Katherine Druckman and Doc Searls talk to Travis Carden and Petros Koutoupis about maintaining open source projects, mentoring contributors, Drupal, and automated testing.
Back in December we reported on Google's involvement in a new project from the Open Source Security Foundation to measure the criticality of open source projects as the first step on an undertaking to ensure that projects that are heavily relied on get the resources they need, see Taking Open Source Criticality Seriously. This funding, which is also motivated by findings from the 2020 FOSS Contributor Survey which identified a need for additional work on security in open source software, aims to ensure the long-term sustainability of Linux which is acknowledged as the world's most pervasive open source software as well as being among the top five in terms of its criticality score.
Linus Torvalds just merged a set of patches that includes KFence. Short for the Kernel Electric Fence, KFence is a low-overhead memory safety error detector/validator that is suitable for use in production kernel builds.
While there has long been KASAN as the Kernel Address Sanitizer for a dynamic memory error detector for discovering use-after-free and out-of-bounds bugs within the Linux kernel, KFence aims to provide a lower-overhead solution.
duf is one of the fancy Linux disk monitoring utilities written in Golang. It is released under MIT license and It supports Linux, macOS, BSD, and even Windows too.
More than a year in the works, OnionShare 2.3 is finally here as the next major update to this awesome tool for anonymously sharing files or hosting websites as an onion service, and now also for anonymously chatting with friends or family, thanks to the end-to-end encrypted (E2EE) OnionShare chat room feature.
The anonymous chat feature is so securely implemented that it leaves almost no traces. For starters, nothing is logged when you’re anonymously chatting in an OnionShare chat room, and your messages aren’t stored anywhere. And secondly, you don’t have to create an account to use the OnionShare chat room, so your email address isn’t exposed to hackers or spammers.
One of Linux’s strengths is its orientation toward networking, which is largely due to its Unix heritage. There’s a reason why Linux is an operating system of choice for servers.
The main way to remotely access Linux servers is through SSH, or Secure Shell. While it’s useful and secure, it was designed in an era before Wi-Fi and cellular connections became commonplace.
If you move your computer to a different Wi-Fi network or put it to sleep, you might find yourself disconnected with an apparently frozen terminal screen.
Add these quick and dirty tricks to your sysadmin toolbox for some special Linux magic.
FreeDOS is an open source implementation of DOS. It's not a remix of Linux, and it is compatible with the operating system that introduced many people to personal computing. This makes it an important resource for running legacy applications, playing retro games, updating firmware on motherboards, and experiencing a little bit of living computer history. In this article, I'll look at some of the essential commands used to navigate a FreeDOS system.
[...]
FreeDOS can be very different from what you're used to if you're used to Windows or macOS, and it can be just different enough if you're used to Linux. A little practice goes a long way, though, so try some of these on your own. You can always get a help message with the /? switch. The best way to get comfortable with these commands is to practice using them.
In this tutorial, we will show you how to install KVM on Ubuntu 20.04 LTS. For those of you who didn’t know, KVM (Kernel-based Virtual Machine) is the virtualization solution for Linux. It consists of a loadable kernel module that allows the Linux Kernel to work as a Hypervisor. KVM provides hardware-assisted virtualization for a wide variety of guest operating systems.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the KVM virtualization on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Private browsing is the easiest way of hiding your browsing history on a computer. Almost every browser now comes with an option that allows you to switch to incognito browsing. But if you're fairly new to Linux, finding a decent browser that lets you browse the internet privately becomes hard.
Let's explore more about what private browsing actually means, along with some detailed information on how to browse privately on Linux.
Need to copy a Linux folder in the command line? Here's how to copy one or more folders with the cp command.
Clonezilla is a popular software for you to clone your hard disk. However, if you tried to restore a specific partition’s backup to a new HDD that you’d already set up, Clonezilla might have refused to do it. It might have insisted on auto-selecting different partitions and not allowing you to choose where you want your backup restored.
In this guide, we show how to restore your Clonezilla backup to a different partition of your choice (not its choice).
