Language Selection

English French German Italian Portuguese Spanish

Microsoft

NSA could have access to data on Microsoft-owned GitHub

Filed under
Development
Microsoft

The NSA could have access to the code repositories residing on GitHub, which is now owned by Microsoft, if past practices of the Redmond-based software giant are any indicator.

Microsoft announced its acquisition of GitHub on 5 June. The company said at the time that GitHub had about 28 million developers working on 80 million repositories. Microsoft has been one of the bigger code contributors to the site.

The reaction from open-source developers to the acquisition was not exactly been salutary as can be seen from comments on Linux Weekly News.

Read more

Former Munich Mayor Warns Against Negative Effects Of City’s Re-Migration To Microsoft

Filed under
GNU
Linux
Microsoft

The former mayor of Munich, Christian Ude (Social Democratic Party), clashed with the new head of IT of the Bavarian capital over the city’s re-migration from Linux to Microsoft at an event organised by the Green Party yesterday.

Read more

Google Support for GNU/Linux, Microsoft Walks Away From Windows Users

Filed under
Google
Microsoft
  • Acer Chromebook 13 and Chromebook Spin 13 to support Linux apps out of the box

    Along with a host of other high-end devices from other brands, the Acer Chromebook 13 and Chromebook Spin 13 will support Linux apps at launch, according to a recent Chromium commit. Google has been working with a number of device makers on a new range of high-end Chromebooks with enterprise features. Nami is the umbrella codename for these devices.

  • Acer Chromebook 13 & Chromebook Spin 13 will apparently support Linux apps at launch

    Acer is one of the bigger players in the Chrome OS market, and last month the company debuted two new exciting laptops in the Chromebook 13 and Chromebook Spin 13. Now we’re finding out that these machines will apparently support Linux apps out of the box.

  • Microsoft will stop offering forum support for Windows 7, 8.1, RT, and more

    rom next month, the company will cease to operate forum support for Windows 7, Windows 8.1, Windows RT, Microsoft Security Essentials, Internet Explorer 10 and Office 2010 and 2013.

    Also being stopped is support for Surface Pro, Surface Pro 2, Surface RT, Surface 2, the Microsoft Band and (at long last) Zune.

  • Microsoft to stop offering support for Windows 7 and Windows 8.1 in forums

    On the software front, the company says that it will also no longer provide support for Microsoft Security Essentials, Internet Explorer 10, Office 2010 and 2013 as of July. It is not just software that is affected. Microsoft is also stopping support for Surface Pro, Surface Pro 2, Surface RT, Surface 2, Microsoft Band and Zune. Some forums will be locked, preventing users from helping each other as well.

Winepak Could Make it Easier to Install Windows Apps on Linux

Filed under
Microsoft
Software

It might soon be easier to install your favourite Windows apps on Linux, thanks to a fledgling new project.

It’s called Winepak and, as you might guess from the name, it’s focused on packaging Wine applications as Flatpak bundles for faster, fuss-free use.

So, rather than you having to head out and find, installer, open it with Wine, and jog through the various steps needed to install it correctly you’d simply install an application from Winepak.

Read more

Openwashing and Entryism by Facebook and Microsoft

Filed under
Microsoft
OSS
  • Facebook releases Sonar debugging tool to the open source community
  • Facebook open sources Sonar

    Facebook has announced it will be open sourcing its extensible debugging tool: Sonar. Sonar was originally created to help Facebook engineers manage the complexity of working with multiple different modules.

    According to the company, Sonar provides a framework where experts and developers can convey important information to users. It also provides engineers with an intuitive way for inspecting and understanding the structure and behavior of iOS and Android applications.

    When it was started three years ago, Sonar was built upon Stetho, which is an Android debugging bridge built in Chrome’s developer tools. It added new features, provided a richer user experience, and works across both iOS and Android. Facebook recommends the use of Sonar over Stetho for most use cases going forward.

  • Linux Foundation: Microsoft buying GitHub is 'good news' for open source, here's why [Ed: Maybe Zemlin will get a Microsoft job one day.]
  • Closed Source and Ethics: Good, Bad, Or Ugly? [iophk: "Jono is sure milking his earlier accidental appointment as Canonical's spinmeister to promote Microsoft."]

    A little while ago I had a discussion with someone who was grumbling about Microsoft. After poking around his opinion, what shook out was that his real issue was not with Microsoft’s open source work (he was supportive of this), but it was with the fact that they still produce proprietary software and use software patents in departments such as Windows and Office.

    Put bluntly, he believed Microsoft are ethically unfit as a company because of these reasons, and these reasons were significant enough to diminish their open source work almost entirely.

