Summary: Google and Mozilla offer bounties for spotting bugs; Microsoft says no to the idea (proof that proprietary software is embarrassed about showing weaknesses)
Microsoft has no plans to follow in the footsteps of Mozilla and Google and pay researchers cash rewards for the bugs that they find in Microsoft’s products.
Right at the moment a Safari user visits a website, even if they’ve never been there before or entered any personal information, a malicious website can uncover their first name, last name, work place, city, state, and email address. Safari v4 & v5, with a combined market browser share of 4% (~83 million users), has a feature (Preferences > AutoFill > AutoFill web forms) enabled by default. Essentially we are hacking auto-complete functionality.
As a recap, HP dumped Vista 7 from the Slate and made it official that it was moving to Linux. Only weeks later a 20-year Microsoft senior executive (who spoke to Ballmer just before his departure) became the vice president in charge of software and solutions business at HP. Now we hear about Vista 7 coming back. Coincidence? Maybe.
One company which we previously showed to be filling itself up with former Microsoft executives is Lenovo. We gave several examples. According to some news, “Lenovo to launch Android tablet by year’s end,” but commenters in Linux Today are still sceptical given the company’s track record when it comes Linux, especially after Microsoft executives got the top spots there.
From CNET:
Dubbed “LePad,” the tablet will run Google’s Android operating system, according to comments made by Liu Jun, senior vice president for Lenovo Group, as reported by TradingMarkets.com and other sources. Details are few so far, and there’s no word from Lenovo or other sources on whether the tablet will venture abroad after its initial debut in China.
As Lenovo lost its spine after accepting management from Microsoft, one commenter says:
lenovo will release a tablet with android just as a stop gap.. as soon as MS dictates to them that they have to stop and support anything in the form of a tablet MS puts out they will drop the android OS like a hot potatoe..
Those who ignore the role of former Microsoft executives inside companies like HP and Lenovo are conveniently blinding themselves to the way industry works. █
New York – The Electronic Frontier Foundation (EFF) this week served a motion to quash dragnet subpoenas that put privacy and anonymity at risk for the operators of dozens of Internet blogs and potentially hundreds of commenters.
In a landmark announcement issued today, the data protection officials across the European Union found that the way that EU Member States have implemented the data retention obligations in the 2006 EU Data Retention Directive is unlawful. The highly controversial 2006 EU Data Retention Directive compels all ISPs and telecommunications service providers operating in Europe to retain telecom and internet traffic data about all of their customers’ communications for a period of at least 6 months and up to 2 years.
This week, the U.S. Senate unanimously passed a bill shielding journalists and publishers from “libel tourism.” The vote on Monday slipped past the Washington press corps largely unnoticed. Maybe it was the title that strove chunkily for a memorable acronym: the Securing the Protection of our Enduring and Established Constitutional Heritage (SPEECH) Act. Journalists and press freedom defenders outside the United States did, however, pay attention to the legislation, which they hope will spur libel law reform in their countries.
The federal government has censored approximately 90 per cent of a secret document outlining its controversial plans to snoop on Australians’ web surfing, obtained under freedom of information (FoI) laws, out of fear the document could cause “premature unnecessary debate”.
Today the Eleventh Circuit issued an unfortunate amended decision in Rehberg v. Hodges. The case arose from an egregious situation in which, among other misconduct, a prosecutor used a sham grand jury subpoena to obtain the private emails of whistleblower Charles Rehberg after he brought attention to systematic mismanagement of funds at a Georgia public hospital.
Ofcom’s proposal denies us the ability to check whether the methods of collecting of the evidence are trustworthy. Instead, copyright holders and Internet Service Providers will just self-certify that everything’s ok. If they get it wrong, there’s no penalty.
The Digital Entertainment Content Ecosystem (DECE) has branded their system of “Universal DRM”, which was first announced at CES 2010, calling the technology UltraViolet. The system is designed to allow consumers the ability to view purchased movies wherever, whenever, over multiple platforms and formats.
Brazil has proposed a broad update to its copyright law (Portuguese) and it contains a surprising idea: penalize anyone who “hinders or impedes” fair use rights or obstructs the use of work that has already fallen into the public domain.
The American Society of Composers, Authors and Publishers (ASCAP) has launched a campaign to raise money from its members to hire lobbyists to protect them against the dangers of “Copyleft.” Groups such as Creative Commons, Public Knowledge, and the Electronic Frontier Foundation are “mobilizing,” ASCAP describes in a letter to its members, “to promote ‘Copyleft’ in order to undermine our ‘Copyright.’” “[O]ur opponents are influencing Congress against the interests of music creators,” ASCAP warns. Indeed, as the letter ominously predicts, this is ASCAP’s “biggest challenge ever.” (Historians of BMI might be a bit surprised about that claim in particular.)
