Language Selection

English French German Italian Portuguese Spanish

OSS

Kubernetes 1.16 available from Canonical

Filed under
Server
OSS
Ubuntu

Canonical announces full enterprise support for Kubernetes 1.16, with support covering Charmed Kubernetes, MicroK8s and kubeadm.

MicroK8s will be updated with Kubernetes 1.16 enabling users access to the latest upstream release with a single-line command in under 60 seconds. In addition, MicroK8s gets new add-ons with one line installs of Helm and Cilium as well as enhancements, upgrades and bug fixes. Cilium adds enhanced networking features including Kubernetes Network Policy support. With MicroK8s 1.16, users can develop and deploy enterprise grade Kubernetes on any Linux desktop, server or VM across 42 Linux distros.

Canonical’s Charmed Kubernetes 1.16 will come with exciting changes like support for Kata Containers, AWS IAM, SSL passthrough and more. Using Kata Containers, insecure or untrusted pods can be run safely in isolation without disrupting trusted pods in deployments. Identity Access Management on AWS can be used to login to your Charmed Kubernetes cluster. Users get more control over their deployments while benefitting from reduced complexity due to improved LXD support and enhanced Prometheus and OpenStack integration.

“At Canonical, we enable enterprises by reducing the complexity of their Kubernetes deployments. We are actively involved in the Kubernetes community to ensure we listen to, and support our users’ and partners’ needs. Staying on top of security flaws, community issues and features to improve Kubernetes is critical to us. We keep the Ubuntu ecosystem updated with the latest Kubernetes, as soon as it becomes available upstream,” commented Ammar Naqvi, Product Manager at Canonical.

Read more

The community-led renaissance of open source

Filed under
OSS

With few commercial participants, early free software and open source communities were, by definition, community-led. Software was designed and created organically by communities of users in response to their needs and inspiration. The results, to a degree nobody predicted, were often magical.

First-generation open source businesses like Red Hat emerged to respond to these needs. They combined the best of both worlds: the flexibility and control of raw open source with the commercial support that enterprises depend on. These new open source businesses found their opportunity by adding the missing—but necessary—commercial services to community-led open source projects. These services would be costly for organizations to provide on their own and potentially even more costly to do without. One early leader of that era, Cygnus Solutions, even adopted the counter-intuitive tagline "Making free software affordable."

But back then, it was always overwhelmingly clear: The commercial vendors were in service of the community, filling in around the edges to enable commercial applications. The community was the star, and the companies were the supporting cast.

Read more

Election fraud: Is there an open source solution?

Filed under
OSS

Can open source technology help keep our elections honest? With its Trust The Vote Project, the Open Source Election Technology (OSET) Institute is working on making that a reality for elections in the United States and around the world.

The project is developing an open, adaptable, flexible, full-featured, and innovative elections technology platform called ElectOS. It will support all aspects of elections administration and voting, including creating, marking, casting, and counting ballots and managing all back-office functions. The software is freely available under an Open Source Initiative (OSI)-recognized public license for adoption, adaptation, and deployment by anyone, including elections jurisdictions directly or, more commonly, commercial vendors or systems integrators.

Read more

Meld is an excellent file and folder comparison tool for Windows and Linux

Filed under
Linux
OSS

Ever had two sets of the same files and folders and couldn't decide which one to retain? It may take a long time to actually open each to verify the one that's recent or the one you need; while dates associated with the files may help, they won't all the time as they don't tell you anything about the actual content.

This is where file comparison tools can be time-savers. Meld is an open source file comparison tool for Windows and Linux for exactly that purpose.

Read more

FOSS – A boon for e-governance and educational institutions

Filed under
OSS

Free and Open Source Software (FOSS) Community is By the Community, For the Community, of the Community, To the Community on No Profit No Loss Basis. Open Source Software, is and will always remain free. There is no license to pay to anybody.The central government mooted out a policy on adoption of open source software, which makes it mandatory for all software applications and services of the government be built using open source software, so that projects under Digital India “ensure efficiency, transparency and reliability of such services at affordable costs”. “Government of India shall endeavour to adopt Open Source Software in all e-Governance systems implemented by various Government organizations, as a preferred option in comparison to Closed Source Software,” said the policy statement, put on the website of the Department of Electronics and Information Technology.The Open Source Software shall have the following characteristics:- A) The source code shall be available for the community / adopter / end user to study and modify the software and to redistribute copies of either the original or modified software. Cool Source code shall be free from any royalty.

