Language Selection

English French German Italian Portuguese Spanish

Sci/Tech

Linux Has Landed On Mars

Filed under
GNU
Linux
Sci/Tech

NASA has landed a new rover called Perseverance on Mars. It has it's own miniature helicopter named Ingenuity that can take off, navigate, and land on Mars without human intervention. Ingenuity runs a custom Linux-based operating system, Linux has now reached Mars.

Read more

Accurate Conclusions from Bogus Data: Methodological Issues in “Collaboration in the open-source arena: The WebKit case”

Filed under
Sci/Tech

Nearly five years ago, when I was in grad school, I stumbled across the paper Collaboration in the open-source arena: The WebKit case when trying to figure out what I would do for a course project in network theory (i.e. graph theory, not computer networking; I’ll use the words “graph” and “network” interchangeably). The paper evaluates collaboration networks, which are graphs where collaborators are represented by nodes and relationships between collaborators are represented by edges. Our professor had used collaboration networks as examples during lecture, so it seemed at least mildly relevant to our class, and I wound up writing a critique on this paper for the class project. In this paper, the authors construct collaboration networks for WebKit by examining the project’s changelog files to define relationships between developers. They perform “community detection” to visually group developers who work closely together into separate clusters in the graphs. Then, the authors use those graphs to arrive at various conclusions about WebKit (e.g. “[e]ven if Samsung and Apple are involved in expensive patent wars in the courts and stopped collaborating on hardware components, their contributions remained strong and central within the WebKit open source project,” regarding the period from 2008 to 2013).

At the time, I contacted the authors to let them know about some serious problems I found with their work. Then I left the paper sitting in a short-term to-do pile on my desk, where it has been sitting since Obama was president, waiting for me to finally write this blog post. Unfortunately, nearly five years later, the authors’ email addresses no longer work, which is not very surprising after so long — since I’m no longer a student, the email I originally used to contact them doesn’t work anymore either — so I was unable to contact them again to let them know that I was finally going to publish this blog post. Anyway, suffice to say that the conclusions of the paper were all correct; however, the networks used to arrive at those conclusions suffered from three different mistakes, each of which was, on its own, serious enough to invalidate the entire work.

So if the analysis of the networks was bogus, how did the authors arrive at correct conclusions anyway? The answer is confirmation bias. The study was performed by visually looking at networks and then coming to non-rigorous conclusions about the networks, and by researching the WebKit community to learn what is going on with the major companies involved in the project. The authors arrived at correct conclusions because they did a good job at the later, then saw what they wanted to see in the graphs.

I don’t want to be too harsh on the authors of this paper, though, because they decided to publish their raw data and methodology on the internet. They even published the python scripts they used to convert WebKit changelogs into collaboration graphs. Had they not done so, there is no way I would have noticed the third (and most important) mistake that I’ll discuss below, and I wouldn’t have been able to confirm my suspicions about the second mistake. You would not be reading this right now, and likely nobody would ever have realized the problems with the paper. The authors of most scientific papers are not nearly so transparent: many researchers today consider their source code and raw data to be either proprietary secrets to be guarded, or simply not important enough to merit publication. The authors of this paper deserve to be commended, not penalized, for their openness. Mistakes are normal in research papers, and open data is by far the best way for us to be able to detect mistakes when they happen.

Read more

LabPlot 2.8.1 released

Filed under
KDE
Software
Sci/Tech

We’re happy to announce the availability of the first minor patch release of the big release we made two months ago. This release contains minor improvements and bug fixes only.

In the plot we now allow to change the background color for axis labels. This is useful if you place the axis labels above the axis line and don’t want to see an underlying line in the bounding box of the label. The default setting is that the background remain transparent.

For the cursor, the tool used to measure positions and distances in the plots, we now allow you to copy the values in the result window to the clipboard.

When pasting new values into LabPlot’s spreadsheet, the auto-detection of the datatime format has been improved. We now better recognize the different formats produced in external programs and being pasted into LabPlot.

Many smaller improvements were included in the dialog for the creation of the live-data sources related to the handling of errors coming from remote servers like MQTT brokers, etc. Besides the more stable behavior, the user now also gets clearer notifications about what went wrong. Furthermore, when reading live data it is possible to generate the timestamp column in LabPlot for the data being read also for TCP and UDP network sources. This was only possible for MQTT sources in the past.

