Language Selection

English French German Italian Portuguese Spanish

Open Hardware

Filed under
Hardware
OSS

More in Tux Machines

Learn about Rust and how to get started

Start by downloading Rust. After downloading the relevant file, follow the instructions on the installation page to continue the installation. I recommend using the tool "rustup." Once you are done, configure the path variable. All this is detailed on the download link above. Read more

Latest Security and FUD

  • Userdir URLs like https://example.org/~username/ are dangerous

    I would like to point out a security problem with a classic variant of web space hosting. While this issue should be obvious to anyone knowing basic web security, I have never seen it being discussed publicly. Some server operators allow every user on the system to have a personal web space where they can place files in a directory (often ~/public_html) and they will appear on the host under a URL with a tilde and their username (e.g. https://example.org/~username/). The Apache web server provides such a function in the mod_userdir module. While this concept is rather old, it is still used by some and is often used by universities and Linux distributions. From a web security perspective there is a very obvious problem with such setups that stems from the same origin policy, which is a core principle of Javascript security. While there are many subtleties about it, the key principle is that a piece of Javascript running on one web host is isolated from other web hosts. To put this into a practical example: If you read your emails on a web interface on example.com then a script running on example.org should not be able to read your mails, change your password or mess in any other way with the application running on a different host. However if an attacker can place a script on example.com, which is called a Cross Site Scripting or XSS vulnerability, the attacker may be able to do all that.

  • FOSSID and BearingPoint Enter Strategic Partnership Around Open Source Software Governance

    FOSSID, a leader in open source software compliance and security, and BearingPoint, a leader in open source management services, today announced their strategic partnership around free and open source software governance. After successfully cooperating in selected projects for more than two years, BearingPoint decided to choose FOSSID as its strategic provider of open source analysis tools. FOSSID’s technology provides high performance and accuracy in the code analysis services performed by BearingPoint. [...] BearingPoint’s modular FOSS services provide companies with streamlined processes and infrastructure to deploy, manage, and govern their software throughout the product lifecycle, helping them to manage open source compliance and security. BearingPoint’s FOSS analysis services provide a timely and confidential analysis of the customers’ code base, including comprehensive compliance and security reports for their business decisions.

  • 5 ways to secure your applications from open-source vulnerabilities [Ed: Interesting, Proprietary software programs/code have no vulnerabilities? This is only an Open Source thing?]
  • How to make open source success less of a crapshoot [Ed: Typical Asay]

Devices/Embedded With GNU/Linux

  • Open source near ubiquitous in IoT, report finds

    Open provide is an growing variety of regular working course of in software, nonetheless nowhere is that this more true than Net of Points building. In keeping with a model new VisionMobile survey of three,700 IoT builders, 91% of respondents use open provide software in a minimal of 1 area in their software stack. This is good news for IoT because of best open provide ensures to chop again or put off the potential of lock-in imposed by way of proprietary “necessities.” What’s in all chance most attention-grabbing on this affection for open provide, then again, is that concurrently endeavor builders have eschewed the politics of open provide licensing, IoT builders seem to need open provide because of “it’s free as in freedom.”

  • MIOTY Silicon Vendor Agnostic, Scalable LPWAN Standard to Take on LoRaWAN, NB-IoT

    There are plenty of LPWAN (Low Power Wide Area Networks) standards designed for low power, low bitrate and long-range connectivity with the most popular currently being NB-IoT and LoRaWAN. But Texas Instruments has joined other smaller companies (Fraunhofer, Ragsol, STACKFORCE, WIKA…) to form the MIOTY alliance in order to develop and promote a new LPWAN standard operating in the sub-GHz range called MIOTY.

  • ESP32-Vaquita-DSPG Board and SDK Support Alexa Integration and AWS IoT Core Cloud Service
  • Rugged embedded PC supports Linux on Apollo Lake

    Nexcom’s rugged, Linux-ready “NISE 108” embedded computer has an Apollo Lake Celeron, triple display support with dual DP, 2x GbE, 4x USB, 3x COM, and M.2 and mini-PCIe expansion. [...] Designed for rugged industrial automation applications in factory, agricultural, and service settings, with special suitability for agro-industrial jobs, the aluminum and metal constructed NISE 108 supports -5 to 55°C operation with ambient air flow. The IEC60068-2-27 compliant shock protection is listed as 20G (HDD) or 50G (SSD) at half-sine, 11ms. Random vibration resistance is rated at 0.5Grms @ 5~500 Hz per IEC60068-2-64 for an HDD and 2Grms with SSD. There’s also 10% to 95% (non-condensing) relative humidity tolerance. The NISE 108 supports up to 8GB DDR3L-1866 via a single socket. There’s a 2.5-inch storage bay and an M.2 2242 socket, both with the older SATA 2.0 support. A mini-PCIe slot supports WiFi and cellular connections with the help of dual antenna holes.

Linux Exec Should Be Less Deadlock Prone In Future Kernels

Ongoing work around Linux's exec() code should make it less deadlock prone in future kernel versions. The current exec functionality within the kernel is "extremely deadlock prone" but Eric Biederman and others have been working to clean up that code and put it in a better state to avoid potential deadlocks. Sent in for the Linux 5.7 kernel was the first part of the exec rework that makes trickier cases easier to spot and the hope is for Linux 5.8 the code to solve exec deadlocks might be ready. Read more