terms that the iPhone would never support the ubiquitous Web media framework, the anti-Apple crowd was much amused. No one is laughing now -- least of all the many IT vendors that have built their management interfaces in Flash, for whom the death of Flash poses huge challenges.

    At the time, Jobs seemed to be climbing out on a limb. But eventually, everyone came to see how painful it was to support Flash on mobile devices, and how much better HTML5 was at delivering the same basic functionality. Developers began skipping over Flash and going with alternative technologies so that they could support mobile and desktop clients with the same codebase.

More in Tux Machines

Programming Leftovers

  • RcppCCTZ 0.2.8: Minor API Extension

    RcppCCTZ uses Rcpp to bring CCTZ to R. CCTZ is a C++ library for translating between absolute and civil times using the rules of a time zone. In fact, it is two libraries. One for dealing with civil time: human-readable dates and times, and one for converting between between absolute and civil times via time zones. And while CCTZ is made by Google(rs), it is not an official Google product. The RcppCCTZ page has a few usage examples and details. This package was the first CRAN package to use CCTZ; by now at least three others do—using copies in their packages which remains less than ideal.

  • Kafka Monthly Digest – July 2020

    In this 30th edition of the Kafka Monthly Digest, I’ll cover what happened in the Apache Kafka community in July 2020.

  • GDScript progress report: New GDScript is now merged

    As some of you might be aware, the refactor that I have been working on lately is now merged into the master branch. This is the work explained in previous progress reports.

  • An open source solution for continuous testing at scale

    In Sogeti's most recent World Quality Report, software testing ranked No. 1 in terms of its contributions to business objectives and growth, making it a key enabler for business digitalization. Despite this, the software testing industry still reports major pain points related to test maintenance, automation, tooling, and skills. Most of the tooling in common use lacks capabilities, is too complex to integrate, provides insufficient intelligence, or is too difficult to use. Cerberus Testing provides a solution to these problems. It is a test automation solution built by retail companies to support digitalization initiatives and focuses on usability, scalability, and integration of the test lifecycle process.

  • Use your favorite programming language to provision Infrastructure as Code

    As you navigate the world of IT and technology, there are some terms you come across repeatedly. Some of them are hard to quantify and may take on different meanings as time goes on. "DevOps" is an example of a word that seems (to me) to change depending on the person using it; the original DevOps pioneers might not even recognize what we call DevOps today. If you're a software developer, "Infrastructure as Code" (IaC) may be one of those terms. IaC is using the same software-development practices you'd use to write user-facing features to declare the infrastructure that applications run on. This often means using tools like Git or Mercurial for version control and Puppet, Chef, or Ansible for configuration management. At the infrastructure-provisioning layer, the most common technology is CloudFormation (for AWS specifically) or Terraform as an open source alternative for creating hybrid-cloud resources for your applications to run on. Explore the open source cloud Understanding clouds Free online course: Developing cloud-native applications with microservices architectures What is hybrid cloud? eBook: Building a hybrid cloud strategy What is Kubernetes?

Security: Ransom, Patches and Back Doors

           
  • Dozens of NGOs hit by hack on US fundraising database

    A major ransomware attack has affected dozens of international NGOs and their records of private donations, but details of the hit on a US fundraising platform are scarce, and two weeks after being warned some aid groups are yet to notify their donors or the public. International aid groups – and their private donors – are among those whose data was hacked in a security breach at online service provider Blackbaud. Names, addresses, and records of individual donations were compromised by hackers, who were paid an undisclosed ransom to return the data and delete any copies.  World Vision, Save the Children, and Human Rights Watch are among the large nonprofits impacted by the breach, and media reports suggest at least 200 customers of US-based Blackbaud were involved, although the company has not provided a list of affected clients. Alan Bryce, an official at the Charity Commission – the legal regulator in England and Wales – told The New Humanitarian that, as of 4 August, 63 UK-based charities had notified them after being affected by the ransomware attack. Bryce suggested NGOs were likely to tighten up procedures following the incident, in which hackers gained control of client data on Blackbaud’s systems and locked the company out until payment was made. “Charities who have suffered cybercrime go on to revise their IT security, their training programmes, or their website security,” he said. “Do not wait until it is too late for your charity.”

  • The fixes to the Linux BootHole fixes are in

    The first release of patches to the Linux BootHole came with a show-stopping problem. The fixed machines wouldn't boot. For the most part, that problem has been solved.

  • GRUB2 Boot Failure Issues Fixed in Debian and Ubuntu, Update Now

    The recent GRUB2 updates that patched some serious security vulnerabilities also caused boot failure issues for some users, so fixes for these regressions have started appearing for some distros, including Debian and Ubuntu. Last week, I was reporting on the BootHole vulnerability (and some other seven flaws) found in the GRUB2 bootloader, which is used by almost all GNU/Linux distributions out there. The issues opened up systems using Secure Boot to attacks, allowing local attackers to bypass UEFI Secure Boot restrictions and execute arbitrary code. Due to a highly coordinated effort between the security researchers who discovered the vulnerability and Linux OS maintainers, most GNU/Linux distributions were able to provide patches for their users. However, for some, these patches broke the Secure Boot implementation and left people with unbootable systems.

  •        
  • IoT Security Vulnerabilities are Ubiquitous: How To Secure Your Router and Your Linux System Now

    Luckily, there are various measures that Linux users can take to secure their wireless routers and protect their systems - most notably, conducting a Linux firmware replacement. This article will explore the benefits of “flashing” your wireless router with alternative open-source firmware, and will introduce some great alternative firmwares and single-purpose OSes that you may wish to look into. [...] Recent security research has made it clear that router manufacturers are dropping the ball on security - a discouraging trend in the industry that needs to change. However, given this unfortunate reality, it is imperative that users assume responsibility for securing their wireless routers.

