Language Selection

English French German Italian Portuguese Spanish

Sci/Tech

Accurate Conclusions from Bogus Data: Methodological Issues in “Collaboration in the open-source arena: The WebKit case”

Filed under
Sci/Tech

Nearly five years ago, when I was in grad school, I stumbled across the paper Collaboration in the open-source arena: The WebKit case when trying to figure out what I would do for a course project in network theory (i.e. graph theory, not computer networking; I’ll use the words “graph” and “network” interchangeably). The paper evaluates collaboration networks, which are graphs where collaborators are represented by nodes and relationships between collaborators are represented by edges. Our professor had used collaboration networks as examples during lecture, so it seemed at least mildly relevant to our class, and I wound up writing a critique on this paper for the class project. In this paper, the authors construct collaboration networks for WebKit by examining the project’s changelog files to define relationships between developers. They perform “community detection” to visually group developers who work closely together into separate clusters in the graphs. Then, the authors use those graphs to arrive at various conclusions about WebKit (e.g. “[e]ven if Samsung and Apple are involved in expensive patent wars in the courts and stopped collaborating on hardware components, their contributions remained strong and central within the WebKit open source project,” regarding the period from 2008 to 2013).

At the time, I contacted the authors to let them know about some serious problems I found with their work. Then I left the paper sitting in a short-term to-do pile on my desk, where it has been sitting since Obama was president, waiting for me to finally write this blog post. Unfortunately, nearly five years later, the authors’ email addresses no longer work, which is not very surprising after so long — since I’m no longer a student, the email I originally used to contact them doesn’t work anymore either — so I was unable to contact them again to let them know that I was finally going to publish this blog post. Anyway, suffice to say that the conclusions of the paper were all correct; however, the networks used to arrive at those conclusions suffered from three different mistakes, each of which was, on its own, serious enough to invalidate the entire work.

So if the analysis of the networks was bogus, how did the authors arrive at correct conclusions anyway? The answer is confirmation bias. The study was performed by visually looking at networks and then coming to non-rigorous conclusions about the networks, and by researching the WebKit community to learn what is going on with the major companies involved in the project. The authors arrived at correct conclusions because they did a good job at the later, then saw what they wanted to see in the graphs.

I don’t want to be too harsh on the authors of this paper, though, because they decided to publish their raw data and methodology on the internet. They even published the python scripts they used to convert WebKit changelogs into collaboration graphs. Had they not done so, there is no way I would have noticed the third (and most important) mistake that I’ll discuss below, and I wouldn’t have been able to confirm my suspicions about the second mistake. You would not be reading this right now, and likely nobody would ever have realized the problems with the paper. The authors of most scientific papers are not nearly so transparent: many researchers today consider their source code and raw data to be either proprietary secrets to be guarded, or simply not important enough to merit publication. The authors of this paper deserve to be commended, not penalized, for their openness. Mistakes are normal in research papers, and open data is by far the best way for us to be able to detect mistakes when they happen.

Read more

LabPlot 2.8.1 released

Filed under
KDE
Software
Sci/Tech

We’re happy to announce the availability of the first minor patch release of the big release we made two months ago. This release contains minor improvements and bug fixes only.

In the plot we now allow to change the background color for axis labels. This is useful if you place the axis labels above the axis line and don’t want to see an underlying line in the bounding box of the label. The default setting is that the background remain transparent.

For the cursor, the tool used to measure positions and distances in the plots, we now allow you to copy the values in the result window to the clipboard.

When pasting new values into LabPlot’s spreadsheet, the auto-detection of the datatime format has been improved. We now better recognize the different formats produced in external programs and being pasted into LabPlot.

Many smaller improvements were included in the dialog for the creation of the live-data sources related to the handling of errors coming from remote servers like MQTT brokers, etc. Besides the more stable behavior, the user now also gets clearer notifications about what went wrong. Furthermore, when reading live data it is possible to generate the timestamp column in LabPlot for the data being read also for TCP and UDP network sources. This was only possible for MQTT sources in the past.

