Language Selection

English French German Italian Portuguese Spanish

OSS

SourceForge and Slashdot Have Been Sold

Filed under
News
OSS

Slashdot Media, which owns the popular websites SourceForge and Slashdot, has been sold to SourceForge Media, LLC, a subsidiary of web publisher BIZX, LLC. Financial terms of the sale were not revealed in the press release announcing the sale, which was published today on the website EIN News.

This afternoon I exchanged a few emails with Logan Abbott who is one of the owners of BIZX and the president of the SourceForge Media subsidiary which he said “was formed for the purposes of this transaction.”

Read more

Also: Slashdot and SourceForge Sold, Now Under New Management

Qtractor 0.7.4 Free and Open Source Audio/MIDI Multi-Track Sequencer Out Now

Filed under
GNU
Linux
OSS

Qtractor, an open-source, free, and cross-platform audio and MIDI multi-track sequencer software, has been updated to version 0.7.4, and it is now available for download for all GNU/Linux operating system.

Read more

8 non-code ways to contribute to open source

Filed under
OSS

Whether you're a novice programmer, a seasoned veteran, or not an engineer at all, there are many ways to contribute to open source projects beyond coding.

Compared to proprietary software, open source projects tend to be relatively short-handed when it comes to non-engineering contributions, so don't shy away from open source just because you're not a coder. Your blog post or design skills could be much more meaningful to the right project than just another line of code.

Read more

New framework needed for open source switching

Filed under
OSS

According to Cardenas, the development of open source switching has proved challenging given Broadcom's dominance in the market. Obtaining the vendor's software development kit (SDK) isn't necessarily easy nor does receipt of it guarantee that a vendor's subsequent product will be as full-featured as it should be, Cardenas said. He suggests that to make open source switching a reality, developers and competitors should escalate the pressure. Cardenas cites Mellanox's Linux kernel derived project, switchdev, as an example of what can be done. Bottom line, writes Cardenas: "Without an open source framework to drive merchant silicon, we won’t truly have an open source NOS."

Read more

Also: HFOSS: The First Flight

Bernie Sanders' campaign is right, Microsoft could hurt election -- open source is needed

Filed under
OSS

When it comes to government agencies at all levels, and things like the voting process, I am a hardcore believer in open source being necessary. To truly know that votes are being counted correctly by machines, only open source would allow independent auditing. It will also help to prevent unknown backdoors in secure government computer systems.

Closed source technologies from companies like Microsoft could, in theory, contain backdoors or vulnerabilities that hackers and evildoers could exploit. Even worse, Microsoft or its employees could purposely alter voting software to influence outcomes. Am I saying the company is doing this? Not at all. But with closed source software, there is no way to know for sure. Now, Bernie Sanders' campaign is questioning Microsoft's technologies being used in Iowa Caucuses. You know what? They have a point.

Read more

A new open source cloud management tool… from Walmart

Filed under
OSS

If you want evidence of just how different Internet retail and brick-and-mortar retail are, you just have to look at what's going on with the world's largest retailer. In the same week that Walmart announced the closing of over 100 physical stores, the company's e-commerce unit announced that it is releasing a piece of its cloud-management infrastructure as open source—publishing the OneOps platform on Github. The company's internal e-commerce development unit, @Walmartlabs, has released OneOps under the Apache 2.0 license.

Read more

Programming and Education

Filed under
Development
OSS
  • Beep Beep Yarr!

    For too long, computer programming has seemed like a secret world, sealed off from all but the geekiest of maths geniuses. Normal people never needed to know what went on inside their mysterious black boxes: it might have well as been voodoo. That’s changing now though. Because computers are essential to the way we live now, computer programmers are essential too. Kids growing up today need to have at least an idea of how computers work to make them useful (and well paid) members of the workforce of tomorrow.

  • Fortran: coding for scientists, by scientists

    FORTRAN (it dropped the caps in 1990) is the oldest high-level language still written today. It’s now over 55 years old and still in widespread use in the sciences, in high-performance computing, and in supercomputers. Its real strength is in numerical computation and complicated mathematical models (making it also popular in finance); and its position is hard to assail given the vast Fortran code library of numerical computation routines that’s available. There are even people still using fixed-format F77 (see below), although most modern users have shifted to the easier free-format. It’s probably not your language of choice for shiny Web 2.0 development, but it’s fascinating to have a look at something with such a venerable and successful history.

Leftovers: OSS

Filed under
OSS
  • 5 Top Open Source Contributions for React Native (and What's Needed)

    Since being open sourced by creator Facebook, React Native has garnered more than 26,000 "stars" on GitHub -- making it No. 23 in the all-time rankings -- and has been forked more than 4,600 times. Clearly, it's taking the mobile app dev arena by storm.

  • 4 myths about agile

    It stung—but she learned from it. Proponents of agile "have failed to deliver the message in a way the open source community understands," she tells her audience in this video. So Krieger took to the stage to dispel four common myths about agile and "get to the truth of what it’s intended to be."

  • 10 Open Source Vulnerability Assessment Tools

    Vulnerability assessment tools are an essential part of enterprise security strategies, as scanning applications for known vulnerabilities is a key best practice. Using open source vulnerability assessment technologies can help organizations save money and customize software to suit their needs.

