Language Selection

English French German Italian Portuguese Spanish


OSS Leftovers

Filed under
  • More organizations embracing open source for analytics processes

    Open source products are becoming an increasingly important part of data management, although not all categories of offerings are growing as quickly as others.

    “Open source business analytics has been relatively slow to grow, compared to other open source data management capabilities,” said Donald Farmer, principal at consulting firm TreeHive Strategy.

    “We have seen real traction for stream processing, data movement and of course data management in open source,” Farmer said. “One important exception has been open source data visualization, a critical component of analytics.”

    For example, d3 “has been an outstanding success and as a result is supported even by analytics tools which have their own highly-developed visualization capabilities,” Farmer said.

  • Summer of Code: Finalizing the PR

    I spent the week opening my pull request against Smacks master branch and adding a basic trust management implementation. Now the user is required to make decisions whether to trust a contacts key or not. However, the storage implementation is kept very modular, so an implementor can easily create a trust store implementation that realizes custom behaviour.

    Smack-openpgp now allows users which did not subscribe to one another to exchange encryption keys quite easily.

  • YouTube Works 5 Times Slower On Firefox And Edge, Claims Mozilla Executive

    After the EU’s massive $5 billion fine on Google for creating dominance in Android smartphones, many people realized that Google is not the utopian company they thought it was. In fact, it uses the same petty tactics as any other big firm.

  • Revealing unknown DWG classes (2)

    I've added more solver code and a more detailled explanation to the HACKING file, to find the binary layout of unknown DWG classes, in reference to public docs and generated DXF files.

  • 15 Years of SparkFun

    It’s been 15 years since SparkFun started building crazy stuff. Let’s take a long moment and look back to see how it started. Perhaps from history we can see where we might be headed. I enjoy telling a good story, and you’ve got me wading through memory lane. Grab a tasty beverage and have a read…

  • NetSpectre Vulnerability Can Reveal Arbitrary Memory Over Network

    NetSpectre is a new network-based speculative attack vulnerability that doesn't require exploited code to be running on the target machine.

    NetSpectre is a Spectre V1 style attack but for proper exploit requires precise timing among other caveats. The biggest caveat though is NetSpectre is only able to leak at an incredibly low rate of 15~60 bits per hour depending upon the processor.

OSS Leftovers

Filed under
  • An Open-Source Solution to Autonomous Vehicle Safety

    Oregon-based FLIR Systems has a clear dog in the fight, being the largest commercial manufacturer specializing in thermal imaging sensors, components, and cameras. But the company is taking a unique approach to the issue by adopting open source.

    In July, the company released a machine learning dataset of over 10,000 thermal images for researchers, engineers, and manufacturers working on self-driving vehicles and Advanced Driver Assistance Systems (ADAS). Those images can be leveraged in training the neural network artificial intelligence behind autonomous and connected vehicles.

  • How Open Source Became The Default Business Model For Software

    Since its inception in 1998, open source has become the de-facto standard for software development and proven itself as a viable business model. While making source code freely available for redistribution and modification may seem counterintuitive, the success of companies like Red Hat and Canonical are proof that an open source model can turn a profit.

  • Mozilla: Copyright Laws Stifle Creativity and Innovation

    Mozilla sees intellectual property [sic] legislation as a threat to the open Internet because it stifles creativity and innovation. The foundation, best known for its development of the Firefox browser, is now asking the NTIA to shield the Internet from bad policies while reforming outdated laws.

  • Scotiabank to share proprietary software development accelerator with open-source community

    Scotiabank today announced it will share bank-developed applications with the open-source software community, marking a significant milestone in the Bank's digital transformation.

  • Top 5 pitfalls in open source software testing [Ed: Company that sells proprietary stuff badmouths FOSS]

    It is a fact that many organisations believe that by simply choosing the right testing tools and downloading them for free you automatically have a competent test regime in place – we have, unfortunately, experienced this mistake first hand on client visits


    There’s often a misconception around OSS that it is an automatically cost-effective choice because it is ‘free’. Although a well-selected OSS testing tool or platform may well be the best choice, there are strings attached. The most important question is whether your enterprise has the skills in-house to use and operate the tool already, and if not whether investing in training or recruitment is an option. We regularly encounter clients who have either not fully thought through the implications of adopting a particular tool, or who have incurred significant training costs that had not been initially budgeted for. This is especially true of those tools that require very specific technical skills to use and operate, and these skills can carry a significant technical cost to acquire, sometimes being non-transferable – it is important to check the technical requirements first!


