DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Google

Google Launches New Website To Showcase Its Open Source Projects and Processes (betanews.com) 30

BrianFagioli writes: Google is an essential member of the open source community. The search giant contributes some really great projects, offering code to be used many -- it claims more than 2,000 such contributions! Heck, the company even hosts the annual Summer of Code program, where it pairs students with open source projects teams. In other words, Google is helping to get young folks excited about open source. Today, Google announced that it is launching an all-new website to focus on open source. It is not a general open source site, but a destination to learn more about the search-giant's relationship with it. "Today, we're launching opensource.google.com, a new website for Google Open Source that ties together all of our initiatives with information on how we use, release, and support open source. This new site showcases the breadth and depth of our love for open source. It will contain the expected things: our programs, organizations we support, and a comprehensive list of open source projects we've released. But it also contains something unexpected: a look under the hood at how we 'do' open source," says Will Norris, Open Source Programs Office, Google.
PHP

Prominent Drupal, PHP Developer Kicked From the Drupal Project Over Unconventional Sex Life (techcrunch.com) 618

An anonymous Slashdot reader writes: Last week the Drupal community erupted in anger after its leader, Dries Buytaert, asked Larry Garfield, a prominent Drupal contributor and long-time member of the Drupal and PHP communities, "to leave the Drupal project." Buytaert claims he did this "because it came to my attention that he holds views that are in opposition with the values of the Drupal project." A huge furor has erupted in response -- not least because the reason clearly has much to do with Garfield's unconventional sex life. [Garfield is into BDSM, and is a member of the Gorean community, "a community who are interested in, and/or participate in, elaborate sexual subjugation fantasies, in which men are inherently superior to women."] Buytaert made his post (which is now offline) in response after Larry went public, outing himself to public opinion. Buytaert retorted (excerpt available via TechCrunch): "when a highly-visible community member's private views become public, controversial, and disruptive for the project, I must consider the impact [...] all people are created equally. [sic] I cannot in good faith support someone who actively promotes a philosophy that is contrary to this [...] any association with Larry's belief system is inconsistent with our project's goals [...] I recused myself from the Drupal Association's decision [to dismiss Garfield from his conference role] [...] Many have rightfully stated that I haven't made a clear case for the decision [...] I did not make the decision based on the information or beliefs conveyed in Larry's blog post." TechCrunch columnist Jon Evans goes on to "unpack" the questions that naturally arise from these "Code of Conduct conflicts."
Encryption

After 20 Years, OpenSSL Will Change To Apache License 2.0, Seeks Past Contributors (openssl.org) 107

After nearly 20 years and 31,000 commits, OpenSSL wants to change to Apache License v2.0. They're now tracking down all 400 contributors to sign new license agreements, a process expected to take several months. Slashdot reader rich_salz shares links to OpenSSL's official announcement (and their agreement-collecting web site). "This re-licensing activity will make OpenSSL, already the world's most widely-used FOSS encryption software, more convenient to incorporate in the widest possible range of free and open source software," said Mishi Choudhary, Legal Director of Software Freedom Law Center and counsel to OpenSSL. "OpenSSL's team has carefully prepared for this re-licensing, and their process will be an outstanding example of 'how to do it right.'"
Click through for some comments on the significance of this move from the Linux Foundation, Intel, and Oracle.
Businesses

SAS Mocked For Recommending 60% Proprietary Software, 40% Open Source (infoworld.com) 155

This week SAS wrote that open source technology "has its own, often unexpected costs," recommending organizations maintain a balance of 60% proprietary software to 40% open software. An anonymous reader quotes InfoWorld: How they arrived at this bizarre conclusion is hard to fathom, except that SAS sells more than $1 billion worth of proprietary software every year and presumably would like to continue, despite a clear trend toward open-source-powered analytics... In a Burtch Works survey of over 1,100 quant pros, 61.3% prefer open source R or Python to SAS, and only 38.6% opting for SAS, with that percentage growing for open source options every year.

