Language Selection

English French German Italian Portuguese Spanish

Linux.com

Syndicate content
News For Open Source Professionals
Updated: 1 hour 4 min ago

Learn the main Linux OS components

Friday 21st of February 2020 01:03:59 PM

Evolved from Unix, Linux provides users with a low-cost, secure way to manage their data center infrastructure. Due to its open source architecture, Linux can be tricky to learn and requires command-line interface knowledge as well as the expectation of inconsistent documentation.

In short, Linux is an OS. But Linux has some features and licensing options that set it apart from Microsoft and Apple OSes. To understand what Linux can do, it helps to understand the different Linux OS components and associated lingo.

Take a look at these terms to discover how the OS works and how it differs from Microsoft and Apple offerings.

[Source: TechTarget]

The post Learn the main Linux OS components appeared first on Linux.com.

How to find what you’re looking for on Linux with find

Friday 21st of February 2020 01:03:54 PM

There are a number of commands for finding files on Linux systems, but there are also a huge number of options that you can deploy when looking for them. For example, you can find files not just by their names, but by their owners and/or groups, their age, their size, the assigned permissions, the last time they were accessed, the associated inodes and even whether the files belong to an account or group that no longer exists on the system and so on.

You can also specify where a search should start, how deeply into the file system the search should reach and how much the search result will tell you about the files it finds. And all these criteria can be handled by the find command.

[Source: Network World]

The post How to find what you’re looking for on Linux with find appeared first on Linux.com.

Top 10 Most Used Open Source Software: Linux Foundation Report

Friday 21st of February 2020 01:03:49 PM

Accounting for 80-90 percent of all software, Free and Open Source Software (FOSS) ecosystem is booming with high dependency usage by all sector companies. Accordingly, The Linux Foundation’s Core Infrastructure Initiative (CII) in collaboration with Harvard’s Lab for Innovation Science has released a census report titled “Vulnerabilities in the Core, a Preliminary Report and Census II of Open Source Software.”

Concluding the survey, the latest census report focusses on the health and security of foss usage. The result is based on data provided by partner Software Composition Analysis (SCA) companies and other application security companies.

[Source: Fossbytes]

The post Top 10 Most Used Open Source Software: Linux Foundation Report appeared first on Linux.com.

Pixel 5 surfaces in Android Open Source Project, hints at mid-range chip

Friday 21st of February 2020 01:03:45 PM

Every year, it seems Pixel leak season begins just a little bit earlier, like the holiday shopping season but for smartphone nerds. We’ve already seen an alleged render of the upcoming Google flagship, and possible codenames for the Pixel 5 and 5 XL — Redfin and Bramble — have turned up. Now, a code change submitted to the Android Open Source Project (AOSP) contained comments that directly mention the Pixel 5. As spotted by 9to5Google, an AOSP code change regarding Android’s Linux kernel includes a comment about testing the change on a Pixel 4 but not on a Pixel 5.

You can read the comment in full below: “Bounds sanitizer in arch/arm64/kernel/cpufeature.c makes image unbootable for Pixel 4 at 4.14 kernel. I didn’t have a chance to test it on Pixel 5 with 4.19, and preemptively disabling UBSan there now to ensure bootability.” (emphasis mine)

[Source: MobileSyrup]

The post Pixel 5 surfaces in Android Open Source Project, hints at mid-range chip appeared first on Linux.com.

GamePad: A New Open Source And 100% Linux-Dedicated Game Platform

Thursday 20th of February 2020 04:58:26 AM

Do you also believe that “Linux is not a gaming platform”? Well, it may not be the first priority of gamers. Still, if you look at the recent contribution by Linux community developers, Linux has improved a lot with support for graphics drivers and new games to provide a better gaming experience.

On that account, GamePad, a new entrant in the open game platform, launched a crowdfunding campaign on Kickstarter for its latest Linux gaming platform. Started in April 2019, GamePad is inspired by digital distribution platform, GOG (Good Old Games) for video games and films, to provide 100% Linux dedicated game platform.

[Source: Fossbytes]

The post GamePad: A New Open Source And 100% Linux-Dedicated Game Platform appeared first on Linux.com.