    Written by Iain Finlayson, Senior Technical Test Engineer, Edge Testing Solutions

  • Starting your first Python project

    There's a gap between learning the syntax of the Python programming language and being able to build a project from scratch. When you finish reading your first tutorial or book about Python, you're good to go for writing a Fibonacci suite calculator, but that does not help you starting your actual project.


    It's not a secret that Python has several versions that are supported at the same time. Each minor version of the interpreter gets bugfix support for 18 months and security support for 5 years. For example, Python 3.7, released on 27th June 2018, will be supported until Python 3.8 is released, around October 2019 (15 months later). Around December 2019, the last bugfix release of Python 3.7 will occur, and everyone is expected to switch to Python 3.8.

  • What's the cost of feature flags?
  • Security updates for Thursday
  • Old Bluetooth flaw lets hackers steal data passing between devices


    The attack, which was disclosed in a research paper published Wednesday, is serious because it allows people to perform a man-in-the-middle attack on the connection between vulnerable devices. From there, attackers can view any exchanged data, which might include contacts stored on a device, passwords typed on a keyboard, or sensitive information used by medical, point-of-sale, or automotive equipment. Attackers could also forge keystrokes on a Bluetooth keyboard to open up a command window or malicious website in an outright compromise of the connected phone or computer.

Linux Foundation Events: Community Leadership Summit and Open Source Summit

Filed under
  • Community Leadership Summit Recap and Pictures

    The event was fantastic. We had over 200 great attendees (from all manner of backgrounds, disciplines, and experience), 8 keynotes, 40+ discussion sessions, and a raft of fantastic hallway discussions, social events, and more. Thanks also to Todd Lewis, Aaron Griswold, Van Riper, Catharine Lipton, and others who helped make this a success.

    While CLS is in it’s ninth year, this year felt even more energized than usual. There were some deep, complex discussions getting to the heart of how people collaborate, and these conversations covered a wide range of topics.

  • Hot Technologies on Track at Open Source Summit

    Open Source Summit North America is right around the corner. There will be hundreds of sessions, workshops, and talks, all curated by experts in the Linux and open source communities. It’s not an easy feat to choose the topics and sessions you want to attend at the event because there are so many topics and only so much time.

    In this article, we talk with Laura Abbott, a developer employed by Red Hat, and Bryan Liles, a developer at Heptio, a Kubernetes company, based in Seattle, Washington, about the upcoming event. Abbott is on the program committee for Open Source Summit, and Liles is one of the program chairs, working hard “to build out a schedule that touches on many aspects of Open Source.”

Big Win for OpenStreetMap (OSM)

Filed under

IBM, Google Partner on Knative Open-Source Serverless Cloud Project

Filed under

Today’s topics include IBM and Google announcing their new Knative serverless cloud project, and the National Institute of Standards and Technology updating recommendations for mobile application security.

On July 24 at Google Next ’18 in San Francisco, IBM and Google announced an open-source serverless cloud computing project called Knative, which has the potential to redefine how serverless computing can be used to build cloud architectures and expand the use of the serverless genre beyond mere functions.

Knative will serve as a bridge for serverless computing to coexist and integrate with containers atop Google Kubernetes in a cloud-native computing system.

Read more

RISC-V’s Open-Source Architecture Shakes Up Chip Design

Filed under

In the past decade, many technologists have adopted the mantra that software is eating the world. However, all of that software has to run on something. And that something is silicon.

Unfortunately, the chip world has hit a roadblock with the fade-out of Moore’s Law.

The challenge of building circuits that require years of research and development, combined with rapid advancements in software, is making it more difficult for silicon designers to predict the future. Given the multimillion-dollar stakes associated with new chip architectures, every investment is a big risk.

