Language Selection

English French German Italian Portuguese Spanish

OSS

OSS Leftovers

Filed under
OSS
  • Comment: Many happy returns to open source

    Twenty years ago the phrase “open source” was first used and the development of software – and hardware – was changed forever.

    Very few designers today will not use some element of open source software in their development projects.

  • Percona Unveils Full Conference Session Schedule for the Annual Percona Live Open Source Database Conference 2018
  • Worth seeing in Barcelona: Open source for white box vRAN solutions

    News this week from cloud and carrier infrastructure platform company Kontron builds on our earlier coverage of the emerging virtual radio access network (vRAN); a promising technology that could help the evolution to 5G by maximising available bandwidth while lowering costs. The market for open vRAN solutions is gaining wider acceptance as operators seek more cost-effective approaches to network architectures and deployment. According to analyst firm Research and Markets, the growth of the vRAN market is expected to grow at a CAGR of approximately 125 per cent during the next three years.

  • Barcelona is the first city council to join the FSFE's "Public Money? Public Code!" campaign
  • Earlham Institute releases open source software to help identify gene families

    Researchers at Earlham Institute (EI) have released ‘GeneSeqToFamily’, an open-source Galaxy workflow that helps scientists to find gene families based on the ‘EnsemblCompara GeneTrees’ pipeline.

    Published in Gigascience, the open source Galaxy workflow aims to make researchers job of finding find gene families much easier.

  • 3 reasons to say 'no' in DevOps

    DevOps, it has often been pointed out, is a culture that emphasizes mutual respect, cooperation, continual improvement, and aligning responsibility with authority.

    Instead of saying no, it may be helpful to take a hint from improv comedy and say, "Yes, and..." or "Yes, but...". This opens the request from the binary nature of "yes" and "no" toward having a nuanced discussion around priority, capacity, and responsibility.

  • 5 rules for having genuine community relationships

    As I wrote in the first article of this three-part series on the power and importance of communities, building a community of passionate and committed members is difficult. When we launched the NethServer community, we realized early that to play the open source game, we needed to follow the open source rules. No shortcuts. We realized we had to convert the company in an open organization and start to work out in the open.

  •  

  • Rust Typestates

    A long time ago, the Rust language was a language with typestate. Officially, typestates were dropped long before Rust 1.0. In this entry, I’ll get you in on the worst kept secret of the Rust community: Rust still has typestates.

  • It's Time To Do CMake Right

    Not so long ago I got the task of rethinking our build system. The idea was to evaluate existing components, dependencies, but most importantly, to establish a superior design by making use of modern CMake features and paradigms. Most people I know would have avoided such enterprise at all costs, but there is something about writing find modules that makes my brain release endorphins. I thought I was up for an amusing ride. Boy was I wrong.

France Proposes Software Security Liability For Manufacturers, Open Source As Support Ends

Filed under
OSS
Security

It sometimes seems as though barely a week can go by without yet another major software-related hardware vulnerability story. As manufacturers grapple with the demands of no longer building simple appliances but instead supplying them containing software that may expose itself to the world over the Internet, we see devices shipped with insecure firmware and little care for its support or updating after the sale.

The French government have a proposal to address this problem that may be of interest to our community, to make manufacturers liable for the security of a product while it is on the market, and with the possibility of requiring its software to be made open-source at end-of-life. In the first instance it can only be a good thing for device security to be put at the top of a manufacturer’s agenda, and in the second the ready availability of source code would present reverse engineers with a bonanza.

Read more

OSS: IBM, Logz.io, Forbes FUD and OpenAI

Filed under
OSS

Events: FOSDEM Samba Talks, USENIX Enigma, LCA (linux.conf.au) and FAST18

Filed under
OSS
  • Authentication and authorization in Samba 4

    Volker Lendecke is one of the first contributors to Samba, having submitted his first patches in 1994. In addition to developing other important file-sharing tools, he's heavily involved in development of the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller (DC) code was written by his colleague Stefan Metzmacher, winbind is a crucial component of Samba's AD functionality. In his information-packed talk at FOSDEM 2018, Lendecke said he aimed to give a high-level overview of what AD and Samba authentication is, and in particular the communication pathways and trust relationships between the parts of Samba that authenticate a Samba user in an AD environment.