Enterprise open source software is growing within innovative companies

Thursday 20th of February 2020 04:58:24 AM

Red Hat has been at the forefront of the global open source discussion, fighting for software freedom in the U.S Supreme Court, and offering free tech products for cloud infrastructure, automation, AI, and much more. After conducting research and interviewing IT leaders from around the world, Red Hat released a report examining the state of enterprise open source in 2020.

950 IT leaders, unaware that Red Hat was the research sponsor, were surveyed about their practices and opinions on enterprise open source software.

[Source: Jaxenter]

The post Enterprise open source software is growing within innovative companies appeared first on Linux.com.

Amazon and commercial open source in the cloud: It’s complicated

Thursday 20th of February 2020 04:58:22 AM

Like many platform operators, Amazon has a love-hate relationship with those hosted on its platform. This is particularly true for open-source software creators, who see their products on offer on Amazon’s cloud on terms they are not happy with.

It’s a complicated relationship, which touches upon many aspects of technology, law, and social norms. The issue started becoming more pronounced and entering our turf on Big on Data, as Amazon Web Services (AWS) started offering top open-source data management products on its platform.

[Source: ZDNet]

The post Amazon and commercial open source in the cloud: It’s complicated appeared first on Linux.com.

Top 7 Anime Based Open-Source Projects

Thursday 20th of February 2020 04:58:20 AM

Anime is no longer limited only to Japan and China; it has gone global. It has attracted many people towards it because of its high-end graphics, vivid imaginations for the future, using highly advanced technologies which only find their place in our imaginations and artificial intelligence (AI) depiction in their storylines. Naturally, it serves as a means of entertainment for any kind of audience that watches it and also it could be fun to do projects related to it. And we all know Elon Musk likes anime too. Take a look at some of the popular kinds of open-source projects based on anime, have fun!

[Source: Analytics India Magazine]

The post Top 7 Anime Based Open-Source Projects appeared first on Linux.com.

How Kubernetes Became the Standard for Compute Resources

Wednesday 19th of February 2020 11:29:59 PM

2019 has been a game-changing year for the cloud-native ecosystem. There were consolidations, acquisitions of powerhouses like Red Hat Docker and Pivotal, and the emergence of players like Rancher Labs and Mirantis.

“All these consolidation and M&A in this space is an indicator of how fast the market has matured,” said Sheng Liang, co-founder and CEO of Rancher Labs, a company that offers a complete software stack for teams adopting containers.

Traditionally, emerging technologies like Kubernetes and Docker appeal to tinkerers and mega-scalers such as Facebook and Google. There was very little interest outside of that group. However, both of these technologies experienced massive adoption at the enterprise level. Suddenly, there was a massive market with huge opportunities. Almost everyone jumped in. There were players who were bringing innovative solutions and then there were players who were trying to catch up with the rest. It became very crowded very quickly.

It also changed the way innovation was happening. Early adopters were usually tech-savvy companies. Now, almost everyone is using it, even in areas that were not considered turf for Kubernetes. It changed the market dynamics as companies like Rancher Labs were witnessing unique use cases.

Liang adds, “I’ve never been in a market or technology evolution that’s happened as quickly and as dynamically as Kubernetes. When we started some five years ago, it was a very crowded space. Over time, most of our peers disappeared for one reason or the other. Either they weren’t able to adjust to the change or they chose not to adjust to some of the changes.”

In the early days of Kubernetes, the most obvious opportunity was to build Kubernetes distro and Kubernetes operations. It’s new technology. It’s known to be reasonably complex to install, upgrade, and operate.

It all changed when Google, AWS, and Microsoft entered the market. At that point, there was a stampede of vendors rushing in to provide solutions for the platform. “As soon as cloud providers like Google decided to make Kubernetes as a service and offered it for free as loss-leader to drive infrastructure consumption, we knew that the business of actually operating and supporting Kubernetes, the upside of that would be very limited,” said Liang.

Not everything was bad for non-Google players. Since cloud vendors removed all the complexity that came with Kubernetes by offering it as a service, it meant wider adoption of the technology, even by those who refrained from using it due to the overhead of operating it. It meant that Kubernetes would become ubiquitous and would become an industry standard.

“Rancher Labs was one of the very few companies that saw this as an opportunity and looked one step further than everyone else. We realized that Kubernetes was going to become the new computing standard, just the way TCP/IP became the networking standard,” said Liang.

CNCF plays a critical role in building a vibrant ecosystem around Kubernetes, creating a massive community to build, nurture and commercialize cloud-native open source technologies.

