Language Selection

English French German Italian Portuguese Spanish

GNU

Free Software Foundation awarded consulting project grant from Community Consulting Teams of Boston

Filed under
GNU

The Free Software Foundation (FSF) today announced the award of a pro bono management consulting project from Community Consulting Teams of Boston (CCT). The strategic need is an analysis and marketing plan focused on the FSF's diverse network of supporters worldwide. The project is anticipated to be completed this summer.

As one of eight pro bono consulting project grants awarded by CCT in 2021, the FSF was chosen among Boston-area nonprofits based on its demonstrated need, organizational stability, and readiness to plan and implement change. CCT has awarded over 200 consulting grants to Boston-area nonprofits since its inception in 1990, providing an estimated $20 million value.

Read more

Free Software Leftovers

Filed under
GNU
  • Zstd 1.4.9 Released With ~2x Faster Performance For Long Mode

    Zstd previously introduced the "--long" mode to analyze large quantities of data in a timely manner and suitable memory budget. The aim in this mode is to improve the compression ratio for files with long matches at a large distance. With Zstd 1.4.9 the long distance mode is much faster thanks to a number of optimizations that preserve the compression ratio while drastically speeding up the compression time. Test cases are showing this long distance mode being 114~154% faster than the prior point release of Zstd. These new algorithms for the long distance mode appear to be a big win based on all of the data published thus far.

  • Conditions and Implied Licenses: Bitmanagement v. United States

    An interesting case was handed down by the Federal Circuit on February 25, 2021, discussing some software licensing issues seldom mentioned in case law. Bitmanagement Software GMBH v. United States was a dispute that involved the use of certain proprietary software, BS Contract Geo, a 3D visualization product.

    The facts surrounding the license of the software are complex, but laid out in detail in the opinion. The owner of the software, Bitmanagement, and the user of the software, the US Navy, never entered into a direct or express software license. The contracting process, which took place via a reseller called Planet 9, stalled, when it was determined that the Navy’s system needs were incompatible with Bitmanagement’s software management keys. In the end, the Navy paid for some copies, but engaged in “massive free copying” (see concurring opinion, p.27) of the software with no express license to do so.

    Central to the court’s finding, the parties had agreed that as a condition to the license, the Navy would use Flexera’s license-tracking software FlexWrap to monitor the number of simultaneous users of the software. It noted that the Claims Court found that Bitmanagement agreed to the licensing scheme “because Flexera would limit the number of simultaneous users of BS Contact Geo, regardless of how many copies were installed on Navy computers.” (p. 20) But the Navy did not use the FlexWrap tool as agreed. The court held that use of this management software was a condition of the license, even though the license was not in writing. The court said, “This is one of those rare circumstances where the record as a whole reflects that the only feasible explanation for Bitmanagement allowing mass copying of its software, free of charge, was the use of Flexera at the time of copying.” (p.21)

  • Sustainability for Open Source Projects: 4 Big Questions [Ed: VM (Vicky) Brasseur, who promotes proprietary software in some contexts, wants to FUD Free software as having that mythical "sustainability" woe (as if it's all about money). GNU developed for 37 years (soon 38) in spite of that "sustainability" nonsense. People can get paid for things other than their per Free software project.]

    What does sustainability look like for open source projects? VM (Vicky) Brasseur considers four key questions to help determine the answer for your project.

    These days the word "sustainability" gets thrown around a lot with respect to free and open source software (FOSS). What is sustainability, and what does it mean for your project?

    The concept of sustainability didn't originate in the 1980s, but it gained a lot of mindshare at that time thanks to the Brundtland Report, which was released by the United Nations in 1987 after three years of research by a cross-functional team of scientists, policy makers, and business people. The report defines sustainability as "…development that meets the needs of the present without compromising the ability of future generations to meet their own needs."

  • Samuel Iglesias: Igalia is hiring! [Ed: Case of point; you can get paid to do Free software]

    One of the best decisions I did in my life was when I joined Igalia in 2012. Inside Igalia, I have been working in different open-source projects, most of the time related to graphics technologies, interacting with different communities, giving talks, organizing conferences and, more importantly, contributing to free software as my daily job.

