Language Selection

English French German Italian Portuguese Spanish


OSS Leftovers

Filed under
  • The customization of Open Source

    A technology conference titled Open Source 101 is planned for April 17, and will host representatives from the world’s top tech companies.

    According to Todd Lewis and and Sergio Aparicio, Microsoft, IBM, VM Ware, Red Hat, GitHub, Dow Jones/Wall Street Journal, Lending Tree, Bank of America Merrill Lynch (technology division), the Walt Disney Company, Linux Foundation, and many more will have a presence at the day long conference.

  • DMG Blockchain Solutions Contributes to Open-Source Lightning Protocol to Speed Blockchain Transactions
  • DMG Blockchain Solutions Contributes to Open-Source Lightning Protocol to Speed Blockchain Transactions
  • Projects that make their rules explicit would see more participation

    When we say that a something is "open," we generally highlight its transparency or visibility. But openness is also inherently linked with collaboration and, as such, with the way people work together. Collaboration involves dealing with issues such as the organization of work and the allocation of decision rights—in a nutshell, all that we normally call a "governance model."

    For open communities and other organizations, making these governance models explicit is key for several reasons. First, it helps promote an organization's sense of transparency. One could know how much time a group takes to consider an issue, the chances contributions have of making an impact on the organization, or who is going to hear their voices when they speak up. Second, explicitly defining a governance model may also help one better understand and classify how open organizations are driven. In other words, governance models reveal clues about the particular distributions of power and authority inherent to an organization (e.g., democracy, meritocracy, (benevolent) dictatorship, etc.). For instance, the study of specific governance models could shed some light on the definition of meritocracy in the context of open source (a controversial topic still under discussion).

21 percent of open source serverless applications have critical vulnerabilities

Filed under

Serverless computing is increasingly popular because it eliminates infrastructure concerns. However, a new report raises worries about its security.

According to an audit by serverless security company PureSec, more than one in five serverless applications has critical security vulnerabilities.

An evaluation of 1,000 open-source serverless projects conducted by the PureSec threat research team finds that 21 percent of them contain one or more critical vulnerabilities or misconfigurations, which could allow attackers to manipulate the application and perform malicious actions. Six percent of the projects even had application secrets, such as API keys or credentials, posted in their publicly accessible code repositories.

Read more

Creating flags with CSS and other open source tools

Filed under

Some flags are symbols of countries, and some are easily recognizable, such as the flags of Canada and Japan. Others are more obscure, such as those of Sierra Leone and Andorra. But who owns the copyright to flags of the world? According to Wikipedia, “national, governmental, or historical flags are … in the public domain because they consist entirely of information that is common property and contain no original authorship.” Of course, there are flags for states, provinces, cities, and so forth. It is assumed that geographically representative flags are in the public domain and can be used freely.

Read more

OSS Leftovers

Filed under

How the EU's Copyright Reform Threatens Open Source--and How to Fight It

Filed under

Translated into practical terms, this means that sites with major holdings of material uploaded by users will be required to filter everything before allowing it to be posted. The problems with this idea are evident. It represents constant surveillance of people's online activities on these sites, with all that this implies for loss of privacy. False positives are inevitable, not least because the complexities of copyright law cannot be reduced to a few algorithmic rules that can be applied automatically. That, and the chilling effect it will have on people's desire to upload material, will have a negative impact on freedom of expression and undermine the public domain.

The high cost of implementing upload filters—Google's ContentID system required 50,000 hours of coding and $60 million to build—means that a few big companies will end up controlling the market for censorship systems. Their oligopoly power potentially gives them the ability to charge high prices for their services, which will impose burdens on companies in the EU and lead to fewer online startups in the region. Other problems with the idea include the important fact that it seems to go against existing EU law.

Article 13 has been drawn up mainly to satisfy the barely disguised desire of the European copyright industry to attack successful US companies like Google and Facebook. But the upload filter is a very crude weapon, and it will affect many others who—ironically—will be less able than internet giants to comply with the onerous requirement to censor. For example, it is likely that Wikipedia will be caught by the new rule. After all, it hosts huge amounts of "subject-matter" that is uploaded by users. As a post on the Wikimedia blog pointed out: "it would be absurd to require the Wikimedia Foundation to implement costly and technologically impractical automated systems for detecting copyright infringement."