Nagios is an extremely popular open source monitoring and alerting tool. The name nagios is an offshoot of an older system called ‘net saint’. Although Nagios has it’s limits and is not an all in one solution but provides a considerable feature set nonetheless. The monitoring platform is available in two variants: Nagios core which is the open source and free variant and Nagios XI which is the enterprise version. In this article we will demonstrate step by step how to install the latest version of Nagios core on a Centos 7 system.
In our previous two articles we’ve explained how to install Nagios core on a Centos 7 system and how to install Nagios plugin and the Nagios Remote Plugin Executor. In this article we will explain how to configure Nagios so that we can have the web interface up and running. Note that this needs to be done only once on the Nagios server. You may make amendments as deemed necessary.
All of these protocols are used for transferring files. However, they all provide file transfers in a different manner. Which one to use depends greatly on your requirements functionality, and even operating system used. In this article we will discuss how each of these protocols work, their limitations, strengths, and examples of their use. Let’s take a look at the differences between SFTP, SCP, and FTPS.
In our previews article we walked you through installing nagios core on a Centos 7 system. In this article we will explain how to install Nagios plugins and the Nagios Remote Plugin Executor (NRPE) package.
In our earlier articles on nagios we explained in detail how to install nagios core on the centos 6 system and configure it. In this article we will explain step by step how to monitor a remote machine with nagios core.
When installing Ubuntu, a swap file is created. The swap file is usually about 2 GB, though sometimes it can be larger. This swap file can do the trick for most Ubuntu users these days, as most modern PCs have a lot of performance and RAM.
If you rely on swap a lot on Ubuntu because you’re regularly using up your physical RAM, the 2-4 GB swap file isn’t enough. Thankfully, it is possible to increase the swap’s size from the default to something much larger.
If you’ve used Ubuntu long enough, you’ll notice that the Linux kernel doesn’t often get updated to a new release. Usually, the Ubuntu developers push out point releases until the next new Ubuntu release.
The Wine development release 6.3 is now available.
What's new in this release (see below for details): - Better debugger support in the NT syscall interface. - WineGStreamer library converted to PE. - Still more WinRT support in WIDL. - Optional support for build IDs. - Various bug fixes.
The source is available from the following locations:
https://dl.winehq.org/wine/source/6.x/wine-6.3.tar.xz http://mirrors.ibiblio.org/wine/source/6.x/wine-6.3.tar.xz
Binary packages for various distributions will be available from:
https://www.winehq.org/download
You will find documentation on https://www.winehq.org/documentation
You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.
Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.
Wine 6.3 is out today as the newest bi-weekly development snapshot of this free software solution for running Windows games and applications under Linux and macOS.
Wine 6.3 isn't the most exciting release in recent time but does have some low-level improvements.
The topic of why Godot does not utilize ECS comes up often, so this article will explain the design decisions behind that, as well as shed some light on how Godot works.
[...]
Godot uses plenty of data oriented optimizations for physics, rendering, audio, etc. They are, however, separate systems and completely isolated.
Most (if not all) technologies that utilize ECS do it at the core engine level, by serving as the base architecture and building everything else (physics, rendering, audio, etc) over it.
Godot instead, those subsystems are all separate and isolated (and fit inside of servers). I find this makes code simpler and easier to maintain and optimize (a testament to this is how tiny Godot codebase is compared to other game engines, while providing similar amounts of functionality).
The scene system in Godot (nodes) is generally very high level when compared to a traditional ECS system. Most of what goes on happens via signal callbacks (as in, objects collided, something needs to be repainted, button was pressed, etc). The situations where something needs to be processed every frame in Godot from the user side are very rare, as the engine will manage this internally, taking the complexity away from the user.
In other words, Godot is an engine tries to take the burden of processing away from the user, and instead places the focus on deciding what to do in case of an event. This ensures users have to optimize less in order to write a lot of the game code, and is part of the vision that Godot tries to convey on what should constitute an easy to use game engine.
Cyanide & Happiness - Freakpocalypse, the upcoming comedy point and click adventure game from Explosm, Skeleton Crew Studios and Serenity Forge finally gets a release date. On March 11, 2021 it will release for Windows and with the Linux / macOS releases being readied up for release slightly later in April as the publisher confirmed to us on Twitter and in their latest Kickstarter update.
