We've just released a new version of GNU Guile, version 2.0.13, which is a security release for Guile (see the original announcement).
This handles a significant security vulnerability affecting the live REPL, CVE-2016-8606. Due to the nature of this bug, Guile applications themselves in general aren't vulnerable, but Guile developers are. Arbitrary Scheme code may be used to attack your system in this scenario. (A more minor security issue is also addressed, CVE-2016-8605.)
There is also a lesson here that applies beyond Guile: the presumption that "localhost" is only accessible by local users can't be guaranteed by modern operating system environments. If you are looking to provide local-execution-only, we recommend using Unix domain sockets or named pipes. Don't rely on localhost plus some port.
This award is presented annually by FSF president Richard Stallman to an individual who has made a great contribution to the progress and development of free software, through activities that accord with the spirit of free software.
Individuals who describe their projects as "open" instead of "free" are eligible nonetheless, provided the software is in fact free/libre.
Last year, Werner Koch was recognized with the Award for the Advancement of Free Software for his work on GnuPG, the de facto tool for encrypted communication. Koch joined a prestigious list of previous winners including Sébastien Jodogne, Matthew Garrett, Dr. Fernando Perez, Yukihiro Matsumoto, Rob Savoye, John Gilmore, Wietse Venema, Harald Welte, Ted Ts'o, Andrew Tridgell, Theo de Raadt, Alan Cox, Larry Lessig, Guido van Rossum, Brian Paul, Miguel de Icaza, and Larry Wall.
“Free software is one of three pillars of our digital strategy”, has confirmed Nadia Pellefigue, the vice-president of the regional council of the Midi-Pyrenees (South-West of France).
“Free software and open source will help the regional industry and employment, because it can mobilise people”, Nadia Pellefigue said. “Public procurement has been spurred but there is still room for improvements”, she added. Cost savings, meaningful local jobs and lower dependencies on foreign firms are the three advantages of free software she listed.
Ms Pellefigue was one of the officials at the Rencontres Régionales du Logiciel Libre (RRLL), which took place in Toulouse in October.
There’s never been a better time to give Linux a try.
Wait, don’t slam on that back button! I’m not one of those rabid “Year of the Linux desktop” types. Windows works just fine for hundreds of millions of people, and—sorry, Linux lovers—there’s little to suggest Linux usage will ever be more than a rounding error compared to Microsoft’s behemoth.
That said, there are some pretty compelling reasons you might want to consider switching to Linux on your computer, or at least give it a hassle-free trial run.
Changing operating systems is a big step for anybody -- all the more so because many users are uncertain about exactly what an operating system is.
However, switching from Windows to Linux is especially hard. The two operating systems have different assumptions and priorities, as well as different ways of doing things. As a result, it is easy for new Linux users to wind up confused because the expectations they have developed using Windows no longer apply.
There are many instances, both in nature and business, of the virtues of distributed systems as compared to monolithic systems. One of the most obvious is the rise of open-source software, as argued persuasively by Eric Raymond in The Cathedral and the Bazaar (available online).
He argues that “cathedrals” (hierarchical, well-organised companies which are the western norm, e.g., IBM, Microsoft) will in the long run be defeated by “bazaars” (loosely federated groups of workers).
In the context of operating systems (the software that controls devices), and specifically of the UNIX and Linux systems (which is what Eric was focusing on), this prophecy has largely come true. Microsoft, so dominant in the last century, has now lost its monopoly.
Linux came into existence 25 years ago, but since then, it has been on the path of evolution, and has crept into the modern IT infrastructure like little else. What started as a rebellion movement of sorts, has now become the backbone of enterprise grade computing for sometime now, and been behind the success stories of more than a few enterprises.
To gauge the historical link of Linux with enterprise servers, Senior Solutions Architect at Red Hat Martin Percival’s words come to mind, who said “Linux was regarded as an alternative to proprietary Unix. But RHEL switched it to becoming an alternative to Windows Server.” However, when the 90’s came around, computing was to be turned on it’s head, when the consumer segment, more so with PCs, began to take off, even with the famous separation of Microsoft and IBM. While Windows 3.x became a sort of industry standard, IBM’s own OS/OS 2 didn’t create so much of an impression.
It's been a few months since Next Thing Co's C.H.I.P. computer was successfully funded on Kickstarter as "the world's first $9 computer" along with the PocketCHIP, a C.H.I.P. powered, battery-backed handheld with physical keyboard. Next Thing Co shipped to their backers over the summer whole in November they expects to begin shipping mass production orders on the CHIP and PocketCHIP. Over the past few weeks I've been playing with these low-cost ARM devices.
In this story, “Roblimo” takes us back to 2002, to an open source conference in a country where the common belief was that “nobody knew anything about Linux.” Boy, were they in for a surprise.
In December, 2002, I gave the keynote speech at an open source conference in Amman, Jordan. It was a tense time in that part of the world. Not long before I was there, the U.S. Agency for International Development (USAISD) chief in Amman was assassinated. Anti-U.S. demonstrations had been shut down by Jordan’s armed forces earlier in the year. King Abdullah II was still new in the job and did not yet have as certain a hand on the helm as his father, Hussein (amateur radio call JY1) did during previous decades. To make things even more fun, the country was flooded with refugees from Iraq, and rumors were rife that the U.S. would soon go to war with Saddam Hussein over 9/11. Or something. Of course, the war rumors turned out to be true.
How closely is that followed today? Relatively well, so far as using text stream goes. A majority of Linux programs continue to use plain text configuration files, which means that users can easily edit them, using the text editor of their choice.
However, there are a few exceptions. GRUB 2, for example, discourages manual editing, automating new entries after a new kernel or operating system is added. Similarly, Systemd uses binary files for its logs, while KDE's Akonadi, by making use of a database, ensures that any failure will be catastrophic, and unrepairable manually.
Such changes are usually made in the name of efficiency. All too often, however, the efficiency is gained by interfering with the do-it-yourself ethos that should almost be a fourth pillar of the Unix Philosophy.