An anonymous reader quotes a report from TechCrunch: To cap off a day of product releases, OpenAI researchers, engineers, and executives, including OpenAI CEO Sam Altman, answered questions in a wide-ranging Reddit AMA on Friday. OpenAI the company finds itself in a bit of a precarious position. It's battling the perception that it's ceding ground in the AI race to Chinese companies like DeepSeek, which OpenAI alleges might've stolen its IP. The ChatGPT maker has been trying to shore up its relationship with Washington and simultaneously pursue an ambitious data center project, while reportedly laying groundwork for one of the largest financing rounds in history. Altman admitted that DeepSeek has lessened OpenAI's lead in AI, and he also said he believes OpenAI has been "on the wrong side of history" when it comes to open-sourcing its technologies. While OpenAI has open-sourced models in the past, the company has generally favored a proprietary, closed-source development approach.

"[I personally think we need to] figure out a different open source strategy," Altman said. "Not everyone at OpenAI shares this view, and it's also not our current highest priority [] We will produce better models [going forward], but we will maintain less of a lead than we did in previous years." In a follow-up reply, Kevin Weil, OpenAI's chief product officer, said that OpenAI is considering open-sourcing older models that aren't state-of-the-art anymore. "We'll definitely think about doing more of this," he said, without going into greater detail.

Google has open-sourced the PebbleOS, with the original founder, Eric Migicovsky, starting a company to continue where he left off in 2016. "This is part of an effort from Google to help and support the volunteers who have come together to maintain functionality for Pebble watches after the original company ceased operations in 2016," said Google in a blog post. The Verge reports: The company -- which can't be named Pebble because Google still owns that -- doesn't have a name yet. For now, Migicovsky is hosting a waitlist and news signup at a website called RePebble. Later this year, once the company has a name and access to all that Pebble software, the plan is to start shipping new wearables that look, feel, and work like the Pebbles of old. The reason, Migicovsky tells me, is simple. "I've tried literally everything else," he says, "and nothing else comes close." Sure, he may just have a very specific set of requirements -- lots of people are clearly happy with what Apple, Garmin, Google, and others are making. But it's true that there's been nothing like Pebble since Pebble. "For the things I want out of it, like a good e-paper screen, long battery life, good and simple user experience, hackable, there's just nothing."

The core of Pebble, he says, is a few things. A Pebble should be quirky and fun and should feel like a gadget in an important way. It shows notifications, lets you control your music with buttons, lasts a long time, and doesn't try to do too much. It sounds like Migicovsky might have Pebble-y ambitions beyond smartwatches, but he appears to be starting with smartwatches. If that sounds like the old Pebble and not much else, that's precisely the point. [...] Migicovsky also hopes to be part of a broader open-source community around Pebble OS. The Pebble diehards still exist: a group of developers at Rebble have worked to keep many of the platform's apps alive, for instance, along with the Cobble app for connecting to phones, and the Pebble subreddit is surprisingly active for a product that hasn't been updated since the Obama administration. Migicovsky says he plans to open-source whatever his new company builds and hopes lots of other folks will build stuff, too. Thank you Slashdot reader sziring for sharing this story.

July saw the news that Meta had launched a powerful open-source AI model, Llama 3.1.

But the Free Software Foundation evaluated Llama 3.1's license agreement, and announced this week that "this is not a free software license and you should not use it, nor any software released under it." Not only does it deny users their freedom, but it also purports to hand over powers to the licensors that should only be exercised through lawmaking by democratically-elected governments.

Moreover, it has been applied by Meta to a machine-learning (ML) application, even though the license completely fails to address software freedom challenges inherent in such applications....

We decided to review the Llama license because it is being applied to an ML application and model, while at the same time being presented by Meta as if it grants users a degree of software freedom. This is certainly not the case, and we want the free software community to have clarity on this.
In other news, the FSF also announced the winner of the logo contest for their big upcoming 40th anniversary celebration.

An anonymous reader quotes an op-ed from 404 Media's Jason Koebler: If it wasn't already obvious, the last 72 hours have made it crystal clear that it is urgent to build and mainstream alternative, decentralized social media platforms that are resistant to government censorship and control, are not owned by oligarchs and dominated by their algorithms, and in which users own their follower list and can port it elsewhere easily and without restriction. [...] Mastodon's ActivityPub and Bluesky's AT.Protocol have provided the base technology layer to make this possible, and have laid important groundwork over the last few years to decorporatize and decentralize the social internet.

