Forgot your password?
typodupeerror

Catch up on stories from the past week (and beyond) at the Slashdot story archive

Open Source

How To Find the Right Open Source Project To Get Involved With 53

Posted by samzenpus
from the get-going dept.
An anonymous reader writes Writing on Opensource.com, Matt Micene shares his thoughts on getting started with an open source project. "I came back from OSCON this year with a new fire to contribute to an open source project. I've been involved in open source for years, but lately I've been more of an enthusiast-evangelist than a hands-on-contributor to an open source community. So, I started some thinking about what to do next. When I was involved in projects before, it was due to a clear progression from user to forum guru to contributor. It's a great path to take but what do you do if you just want to jump into something?" Matt goes on to lay out several steps to help new contributors get started.
Security

Bash To Require Further Patching, As More Shellshock Holes Found 316

Posted by samzenpus
from the protect-ya-neck dept.
Bismillah writes Google security researcher Michael 'lcamtuf' Zalewski says he's discovered a new remote code execution vulnerability in the Bash parser (CVE-2014-6278) that is essentially equivalent to the original Shellshock bug, and trival to exploit. "The first one likely permits remote code execution, but the attack would require a degree of expertise to carry out," Zalewski said. "The second one is essentially equivalent to the original flaw, trivially allowing remote code execution even on systems that deployed the fix for the initial bug," he added.
Graphics

NVIDIA Begins Requiring Signed GPU Firmware Images 188

Posted by Soulskill
from the always-looking-out-for-the-little-guy dept.
An anonymous reader writes: In a blow to those working on open-source drivers, soft-mods for enhancing graphics cards, and the Chinese knock-offs of graphics cards, NVIDIA has begun signing and validating GPU firmware images. With the latest-generation Maxwell GPUs, not all engine functionality is being exposed unless the hardware detects the firmware image was signed by NVIDIA. This is a setback to the open-source Nouveau Linux graphics driver but they're working towards a solution where NVIDIA can provide signed, closed-source firmware images to the driver project for redistribution. Initially the lack of a signed firmware image will prevent some thermal-related bits from being programmed but with future hardware the list of requirements is expected to rise.
Databases

PostgreSQL Outperforms MongoDB In New Round of Tests 146

Posted by Soulskill
from the there-can-be-only-lots dept.
New submitter RaDag writes: PostgreSQL outperformed MongoDB, the leading document database and NoSQL-only solution provider, on larger workloads than initial performance benchmarks. Performance benchmarks conducted by EnterpriseDB, which released the framework for public scrutiny on GitHub, showed PostgreSQL outperformed MongoDB in selecting, loading and inserting complex document data in key workloads involving 50 million records. This gives developers the freedom to combine structured and unstructured data in a single database with ACID compliance and relational capabilities.
Open Source

Catch Oil Polluters With Open Source Tools Using the Homebrew Oil Testing Kit 49

Posted by timothy
from the or-you-could-just-taste-it dept.
First time accepted submitter jywarren writes Ever wish you could investigate pollution yourself? Public Lab's recently announced open source kit aims to make it possible for anyone to become a "pollution detective" by comparing samples of oil contamination. Under the hood, the kit is pretty interesting. It uses the ultraviolet fluorescence caused by a Blu-Ray laser pen in oil samples, and includes a "papercraft" spectrometer to scan and classify oil types. The group's Kickstarter campaign is also seeking 50 early-access beta testers to help test and refine the kit before release.
Red Hat Software

Fedora 21 Alpha Released 37

Posted by timothy
from the every-release-represents-years-of-work dept.
An anonymous reader writes Fedora 21 Alpha has been released. After encountering multiple delays, the first development version is out for the Fedora.NEXT and Fedora 21 products. Fedora 21 features improved Wayland support, GNOME 3.14, many updated packages, greater server and cloud support, and countless other improvements with Fedora 20 already being nearly one year old.
Open Source

Fork of Systemd Leads To Lightweight Uselessd 468

Posted by timothy
from the not-big-and-fancy dept.
An anonymous reader writes A boycott of systemd and other backlash around systemd's feature-creep has led to the creation of Uselessd, a new init daemon. Uselessd is a fork of systemd 208 that strips away functionality considered irrelevant to an init system like the systemd journal and udev. Uselessd also adds in functionality not accepted in upstream systemd like support for alternative C libraries (namely uClibc and musl) and it's even being ported to BSD.
Open Source

Dropbox and Google Want To Make Open Source Security Tools Easy To Use 24

Posted by Soulskill
from the bang-your-head-on-the-screen-to-unlock-your-forehead-profile dept.
An anonymous reader writes: Dropbox, Google, and the Open Technology Fund have announced a new organization focused on making open source security tools easier to use. Called Simply Secure, the initiative brings together security researchers with experts in user interaction and design to boost adoption rates for consumer-facing security solutions. The companies point out that various security options already do exist, and are technically effective. Features like two-factor authentication remain useless, however, because users don't adopt them due to inconvenience or technical difficulty.
Encryption