The post How Kubernetes Became the Standard for Compute Resources appeared first on Linux.com.

Linux distro review: Intel’s own Clear Linux OS

Wednesday 19th of February 2020 03:54:03 PM

Intel’s Clear Linux distribution has been getting a lot of attention lately, due to its incongruously high benchmark performance. Although the distribution was created and is managed by Intel, even AMD recommends running benchmarks of its new CPUs under Clear Linux in order to get the highest scores.

There’s not much question that Clear Linux is your best bet if you want to turn in the best possible benchmark numbers. The question not addressed here is, what’s it like to run Clear Linux as a daily driver? We were curious, so we took it for a spin.

[Source: Ars Technica]

The post Linux distro review: Intel’s own Clear Linux OS appeared first on Linux.com.

Reintroducing Telegram: privately funded private chat with open source apps

Wednesday 19th of February 2020 03:54:01 PM

Telegram is a private chat system with end-to-end encryption support and cross-platform functionality. It’s privately funded by a guy named Pavel Durov, whose only goal seems to be “fast and secure messaging that is also 100% free.”

Here in February of 2020, Telegram released an update to their mobile private message system with upgrades for profiles, new ways to “thumb” through user media, and quick access to shared media. This latest update also brings a newly redesigned People Nearby section with “fresh ways to forge new friendships.” This latest update is live for Android and iOS users now.

[Source: SlashGear]

The post Reintroducing Telegram: privately funded private chat with open source apps appeared first on Linux.com.

Red Hat’s Susan James: How Open Source is Shaping 5G

Wednesday 19th of February 2020 03:53:59 PM

Open source has been shaping the way service providers collaborate and work together, especially as globalization and 5G’s huge networks demand interoperability. After 27 years at Ericsson working with enterprise, wireline, network, and cloud organizations, telecom veteran Susan James has stepped into the role of senior director of telecommunications strategy at Red Hat. She shared her thoughts with SDxCentral on how open source is transforming the service provider ecosystem.

[Source: SDxCentral]

The post Red Hat’s Susan James: How Open Source is Shaping 5G appeared first on Linux.com.

Want to be an innovative company? Adopt enterprise open source

Wednesday 19th of February 2020 03:53:58 PM

Nearly all IT professionals (95%) agree that enterprise open source is important, with 75% of professionals citing it as “extremely important,” a Red Hat report found. Enterprise open source isn’t just a trend, but a growing movement, as 77% of respondents expect their organizations to increase open source use in the next 12 months.

“Historically, open source was seen [mainly] in web infrastructure,” said Gordon Haff, Red Hat technology evangelist. “What you’re seeing today is how open source is becoming a space where companies and individuals come together to collaborate in new areas of technology.”

[Source: TechRepublic]

The post Want to be an innovative company? Adopt enterprise open source appeared first on Linux.com.

New study from Linux Foundation and Harvard Reveal Hard Truths for Open Source Software Security

Tuesday 18th of February 2020 12:15:57 PM

The Census II analysis and report represent important steps towards understanding and addressing structural and security complexities in the modern day supply chain where open source is pervasive but not always understood. Census II identifies the most commonly used free and open source software (FOSS) components in production applications and begins to examine them for potential vulnerabilities, which can inform actions to sustain the long-term security and health of FOSS.

[Source: Core Infrastructure Initiative]

The post New study from Linux Foundation and Harvard Reveal Hard Truths for Open Source Software Security appeared first on Linux.com.

Open Source Group Wants Windows 7 Source Code In A Blank Hard drive

Monday 17th of February 2020 07:03:22 PM

Just when Microsoft ended the support for Windows 7, Free Software Foundation filed a petition demanding Windows 7 to be open source. Now, the open-source community went a little further by making another bold move. Reportedly, the FSF mailed a blank upcycled hard drive to Microsoft. The foundation wants Microsoft to send back the hard drive, but after copying Windows 7 source code in it, along with license notice. What’s even more interesting is that the foundation offers its help to Microsoft for the process to go smoother.

“It’s as easy as copying the source code, giving it a license notice, and mailing it back to us. As the author of the most popular free software license in the world, we’re ready to give them all of the help we can. All they have to do is ask,” said the Free Software Organization.