    [...]

    What we offer is to work in an open-source consultancy in which you can participate equally in the management and decision-making process of the company via our democratic, consensus-based assembly structure. As all of our positions are remote-friendly, we welcome submissions from any part of the world.

Videos/Audiocasts/Shows

Filed under
GNU
Linux
  • Font Preview Ueberzug: A Better Font Previewer

    A while back I looked at a font preview script but it was kind of annoying to use, but it turns out there's a much better version of that script called font preview ueberzug which is what we're checking out today.

  • Ubuntu Voltage

    For a few years we’ve been performing a live version of an Ubuntu Podcast at FOSS Talk Live. This is a lively, nerdy, in-person Linux Podcast event at the Harrison Pub in London. A few shows are performed in front of a live slightly drunk studio pub audience. We are but one troup of performers though, over the course of the evening.

    The whole thing is organised by Joe Ressington and attended by our friends and/or/xor listeners. Joe has just announced over on episode 114 of Late Night Linux that we’re all doing it again! Go and listen to that show for a small amount of detail.

  • FLOSS Weekly 619: Notetaking With Dendron - Kevin Lin and Dendron [Ed: FLOSS Weekly jumping the shark by pushing Microsoft proprietary software instead of actual FLOSS]

    Kevin Lin and Dendron.

    Kevin Lin joins Jonathan Bennett and Katherine Druckman to talk about Dendron, a note-taking application built on top of VSCode. After many years of taking notes, Kevin found himself with a massive, unmanageable personal knowledge store. None of the existing note-taking applications quite solved his problem, so Kevin did the only reasonable thing, and wrote his own. On this episode of FLOSS Weekly, Lin covers some of his design decisions, including building Dendron on VSCode and Javascript, and helps us understand how Dendron can help tame the jungle of personal knowledge.

GNU Denemo 2.5

Filed under
GNU
  • denemo @ Savannah: Release 2.5 out now.
    New Features 
    
        MusicXML export 
            Supports export of multi-movement scores 
        Support for Musical Sketches 
            Cut selection as sketch 
        Support for LilyPond 2.20.0 
        Menu Navigation from Keyboard enabled 
        Comments in Lyric verses 
    
    Bug Fixes 
        Various fixes in MusicXML import 
        Various fixes in LilyPond import 
        Wrong Keyboard Shortcuts on MacOS
    
  • GNU Denemo 2.5 Is Released

    GNU Denemo version 2.4.0. This is not the new version, this is the previous version. The graphical is basically identical to the new version.

    GNU Denemo is a very specialized program for music notation. It has most of the bases in that area covered, thought he user-interface is a bit clunky to work with.

    The latest 2.5.0 release brings support for cutting selections as sketches, support exporting multi-movement scores to the MusicXML format, support for comments in lyric verses and, after all these years, support for menu navigation using the keyboard.

    There's also improvements to MusicXML import, LilyPond import and a fix for keyboard shortcuts on macOS.

Linux for Beginners: Should You Make the Switch?

Filed under
OS
GNU
Linux

When it comes to operating systems, most people tend to go for the most popular options. If you’re buying a Mac computer, you probably won’t use Windows. PC owners typically choose it without giving this decision a second thought. Still, there is a low-key third option used to power many machines but is rarely used by your average PC owner.

We’re talking about Linux OS, of course. In its many variations, Linux is used as a software basis for many servers, IoT appliances, and many other devices but rarely do we see regular users opt for it. Why is that? Well, let’s take a closer look at this subject and see if this is a good OS choice for you.

Read more

Devices: Jetson, Aaeon, Raspberry Pi

Filed under
GNU
Linux

     

  • Jetson TX2 NX module offers TX2 power in a Nano footprint

    Nvidia has launched a 260-pin “Jetson TX2 NX” variant of the TX2 with 4GB LPDDR4, 16GB eMMC, and slightly reduced camera, display, and PCIe Gen2 support.