The problem with decentralized social media platforms thus far is that their user base is minuscule compared to platforms like TikTok, Facebook, and Instagram, meaning the cultural and political influence has lagged behind them. You also cannot directly monetize an audience on Bluesky or Mastodon -- which, to be clear, is a feature, not a bug -- but also means that the value proposition for an influencer who makes money through the TikTok creator program or a small business that makes money selling chewing gum on TikTok shop or a clothes brand that has figured out how to arbitrage Instagram ads to sell flannel shirts is not exactly clear. I am not advocating for decentralized social media to implement ads and creator payment programs. I'm just saying that many TikTok influencers were directing their collective hundreds of millions of fans to follow them to Instagram or YouTube, not a decentralized alternative.

This doesn't mean that the fediverse or that a decentralized Instagram or TikTok competitor that runs on the AT.Protocol is doomed. But there is a lot of work to do. There is development work that needs to be done (and is being done) to make decentralized protocols easier to join and use and more interoperable with each other. And there is a massive education and recruitment challenge required to get the masses to not just try out decentralized platforms but to earnestly use them. Bluesky's growing user base and rise as a legitimately impressive platform that one can post to without feeling like it's going into the void is a massive step forward, and proof that it is possible to build thriving alternative platforms. The fact that Meta recently blocked links to a decentralized Instagram alternative shows that big tech sees these platforms, potentially, as a real threat. "This is all to say that it is possible to build alternatives to Elon Musk's X, Mark Zuckerberg's Instagram, and whatever TikTok will become," concludes Koebler. "It is happening, and it is necessary. The richest, most powerful people in the world have all aligned themselves and their platforms with Donald Trump. But their platforms' relevance and importance doesn't necessarily have to last forever. A different way is possible, if we build it."

Further reading: 'The Tech Oligarchy Arrives' (The Atlantic)

In 2022 Google released a tool to easily scan for vulnerabilities in dependencies named OSV-Scanner. "Together with the open source community, we've continued to build this tool, adding remediation features," according to Google's security blog, "as well as expanding ecosystem support to 11 programming languages and 20 package manager formats... Users looking for an out-of-the-box vulnerability scanning CLI tool should check out OSV-Scanner, which already provides comprehensive language package scanning capabilities..."

Thursday they also announced an extensible library for "software composition analysis" scanning (as well as file-system scanning) named OSV-SCALIBR (Open Source Vulnerability — Software Composition Analysis LIBRary). The new library "combines Google's internal vulnerability management expertise into one scanning library with significant new capabilities such as:

• Software composition analysis for installed packages, standalone binaries, as well as source code

• OSes package scanning on Linux (COS, Debian, Ubuntu, RHEL, and much more), Windows, and Mac

• Artifact and lockfile scanning in major language ecosystems (Go, Java, Javascript, Python, Ruby, and much more)

• Vulnerability scanning tools such as weak credential detectors for Linux, Windows, and Mac

• Software Bill of Materials (SBOM) generation in SPDX and CycloneDX, the two most popular document formats

• Optimization for on-host scanning of resource constrained environments where performance and low resource consumption is critical

"OSV-SCALIBR is now the primary software composition analysis engine used within Google for live hosts, code repos, and containers. It's been used and tested extensively across many different products and internal tools to help generate SBOMs, find vulnerabilities, and help protect our users' data at Google scale. We offer OSV-SCALIBR primarily as an open source Go library today, and we're working on adding its new capabilities into OSV-Scanner as the primary CLI interface."

Independent developer Sebastian Vogelsang is building a photo-sharing app for the decentralized social network Bluesky, leveraging its AT Protocol and his earlier app, Skeets. The app, called Flashes, will offer features like photo and short video posts while integrating seamlessly with Bluesky. TechCrunch reports: When launched, Flashes could tap into growing consumer demand for alternatives to Big Tech's social media monopoly. [...] To make this work, Flashes simply filters Bluesky's existing timeline for posts with photos and video posts. (In the future, Vogelsang also plans to add metadata to Flashes' posts so Bluesky users would have a way to keep their feeds on Bluesky's main app from being flooded with photo posts if that became a problem.) Flashes didn't take too long to build because it was able to reuse Skeets' existing code. The app will also be able to market to Skeets' existing user base, who have now downloaded the app some 30,500 times to date.

