Language Selection

English French German Italian Portuguese Spanish

Sci/Tech

Awards for UNIX and for Security Protocols (Mozilla)

Filed under
OS
Moz/FF
OSS
Security
Sci/Tech
  • The National Inventors Hall of Fame Announces Its 2019 Inductees

    Posthumously honored inventors include Lee; UNIX co-creator Dennis Ritchie; thiazide diuretic pioneers John Baer, Karl H. Beyer Jr., Frederick Novello and James Sprague; hand-held electric drill inventors Duncan Black and Alonzo G. Decker of the popular Black & Decker power tool company; Andrew Higgins, the mastermind behind the Higgins Boats used by American troops landing at Normandy on D-Day; and Joseph Muhler and William Nebergall, creators of the cavity-preventing stannous fluoride toothpaste better known today by the brand name Crest.

  • National Inventors Hall of Fame honors creators of Unix, power drills and more
  • Eric Rescorla Wins the Levchin Prize at the 2019 Real-World Crypto Conference

    The Levchin Prize awards two entrepreneurs every year for significant contributions to solving global, real-world cryptography issues that make the internet safer at scale. This year, we’re proud to announce that our very own Firefox CTO, Eric Rescorla, was awarded one of these prizes for his involvement in spearheading the latest version of Transport Layer Security (TLS). TLS 1.3 incorporates significant improvements in both security and speed, was completed in August and already secures 10% of sites.

    Eric has contributed extensively to many of the core security protocols used in the Internet, including TLS, DTLS, WebRTC, ACME, and the in development IETF QUIC protocol.  Most recently, he was editor of TLS 1.3, which already secures 10% of websites despite having been finished for less than six months. He also co-founded Let’s Encrypt, a free and automated certificate authority that now issues more than a million certificates a day, in order to remove barriers to online encryption and helped HTTPS grow from around 30% of the web to around 75%. Previously, he served on the California Secretary of State’s Top To Bottom Review where he was part of a team that found severe vulnerabilities in multiple electronic voting devices.

  • Great, you've moved your website or app to HTTPS. How do you test it? Here's a tool to make local TLS certs painless

    A Google cyrptoboffin is close to releasing a tool that will hopefully make all of us more secure online.

    Now that most web traffic travels over HTTPS and browser features increasingly expect security, developers really should be creating and testing apps in an HTTPS environment.

    Doing so requires installing a TLS/SSL certificate locally, but the process isn't as easy as it might be. With a bit of effort, devs can generate their own certificate, self-signed or signed by the local root, and install it. Various online tutorials offers ways to do so. There are also projects like minica that aim to ease the pain.

    But it could be easier still, along the lines of Let's Encrypt, a tool that lets websites handle HTTPS traffic through automated certificate issuance and installation.

Taking machine learning to the birds

Filed under
OSS
Sci/Tech

The Cacophony Project's broad vision is to bring back New Zealand's native birds using the latest technology to monitor bird populations and humanely eliminate the introduced predators that are endangering them.

The project started in our founder's backyard to measure the effectiveness of his efforts to protect the birds on his property. From this simple beginning, the project has quickly grown into a system that includes two edge devices, a cloud server, and automatic identification of animals using machine learning. The project has been completely open source from the beginning and sees regular contributions from a wide variety of volunteers.

Read more

Cantor 18.12 – KDE way of doing mathematics

Filed under
KDE
Sci/Tech

Curious to read about Cantor on LabPlot’s homepage? This is easy to explain. Cantor has got quite a lot of development in the last couple of months, also with great contribution from LabPlot developers. There is a close collaboration between these two KDE projects which we hope to intensify even further in future and to make better use of the common code and human resources in order to provide a strong computational and visualization platform for scientific purposes.

In this blog post we want to highlight the more striking new features in Cantor 18.12 that was recently released. Since Cantor can run embedded in LabPlot (see the LabPlot 2.3 release announcement for couple of examples), all the features described below are of course also available for users using Cantor from within LabPlot.

We invested quite a lot into improving the overall usability of Cantor’s worksheet. First improvement we want to mention is the handling of long running and waiting commands. In the past, when executing multiple commands at the same time, there was no feedback for the user which command is being calculated right now and which commands are waiting. In the current release we highlight the currently calculated command entry with a small animation of the prompt. The pending (meaning, queued but not being calculated yet) command entries are also highlighted so the user has the full picture of the processing status.