    Nvidia has introduced a spin-down of the Jetson TX2 compute module that falls between the TX2 and the lower-end Jetson Nano. The Jetson TX2 NX runs Linux on the same hexa-core CPU and 256-core Pascal GPU with 1.33-TOPS AI performance as the TX2, and it supplies the same 4GB LPDDR4 and 16GB eMMC as the lower-end 4GB TX2 module. However, it moves from a 400-pin board-to-board edge connector to the 260-pin connector found on the Nano and higher-end Jetson Xavier NX, and has fewer PCIe Gen2, MIPI-CSI, MIPI-DSI, and other interfaces.

  •   

  • Net appliance boasts four 10GbE ports and up to three wireless links

    Aaeon’s “FWS-2365” net appliance runs on an up to 16-core Atom C3000 with up to 6x GbE and 4x 10GbE SFP+ ports plus 2x SATA, 2x USB, 2x mini-PCIe, M.2, and eMMC.

    Aaeon announced a desktop network appliance for white box uCPE and SD-WAN applications with VPN support and NFV functions such as firewall and router deployment. The FWS-2365 follows earlier FWS branded appliances such as the FWS-2360 and FWS-7360, which similarly feature Intel’s 4x to 16x core Atom C3000 (“Denverton”) networking SoC. No OS support was listed, but the FWS-2360 supports Linux.

  •   

  • Raspberry Pi RP2040 boards are coming with... HDMI?

    We’ve already seen Raspberry Pi RP2040 MCU can support VGA output using the microcontroller’s programmable I/O blocks.  But yesterday, I saw two upcoming RP2040 boards with an HDMI connector. How is that supposed to work?

    The first one is Olimex RP2040-PICO-PC that’s indeed like a pico PC board with an HDMI connector for video, a micro SD card for storage, a standard 3.5mm audio jack for speaker or headphone, and a USB host for a keyboard.

IPFire 2.25 - Core Update 154 released

Filed under
GNU
Linux
Security

The first update of the year will be an enormous one. We have been working hard in the lab to update the underlying operating system to harden and improve IPFire and we have added WPA3 client support and made DNS faster and more resilient against broken Internet connections.

This is probably the release with the largest number of package updates. This is necessary for us to keep the system modern and adopt any fixes from upstream projects. Thank you to everyone who has contributed by sending in patches.

Before we talk about what is new, I would like to as you for your support for our project. IPFire is a small team of people from a range of backgrounds sharing one goal: make the Internet a safer place for everyone. Like many of our open source friends, we’ve taken a hit this year and would like to ask for your continued support.

Read more

Codeberg Code Hosting is now with Documentation

Filed under
GNU
Linux

Codeberg is now the only Gitea-based code hosting with its own user guide & documentation! This guides everyone to start their public software development with ease -- similar to the guide GitHub users enjoy for years. I like Codeberg as I frequently mentioned it (see here, see here) as the Free Libre Open Source Software code hosting. It is certainly good news and everyone is invited to improve the documentation together. Congratulations, Codeberg!

Read more

Refund of pre-installed Windows: Lenovo must pay 20,000 euros in damages

Filed under
GNU
Linux
Hardware
Microsoft

In a historic judgment in Italy, in a case initiated by FSFE supporter Luca Bonissi, Lenovo was ordered to pay 20,000 euros in damages for abusive behaviour in denying to refund the price of a pre-installed Windows licence. In a motivating gesture for the Free Software cause, Luca donated 15,000 euros to the FSFE.

We all know how frustrating it is to buy a brand new computer and realise that it comes with a pre-installed proprietary operating system. Some companies have adapted their unfair behaviour and established clearer procedures for consumers to obtain the refund for paid licences of software they do not want to use. However, some computer manufacturers like Lenovo still make it very hard for consumers, forcing them to assert their rights in expensive and exhausting lawsuits. This is the successful story of Luca Bonissi, an Italian developer and long-term FSFE supporter and volunteer, in his relentless quest for getting a Windows licence refund, and how Lenovo was ordered to pay 20,000 euros for its unlawful behaviour during the court proceedings.