Ready for the next chapter of Lea's story? CrossCode: A New Home is the brand new expansion for CrossCode the retro-inspired 2D Action RPG set in the distant future.
A pretty surprising game overall that combines a 16-bit SNES-inspired style with lots of modern features. Smooth physics, fast-paced combat, plenty of puzzles to solve and a pretty wild sci-fi story that you can now continue on from the end of the main game in CrossCode: A New Home. To enjoy it, you need to have finished the original game as this does take place right after and you need specifically the "good ending" apparently.
The publisher has confirmed to us that Linux will be supported at release. We're hoping to take a look at this one and we do have a key request in for it. Once it's out and we've had some time with it, we'll let you know if it's any good.
Turns out Terraria for Stadia will still be a thing. After what looked like it would never happen due to Re-Logic co-creator having their Google account locked, Terraria is now going through certification to release for Stadia. It was part of a pattern of bad news for Google's fledgling cloud gaming service, following shortly after Google shut down their first-party Stadia studios and more recently a class action lawsuit so things really weren't looking good in the eyes of many.
Big, new things are always a blast to work on, but sometimes polishing is also an enormously important part of software development which we often find ourselves just kind of pushing ahead of us on the todo list, because there's more fun things to be working on. However, those rough edges and lacklustre surfaces also need attention.
[...]
My hope in writing this short update of semi-randomly selected things is that i might convince you that when you spot things like that, you are more than welcome hop over to KDE's Invent and take a look at the code yourself. Maybe it is one of the big, scary things, and that's where bugs.kde.org comes in - tell us it's wrong, because while it might be super obvious to you, maybe the rest of us just haven't noticed, and that makes your observation great in itself. But if it's not, well... why not grab yourself a clone and put up a merge request or two? Remember, those merge requests exist to specifically make sure that if you've missed something, others will catch it during the review, so you don't have to be scared. Give it a shot, the worst that can happen is you'll learn something about a codebase you've not looked at before :)
So DHL rang the door bell to hand me a nice device. This is a pretty little phone! Will come back with more updates as I have more time to poke around.
The new OpenGL renderer work for GTK 4 as a post-4.0 improvement is shaping up well and should really help push along the open-source toolkit on macOS.
Well known GNOME developer Christian Hergert of Red Hat has been working on effectively a new OpenGL renderer with a particular focus on helping the macOS support but obviously benefits all GL platforms as well.
In this video, I am going to show an overview of Netrunner 21.01 and some of the applications pre-installed.
Mageia 8 is powered by the long-term supported Linux 5.10 LTS kernel series, promising outstanding hardware support, and in combination with an up-to-date graphics stack consisting of Mesa 20.3.4 and X.Org Server 1.20.10, the distribution offers improved support for AMD and NVIDIA GPUs.
For newer AMD Radeon GPUs, Mageia 8 uses the open-source AMDGPU graphics driver, while the Radeon graphics driver is used for older cards. On the other hand, the free Nouveau graphics driver is used for NVIDIA GPUs, and Mageia 8 promises improved support for NVIDIA Optimus laptops.
Everyone at Mageia is very excited to announce the release of Mageia 8. Mageia 8 comes with new exiting features, major updates to your favourite programmes as well as support for recent hardware.
The release is available to download directly, or as a torrent from here. There are classical installer images for both 32-bit and 64-bit architectures, as well as live DVD’s for 64-bit Plasma, GNOME, Xfce, and 32-bit Xfce. Don’t worry if you prefer another desktop, there is a huge selection available to install once you are online, there is also installation support and a guide for new users.
Slonik fans are excited for this week’s openSUSE Tumbleweed snapshots as PostgreSQL has a major release in the rolling release distribution.