  • Two FOSDEM talks on Samba 4

    Much as some of us would love never to have to deal with Windows, it exists. It wants to authenticate its users and share resources like files and printers over the network. Although many enterprises use Microsoft tools to do this, there is a free alternative, in the form of Samba. While Samba 3 has been happily providing authentication along with file and print sharing to Windows clients for many years, the Microsoft world has been slowly moving toward Active Directory (AD). Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has been increasingly ready for deployment. Three short talks at FOSDEM 2018 provided three different views of Samba 4, also known as Samba-AD, and left behind a pretty clear picture that Samba 4 is truly ready for use. I will cover the first two talks in this article, and the third in a later one.

  • A report from the Enigma conference

    The 2018 USENIX Enigma conference was held for the third time in January. Among many interesting talks, three presentations dealing with human security behaviors stood out. This article covers the key messages of these talks, namely the finding that humans are social in their security behaviors: their decision to adopt a good security practice is hardly ever an isolated decision.

    Security conferences tend to be dominated by security researchers demonstrating their latest exploits. The talks are attack-oriented, they keep a narrow focus, and usually they close with a dark outlook. The security industry has been doing security conferences like this for twenty years and seems to prefer this format. Yet, if you are tired of this style, the annual USENIX Enigma conference is a welcome change of pace. Most of the talks are defense-oriented, they have a horizon going far beyond technology alone, and they are generally focused on successful solutions.

  • DIY biology

    A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at linux.conf.au 2018 about the current trends in "do it yourself" (DIY) biology or "biohacking". He is perhaps most famous for being prosecuted for implanting an Opal card RFID chip into his hand; the Opal card is used for public transportation fares in Sydney. He gave more details about his implant as well as describing some other biohacking projects in an engaging presentation.

    Meow-Meow is a politician with the Australian Science Party, he said by way of introduction; he has run in the last two elections. He founded BioFoundry, which is "Australia's first open-access molecular biology lab"; there are now two such labs in the country. He is also speaks frequently as "an emerging technology evangelist" for biology as well as other topics.

  • Notes from FAST18

    I attended the technical sessions of Usenix's File And Storage Technology conference this week. Below the fold, notes on the papers that caught my attention.

Why open source could be IBM's key to future success in the cloud

Filed under
Server
OSS

Do those same developers need IBM? Developers certainly benefit from IBM's investments in open source, but it's not as clear that those same developers have much to gain from IBM's cloud. Google, for example, has done a stellar job open sourcing code like TensorFlow and Kubernetes that feeds naturally into running related workloads on Google Cloud Platform. Aside from touting its Java bonafides, however, IBM has yet to demonstrate that developers get significant benefits for modern workloads on its cloud.

That's IBM's big challenge: Translating its open source expertise into real, differentiated value for developers on its cloud.

Read more

OSS Leftovers

Filed under
OSS
  • QMO: Firefox 59 Beta 10 Testday Results

    As you may already know, last Friday – February 16nd – we held a new Testday event, for Firefox 59 Beta 10.

    Thank you Mohammed Adam, Abhishek Haridass,  Fahima Zulfath A. and  Surentharan.R.A. from  India QA Community team for helping us make Mozilla a better place.

  • Bugzilla Triage Helper

    There are an awful lot of bugs filed against Firefox and all it's components in the course of a release. Keeping on top of that is hard and some teams have adopted some policies to help with that (for example see: design-decision-needed).

    Having a consistent approach to bugs across the organisation makes it a little easier for everyone to get a feel for what's going.

  • Alfresco Founder: Commercial Open Source is more than Old Stuff for Free

    February sees Open Source turn 20 years old. Or the OSI definition at least. According to the OSI, the term was coined in Palo Alto by nanotechnologist Christine Peterson during a meeting on February 3rd, 1998 shortly after the announcement of the release of Netscape’s source code.

  • EOH and LSD Information Technology partner to lead open source in Africa

    By identifying global trends and local needs, EOH is able to proactively source and secure capabilities that will assist with the adoption of the digital revolution. LSD’s offerings across Linux, automation, devops and containers is a great technology fit for EOH to lead open source in the market.

  • Choosing a tool to track and mitigate open source security vulnerabilities

    Continuously tracking your application’s dependencies for vulnerabilities and efficiently addressing them is no simple feat. In addition, this is a problem shared by all, and is not an area most companies would consider their core competency. Therefore, it is a great opportunity for the right set of tools to help tackle this concern.

  • Open source software: to be celebrated or cursed?