  • Why You Should Use Windows Subsystem for Linux [Ed: Microsoft-connected site says, as in this case, something along the lines of use GNU/Linux only as an 'app' for Vista 10]
  • What Microsoft's GitHub Deal Promises to Programmers [Ed: "Business Over Religion" says a section as if software freedom is superstition and we should submit to the business objectives of Microsoft]
  • Proposed Microsoft-GitHub buy confirms open source role in cloud [Ed: "Microsoft has not always been about the developer," it says. It still isn't. This it why it bribes officials, blackmails executives, lies  and cheats (to this date). Don't believe the PR campaign.]

Microsoft’s failed attempt on Debian packaging

Filed under
Microsoft
Debian

I dared to download and play around with the files, only to get shocked how incompetent Microsoft is in packaging.

Read more

Also: Tails 3.7.1 Linux Distribution Released | Brings Tor Browser to 7.5.5 and Security Updates

Observing and Replacing GitHub

Filed under
Development
Microsoft
  • GitHub’s New CEO Did a Reddit AMA, This is What he Said

    There is a growing concern that Microsoft may seek to bloat the service with add-ons, feature creep, and integrations with their own services, like Azure and LinkedIn.

    Is that likely?

  • 5 Github Alternatives

    Although GitHub is the most used platform for storing open source projects on the Internet but being acquired by Microsoft, the open source community may like to prefer the alternatives. So we have other very interesting options that we recommend to know in order to decide which one to publish and store your own creations and adaptations in the cloud.

  • Three Takes On Microsoft Acquiring Github

    But, as someone who believes in the value of reinvention and innovation among the tech industry, it's not necessarily great to see successful mid-tier companies just gobbled up by giants. It happens -- and perhaps it clears the field for something fresh and new. Perhaps it even clears the field for that utopic git-driven world that Ford envisions. But, in the present-tense, it's at least a bit deflating to think that a very different, and very powerful, approach to the way people collaborate and code... ends up in Microsoft's universe.

    And, as a final note on these three pieces: this is why we should seek out and promote people who actually understand technology and business in understanding what is happening in the technology world. The Guardian piece is laughable, because it appears to be written by someone with such a surface-level understanding of open source of free software that it comes off as utter nonsense. But the pieces by Ford and Thompson actually help add to our understanding of the news, while providing insightful takes on it. The Guardian (and others) should learn from that.

  • Mailing lists vs Github

    The alternative method is the developer mailing list. It arose in the late eighties to early nineties, and predates the popularity of the web browser. But far from being a mere historical curiosity, the discussion list is still the primary method of development in many important open source projects, from databases to operating systems to web browsers.

    In this article I’ll carefully compare the use of mailing lists with code collaboration web sites such as Github. I’ll do my best to present the pros and cons of each, so that projects assessing the two can make an informed decision.

Microsoft's and Apple's Lies About Free/Open Source Software

Filed under
Microsoft
Mac

GNOMEs beat Microsoft: Git Virtual File System to get a new name

Filed under
Microsoft
GNOME

Microsoft is going to rename the Git Virtual File System to eliminate its clash with GNOMErs.

The purpose of the Git Virtual File System was laudable: Redmond's developers were sick of taking the afternoon off after typing “git clone” (even “git checkout” could take hours), so they gave GitHub users a workaround.

At the time, Microsoft's Saeed Noursalehi explained that GVFS “virtualises the file system beneath your repo and makes it appear as though all the files in your repo are present, but in reality only downloads a file the first time it is opened.”

At last, developers could handle terabyte-size repos without taking up knitting.

Read more

GitHub to be Run by People Who Killed Novell, RoboVM and More (the Mono Entryism)

Filed under
Microsoft
OSS
  • De Icaza links make Friedman wrong choice to head GitHub [Ed: De Icaza played a very major role in the Microsoft-Novell patent deal that eventually killed Novell]

    If Microsoft thought that selecting Nat Friedman to head its new acquisition, GitHub, would help burnish its open-source credentials, then it has made a big mistake.

    Members of the free and open source software community have very long memories and the contribution made by Friedman and his great friend and business partner, Miguel de Icaza, now also an employee of Microsoft, to numerous incidents many years ago that split the community have not been forgotten.

    For those who have been hiding under a rock, Microsoft on Monday (US time) announced that it was buying GitHub for for US$7.5 billion (A$9.79 billion) in Microsoft stock.

  • GitLab Ultimate and Gold now free for education and open source

    It has been a crazy 24 hours for GitLab. More than 2,000 people tweeted about #movingtogitlab. We imported over 100,000 repositories, and we've seen a 7x increase in orders. We went live on Bloomberg TV. And on top of that, Apple announced an Xcode integration with GitLab.