[Source: Fossbytes]

The post Open Source Group Wants Windows 7 Source Code In A Blank Hard drive appeared first on Linux.com.

Download Debian-based MX Linux 19.1 Now

Monday 17th of February 2020 07:03:21 PM

Ever find yourself bored with the same ol’ “mainstream” Linux-based operating system such as Ubuntu, Fedora, or Mint? Yeah, I get it. Sometimes you just want to dig a bit deeper and try out something a tad less known. It can be fun to distro-hop and try new things!

One such excellent Linux distribution is MX Linux. It has become wildly popular in the Linux community lately, but is still largely off the radar of those that aren’t “in the know.” Today, a new version of the operating system, MX Linux 19.1, becomes available for download. The Debian-based distro uses the Xfce desktop environment and comes pre-loaded with some great software, such as Firefox, LibreOffice, and more.

[Source: BetaNews]

The post Download Debian-based MX Linux 19.1 Now appeared first on Linux.com.

The best free and open-source alternatives to Google Keep on Android

Monday 17th of February 2020 07:03:18 PM

While it might be difficult to switch away from feature-packed products like Gmail and Google Maps, there are thankfully plenty of competitors to Google Keep. After all, you don’t need millions of data points and industry-leading artificial intelligence to make a note-taking app. In this post, we’ll be checking out some free and open-source alternatives to Google Keep, some of which even have cloud sync.

Nextcloud Notes: It’s a server application that lets you set up your own cloud storage, and with the help of some plugins, you can essentially have your own suite of Google service alternatives. Case in point: if you set up a NextCloud instance and install the free Notes extension, you get a self-hosted clone of Google Keep that you can access from the web.

[Source: Android Police]

The post The best free and open-source alternatives to Google Keep on Android appeared first on Linux.com.

Free From Epic Games Exclusivity, ‘Metro Exodus’ Is Coming To Linux

Monday 17th of February 2020 07:03:14 PM

First the good news. As of Valentine’s Day 2020, Metro Exodus has been liberated from its Epic Games exclusivity agreement and is now available to purchase on Steam. And now the great news, especially for my regular readers: it looks like Deep Silver and developer 4A Games are working on bringing the post-apocalyptic shooter to Linux.

While many Linux gamers appreciate the availability of a native version, Metro Exodus already runs on Linux thanks to “Proton,” a collaboration between CodeWeavers and Valve. “Proton” is a compatibility layer that’s built-in to the Steam for Linux client that allows literally thousands of Windows-exclusive games to be installed and played in the same way as the Steam for Windows client. No messing with Wine, no terminal tweaking.

[Source: Forbes]

The post Free From Epic Games Exclusivity, ‘Metro Exodus’ Is Coming To Linux appeared first on Linux.com.

Simplicity Does More Than Simplify Linux

Monday 17th of February 2020 07:03:05 PM

If you want a new Linux distro catering to gaming, check out the Simplicity Linux Gaming release. If you prefer a general-purpose computing platform without a gaming focus, try Simplicity’s revamped release. Either way, you will experience a no-nonsense Linux OS that requires no assembly.

Simplicity Linux, originating in the UK, is a Devuan-based distribution with Cinnamon as the default window manager desktop environment. Devuan is a fork of Debian Linux that replaces the systemd initialization processes. Disgruntled Debian community members rejected a Linux-wide trend to replace older init processes such as Upstart and System V with systemd. Initialization is a background process that starts when the computer boots and runs until the computer shuts down.

[Source: LinuxInsider.com]

The post Simplicity Does More Than Simplify Linux appeared first on Linux.com.

Baidu releases open-source tool to detect faces without masks

Monday 17th of February 2020 07:01:26 PM

Search giant Baidu has released an open-source tool to detect whether individuals in crowds are wearing face masks, as cities around the country impose rules requiring use of such protection in public spaces.

The face-scanning model uses artificial intelligence to identify people in real-time who are not wearing masks or those who are wearing them incorrectly, Baidu said on Thursday. The system can identify non-mask wearers with 96.5% accuracy, which meets the needs of routine inspections, according to the company.

Developers then only need a small amount of data to train the tool for their own use. The model was trained on a dataset of 100,000 faces, Baidu said.

[Source: TechNode]

The post Baidu releases open-source tool to detect faces without masks appeared first on Linux.com.

