Language Selection

English French German Italian Portuguese Spanish

For Open-Source Software, the Developers Are All of Us

Filed under
OSS

This problem goes back decades and has multiple root causes that culminate in the mess we have today. Hardware and software makers lack liability for flaws, which leads to sub-par rigor in verifying that systems are hardened against known vulnerabilities. A rise in advertising revenue from "big data" encourages firms to hoard information, looking for the right time to cash out their users' information. Privacy violations go largely unpunished in courts, and firms regularly get away with enormous data breaches without paying any real price other than pride.

But it doesn't have to be this way. Open software development has been a resounding success for businesses, in the form of Linux, BSD and the hundreds of interconnected projects for their platforms. These open platforms now account for the lion's share of the market for servers, and businesses are increasingly looking to open software for their client structure as well as for being a low-cost and high-security alternative to Windows and OS X.

Read more

More in Tux Machines

LLVM/AOCC, GCC at AMD

  • Radeon GCC Back-End Updated For Running Single-Threaded C & Fortran On AMD GPUs
    Back in September Code Sourcery / Mentor Graphics posted the Radeon GCC back-end they have been developing with the cooperation of AMD. This is for allowing the GCC compiler to eventually offload nicely to Radeon GPUs with its different programming languages and supported parallel programming models, particularly with OpenMP and OpenACC in mind. But for now this patch series just works with single-threaded C and Fortran programs. The second version of this port was posted for review. Hitting the GCC mailing list on Friday was the updated version of this AMD GCN port targeting Tonga/Fiji through Vega graphics hardware. Code Sourcery will post the OpenACC/OpenMP support bits at a later date while for now the code works with single-threaded C/Fortran programs with C++ not yet supported, among other initial shortcomings. For now the AMDGPU LLVM back-end is far more mature in comparison, which is what's currently used by the open-source AMD Linux driver compute and graphics stacks.
  • AMD Optimizing C/C++ Compiler 1.3 Brings More Zen Tuning
    Earlier this month AMD quietly released a new version of their Optimizing C/C++ compiler in the form of AOCC 1.3. This new compiler release has more Zen tuning to try to squeeze even more performance out of Ryzen/EPYC systems when using their LLVM-based compiler. The AMD Optimizing C/C++ Compiler remains AMD's high performance compiler for Zen compared to the earlier AMD Open64 Compiler up through the Bulldozer days. AOCC is based on LLVM Clang with various patches added in. Fortunately, with time at least a lot of the AOCC patches do appear to work their way into upstream LLVM Clang. AOCC also has experimental Fortran language support using the "Flang" front-end that isn't as nearly mature as Clang.

Security: Japan's Top Cybersecurity Official, SuperCooKey, Information Breach on HealthCare.gov

  • Security News This Week: Japan's Top Cybersecurity Official Has Never Used a Computer
  • SuperCooKey – A SuperCookie Built Into TLS 1.2 and 1.3

    TLS 1.3 has a heavily touted feature called 0-RTT that has been paraded by CloudFlare as a huge speed benefit to users because it allows sessions to be resumed quickly from previous visits. This immediately raised an eyebrow for me because this means that full negotiation is not taking place.

    After more research, I’ve discovered that 0-RTT does skip renegotiation steps that involve generating new keys.

    This means that every time 0-RTT is used, the server knows that you’ve been to the site before, and it knows all associated IPs and sign-in credentials attached to that particular key.

  • Information Breach on HealthCare.gov

    In October 2018, a breach occurred within the Marketplace system used by agents and brokers. This breach allowed inappropriate access to the personal information of approximately 75,000 people who are listed on Marketplace applications.

today's howtos

Android Leftovers