Read more

JASP: A Less Complicated Free Open-source SPSS Alternative for Advanced Statistics

Filed under
Software
Sci/Tech

I had a run with many open-source statistics software and packages, but JASP was truly unique among them.

JASP is a free open-source complete statistical package supported by University of Amsterdam. It's a multi-platform program that runs on Windows, Linux and macOS.

It's designed for users who want to do some statistical work without having to deal with programming or dive deep in learning complex statistical programs. It's a recommended option for students and researchers.

Read more

Senaite: An Open-source Enterprise-grade Laboratory Information Management System (LIMS)

Filed under
OSS
Sci/Tech

Senaite is a free open-source self-hosted laboratory information management system (LIMS) that built for enterprise. It offers several features which are cost and resources effective with a rich set of add-ons and a strong supportive community of developers behind it.

In this article we demonstrate Senaite's features and how it helps enterprise through an efficient management for labs, lab equipments and reduce the turnaround time.

Read more

NASA ROSES-20 Amendment 64: Release of Final text of E.8 Supplemental Open Source Software Awards

Filed under
OSS
Sci/Tech
Legal

Supplemental open source software awards are used to encourage the conversion of legacy software into modern code to be released under a generally accepted, open source license (e.g., Apache-2, BSD-2-clause, GPL). The supplement would add a software component to their previously selected "parent" research and analysis award.

ROSES-2020 Amendment 64 Releases Final text for E.8 Supplemental Open Source Software Awards. Notices of Intent are not requested. Proposals will be accepted on a rolling basis with a final due date of April 14, 2021.

Read more

Chemtool: Open-source Chemical Structure drawing program

Filed under
Software
Sci/Tech

Chemtool is a lightweight application for drawing chemical structures like organic molecules. It's originally written by Thomas Volk from Germany. Later on, more developers came to aid for development and code maintenance.

[...]

The program is created for Linux X systems, it does not work on Windows or macOS.

License

Chemtool is released under GNU General Public License.

Read more

Stellarium 0.20.3 Released with Tons of Changes [Ubuntu PPA]

Filed under
Software
Sci/Tech
SciFi

Free-software planetarium Stellarium 0.20.3 was released a day ago with numerous changes. Here’s how to install it in Ubuntu 18.04, Ubuntu 20.04 via PPA.

Stellarium 0.20.3 fixed nutation and, with it, season beginning times, included many changes in AstroCalc tool, Oculars and Satellites plugins, and updated DSO catalog.

Read more

LabPlot 2.8 Released

Filed under
KDE
Software
Sci/Tech

In 2.8 we made it easier to access many online resources that provide data sets for educational purposes. These data sets cover a variety of different areas, such as physics, statistics, medicine, etc., and are usually organized in collections.

Read more

“It Just Works”: An Interview with Dexai Robotics

Filed under
Linux
Interviews
Sci/Tech

The simulators wind up using a lot of computational power, which is one of the reasons why we use System76. Portability is another. I really like the fact that I can run the full software stack on a laptop that I can always have with me. Previously, we had desktops sitting around in a lab environment, and people were often having to sign into them and borrow them. We needed a solution for new hires to have a computer they can rely on at all times.

A co-worker mentioned that she bought a machine from you guys back in 2019. After she recommended it, I did a little bit of digging online for the best Linux laptops available, and you all were named a fair amount in those searches—so I ordered one. I was pleasantly surprised with how it just worked right out of the box. I wasn’t fiddling with drivers, I wasn’t dealing with bootloader problems and figuring out how to get a working desktop environment up; I just opened it up and installed a bunch of software and I was ready to go.

Read more

Syndicate content

More in Tux Machines

today's leftovers

  • Derivation: Peppertown video-game by Congusbongus and StarNavigator

    Thanks to the authors because the game is fully open-source and released on Github under the MIT License [2]. It was made with FLOSS tools (GIMP, VS Code, Phaser, Audacity, git, Tiled) for the MiniJam22 contest [3] and congratz to Congusbongus and StarNavigator for reaching the 2nd place with Peppertown!

  • What security does a default OpenBSD installation offer? (by solene@)

    In a recent blog post, OpenBSD developer Solène Rapenne (solene@) offers an over view of the security features offered by a default OpenBSD installation.