Meanwhile, Apple, Facebook, Google, and Samsung have decided to build their own silicon instead of relying on Intel, Qualcomm, or others. Thus, investing hundreds of millions of dollars into a new chip architecture becomes even riskier, with less potential to win a major new customer.

These shifts have produced a boom of interest in a chip architecture called RISC-V (pronounced “risk-five”), which was created eight years ago at the University of California, Berkeley. RISC-V is the fifth generation of the “reduced instruction set computer” type of architecture. Just like the instruction sets for the ARM, PowerPC, or x86 architectures, RISC-V defines how the computer operates at the most basic software level.

Read more

DARPA launches POSH project for open source hardware IP blocks

Filed under

DARPA announced the first grants for its $1.5 billion Electronic Resurgence Initiative for accelerating chip development. More than $35 million went to a “Posh Open Source Hardware” project for developing and verifying hardware IP.

The U.S. Defense Advanced Research Projects Agency (DARPA) announced the first grants for its Electronic Resurgence Initiative (ERI). The initial round, which will expand to $1.5 billion over five years, covers topics ranging from automating EDA to optimizing chips for SDR to improving NVM performance. Of particular interest is a project called POSH, (posh open source hardware), which intends to create a Linux-based platform and ecosystem for designing and verifying open source IP hardware blocks for next-generation system-on-chips.

Read more

​What is Mycroft: The Wildly Popular Open Source Alternative to Alexa, Siri and Google Home

Filed under

Smart Speakers the likes of Amazon’s (AMZN) Alexa and Google (GOOGL) Home Max are part of the AI-powered voice assistant technological revolution currently sweeping across the globe, making the new category already the fastest-growing technology product ever (yes, EVER). Control and innovation of these products currently rests primarily in the hands of the major tech giants, essentially contained to closed, black box models. As they battle vehemently with each other to protect their IP of the hardware and software—and more importantly, the data that they collect from the speakers—the rest of the world is left largely in the dark as to their intentions.

Reading the trends for a more open approach toward voice user interfaces, and the rising need for consumer privacy, a startup by the name of Mycroft has emerged on the scene as a formidable alternative to its bigger peers. The company has developed the world’s first open source voice AI platform and has attracted developers around the globe and millions of dollars in institutional support.

Read more

Best of Self-Hosted

Filed under
  • Best Self-Hosted File-Sharing Solutions

    Considering that high-profile data breaches make headlines on a regular basis these days, it’s no wonder that more users than ever want to reclaim the ownership of their data using self-hosted file-sharing solutions.

    If you think that running your own alternative to Dropbox and OneDrive requires more technical expertise than you have, think again. Modern self-hosted file-sharing solutions make it very simple to set up a cloud storage system on your own web server, and their features are difficult it live without once you’ve spent some time with them.

  • Best Self-Hosted IRC Clients

    While IRC (Internet Relay Chat) may not feel as fresh today as it did during its golden era, which spans from the 1990s to early 2000s, this application layer protocol that facilitates communication in the form of text isn’t going away anytime soon.

    Open source developers and enthusiasts have a particularly rosy relationship with IRC, and the Freenode network alone encompasses more than 90,000 users and 40,000 channels.

    If you would like to explore what IRC communities are all about, this list of top 5 best self-hosted IRC clients will help you pick the best IRC client for your home server so that you can connect from anywhere and any device.

  • Best Self-Hosted Learning Management Systems (LMS)

    Prior to the digital era, classes were restricted to lectures whose availability to the general public ranged from okay to abysmal. Fortunately, the times have changed and it’s now easier than ever to access high-quality educational content from the most prestigious universities in the world and independent educators with a passion for sharing knowledge. In fact, the e-learning market worldwide is forecast to surpass $243 billion by 2022, and learning management systems (LMS) are a major driver of this growth.

  • Best Self-Hosted Mapping Software

    There’s no denying that Google Maps has made travel much easier: you simply pick your destination and follow a route picked for you by a sophisticated algorithm that takes into consideration hundreds of different factors, including the current traffic situation.

    But even though Google Maps is free, there’s a price all users have to pay, and that price is your personal data. By default, Google Maps records your every move and sells the recorded data to advertisers, who are hungry to know where you shop, how long you stay there, and how often you return.