Read more

PulseAudio 13 Released with Dolby TrueHD and DTS-HD Master Audio Support, More

Filed under
Linux
OSS

Released three months after the PulseAudio 12 series, PulseAudio 13 is here with support for Dolby TrueHD and DTS-HD Master Audio, support for the SteelSeries Arctis 5 USB headset, improved initial card profile selection for ALSA cards, as well as S/PDIF improvements for CMEDIA USB2.0 High-Speed True HD Audio.

The PulseAudio 13 series also adds several new module arguments, including "max_latency_msec" for module-loopback, "stream_name" for module-rtp-send, and "avoid_resampling" for module-udev-detect and module-alsa-card, and no longer uses persistent Bluetooth card profile choices by default, recommending users to use A2DP by default.

Read more

Hyperledger and Financing FOSS

Filed under
Linux
OSS
  • ConsenSys joins Hyperledger to help build enterprise blockchains

    Ethereum-focused development firm ConsenSys has joined Hyperledger as a premium member. Hyperledger—run by the Linux Foundation—is an open-source project focused on open-source technologies, particularly around enterprise blockchains.

  • ConsenSys Joins Hyperledger as a Premier Member

    ConsenSys and Hyperledger announced today that ConsenSys has become the newest Premier Member of Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, hosted by the Linux Foundation. Additionally, ConsenSys's PegaSys protocol engineering group submitted its Ethereum client, formerly known as Pantheon, as the project Hyperledger Besu, the first public chain compatible blockchain submission to Hyperledger.

  • Square Crypto Grants $100,000 to Open-Source Crypto Payment Processor

    Bitcoin (BTC)-supporting payments service Square Crypto is giving the first of what will be many grants to support open-source Bitcoin projects to BTCPay Foundation.

  • CasperLabs Raises $14.5M Series A Round, Aims to Scale Blockchain Opportunities for Everyone

    CasperLabs, the open-source blockchain platform powered by the Correct-by-Construction (CBC) Casper proof-of-stake consensus protocol, today announced it has raised $14.5M in Series A funding led by Terren Piezer, the "Zelig of Wall Street," through his personal holding company, Acuitas Group Holdings. Other major investors include Arrington XRP Capital, Consensus Capital, Axiom Holdings Group, Digital Strategies, MW Partners, Blockchange Ventures, Hashkey Capital, and Distributed Global. The new investment will be used to accelerate product development and expand hiring of world-class engineers.

  • Akeneo raises $46 million for its product information management service

    Akeneo started as an open-source PIM application. Today, thousands of companies actively use that open-source version. But Akeneo also offers an enterprise edition with a more traditional software-as-a-service approach. The startup has managed to attract 300 clients, such as Sephora, Fossil and Auchan.

  • Where have all the seed deals gone?

    When it comes to big business, the numbers rarely lie, and the ones PitchBook and other sources have pulled together on the state of seed investing aren’t pretty. The total number of seed deals, funds raised and dollars invested in seed deals were all down in the 2015-2018 time frame, a period too long to be considered a correctable glitch.

    [...]

    Gone were the days of investing millions of dollars in tech infrastructure before writing the first line of code. At the same time, the proliferation of increasingly sophisticated and freely available open-source software provided many of the building blocks upon which to build a startup. And we can’t forget the launch of the iPhone in 2007 and, more importantly for startups, the App Store in 2008.

  • Is Open Source licensing irretrievably broken?

    Jonathan Ellis is the CTO and Founder of DataStax. At ApacheCon 2019 in Las Vegas, he gave a keynote that will make many in the industry uncomfortable. The focus of that keynote was the state of open source licensing. Ellis believes that there is a problem, if not what some would call a looming crisis in how open source software licences are being used.

    He believes that the last 10 years, in particular, have seen a significant change in attitudes around what open source means. One of the big changes has been the shift from a hobbyist, part-time code development role to venture capital funded companies. Many of these like the open source model. As Ellis told Enterprise Times, making something open source is about instant exposure to a wider audience.

Kubernetes Leftovers

Filed under
Server
OSS
  • With its Kubernetes bet paying off, Cloud Foundry doubles down on developer experience

    More than 50% of the Fortune 500 companies are now using the open-source Cloud Foundry Platform-as-a-Service project — either directly or through vendors like Pivotal — to build, test and deploy their applications. Like so many other projects, including the likes of OpenStack, Cloud Foundry went through a bit of a transition in recent years as more and more developers started looking to containers — and especially the Kubernetes project — as a platform on which to develop. Now, however, the project is ready to focus on what always differentiated it from its closed- and open-source competitors: the developer experience.

