Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Filed under
Misc
  • Matthew Garrett: What usage restrictions can we place in a free software license?

    Growing awareness of the wider social and political impact of software development has led to efforts to write licenses that prevent software being used to engage in acts that are seen as socially harmful, with the Hippocratic License being perhaps the most discussed example (although the JSON license's requirement that the software be used for good, not evil, is arguably an earlier version of the theme). The problem with these licenses is that they're pretty much universally considered to fall outside the definition of free software or open source licenses due to their restrictions on use, and there's a whole bunch of people who have very strong feelings that this is a very important thing. There's also the more fundamental underlying point that it's hard to write a license like this where everyone agrees on whether a specific thing is bad or not (eg, while many people working on a project may feel that it's reasonable to prohibit the software being used to support drone strikes, others may feel that the project shouldn't have a position on the use of the software to support drone strikes and some may even feel that some people should be the victims of drone strikes). This is, it turns out, all quite complicated.

    But there is something that many (but not all) people in the free software community agree on - certain restrictions are legitimate if they ultimately provide more freedom. Traditionally this was limited to restrictions on distribution (eg, the GPL requires that your recipient be able to obtain corresponding source code, and for GPLv3 must also be able to obtain the necessary signing keys to be able to replace it in covered devices), but more recently there's been some restrictions that don't require distribution. The best known is probably the clause in the Affero GPL (or AGPL) that requires that users interacting with covered code over a network be able to download the source code, but the Cryptographic Autonomy License (recently approved as an Open Source license) goes further and requires that users be able to obtain their data in order to self-host an equivalent instance.

  • Install Metabase on Ubuntu 18.04 with Nginx and SSL – Google Cloud
  • OpenBSD Foundation 2019 campaign wrapup

    Our target for 2019 was CDN$300K. Our community's continued generosity combined with our corporate donors exceeded that nicely. In addition we received the largest single donation in our history, CDN$380K from Smartisan. The return of Google was another welcome event. Altogether 2019 was our most successful campaign to date, yielding CDN$692K in total.

  • have fun with free software – truly Open Source Karaoke „SingStar“ style Performous on GNU Linux

    An open-source karaoke, band and dancing game where one or more players perform a song and the game scores their performances.

    Supports songs in UltraStar, Frets on Fire and StepMania formats.

    Microphones and instruments from SingStar, Guitar Hero and Rock Band as well as some dance pads are autodetected.

  • Reintroducing Telegram: privately funded private chat with open source apps

    I started to write an article about the latest update for Telegram, when I realized I might only be speaking to a select few in-the-know users. Far fewer than I think should be interested, anyway. Telegram is a private chat system with end-to-end encryption support and cross-platform functionality. It’s privately funded by a guy named Pavel Durov, whose only goal seems to be “fast and secure messaging that is also 100% free.”

  • Daniel Silverstone: Subplot volunteers? (Acceptance testing tool)

    Subplot is a tool for capturing and automatically verifying the acceptance criteria for a software project or a system, in a way that's understood by all stakeholders.

    In a software project there are always more than one stakeholder. Even in a project one writes for oneself, there are two stakeholders: oneself, and that malicious cretin oneself-in-the-future. More importantly, though, there are typically stakeholders such as end users, sysadmins, clients, software architects, developers, and testers. They all need to understand what the software should do, and when it's in an acceptable state to be put into use: in other words, what the acceptance criteria are.

    Crucially, all stakeholders should understand the acceptance criteria the same way, and also how to verify they are met. In an ideal situation, all verification is automated, and happens very frequently.

    There are various tools for this, from generic documentation tooling (word processors, text editors, markup languages, etc) to test automation (Cucumber, Selenium, etc). On the one hand, documenting acceptance criteria in a way that all stakeholders understand is crucial: otherwise the end users are at risk of getting something that's not useful to help them, and the project is a waste of everyone's time and money. On the other hand, automating the verification of how acceptance criteria is met is also crucial: otherwise it's done manually, which is slow, costly, and error prone, which increases the risk of project failure.

    Subplot aims to solve this by an approach that combines documentation tooling with automated verification.

  • Ulrike Uhlig: Reasons for job burnout and what motivates people in their job

    Often, burnout is conceived as a weakness of the person experiencing it: "they can't work under stress", "they lack organizational skills", "they are currently going through grief or a break up, that's why they can't keep up" — you've heard it all before, right?

  • Hard disk reliability study - 2005-2020

    In other words, practically, if I keep two copies of any which data, the likelihood of data loss is 2.5% over a decade, or 0.06% for three disks. So this kind of confirms my backup strategy from a while back, and also shows that it is important for you to keep multiple copies of important files, if you want them to outlast your hardware.

