Tag Archives: opensource

DomTerm 1.0 released

Post Syndicated from ris original https://lwn.net/Articles/750319/rss

Per Bothner has released DomTerm 1.0. Since DomTerm was covered
here
in January 2016, many features have been added or enhanced. (See
this article
on opensource.com.)
DomTerm is a mostly-xterm-compatible terminal emulator, but the output can
be graphics, rich text, and other html, so it is suitable as a REPL for a
program like gnuplot.
Other major features include screen/tmux-style tiling and detachable
sessions, readline-style input editing (integrated with mouse and
clipboard), and opening an editor when clicking an error message.

Exploring free and open web fonts (opensource.com)

Post Syndicated from ris original https://lwn.net/Articles/748636/rss

Nathan Willis looks
beyond open web fonts
on opensource.com. “For starters, it’s critical to understand that Google Fonts and Open Font Library offer a specialized service—delivering fonts in web pages—and they don’t implement solutions for other use cases. That is not a shortcoming on the services’ side; it simply means that we have to develop other solutions.

There are a number of problems to solve. Probably the most obvious example is the awkwardness of installing fonts on a desktop Linux machine for use in other applications. You can download any of the web fonts offered by either service, but all you will get is a generic ZIP file with some TTF or OTF binaries inside and a plaintext license file. What happens next is up to you to guess.”

SUNY math professor makes the case for free and open educational resources (Opensource.com)

Post Syndicated from jake original https://lwn.net/Articles/747936/rss

Opensource.com looks at the availability of open educational resources (OERs), where to find them, and what the advantages of OERs are. Math and computer science professor David Usinski is a strong advocate for OERs and was interviewed for the article. “The ability to customize the curriculum is one of David’s favorite benefits of OER. ‘The intangible aspect is that OER has allowed me to reinvent my curriculum and take ownership of the content. With a textbook, I am locked into the chapter-by-chapter approach by one or two authors,’ he says. Because of OER ‘I am no longer hindered or confined by published materials and now have the flexibility to create the curriculum that truly addresses the course outcomes.’ By freely sharing the content he creates, other instructors can also benefit.

How I coined the term ‘open source’ (Opensource.com)

Post Syndicated from jake original https://lwn.net/Articles/746207/rss

Over at Opensource.com, Christine Peterson has published her account of coining the term “open source”. Originally written in 2006, her story on the origin of the term has now been published for the first time. The 20 year anniversary of the adoption of “open source” is being celebrated this year by the Open Source Initiative at various conferences (recently at linux.conf.au, at FOSDEM on February 3, and others). “Between meetings that week, I was still focused on the need for a better name and came up with the term “open source software.” While not ideal, it struck me as good enough. I ran it by at least four others: Eric Drexler, Mark Miller, and Todd Anderson liked it, while a friend in marketing and public relations felt the term “open” had been overused and abused and believed we could do better. He was right in theory; however, I didn’t have a better idea, so I thought I would try to go ahead and introduce it. In hindsight, I should have simply proposed it to Eric Raymond, but I didn’t know him well at the time, so I took an indirect strategy instead.

Todd had agreed strongly about the need for a new term and offered to assist in getting the term introduced. This was helpful because, as a non-programmer, my influence within the free software community was weak. My work in nanotechnology education at Foresight was a plus, but not enough for me to be taken very seriously on free software questions. As a Linux programmer, Todd would be listened to more closely.”

CopperheadOS: Security features, installing apps, and more (opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/745632/rss

Here’s an
opensource.com article
on the virtues of CopperheadOS.
Unlike other custom ROMs that strive to add lots of new
functionality, Copperhead runs a pretty vanilla version of AOSP. Also,
while the first thing you usually do when playing with a custom ROM is to
add root access to the device, not only does Copperhead prevent that, it
also requires that you have a device that has verified boot, so there’s no
unlocking the bootloader. This is to prevent malicious code from getting
access to the handset.

Containers, the GPL, and copyleft: No reason for concern (opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/745245/rss

Richard Fontana explores
the intersection of containers and copyleft licensing
on
opensource.com.
One imperfect way of framing the question is whether GPL-licensed
code, when combined in some sense with proprietary code, forms a single
modified work such that the proprietary code could be interpreted as being
subject to the terms of the GPL. While we haven’t yet seen much of that
concern directed to Linux containers, we expect more questions to be raised
as adoption of containers continues to grow. But it’s fairly
straightforward to show that containers do not raise new or concerning GPL
scope issues.