  • Kubernetes in the Enterprise: A Primer

    As Kubernetes moves deeper into the enterprise, its growth is having an impact on the ecosystem at large.

    When Kubernetes came on the scene in 2014, it made an impact and continues to impact the way companies build software. Large companies have backed it, causing a ripple effect in the industry and impacting open source and commercial systems. To understand how K8S will continue to affect the industry and change the traditional enterprise data center, we must first understand the basics of Kubernetes.

  • Google Cloud rolls out Cloud Dataproc on Kubernetes

    Google Cloud is trialling alpha availability of a new platform for data scientists and engineers through Kubernetes.

    Cloud Dataproc on Kubernetes combines open source, machine learning and cloud to help modernise big data resource management.

    The alpha availability will first start with workloads on Apache Spark, with more environments to come.

  • Google announces alpha of Cloud Dataproc for Kubernetes

    Not surprisingly, Google, the company that created K8s, thinks the answer to that question is yes. And so, today, the company is announcing the Alpha release of Cloud Dataproc for Kubernetes (K8s Dataproc), allowing Spark to run directly on Google Kubernetes Engine (GKE)-based K8s clusters. The service promises to reduce complexity, in terms of open source data components' inter-dependencies, and portability of Spark applications. That should allow data engineers, analytics experts and data scientists to run their Spark workloads in a streamlined way, with less integration and versioning hassles.

OSS Leftovers

Filed under
OSS
  • Workarea Commerce Goes Open-source

    The enterprise commerce platform – Workarea is releasing its software to the open-source community. In case you don’t already know, Workarea was built to unify commerce, content management, merchant insights, and search. It was developed upon open-source technologies since its inception like Elasticsearch, MongoDB, and Ruby on Rails. Workarea aims to provide unparalleled services in terms of scalability and flexibility in modern cloud environments. Its platform source code and demo instructions are available on GitHub here.

  • Wyoming CV Pilot develops open-source RSU monitoring system

    The team working on the US Department of Transportation’s (USDOT) Connected Vehicle Pilot Deployment Program in Wyoming have developed open-source applications for the operation and maintenance of Roadside Units (RSUs) that can be viewed by all stakeholders.

    The Wyoming Department of Transportation (WYDOT) Connected Vehicle Pilot implementation includes the deployment of 75 RSUs along 400 miles (644km) of I-80. With long drive times and tough winters in the state, WYDOT needed an efficient way to monitor the performance of and manage and update these units to maintain peak performance. With no suitable product readily available, the WYDOT Connected Vehicle team developed an open-source application that allows authorized transportation management center (TMC) operators to monitor and manage each RSU at the roadside. The WYDOT team found that the application can also be used as a public-facing tool that shows a high-level status report of the pilot’s equipment.

    [...]

    For other state or local agencies and departments of transportation (DOTs) wishing to deploy a similar capability to monitor and manage RSUs, the application code has been made available on the USDOT’s Open Source Application Development Portal (OSADP). The code is downloadable and can be used and customized by other agencies free of charge. WYDOT developed this capability using USDOT funds under the CV Pilot program as open-source software and associated documentation. The application represents one of six that the program will be providing during its three phases.

  • You Too Can Make These Fun Games (No Experience Necessary)

    Making a videogame remained a bucket list item until I stumbled on an incredibly simple open source web app called Bitsy. I started playing around with it, just to see how it worked. Before I knew it, I had something playable. I made my game in a couple of hours.

  • From maverick to mainstream: why open source software is now indispensable for modern business

    Free and open source software has a long and intriguing history. Some of its roots go all the way back to the 1980s when Richard Stallman first launched the GNU project.

  • Analyst Watch: Is open source the great equalizer?

    If you had told me 25 years ago that open source would be the predominant force in software development, I would’ve laughed.

    Back then, at my industrial software gig, we were encouraged to patent as much IP as possible, even processes that seemed like common-sense business practices, or generally useful capabilities for any software developer.

    If you didn’t, your nearest competitor would surely come out with their own patent claims, or inevitable patent trolls would show up demanding fees for any uncovered bit of code.

    We did have this one developer who was constantly talking about fiddling with his Linux kernel at home, on his personal time. Interesting hobby.

  • Scientists Create World’s First Open Source Tool for 3D Analysis of Advanced Biomaterials

    Materials scientists and programmers from the Tomsk Polytechnic University in Russia and Germany's Karlsuhe Institute of Technology have created the world’s first open source software for the 2D and 3D visualization and analysis of biomaterials used for research into tissue regeneration.