Read more

Best Secure Linux Distros for Enhanced Privacy & Security

Filed under
GNU
Linux
Security

As we transition to an increasingly digital society, privacy and security have become areas of central concern – not a day goes by that we aren’t bombarded with security news headlines about hacks, breaches and the increasingly common and worrisome practice of storing and monitoring sensitive personal information, often without users’ consent.

Luckily for us Linux users, the general consensus among experts is that Linux is a highly secure OS - arguably the most secure OS. While all Linux “distros” - or distributed versions of Linux software - are secure by design, certain distros go above and beyond when it comes to protecting users’ privacy and security. We’ve put together a list of our favorite specialized secure Linux distros and spoken with some of their lead developers to find out first-hand what makes these distros so great. This article aims to help you evaluate your options and select the distro that best meets your individual needs.

Read more

Syndicate content

More in Tux Machines

Python: Security and NumPy 1.20 Release

  • Python Package Index nukes 3,653 malicious libraries uploaded soon after security shortcoming highlighted

    The Python Package Index, also known as PyPI, has removed 3,653 malicious packages uploaded days after a security weakness in the use of private and public registries was highlighted. Python developers use PyPI to add software libraries written by other developers in their own projects. Other programming languages implement similar package management systems, all of which demand some level of trust. Developers are often advised to review any code they import from an external library though that advice isn't always followed. Package management systems like npm, PyPI, and RubyGems have all had to remove subverted packages in recent years. Malware authors have found that if they can get their code included in popular libraries or applications, they get free distribution and trust they haven't earned. Last month, security researcher Alex Birsan demonstrated how easy it is to take advantage of these systems through a form of typosquatting that exploited the interplay between public and private package registries.

  • A pair of Python vulnerabilities [LWN.net]

    Two separate vulnerabilities led to the fast-tracked release of Python 3.9.2 and 3.8.8 on February 19, though source-only releases of 3.7.10 and 3.6.13 came a few days earlier. The vulnerabilities may be problematic for some Python users and workloads; one could potentially lead to remote code execution. The other is, arguably, not exactly a flaw in the Python standard library—it simply also follows an older standard—but it can lead to web cache poisoning attacks. [...] [Update: As pointed out in an email from Moritz Muehlenhoff, Python 2.7 actually is affected by this bug. He notes that python2 on Debian 10 ("Buster") is affected and has been updated. Also, Fedora has a fix in progress for its python2.7 package.]

  • NumPy 1.20 has been released

    NumPy is a Python library that adds an array data type to the language, along with providing operators appropriate to working on arrays and matrices. By wrapping fast Fortran and C numerical routines, NumPy allows Python programmers to write performant code in what is normally a relatively slow language. NumPy 1.20.0 was announced on January 30, in what its developers describe as the largest release in the history of the project. That makes for a good opportunity to show a little bit about what NumPy is, how to use it, and to describe what's new in the release. [...] NumPy adds a new data type to Python: the multidimensional ndarray. This a container, like a Python list, but with some crucial differences. A NumPy array is usually homogeneous; while the elements of a list can be of various types, an ndarray will, typically, only contain a single, simple type, such as integers, strings, or floats. However, these arrays can instead contain arbitrary Python objects (i.e. descendants of object). This means that the elements will, for simple data types, all occupy the same amount of space in memory. The elements of an ndarray are laid out contiguously in memory, whereas there is no such guarantee for a list. In this way, they are similar to Fortran arrays. These properties of NumPy arrays are essential for efficiency because the location of each element can be directly calculated. Beyond just adding efficient arrays, NumPy also overloads arithmetic operators to act element-wise on the arrays. This allows the Python programmer to express computations concisely, operating on arrays as units, in many cases avoiding the need to use loops. This does not turn Python into a full-blown array language such as APL, but adds to it a syntax similar to that incorporated into Fortran 90 for array operations.