In order to save the data from distant spacecraft, satellites and other scientific endeavors, NASA is leveraging open source tech (including Ubuntu Linux) and regular enterprise networking components to meet their mission.
I had the privilege of speaking with NASA’s CTO for IT Chris Kemp this week around the OpenStack project in which NASA is participating. Kemp told me that NASA’s Nebula cloud IT environment was built for science and research and has been optimized for low cost and massive scalability.
The Linux and open source community provides countless user and server applications. They also provide solutions to help support these and other applications, even to support non-technical departments. You’ll find many help desk or customer service trouble ticketing systems in the FOSS (free and open source software) world. Right now we’ll review 5 different solutions.
It’s starting off to be a good week for open source configuration management vendor Puppet Labs. The startup announced today that it has raised an additional $5 million in venture funding, bringing total funding to $7 million to date. Those new funds come on the same day that a major new release of the open source Puppet framework is being made generally available.
Why am I reinventing Disqus? That is the question I’ve been getting asked since I “announced” on Identi.ca that I’d be replacing Disqus with a free (AGPL) comment system that I was to write. Well, I am not the inventor of Disqus, so technically I can’t reinvent something I didn’t forehand invent. And because I’m not about to run a service for millions of people, my comment system won’t have accounts (though it will have the possibility of setting a password so that only certain persons can post with their certain names.)
As the commenters on Slashdot note, one of the most robust open source speech recognition solutions comes from Carnegie Mellon University. It’s called Sphinx, and we covered it here. You can use Sphinx for straight speech recognition, or integrate it with applications. To find out more about Sphinx, check out this post from Artificial Intelligence and Robotics.
Nearly a year ago the FSF held a mini-summit for women in free software to investigate practical ways to increase the number of women involved in the free software community.
Those that attended the summit formed the Women’s Caucus, and have been working to develop practical policy to recommend to the FSF and the wider free software community. Today, we are publishing the Caucus’s initial findings and recommendations.
The 3rd meeting our Fellowship group was on the 4th of March and was mainly about organizing the DFD. You can read the full minutes (in Slovenian) on the wiki.
This paper demonstrates why increased transparency in the field of medical device software is in the public’s interest. It unifies various research into the privacy and security risks of medical device software and the benefits of published systems over closed, proprietary alternatives. Our intention is to demonstrate that auditable medical device software would mitigate the privacy and security risks in IMDs by reducing the occurrence of source code bugs and the potential for malicious device hacking in the long-term. Although there is no way to eliminate software vulnerabilities entirely, this paper demonstrates that free and open source medical device software would improve the safety of patients with IMDs, increase the accountability of device manufacturers, and address some of the legal and regulatory constraints of the current regime.
Open source is everywhere today and there is growing awareness that companies have to meet certain obligations when distributing open source software. Here are some useful resources to learn more about open source compliance.
The following recent story in the Times Higher Educational Supplement (the “mainstream” magazine for HE in the UK) shows why we desperately need a clear basis for discussing data. I’ll comment inline, but initially just to make it clear that the fuss and hyperbole is because there is no communal framework for understanding and addressing the problem. Also to remind readers of this blog that the UK has a Freedom Of Information Act (FoI) which allows any citizen to make a request to a public body (government, local government, universities, public research establishments) for information, It is the law, and a reply must be delivered within 20 working days and there are only a few grounds for refusal.
Today’s commercial-grade programming languages — C++ and Java, in particular — are way too complex and not adequately suited for today’s computing environments, Google distinguished engineer Rob Pike argued in a talk Thursday at the O’Reilly Open Source Conference.
Today the Web Services Interoperability Organization (WS-I; http://www.ws-i.org) announced its decision to transition its assets, operations, and mission into a Member Section of OASIS (Organization for the Advancement of Structured Information Standards; http://www.oasis-open.org/). The transition is expected to take place over the next few months.
The Playstation 3 slim is not just a gaming console, but also a powerful PC besides the styled layout that the playstation 3 has. Everybody generally use the console for it?s main objective, to perform video games, with out realizing how significantly more the console can offer them . With Linux on Playstation 3 you can do almost everything a computer can do and then some with your Ps3. Not to mention installing Linux system on a Playstation 3 is very effortless. Here are some of the benefits linked with setting up Linux system on a Playstation 3 slim.
This is an old favorite of mine. Here is the problem, switching desktops on a Linux machine with or without compiz is not intuitive. Why? because it is related to some window keys Ctrl+Alt+Right or Left Arrow, it is a secondary menu, or it depends on the mouse being at the corner of the window.