Read more

How I Quit Apple, Microsoft, Google, Facebook, and Amazon

Filed under
Hardware
OSS
Sci/Tech

It was just before closing time at a Verizon store in Bushwick, New York last May when I burst through the door, sweaty and exasperated. I had just sprinted—okay I walked, but briskly—from another Verizon outlet a few blocks away in the hopes I’d make it before they closed shop for the night. I was looking for a SIM card that would fit a refurbished 2012 Samsung Galaxy S3 that I had recently purchased on eBay, but the previous three Verizon stores I visited didn’t have any chips that would fit such an old model.

When I explained my predicament to the salesperson, he laughed in my face.

“You want to switch from you current phone to an... S3?” he asked incredulously.

I explained my situation. I was about to embark on a month without intentionally using any services or products produced by the so-called “Big Five” tech companies: Amazon, Apple, Facebook, Google, and Microsoft. At that point I had found adequate, open source replacements for most of the services offered by these companies, but ditching the Android OS, which is developed by Google, was proving difficult.

Most of the tech I use on a day-to-day basis is pretty utilitarian. At the time I was using a cheap ASUS laptop at work and a homebrew PC at my apartment. My phone was a Verizon-specific version of the Samsung Galaxy J3, a 2016 model that cost a little over $100 new. They weren't fancy, but they’ve reliably met most of my needs for years.

For the past week and a half I had spent most of my evenings trying to port an independent mobile OS called Sailfish onto my phone without any luck. As it turned out, Verizon had locked the bootloader on my phone model, which is so obscure that no one in the vibrant Android hacking community had dedicated much time to figuring out a workaround. If I wanted to use Sailfish, I was going to have to get a different phone.

Read more

Innovating Nanotechnology with Open Science and AI

Filed under
Sci/Tech

Read how Open Source techniques are driving innovation in Nanotechnology by looking into several aspects through Open Science and AI.
Read more

What Does "Ethical" AI Mean for Open Source?

Filed under
OSS
Sci/Tech

It would be an understatement to say that artificial intelligence (AI) is much in the news these days. It's widely viewed as likely to usher in the next big step-change in computing, but a recent interesting development in the field has particular implications for open source. It concerns the rise of "ethical" AI.

In October 2016, the White House Office of Science and Technology Policy, the European Parliament's Committee on Legal Affairs and, in the UK, the House of Commons' Science and Technology Committee, all released reports on how to prepare for the future of AI, with ethical issues being an important component of those reports. At the beginning of last year, the Asilomar AI Principles were published, followed by the Montreal Declaration for a Responsible Development of Artificial Intelligence, announced in November 2017.

Abstract discussions of what ethical AI might or should mean became very real in March 2018. It was revealed then that Google had won a share of the contract for the Pentagon's Project Maven, which uses artificial intelligence to interpret huge quantities of video images collected by aerial drones in order to improve the targeting of subsequent drone strikes. When this became known, it caused a firestorm at Google. Thousands of people there signed an internal petition addressed to the company's CEO, Sundar Pichai, asking him to cancel the project. Hundreds of researchers and academics sent an open letter supporting them, and some Google employees resigned in protest.

Read more

Programming: ProjectQ and Rust

Filed under
Development
Moz/FF
Sci/Tech
  • Open-Source Software Framework Makes Quantum Computing More Accessible

    To help further this field, Häner and a team at ETH Zurich created ProjectQ, a free, open-source software framework for quantum computing that allows users to implement their quantum programs in the high-level programming language Python using a powerful and intuitive syntax. ProjectQ can then translate these programs to any type of back-end, either a simulator run on a classical computer or an actual quantum chip.

  • This Week in Rust 245

    Always wanted to contribute to open-source projects but didn't know where to start? Every week we highlight some tasks from the Rust community for you to pick and get started!

Deep learning and free software

Filed under
Debian
Sci/Tech

Deep-learning applications typically rely on a trained neural net to accomplish their goal (e.g. photo recognition, automatic translation, or playing go). That neural net uses what is essentially a large collection of weighting numbers that have been empirically determined as part of its training (which generally uses a huge set of training data). A free-software application could use those weights, but there are a number of barriers for users who might want to tweak them for various reasons. A discussion on the debian-devel mailing list recently looked at whether these deep-learning applications can ever truly be considered "free" (as in freedom) because of these pre-computed weights—and the difficulties inherent in changing them.