Snapshot 20210224 brought in the new postgresql 13 version. The new major version brings in highly requested features like parallelized vacuuming and incremental sorting. PostgreSQL brought some security enhancements with its extension system that allows developers to expand its functionality. There are also improvements to its indexing and lookup system, which benefit large databases. PostgreSQL wasn’t the only major version updated in the snapshot; the utility library ndctl jumped two versions to 70.1, which added firmware activation support. Other major version updates were made to liberation-fonts 2.1.1 and perl-Mail-DKIM 1.20200907. The Advanced Linux Sound Architecture package updated to version 1.2.4, which provided some plugin updates and Link Time Optimization fixes. Among other packages to update in the snapshot were bind 9.16.7, libsolv 0.7.16 and debugging tool xfsprogs 5.9.0.
Dear Tumbleweed users and hackers,
This week, we have released almost daily snapshots. It shows that I have received help in working on the Stagings. Richard has been very busy this week, working together with me on these areas. So, we managed to publish 6 snapshots (0218, 0219, 0220, 0221, 0222, and 0223).
Red Hat OpenShift 4.7 includes the latest version of OpenShift Virtualization. First released in July 2020, OpenShift Virtualization is designed to help organizations break down application barriers between traditional and cloud-native infrastructure and extend control over distributed resources.
I have heard (and even said) versions of this sentiment many times since Kubernetes started gaining influence. So, over the last year, I've spent time contributing to the project, and I've found it worth every minute.
I've discovered that Kubernetes is a project with the right scale for anyone to make an impact in whatever time they have available in their schedule. For me, that was just four hours a week. No more, no less.
After six months at four hours a week, I found myself the leader of a subgroup that's making a significant difference around non-code contributions to the project.
I'll share some of what I've learned about contributing to Kubernetes. I hope it helps you find the focus and time to join in.
Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)! The Beta freeze is underway.
I have weekly office hours on Wednesdays in the morning and afternoon (US/Eastern time) in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. See the upcoming meetings for more information.
Digital innovation has rarely been more important than it became in 2020, when COVID-19 moved much of the world virtual. In our previous two posts, we discussed what shapes digital innovation and how critical it is in underpinning the business. In this post, we'll discuss the building blocks for digital innovation.
As the 2020 StackOverflow survey pointed out, technology companies — and many open source communities — have a diversity problem. While the majority of developers currently come from a white, male background, the momentum is shifting to create more inclusive, diverse communities.
Research shows that diverse open source projects are more productive and make better decisions. This starts with creating teams that have a greater representation of gender, race, socioeconomic standings, ethnic backgrounds, and the like.
Many open source communities are recognizing the need for new initiatives and a cohesive focus to tackle the lack of diversity in their projects. I predict that in 2021, building off the momentum of this past year’s focus on social inequality and steps made by open source-minded companies and foundations, open source communities will continue to increase the diversity of their communities so that it becomes the rule and not the exception.
[...]
As noted, communities need to actively work to remove barriers to increasing diversity. Here are a few examples of such efforts. Some of these are by IBM — which I of course have the most insight into — but this goes far beyond us. I believe we need to see more of these everywhere!
The code is a bit slow so writes its values to a file which is output by a HackRF, but it could just as easily be used by any other capable output device such as GNU Radio and a soundcard if you too want an Aphex Twin moment.
No OS support was listed for the Neu-X302, but the Neu-X300 runs Linux or Win 10. The new Coffee Lake Refresh options range up to the octa-core, 1.8GHz/2.2GHz Core i7-9100TE with 35W TDP. Once again, there is a choice of Intel Q370 or Intel H310 I/O chipsets, creating two SKUs. However, there are fewer feature differences.
Aaeon’s compact “SRG-3352C” IoT gateway is equipped with a TI AM3352, 3x USB, 2x RS-485, 2x GbE, WiFi/BT, mini-PCIe with micro-SIM, and an NB-IoT connector.
It’s always a bit troubling when vendors omit the name of an embedded system’s processor. However, Aaeon’s fanless SRG-3352C Compact Edge IoT Gateway System, which is said to be based on an 800MHz, Cortex-A8 SoC, gives away the mystery in its name: the IoT gateway no doubt features the aging TI Sitara AM3352. No OS support was listed but given the AM3352 — the lowest end model in the AM335x line, with no 3D GPU or PRU-ICSS cores — Linux is almost certainly supported.