Games: LunarG, Littlewood, GOverlay, Doomtrooper, Terra Nil and The Battle of Polytopia

  • LunarG releases new Vulkan SDK with DirectX Shader Compiler for Linux and more

    LunarG have today, August 4 2020, released a new and enhanced version of their Vulkan SDK (software development kit). What exactly is it? The Vulkan SDK is a collection of essential tools used by developers to assist in development and debugging of Vulkan applications. LunarG works with the Vulkan Working Group over at The Khronos Group to keep it open source, and provide ongoing upgrades to it.

  • Littlewood is a seriously peaceful town-building RPG out now

    After a successful Kickstarter campaign in the beginning of 2019 and an Early Access release later that same year, Littlewood has grown into a wonderful town-building RPG. In a world where the evil has already been defeated, it asks the question: what now? The answer, of course, is to rebuild everything and attempt to live out the rest of your lives in peace and perhaps find a little love along the way. Easily comparable to the likes of Stardew Valley and Animal Crossing, it offers up a similar experience of letting you do what you want at your own pace and just relax.

  • GOverlay makes Linux gaming overlay MangoHud even easier to use

    MangoHud has become the go-to way to get a decent readout of game performance with an overlay on Linux, and now with the latest improvements the GOverlay interface has made it much easier to use.

  • Free to play collectible card game 'Doomtrooper' enters Early Access

    Reviving the collectible card game from the 90s, developer Secret Cow Level has now launched Doomtrooper CCG into Steam's Early Access program. "Get ready for demonic aliens, cyber-mechanical vehicles, and interplanetary chainsaw warfare! Doomtrooper is a digital adaptation of the physical card game by the same name. Play Warrior cards to form your squad and earn victory points by eliminating the enemy's forces."

  • Ecosystem building sim 'Terra Nil' now gives you a whole continent to restore

    A building sim that's as relaxing as it is challenging, Terra Nil has a truly wonderful idea and I absolute love following it along in development with a new big update out now. In Terra Nil, you're tasked with turning a barren wasteland into an ecological paradise complete with different flora and fauna, then clean up after yourself to leave the environment pristine. Quite clever mechanically, giving you a certain percentage you need to hit on each map with your greenery. Originally it just gave you random maps to play through but now the progress is evolving. As for Terra Nil 0.4, it gives you a whole continent to restore with different biomes across the areas you're trying to restore. When you do complete a level, the menu map then covers that area in greenery and it's actually quite slick.

  • Award-winning strategy game The Battle of Polytopia is now on Linux PC

    After winning awards and gaining popularity in the mobile space, Midjiwan AB have ported over The Battle of Polytopia to PC (Linux, macOS, Windows) and it's out now. They're calling the PC version The Battle of Polytopia: Moonrise, although the Steam page still has the original name, in an attempt to differentiate it from the mobile version. The PC release does come with some enhancements like larger maps, better map generation, map customization options, random multiplayer matchmaking, player avatars, a Russian translation, the ability for more than one player to play with the same tribe and they sat it gives them room to develop new features more quickly.

KDE: How KDE is Made, Krita’s Scripting School and Plasma Browser Integration

  • The structure of KDE, or how anarchy sometimes works

    KDE is a funny beast. In a lot of ways, it’s an anarchic society that actually works! Engineers and designers work on KDE software and websites, but none of them are paid by KDE itself. Most are volunteers but some (myself included) are paid by 3rd-party companies. These people work on what they want or what they are sponsored by their company to work on, not what anyone in KDE tells them to work on. KDE has a board of directors, but they are elected by KDE’s membership rather than stockholders (there is no stock lol), and do not control KDE’s strategic direction the way the board of directors does in a corporation. Rather, they mostly take care of financial and legal matters, sort out copyright claims, help to organize the yearly Akademy conference, and so on. There is no formal “upper management” or even “middle management” layer. We have the “gardening team” whose members constitute volunteer managers, but we mostly do things like triaging bugs, following up on stuck merge requests, perform QA on unreleased software, and so on. We support the people doing the work, rather than telling them what to do.

  • Announcing Krita’s Scripting School!

    In 2018, we reintroducted scripting to Krita. Unlike our previous attempts to provide scripting, this time it took off! People are making all kinds of useful and fun extensions for Krita. Like a new color picker and mixer, a plugin to modify the way Krita’s subwindows are handled, new toolboxes, integration with other applications like Autodesk Shotgun, But what was missing was a good overview of the various areas that could be scripted. Tutorials and example code on how to use the scripting API in bite-size chunks. The regular API documentation is generated automatically from the APIDOX comments. It is a good reference but can be difficult to understand since it is generated from the C++ code that provides the scripting bindings.

  • Plasma Browser Integration 1.7.6

    I’m pleased to announce the immediate availability of Plasma Browser Integration version 1.7.6 on the Chrome Web Store as well as Firefox Add-Ons page. This release comes with a few bug fixes, performance improvements, and translation updates. [...] As usual, this release brings some improvements to media controls. Short sounds and videos are currently ignored to avoid trying to control e.g. a “new message” sound or short hover video previews. However, some live stream implementations don’t report the correct duration of Infinity but gradually fill up their time bucket every few seconds. Previously, the extension only checked duration once to determine whether to provide media controls. With this update duration is continuously checked and media controls would become available eventually. Furthermore, for websites that do not set album art through Media Session API, the video player’s poster is now used as album cover. This is the cover image that is often shown when the video isn’t playing.