    Many open source vulnerability assessment tools are conveniently bundled in security distributions such as Offensive Security's Kali Linux. Here is a selection of 10 useful open source vulnerability assessment tools, including general vulnerability assessment tools, Web server and application vulnerability scanners, analysis tools and fuzzers.

  • How open source could save us from ad-served hacking

    Yesterday I wrote of how Adblock Plus isn’t necessarily the best, and certainly isn’t the most ethical of all possible open-source adblocking solutions; but rather that it predominates because it grew a massive user-base in a time of diversity and transition. And so it is with its opposite number – the ad-serving industry whose domains form the basis of adblockers’ blacklists and whitelists.

    It’s a rotten, but established solution. It’s just ‘what people do’.

    To boot, the ad-serving industry as it stands has billions in turnover to spend defaming or undermining any alternative system, should one arise.

  • The dangerous “UI team”

    Customers do not want to click on UI controls. Nor do they want to browse a web site, or “log in,” or “manage” anything, or for that matter interact with your product in any way. Those aren’t goals people have when they wake up in the morning. They’re more like tedious tasks they discover later.

    [...]

    The “UI team” has “UI” right there in the name (sounds user-friendly doesn’t it?). But this is a bottom-up, implementation-driven way to define a team. You’ve defined the team by solution rather than by problem.

How to increase online privacy with open source tools and best practices

Filed under
OSS

Privacy on the Internet is… well, let's just say it's complicated. In this article, I'll analyze a few open source tools and concepts that you might use to increase privacy on the Internet for yourself. It will not be an exhaustive list of all possible avenues, nor does it pretend to ensure complete privacy even in the fact of a concentrated, personal attack. Some of the tips you will find useful, others you will discard, and still others you might use in conjunction with other policies to construct your own privacy model.

Read more

Good leaders know what economics can’t explain about open source

Filed under
OSS

Whatever the reason, economic rationality won't illuminate it. But open leaders need to discover it. And they can turn once again to open source communities for insight. Yet again, they likely have something important to teach us about the reasons we organize today.

Read more

Syndicate content

More in Tux Machines

Servers: DockerCon Coverage, MongoDB IPO

  • DockerCon EU 17 Panel Debates Docker Container Security
    There are many different security capabilities that are part of the Docker container platform, and there are a number of vendors providing container security offerings. At the DockerCon EU 17 conference in Copenhagen, Denmark, eWEEK moderated a panel of leading vendors—Docker, Hewlett Packard Enterprise, Aqua Security, Twistlock and StackRox—to discuss the state of the market. To date, there have been no publicly disclosed data breaches attributed to container usage or flaws. However, that doesn't mean that organizations using containers have not been attacked. In fact, Wei Lien Dang, product manager at StackRox, said one of his firm's financial services customers did have a container-related security incident.
  • DockerCon EU: Tips and Tools for Running Container Workloads on AWS
    Amazon Web Services wants to be a welcome home for developers and organizations looking to deploy containers. At the DockerCon EU conference here, a pair of AWS technical evangelists shared their wisdom on the best ways to benefit from container deployments. The terms microservices and containers are often used interchangeably by people. Abby Fuller, technical evangelist at AWS, provided the definition of microservices coined by Adrian Crockford, VP of Cloud Architecture at AWS and formerly the cloud architect at Netflix.
  • Docker CEO: Embracing Kubernetes Removes Conflict
    Steve Singh has ambitious plans for Docker Inc. that are nothing less than transforming the world of legacy applications into a modern cloud-native approach. Singh was named CEO of Docker on May 2 and hosted his first DockerCon event here Oct. 16-19. The highlight of DockerCon EU was the surprise announcement that Docker is going to support the rival open-source Kubernetes container orchestration system. In a video interview with eWEEK, Singh explained the rationale behind the Kubernetes support and provided insight into his vision for the company he now leads.
  • MongoDB's IPO Beats the Market Out of the Gate
    The folks at MongoDB raised a whole lot of money today in their debut on NASDAQ. Yesterday the open source company announced it was going to be asking $24 a share for the 8 million Class A shares it was letting loose in its IPO, which had some Wall Street investors scratching their heads and wondering if the brains at Mongo were suffering from some kind of undiagnosed damage. Analysts had been estimating an opening price of between $20-22 per share, and on October 6 the company had estimated an opening price in the range of $18-20.