Worse for SAS, a variety of open source data infrastructure and analytics tools threaten to encroach on its bastions in data management, business intelligence, and analytics... Nearly all innovation in data infrastructure is happening in open source, not proprietary software. That's a tide SAS can try to fight with white papers, but it would do better to join by embracing open source in its product suite.

"In the paper, SAS correctly argues that open source versus proprietary software is not an either/or decision..." writes InfoWorld, but they note that the report also "put the percentage of open source adopters at a mere 25%, which is pathetically wrong." The article suggests a hope that the report "is the product of a rogue field marketing team, and not the company's official position." Adobe's vice president of mobile commented on Twitter, "I just wonder who in their marketing dept thought this was a good idea."
GNOME

GNOME 3.24 Released (softpedia.com) 118

prisoninmate quotes a report from Softpedia: GNOME 3.24 just finished its six-month development cycle, and it's now the most advanced stable version of the modern and popular desktop environment used by default in numerous GNU/Linux distributions. It was developed since October 2016 under the GNOME 3.23.x umbrella, during which it received numerous improvements. Prominent new features of the GNOME 3.24 desktop environment include a Night Light functionality that promises to automatically shift the colors of your display to the warmer end of the spectrum after sunset, and a brand-new GNOME Control Center with redesigned Users, Keyboard and Mouse, Online Accounts, Bluetooth, and Printer panels. As for the GNOME apps, we can mention that the Nautilus file manager now lets users browse files as root (system administrator), GNOME Photos imitates Darktable's exposure and blacks adjustment tool, GNOME Music comes with ownCloud integration and lets you edit tags, and GNOME Calendar finally brings the Week view. New apps like GNOME Recipes are also part of this release. The full release notes can be viewed here. Softpedia notes in conclusion: "As mentioned before, it will take at least a couple of weeks for the new GNOME 3.24 packages to land on the stable repositories of your favorite distro, which means that you'll most probably be able to upgrade from GNOME 3.22 when the first point release, GNOME 3.24.1, is out on April 12, 2017."
Desktops (Apple)

Popular Open-Source Audio Editor Audacity Adds Windows 10 Support, More Improvements (audacityteam.org) 102

Audacity, a popular open-source and cross-platform audio editor, has received a "maintenance" update that brings several improvements. Dubbed v2.1.3, the biggest new addition appears to be support for Windows 10 OS. For Mac users, Audacity now works in tandem with the Magic Mouse. "We now support Trackpad and Magic Mouse horizontal scroll without SHIFT key and Trackpad pinch and expand to zoom at the pointer," the release note says. We also have new "Scrub Ruler" and "Scrub Toolbar" scrubbing options in the application now. Read the full changelog here.
Google

Google Releases Open Source 'Guetzli' JPEG Encoder (betanews.com) 83

BrianFagioli writes: Today, Google released yet another open source project. Called "Guetzli," it is a JPEG encoder that aims to produce even smaller image file sizes. In fact, the search giant claims a whopping 35 percent improvement over existing JPEG compression. If you are wondering why smaller file sizes are important, it is quite simple -- the web. If websites can embed smaller images, users can experience faster load times while using less data. While Google didn't aim to improve JPEG image quality with Guetzli, it seems it has arguably done so. It is subjective, but the search giant surveyed human beings and found they preferred Google's open source offering 75 percent of the time. Smaller file sizes and better image quality? Wow! Google has done something amazing here.
Businesses

GitLab Acquires Software Chat Startup Gitter, Will Open-Source the Code (venturebeat.com) 28