Read more

Why I love ARM and PowerPC

Filed under

Once upon a time, I studied environmental protection. While working on my PhD, I was looking for a new computer. As an environmentally aware person, I wanted a high-performing computer that was also efficient. That is how I first became interested in the PowerPC and discovered Pegasos, a PowerPC workstation created by Genesi.

I had already used RS/6000 (PowerPC), SGI (MIPS), HP-UX (PA-RISC), and VMS (Alpha) both as a server and a workstation, and on my PC I used Linux, not Windows, so using a different CPU architecture was not a barrier. Pegasos, which was small and efficient enough for home use, was my first workstation.

Read more

OSS: IDG's Latest FUD, New Releases/Liberated Software, Funding for RISC-V, and CMS Updates

Filed under
  • Open source software security challenges persist [Ed: Maria Korolov should do an article about back doors in proprietary software; instead she keeps pushing the talking points of Microsoft-connected firms like Black Duck -- those who profit from badmouthing FOSS]
  • Sonatype Contributes Nexus JavaScript Support to Open Source Community

    Sonatype, the leader in open source governance and DevSecOps automation, today announced the contribution of its JavaScript support for Nexus Repository to the open source community. This is yet another step in Sonatype’s plan to contribute source code to the community for all formats currently supported in Nexus Repository.

    “Sonatype was founded on the principles of open source - that collaboration and community can help developers innovate faster and create higher quality software,” said Brian Fox, CTO and co-founder of Sonatype. “Nexus Repository has become a defacto standard within DevOps toolchains worldwide and is simply the best way to continuously control binaries, build artifacts, and release candidates as they flow through the modern SDLC.  By contributing repository formats to the community, we’re maximizing developer flexibility and further accelerating continuous innovation.”

  • Glitch leaves beta and goes open source

    The developer community website Glitch has announced it is leaving beta and The community is now open-source. It was initially announced last year as a way to facilitate collaboration between developers.   

    Since it was first announced, the platform has continued to evolve based on feedback from the developer community. Some of the new editions to the site include real-time help, a new console, and the ability to thank creators. It also features an easy way to add licenses and a code of conduct.

  • GNU Spotlight with Mike Gerwitz: 19 new GNU releases!


  • RISC-V leader gains $50 million in funding and Western Digital vows to build 1 billion chips

    SiFive has raised $50.6 million in Series C funding, and Western Digital pledged to produce 1 billion of SiFive’s RISC-V cores. Meanwhile, the new Linux 4.16 kernel boosted RISC-V support, and there are rumors of a RISC-V project led by Google, Qualcomm, and Samsung.

    The open source RISC-V computer architecture project has continued to generate buzz since SiFive opened pre-sales in early February for its Linux-friendly HiFive Unleashed SBC, which showcases SiFive’s RISC-V based Freedom U540. Today, SiFive announced it has received $50.6 million in Series C funding, and has signed a multi-year license to its Freedom Platform with storage giant Western Digital, which pledged to produce 1 billion of SiFive’s RISC-V cores (see farther below).

  • DNN Updates DNN Platform, dotCMS Hires New CMO, More Open Source News

    DNN released version 9.2 of its DNN Platform, which includes updates such as "Prompt," a command-line interface for managing a DNN site, as well as a storage connector for Azure. Prompt was created and led by Kelly Ford, President of DNNDev, with other members of the community contributing. DNN 9.2 can be downloaded at GitHub.

    Ford, who is also an Executive Committee Member of DNN-Connect, announced via the DNN Community blog that he is spearheading a community effort to organize and improve DNN documentation. DNN community member David Poindexter spent time organizing the release archives of DNN Platform. Users can now access every version of DNN Platform, from version 9 back to version 1, which dates back to 2003.

5 Open Source Libraries to Aid in Your Machine Learning Endeavors

Filed under

While many factors have contributed to this increase in machine learning, one reason is that it’s becoming easier for developers to apply it, thanks to open source frameworks.

If you’re not familiar with this technology, and feel confused about some of the terms used, such as “framework” and “library,” here are the definitions.