TrueCrypt Gets a New Life, New Name 267

Posted by Soulskill
from the and-hopefully-won't-disappear-into-the-void dept.
storagedude writes: Amid ongoing security concerns, the popular open source encryption program TrueCrypt may have found new life under a new name. Under the terms of the TrueCrypt license — which was a homemade open source license written by the authors themselves rather than a standard one — a forking of the code is allowed if references to TrueCrypt are removed from the code and the resulting application is not called TrueCrypt. Thus, CipherShed will be released under a standard open source license, with long-term ambitions to become a completely new product.
Open Source

An Open Source Pitfall? Mozilla Labs Closed, Quietly 112

Posted by timothy
from the same-people-are-still-smart dept.
mikejuk writes with this excerpt: When Google Labs closed there was an outcry. How could an organization just pull the rug from under so many projects? At least Google announced what it was doing. Mozilla, it seems since there is no official record, just quietly tiptoes away — leaving the lights on since the Mozilla Labs Website is still accessible. It is accessible but when you start to explore the website you notice it is moribund with the last blog post being December 2013 with the penultimate one being September 2013. The fact that it is gone is confirmed by recent blog posts and by the redeployment of the people who used to run it. The projects that survived have been moved to their own websites. It isn't clear what has happened to the Hatchery -the incubator that invited new ideas from all and sundry. One of the big advantages of open source is the ease with which a project can be started. One of the big disadvantages of open source is the ease with which projects can be allowed to die — often without any clear cut time of death. It seems Mozilla applies this to groups and initiatives as much as projects. This isn't good. The same is true at companies that aren't open source centric, though, too, isn't it?
Classic Games (Games)

Commander Keen: Keen Dreams Source Code Released 72

Posted by Soulskill
from the better-late-than-never dept.
New submitter ildon writes: Recently, the rights holder of former game publisher Softdisk's game library put the rights to some of their old titles up for sale, including Commander Keen: Keen Dreams, one of the few games in the series not to be published by Apogee. A group of fans created an Indiegogo campaign to purchase those rights. We are just now seeing the fruits of that effort with the full source code of the game being published to GitHub. About a year ago, Tom Hall found the sources to episodes 4-6, but it's not clear what, if any, progress has been made on getting Bethesda to allow that code to be released.
Open Source

New Release of MINIX 3 For x86 and ARM Is NetBSD Compatible 93

Posted by timothy
from the big-and-fancy dept.
An anonymous reader writes MINIX 3 is a small POSIX-compliant operating system aimed at high reliability (embedded) applications. A major new version of MINIX 3 (3.3.0) is now available for download at www.minix3.org. In addition to the x86, the ARM Cortex A8 is now supported, with ports to the BeagleBoard and BeagleBones available. Finally, the entire userland has been redone in 3.3.0 to make it NetBSD compatible, with thousands of NetBSD packages available out of the box. MINIX 3 is based on a tiny (13 KLoC) microkernel with the operating system running as a set of protected user-mode processes. Each device driver is also a separate process. If a driver fails, it is automatically and transparently restarted without rebooting and without applications even noticing, making the system self-healing. The full announcement, with links to the release notes and notes on installation, can be found at the Minix Google Groups page.
Open Source

Industry-Based ToDo Alliance Wants To Guide FOSS Development 54

Posted by timothy
from the high-standards-for-free-stuff dept.
jralls (537436) writes The New York Times broke a story [Monday] (paywalled if you look at more than 10 stories a month) about ToDo, "an open group of companies who run open source programs" who are seeking to "committed to working together in order to overcome" the challenges of using FOSS, "including ensuring high-quality and frequent releases, engaging with developer communities, and using and contributing back to other projects effectively." The more militant among us will read that as "It's not enough getting a free ride off of developers building great software, we want to shove our roadmap down their throats and get them to work harder for us — without having to pay for it, of course." That might be a bit harsh, but none of the companies on the page are exactly well known for cooperating with the projects they use, with Google being one of the worst offenders by forking both Linux and WebKit.
Open Source

Why Apple Should Open-Source Swift -- But Won't 182

Posted by Soulskill
from the programming-language-with-just-one-button dept.
snydeq writes: Faster innovation, better security, new markets — the case for opening Swift might be more compelling than Apple will admit, writes Peter Wayner. "In recent years, creators of programming languages have gone out of their way to get their code running on as many different computers as possible. This has meant open-sourcing their tools and doing everything they could to evangelize their work. Apple has never followed the same path as everyone else. The best course may be to open up Swift to everyone, but that doesn't mean Apple will. Nor should we assume that giving us something for free is in Apple's or (gasp) our best interests. The question of open-sourcing a language like Swift is trickier than it looks."
Open Source