According to VentureBeat, "GitLab, a startup that provides open source and premium source code repository software that people use to collaborate on software, is announcing today that it has acquired Gitter, a startup that provides chat rooms that are attached to repositories of code so that collaborators can exchange messages." From the report: GitLab won't bundle it in its community edition or its enterprise edition yet, but it will open-source the Gitter code for others to build on, GitLab cofounder and CEO Sid Sijbrandij told VentureBeat in an interview. What's happening now, though, is that as part of GitLab, Gitter is launching a new feature called Topics, where people will be able to ask and answer questions -- sort of like Stack Overflow. "Although Gitter is best in class with indexing things, it's still sometimes hard to find things," Sijbrandij said. "In this Q&A product, it's a lot easier to structure the Q&A. You're not dealing so much with a chronological timeline where people have different conversations that cross each other. There's a location for every piece of knowledge, and it can grow over time." That technology is already available in beta in Gitter rooms on GitHub, and it will become available on GitLab's Gitter pages over time, Sijbrandij said.
Privacy

Notepad++ Update Fixes 'CIA Hacking' Issue (archive.org) 82

Free software Notepad++ (released under the GNU General Public License) received a new update this week which was announced under the headline "Fix CIA Hacking Notepad++ Issue". The CIA documents in WikiLeaks' 'Vault 7' included a "Notepad++ DLL Hijack" document which affected the popular Windows editor for text and source code. "It's not a vulnerability/security issue in Notepad++, but for remedying this issue, from this release (v7.3.3) forward, notepad++.exe checks the certificate validation in scilexer.dll before loading it," reads the announcement. From the Notepad++ web site: If the certificate is missing or invalid, then it just won't be loaded, and Notepad++ will fail to launch. Checking the certificate of DLL makes it harder to hack.

Note that once users' PCs are compromised, the hackers can do anything on the PCs. This solution only prevents from Notepad++ loading a CIA homemade DLL. It doesn't prevent your original notepad++.exe from being replaced by modified notepad++.exe while the CIA is controlling your PC.

The update also includes "a lot of enhancements and bug-fixes," and if no critical issues are found, "Auto-updater will be triggered in few days."
Open Source

Linux Foundation Chief: Businesses 'Will Fail' If They Don't Use Open Source Code (techrepublic.com) 109

The luminaries speaking at the Google Cloud Next conference had some strong words about the importance of openness, innovation, and a rich developer community. An anonymous reader writes: First Vint Cert said there's a "thread of openness" that runs throughout the internet, adding that "the internet, itself, has open characteristics" and thrives on "permissionless innovation." And Eric Brewer, vice president of infrastructure at Google, touched on the same themes, according to Tech Republic. "Linux, Brewer said, won some of the early internet wars because it was open, but also because it was the most innovative of its time. He also said that companies should work with open source for the value of the ecosystem and community, not just the value of the code." Then Linux Foundation executive director Jim Zemlin told the audience that business models were already changing to include open source, and ultimately made the argument that organizations that "don't harvest the shared innovation" of open source "will fail."
Data Storage

New 'USG' Firewalls Protect USB Drives From Malicious Attacks (zdnet.com) 67

A developer has created the USG, "a small, portable hardware USB firewall...to prevent malicious USB sticks and devices laden with malware from infecting your computer." An anonymous reader quotes ZDNet: The problem is that most computers automatically trust every USB device that's plugged in, which means malicious code can run without warning... Cars, cash registers, and some ATMs also come with USB ports, all of which can be vulnerable to cyberattacks from a single USB stick. That's where the USG firewall comes in...a simple hardware serial link that only accepts a very few select number of safe commands, which prevents the device from executing system commands or intercepting network traffic. That means the data can flow from the USB device, but [it] effectively blocks other USB exploits.
The firmware has been open sourced, and the technical specifications have also been released online "to allow anyone to build their own from readily available development boards."
AMD