Vogelsang says he's now working to integrate subscription-based features from both his apps so users don't have to pay twice for the premium features, like Skeets' bookmarks, drafts, muting, rich push notifications, and others specific to Flashes. (Both apps are free to use without a subscription, we should note.) Later, Vogelsang says he wants to launch a video-only app, too, called Blue Screen.

At launch, Flashes will support photo posts of up to four images and videos of up to 1 minute in length, just like Bluesky. Users who post to Flashes will also have their posts appear on Bluesky and comments on those posts will also feed back into the app as if it were just another Bluesky client. It will also support Bluesky's direct messages. The developer expects to be able to launch Flashes to the public in a matter of weeks with a TestFlight beta arriving ahead of that. Interested users can follow Flashes' account on Bluesky for further updates. Flashes could satiate the growing demand for alternatives to Big Tech's social media monopoly, especially after Meta CEO Mark Zuckerberg announced that he will end fact-checking on its platforms.

The Register's Simon Sharwood reports: Broadcom has lost another sizable customer for its VMware platform: Austrian cloud provider Anexia has moved 12,000 VMs, some of them rented by major European businesses, to an open-source system based on the KVM hypervisor. Anexia was founded in 2006, is based in Austria, and provides cloud services from over 100 locations around the world by placing equipment in third party datacenters. Clients include remote access and control vendor TeamViewer, and airline Lufthansa -- plus plenty more outfits that need reliable hosting and service to match.

CEO Alexander Windbichler told The Register that after Broadcom acquired VMware, increased licensing costs, and made big changes to its partner program, Anexia remained eligible to operate a VMware-powered cloud. But Windbichler felt he couldn't afford to continue, because Broadcom offered new terms that saw the cost of VMware licenses rise sharply. The CEO preferred not to enumerate the increase precisely however The Register understands it exceeded 500 percent. Whatever the actual figure, Windbichler said the cost increase "Would have been existential for us."

"We used to pay for VMware software one month in arrears," he said. "With Broadcom we had to pay a year in advance with a two-year contract." That arrangement, the CEO said, would have created extreme stress on company cashflow. "We would not be able to compete with the market," he said. "We had customers on contracts, and they would not pay for a price increase." Windbichler considered legal action, but felt the fight would have been slow and expensive. Anexia therefore resolved to migrate, a choice made easier by its ownership of another hosting business called Netcup that ran on a KVM-based platform.

WordPress co-creator (and Automattic CEO) Matt Mullenweg "has deactivated the accounts of several WordPress.org community members," reports TechCrunch, "some of whom have been spearheading a push to create a new fork of the open source WordPress project." Joost de Valk — creator of WordPress-focused SEO tool Yoast (and former marketing and communications' lead for the WordPress Foundation) — last month published his "vision for a new WordPress era," alluding to a potential fork in the form of "federated and independent repositories." Karim Marucchi, CEO of enterprise web consulting firm Crowd Favorite, echoed these thoughts in a separate blog post. WP Engine indicated it was on standby to lend a corporate hand. Mullenweg, for his part, has publicly supported the notion of a new WordPress fork.
But when Automattic slashed its contributions to Wordpress.org, things heated up: This spurred de Valk to take to X.com on Friday to indicate that he was willing to lead on the next release of WordPress, with Marucchi adding that his "team stands ready." Collectively, de Valk and Marucchi contribute around 10 hours per week to various aspects of the WordPress open source project. However, in a sarcasm-laden blog post published this morning, Mullenweg said that to give their independent effort the "push it needs to get off the ground," he was deactivating their WordPress.org accounts. "I strongly encourage anyone who wants to try different leadership models or align with WP Engine to join up with their new effort," Mullenweg wrote.