LWN on Linux: LTS, API, Pointer Leaks and Linux Plumbers Conference (LPC)

  • Cramming features into LTS kernel releases
    While the 4.14 development cycle has not been the busiest ever (12,500 changesets merged as of this writing, slightly more than 4.13 at this stage of the cycle), it has been seen as a rougher experience than its predecessors. There are all kinds of reasons why one cycle might be smoother than another, but it is not unreasonable to wonder whether the fact that 4.14 is a long-term support (LTS) release has affected how this cycle has gone. Indeed, when he released 4.14-rc3, Linus Torvalds complained that this cycle was more painful than most, and suggested that the long-term support status may be a part of the problem. A couple of recent pulls into the mainline highlight the pressures that, increasingly, apply to LTS releases. As was discussed in this article, the 4.14 kernel will include some changes to the kernel timer API aimed at making it more efficient, more like contemporary in-kernel APIs, and easier to harden. While API changes are normally confined to the merge window, this change was pulled into the mainline for the 4.14-rc3 release. The late merge has led to a small amount of grumbling in the community.
  • Improving the kernel timers API
    The kernel's timer interface has been around for a long time, and its API shows it. Beyond a lack of conformance with current in-kernel interface patterns, the timer API is not as efficient as it could be and stands in the way of ongoing kernel-hardening efforts. A late addition to the 4.14 kernel paves the way toward a wholesale change of this API to address these problems.
  • What's the best way to prevent kernel pointer leaks?
    An attacker who seeks to compromise a running kernel by overwriting kernel data structures or forcing a jump to specific kernel code must, in either case, have some idea of where the target objects are in memory. Techniques like kernel address-space layout randomization have been created in the hope of denying that knowledge, but that effort is wasted if the kernel leaks information about where it has been placed in memory. Developers have been plugging pointer leaks for years but, as a recent discussion shows, there is still some disagreement over the best way to prevent attackers from learning about the kernel's address-space layout. There are a number of ways for a kernel pointer value to find its way out to user space, but the most common path by far is the printk() function. There are on the order of 50,000 printk() calls in the kernel, any of which might include the value of a kernel pointer. Other places in the kernel use the underlying vsprintf() mechanism to format data for virtual files; they, too, often leak pointer values. A blanket ban on printing pointer values could solve this problem — if it could be properly enforced — but it would also prevent printing such values when they are really needed. Debugging kernel problems is one obvious use case for printing pointers, but there are others.
  • Continuous-integration testing for Intel graphics
    Two separate talks, at two different venues, give us a look into the kinds of testing that the Intel graphics team is doing. Daniel Vetter had a short presentation as part of the Testing and Fuzzing microconference at the Linux Plumbers Conference (LPC). His colleague, Martin Peres, gave a somewhat longer talk, complete with demos, at the X.Org Developers Conference (XDC). The picture they paint is a pleasing one: there is lots of testing going on there. But there are problems as well; that amount of testing runs afoul of bugs elsewhere in the kernel, which makes the job harder. Developing for upstream requires good testing, Peres said. If the development team is not doing that, features that land in the upstream kernel will be broken, which is not desirable. Using continuous-integration (CI) along with pre-merge testing allows the person making a change to make sure they did not break anything else in the process of landing their feature. That scales better as the number of developers grows and it allows developers to concentrate on feature development, rather than bug fixing when someone else finds the problem. It also promotes a better understanding of the code base; developers learn more "by breaking stuff", which lets them see the connections and dependencies between different parts of the code.

An update on GnuPG

The GNU Privacy Guard (GnuPG) is one of the fundamental tools that allows a distributed group to have trust in its communications. Werner Koch, lead developer of GnuPG, spoke about it at Kernel Recipes: what's in the new 2.2 version, when older versions will reach their end of life, and how development will proceed going forward. He also spoke at some length on the issue of best-practice key management and how GnuPG is evolving to assist. It is less than three years since attention was focused on the perilous position of GnuPG; because of systematic failure of the community to fund its development, Koch was considering packing it all in. The Snowden revelations persuaded him to keep going a little longer, then in the wake of Heartbleed there was a resurgent interest in funding the things we all rely on. Heartbleed led to the founding of the Core Infrastructure Initiative (CII). A grant from CII joined commitments from several companies and other organizations and an upsurge in community funding has put GnuPG on a more secure footing going forward. Read more

Ubuntu: GNOME, New Video, Ubuntu Podcast, Refreshing the Xubuntu Logo

  • Ubuntu 17.10: We're coming GNOME! Plenty that's Artful in Aardvark, with a few Wayland wails
    Ubuntu has done a good job of integrating a few plugins that improve GNOME's user experience compared to stock GNOME – most notably a modified version of the Dash-to-Dock and the App Indicator extensions, which go a long way toward making GNOME a bit more like Unity. It's worth noting that Ubuntu's fork of Dash-to-Dock lacks some features of the original, but you can uninstall the Ubuntu version in favour of the original if you prefer. In fact you can really revert to a pretty stock GNOME desktop with just a few tweaks. Canonical said it wasn't going to heavily modify GNOME and indeed it hasn't.
  • What’s New in Ubuntu 17.10 Artful Aardvark
  • Ubuntu Podcast: S10E33 – Aggressive Judicious Frame
    This week we’ve been protecting our privacy with LineageOS and playing Rust. Telegram get fined, your cloud is being used to mine BitCoin, Google announces a new privacy focused product tier, North Korea hacks a UK TV studio, a new fully branded attack vector is unveiled and Purism reach their funding goal for the Librem 5.
  • Refreshing the Xubuntu logo
    Earlier this year I worked a bit with our logo to propose a small change to it – first change to the logo in 5 years. The team approved, but for various reasons the new logo did not make it to 17.10. Now we’re ready to push it out to the world.