Anders Rosvall, CTO at Embedded Artists AB, explains the i.MX RT1176 uCOM board “enables customers to move up to application-level performance without having to move to the Linux world”, and provides an update from the company’s iMX RT1064 uCOM with double the SDRAM, MIPI-DSI interface, and a 2D graphics engine. In case you wonder why a company would not want to move their application to a Linux platform, reasons include code reuse, faster real-time responsiveness, and lower power consumption.
DH unveiled a “DHCOM STM32MP1” module that runs Linux on ST’s Cortex-A7/M4 SoC with up to 1GB RAM, 16GB eMMC, and WiFi/BT. “DH PicoITX2” and “DH PDK” carriers are also available.
Notable with RISC-V in Linux 5.12 is initial support for the SiFive FU740, the SoC design announced at the end of last year. The most notable major user coming to market at the moment with the FU740 is the HiFive Unmatched development board. The SoC with its quad-core U74-MC and single S7 embedded core is joined by four USB 3.2 Gen 1 ports, PCI Express x16 (at x8 speeds), NVMe M.2, Gigabit Ethernet, and 16GB of RAM to make for the most interesting RISC-V development board to date. The HiFive Unmatched is slated to still begin shipping later this quarter for about $665 USD.
The phenakistoscope was invented in the 1800s as a way to view a series of moving pictures on a spinning disc. While the traditional implementation is ingenious in its own right, Nick Lim has created his own take on this venerable concept, using strobing light to break up frames instead of the slits-and-mirror arrangement of the original.
His system utilizes a repurposed CD-ROM BLDC motor to rotate the discs — which feature phenakistoscope patterns that were printed out and pasted on top — and an overhead array of strobing LEDs to make the images come to life.
Since the Raspberry Pi Compute Module 4 launch last fall, we’ve seen several interesting carrier boards for the system-on-module including Wiretrustee to build a NAS with up to four SATA drives, the compact, Arduino-sized Piunora board that also include an M.2 socket, or Over:Board mini-ITX carrier board.
Oratek brings another one specially designed for industrial use cases with TOFU Raspberry Pi Compute Module 4 carrier board offering wide DC input, Gigabit Ethernet with PoE, M.2 NVMe SSD or 4G LTE modem support, among many other features.
The de-googled Android fork /e/OS is a passionate step towards removing Google from your daily driver (i.e. your smartphone).
Considering they’re also working on a privacy-friendly Siri alternative, /e/OS is particularly an exciting pitch for the future smartphones without relying on Google.
While /e/ smartphones have been around for a while, it still is not tailored for everyone depending on various requirements for daily activities that you do on a smartphone. I’d suggest doing your research before making a purchase.
However, there’s good news that /e/ smartphones will now also be shipping to the USA and Canada.
The TeX Users Group (TUG) is new to the OSI Affiliate program, but not new to the world. It's a membership-based not-for-profit that was founded in 1980 to encourage and expand the use of TeX, LaTeX, Metafont and related systems. TUG fosters innovation while maintaining the usability of these systems. TUG also supports users by hosting an annual event, maintaining a list of active local TeX user groups and publishing a regular journal called TUGboat three times a year.
The OSI loves to let folks know about open source tools that they could be using like the TeX, LaTeX and Metafont systems for preparing documents. TUG is for anyone who uses the TeX typesetting system created by Donald Knuth and/or is interested in typography and font design. If you want to install TeX on your computer, please consult the resources mentioned on the TUG home page.
Genode 21.02 stays close to the plan laid out on our road map, featuring a healthy dose of optimizations, extends the framework's ARM SoC options, and introduces three longed-for new features.
First, we extended our concept of pluggable device drivers to all network drivers, including Ethernet and Wifi. As reported in Section Pluggable network device drivers, such drivers can now gracefully be started, restarted, removed, and updated at runtime without disrupting network-application stacks.
Second, the release features the infrastructure needed for mobile-data communication over LTE, which is a prerequisite for our ambition to use Genode on the Pinephone. Section LTE modem stack gives insights into the involved components and the architecture.