4 Best Free and Open Source Graphical MPD Clients

MPD is a powerful server-side application for playing music. In a home environment, you can connect an MPD server to a Hi-Fi system, and control the server using a notebook or smartphone. You can, of course, play audio files on remote clients. MPD can be started system-wide or on a per-user basis. MPD runs in the background playing music from its playlist. Client programs communicate with MPD to manipulate playback, the playlist, and the database. The client–server model provides advantages over all-inclusive music players. Clients can communicate with the server remotely over an intranet or over the Internet. The server can be a headless computer located anywhere on a network. There’s graphical clients, console clients and web-based clients. To provide an insight into the quality of software that is available, we have compiled a list of 4 best graphical MPD clients. Hopefully, there will be something of interest here for anyone who wants to listen to their music collection via MPD. Here’s our recommendations. They are all free and open source goodness. Read more

LWN on Kernel: 5.12 Merge, Lockless Algorithms, and opy_file_range()

  • 5.12 Merge window, part 1 [LWN.net]

    The beginning of the 5.12 merge window was delayed as the result of severe weather in the US Pacific Northwest. Once Linus Torvalds got going, though, he wasted little time; as of this writing, just over 8,600 non-merge changesets have been pulled into the mainline repository for the 5.12 release — over a period of about two days. As one might imagine, that work contains a long list of significant changes.

  • An introduction to lockless algorithms [LWN.net]

    Low-level knowledge of the memory model is universally recognized as advanced material that can scare even the most seasoned kernel hackers; our editor wrote (in the July article) that "it takes a special kind of mind to really understand the memory model". It's been said that the Linux kernel memory model (and in particular Documentation/memory-barriers.txt) can be used to frighten small children, and the same is probably true of just the words "acquire" and "release". At the same time, mechanisms like RCU and seqlocks are in such widespread use in the kernel that almost every developer will sooner or later encounter fundamentally lockless programming interfaces. For this reason, it is a good idea to equip yourself with at least a basic understanding of lockless primitives. Throughout this series I will describe what acquire and release semantics are really about, and present five relatively simple patterns that alone can cover most uses of the primitives.

  • How useful should copy_file_range() be? [LWN.net]

    Its job is to copy len bytes of data from the file represented by fd_in to fd_out, observing the requested offsets at both ends. The flags argument must be zero. This call first appeared in the 4.5 release. Over time it turned out to have a number of unpleasant bugs, leading to a long series of fixes and some significant grumbling along the way. In 2019 Amir Goldstein fixed more issues and, in the process, removed a significant limitation: until then, copy_file_range() refused to copy between files that were not located on the same filesystem. After this patch was merged (for 5.3), it could copy between any two files, falling back on splice() for the cross-filesystem case. It appeared that copy_file_range() was finally settling into a solid and useful system call. Indeed, it seemed useful enough that the Go developers decided to use it for the io.Copy() function in their standard library. Then they ran into a problem: copy_file_range() will, when given a kernel-generated file as input, copy zero bytes of data and claim success. These files, which include files in /proc, tracefs, and a large range of other virtual filesystems, generally indicate a length of zero when queried with a system call like stat(). copy_file_range(), seeing that zero length, concludes that there is no data to copy and the job is already done; it then returns success. But there is actually data to be read from this kind of file, it just doesn't show in the advertised length of the file; the real length often cannot be known before the file is actually read. Before 5.3, the prohibition on cross-filesystem copies would have caused most such attempts to return an error code; afterward, they fail but appear to work. The kernel is happy, but some users can be surprisingly stubborn about actually wanting to copy the data they asked to be copied; they were rather less happy.

Banana Pi BPI-M2 Pro is a compact Amlogic S905X3 SBC

Banana Pi has already designed an Amlogic S905X3 SBC with Banana Pi BPI-M5 that closely follows Raspberry Pi 3 Model B form factor, but they’ve now unveiled a more compact model with Banana Pi BPI-M2 Pro that follow the design of the company’ earlier BPI-MP2+ SBC powered by the good old Allwinner H3 processor. BPI-M2 Pro comes with 2GB RAM, 16GB eMMC storage, HDMI video output, Gigabit Ethernet, Wifi & Bluetooth connectivity, as well as two USB 3.0 ports. Read more