More in Tux Machines

Planet Changes and Cilium

  • Planet Arch Linux migration

    The software behind planet.archlinux.org was implemented in Python 2 and is no longer maintained upstream. This functionality has now been implemented in archlinux.org's archweb backend which is actively maintained but offers a slightly different experience.

  • Cilium drops 1.7 release, upping insight and manageability

    Network and API connectivity project Cilium has been released in version 1.7, providing users with a UI for observability platform Hubble and the option to apply cluster-wide network policies. Cilium is an open source project developed by US startup Isovalent to provide and secure network connectivity and load balancing for workloads such as application containers or processes. It is based on a virtual machine-like construct called Berkeley Packet Filter (BPF) which can be found in the Linux kernel.

OSS and Development

  • Someone is selling the free, open source Playnite launcher on Steam for $100

    Playnite is a free open source PC application designed to be an all-in-one answer to the growing number of game launchers we've all got on our desktops. In other words, it combines libraries from the likes of Steam, Epic Games Store, Uplay and GOG Galaxy, and then lets you organise them however you see fit. Jody tried it last year and came away impressed. I should emphasise the "free" above: it is available straight from the source here and, according to the site, "no features are locked behind a paywall and the complete source code is available under the MIT license". The MIT license basically surrenders the software to any kind of use with no restrictions, including resales.

  • uGet is an open source download manager for Windows and Linux that also supports Torrents and Video downloads

    The GUI has four panes, a menu bar and a toolbar. The Status pane in the top left corner displays all downloads and the ones which are Active, Queuing, Finished, and Recycled (deleted). The total number of downloads for each category is displayed next to its name, and you can click on any of these to see the list of items contained. Switch to the Category pane to jump between the default and the ones you have created. You can use the Category menu to add new sorting options, set the default download folder for each category, maximum active downloads, and also the maximum upload and download speeds. The pane below the toolbar is the download list pane; anything that you select in the status pane is displayed here. It shows the name, the file size of the download that has been completed, the total size, the progression percentage, time left to complete the download, and the upload/download speeds of each file. The View menu can be used to customize the columns that are displayed in the list pane, and the other visual elements of the program. Highlighting an item in the download list brings up its summary on the bottom pane.

  • Open Source Music Tagger Picard 2.3 Released With Custom MP4 Tags Support

    Free and Open source MusicBrainz announced the point release of Picard 2.3 with major changes to the user interface, tag, and desktop integration support. MusicBrainz stores all the metadata of the music and Picard is the official tag editor that helps in identifying and organizing the digital audio recording.

  • For Square Crypto, the Way to Bitcoin Mass Adoption Is Open Source

    When Jack Dorsey founded Square in February 2009, Bitcoin was all of one month old. In fact, Satoshi Nakamoto and Dorsey were likely laying the groundwork for their respective creations concurrently in the year prior. Ten years later, the two would converge in what now seems like an inevitable collision. Square launched its Venmo-like payment service, Cash App, in 2013. The application features common stock investing, and i

  • Gold-nuggeting: Machine learning tool simplifies target discovery for pen testers

    Recognizing this analogy with the precious metals industry, researchers at Delve Labs have developed Batea, an open source tool that leverages machine learning to find valuable information in network device data.

  • ’Second Revolution’ In Electronic Bond Trading

    Sri Ambati, chief executive and founder at H2O.ai, told Markets Media that the firm’s open source platform can perform one billion regressions in less than five seconds.

  • Google ‘AutoFlip’ can resize video using AI

    The way we consume video has changed a lot over the course of the last decade. We now watch videos on our mobile devices from anywhere and because of this, video content comes in a wide variety of formats. Google recognizes this shift and so last week their AI team announced ‘AutoFlip’ an open-source framework for “intelligent video reframing.”

  • This open-source framework, ‘AutoFlip’, can do automated video cropping using AI

    Many times when we see a video on mobile devices is badly cropped, it is not much you can do about it. Understanding this problem, Google’s AI’s team has built an open-source solution on top of MediaPipe, Autoflip, which can reframe a video that fits any device or dimension (landscape, portrait, etc.). AutoFlip works in three phases. The first phase includes scene detection; the second is the video content analysis, and the third is reframing. For this tool, if a video and a target dimension are given, it analyzes the video content. Later it develops optimal tracking and cropping strategies, which finally enables it to create an output video at the same time limit in the desired aspect ratio.