  • Jonathan Dieter: WANPIPE and DAHDI COPR for EL8

    At Spearline, we have a number of servers around the world with Sangoma telephony cards, which use the out-of-tree wanpipe and dahdi kernel modules. As we’ve been migrating our servers from CentOS 6 to SpearlineOS, one of the problems we’ve hit has been the out-of-tree modules don’t compile against the EL8 kernels that we use as the base for SpearlineOS. [...] If there’s any interest in using the kmod RPMs without the other packages in the COPR, I could look at splitting them into a separate COPR. Please email me if you would like me to do this.

  • Mousepad 0.5.3 Is Released

    The Xfce team has released another version of the extremely plain and simple Mousepad editor. The latest version has a keybinding for resetting the font size and some small fixes. It still lacks absolutely everything beyond the ability to edit text and load and save files. [...] Mousepad still lacks all the features other simple text-editors like KWrite have beyond the very basic ability to edit text. There is no syntax high-lighting, there is no spell-checker, you can't select text and make it uppercase or lowercase or much else for that matter. It does have a search-and-replace function, and you can load and save files, and you can even have multiple files open in tabs. It does have those things going for it even though it is severely lacking in all other areas.

Free Software and Internet/Standards

  • My Firefox addons as of Firefox 86 (and the current development version)

    I was recently reminded that my most recent entry on what Firefox addons I use is now a bit over a year old. Firefox has had 14 releases since then and it feels the start of January 2020 was an entirely different age, but my Firefox addons have barely changed in the year and a bit since that entry. Since they have updated a very small amount, I'll repeat the whole list just so I have it in one spot for the next time around.

  • Delegation of responsibility for spec finalisation

    Sean is a natural choice for me to delegate this task to. He has been involved in the development of the Gemini specification for longer than anybody other than myself - he was the first person to actually implement the protocol in software, transforming it from the largely academic thought experiment that I had created it as into an actual real world project. He is the developer of a Gemini server (GLV-1.12556) and the admin of a server running it (gemini://gemini.conman.org), which means the details of the specification are of direct and practical relevance to him. He has a long-standing presence in Gopherspace, where the Gemini project was born, and therefore understands and appreciates the value of simple-by-design systems with limited scope. Finally, he has an excellent track record of constructively engaging with the mailing list even at its busiest and most frantic, which certainly can no longer be said for me. For all these reasons I trust him to make good decisions on the basis of careful consideration.

  • A Saturday waste of CPU cycles: building time_t values

    It was bad enough trying to split up all of those date strings into their constituent parts - year, month, day - all of that stuff. But, then when I tried to consistently turn them back into a time_t, I ran into a bunch of other problems. That lead to the post called time handling is garbage. That then lead into the followup post three months later which talked about making time_t values without using mktime and the TZ variable.

Programming Leftovers

  • Revisiting Html in Java

    Some time ago I wrote a post about creating an embedded dsl for Html in Java. Sadly, it was based on an abuse of lambda name reflection that was later removed from Java. I thought I should do a followup because a lot of people still visit the old article. While it’s no longer possible to use lambda parameter names in this way, we can still get fairly close.

  • Use Dash as /bin/sh

    I want startup scripts and everything that has a #!/bin/sh shebang to use the lightest possible shell by default, but I still want my trusty bash in interactive terminal sessions, and for complex scripts.

  • How to Use Group by in Pandas Python – Linux Hint

    Pandas group by function is used for grouping DataFrames objects or columns based on particular conditions or rules. Using the groupby function, the dataset management is easier. However, all related records can be arranged into groups. Using the Pandas library, you can implement the Pandas group by function to group the data according to different kinds of variables. Most developers used three basic techniques for the group by function. First, splitting in which data divide into groups based on some particular conditions. Then, apply certain functions to these groups. In the end, combine the output in the form of data structure. In this article, we will walk through the basic uses of a group by function in panda’s python. All commands are executed on the Pycharm editor.

  • gfldex: Undocumented escape hatch

    On my quest to a custom when-statement I did quite a bit of reading. The study of roast and Actions.nqp can lead to great gain in knowledge.

  • Knowing when to look past your code

    At some point, though, your journies will take you to places where things aren’t so clear cut, and you’ll start to gain a sixth sense; a kind of visceral experience that things are not as they have been promised to be.

    A few weeks ago, that sixth sense whispered in my ear: “what if, instead of your cruddy bootloader written in a pre-1.0 systems language for a platform you don’t fully understand, it’s the 20 year-old project with 80,000 commits that’s wrong?” And it was right.

  • Cambalache…
  • C++ Friend Function – Linux Hint

    A function is a block of code that performs a certain task and provides the output. It is mainly used to eliminate repetitive code. In this tutorial, we will look into the friend function in C++ and explain its concept with working examples.