Third, we are happy to feature the initial version of VirtualBox 6 for Genode. Section VirtualBox 6.1.14 gives an overview of the already supported feature set and the outlook to reach feature-parity to our version of VirtualBox 5 soon. Speaking of VirtualBox in general (both versions), we were able to significantly improve the USB-device pass-through abilities, specifically covering audio headsets.
Further noteworthy improvements of the current release range from added VirtIO-block device support for virtual machines on ARM (Section VirtIO block devices for virtual machines on ARM), revived developments on RISC-V (Section RISC-V), over VFS support for named pipes (Section VFS support for named pipes), to streamlined tooling (Section Build system and tools).
Genode OS 21.02 is out as the latest feature release to this open-source operating system framework.
Farewell, February --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities...
Finally got around to posting my FOSDEM slides, first an update for the Collaboration dev-room on integrating
Matthew, the open source lead for the Matrix project, held a 48 minutes long lecture on Matrix, a open protocol communications system with encrypted chat, chatrooms and more, at FOSDEM 2021. The video is worth watching if you are curious to learn how Matrix works, what their future plans are for shared spaces and other features, and the practical use-cases it can solve for you and your organization.
It didn’t take long for Internet Explorer (IE) to win over most internet users, but that did attract the attention of the US government, which brought antitrust charges against Microsoft for its practice of preventing computer manufacturers from uninstalling IE and installing other browsers. The case was finally settled in 2001, but IE had three more years of being the preeminent browser ahead of it, peaking at 95% of the market in 2003.
After more than 3 years since the original RFC for const generics was accepted, the first version of const generics is now available in the Rust beta channel! It will be available in the 1.51 release, which is expected to be released on March 25th, 2021. Const generics is one of the most highly anticipated features coming to Rust, and we're excited for people to start taking advantage of the increased power of the language following this addition.
Even if you don't know what const generics are (in which case, read on!), you've likely been benefitting from them: const generics are already employed in the Rust standard library to improve the ergonomics of arrays and diagnostics; more on that below.
With const generics hitting beta, let's take a quick look over what's actually being stabilized, what this means practically, and what's next.
If you’ve been on the internet this week, chances are you might have seen a meme or two about the Firefox logo.
And listen, that’s great news for us. Sure, it’s stressful to have hundreds of thousands of people shouting things like “justice for the fox” in all-caps in your mentions for three days straight, but ultimately that means people are thinking about the brand in a way they might not have for years.
People were up in arms because they thought we had scrubbed fox imagery from our browser. Rest easy knowing nothing could be further from the truth.
The logo causing all the stir is one we created a while ago with input from our users. Back in 2019, we updated the Firefox browser logo and added the parent brand logo as a new logo for our broader product portfolio that extends beyond the browser.
The internet was set on fire (pun intended) this week, by what I’m calling ‘fox gate’, and chances are you might have seen a meme or two about the Firefox logo. Many people were pulling up for a battle royale because they thought we had scrubbed fox imagery from our browser.
django-querysetsequence 0.14 has been released with support for Django 3.2 (and Python 3.9). django-querysetsequence is a Django package for treating multiple QuerySet instances as a single QuerySet, this can be useful for treating similar models as a single model. The QuerySetSequence class supports much of the API available to QuerySet instances.
Data Org architects, builds, and maintains a data ingestion system and the ecosystem of pieces around it. It covers a swath of engineering and data science disciplines and problem domains. Many of us are generalists and have expertise and interests in multiple areas. Many projects cut across disciplines, problem domains, and organizational structures. Some projects, disciplines, and problem domains benefit from participation of other stakeholders who aren't in Data Org.
Earlier this month, the Hubs team spent a week working on an internal hackathon. We figured that the start of a new year is a great time to get our roadmap in order, do some investigations about possible new features to explore this year, and bring in some fresh perspectives on what we could accomplish. Plus, we figured that it wouldn’t hurt to have a little fun doing it! Our first hack week was a huge success, and today we’re sharing what we worked on this month so you can get a “behind the scenes” peek at what it’s like to work on Hubs.