LLVM 3.5 Brings C++1y Improvements, Unified 64-bit ARM Backend 99

Posted by Soulskill
from the onward-and-upward dept.
An anonymous reader writes: LLVM 3.5 along with Clang 3.5 are now available for download. LLVM 3.5 offers many compiler advancements including a unified 64-bit ARM back-end from the merging of the Apple and community AArch64 back-ends, C++1y/C++1z language additions, self-hosting support of Clang on SPARC64, and various other compiler improvements.
Open Source

A New FOSS Conference Comes to Florida (Video) 9

Posted by Roblimo
from the more-foss-is-not-to-be-sneezed-at dept.
Bryan Smith has worked with the organizers of several Linux and Open Source events and has spoken at more than a few, but he has always wanted to see more FOSS events in Florida, the state where he lives. There was a Florida Linux Show back in 2008 and 2009, but all that remains of it today is a "ghost" Web page. But that's the past. This year Bryan has put together FOSSETCON, which debuts this September 11 - 13 in Orlando. It's an ambitious undertaking -- but Bryan has rounded up a lot of solid sponsors, and that's often the key to holding a successful IT event. (Alternate Video Link)
Open Source

Why Munich Will Stick With Linux 185

Posted by Soulskill
from the don't-change-penguins-in-the-middle-of-a-stream dept.
Jason Hibbets writes: "There are many solved problems in open source. Groupware is not one of them," Georg Greve, co-founder and CEO of Kolab System starts off his post highlighting recent features of the latest release of the Kolab groupware project. He calls out a few newly elected politicians that don't like the current set-up, but says that thousands of users don't have the same experience. "Until today, the city of Munich is using the same stand-alone calendaring and email systems it had used when it was still fully operating on Windows. Updating these systems had a lower priority than the migration to LiMux then. But an upgrade is underway now. And, the solution they chose is agnostic to the desktop platform and will service LiMux and Windows alike. The primary difference made by another migration would likely be due to the perils that come with any migration, such as additional costs and delays. In other words: The very problem used to criticize the LiMux desktop is already being solved."
Open Source

Slashdot Talks with David Nalley About Apache CloudStack (Video) 13

Posted by Roblimo
from the my-cloud-is-cloudier-than-your-cloud dept.
This Citrix Web page at buildacloud.org says, "David is a PMC (Project Management Commitee) member of the Apache CloudStack project, jClouds committer, Fedora contributor and an Open Source Evangelist for the Open Source Business Office at Citrix." CloudStack has been an Apache Top Level Project since March 2013, with David on board all the way. He's obviously the right person to turn to for an Apache CloudStack update, including some commentary on the differences between Apache CloudStack and OpenStack, two projects often viewed as competitors. (Alternate Video Link)
Facebook

Facebook Blamed For Driving Up Cellphone Bills, But It's Not Alone 131

Posted by samzenpus
from the do-not-like-this dept.
colinneagle writes "Consumer site MoneySavingExpert.com reported today that it has seen "many complaints" from users who believe a recent increase in data-related charges on their cellphone bills are the result of Facebook's auto-play feature. The default setting for the auto-play feature launches and continues to play videos silently until the user either scrolls past it or clicks on it; if the user does the latter, the video then goes full-screen and activates audio. The silent auto-play occurs regardless of whether users are connected to Wi-Fi, LTE, or 3G.

However, it's likely that Facebook isn't entirely to blame for this kind of trend, but rather, with the debut of its auto-play feature, threw gas on an already growing fire of video-sharing services. Auto-play for video is a default setting on Instagram's app, although the company refers to it as "preload." Instagram only introduced video last summer, after the Vine app, a Twitter-backed app that auto-plays and loops six-second videos, started to see significant growth.
Cloud

Bringing New Security Features To Docker 29

Posted by timothy
from the password-is-stevedore dept.
Czech37 writes SELinux lead Dan Walsh wrote last month that Docker "containers do not contain" and that the host system isn't completely protected. Today, Walsh details the steps that Docker, Red Hat, and the open source community are taking to make Docker more secure: "Basically, we want to put in as many security barriers to break out as possible. If a privileged process can break out of one containment tool, we want to block them with the next. With Docker, we are want to take advantage of as many security components of Linux as possible. If "Docker" isn't a familiar word, the project's website is informative; the very short version is that it's a Linux-based "open platform for developers and sysadmins to build, ship, and run distributed applications"; Wikipedia has a good explanation, too.

16.5 feet in the Twilight Zone = 1 Rod Serling

Working...