    The use of Open Source Software (OSS) has become widespread. The latest statistics show that 78% of companies run OSS, and a number of mainstream software and hardware products are based on the OSS model – for example Android, Skype [sic], Firefox, Amazon Kindle, Tivo and BT Home Hub.

  • Marshall Students Use Open Source Data to Help Stop Sex Trafficking Cases

    The work involved sex trafficking cases in Latin America, the Caribbean and Southeast Asia. Select students in Marshall’s Open Source Intelligence Exchange program worked to provide open source intelligence collection and analysis for law enforcement and other clients. Open source refers to data collection from publicly available sources.

  • Stanford scholar celebrates Western culture’s open-access tradition

    The move toward “open access” to research and scholarship, far from being a modern digital-age creation, has roots in the West that date back to medieval times, writes a Stanford education scholar. John Willinsky’s new book explains how learning has long benefited from efforts to increase its circulation.

Events: OpenStack Summit Vancouver, IBM Index, Eclipse CheConf 2018

Filed under
OSS
  • OpenStack Summit Vancouver '18: Vote for Speakers

    The next OpenStack Summit takes place again in Vancouver (BC, Canada), May 21-25, 2018. The "Vote for Presentations" period started. All proposals are up for community votes. The deadline for your vote is will end February 25 at 11:59pm PST (February 26th at 8:59am CET)

  • IBM Index: A Community Event for Open Source Developers

    The first-ever INDEX community event, happening now in San Francisco, is an open developer conference featuring sessions on topics including artificial intelligence, machine learning, analytics, cloud native, containers, APIs, languages, and more.

  • Eclipse CheConf 2018 – Join the live stream February 21st at 10 am EST

    2017 was a fantastic year for the Che project, with more contributors, more commits, and more usage – this solidified Che’s position as the leading developer workspace server and browser IDE. Eclipse Che users logged over 7 million hours of public Che usage (plus more in private installs). We’ll discuss the growing cloud development market, Che’s position in it, and the exciting changes we’re planning for 2018.

Openwashing of AT&T by the Linux Foundation

Filed under
OSS

Bang & Olufsen’s RPi add-on brings digital life to old speakers

Filed under
Linux
OSS

B&O and HiFiBerry have launched an open source, DIY “Beocreate 4” add-on for the Raspberry Pi that turns vintage speakers into digitally amplified, wireless-enabled smart speakers with the help of a 180-Watt 4-channel amplifier, a DSP, and a DAC.

Bang & Olufsen has collaborated with HiFiBerry to create the open source, $189 Beocreate 4 channel amplifier kit. The 180 x 140 x 30mm DSP/DAC/amplifier board pairs with your BYO Raspberry Pi 3 with a goal of upcycling vintage passive speakers.

Read more

Open source COM runs mainline Linux on Microchip SAMA5D2 SiP

Filed under
Linux
OSS

Microchip unveiled an open source, mainline Linux ready “SAMA5D27 SOM” module based on a SiP implementation of its Cortex-A5-based SAMA5D27 SoC with 128MB RAM. The 40 x 38mm module is also available with a SOM1-EK1 dev board.

Long before it was acquired by Microchip Technology, Atmel has been producing a line of Linux-focused, Cortex-A5 based SAMA5 SoCs, but the only Atmel-branded SAMA5 boards were its open-spec Xplained development boards developed with Newark Element14. The SAMA5 family was always a side business to Atmel’s MCU line, with very little integration between the two. With its ATSAMA5D27-SOM1 (SAMA5D27 SOM1) module, which uses a system-in-package (SiP) implementation of Microchip’s SAMA5D27 SoC, Microchip is starting to bridge the gap between the SAMA5 product line and its much larger RTOS/MCU business.

Read more

Syndicate content

More in Tux Machines

GNOME and Fedora

  • RFC: Integrating rsvg-rs into librsvg
    I have started an RFC to integrate rsvg-rs into librsvg. rsvg-rs is the Rust binding to librsvg. Like the gtk-rs bindings, it gets generated from a pre-built GIR file.
  • 1+ year of Fedora and GNOME hardware enablement
    A year and a couple of months ago, Christian Schaller asked me to pivot a little bit from working full time on Fleet Commander to manage a new team we were building to work on client hardware enablement for Fedora and GNOME with an emphasis on upstream. The idea was to fill the gap in the organization where nobody really owned the problem of bringing up new client hardware features vertically across the stack (from shell down to the kernel), or rather, ensure Fedora and GNOME both work great on modern laptops. Part of that deal was to take over the bootloader and start working closer to customers and hardware manufacturing parnters.
  • Fedora Atomic Workstation: Works on the beach
    My trip is getting really close, so I decided to upgrade my system to rawhide. Wait, what ? That is usually what everybody would tell you not to do. Rawhide has this reputation for frequent breakage, and who knows if my apps will work any given day. Not something you want to deal with while traveling.
  • 4 cool new projects to try in COPR for February