  • Best Self-Hosted Photo and Video Galleries

    The photos we take and the videos we record can bring us back in time and remind us of who we were, what we’ve accomplished, and who was there with us. But despite how precious photos and videos are to us, we willingly hand them over to corporations running image and video hosting services, social media networks, and file hosting sites.

  • Best Self-Hosted Wiki Software Products

    It was Sir Francis Bacon who first said that knowledge is power. Today, most of our collective knowledge about the world around us can be found on various wikis, which are websites or databases developed collaboratively by a community of users.

    Wikipedia is by far the most popular wiki in the world, currently featuring over 45 million pages in 301 languages. Nearly 500 visitors visit Wikipedia each month, and most of them have no idea that it’s possible to create a website just like Wikipedia for free and without any previous web development experience.

HOPE XII: A FOSS Operating System for e-Readers

Filed under

Free and open source software (FOSS) was a recurring theme during many of the talks during the HOPE XII conference, which should probably come as no surprise. Hackers aren’t big fans of being monitored by faceless corporate overlords or being told what they can and cannot do on the hardware they purchased. Replacing proprietary software with FOSS alternatives is a way to put control back into the hands of the user, so naturally many of the talks pushed the idea.

In most cases that took the form of advising you to move your Windows or Mac OS computer over to a more open operating system such as GNU/Linux. Sound advice if you’re looking for software freedom, but it’s a bit quaint to limit such thinking to the desktop in 2018. We increasingly depend on mobile computing devices, and more often than not those are locked down hard with not only a closed proprietary operating system but also a “Walled Garden” style content delivery system. What’s the point of running all FOSS software at home on your desktop if you’re carrying a proprietary mobile device around?

Read more

Syndicate content

More in Tux Machines

Android Leftovers

OSS Leftovers

  • 8 hurdles IT must overcome if they want open source success
    Open source software has the potential to drive innovation and collaboration across an enterprise, and can transform the way developers work together. "Open source is now part of the evaluation criteria when deciding on a software platform, so much so that it is expected," said Matt Ingenthron, senior director of engineering at Couchbase. "In this way, open source has somewhat faded into the background in a positive way. Just like no consumer would inquire if a mobile phone had internet access or text messaging, choosing an open source solution is almost always an option."
  • Sprint calls on open source analytics to prevent cyberfraud
    Mobile phone-related fraud is big business. Fraudsters, hackers, and other bad actors employ creative techniques to compromise networks, hijack user information, and piece together customer identities that are then sold for big bucks on the dark web. To protect its customers, Sprint needed to transform the way it detected and blocked fraudulent activity. “In the mobile phone business, there’s no markup on selling devices — our bread and butter is the network and the services that are delivered on that network, through the devices,” says Scott Rice, CIO of Sprint. “Identity theft is a huge problem and the ability for nefarious actors to use that theft of information to impersonate our customers means we were eating the costs of the devices and the costs of services delivery.”
  • Open Source Platform Delivers LDAP Integration
    The latest release of InfluxData, an open source platform for metrics, events, and other time series data, adds LDAP integration, new advanced analytics, and self-healing capabilities in the time series database platform. According to the company, time series data, collected and stored with InfluxData’s Time Series database platform is integral to observability and is becoming mission critical for organizations. Enhancements to InfluxEnterprise make it easier for administrators to keep this mission critical data available and secure by checking and verifying every requested action. This includes creating databases, storing data and running queries – against a user’s stored authorizations and role.
  • YOYOW-WeCenter Special Edition Release: Free and Open Source
    The YOYOW-WeCenter Special Edition, customized and developed by YOYOW and based on WeCenter Q&A community framework, has been released on GitHub. Compared to regular WeCenter frameworks, YOYOW is providing free open source services and will be continually iterating products and will be introducing an incentive mechanism. Each Q&A community can directly integrate into YOYOW's bottom layer network and enjoy the network services provided by YOYOW.
  • Add-on Recommended By Mozilla Caught Logging Users’ Browsing History
    According to the reports by Mike Kuketz, an independent security blogger from Germany and uBlock Origin, an add-on named “Web Security” has been caught collecting users’ browsing history. [...] Soon after this discovery by Hill, Kuketz added a post on his blog about the same extension pointing to the same strange behavior of the add-on. A user on Kuketz’s blog decoded the garbled data and found that the add-on was collecting users’ browsing history and sending it to a German server.
  • Zombies: Top 5 Open Source Vulnerabilities That Refuse To Die [Ed: Microsoft partner WhiteSource continues to stigmatise FOSS as a security nightmare, using bugs branded by other Microsoft partner for extra panic]
  • How a civic hacker used open data to halve tickets at Chicago's most confusing parking spot
    Matt Chapman used the Freedom of Information Act to get the City of Chicago's very mess parking ticket data; after enormous and heroic data normalization, Chapman was able to pinpoint one of the city's most confusing parking spots, between 1100-1166 N State St, which cycled between duty as a taxi-stand and a parking spot with a confusingly placed and semi-busted parking meter. After surveying the site and deducing the problem, Chapman contacted the alderman responsible for that stretch of North State Street, and, eight months later, the signage was cleaned up and made more intuitive. Followup data analysis showed that Chapman's work had halved the number of parking tickets issued on the spot, with 600-odd fewer tickets in the past 20 months, for a savings of $60,000 to Chicago motorists.
  • Bluespec, Inc. Releases a New Family of Open-Source RISC-V Processors
    Bluespec Inc. has released Piccolo, its first in a family of RISC-V open-source processors provided as a vehicle for open innovation in embedded systems. Piccolo is a 3-stage RV32IM processor whose small “footprint” is ideal for many IoT applications. The repository ( contains a royalty-free synthesizable Verilog core that can be easily integrated and deployed into an ASIC or FPGA. Bluespec, Inc. will actively maintain Piccolo. It also offers commercial-grade tools for the customization and verification of RISC-V cores. Configurations will be continually added to provide the full spectrum of embedded controller features. Companies or universities interested in contributing to the Piccolo project should contact Bluespec, Inc. (add contact – RISC-V open source support).

