Language Selection

English French German Italian Portuguese Spanish

The open source experience

Filed under
OSS

Our series concludes with a look at where enterprises are using non-proprietary software. Looks like those traditional IT infrastructure projects were just the beginning

Open source is generally recognized as a platform for infrastructure, the foundation upon which things are built. But the business-specific applications built on top of that are a harder sell.

The jury is still out on whether open source is extending into areas beyond its traditional strengths, said Evan Leibovitch, executive director of CLUE (Canadian Linux Users Exchange). “When you have something in your business that you don't want your competitors to necessarily share, the rationale for open source isn't quite as strong,” he said.

Open source has traditionally been a good fit with horizontal, rather than vertical, applications - where it stretches across industries, or where there's a generic function like word processing. But the “high-hanging fruit” is still proprietary, said Leibovitch, and one of the best examples of that right now is Oracle.

While Oracle supports Red Hat Linux, for example, and is comfortable with leaving the creation of the underlying infrastructure to a third party, industry-specific applications are still Oracle's territory.

“The further you get away from the infrastructure, the harder it is to work with open source,” he said.

Full Story.

More in Tux Machines

Programming: Perl, Git/Emacs and Compilers

  • Listen to Larry Wall's State of the Onion 2000 on YouTube

    It’s a typical Larry talk filled with quirky, humorous observations about life and programming, and notably he announces the Perl 6 project. Unfortunately the audio is low quality (hey it was 20 years ago at a low-budget conference); you can read a transcript of the talk here (with mp3 download links at the bottom). We also have collection of attendees’ reports from the conference.

  •        
  • Chicago.pm Virtual Meeting: July 23

    In case you are not familiar with gather.town, after you join the conversation, you will have a small avatar on a 2d map and can walk around. When you are close to somebody or a group of people, you can video chat with them over video. Perlmongers is supposed to be a social gathering, and we are experimenting with this venue to see if it'll make that possible!

  • The Magit Git Client Is The "Killer Feature" In Emacs

    Users of other text editors often ask "why should I switch to Emacs?" or, more specifically, "what is the killer feature that Emacs offers?" Depending on your workflow, the killer feature for Emacs could be a number of things, one them being Magit!

  • Alder Lake-S Compiler Update Points to big.LITTLE Desktop Chips

    This design builds upon the big.LITTLE (Big.BIGGER in Intel parlance) design that debuted in the company's 3D Lakefield chips. These designs incorporate one large Sunny Cove core combined with four Atom Tremont smaller cores in an ARM-like design. With the architecture proven and already working its way through the ecosystem, it's rational to expect Intel to scale it up to tackle desktop PCs, too. The GNU compiler updates include a list of compatible instructions for both Intel's upcoming data center Sapphire Ridge chips and Alder Lake desktop chips, with the latter noticeably missing support for AVX-512, a SIMD instruction that Intel recently introduced to its desktop chips. These instructions are disabled in Intel's hybrid Lakefield chips to keep the instruction set consistent between cores (Atom doesn't support AVX instructions), therefore easing operating system scheduling routines that target different workloads at the cores best suited for the task. Therefore, the lack of AVX-512 support for Alder Lake could serve as further evidence that Intel will bring its hybrid architecture to desktop PCs.

Security: Patches, Web Security Books, SecWeb – Designing Security for the Web

  • Security updates for Friday

    Security updates have been issued by Fedora (curl, LibRaw, python-pillow, and python36), Mageia (coturn, samba, and vino), openSUSE (opera), and Ubuntu (openssl).

  • Comparing 3 Great Web Security Books

    I thought about using a clickbait title like “Is this the best web security book?”, but I just couldn’t do that to you all. Instead, I want to compare and contrast 3 books, all of which I consider great books about web security. I won’t declare any single book “the best” because that’s too subjective. Best depends on where you’re coming from and what you’re trying to achieve.