Defragmenting the hard drive. It’s hard to believe that even Windows 7, the latest operating system from Microsoft, is still prone to this problem. The NTFS filesystem (used by Windows NT and up) has other quirks, but it seems to slowly get fragmented and requires defragmenting from time to time. This process can take a long time depending on your hardware, and no doubtedly has to happen when you are not using your computer. It’s more like a band-aid to the problem, whereas Linux solves the problem up front by not even allowing fragmenting to happen at all. This has been the case since the ext3 filesystem was first used for Linux, and is still the case today with the ext4 filesystem. To quote the Linux System Administrator Guide: “Modern Linux filesystem(s) keep fragmentation at a minimum by keeping all blocks in a file close together, even if they can’t be stored in consecutive sectors. Some filesystems, like ext3, effectively allocate the free block that is nearest to other blocks in a file. Therefore it is not necessary to worry about fragmentation in a Linux system.”. Again, this is brilliant.
So let’s look at two of the most common operating systems used today used in datacenters and on server systems. On one hand, Windows and the other Linux.
Windows by nature has more downtime per system, because Microsoft releases patches that require frequent rebooting. Windows patches are scheduled to be released on the second Tuesday of each month, so at a minimum once per month Windows systems will need to reboot. Sometimes, patches are released even more frequently, depending on the severity. Windows just can’t activate a majority of software updates without rebooting the entire system.
- Over two thirds (29 out of 42) of the most reliable hosting companies use Linux (would they use GNU along with it?)
- 14.2% use BSD (FreeBSD to be more precise)
- A little less than 10% use Windows
- 3 out of 42 are a big question mark
The z196 can be configured to include up to 80 specialty engines to further reduce costs and increase performance including the System z Application Assist Processor (zAAP) for integrating Java workloads with core business applications, the System z Integrated Information Processor (zIIP) designed to help free-up computing capacity and lower IT costs, and the Integrated Facility for Linux (IFL) to optimize Linux workloads running on the mainframe, IBM said in its press release.
Why do I care about this so much? Because I have music playing whenever I’m using this computer, and when you add up work plus free time, I’m at this computer 8-10 hours per day. Music keeps me sane during multi-hour debug sessions. Music is an integral part of my life, and a music app is an integral part of playing music.
It’s very important to me that the programs and tools I use all day are comfortable. Otherwise I become cranky. If you were a carpenter, would you want to use a hammer with a wobbly handle all day? I’m a programmer, and I want to use comfortable computer programs.
A library management system (also known as an integrated library system) is an automated resource planning system which enables a library to operate efficiently, freeing staff from unnecessary tasks. This type of software typically offers functionality such as cataloging, searching, reporting, acquisitions, library circulation and management embodied into a central system.
A student information system (also known as a student management system or school management system) is computer software for educational institutions to manage student data.
We continue our Linuxables series on the Linux text editor. As you might have noticed, this is one of those topics that breed much contempt. If you talk about vi, you must give equal time to emacs. If you talk about Kate, you best talk about Gedit. And that is precisely where we are – Gedit (although we have yet to talk about Kate, that comes next week).
[...]
By default Gedit will be installed on a GNOME desktop.
GSmartControl is a really useful Linux app to check the health of your hard disk drive. GSmartControl is basically a graphical user interface for smartctl, which is a tool for querying and controlling SMART (Self-Monitoring, Analysis, and Reporting Technology) data on modern hard disk drives. Only ATA drives including both PATA and SATA are supported for now.
Ear Candy Automatically Fades and Raises Volume Levels in LinuxLinux only: Free utility Ear Candy makes your sound system smarter. If you’re listening to music and a Skype call comes in, or you load a YouTube video, Ear Candy gently lowers your music volume to let the other sounds through.
More than two years after version 1.0 arrived and about one month behind schedule, the Wine Project development team have released version 1.2 of their Windows API implementation. Wine (Wine Is Not an Emulator) is free open source software that allows users to run Windows applications on Linux and Unix by providing its own native replacements for Windows DLLs. According to Wine Project leader Alexandre Julliard, Wine 1.2 represents more than 23,000 changes, including over 3,000 bug fixes, and includes a number of improvements and new features.
Retouching your photos in digiKam is radically different from how it works in Aperture. In digiKam, you first have to open the image Editor. In the image Editor, you can select from the top menu the different manipulations that you apply to your photo. You pick one manipulation that you want to do and on the right side of the window, the controls for this particular manipulation appear. Here you can adjust the settings. For some tools, the changes are displayed straight away, for the more computing extensive tools you have to press the “try” button to see the effect. DigiKam has made it easy to check what the effect of the adjustment is going to be: there are four split screens available and there is a mouse over option available that shows the original or the adjusted photo depending on where your mouse is. You can select the behaviour of the Image Editor on the bottom right corner. In that same corner, you also find the apply button, which probably does not need any explanation!