EDB, a prominant backer of the PostgreSQL open-source database, expects to focus on graph, JSON, and time-series data in the upcoming autumn release. Analysts, however, are sceptical about its ability to optimise for different data models ahead of built for purpose databases.
Last week, EDB announced a 59 per cent increase in annual recurring revenue, although being privately held it can pick and choose which financial metrics to release. Its team has grown by nearly half, to 300, however that is dwarfed by comparable open-source-supporting firms like Red Hat, with 13,000 employees.
My goal when I refactored the site (once again) using WordPress was to focus more on writing than fiddling. I mean, yes, this was a tiny bit fiddly, but I could have spent quite a bit of time trying to code this up myself. Especially since coding isn’t my thing.
Instead, a few “off-the-shelf” open source bits and I’m in business.
The GNU Project is "pleased" to announce Inetutils 2.0. This is the first release of the GNU implementations of many commonly used Internet utilities such as ping, ftp, hostname, ifconfig and telnet in six years.
[...]
The GNU inetutils contain implementations of a lot of the common network-related utilities found on modern GNU/Linux distributions. Some of the same programs it provides are implemented by the completely different net-tools package and some are implemented by the also very different iputils package. The ping, hostname and ifconfig implementations your favorite GNU/Linux distribution may or may not be provided by GNU inetutils.
The previous version of GNU inetutils was released on June 10th, 2015. The first version mentioned in the changelog of inetutils-1.3a (the oldest version available for download at the GNU Project), which doesn't have a number, was released on December 30, 1995. A common/version.c was added the following year.
Add llvmfuzz and oss-fuzz integration, fixed many minor fuzzing errors. libfuzzer is much better than afl++ and honggfuzz.
Writing assembly code is straightforward when you are familiar with the targeted architecture’s instruction set, but what if you need to write the code for more than one architecture? For example, you might want to test whether a particular assembler feature is available, or generate an object file for use with another tool. Writing assembly source code that can work on multiple architectures is not so simple.
This article describes common types of problems encountered when working with assembly code, and the techniques to overcome them. You will learn how to address problems with comments, data, symbols, instructions, and sections in assembly code. To get you started, the Portable assembler demo source file provides many examples of GNU Assembler (GAS) assembly code. I’ll use a few of the examples in this article.
[...]
This article addressed common problems writing portable assembly code and provided solutions and examples. In summary, writing portable assembler is hard to do and best kept simple, and persistence is the key.
SpiderMonkey is the JavaScript engine used in Mozilla Firefox. This newsletter gives an overview of the JavaScript and WebAssembly work we’ve done as part of the Firefox 86 and 87 Nightly release cycles.
The biggest value in design patterns is that it gives us a common language for talking about software and how it’s organized. That’s why Alexander named one of his books A Pattern Language. We’ve all spent hours making diagrams on black- or white-boards to show how some software we’re writing is organized. Design patterns give a common vocabulary so that we can discuss software with some certainty that we all mean the same thing. I eventually realized that UML had the same aim: UML diagrams are like architectural blueprints, in which one kind of line represents a brick wall, another wood, another plasterboard. Unfortunately, UML was never quite standard enough, and like design patterns, was perceived as a good in itself. In the end, a common vocabulary (whether a pattern catalog or UML) is a tool, and any tool can be abused.
Using this new instancing feature on my development machine, QtQuick3D can render one million cubes at 60 frames per second (FPS), using only 2% CPU time. The same scene recreated with the API in Qt 6.0, using Repeater3D to generate cubes, starts to struggle at ten thousand cubes: only managing 42 FPS and using 100% of the CPU.
This week I came across another tricky part of Tailwind, pseudo-elements. But what if you want to use them?
What are pseudo-elements anyway? Pseudo-elements are HTML elements that do not exist in the HTML markup at all. Such elements won’t be visible to the browser assistive technology, they can only be styled visually with CSS.
It’s quite common to define the :before and :after pseudo-elements that style a non-existing element in position relative to the element at hand. People use it for typography or drawing to keep markup clean and tidy. A lot of times, they are used in code pens to showcase some advanced CSS.