  • Hardening Firefox against Injection Attacks – The Technical Details

    In a recent academic publication titled Hardening Firefox against Injection Attacks (to appear at SecWeb – Designing Security for the Web) we describe techniques which we have incorporated into Firefox to provide defense in depth against code injection attacks. Within this blogpost we are going to provide insights into the described hardening techniques at a technical level with pointers to the actual code implementing it. Note that links to source code are perma-linked to a recent revision as of this blog post. More recent changes may have changed the location of the code in question. [...] Firefox ships with a variety of built-in pages, commonly referred to as about: pages. Such about: pages allow the user to view internal browser information or change settings. If one were able to inject script into a privileged about: page it would represent a complete browser takeover in many cases. To reduce this injection attack surface, we apply a strong Content Security Policy (CSP) of default-src chrome: to all about: pages. The applied CSP restricts script to only JavaScript files bundled and shipped with the browser and accessible only via the Firefox internal chrome:// protocol. Whenever loading any kind of JavaScript, Firefox internally consults its CSP implementation by calling the function ShouldLoad() for external resources, or GetAllowsInline() for inline scripts. If the script to be executed is not allow-listed by the added CSP then Firefox will block the script execution, rendering the code injection attack obsolete. Further, we verify that any newly added about: page within Firefox exposes a strong CSP by consulting the function AssertAboutPageHasCSP(). This function basically acts as a commit guard to our codebase and ensures that no about: page makes it into the Firefox codebase without a strong CSP. Before we started to protect about: pages with a CSP we faced a bug where text and markup controlled by a web application was reused in a permission prompt, which led to a Universal Cross-Site Scripting (UXSS) attack in the browser interface (CVE-2018-5124). These scripts run with elevated privileges that get access to internal APIs and can result in a full system compromise. What raises the severity of such bugs is the high-level nature of the vulnerability and the highly deterministic nature of the exploit code which allowed comparably trivial exploitation.

Screencasts and Audiocasts: Linux Mint 20 "MATE", Linux Headlines and More

  • Linux Mint 20 "MATE" overview | Stable, robust, traditional

    In this video, I am going to show an overview of Linux Mint 20 "MATE" and some of the applications pre-installed.

  • 2020-07-10 | Linux Headlines

    Possible changes on the horizon for LibreOffice are raising concerns in the community, industry players decry Google's gifting of Istio intellectual property to the Open Usage Commons, and both Ubuntu and Docker push further into the AWS ecosystem.

  • Tech Means Business: Best of Series 1

    Artificial intelligence with Darktrace Big data and Splunk IoT with Ubuntu/Canonical The Linux effect with Positive Internet Career paths, with DocuSign Thanks go to the people I spoke with, and who featured on the episodes that aren’t featured here. It was literally through lack of time that has meant this “best of” show is necessarily limited in scope. Series two already shaping up nicely: MasterCard, Red Hat, ARM, SuperMicro, and plenty more. Watch this space!

Graphics: Zink, VA-API, NVIDIA's NVAPI SDK

  • Mike Blumenkrantz: Extensions

    Usually I cover in-depth looks at various chunks of code I’ve been working on, but today it’s going to be a more traditional style of modern blogging: memes and complaining.

  • New VA-API H.264 decoder in gst-plugins-bad

    Recently, a new H.264 decoder, using VA-API, was merged in gst-plugins-bad. Why another VA-based H.264 decoder if there is already gstreamer-vaapi? As usual, an historical perspective may give some clues. It started when Seungha Yang implemented the GStreamer decoders for Windows using DXVA2 and D3D11 APIs. Perhaps we need one step back and explain what are stateless decoders.

  • NVIDIA open sourced part of NVAPI SDK to aid 'Windows emulation environments'

    NVIDIA sneakily put out a little open source release recently, with a part of the NVAPI SDK now under the MIT license. This was mentioned by the crew working on the DXVK translation layer in the VKx Discord, who sent along word to me as well. NVAPI is NVIDIA's core software development kit that allows direct access to NVIDIA GPUs and drivers on all Windows platforms. Now, that doesn't sound interesting for Linux obviously but here's why this actually is important: in the NVAPI Open Source SDK, it directly mentions that the contained "nvapi.h" file that's now provided under the MIT license was done to enable "open source re-implementations of NVAPI for Windows emulation environments"—so the Wine and Proton compatibility layers are what they're getting at without naming them directly.