Language Selection

English French German Italian Portuguese Spanish

OSS Leftovers

Filed under
OSS
  • A Recap Of The Many Interesting Presentations At FOSDEM 2018

    Over the past week and a half we have highlighted many of the interesting presentations that took place at the annual Free Open-Source Developers' European Meeting (FOSDEM) in Brussels. Here's a look back if you are behind on your Phoronix reading.

  • WebRender newsletter #14
  • Restricting AppCache to Secure Contexts

    The Application Cache (AppCache) interface provides a caching mechanism that allows websites to run offline. Using this API, developers can specify resources that the browser should cache and make available to users offline. Unfortunately, AppCache has limitations in revalidating its cache, which allows attackers to trick the browser into never revalidate the cache by setting a manifest to a malformed cache file. Removing AppCache over HTTP connections removes the risk that users could see stale cached content that came from a malicious connection indefinitely.

  • Altibase Challenges Oracle, IBM & Microsoft

    ...Altibase, an enterprise grade relational database, announced that it is now open source.

  • Putting Open Source GIS to Use
  • InfluxData scores $35 million Series C to expand time series database business

    In a world where sensors are capturing ever-increasing amounts of data, being able to collect that high volume and measure it over time becomes increasingly important. InfluxData, the startup built on top of the open source time series database platform, announced it has received a $35 million Series C investment today led by Sapphire Ventures, the investment arm of enterprise software giant, SAP.

  • EOH acquires LSD in open source drive

    The JSE-listed company says the partnership addresses an identified gap in the market by bringing the value and innovation that open source solutions provide, in enabling EOH customers' digital transformation journeys.

    LSD was founded by Stefan Lesicnik in 2001. In the early days, the company focused on supporting basic Linux servers.

  • Qt 5.10.1 Ships With More Than 300 Bug Fixes

    The Qt Company has announced the availability of Qt 5.10.1, the first bug-fix release to Qt 5.10 that shipped back in December.

    In the approximately two months since Qt 5.10.0, today's point release has more than 300 bug fixes and around 1,400 changes in total over the previous release.

More in Tux Machines

Qt/KDE: Qt for Python, Inkscape Dark Theme on KDE Plasma, Atelier at Maker Faire and QtCon 2018!

  • Python and Qt: 3,000 hours of developer insight
    With Qt for Python released, it’s time to look at the powerful capabilities of these two technologies. This article details one solopreneur’s experiences. [...] The big problem with Electron is performance. In particular, the startup time was too high for a file manager: On an admittedly old machine from 2010, simply launching Electron took five seconds. I admit that my personal distaste for JavaScript also made it easier to discount Electron. Before I go off on a rant, let me give you just one detail that I find symptomatic: Do you know how JavaScript sorts numbers? Alphabetically. ’nuff said. After considering a few technologies, I settled on Qt. It’s cross-platform, has great performance and supports custom styles. What’s more, you can use it from Python. This makes at least me orders of magnitude more productive than the default C++.
  • Inkscape Dark Theme on KDE Plasma
    On KDE Plasma, it's very easy to setup Inkscape Dark Theme. To do so, go to System Settings > Application Style > GNOME/GTK+ Style > under GTK+ Style: switch all themes to Dark ones and give check mark to Prefer Dark Theme > Apply. Now your Inkscape should turned into dark mode. To revert back, just revert the theme selections. This trick works on Kubuntu or any other GNU/Linux system as long as it uses Plasma as its desktop environment.
  • Atelier at Maker Faire and QtCon 2018!
    On the weekend of November 3 and 4, it happened on Rio de Janeiro the first Maker Faire of Latin America. And I was able to do a talk about Atelier and the current status of our project. The event hold more than 1.500 people on the first day, that saw a lot of talks and the exposition of makers of all over the country that came to Rio to participate in this edition of the Maker Faire.