  • mrcal: principled camera calibrations

    In my day job I work with images captured by cameras, using those images to infer something about the geometry of the scene being observed. Naturally, to get good results you need to have a good estimate of the behavior of the lens (the "intrinsics"), and of the relative geometry of the cameras (the "extrinsics"; if there's more than one camera). The usual way to do this is to perform a "calibration" procedure to compute the intrinsics and extrinsics, and then to use the resulting "camera model" to process the subsequent images. Wikipedia has an article. And from experience, the most common current toolkit to do this appears to be OpenCV. People have been doing this for a while, but for whatever reason the existing tools all suck. They make basic questions like "how much data should I gather for a calibration?" and "how good is this calibration I just computed?" and "how different are these two models?" unanswerable.

Security Leftovers

                   
  • SolarWind, enough with the password already!
                     
                       

    This is a much delayed discussion on the complexity and nuance of the SolarWind hack. The simplistic and wrong messaging from some quarters of the infosec community has resulted in an atrocious misunderstanding of the hack in the public sphere. This has extended into the policy world as these bad takes are treated as cogent analysis.

  •                
  • Microsoft chief's claims on cloud security result in sharp rejoinder

    Comments made by Microsoft president Brad Smith to the US Senate Select Committee on Intelligence, which held a hearing on the SolarWinds attacks last week, claiming that there is more security in the cloud than in on-premises servers, have met a tough response from former NSA hacker Jake Williams, who characterised them as having caused more harm to security than the SolarWinds attackers did in the first place. Williams, a well-known figure in the infosec community who runs his own private security outfit, Rendition Infosec, said in a tweet: "I've been thinking a LOT about Brad Smith's testimony this week about #SolariGate. He repeatedly implies that if organisations 'just' adopt a cloud first model, they won't experience these sorts of attacks. I called that reckless then, I'm doubling down now." [...] The SolarWinds attacks were first revealed by the American security firm FireEye on 9 December, when it revealed that its Red Team tools had been stolen. Five days later, FireEye issued a blog post outlining the scale of the attack as known at that stage: a global campaign to compromise public and private sector bodies through corruption of software supply chains, using software that runs on Windows. FireEye chief Kevin Mandia also gave testimony to the same committee hearing. Williams said Smith should have offered more nuance and caveats in his statements. "With his statements that lacked appropriate nuance and caveats, I predict that Smith has caused more harm to security than the Russians did with #SolariGate in the first place," he said. "Yes, I know that's a strong statement. Yes, I mean it." He added: "A lot of leadership who don't know any better heard this testimony and are constructing cloud-first directives as I type this. But they're doing it without understanding the risks and trade-offs. They're doing this without the benefit of creating a strategy first." Microsoft has made a number of statements since the attack first came to light, initially denying its products were part of the problem, but later admitting that the attackers had accessed its source code.

  •  
  • The World Economic Forum Warns That 2021 Could Be The Year Of The CyberAttacks

    Klaus Schwab, founder of the World Economic Forum and author of the book "COVID19: The Great Reset", has repeatedly warned about the possibility of devastating large-scale cyberattacks. One of his firmest warnings was given in a heartwarming speech at the WEF-sponsored Cyber Polygon event on July 24th, 2020. The World Economic Forum Centre for Cybersecurity expects the total cost of cyberattacks this year to be $6 trillion. [...] Running up-to-date free software based solutions such as Linux and *BSD is a good preventative measure against real cyberattacks. It will, sadly, not do much difference if a government decides to cut power or Internet access as part of a global "Great Reset" agenda or because inconvenient mass-demonstrations break out.

  •            
  • Switching back to OpenSSL
                 
                   

    For most users, there should be no noticeable change. If you have any packages installed that are no longer provided by Void, or your system has explicit dependencies on LibreSSL, you will of course need to take action to ensure your system continues to function after the switch.

  •               
  • Microsoft patches serious NTFS drive corruption flaw in Windows 10... but there's a catch

    Around a month and a half ago we reported about a serious flaw in Windows 10 that could be exploited to corrupt the contents of an NTFS drive. With Microsoft dawdling in its response, it was down to security researchers from OSR to produce a third-party patch. But now Microsoft has stepped up to the plate and, finally, come up with an official fix for the flaw. Sadly, it's not all good news as the fix is not currently available for everyone.