Language Selection

English French German Italian Portuguese Spanish

Leftovers: OSS

Filed under
OSS
  • 5 Key Aspects For a Successful Open-Source Project

    I love open-source: for me it is great way to develop any product, to acquire new skills, to have fun and to make something useful for the community. I am not an open-source rock-star (at least not yet Big Grin) but I have created and contributed to tens of projects (take a look at my GitHub profile). Some of them got a bit of attention like WorldEngine, JavaParser or EffectiveJava. I am also an avid open-source user: almost daily I have to choose some open-source program or library to use or to contribute to. So I evaluate open-source projects regularly. I am also lucky enough to be in touch with many open-source developers, some of which I have interviewed for this blog.

  • Take care when reaping rewards of open source [Ed: this firm's founder is attacking FOSS; never ever heard of them before. Who’s hiring (i.e. paying) them? "Quocirca, a research and analysis firm, released a comprehensive report sponsored by Microsoft," said this page]
  • ETSI works to align NFV information models across SDOs and open source groups

    The workshop, which was hosted by CableLabs in Colorado, brought together the leading standards development organisations (SDOs) and Open Source communities in what it describes as an ‘NFV Village’. This was the first time the key SDOs and open source bodies have met together to accelerate alignment of their activities in relation to NFV. Participants read like a Who’s Who of NFV, and included 3GPP, ATIS, Broadband Forum, DMTF, ETSI NFV, IETF, ITU, MEF, OASIS/TOSCA, Open Cloud Connect, ONF, OpenDaylight, OPNFV and TM Forum. Furthermore, ETSI says the door is still open to organisations that did not participate in last week’s workshop.

  • MongoDB/NoSQL Injection - Security

    A quick search on Shodan (the IoT search engine), will result in a ton of insecure Redis and MongoDB installations on the web. With IoT a lot of default device ports and settings are out there and a lot of connections to check. Be sure to pentest your server and devices before you put them on the public internet.

  • A Primer on Open-Source NoSQL Databases

    The idea of this article is to understand NoSQL databases, its properties, various types, data model, and how they differ from standard RDBMS.

  • 10 Facts About Wikipedia That You Didn’t Know

    Wikipedia stats include more than 38 million articles in 289 different languages. Out of which, around 8 million articles are in English. English, German, and French have the most number of the articles.

  • The Portable C Compiler (PCC) Continues To Be Developed In 2016

    When it comes to open-source C/C++ compilers, most of the coverage these days is about new features and functionality for GCC and LLVM Clang. However, the Portable C Compiler with its history originally dating back to the 1970s continues to be in-development.

    It's been a while since last having anything to report on with the Portable C Compiler so I decided to do some Sunday night digging. Then again, PCC releases are far from frequent with PCC 1.0 coming in 2011 and PCC 1.1 having come at the end of 2014, after development on this compiler was restarted -- and largely rewritten -- beginning in 2007. PCC has been popular with the BSD distributions due to its BSD license and faster compile times than GCC, but in recent years much of the BSD developer interest appears to have shifted to Clang.

  • Perl SIG: Updating perl-Spreadsheet-ParseExcel on EPEL 5
  • Application developer guide changes, new board members, and more OpenStack news

More in Tux Machines

Games: Ostriv, Back to Bed, EVERSPACE, Hiveswap: Act 1

Openwashing and Microsoft FUD

BlueBorne Vulnerability Is Patched in All Supported Ubuntu Releases, Update Now

Canonical released today new kernel updates for all of its supported Ubuntu Linux releases, patching recently discovered security vulnerabilities, including the infamous BlueBorne that exposes billions of Bluetooth devices. The BlueBorne vulnerability (CVE-2017-1000251) appears to affect all supported Ubuntu versions, including Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus) up to 16.04.3, Ubuntu 14.04 LTS (Trusty Tahr) up to 14.04.5, and Ubuntu 12.04 LTS (Precise Pangolin) up to 12.04.5. Read more

Security: Updates, 2017 Linux Security Summit, Software Updates for Embedded Linux and More

  • Security updates for Tuesday
  • The 2017 Linux Security Summit
    The past Thursday and Friday was the 2017 Linux Security Summit, and once again I think it was a great success. A round of thanks to James Morris for leading the effort, the program committee for selecting a solid set of talks (we saw a big increase in submissions this year), the presenters, the attendees, the Linux Foundation, and our sponsor - thank you all! Unfortunately we don't have recordings of the talks, but I've included my notes on each of the presentations below. I've also included links to the slides, but not all of the slides were available at the time of writing; check the LSS 2017 slide archive for updates.
  • Key Considerations for Software Updates for Embedded Linux and IoT
    The Mirai botnet attack that enslaved poorly secured connected embedded devices is yet another tangible example of the importance of security before bringing your embedded devices online. A new strain of Mirai has caused network outages to about a million Deutsche Telekom customers due to poorly secured routers. Many of these embedded devices run a variant of embedded Linux; typically, the distribution size is around 16MB today. Unfortunately, the Linux kernel, although very widely used, is far from immune to critical security vulnerabilities as well. In fact, in a presentation at Linux Security Summit 2016, Kees Cook highlighted two examples of critical security vulnerabilities in the Linux kernel: one being present in kernel versions from 2.6.1 all the way to 3.15, the other from 3.4 to 3.14. He also showed that a myriad of high severity vulnerabilities are continuously being found and addressed—more than 30 in his data set.
  • APNIC-sponsored proposal could vastly improve DNS resilience against DDoS