Security: Updates, Systematic Evaluation of Transient Execution Attacks and Defenses, New IoT Security Regulations and GPU Side-Channel Attacks

  • Security updates for Thursday
  • A Systematic Evaluation of Transient Execution Attacks and Defenses

    [...] we present a sound and extensible systematization of transient execution attacks. Our systematization uncovers 7 (new) transient execution attacks that have been overlooked and not been investigated so far. This includes 2 new Meltdown variants: Meltdown-PK on Intel, and Meltdown-BR on Intel and AMD. It also includes 5 new Spectre mistraining strategies. We evaluate all 7 attacks in proof-of-concept implementations on 3 major processor vendors (Intel, AMD, ARM). Our systematization does not only yield a complete picture of the attack surface, but also allows a systematic evaluation of defenses. Through this systematic evaluation, we discover that we can still mount transient execution attacks that are supposed to be mitigated by rolled out patches.

  • New IoT Security Regulations
    Due to ever-evolving technological advances, manufacturers are connecting consumer goods­ -- from toys to light bulbs to major appliances­ -- to the Internet at breakneck speeds. This is the Internet of Things, and it's a security nightmare. The Internet of Things fuses products with communications technology to make daily life more effortless. Think Amazon's Alexa, which not only answers questions and plays music but allows you to control your home's lights and thermostat. Or the current generation of implanted pacemakers, which can both receive commands and send information to doctors over the Internet. But like nearly all innovation, there are risks involved. And for products born out of the Internet of Things, this means the risk of having personal information stolen or devices being overtaken and controlled remotely. For devices that affect the world in a direct physical manner -- ­cars, pacemakers, thermostats­ -- the risks include loss of life and property.
  • University Researchers Publish Paper On GPU Side-Channel Attacks
    University researchers out of University of California Riverside have published a paper this week detailing vulnerabilities in current GPU architectures making them vulnerable to side-channel attacks akin to Spectre and Meltdown. With their focus on NVIDIA GPUs, UCLA Riverside researchers demonstrated attacks both for graphics and compute by exploiting the GPU's performance counters. Demonstrated attacks included a browser-based attack, extracting passwords / keystroke logging, and even the possibility of exposing a CUDA neural network algorithm.

VirtualBox 6.0 Beta 2

  • Announcement: VirtualBox 6.0 Beta 2 released
    Please do NOT use this VirtualBox Beta release on production machines! A VirtualBox Beta release should be considered a bleeding-edge release meant for early evaluation and testing purposes. You can download the binaries here: http://download.virtualbox.org/virtualbox/6.0.0_BETA2 Please do NOT open bug reports at our public bugtracker but use our VirtualBox Beta Feedback forum at https://forums.virtualbox.org/viewforum.php?f=15 to report any problems with the Beta. Please concentrate on reporting regressions since VirtualBox 5.2! Version 6.0 will be a new major release. Please see the forum at https://forums.virtualbox.org/viewtopic.php?f=15&t=90315 for an incomplete list of changes. Thanks for your help! Michael
  • VirtualBox 6.0 Beta 2 Adds File Manager For Host/Guest File Copies, OS/2 Shared Folder
    Last month Oracle rolled out the public beta of VirtualBox 6.0 though didn't include many user-facing changes. They have now rolled out a second beta that does add in a few more features. VirtualBox 6.0 Beta 2 was released today and to its user-interface is a new file manager that allows the user to control the guest file-system with copying file objects between the host and guest. Also improved with VirtualBox 6.0 Beta 2 is better shared folder auto-mounting with the VBox Guest Additions. This beta even brings initial shared folder support to the guest additions for OS/2.

Thunderbird version 60.3.1 now Available, Includes Fixes for Cookie Removal and Encoding Issues

Thunderbird happens to be one of the most famous Email client. It is free and an open source one which was developed by the Mozilla Foundation back in 2003, fifteen years ago. From a very basic interface, it has come a long way to be what it is today in 2018. With these updates, a recent one into the 60.x series from the 52.x series was a significant one. While the 60.x (60.3.0) update started rolling out, Mozilla was keen to push out 60.3.1. This new version of Thunderbird had a few bugs and kinks here and there which needed to be addressed which Mozilla did, most of them at least. Read more