Language Selection

English French German Italian Portuguese Spanish

OSS Leftovers

Filed under
OSS
  • Google open sources ClusterFuzz

    The fuzzing software is designed to automatically feed unexpected inputs to an application in order to unearth bugs.

    Google originally wrote ClusterFuzz to test for bugs in its Chrome web browser, throwing 25,000 cores at the task. In 2012, Google said that ClusterFuzz was running around 50 million test cases a day on Chrome. So far it’s helped find some 16,000 bugs in the web browser.

    [...]

    ClusterFuzz has been released under version 2.0 of the Apache License.

  • Google open-sources ClusterFuzz, a tool that has uncovered 16,000 bugs in Chrome

    Ever heard of “fuzzing”? It’s not what you think — in software engineering, the term refers to a bug-detecting technique that involves feeding “unexpected” or out-of-bounds inputs to target programs. It’s especially good at uncovering memory corruption bugs and code assertions, which normally take keen eyes and a lot of manpower — not to mention endless rounds of code review.

    Google’s solution? Pass the fuzzing work off to software. Enter ClusterFuzz, a cheekily named infrastructure running on over 25,000 cores that continuously (and autonomously) probes Chrome’s codebase for bugs. Two years ago, the Mountain View company began offering ClusterFuzz as a free service to open source projects through OSS-Fuzz, and today, it’s open-sourcing it on GitHub.

  • Last week of early birds!

    We do have some parts of the schedule fixed: the trainings and some initial speakers.

    The trainings are open enrollment courses at a bargain price, where parts of the dividends goes to financing the conference. This year we have two great trainers: Michael Kerrisk of manpage and The Linux Programming Interface fame, and Chris Simmonds, the man behind the Mastering Embedded Linux Programming book and a trainer since more than 15 years. The trainings held are: Building and Using Shared Libraries on Linux and Fast Track to Embedded Linux. These are both one day courses held in a workshop format.

  • Closing AGPL cloud services loop-hole: a MongoDB approach

    The problem comes with software-as-a-service. Large cloud or hosted services providers have found ways to commercialise popular open source projects without giving anything back, thus limiting software freedom intended by the licensors. The business model primarily focuses on offering managed services, e.g. customisation, integration, service levels and others, to a freely available open source component and charging a fee for this. Open source projects do not usually have the scale to effectively withstand such competition by providing similar offerings. To say the least, this pattern incentivises the writing of the software in closed source code.

    AGPL is not enough to capture such a services scenario. Commercial entities rarely modify open source components and, if they do, releasing corresponding source code to such modifications does not affect their proprietary interests or revenue flow.

More in Tux Machines

Plasma 5.16.90 (Plasma 5.17 Beta) Available for Testing

Are you using Kubuntu 19.04 Disco Dingo, our current Stable release? Or are you already running our development builds of the upcoming 19.10 Eoan Ermine? We currently have Plasma 5.16.90 (Plasma 5.17 Beta) available in our Beta PPA for Kubuntu 19.04 and 19.10. This is a Beta Plasma release, so testers should be aware that bugs and issues may exist. Read more

Raspberry Pi 4 getting hot? A closer look

I hope that will all arrive in time for me to try it out over the weekend, so I can pass along some more information about temperatures, and about what pieces fit together in which cases, if any. Finally, the Raspberry Pi Foundation says that they are working on several software and firmware changes that should help bring the temperature of the Pi 4 down. Hopefully those will be released soon - but even if they are, I don't expect that they will improve the situation by more than 5 degrees or so, and given how hot the Pi 4 runs, that is not enough to eliminate the need for the kind of hardware measures I am looking at now. Read more

Top Open Source Video Players for Linux

You can watch Hulu, Prime Video and/or Netflix on Linux. You can also download videos from YouTube and watch them later or if you are in a country where you cannot get Netflix and other streaming services, you may have to rely on torrent services like Popcorn Time in Linux. Watching movies/TV series or other video contents on computers is not an ‘ancient tradition’ yet. Usually, you go with the default video player that comes baked in with your Linux distribution (that could be anything). You won’t have an issue utilizing the default player – however, if you specifically want more open-source video player choices (or alternatives to the default one), you should keep reading. Read more

Manjaro 18.1: Goes Arch One Better

Manjaro Linux's in-house system tools, easy installation application and better range of software packages make it a better Arch-based distro than Arch Linux itself. Manjaro offers much more than a pure Arch Linux environment. Regardless of which desktop style you select, the welcome screen introduces Manjaro tools and get-acquainted details such as documentation, support tips, and links to the project site. You can get a full experience in using the live session ISOs without making any changes to the computer's hard drive. That is another advantage to running Manjaro Linux over a true Arch distro. Arch distros usually do not provide live session environments. Most that do lack any automatic installation launcher from within the live session. Read more