  • Tech Events in Africa: Nerds Unite, Open Source Festival and #CodeZone

    It’s a new week and another opportunity to meet up with like-minded people, become better in your chosen field and seal those deals for your startup. And we at TechNext want to help with a list of tech events happening around you this week.

  • An unofficial version of Brave browser brings native ARM64 support

    Privacy-focused Brave browser launched late last year after almost four years of being in the works. The browser is based on the Chromium open-source project and joins the likes of Microsoft Edge that is built on that platform. However, while Mozilla Firefox and Microsoft’s offering currently support ARM64 PCs natively in the stable channels, Brave does not. That might change, as Windows Insider MVP Jeremy Sinclair was able to compile an unofficial build of the open-source Brave browser that natively supports ARM64 PCs. The recompiled build (version 1.6.33) uses Microsoft’s ARM64 Chromium libraries and can run natively on those PCs like the Surface Pro X. Samsung Galaxy Book S. Native support results in improved performance and efficiency since the browser will not have to run in emulation.

  • The Brave web browser is taking on Google Chrome: Is it safe?

    The creator of Brave, Brendan Eich, also created JavaScript and co-founded the Mozilla Project that led to the development of the Firefox browser. Brave is based on the open-source Chromium browser that’s also the basis for Google’s Chrome, Opera and most recently Microsoft’s Chromium Edge browser. Open-source means that anyone can take the source code and build whatever they’d like out of it, but it doesn’t mean that all the browsers are the same. In the case of Brave, they chose to focus on user privacy by blocking trackers, scripts and ads by default. The natural by-product of blocking all this activity that usually goes unnoticed by the average user is faster load times. Brave can also make use of the wide variety of extensions for Chromium-based browsers via the Chrome Web Store at chrome.google.com.

  • This new tool could improve economic analysis of sub-national climate policies in the US

    Empowered by the Paris Agreement and a lack of national leadership on climate policy in the United States, state and local governments are leading on their own climate initiatives. California, New York and Colorado have set ambitious greenhouse gas emission and renewable energy targets for 2030. Just last week, Massachusetts introduced sweeping climate legislation targeting net zero emissions by 2050. As these environmental and energy policies move ahead, experts need to invest in economic data and tools that allow them to conduct robust economic analysis, to better inform policymakers, stakeholders and the public on how to design robust alternative climate and energy policies.

  • 2020 Open Access Award Finalists Named

    The Benjamin Franklin Award for Open Access in the Life Sciences is a humanitarian/bioethics award presented annually by Bioinformatics.org to an individual who has, in his or her practice, promoted free and open access to the materials and methods used in the life sciences.

  • Are we having fund yet, npm? CTO calls for patience after devs complain promised donations platform has stalled

    At the end of August, JavaScript package registry NPM Inc said it intended "to finalize and launch an Open Source funding platform by the end of 2019." But instead of a platform, what's available at the moment might be better referred to as a feature of the npm command-line interface (CLI). The announcement was received with some skepticism at the time and the project hasn't managed to defy that expectation: There was a minor milestone last November with the addition of the "fund" command to npm v6.13.0. But not much has changed since then.

  • RcppSimdJson 0.0.2: First Update!

    RcppSimdJson wraps the fantastic simdjson library by Daniel Lemire which truly impressive. Via some very clever algorithmic engineering to obtain largely branch-free code, coupled with modern C++ and newer compiler instructions, it results in persing gigabytes of JSON parsed per second which is quite mindboggling. I highly recommend the video of the recent talk by Daniel Lemire at QCon (which was also voted best talk). The best-case performance is ‘faster than CPU speed’ as use of parallel SIMD instructions and careful branch avoidance can lead to less than one cpu cycle use per byte parsed. This release syncs the simdjson headers with upstream, and polishes the build a little by conditioning on actually having a C++17 compiler rather than just suggesting it. The NEWS entry follows.

  • Nvidia Blames ‘Misunderstanding’ for Activision Faux Pas

    When Nvidia Corp. abruptly dropped Activision Blizzard Inc. games from its new GeForce Now service earlier this week, it left customers wondering what happened. Nvidia said on Tuesday that Activision had asked to have its titles removed from GeForce, but didn’t explain why. It turns out that the video-game giant wanted a commercial agreement with Nvidia before they proceeded -- and the situation stemmed from a simple misunderstanding, Nvidia said on Thursday.