At the same time, Mullenweg also revealed he was deactivating the accounts of three other people, with little explanation given: Sé Reed, Heather Burns, and Morten Rand-Hendriksen. Reed, it's worth noting, is president and CEO of a newly established non-profit called the WP Community Collective, which is setting out to serve as a "neutral home for collaboration, contribution, and resources" around WordPress and the broader open source ecosystem. Burns, a former contributor to the WordPress project, took to X this morning to express surprise at her deactivation, noting that she hadn't been involved in the project since 2020...

It's worth noting that deactivating a WordPress.org account prevents affected users from contributing through that channel, be it to the core project or any other plugins or themes they may be involved with.
Rand-Hendriksen posted on BlueSky: So why is he targeting Heather and me? Because we started talking about the need for proper governance, accountability, conflict of interest policies, and other things back in 2017. We both left the project in 2019, and apparently he still holds a grudge.
And while Mullenweg headlined his blog post "Joost/Karim Fork," Rand-Hendriksen wrote on BlueSky "there is no fork in the works as far as I know. He made that up, as he has done before. Heather and I have no involvement with any of this so I don't know why he grouped the five of us together like this. It smells like attempted harassment."

Later Rand-Hendriksen claimed "this is not the first time he's accused critics of forking WordPress" and that he's "convinced any fork will fail... I think he thinks saying someone is forking WordPress is an epic burn that discredits them in the eyes of the community."

VLC media player, the popular open-source software developed by nonprofit VideoLAN, has topped 6 billion downloads worldwide and teased an AI-powered subtitle system. From a report: The new feature automatically generates real-time subtitles -- which can then also be translated in many languages -- for any video using open-source AI models that run locally on users' devices, eliminating the need for internet connectivity or cloud services, VideoLAN demoed at CES.

China's Xiangshan project aims to deliver a high-performance RISC-V processor by 2025. If it succeeds, it could be "enormously significant" for three reasons, writes The Register's Simon Sharwood. It would elevate RISC-V from low-end silicon to datacenter-level capabilities, leverage the open-source Mulan PSL-2.0 license to disrupt proprietary chip models like Arm and Intel, and reduce China's dependence on foreign technology, mitigating the impact of international sanctions on advanced processors. From the report: The prospect of a 2025 debut appeared on Sunday in a post to Chinese social media service Weibo, penned by Yungang Bao of the Institute of Computing Technology at the Chinese Academy of Sciences. The academy has created a project called Xiangshan that aims to use the permissively licensed RISC-V ISA to create a high-performance chip, with the Scala source code to the designs openly available.

Bao is a leader of the project, and has described the team's ambition to create a company that does for RISC-V what Red Hat did for Linux -- although he said that before Red Hat changed the way it made the source code of RHEL available to the public. The Xiangshan project has previously aspired to six-monthly releases, though it appears its latest design to be taped out was a second-gen chip named Nanhu that emerged in late 2023. That silicon ran at 2GHz and was built on a 14nm process node. The project has since worked on a third-gen design, named Kunminghu, and published the image [here] depicting an overview of its non-trivial micro-architecture.

This week New York Times technology columnist Kevin Roose published his annual "Good Tech" awards to "shine the spotlight on a few tech projects that I think contributed positively to humanity."

And high on the list is "Andres Freund, and every open-source software maintainer saving us from doom." The most fun column I wrote this past year was about a Microsoft database engineer, Andres Freund, who got some odd errors while doing routine maintenance on an obscure open-source software package called xz Utils. While investigating, Freund inadvertently discovered a huge security vulnerability in the Linux operating system, which could have allowed a hacker to take control of hundreds of millions of computers and bring the world to its knees.

It turns out that much of our digital infrastructure rests on similar acts of nerdy heroism. After writing about Freund's discovery, I received tips about other near disasters involving open-source software projects, many of which were averted by sharp-eyed volunteers catching bugs and fixing critical code just in time to foil the bad guys. I could not write about them all, but this award is to say: I see you, open-source maintainers, and I thank you for your service.
Roose also acknowledges the NASA engineers who kept Voyager 1 transmitting back to earth from interstellar space — and Bluesky, "for making my social media feeds interesting again."