Why You Shouldn’t Use Firefox Forks (and Proprietary Opera)

  • Why You Shouldn’t Use Firefox Forks Like Waterfox, Pale Moon, or Basilisk
    Mozilla Firefox is an open source project, so anyone can take its code, modify it, and release a new browser. That’s what Waterfox, Pale Moon, and Basilisk are—alternative browsers based on the Firefox code. But we recommend against using any of them.
  • Opera Says Its Next Opera Release Will Have the Fastest Ad Blocker on the Block
    Opera Software promoted today its upcoming Opera 52 web browser to the beta channel claiming that it has the faster ad blocker on the market compared to previous Opera release and Google Chrome. One of the key highlights of the Opera 52 release will be the improved performance of the built-in ad blocker as Opera claims to have enhanced the string matching algorithm of the ad blocker to make it open web pages that contain ads much faster than before, and, apparently than other web browsers, such as Chrome.

Graphics: Glxinfo, ANV, SPIR-V

  • Glxinfo Gets Updated With OpenGL 4.6 Support, More vRAM Reporting
    The glxinfo utility is handy for Linux users in checking on their OpenGL driver in use by their system and related information. But it's not often that glxinfo itself gets updated, except that changed today with the release of mesa-demos-8.4.0 as the package providing this information utility. Mesa-demos is the collection of glxinfo, eglinfo, glxgears, and utilities related to Mesa. With the Mesa-demos 8.4.0 it is predominantly glxinfo updates.
  • Intel ANV Getting VK_KHR_16bit_storage Support Wrapped Up
    Igalia's Jose Maria Casanova Crespo sent out a set of patches today for fixes that allow for the enabling of the VK_KHR_16bit_storage extension within Intel's ANV Vulkan driver. The patches are here for those interested in 16-bit storage support in Vulkan. This flips on the features for storageBuffer16BitAccess, uniformAndStorageBuffer16BitAccess, storagePushConstant16 and the VK_KHR_16bit_storage extension. This support is present for Intel "Gen 8" Broadwell graphics and newer. Hopefully the work will be landing in Mesa Git soon.
  • SPIR-V Support For Gallium3D's Clover Is Closer To Reality
    It's been a busy past week for open-source GPU compute with Intel opening up their new NEO OpenCL stack, Karol Herbst at Red Hat posting the latest on Nouveau NIR support for SPIR-V compute, and now longtime Nouveau contributor Pierre Moreau has presented his latest for SPIR-V Clover support. Pierre has been spending about the past year adding SPIR-V support to Gallium3D's "Clover" OpenCL state tracker. SPIR-V, of course, is the intermediate representation used now by OpenCL and Vulkan.

Security: Updates, Tinder, FUD and KPTI Meltdown Mitigation

  • Security updates for Friday
  • Tinder vulnerability let hackers [sic] take over accounts with just a phone number

    The attack worked by exploiting two separate vulnerabilities: one in Tinder and another in Facebook’s Account Kit system, which Tinder uses to manage logins. The Account Kit vulnerability exposed users’ access tokens (also called an “aks” token), making them accessible through a simple API request with an associated phone number.

  • PSA: Improperly Secured Linux Servers Targeted with Chaos Backdoor [Ed: Drama queen once again (second time in a week almost) compares compromised GNU/Linux boxes to "back doors"]
    Hackers are using SSH brute-force attacks to take over Linux systems secured with weak passwords and are deploying a backdoor named Chaos. Attacks with this malware have been spotted since June, last year. They have been recently documented and broken down in a GoSecure report.
  • Another Potential Performance Optimization For KPTI Meltdown Mitigation
    Now that the dust is beginning to settle around the Meltdown and Spectre mitigation techniques on the major operating systems, in the weeks and months ahead we are likely to see more performance optimizations come to help offset the performance penalties incurred by mitigations like kernel page table isolation (KPTI) and Retpolines. This week a new patch series was published that may help with KPTI performance.