Syndicate content

More in Tux Machines

Oracle Yields GraphPipe

  • Oracle open sources Graphpipe to standardize machine learning model deployment
    Oracle, a company not exactly known for having the best relationship with the open source community, is releasing a new open source tool today called Graphpipe, which is designed to simplify and standardize the deployment of machine learning models. The tool consists of a set of libraries and tools for following the standard.
  • Oracle open-sources Graphpipe to make it easier to deploy machine learning models
    Oracle today open-sourced Graphpipe, a tool created to make it easy to serve machine learning models in the cloud made by popular frameworks like TensorFlow, MXNet, Caffe2, and PyTorch. Graphpipe was designed to simplify the deployment of machine learning for use on mobile apps and IoT devices, as well as web services for end users or AI for internal use at companies. “Graphpipe is an attempt to standardize the protocol by which you speak to a remotely deployed machine learning model, and it includes some reference servers that allow you to deploy machine learning models from existing frameworks very easily in an efficient way,” Oracle cloud architect Vish Abrams told VentureBeat in a phone interview. Prior to joining Oracle, Abrams led efforts at NASA to open-source the OpenStack cloud computing platform.
  • Oracle open sources GraphPipe, a new standard for machine learning models
    Machine learning is expected to transform industries. However, its adoption in the enterprise has been slower than some might expect because it's difficult for organizations to deploy and manage machine learning technology on their own. Part of the challenge is that machine learning models are often trained and deployed using bespoke techniques, making it difficult to deploy models across servers or within different departments.
  • Oracle offers GraphPipe spec for machine learning data transmission
    Oracle has developed an open source specification for transmitting tensor data, which the company wants to become a standard for machine learning. Called GraphPipe, the specification provides a protocol for network data transmission. GraphPipe is intended to bring the efficiency of a binary, memory-mapped format while being simple and light on dependencies. There also are clients and servers for deploying and querying machine learning models from any framework.
  • Oracle releases GraphPipe, an open-source tool for deploying AI models
    Major tech firms regularly open-source internal software projects, but it’s not often that Oracle Corp.’s name comes up in this context. Today marked one of those occasions. The database giant this morning released GraphPipe, a tool for easing the deployment of machine learning models. Development on the project was led by Oracle cloud architect Vish Abrams, an open-source veteran who previously worked at NASA as part of the team that created the OpenStack data center operating system.
  • Oracle Open Sources GraphPipe for 'Dead Simple' Machine Learning Deployment

A 'Bridge' for GNU/Linux Games

  • Valve seems to be working on tools to get Windows games running on Linux
    Valve appears to be working on a set of "compatibility tools," called Steam Play, that would allow at least some Windows-based titles to run on Linux-based SteamOS systems. Yesterday, Reddit users noticed that Steam's GUI files (as captured by SteamDB's Steam Tracker) include a hidden section with unused text related to the unannounced Steam Play system. According to that text, "Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems."
  • Valve could be working on compatibility tools to make gaming on Linux easier than ever
    Something to look forward to: Gaming on Linux has never been the ideal experience, and the lack of AAA game compatibility is one of the main reasons for this. That's where Valve comes in, apparently - the company seems to be quietly working on a compatibility tool of its own, called "Steam Play." It seems Valve could be taking another shot at bringing Linux to the forefront of PC gaming if recently-discovered Steam GUI files are anything to go by. Curious Reddit users dug into Steam database files obtained by Steam Tracker. Recent updates to the database include numerous hints at something called "Steam Play," which is beginning to sound like a compatibility tool of sorts.
  • Steam may be getting tools that will enable Windows games to run in Linux
    Valve announced the Linux-based SteamOS in 2013, just prior to the reveal of the vaguely console-like Steam Machine PCs. It was a big, bold move that ultimately petered out: Valve ditched the Steam Machines section of its website in April, aalthough you can still hit it directly if you know the URL.
  • Looks like Steam’s getting built-in tools to run Windows games on Linux
    A few lines of code uncovered in Steam suggest that Valve is working on compatibility tools to allow users to play games regardless of operating system. Put another way, Steam’s going to let you run Windows games on Mac and Linux with a set of software built directly into the client. Uncovered strings all come under the “Steam_Settings_Compat” header, and all reference back to Steam Play. That’s currently the moniker Valve used to distinguish games that come as a single purchase playable across Windows, Mac, and Linux, but the strings suggest a new definition on the way.
  • Rumour: Valve May Be Adding Windows Steam Game Compatibility to Linux
    In a very interesting move, sleuths over at GamingOnLinux appear to unearthed evidence that Valve is experimenting with tools that could allow Windows Steam games to be playable on Linux operating systems. Up until this point, a game has to be specifically developed for Linux in order to be compatible with Unix-based operating systems. There are workarounds available right now, but it’s notoriously unreliable and a major hassle to get sorted. However, updates posted to the Steam Database github indicates Valve is at least testing an automatic method for running Windows games on Linux. Picking through the github notes, the tool appears to be called ‘Steam Play’, which the compatibility info says “Steam Play will automatically install compatibility tools that allow you to play games from your library that were built for other operating systems.”