Roose also notes it was a big year for AI. There's a shout-out to Epoch AI, a small nonprofit research group in Spain, "for giving us reliable data on the AI boom." ("The firm maintains public databases of AI models and AI hardware, and publishes research on AI trends, including an influential report last year about whether AI models can continue to grow at their current pace. Epoch AI concluded they most likely could until 2030.") And there's also a shout-out to groups "pushing AI forward" and positive uses "to improve health care, identify new drugs and treatments for debilitating diseases and accelerate important scientific research."

• The nonprofit Arc Institute released Evo, an AI model that "can predict and generate genomic sequences, using technology similar to the kind that allows systems like ChatGPT to predict the next words in a sequence."

• A Harvard University lab led by Dr. Jeffrey Lichtman teamed with researchers from Google for "the most detailed map of a human brain sample ever created. The team used AI to map more than 150 million synapses in a tiny sample of brain tissue at nanometer-level resolution..."

• Researchers at Stanford and McMaster universities developed SyntheMol, "a generative AI model that can design new antibiotics from scratch."

TPM is a dedicated chip or firmware enabling hardware-level security, housing encryption keys, certificates, passwords, and sensitive data, "and shielding them from unauthorized access," Microsoft senior product manager Steven Hosking wrote last month, declaring TPM 2.0 to be "a non-negotiable standard for the future of Windows."

Or, as BleepingComputer put it, Microsoft "made it abundantly clear... that Windows 10 users won't be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support." (This despite the fact that Statcounter Global data "shows that more than 61% of all Windows systems worldwide still run Windows 10.") They add that Microsoft "announced on October 31 that Windows 10 home users will be able to delay the switch to Windows 11 for one more year if they're willing to pay $30 for Extended Security Updates."

But last week the Free Software Foundation's campaigns manager delivered a message on the FSF's official blog: "Keep putting pressure on Microsoft." Grassroots organization against a corporation as large as Microsoft is never easy. They have the advertising budget to claim that they "love Linux" (sic), not to mention the money and political willpower to corral free software developers from around the world on their nonfree platform Microsoft GitHub. This year's International Day Against DRM took aim at one specific injustice: their requiring a hardware TPM module for users being forced to "upgrade" to Windows 11. As Windows 10 will soon stop receiving security updates, this is a (Microsoft-manufactured) problem for users still on this operating system. Normally, offloading cryptography to a different hardware module could be seen as a good thing — but with nonfree software, it can only spell trouble for the user...

What's crucial now is to keep putting pressure on Microsoft, whether that's through switching to GNU/Linux, avoiding new releases of their software, or actions as simple as moving your projects off of Microsoft GitHub. If you're concerned about e-waste or have friends who work to combat climate change, getting them together to tell them about free software is the perfect way to help our movement grow, and free a few more users from Microsoft's digital restrictions. If you're concerned about e-waste or have friends who work to combat climate change, getting them together to tell them about free software is the perfect way to help our movement grow, and free a few more users from Microsoft's digital restrictions.

Samsung and Google are introducing Eclipsa Audio, an open-source 3D audio standard set to debut on select YouTube videos and Samsung's 2025 TVs and soundbars. The new format "could eventually serve as a free alternative to Dolby Atmos, the dominant 3D audio format that hardware makers like Samsung pay to license for TVs and other equipment," reports The Verge. "Samsung says that similar to Atmos, this audio format supports adjusting 'audio data such as the location and intensity of sounds, along with spatial reflections' to create a 3D experience." From the report: The two companies first announced a partnership to develop spatial audio technology in 2023, initially calling it Immersive Audio Model and Formats (IAMF). At the time, Samsung spatial audio head WooHyun Nam said the format would provide "a complete open-source framework for 3D audio, from creation to delivery and playback."

The IAMF spec has also been adopted by the Alliance for Open Media, a group that has been pushing for royalty-free codec support since 2015 and counts companies like Amazon, Apple, Microsoft, and Netflix -- along with Samsung and Google -- among its members. If they also add support for this audio format, it could help it catch on, although it's already taken years for their AV1 video codec to see more use. Samsung and Google are also creating a certification program with the Telecommunications Technology Association "to ensure consistent audio quality" across devices using the format, which also sounds similar to the way companies like Dolby and THX manage the labeling for their specs.

Bruce Perens, original co-founder of the Open Source Initiative, has responded to questions from Slashdot readers about a new alternative he's developing that hopefully helps "Post Open" developers get paid.