Web Standards

  • Inrupt, Tim Berners-Lee's Solid, and Me

    All of this is a long-winded way of saying that I have joined a company called Inrupt that is working to bring Tim Berners-Lee's distributed data ownership model that is Solid into the mainstream. (I think of Inrupt basically as the Red Hat of Solid.) I joined the Inrupt team last summer as its Chief of Security Architecture, and have been in stealth mode until now.

    The idea behind Solid is both simple and extraordinarily powerful. Your data lives in a pod that is controlled by you. Data generated by your things -- your computer, your phone, your IoT whatever -- is written to your pod. You authorize granular access to that pod to whoever you want for whatever reason you want. Your data is no longer in a bazillion places on the Internet, controlled by you-have-no-idea-who. It's yours. If you want your insurance company to have access to your fitness data, you grant it through your pod. If you want your friends to have access to your vacation photos, you grant it through your pod. If you want your thermostat to share data with your air conditioner, you give both of them access through your pod.

  • World wide web founder scales up efforts to reshape internet
  • Sir Tim Berners-Lee's Inrupt is Redesigning the way the web is to Work and Apple is working with them on their Data Transfer Project

    Inrupt, the start-up company founded by Sir Tim Berners-Lee to redesign the way the web works, is expanding its operational team and launching pilot projects in its quest to develop a "massively scalable, production-quality technology platform."

  • Inconsistent user-experiences with native lazy-loading images

    The specification for web browser native support for lazy-loading images landed in the HTML Living Standard a week ago. This new feature lets web developers tell the browser to defer loading an image until it is scrolled into view, or it’s about to be scrolled into view. Images account for 49 % of the median webpage’s byte size, according to the HTTP Archive. Lazy image loading can help reduce these images’ impact on page load performance. It can also help lower data costs by clients that never scroll down to images far down on a page. Historically, lazy-loading was implemented by responding to changes in the scroll position and tracking the image element’s offset from the top of the page. This could degrade page-scrolling performance. Comparatively, the new native lazy loading for images is easier to implement and doesn’t degrade scrolling performance.

Security and Scare for Sale

  • Malware Attack Takes ISS World's Systems Offline

    Founded in 1901, the Copenhagen, Denmark-based company provides cleaning, support, property, catering, security, and facility management services for offices, factories, airports, hospitals, and other locations all around the world.

    At the moment, the company’s employees don’t have access to corporate systems, as they were taken offline following a malware attack earlier this week.

  • The rise and rise of ransomware [iophk: Windows TCO]
  • Security flaws belatedly fixed in open source SuiteCRM software

    According to Romano, a second-order PHP object injection vulnerability (CVE-2020-8800) in SuiteCRM could be “exploited to inject arbitrary PHP objects into the application scope, allowing an attacker to perform a variety of attacks, such as executing arbitrary PHP code”. SuiteCRM versions 7.11.11 and below are said to be vulnerable. [...] “We have put a notice on our open source community channels and advice via social media. We have a dedicated community that works around the clock to spot vulnerabilities and produce suitable fixes, which is one of the key benefits for a business when choosing to use open source software.”

  • With the rise of third-party code, zero-trust is key

    The surface area of website and web application attacks keeps growing. One reason for this is the prevalence of third-party code. When businesses build web apps, they use code from many sources, including both commercial and open-source projects, often created and maintained by both professional and amateur developers. Web application creators take advantage of third-party code because it allows them to build their websites and apps quickly. For example, companies are likely to add a third-party chat widget to their site, instead of building one from scratch. But third-party code can leave websites vulnerable. Consider the July 2018 Magecart attack on Ticketmaster. In this data breach, hackers were able to gain access to sensitive customer information on Ticketmaster's website by compromising a third-party script used to provide chatbot functionality. The challenge is that this third-party functionality runs directly on the customer's browser, and the browser is built to simply render the code sent down from a web server. It assumes that all code, whether first-party or third-party, is good.

  • New company BluBracket takes on software supply chain code security
  • BluBracket scores $6.5M seed to help secure code in distributed environments

    BluBracket, a new security startup from the folks who brought you Vera, came out of stealth today and announced a $6.5 million seed investment. Unusual Ventures led the round with participation by Point72 Ventures, SignalFire and Firebolt Ventures.