Read more

OSS Leftovers

Filed under
  • Leadership Is The Secret To An Open Source Business Model

    The freedom to do so is the fundamental tenet of permissively licensed open source software, and while it sounds self-defeating to be this generous, we've proven that leadership, not licensing, is the true secret to a successful open source business...

  • Kaspersky Lab Researchers Put Their Advanced Threat Hunting Tool, Klara, Into Open Source Domain

    Kaspersky Lab’s security researchers have placed KLara, a tool created internally to accelerate the search for related malware samples, into the open source domain for everyone to use. KLara is a distributed, rule-based malware scanner able to run multiple rules through multiple databases at the same time, allowing researchers to hunt advanced threats more effectively.


  • Site Isolation Coming With Chrome 67: Improves Security But Increases RAM Usage

    Site Isolation has been enabled on Chrome Beta, and it will be released with Google Chrome version 67. This feature was first introduced in Google Chrome 63, but it wasn’t enabled until now.

  • Perspectives on Investing in Open Source Startups [Ed: Microsoft has stuffed and stacked the Linux Foundation, which now works for a proprietary Windows company (which blackmails Linux OEMs)... after it paid $500,000 (Zemlin gets $600k+ a year, more than Torvalds)]
  • Microsoft Offers New Tool to Grow Linux in Windows [Ed: Grow? Like a "cancer"? Why does Microsoft not help Wine development instead? Let that sink in. Classic EEE.]
  • The textbook market exploits students. We shouldn't accept that.

    A logical option to make higher education affordable and accessible is to transition to Open Educational Resources. OERs are free, peer-reviewed and available for any professor to adopt. They have an open copyright, meaning any professor can use them for free and personalize the textbook to best fit their needs, which is a luxury traditional textbooks do not offer due to copyright.

    Many people are wary of open source textbooks because they are free, but textbooks found on popular open libraries like Openstax, a non-profit based out of Rice University, and Open Textbooks Network, a network that University of Maryland Libraries recently joined, are all peer reviewed and offer exceptional pedagogical value. Many professors and courses, such as an introductory Human Anatomy course at this university, currently use open source materials. Yet not enough professors have adopted this technology to help all of us save money and ensure an affordable education.

What Attracts Devs To Open Source

Filed under

In an era in which we are becoming more an more reliant on open source software, it is important to know how to recruit and retain core developers - the ones that are key to a project's survival, sustainability and success. An attempt to do this comes from Brazil to be presented in Sweden.

Jailton Coelho, Marco Tulio Valente, Luciana L. Silva, Andre Hora wanted to understand what motivates developers to assume a key role in Free/Libre Open source Software (FLOSS) projects. Their paper reporting the results of a survey of 52 developers who were core contributors of GitHub projects has been accepted for CHASE 2018: 11th International Workshop on Cooperative and Human Aspects of Software Engineering which is part of the 40th International Conference on Software Engineering taking place May 27 - 3 June 2018 in Gothenburg, Sweden.

Read more

Red Hat on programming today:

Syndicate content

More in Tux Machines

OpenBSD and NetBSD

Security: Twitter and Facebook

  • Twitter banned Kaspersky Lab from advertising in Jan

    Twitter has banned advertising from Russian security vendor Kaspersky Lab since January, the head of the firm, Eugene Kaspersky, has disclosed.  

  • When you go to a security conference, and its mobile app leaks your data

    A mobile application built by a third party for the RSA security conference in San Francisco this week was found to have a few security issues of its own—including hard-coded security keys and passwords that allowed a researcher to extract the conference's attendee list. The conference organizers acknowledged the vulnerability on Twitter, but they say that only the first and last names of 114 attendees were exposed.

  • The Security Risks of Logging in With Facebook

    In a yet-to-be peer-reviewed study published on Freedom To Tinker, a site hosted by Princeton's Center for Information Technology Policy, three researchers document how third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge.

  • Facebook Login data hijacked by hidden JavaScript trackers

    If you login to websites through Facebook, we've got some bad news: hidden trackers can suck up more of your data than you'd intended to give away, potentially opening it up to abuse.

Beginner Friendly Gentoo Based Sabayon Linux Has a New Release

The team behind Sabayon Linux had issued a new release. Let’s take a quick look at what’s involved in this new release. Read more

Android Leftovers