But first, "One of the things that's clear from the Slashdot patter is that people are not aware of what I've been doing, in general," Perens says. "So, let's start by filling that in..."

Read on for the rest of his wide-ranging answers....

Bruce Perens wrote the original Open Source definition back in 1997, and then co-founded the Open Source Initiative with Eric Raymond in 1998. But after resigning from the group in 2020, Perens is now diligently developing an alternative he calls "Post Open" to "meet goals that Open Source fails at today" — even providing a way to pay developers for their work.

To make it all happen, he envisions software developers owning (and controlling) a not-for-profit corporation developing a body of software called "the Post Open Collection" and collecting its licensing fees to distribute among developers. The hope? To "make it possible for an individual developer to stay at home and code all day, and make their living that way without having to build a company."

The not-for-profit entity — besides actually enforcing its licensing — could also:

• Provide tech support, servicing all Post-Open software through one entity.
• Improve security by providing developers with cryptographic-hardware-backed authentication guaranteeing secure software chain-of-custody.
• Handle onerous legal requirements like compliance with the EU Cyber Resilience Act "on behalf of all developers in the Post Open Collection".
• Compensate documentation writers.
• Fund lobbying on behalf of developers, along with advocacy for their software's privacy-preserving features.

"We've started to build the team," Perens said in a recent interview, announcing weeks ago that attorneys are already discussing the structure of the future organization and its proposed license.

But what do you think? Perens has agreed to answer questions from Slashdot readers...

He's also Slashdot reader #3,872. (And Perens is also an amateur radio operator, currently on the board of M17 — a community of open source developers and radio enthusiasts — and in general support of Open Source and Amateur Radio projects through his non-profit HamOpen.org.) But more importantly, Perens "was the person to announce 'Open Source' to the world," according to his official site. Now's your chance to ask him about his next new big idea...

Ask as many questions as you'd like, but please, one per comment. We'll pick the very best questions — and forward them on to Bruce Perens himself to answer!

UPDATE: Bruce Perens has answered your questions!

Friday the Software Freedom Conservancy announced the production release of the new OpenWrt One network router — designed specifically for running the Linux-based router OS OpenWrt (a member project of the SFC). "This is the first wireless Internet router designed and built with your software freedom and right to repair in mind.

"The OpenWrt One will never be locked down and is forever unbrickable." This device services your needs as its owner and user. Everyone deserves control of their computing. The OpenWrt One takes a great first step toward bringing software rights to your home: you can control your own network with the software of your choice, and ensure your right to change, modify, and repair it as you like.

The OpenWrt One demonstrates what's possible when hardware designers and manufacturers prioritize your software right to repair; OpenWrt One exuberantly follows these requirements of the copyleft licenses of Linux and other GPL'd programs. This device provides the fully copyleft-compliant source code release from the start. Device owners have all the rights as intended on Day 1; device owners are encouraged to take full advantage of these rights to improve and repair the software on their OpenWrt One. Priced at US$89 for a complete OpenWrt One with case (or US$68.42 for a caseless One's logic board), it's ready for a wide variety of use cases...

This new product has completed full FCC compliance tests; it's confirmed that OpenWrt met all of the FCC compliance requirements. Industry "conventional wisdom" often argues that FCC requirements somehow conflict with the software right to repair. SFC has long argued that's pure FUD. We at SFC and OpenWrt have now proved copyleft compliance, the software right to repair, and FCC requirements are all attainable in one product!

You can order an OpenWrt One now! Since today is the traditional day in the USA when folks buy gifts for love ones, we urge you to invest in a wireless router that can last! We do expect that for orders placed today, sellers will deliver by December 22 in most countries... Regardless of where you buy from, for every purchase of a new OpenWrt One, a US$10 donation will go to the OpenWrt earmarked fund at Software Freedom Conservancy. Your purchase not only improves your software right to repair, but also helps OpenWrt and SFC continue to improve the important software and software freedom on which we all rely!
LWN.net points out that OpenWrt has also "served as the base on which a lot of network-oriented development (including the bufferbloat-reduction work) has been done." The OpenWrt One was designed to be a functional network router that would serve as a useful tool for the development of OpenWrt itself. To that end, the hope was to create a device that was entirely supported by upstream free software, and which was as unbrickable as it could be... The OpenWrt One comes with a two-core Arm Cortex-A53 processor, 1GB of RAM, and 256MB of NAND flash memory. There is also a separate, read-only 16MB NOR flash array in the device. Normally, the OpenWrt One will boot and run from the NAND flash, but there is a small switch in the back that will cause it to boot from the NOR instead. This is a bricking-resistance feature; should a software load break the device, it can be recovered by booting from NOR and flashing a new image into the NAND array. ..