Analyzing the Linux boot process (opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/744528/rss

Alison Chaiken looks
in detail at how the kernel boots
on opensource.com.
Besides starting buggy spyware, what function does early boot
firmware serve? The job of a bootloader is to make available to a newly
powered processor the resources it needs to run a general-purpose operating
system like Linux. At power-on, there not only is no virtual memory, but no
DRAM until its controller is brought up.

BitTorrent Client Transmission Suffers Remote Takeover Vulnerability

Post Syndicated from Ernesto original https://torrentfreak.com/bittorrent-client-transmission-suffers-remote-takeover-vulnerability-180116/

With millions of active users, Transmission is one of the most used BitTorrent clients around, particularly for Mac users.

The application has been around for more than a decade and has a great reputation. However, as with any other type of software, it is not immune to vulnerabilities.

One rather concerning flaw was made public by Google vulnerability researcher Tavis Ormandy a few days ago. The flaw allows outsiders to gain access to Transmission via DNS rebinding. This ultimately allows attackers to control the BitTorrent client and execute custom code.

Ormandy has published a patch, which was also shared with the private Transmission security list at the end of November. Transmission, however, has yet to address the issue in an update.

The relatively slow response was the reason why Ormandy decided to make it public before Project Zero’s usual 90-day window expired, Ars highlights. This allows other projects to address the vulnerability right away.

“I’m finding it frustrating that the transmission developers are not responding on their private security list,” Google’s vulnerability researcher writes. “I’ve never had an opensource project take this long to fix a vulnerability before, so I usually don’t even mention the 90 day limit if the vulnerability is in an open source project.”

A member of the Transmission developer team informed Ars that they will address this ASAP, noting that the issue only affects users who have remote control enabled with the default password. This means that people who disable it or change their password can easily ‘patch’ it until the official update comes out.

Interestingly, this isn’t the last BitTorrent related vulnerability Ormandy plans to expose. According to one of his tweets on the matter, this is just the “first of a few remote code execution flaws in various popular torrent clients.”

Judging from a message the researcher sent late November, uTorrent is on the list as well. Apparently, the company’s security email address wasn’t set up correctly at the time, so BitTorrent inventor Bram Cohen has been acting as a forwarding service.

uTorrent?

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Is blockchain a security topic? (Opensource.com)

Post Syndicated from jake original https://lwn.net/Articles/740929/rss

At Opensource.com, Mike Bursell looks at blockchain security from the angle of trust. Unlike cryptocurrencies, which are pseudonymous typically, other kinds of blockchains will require mapping users to real-life identities; that raises the trust issue.

What’s really interesting is that, if you’re thinking about moving to a permissioned blockchain or distributed ledger with permissioned actors, then you’re going to have to spend some time thinking about trust. You’re unlikely to be using a proof-of-work system for making blocks—there’s little point in a permissioned system—so who decides what comprises a “valid” block that the rest of the system should agree on? Well, you can rotate around some (or all) of the entities, or you can have a random choice, or you can elect a small number of über-trusted entities. Combinations of these schemes may also work.

If these entities all exist within one trust domain, which you control, then fine, but what if they’re distributors, or customers, or partners, or other banks, or manufacturers, or semi-autonomous drones, or vehicles in a commercial fleet? You really need to ensure that the trust relationships that you’re encoding into your implementation/deployment truly reflect the legal and IRL [in real life] trust relationships that you have with the entities that are being represented in your system.

And the problem is that, once you’ve deployed that system, it’s likely to be very difficult to backtrack, adjust, or reset the trust relationships that you’ve designed.”