Security: Updates, IPSec, Elections, AWS and Surveillance

  • Security updates for Wednesday
  • Cisco, Huawei, ZyXel, and Huawei patch Cryptographic IPSEC IKE Vulnerability
  • 11-year-old shows it’s child’s play to mess with elections
    At the DefCon Voting Village in Las Vegas last year, participants proved it was child’s play to hack voting machines: As Wired reported, within two minutes, democracy-tech researcher Carsten Schürmann used a novel vulnerability to get remote access to a WinVote machine. This year, it was literally child’s play: the DefCon village this past weekend invited 50 kids between the ages of 8 and 16 to compromise replicas of states’ websites in the so-called “DEFCON Voting Machine Hacking Village.”
  • Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
    Both adult and kid hackers demonstrated at DEF CON how the hackable voting machine may be the least of our worries in the 2018 elections. Two 11-year-old budding hackers last week at DEF CON in Las Vegas used SQL injection attack code to break into a replica of the Florida Secretary of State's website within 15 minutes, altering vote count reports on the site. Meanwhile, further down the hall in the adult Voting Machine Hacking Village at Caesars Palace, one unidentified hacker spent four hours trying to break into a replica database that housed the real, publicly available state of Ohio voter registration roll. He got as far as the secured server — penetrating two layers of firewalls with a Khali Linux pen testing tool — but in the end was unable to grab the data from the database, which included names and birthdates of registered voters.
  • How Netflix Secures AWS Cloud Credentials
    Netflix has long been the poster child for being an "all-in-the-cloud" organization. The streaming media service relies on Amazon Web Services (AWS) for infrastructure and computing resources that it uses to operate.
  • Researchers Reveal Security Vulnerabilities in Tracking Apps
    Millions of users around the world regularly install tracker apps on their Android devices to help them keep track of friends and loved ones. Some of those tracker apps, however, contain vulnerabilities that could potentially enable an attacker to track the users of the apps. Researchers from the Fraunhofer Institute for Secure Information Technology detailed 37 vulnerabilities found in 19 mobile tracking apps in a session at Defcon in Las Vegas on Aug. 11. The researchers responsibly disclosed the flaws to Google and noted that, as of the time of their presentation, 12 of the apps had been removed from the Google Play store, leaving seven still publicly available and vulnerable. "In this project it was very easy to find vulnerabilities," security researcher Siegfried Rasthofer said. "There were no sophisticated exploits."

L1TF/Foreshadow News and Benchmarks

  • Three More Intel Chip Exploits Surface
  • Spectre-like “Foreshadow” Flaw In Intel CPUs Can Leak Your Secrets
  • QEMU 3.0 Brings Spectre V4 Mitigation, OpenGL ES Support In SDL Front-End
    QEMU 3.0 is now officially available. This big version bump isn't due to some compatibility-breaking changes, but rather to simplify their versioning and begin doing major version bumps on an annual basis. As an added bonus, QEMU 3.0 comes at a time of the project marking its 15th year in existence. QEMU 3.0 does amount to being a big feature release with a lot of new functionality as well as many improvements. Changes in QEMU 3.0 include Spectre V4 mitigation for x86 Intel/AMD, improved support for nested KVM guests on Microsoft Hyper-V, block device support for active mirroring, improved support for AHCI and SCSI emulation, OpenGL ES support within the SDL front-end, improved latency for user-mode networking, various ARM improvements, some POWER9 / RISC-V / s390 improvements too, and various other new bits.
  • How the L1 Terminal Fault vulnerability affects Linux systems
    Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting Intel processors (and, thus, Linux) called L1TF or “L1 Terminal Fault” is grabbing the attention of Linux users and admins. Exactly what is this vulnerability and who should be worrying about it?
  • An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines
    Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.
  • Phoronix Test Suite 8.2 M2 Released With Offline Improvements, L1TF/Foreshadow Reporting
    The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers.
  • The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX
    While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD. I should have my initial BSD vs. Linux findings on Threadripper 2 out later today. There were about 24 hours worth of FreeBSD-based 2990WX tests going well albeit DragonFlyBSD currently bites the gun with my Threadripper 2 test platforms. More on that in the upcoming article as the rest of those tests finish. It's also been a madhouse with simultaneously benchmarking the new Level 1 Terminal Fault (L1TF) vulnerability and the performance impact of those Linux mitigations on Intel hardware will start to be published in the next few hours.