    [...]

    Scientists have already tested the software on a variety of X-ray tomography data.

    “The results have shown that the software we’ve created can help other scientists conducting similar studies in the analysis of the fibrous structure of any polymer scaffolds, including hybrid ones,” Surmenev emphasised.

  • Making Collaborative Data Projects Easier: Our New Tool, Collaborate, Is Here

    On Wednesday, we’re launching a beta test of a new software tool. It’s called Collaborate, and it makes it possible for multiple newsrooms to work together on data projects.

    Collaborations are a major part of ProPublica’s approach to journalism, and in the past few years we’ve run several large-scale collaborative projects, including Electionland and Documenting Hate. Along the way, we’ve created software to manage and share the large pools of data used by our hundreds of newsrooms partners. As part of a Google News Initiative grant this year, we’ve beefed up that software and made it open source so that anybody can use it.

  • Should open-source software be the gold standard for nonprofits?

    Prior to its relaunch, nonprofit organization Cadasta had become so focused on the technology side of its work that it distracted from the needs of partners in the field.

    “When you’re building out a new platform, it really is all consuming,” said Cadasta CEO Amy Coughenour, reflecting on some of the decisions that were made prior to her joining the team in 2018.

  • Artificial intelligence: an open source future

    At the same time, we’re seeing an increasing number of technology companies invest in AI development. However, what’s really interesting is that these companies - including the likes of Microsoft, Salesforce and Uber - are open sourcing their AI research. This move is already enabling developers worldwide to create and improve AI & Machine Learning (ML) algorithms faster. As such, open source software has become a fundamental part of enabling fast, reliable, and also secure development in the AI space. So, why all the hype around open source AI? Why are businesses of all sizes, from industry behemoths to startups, embracing open source? And where does the future lie for AI and ML as a result?

  • How open source is accelerating innovation in AI

    By eradicating barriers like high licensing fees and talent scarcity, open source is accelerating the pace of AI innovation, writes Carmine Rimi

    No other technology has captured the world’s imagination quite like AI, and there is perhaps no other that has been so disruptive. AI has already transformed the lives of people and businesses and will continue to do so in endless ways as more startups uncover its potential. According to a recent study, venture capital funding for AI startups in the UK increased by more than 200 percent last year, while a Stanford University study observed a 14-times increase in the number of AI startups worldwide in the last two years.

  • Adam Jacob Advocates for Building Healthy OSS Communities in “The War for the Soul of Open Source”

    Chef co-founder and former CTO Adam Jacob gave a short presentation at O’Reilly Open Source Software Conference (OSCON) 2019 titled “The War for the Soul of Open Source.” In his search for meaning in open source software today, Jacob confronts the notion of open source business models.

    “We often talk about open source business models,” he said. “There isn’t an open source business model. That’s not a thing and the reason is open source is a channel. Open source is a way that you, in a business sense, get the software out to the people, the people use the software, and then they become a channel, which [companies] eventually try to turn into money.”

    [...]

    In December 2018, Jacob launched the Sustainable Free and Open Source Communities (SFOSC) project to advocate for these ideas. Instead of focusing on protecting revenue models of OSS companies, the project’s contributors work together to collaborate on writing core principles, social contracts, and business models as guidelines for healthy OSS communities.

  • New Open Source Startups Emerge After Acquisition, IPO Flurry

    After a flurry of mega-acquisitions and initial public offerings of open source companies, a new batch of entrepreneurs are trying their hands at startups based on free software projects.

  • TC9 selected by NIST to develop Open Source Software for Transactive Energy Markets

    TC9, Inc. was selected by National Institute of Standards and Technology (NIST) to develop open source software for Transactive Energy Bilateral Markets based on the NIST Common Transactive Services.

    Under the contract, TC9 will develop open source software (OSS) for agents for a transactive energy market. The software will be used to model the use of transactive energy to manage power distribution within a neighborhood. Transactive Energy is a means to balance volatile supply and consumption in real time. Experts anticipate the use of Transactive Energy to support wide deployment of distributed energy resources (DER) across the power grid.

  • Open Source Software Allows Auterion to Move Drone Workflows into the Cloud

    “Until today, customizing operations in the MAVLink protocol required a deep understanding of complex subjects such as embedded systems, drone dynamics, and the C++ programming language,” said Kevin Sartori, co-founder of Auterion. “With MAVSDK, any qualified mobile developer can write high-level code for complex operations, meaning more developers will be able to build custom applications and contribute to the community.”