7 tools for analyzing performance in Linux with bcc/BPF (opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/739861/rss

Brendan Gregg introduces a
set of BPF-based tracing tools
on opensource.com.
Traditional analysis of filesystem performance focuses on block I/O
statistics—what you commonly see printed by the iostat(1) tool and plotted
by many performance-monitoring GUIs. Those statistics show how the disks
are performing, but not really the filesystem. Often you care more about
the filesystem’s performance than the disks, since it’s the filesystem that
applications make requests to and wait for. And the performance of
filesystems can be quite different from that of disks! Filesystems may
serve reads entirely from memory cache and also populate that cache via a
read-ahead algorithm and for write-back caching. xfsslower shows filesystem
performance—what the applications directly experience.

An intro to machine learning (opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/734319/rss

Ulrich Drepper, once again an engineer at Red Hat, writes
about machine learning
on opensource.com.
Machine learning and artificial intelligence (ML/AI) mean different
things to different people, but the newest approaches have one thing in
common: They are based on the idea that a program’s output should be
created mostly automatically from a high-dimensional and possibly huge
dataset, with minimal or no intervention or guidance from a human. Open
source tools are used in a variety of machine learning and artificial
intelligence projects. In this article, I’ll provide an overview of the
state of machine learning today.

An intro to machine learning (Opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/734319/rss

Ulrich Drepper, once again an engineer at Red Hat, writes
about machine learning
on opensource.com.
Machine learning and artificial intelligence (ML/AI) mean different
things to different people, but the newest approaches have one thing in
common: They are based on the idea that a program’s output should be
created mostly automatically from a high-dimensional and possibly huge
dataset, with minimal or no intervention or guidance from a human. Open
source tools are used in a variety of machine learning and artificial
intelligence projects. In this article, I’ll provide an overview of the
state of machine learning today.

Netflix develops Morse code search option

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/netflix-morse-code/

What happens when Netflix gives its staff two days to hack the platform and create innovative (and often unnecessary) variations on the streaming service?

This. This is what happens.

Hack Day Summer 2017 Teleflix

Uploaded by NetflixOpenSource on 2017-08-28.

Netflix Hack Day

Twice a year, the wonderful team at Netflix is given two days to go nuts and create fun, random builds, taking inspiration from Netflix and its content. So far they’ve debuted a downgraded version of the streaming platform played on an original Nintendo Entertainment System (NES), turned hit show Narcos into a video game, and utilised VR technology into many more builds that, while they’ll never be made public, have no doubt led to some lightbulb moments for the creative teams involved.

DarNES – Netflix Hack Day – Winter 2015

In a world… where devices proliferate… darNES digs back in time to provide Netflix access to the original Nintendo Entertainment System.

Kevin Spacey? More like ‘Kevin Spacebar’, am I right? Aha…ha…haaaa…I’ll get my coat.

Teleflix

The Teleflix build from this summer’s Hack Day is obviously the best one yet, as it uses a Raspberry Pi. By writing code that decodes the dots and dashes from an original 1920s telegraph (provided by AT&T, and lovingly restored by the team using ketchup!) into keystrokes, they’re able to search for their favourite shows via Morse code.

Netflix Morse Code

Morse code, for the unaware, is a method for transmitting letters and numbers via a standardised series of beeps, clicks, or flashes. Stuck in a sticky situation? Three dots followed by three dashes and a further three dots gives you ‘SOS’. Sorted. So long as there’s someone there to see or hear it, who also understands Morse Code.

Morse Code

Morse code was a method of transmiting textual information as a series of on-off tones that could be directly understood by a skilled listener. Mooo-Theme: http://soundcloud.com/mooojvm/mooo-theme

So if you’d like to watch, for example, The Unbreakable Kimmy Schmidt, you simply send: – …. . / ..- -. -… .-. . .- -.- .- -… .-.. . / -.- .. — — -.– / … -.-. …. — .. -.. – and you’re set. Easy!

To reach Netflix, the team used a Playstation 4. However, if you want to skip a tech step, you could stream Netflix directly to your Raspberry Pi by following this relatively new tutorial. Nobody at Pi Towers has tried it out yet, but if you have we’d be interested to see how you got on in the comments below.

And if you’d like to play around a little more with the Raspberry Pi and Morse code, you can pick up your own Morse code key, or build one using conductive components such as buttons or bananas, and try it out for yourself.

Alex’s Netflix-themed Morse code quiz

Just for fun, here are the titles of some of my favourite shows to watch on Netflix, translated into Morse code. Using the key below, why not take a break and challenge your mind to translate them back into English. Reward yourself +10 imaginary House Points for each correct answer.