After booting into the new image, the One behaved like any other OpenWrt router... What could be more interesting is seeing this router get into the hands of developers and enthusiasts who will use it to make OpenWrt (and other small-system distributions) better.
Long-time Slashdot reader dumfrac writes: The intent to build the device was announced on the OpenWRT forums earlier this year. It is based on MediaTek MT7981B (Filogic 820) SoC and MediaTek MT7976C dual-band WiFi 6 chipset and the board is made by Banana Pi. A poll to select the logo was run in April on the OpenWRT forums, and now the hardware is available for purchase. .

LWN: The long-awaited release of the GNU Image Manipulation Program (GIMP) 3.0 is on the way, marking the first major update since version 2.10 was released in April 2018. It now features a GTK 3 user interface and GIMP 3.0 introduces significant changes to the core platform and plugins. This release also brings performance and usability improvements, as well as more compatibility with Wayland and complex input sources.

GIMP 3.0 is the first release to use GTK 3, a more modern foundation than the GTK 2 base of prior releases. GTK 4 has been available for a few years now, and is on the project's radar, but the plan was always to finish the GTK 3 work first. Moving to GTK 3 brings initial Wayland compatibility and HiDPI scaling. In addition, this allows for GIMP users to take advantage of multi-touch input, bringing pinch-to-zoom gestures to the program, and offering a better experience when working with complex peripherals, such as advanced drawing tablets. These features were not previously possible due to the limitations of GTK 2.

A secondary result of the transition to GTK 3 is a refreshed user interface (UI), now with support for CSS themes included. In this release, four themes are available by default, including light, dark, and gray themes, along with a high-contrast theme for users with visual impairments. Additionally, this release has transitioned to using GTK's header bar component, typically used to combine an application's toolbar and title bar into one unit. To maintain familiarity with previous releases, however, GIMP 3.0 still supports the traditional menu interface.

An anonymous reader quotes a report from ZDNet, written by Steven Vaughan-Nichols: At KubeCon North America, SUSE announced a significant rebranding effort, several new product offerings, and the launch of SUSE AI, a secure platform for deploying and running generative AI (gen AI) applications. SUSE has renamed its entire portfolio to make product names more descriptive and customer-friendly. Notable changes include:

- Rancher, SUSE's Kubernetes offering, is now SUSE Rancher.
- Liberty Linux, the company's Red Hat Enterprise Linux (RHEL)/CentOS clone and support offering, becomes SUSE Multi Linux Support.
- Harvester is rebranded as SUSE Virtualization
- Longhorn is now SUSE Storage.

[...] Also, like everyone else, SUSE now has an AI offering: SUSE AI. This isn't an AI chatbot, like Red Hat's Lightspeed AI tool. No, it's a secure platform for deploying and running gen AI applications. This new offering addresses key challenges faced by enterprises as they move from AI experimentation to deployment, particularly in areas of security and compliance. These are SUSE AI's top features, as highlighted by Vaughan-Nichols:

1. Security by Design: SUSE AI provides security and certifications at the software infrastructure level, along with zero-trust security tools, templates, and compliance playbooks.
2. Multifaceted Trust: The platform ensures that generated data is correct and private customer and IP data remain secure. It supports deployment across various environments, including on-premise, hybrid, cloud, and air-gapped setups.
3. Choice and Flexibility: SUSE AI allows customers to select and deploy their preferred AI components and LLMs.
4. Simplified Operations: The platform provides simplified cluster operations, persistent storage, and easy access to pre-configured shared tools and services.

Back in the mid-1980s Mark Roth was in 5th grade when the game ChipWits "helped kindle his interest in coding," according to an online biography. ("By middle school, he wrote his first Commodore 64 assembler and by high school he authored a 3D Graphics library for DOS.")