    Conclusion

    There you go. I hope you find this 15-year-long study valuable. Of course, any techie like me could do it. All techies hoard hardware like mad, and I'm sure most of Dedoimedo readers have a bunch of computers and tons of hard disks strewn about, so it's just the matter of compiling the right data. And I'm sure every such compilation would be compelling. A compelling compiling, hi hi.

    If you have any comments or suggestions about my findings, I'd love to hear them. Again, I don't have a massive data center, so I can't do an accurate comparative study between vendors, disks sizes and alike, so do take my results with a pinch of cardamom. But I believe my numbers are quite indicative for home usage scenarios, so if you're mulling how to handle your data down the long trouser leg of time, you have some indication of where to start, and how to hedge your odds. Take care.

  • How 1500 bytes became the MTU of the internet

    On the face of it 1500 is a weird number, we would normally expect a lot of constants in computing to be based around mathematical constants, like powers of 2. 1500, however fits none of those.

    So where did 1500 come from, and why are we still using it?

  • Is it Possible to Identify DNS over HTTPs Without Decrypting TLS?

    Whenever I talk about DNS over HTTPS (DoH), the question comes up if it is possible to fingerprint DoH traffic without decrypting it. The idea is that something about DoH packets is different enough to identify them.

    [...]

    At this point, I would call the experiment a "proof of concept." It is not a conclusive experiment. I only collected a few minutes of traffic and went maybe to a dozen different sites. All tests were performed on a Mac using Firefox 71 and Cloudflare as a resolver. I may get around to do more testing during the day and will update this post accordingly.

  • More DNS over HTTPS: Become One With the Packet. Be the Query. See the Query

    Two days ago, I wrote about how to profile traffic to recognize DNS over HTTPS. This is kind of a problem for DNS over HTTPS. If you can see it, you may be able to block it. On Twitter, a few chimed in to provide feedback about recognizing DNS over HTTPS. I checked a couple of other clients, and well, didn't have a ton of time so this is still very preliminary:

    [..]

    But to come back to the initial observation: The DoH traffic had specific packet sizes it preferred. So I was looking at this since it didn't seem random, meaning it leaked information.

  • ‘This Is Disastrous’: How the Vinyl Industry Is Responding to the Apollo Masters Fire

    The day that everyone in the vinyl-manufacturing world has been worried about for years finally arrived. Earlier this month, Apollo Masters Corp., one of the two places in the world that produce the lacquer discs needed to assemble master plates for pressing records, burned down. The blaze reportedly took 82 firefighters and three hours to extinguish. No one was harmed, but the fire obliterated the Banning, California, facility responsible for, by most estimates, 70 to 85 percent of the lacquer plates used in vinyl production. There is now just one such factory in the world capable of producing that crucial item, MDC in Japan, leaving the global supply of vinyl in peril.

    “We’ve all been worried about this, we’ve had meetings about it within the industry,” says Cash Carter, chief operating officer at Kindercore Vinyl Pressing in Athens, Georgia. “We’ve gotten together with all the other pressing plants, lacquer cutters, everybody, and been like, ‘What happens if MDC or Apollo goes away? We’re all fucked.’ We were dreading that day, but not thinking it would actually happen — that before anything disastrous happened, someone would come in and fix what needed to be fixed.… Now, is the sky falling? No. But this is disastrous. I think there are going to be pressing plants that close because of this.… We’ve been saying we need to fix this for years. Now, we actually need to fix this.”

  • How Kubernetes Became The Standard For Compute Resources

More in Tux Machines

Free Software in Science and Education

  • CADO-NFS: Crible Algébrique: Distribution, Optimisation - Number Field Sieve

    CADO-NFS is a complete implementation in C/C++ of the Number Field Sieve (NFS) algorithm for factoring integers and computing discrete logarithms in finite fields. It consists in various programs corresponding to all the phases of the algorithm, and a general script that runs them, possibly in parallel over a network of computers. CADO-NFS is distributed under the Gnu Lesser General Public License (LGPL) version 2.1 (or any later version).

  • [Cado-nfs-discuss] Factorization of RSA-250

    This computation was performed with the Number Field Sieve algorithm, using the open-source CADO-NFS software [2].

    The total computation time was roughly 2700 core-years, using Intel Xeon Gold 6130 CPUs as a reference (2.1GHz): [...]

  • Could the coronavirus be the best thing to happen to higher education?

    Universities should embrace this staff engagement and seize the opportunity to transform pedagogy to meet the needs of the next generation of students. Incoming undergraduate and graduate students will have elevated expectations about the use of technology on campuses. In fact, they may already be accustomed to technology-enabled pedagogy, since schools in an increasing number of districts are light years ahead of higher education in this regard.

    Once we get beyond the current crisis, universities should shift the focus from basic training on tools to more advanced training incorporating course design and assessment of learning. Faculty enthusiasm may well be less than we are seeing now, but if we can get the messaging to resonate with faculty, they may just start participating in droves. That messaging should celebrate their current achievements with online tools while also recognising their pain points, and offer the training as an opportunity to build on that success and solve their technology-related teaching challenges.