Netflix Morse Code

  1. -.. — -.-. – — .-. / .– …. —
  2. …. .- -. -. .. -… .- .-..
  3. – …. . / — .-
  4. … . -. … . —..
  5. .— . … … .. -.-. .- / .— — -. . …
  6. –. .. .-.. — — .-. . / –. .. .-. .-.. …
  7. –. .-.. — .–

The post Netflix develops Morse code search option appeared first on Raspberry Pi.

Patrick McHardy and copyright profiteering (Opensource.com)

Post Syndicated from jake original https://lwn.net/Articles/731941/rss

Over at Opensource.com, Heather Meeker, a lawyer who specializes in open-source licensing, published a lengthy FAQ on the GPL enforcement efforts of netfilter developer Patrick McHardy. In it, Meeker looks at how much code McHardy has contributed, specifics of the German legal system that may make it attractive to copyright trolling (or profiteering), and steps that companies and others can take to oppose these kinds of efforts.
Copyright ownership in large projects such as the Linux kernel is complicated. It’s like a patchwork quilt. When developers contribute to the kernel, they don’t sign any contribution agreement or assignment of copyright. The GPL covers their contributions, and the recipient of a copy of the software gets a license, under GPL, directly from all the authors. (The kernel project uses a document called a Developer Certificate of Origin, which does not grant any copyright license.) The contributors’ individual rights exist side-by-side with rights in the project as a whole. So, an author like McHardy would generally own the copyright in the contributions he created, but not in the whole kernel.

A homebrew Pi kit for home brewing

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/homebrew-beer-brewing-pi/

While the rest of us are forced to leave the house to obtain a tasty brew, beer master Christoper Aedo has incorporated a Raspberry Pi into his home brewing system for ultimate ‘sit-back-and-relax’ homebrew home brew.

homebrew home brew Raspberry Pi

KEG! KEG! KEG! KEG!

I drink and I know things

Having brewed his own beer for several years, Christopher was no novice in the pursuit of creating the perfect pint*. He was already brewing 10 gallons at a time when he decided to go all electric with a Raspberry Pi. Inspiration struck when he stumbled upon the StrangeBrew Elsinore Java server, and he went to work planning the best setup for the job:

Before I could talk myself out of the project, I decided to start buying parts. My basic design was a Hot Liquor Tank (HLT) and boil kettle with 5500W heating elements in them, plus a mash tun with a false bottom. I would use a pump to recirculate the mash through a 50 foot stainless coil in the HLT (a “heat exchanger recirculating mash system”, known as HERMS). I would need a second pump to circulate the water in the HLT, and to help with transferring water to the mash tun. All of the electrical components would be controlled with a Raspberry Pi.

Homebrew hardware setup

First, he set up the electrical side of his homebrew system using The Electric Brewing Company‘s walkthrough, swapping out the 12V solid-state relays for ones that manage the 3V needed by the Pi. Aedo then implemented the temperature sensors and controls of these relays. He used Hilitchi DS18B20 Waterproof Temperature Sensors connected to a 1-Wire bus and learned how to manage the relays in this tutorial.

Christopher wanted to be able to move his system around his property. Therefore, he squeezed all the electrical components of the build into a waterproof project box. For cooling purposes, he integrated copper shims and heat sinks.

homebrew home brew raspberry pi

Among the wires, wires, and more wires sits a Raspberry Pi, bottom left.

A brew-tiful build

With the hardware sorted, he took on the project’s software next. Although he had been inspired by it, Christopher decided to move away from the StrangeBrew Elsinore project in favour of the Python-based CraftBeerPi by active repo maintainer Manuel Fritsch.

homebrew home brew raspberry pi

The CraftBeerPi dashboard

This package allowed him to configure his chosen GPIO pins and set up the appropriate sensors. In fact, the setup process was so easy that Christoper also implemented a secondhand fridge as a fermentation chamber.

Duff Beer for me, Duff Beer for you…

In his recently released article on opensource.com, Aedo goes into far more detail. So if you want to create your own brewing kit, it offers all the info you need to get going.