Well, here comes a good one I think. As I was talking to some people on the KDE IRC channel yesterday, there was a comment made about a possible way to orient new KDE users on how to use the desktop. However, I believe that users should be left clues to discover their desktop on their own. There should not be an intro popup or anything like that. Ponder about this for a moment.
Today, the KOffice team presents a contest to create great KPresenter slide templates, offering t-shirts for the winners and of course inclusion in the next KPresenter releases for all good submissions. Read on for information on the contest!
This September, a new desktop will be unveiled to the world in the form of GNOME 3. This desktop will change the way people view, work with, and think of the desktop. It’s different, it’s intuitive, and it follows the current evolution of what the desktop should be. But best of all, it’s all about Linux.
I have owned a Victorinox USB flash drive for several years now – long enough that it is only a 512MB unit, and it was considered “typical” at the time that I got it. I recently decided it was time to get a new one with a capacity more typical by today’s standards. My basic selection criteria was very simple – besides the capacity, it must not have any knife or scissors which would cause me problems when taking it in my backpack on commercial flights.
Parted Magic is a Slackware-based Linux distro which is made for the sole purpose of partitioning hard disks. Parted Magic comes with tools like GParted, TestDisk, fdisk etc. The latest release, Parted Magic 0.5 was released yesterday and it includes Linux kernel 2.6.34.1, GParted 0.6.1 etc.
After several years of development, German T2 creator Rene Rebe has announced the release of version 8.0 of his cross compiling Linux distribution System Development Environment (SDE), T2 SDE. According to Rebe, the latest release includes more than 10,000 Subversion revisions, hundreds of new packages, performance improvements and several new features.
The Sabayon Linux team has now released two new flavours of the Gentoo-based Linux distro packed with alternative desktop environments for those who prefer them or have slower computers. The Sabayon 5.3 XFCE and Sabayon 5.3 LXDE ‘spins’ are more experimental in nature than the regular release though they are considered stable enough for regular use. This is just the first step, more spins are planned, and these two will continue to evolve until they reach a more mature state.
Some love Gnome, others love KDE, for me it’s XFCE all the way. When I jumped on the Ubuntu bandwagon several years ago it was only natural that I’d use Xubuntu.
If you’re looking for a great KDE distribution built on Ubuntu packages, Linux Mint KDE is the one to get. Forget Kubuntu, Mint does everything it does and more. In fact, it’s everything Kubuntu used to be. By itself, Mint’s KDE edition shines with custom tools, a customized appearance, and attention to detail at just about every turn. Distributions like this one make it harder for me to choose a single distro to stick with, as there are many great ones out there to try out.
I caught an excellent presentation by Aaron Williamson from the Software Freedom Law center here at OSCON yesterday examining why smartphones built on open source software aren’t as open as they possibly could be. What Williams talked about was often eye opening, though there were a few points I found myself disagreeing with him on.
He started the presentation by talking about Motorola’s Droid X and the controversy that was stirred up when hacking enthusiasts discovered that Motorola had implemented an encrypted boot loader that forced the device to boot into a “recovery” mode in the event a custom ROM was detected on the device. While this was shocking (and even infuriating) to some, The only thing setting Motorola apart from the other Android OEMS in this case is that they’re actually enforcing the restrictions mandated by the OS maker.
Mobile photography could get a shot in the arm thanks to the combined efforts of Stanford University researchers and Nokia Research, who have pushed a new open-source digital photography platform out the door. FCam – or “Frankencamera” – is initially available for the Nokia N900, and unlocks high-end functionality like RAW image capture, full manual controls and low-light imagery through combining multiple shots of varying ISO and exposure settings.
In two reports filed from this week’s OSCON conference, The Register says that Google will open Android’s internal development kit to contributors, and that Linux maintainers are holding tough in negotiating with the search giant regarding Android’s readmission to the kernel. Meanwhile, Linux 2.6.35 RC6 was released, featuring enhancements to network scalability, memory management, and sleep-wait detection.
Interest levels in syncing music collections have notched up a bit of late with the introduction of a plethora of new Android-based super phones. That is, unless you happen to be one of those owners with a large quantity of digital music encumbered by digital rights management (DRM) better known as copy protection. In that case, you might want to do some research into converting said digital files into a more portable format. Meanwhile, for the rest, with media ready to load up on a new cool phone, we’ll take a look at Linux options.
Even Florian Müller echoed his remarks. “Sadly,” I explained to the messenger, “what Peer To Patent seems to be doing is in some ways making software patents stronger.” OIN is not an optimal solution, either; far from it, but that debate is different. If companies like Oracle, IBM and Google could align with the pushers to end software patents, this goal would be achievable. █
Content is available under CC-BY-SA