Mike West has posted a detailed exploration of what is really required to protect sensitive information in web applications from speculative-execution exploits. "Spectre-like side-channel attacks inexorably lead to a model in which active web content (JavaScript, WASM, probably CSS if we tried hard enough, and so on) can read any and all data which has entered the address space of the process which hosts it. While this has deep implications for user agent implementations' internal hardening strategies (stack canaries, ASLR, etc), here we’ll remain focused on the core implication at the web platform level, which is both simple and profound: any data which flows into a process hosting a given origin is legible to that origin. We must design accordingly."
Like most security bugs, Shellshock took the internet by a storm in 2014 and compromised millions of accounts. This deadly bug originates from the Bash (Bourne Again Shell) which is the default command-line interface on all Linux, Unix, and Mac-based operating systems.
The Shellshock vulnerability was first detected some 30 years ago but was not classified as an official and public threat until September of 2014. Even with the passage of time and numerous patches, this bug still remains a threat to enterprise security.
Though they come in all shapes and flavors, open source licenses can generally be characterized into two groups: (1) permissive open source licenses, and (2) copyleft open source licenses. A permissive open source license (e.g., the MIT license) makes software code available for free to a user, but does not place significant restrictions on how the code must be used. Importantly, this means the user of code under a permissive open source license can combine the code with its own proprietary code and be under no obligation to disclose or license the combined code. Conversely, copyleft licenses (e.g., the General Public License (GPL)) also make software code available for free, but require that any modified code be licensed under the same terms. Therefore, if the copyleft licensed code is combined with proprietary code, the user may be required to make its proprietary code publicly available for free as well. Obviously, this is not a good outcome for a company desiring to keep its AI software secret. To avoid this negative outcome, companies should incorporate good hygiene around their use of open source software and implement policies and procedures to ensure that no source code is used that could jeopardize the secrecy of the company’s proprietary code.
most users probably don’t care X-D
twitter was updated and now, even viewing hashtags is impossible without JavaScript turned on (there used to be a functional version without javascript).
JavaScript has developed from “it’s so great, the first true cross-platform language aka runs everywhere where there is a browser” to a massively mass privacy problem (intrusive spying bitch of pain in the ass catastrophe).
from now on, content will only go to https://nerdpol.ch/
(but even there js is mandatory to view it X-D!? #wtf? there really should be a NoScript.net (nice js blocking addon for Firefox) compatible version of this)
only possibility: turn https://gnusocial.network (last time checked, it was kind of php-slow X-D) into a better twitter
There are some important exceptions. The new and controversial Copyright in the Digital Single Market directive which has not yet been implemented into UK law will not be adopted. The UK has also announced that it will not participate in the EU unitary patent scheme. The implementation of the EU unitary patent and the corresponding agreement on the Unified Patent Court have been delayed since 2016 following the Brexit referendum decision. Most EU member states are yet to ratify the agreement which is a pre-condition for the EU unitary patent to come into effect. Following Brexit, it is unclear whether these initiatives will ever be implemented by the EU.
Six senior counsel at large pharma companies say the Federal Circuit’s antibody enablement ruling has compelled them to re-think their patenting needs
Travellers.com, on the other hand, is a site that provides links to other similar traveler insurance sites, and gets revenue on a pay-per-click basis for every time someone uses a link to another traveling insurance provider. Id. at *4. Travelers claimed that Travellers.com activities were cybersquatting, their website was unlawful, and their website infringed on Travelers’s mark. Id.
For Travelers to prove entitlement to summary judgment on Cybersquatting, they needed to prove that the owner of Travellers.com planned to profit in bad faith from the website, and that Travellers.com was used in an inappropriate manner. Id. at *7. One factor in analyzing whether the owner of Travellers.com had any bad faith intent to profit from the website was to determine whether Travellers.com had any intellectual property rights in the name. Id. The owner of Travellers.com asserted that, under Pierson v. Post, he had a first-in-time possessory claim to the Travellers.com domain. Id.