And 40 years later, Slashdot reader markroth8 writes that the programming puzzle/logic game "inspired many people to become professional coders": ChipWits was first released for Mac in 1984, and was later ported to Commodore 64 and Apple II in 1985. To celebrate the game's 40th anniversary, the team behind the new Steam reboot of ChipWits (including its original co-creator Doug Sharp, also of fame for the game King of Chicago) is announcing the recovery and open source release of the original game's source code, written in the FORTH programming language, for both Mac and Commodore 64 platforms.

Recovering data from 40-year old 5.25" and 3.5" disks was a challenge in and of itself, and most of the data survived unscathed! It's interesting to read the 40-year-old code, and compare it to modern game development.
"Our goal for open sourcing the original version of ChipWits is to ensure its legacy lives on," according to the announcement. (It adds that "We also wanted to share an appreciation for what cross-platform software development for 8-bit microcomputers was like in 1984.")

The GitHub Secure Open Source Fund launched this week with an initial commitment of $1.25 million, reports TechCrunch, using "capital from contributors including American Express, 1Password, Shopify, Stripe, and GitHub's own parent company Microsoft." GitHub briefly teased the new initiative at its annual GitHub Universe developer conference last month, but Tuesday it announced full details and formally opened the program for applicants, which will be reviewed "on a rolling basis" through the closing date of January 7, 2025, with programming and funding starting shortly after...

Tuesday's news builds on a number of previous GitHub initiatives designed to support project maintainers that work on key components of critical software, including GitHub Sponsors which landed in 2019 (and which is powering the new fund), but more directly the GitHub Accelerator program that launched its first cohort last year — the GitHub Secure Open Source Fund is essentially an extension of that.

"We're trying to acknowledge the fact that we're the home of open source, ultimately, and we have an obligation to help ensure that open source can continue to thrive and have the support that it needs," GitHub Chief Operating Officer Kyle Daigle told TechCrunch in an interview. Qualifying projects can be pretty much any project that has an open source license, but of course GitHub will be looking at those that need the funds most — so Kubernetes can hold fire with its application. "We're looking for the outsized impact, which tends to be big projects with few maintainers that we all rely on," Daigle said.

The sum of $1.25 million might sound like a reasonable amount, but it will be split across 125 projects, which means just $10,000 each — better than nothing, for sure, but a drop in the ocean on the grand scheme of things. However, Daigle is quick to stress that money is only part of the prize here — as with the initial accelerator program, maintainers embark on a three-week program, which includes mentorship, certification, education workshops, and ongoing access to GitHub tools.
From GitHub's announcement: Since introducing support for organizations through GitHub Sponsors, more than 5,800 organizations, including Microsoft and Stripe, have invested in maintainers and projects on GitHub, up nearly 40% YoY. Cumulatively, the platform has unlocked over $60 million in funding for maintainers to help them spend more time working on their projects.

But we know we're just scratching the surface when it comes to organizations and corporate support of open source. This summer, we partnered with the Linux Foundation and researchers from Laboratory for Innovation Science at Harvard (LISH) to learn more about the state of open source funding today. Diving in, we assessed organizations funding behaviors, potential misalignments, and opportunities to improve. In the report launched today, we found:


- Responding organizations annually invest $1.7 billion in open source, which can be extrapolated to estimate that approximately $7.7 billion is invested across the entire open source ecosystem annually.

- 86% of investment is in the form of contribution labor by employees and contractors working for the funding organization, with the remaining 14% being direct financial contributions.

- Organizations generally know how and where they contribute (65%) but lack specific clarity of their contributions (38%).

- Security efforts focus on bugs and maintenance; only a few (6%) said comprehensive security audits are a priority.


We all stand to benefit from unlocking more funding for open source. By tackling problems like open source security as an ecosystem, we believe we can help create more available funding and resources that are vital to the sustainability of open source. Not every open source project or maintainer has access to funding and training for security. That's why we created a fund that everyone potentially eligible can apply for...

This is the beginning of a journey into helping find ways to secure open source. On its own, it's not the answer, but we are confident it will help. We will be monitoring the impact of these investments and share what we learn as we go.