Message For AMD: Open PSP Will Improve Security, Hinder Intel 52

futuristicrabbit writes: AMD has faced calls from Edward Snowden, Libreboot and the Reddit community to release the source code to the AMD Secure Processor (PSP), a network-capable co-processor which some believe has the capacity to act as a backdoor. Opening the PSP would not only have security benefits, but would provide AMD with a competitive advantage against rival chipmaker Intel. Lisa Su, the CEO of AMD, is reportedly seriously considering the change, and the community is working hard to make sure she makes the right decision. In an AMD AMA post via Reddit, user 1n5aN1aC provided several arguments for why the company should release the PSP source code to the Coreboot / Libreboot project (or publicly). The arguments center around security, economic incentives, advertising, brand perception, and mindshare. AMD replied: "Thanks for the inquiry. Currently we do not have plans to release source code but you make a good argument for reasons to do so. We will evaluate and find a way to work with security vendors and the community to everyone's benefit." The product manager for AMD, AMD_james, continued in response to a follow-up comment that claims AMD is "not considering it all but only want to appease the potential buyers." AMD_james replied: "Thanks for the feedback. Please believe me that this has CEO level attention and AMD is investigating the steps and resources necessary to support this. It is not the work of a minute, so please bear with us as we define what we can do." What are your arguments for (or against) the idea of AMD releasing the source code to the AMD Secure Processor?
Open Source

VMware Affirms Open Source Commitment By Becoming Gold Linux Foundation Member (betanews.com) 32

Reader BrianFagioli writes: Today, VMware showed its commitment to the open source community by becoming a Linux Foundation Gold Member. The company joins many other successful companies at that level, such as Facebook, Toshiba, and Toyota, to name a few. "VMware has been involved in open source for years, by contributing to existing open source projects as well as open sourcing some of the company's own code. This includes significant participation in and contributions to Linux Foundation projects such as Open Network Automation Platform (ONAP), Cloud Foundry and Open vSwitch, as well as other open source projects including OpenStack. Becoming a Gold member of The Linux Foundation will enable VMware to become even more active in the open source community by leveraging The Linux Foundation's experience and expertise in how to most effectively contribute to and utilize open source technology," says The Linux Foundation.
Encryption

Google Open Sources Encrypted Email Extension For Chrome (onthewire.io) 44

Last week Google released E2EMail, "a Gmail client that exchanges OpenPGP mail." Google's documentation promises that "Any email sent from the app is also automatically signed and encrypted... The target is a simple user experience -- install app, approve permissions, start reading or send sending messages." Trailrunner7 quotes On The Wire: People have been trying to find a replacement for PGP almost since the day it was released, and with limited success. Encrypted email is still difficult to use and painful to implement in most cases, but Google has just released a Chrome plugin designed to address those problems. The new E2EMail extension doesn't turn a user's Gmail inbox into an encrypted mail client. Rather, it is a replacement that gives users a separate inbox for encrypted messages. The system is built on Google's end-to-end encryption library, and the company has released E2EMail as an open-source project.
Wired quotes a web security researcher who calls the open sourcing "a telltale sign the project isn't going anywhere. This is a way for them to get their work out there but to absolve themselves of future obligations." But Google's privacy and security product manager responds that they're tackling some very thorny issues like secure key handling, and "The reason we want to put this into the open source community is precisely because everyone cares about this so much. We don't want everyone waiting for Google to get something done."
Software

Indian State Saves $45 Million As Schools Switch To Open Source Software (factordaily.com) 88

From a report: The Kerala government has made a saving of Rs 300 crore ($45 million) through introduction and adoption of Free & Open Source Software (FOSS) in the school education sector, said a state government official on Sunday. IT became a compulsory subject in Kerala schools from 2003, but it was only in 2005 that FOSS was introduced in a phased manner and started to replace proprietary software. The decision made by the curriculum committee to implement it in the higher secondary sector has also been completed now. "It's not the cost saving that matters more, but the fact that the Free Software license enables not only teachers and students but also the general public an opportunity to copy, distribute and share the contents and use it as they wish," K. Anwar Sadath, executive director IT@School said.

Slashdot Top Deals