Linux Discussion Continues, Fedora Welcomes Chromium
Folks are still discussing the resignation of Sarah Sharp and Matthew Garrett from Linux kernel development. Jack Wallen said Sharp (and Garrett) are cases of more developers being "turned away, simply because developers had no patience for personal respect." He said Linux rules with a "sharp and iron tongue" with "foul and abusive language." He agreed with Dr. Roy Schestowitz in that all this is a "PR nightmare" threatening the "flagship of the open-source movement." He placed part of the blame on what he calls the "Internet of hate" and said if Linux is to compete with Microsoft and Apple its developers need to "start treating the legions of programmers, who are working tirelessly to deliver, as well as they treat the code itself. Open source is about community. A community with a toxic foundation will eventually crumble."
While I was mass editing the transcripts I used to create the FSF30 wordclouds, I realized I was doing too much manual movery to get to the next misspelled word. In a moment of clarity, I was like "hey, I bet vim has a way to properly do this!" And of course it did!
Guix-Tox is a young variant of the Tox "virtualenv" management tool for Python that uses guix environment as its back-end. In essence, while Tox restricts itself to building pure Python environments, Guix-Tox takes advantages of Guix to build complete environments, including dependencies that are outside Tox's control, thereby improving environment reproducibility. Cyril will demonstrate practical use cases with OpenStack.
Tiny Core Linux 6.4.1 Gets Its First Release Candidate Build with Multiple Fixes
Robert Shingledecker has had the please of informing us about the immediate availability for download and testing of the first Release Candidate (RC) build of the upcoming Tiny Core Linux 6.4.1 operating system.
Day one is the first day of main event. I was late to wake up, but somehow managed to reach the venue around 8:30am. Had a quick breakfast, and then moved into the Red Hat booth. Sankarshan, Alfred, Soni were already there. I don’t know the exact reason, but the booth managed to grab the attention of all the people in the venue. It was over crowded :) While the students were much more interested in stickers, and other goodies, many came forward to ask about internship options, and future job opportunities. Alfred did an excellent job in explaining the details to the participants. The crowd was in booth even though the keynote of day one had started. I missed most of keynote as many people kept coming in the booth, and they had various questions.
Microsoft tried to move users from its infamous Internet Explorer browser to a minimalist new web browser dubbed Edge following the launch of Windows 10.
But new data has revealed that Windows 10 users are reluctant to make the transition.
Google has announced a new project that could make a difference for mobile browsing. The company has launched the Accelerated Mobile Pages project (AMP), a fully open source initiative, with the underlying code available on GitHub.
A little love, please, for Miami-based dotCMS, maker of Java open source content management system (CMS) software. Just yesterday, it was chosen as one of the 20 Most Promising Open Source Software Solution Providers by CIO Review.
In the series of questions and answers from the NetBSD-7.0 developers, we will meet Leoardo Taccari, a recent NetBSD committer, who works with this system on his desktop and maintains in this field pkgsrc packages.
While the Internet has been buzzing recently about the new FLIF image format, libjpeg-turbo developers released a new version of their JPEG library.
Libjpeg-turbo 1.4.2 is the new release and it quietly made it out at the end of September. Libjpeg-Turbo 1.4.2 features at least five known bug fixes resulting in crashes and other problems.
Seven start-ups from UK, Italy, France, Estonia and Austria were selected to be part of the first round of companies benefiting from the Open Data Incubator for Europe (ODINE). This two-year programme awarded EUR 650 000 in total to the companies, which can receive up to EUR 100 000 each.
ISG3D has taken to Kickstarter this month to raise $11,000 to help take their open source 3D printer design into production.
The Eleven 3D printer has been specifically designed to provide users with an affordable machine but offers an impressive 22 x 40 x 40 cm build area and is completely open source allowing for modifications and enhancements to be created.
Perl 6, a long-awaited upgrade to the well-known scripting language, has gone into beta, with the general release planned for Christmastime.
The upgrade went to beta late last month, Perl designer Larry Wall told InfoWorld on Wednesday, and the October monthly release will feature the first of two beta releases of the Rakudo Perl 6 compiler. There been having monthly compiler releases for years, but the language definition has now stabilized. Wall added, “At this point we're optimizing, fixing bugs, and documenting, and I feel comfortable saying we can take a snapshot of whatever we have in December and call it the first production release.”
The Experian/T-Mobile hack may be more worrisome than Experian’s carefully worded description of it suggests, some security experts said Friday.
One is the co-creator of the Tor secure browser, David Goldschlag, (now SVP of strategy at Pulse Secure). Goldschlag previously was head of mobile at McAfee, and also once worked at the NSA.
I asked Goldschlag a simple question: “After the Office of Personnel Management and Experian hacks, is there reason to fear that hackers now have the means to steal actual financial information (credit card numbers, etc.) from banks or insurers?”
To do so, it is often sufficient to copy files from a Linux environment to Windows.” it further adds. The most obvious mode of attack involves luring victims to install software or updates via third-party package sources. The team conducted test by running 16 different Anti-virus solutions and splitting test session into three distinct phases,
The detection of Windows malware
The detection of Linux malware and
The test for false positives.
Out of 16 antivirus solutions 8 detected between 95-99% of the 12,000 Windows threat used in the test: The Anti-virus solutions that helped in detection include Bitdefender, ESET, Avast, F-Secure, eScan, G Data, Sophos and Kaspersky Lab (server version).
The cross-site request forgery vulnerability means that any user visiting a malicious page can have their accounts hijacked without further interaction.
The since-patched hole existed in Microsoft Live.com and could have been spun into a dangerous worm, Wineberg says.
However, Softpedia News noted that the Linux.Wifatch source code has not been released in its entirety. That’s likely because the White Team is worried that traditional cybercriminals would exploit the malware for more nefarious purposes. It also explains why it was a clandestine operation in which router owners weren’t aware their systems had been infected, even if it was only to defend them against black-hat attackers.
Whether or not anyone appreciates the White Team’s form of vigilante security tactics, they may believe the work should serve as a warning to those who don’t follow basic data protection procedures, Hacked said. For example, there are still untold numbers of home routers that use default passwords and leave admin access wide open to malware and other threats.
The nuclear industry is ignorant of its cybersecurity shortcomings, claimed a report released today, and despite understanding the consequences of an interruption to power generation and the related issues, cyber efforts to prevent such incidents are lacking.
The report adds that search engines can "readily identify critical infrastructure components with" VPNs, some of which are power plants. It also adds that facility operators are "sometimes unaware of" them.
Nuclear plants don't understand their cyber vulnerability, stated the Chatham House report, which found industrial, cultural and technical challenges affecting facilities worldwide. It specifically pointed to a "lack of executive-level awareness".