The conversation was started by Zhou Mo ("Lumin"); he is concerned that, even if deep-learning application projects release the weights under a free license, there are questions about how much freedom that really provides. In particular, he noted that training these networks is done using NVIDIA's proprietary cuDNN library that only runs on NVIDIA hardware.

Read more

Meet the Astronaut AI that Runs on Ubuntu

Filed under
Sci/Tech
Ubuntu

Meet CIMON (Crew Interactive Mobile CompanioN). This free-floating Ubuntu-based cyber colleague has been designed to “mitigate” the stresses of, and share the work during, long-term spaceflight.

And to do that he’s had to boldly go where no AI assistant has gone before: space.

Read more

How Docker Is Helping to Save The World (Literally)

Filed under
Server
Sci/Tech

There are many different things that individuals might consider to be a life threatening event and then there are extinction level events, for example an asteroid hitting Earth.

While the idea of an asteroid hitting Earth and ending all life is the stuff of Hollywood movie like Armageddon, it's an actual, though remote, possibility that NASA is investigating, with the help of Docker containers.

NASA is currently developing a mission known as DART - the Double Asteroid Redirection Test, which is a spacecraft that will deploy a kinetic impact technique to deflect an asteroid. Christopher Heistand, DART Flight Software Lead, at the The Johns Hopkins University Applied Physics Laboratory (APL) that is helping to build the DART ship, detailed how his group is using Docker.

Read more

Syndicate content

More in Tux Machines

today's howtos

Get started with Roland, a random selection tool for the command line

There seems to be a mad rush at the beginning of every year to find ways to be more productive. New Year's resolutions, the itch to start the year off right, and of course, an "out with the old, in with the new" attitude all contribute to this. And the usual round of recommendations is heavily biased towards closed source and proprietary software. It doesn't have to be that way. Here's the seventh of my picks for 19 new (or new-to-you) open source tools to help you be more productive in 2019. Read more

Nginx vs Apache: Which Serves You Best in 2019?

For two decades Apache held sway over the web server market which is shrinking by the day. Not only has Nginx caught up with the oldest kid on the block, but it is currently the toast of many high traffic websites. Apache users might disagree here. That is why one should not jump to conclusions about which web server is better. The truth is that both form the core of complete web stacks (LAMP and LEMP), and the final choice boils down to individual needs. For instance, people running Drupal websites often call on Apache, whereas WordPress users seem to favor Nginx as much if not more. Accordingly, our goal is to help you understand your own requirements better rather than providing a one-size recommendation. Having said that, the following comparison between the two gives an accurate picture. Read more

Security: Updates, 'Smart' Things, Android Proprietary Software and Firefox Woes on Windows

  • Security updates for Friday
  • How Do You Handle Security in Your Smart Devices?
    Look around your daily life and that of your friends and family, and you’ll see that smart devices are beginning to take over our lives. But this also means an increase in a need for security, though not everyone realizes it, as discussed in a recent article on our IoT-related site. Are you aware of the need for security even when it’s IoT-related? How do you handle security in your smart devices?
  • A Vulnerability in ES File Explorer Exposes All of Your Files to Anyone on the Same Network
  • 2018 Roundup: Q1
    One of our major pain points over the years of dealing with injected DLLs has been that the vendor of the DLL is not always apparent to us. In general, our crash reports and telemetry pings only include the leaf name of the various DLLs on a user’s system. This is intentional on our part: we want to preserve user privacy. On the other hand, this severely limits our ability to determine which party is responsible for a particular DLL. One avenue for obtaining this information is to look at any digital signature that is embedded in the DLL. By examining the certificate that was used to sign the binary, we can extract the organization of the cert’s owner and include that with our crash reports and telemetry. In bug 1430857 I wrote a bunch of code that enables us to extract that information from signed binaries using the Windows Authenticode APIs. Originally, in that bug, all of that signature extraction work happened from within the browser itself, while it was running: It would gather the cert information on a background thread while the browser was running, and include those annotations in a subsequent crash dump, should such a thing occur.