  • ApacheCon 2019 Keynote: James Gosling's Journey to Open Source

    At the recent ApacheCon North America 2019 in Las Vegas, James Gosling delivered a keynote talk on his personal journey to open-source. Gosling's main takeaways were: open source allows programmers to learn by reading source code, developers must pay attention to intellectual property rights to prevent abuse, and projects can take on a life of their own.

  • 20 Years of the Apache Software Foundation: ApacheCon 2019 Opening Keynote

    At the recent ApacheCon North America 2019 in Las Vegas, the opening keynote session celebrated the 20th anniversary of the Apache Software Foundation (ASF), with key themes being: the history of the ASF, a strong commitment to community and collaboration, and efforts to increase contributions from the public. The session also featured a talk by astrophysicist David Brin on the potential dangers of AI.

Open Hardware/Modding

Filed under
Hardware
OSS
  • Delta X open source delta robot kit hits Kickstarter from €179

    After previously being unveiled earlier this month the Delta X open source delta robot kit has now launched via Kickstarter offering open source hardware, firmware and software for the community. Watch the demonstration video below to learn more about the Arduino powered 3D printed open source robot kit which is now available from €179.

    The Delta X offers both a complete desktop robot and a modular kit and can be combined with a range of end effectors to complete a wide variety of different applications, offering increased speed and flexibility when compared to other robotic arm kits on the market.

  • AXIS open source 3D printer from $125

    An affordable 3D printer has launched via Kickstarter this week in the form of the AXIS 3D Printer which is priced from just £99, $125 or €115. Complete with dual 3D printing head the 3D printer is based on open source technology with “tried and tested industry standard components designed to work right, first time” say it’s creators.

  • Freemelt raises $1.6 million in investment round for open-source EBM 3D printer
  • 3D printing stethoscopes, tourniquets and crucial dialysis-machine parts in Gaza

    Tarek Loubani is a Palestinian-Canadian doctor who works with the Glia Project, a group that creates open-source designs for 3D-printable medical hardware. Their goal is to let local populations manufacture their own medical wares at prices considerably lower than in the marketplace, and in situations where -- because of distance or war -- it may not even be possible to ship in equipment at any price. Some of their early work has been in blockaded Gaza, for example.

    So far, Glia has designed a stethoscope that can be made for about $2.83, and a tourniquet that costs about $7 to make.

  • GameShell Kit – Open Source Portable Game Console

    This portable console has a GNU/LINUX embedded operating system that lets you play all kinds of retro games from Atari, GB, GBA, NES, MAME, MD, PS1, and more. You can even create your own games if you want. Get one for yourself or build it together with your kids. Check out more details by clicking the link above.

  • Play classic games on an open-source console with GameShell: $143 (Orig. $199)
Syndicate content

More in Tux Machines

Debian and Ubuntu Leftovers

  • Ritesh Raj Sarraf: Bpfcc New Release

    bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

  • Utkarsh Gupta: Joining Debian LTS!

    Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail. [...] I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates. And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former). Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them. With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads! :D

  • Ubucon Europe 2019 in local media

    News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air. The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software. For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning. Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

Devices/Embedded: Win Enterprises and Raspberry Pi 4

  • Win Enterprises unveils Atom-based LAN gateway and compact SBC

    Win Enterprises unveiled a fanless “PL-82000” networking gateway with 6x GbE and 2x SFP ports based on an Atom C3000. It also launched a Raspberry Pi sized “MB-5000” SBC that runs Ubuntu or Win 10 on Intel Apollo Lake. We tend to forget Win Enterprises because as its name suggests, the company typically sticks to Windows-supported products. Yet, they have increasingly produced barebones products without listed OS support, such as the new PL-82000 networking appliance, as well as Linux supported systems such as the MB-5000 SBC announced back in June. (In 2017, we covered an Intel Bay Trail based MB-80580 SBC and Win IoT-380 Gateway with Linux support.)

  • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

    Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

  • Raspberry Pi 4 B+ - PCI Express

    Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn't lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

    I'm sharing it to allow people to learn from this - and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

OSS: Odoo, WordPress, MongoDB vs. MySQL

  • What's New in Odoo 13?

    Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations. With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

  • Becoming Better Digital Citizens Through Open Source

    The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen. [...] Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us. All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations.  Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

  • MongoDB vs. MySQL: How to choose

    During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database. Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

Security: XML External Entity (XXE) Example and the Latest Patches

  • XML External Entity (XXE) Example

    According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

  • Security updates for Monday

    Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).