  • Never Let A Crisis Go To Waste

    Elsevier and the other oligopoly academic publishers have reacted similarly in earlier virus outbreaks. Prof. John Willinsky pounced on this admission that these companies normal restrictive access policies based on copyright ownership slow the progress of science, and thus violate the US Constitution's intellectual [sic] property [sic] clause:

    That Congress shall have Power...To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.

    Below the fold I provide some details of his proposal.

Games: For The People, Total War: THREE KINGDOMS - A World Betrayed, Mesa, Humble Store and Stadia

  • For The People Announced For Windows PC, Mac, and Linux

    You play as the newly elected mayor of Iron-1, a city in an alternate take on the Soviet Union. Navigate the politics of the Commonwealth of Orange Collectives as you fight for democratic reforms, or embrace your inner authoritarian dictator.

  • Total War: THREE KINGDOMS - A World Betrayed expansion now supports Linux

    Today, porting studio Feral Interactive have released the Total War: THREE KINGDOMS - A World Betrayed expansion for Linux (and macOS) following the Windows release last month. With a brand new start date at 194 CE, A World Betrayed portrays a seminal moment in the history of the Three Kingdoms. Many of the iconic warlords of Total War: THREE KINGDOMS have now passed on, a catalyst that has spurred a new generation of warlords into making a play for their own dynasties.

  • Mesa 20.1's RADV Lands More Performance Improvements For Recent id Tech Games

    A number of recent id Tech games (though seemingly not DOOM Eternal) have seen another performance optimization with Mesa 20.1's RADV Radeon Vulkan driver. ID Tech games like Wolfenstein: Youngblood, Doom (2016), and Wolfenstein 2 should be seeing better performance with the very latest Mesa 20.1-devel Git code as of today for this open-source Radeon Vulkan driver. This comes after various Mesa RADV improvements in recent days centered around the new DOOM Eternal game under Steam Play. All of these recent ID Tech games can run nicely on Linux thanks to Valve's Steam Play built off Wine/Proton.

  • Humble Store has a big 'City Builder' sale going with lots of time consuming goodies cheap

    While not all of the games on sale fit directly as a 'city builder', they all at least have you build and manage something. The Humble City Builder Sale is live and there's some great Linux games in it.

  • Google announces three more games coming to Stadia including Monster Boy and the Cursed Kingdom

    Now that the Linux-powered game streaming service Stadia is open to everyone with two months of Stadia Pro free (if your country is listed for entry that is), Google has announced another three games coming. Dates aren't listed, Google simply said "later this year" for all three of them.

today's howtos

Open Hardware and Some Traps

  • AgVa Phone Ventilator Connects to a Smartphone to Fight COVID-19

    One major highlight during this COVID-19 crisis is the lack of enough ventilators for patients, a piece of critical equipment that greatly affects the breathing of critically ill patients. There are not enough ventilators available in hospitals right now for all of the potential patients who will be struck by the virus, so it is clear we need more ventilators. Makers are joining the call to service with their existing maker tools, and an example is the attempt to make a low-cost, open-source Arduino ventilator device.

  • Raspberry Pi Dev Server Manages Triple-Boot System With Help From Ubuntu

    This Raspberry Pi project covers all of your on-the-go developer needs. Designed by a developer known as CodeF.red, it uses a Raspberry Pi 4 running Ubuntu to help manage his triple boot laptop rig. With the portable dev server, he can easily swap between the Windows, macOS and Linux. The server is running Ubuntu off an NVME drive connected via USB (we have also detailed how to install Ubuntu on Raspberry Pi). The unit is controllable with a Bluetooth keyboard and also features a touchscreen. The maker also upgraded the Pi's cooling capabilities with a 5V Noctua fan with a super-low noise profile. The dev server uses Docker and can be controlled via SSH. Since it uses Ubuntu, you can add plenty of additional tools, like Glances for cross-platform monitoring features. Like many other Pi projects, the creator crafted this one using hardware already had on hand. CodeF.red said via Reddit that he considers the NVMe drive "overkill," especially since the performance is limited by the USB connection. But after removing the drive from an old Mac, it was gathering dust and needed to be put to use.

  • Digital making at home: a guide for parents
  • NXP WiFi 6 Solutions Launched for Home, Enterprise, IoT and Automotive Markets
  • 3.5″ SubCompact SBC Leverages Intel Whiskey Lake Processor for Embedded & AI Applications

    The company provides Windows drivers for graphics, audio, I2C, touch controller, Ethernet, etc… Linux will certainly boot in the board, and I’d expect most features to work, but it’s still possible that some specific hardware features, like the touch controller, may not work properly or at all.