Christoper attributes a lot of his build to the Hosehead, Electric Brewery, and CraftBeerPi projects. Using their resources and those of StrangeBrew Elsinore, any home brewer can control at least part of their system via a Raspberry Pi. Moreover, they can also keep track of their brewery stock levels via the wonderfully named Kegerface display.

We love seeing projects like this that take inspiration from others and build on them. We also love beer.

How about you? Have you created any sort of beer brewing system, from scratch or with the help of an existing project? Then make sure to share it with us in the comments below.

Duff man homebrew

 

*Did you know the British pint is larger than the American pint?

The post A homebrew Pi kit for home brewing appeared first on Raspberry Pi.

Dynamic tracing in Linux user and kernel space (Opensource.com)

Post Syndicated from jake original https://lwn.net/Articles/727318/rss

Over at Opensource.com, Pratyush Anand looks at dynamic tracing for both user space programs and the kernel. He gives an introduction to using uprobes and kprobes directly as well as using them via the perf tool. “We can insert kprobe within most of the symbols in /proc/kallsyms; other symbols have been blacklisted in the kernel. A kprobe insertion into the kprobe_events file for the symbols that aren’t compatible with a kprobe insertion should result in a write error. A probe can be inserted at some offset from the symbol base, as well. Like uprobe, we can also trace the return of a function using kretprobe. The value of a local variable can also be printed in trace output.

4 cool facts you should know about FreeDOS (Opensource.com)

Post Syndicated from jake original https://lwn.net/Articles/726831/rss

In honor of the 23rd anniversary of FreeDOS, project founder Jim Hall has written about the project over at Opensource.com. The free MS-DOS replacement has been in around for longer than MS-DOS was and is still under active development. “DOS is an old system and the original didn’t support networking out of the box. Typically, you had to install device drivers for your hardware to connect to a network, which was usually a simple network like IPX. Few systems supported TCP/IP.

With FreeDOS, not only do we include a TCP/IP networking stack, we include tools and programs that let you browse the web. Use Dillo for a graphical web browser experience, or Lynx to view the web as formatted plain text. If you just want to grab the HTML code and manipulate it yourself, use Wget or Curl.”

What’s new in OpenStack Ocata (Opensource.com)

Post Syndicated from jake original https://lwn.net/Articles/720704/rss

Over at Opensource.com, Rich Bowen looks at some of the new features in OpenStack Ocata, which was released back in February.
First, it’s important to remember that the Ocata cycle was very short. We usually do a release every six months, but with the rescheduling of the OpenStack Summit and OpenStack PTG (Project Team Gathering) events, Ocata was squeezed into 4 months to realign the releases with these events. So, while some projects squeezed a surprising amount of work into that time, most projects spent the time on smaller features and finishing up tasks leftover from the previous release.

At a high level, the Ocata release was all about upgrades and containers, themes that I heard from almost every team I interviewed. Developers spoke of how we can make upgrades smoother, and how we can deploy bits of the infrastructure in containers. These two things are closely related, and there seems to be more cross-project collaboration this time around than I’ve noticed in the past.”

Grok the GIL (opensource.com)

Post Syndicated from corbet original https://lwn.net/Articles/720549/rss

Here’s an
opensource.com article
describing how the Python global interpreter
lock works and some nuances of writing threaded Python code.
Although the GIL does not excuse us from the need for locks, it does
mean there is no need for fine-grained locking. In a free-threaded language
like Java, programmers make an effort to lock shared data for the shortest
time possible, to reduce thread contention and allow maximum
parallelism. Because threads cannot run Python in parallel, however,
there’s no advantage to fine-grained locking. So long as no thread holds a
lock while it sleeps, does I/O, or some other GIL-dropping operation, you
should use the coarsest, simplest locks possible.

Google’s new open-source site

Post Syndicated from corbet original https://lwn.net/Articles/718273/rss

Google has announced
the launch of opensource.google.com. “Today, we’re launching opensource.google.com, a new website for Google Open Source that ties together all of our initiatives with information on how we use, release, and support open source.

This new site showcases the breadth and depth of our love for open source. It will contain the expected things: our programs, organizations we support, and a comprehensive list of open source projects we’ve released. But it also contains something unexpected: a look under the hood at how we “do” open source.”