KDE Applications 18.08 Open-Source Software Suite Released, Here's What's New

Being in development for the past several months, KDE Applications 18.08 goes stable today and will hit the software repositories of various popular GNU/Linux distributions during the next few days. This is a major release and brings numerous new features and improvements across multiple apps, including Dolphin, Konsole, Gwenview, KMail, Akonadi, Cantor, Spectacle, and others. "We continuously work on improving the software included in our KDE Application series, and we hope you will find all the new enhancements and bug fixes useful," reads today's announcement. "More than 120 bugs have been resolved in applications including the Kontact Suite, Ark, Cantor, Dolphin, Gwenview, Kate, Konsole, Okular, Spectacle, Umbrello and more!" Read more

Security Leftovers

  • How to Protect Your PC From the Intel Foreshadow Flaws
  • AT&T Sued After SIM Hijacker Steals $24 Million in Customer's Cryptocurrency
    It has only taken a few years, but the press, public and law enforcement appear to finally be waking up to the problem of SIM hijacking. SIM hijacking (aka SIM swapping or a "port out scam") involves a hacker hijacking your phone number, porting it over to their own device (often with a wireless carrier employee's help), then taking control of your personal accounts. As we've been noting, the practice has heated up over the last few years, with countless wireless customers saying their entire identities were stolen after thieves ported their phone number to another carrier, then took over their private data. Sometimes this involves selling valuable Instagram account names for bitcoin; other times it involves clearing out the target's banking or cryptocurrency accounts. Case in point: California authorities recently brought the hammer down on one 20-year-old hacker, who had covertly ported more than 40 wireless user accounts, in the process stealing nearly $5 million in bitcoin. One of the problems at the core of this phenomenon is that hackers have either tricked or paid wireless carrier employees to aid in the hijacking, or in some instances appear to have direct access to (apparently) poorly-secured internal carrier systems. That has resulted in lawsuits against carriers like T-Mobile for not doing enough to police their own employees, the unauthorized access of their systems, or the protocols utilized to protect consumer accounts from this happening in the first place.
  • Voting Machine Vendors, Election Officials Continue To Look Ridiculous, As Kids Hack Voting Machines In Minutes
  • Security updates for Thursday