Read more

JASP: A Less Complicated Free Open-source SPSS Alternative for Advanced Statistics

Filed under
Software
Sci/Tech

I had a run with many open-source statistics software and packages, but JASP was truly unique among them.

JASP is a free open-source complete statistical package supported by University of Amsterdam. It's a multi-platform program that runs on Windows, Linux and macOS.

It's designed for users who want to do some statistical work without having to deal with programming or dive deep in learning complex statistical programs. It's a recommended option for students and researchers.

Read more

Senaite: An Open-source Enterprise-grade Laboratory Information Management System (LIMS)

Filed under
OSS
Sci/Tech

Senaite is a free open-source self-hosted laboratory information management system (LIMS) that built for enterprise. It offers several features which are cost and resources effective with a rich set of add-ons and a strong supportive community of developers behind it.

In this article we demonstrate Senaite's features and how it helps enterprise through an efficient management for labs, lab equipments and reduce the turnaround time.

Read more

NASA ROSES-20 Amendment 64: Release of Final text of E.8 Supplemental Open Source Software Awards

Filed under
OSS
Sci/Tech
Legal

Supplemental open source software awards are used to encourage the conversion of legacy software into modern code to be released under a generally accepted, open source license (e.g., Apache-2, BSD-2-clause, GPL). The supplement would add a software component to their previously selected "parent" research and analysis award.

ROSES-2020 Amendment 64 Releases Final text for E.8 Supplemental Open Source Software Awards. Notices of Intent are not requested. Proposals will be accepted on a rolling basis with a final due date of April 14, 2021.

Read more

Chemtool: Open-source Chemical Structure drawing program

Filed under
Software
Sci/Tech

Chemtool is a lightweight application for drawing chemical structures like organic molecules. It's originally written by Thomas Volk from Germany. Later on, more developers came to aid for development and code maintenance.

[...]

The program is created for Linux X systems, it does not work on Windows or macOS.

License

Chemtool is released under GNU General Public License.

Read more

Stellarium 0.20.3 Released with Tons of Changes [Ubuntu PPA]

Filed under
Software
Sci/Tech
SciFi

Free-software planetarium Stellarium 0.20.3 was released a day ago with numerous changes. Here’s how to install it in Ubuntu 18.04, Ubuntu 20.04 via PPA.

Stellarium 0.20.3 fixed nutation and, with it, season beginning times, included many changes in AstroCalc tool, Oculars and Satellites plugins, and updated DSO catalog.

Read more

LabPlot 2.8 Released

Filed under
KDE
Software
Sci/Tech

In 2.8 we made it easier to access many online resources that provide data sets for educational purposes. These data sets cover a variety of different areas, such as physics, statistics, medicine, etc., and are usually organized in collections.

Read more

“It Just Works”: An Interview with Dexai Robotics

Filed under
Linux
Interviews
Sci/Tech

The simulators wind up using a lot of computational power, which is one of the reasons why we use System76. Portability is another. I really like the fact that I can run the full software stack on a laptop that I can always have with me. Previously, we had desktops sitting around in a lab environment, and people were often having to sign into them and borrow them. We needed a solution for new hires to have a computer they can rely on at all times.

A co-worker mentioned that she bought a machine from you guys back in 2019. After she recommended it, I did a little bit of digging online for the best Linux laptops available, and you all were named a fair amount in those searches—so I ordered one. I was pleasantly surprised with how it just worked right out of the box. I wasn’t fiddling with drivers, I wasn’t dealing with bootloader problems and figuring out how to get a working desktop environment up; I just opened it up and installed a bunch of software and I was ready to go.

Read more

CAELinux 2020: Linux for engineering

Filed under
GNU
Linux
Sci/Tech

CAELinux is a distribution focused on computer-aided engineering (CAE) maintained by Joël Cugnoni. Designed with students and academics in mind, the distribution is loaded with open-source software that can be used to model everything from pig livers to airfoils. Cugnoni's latest release, CAELinux 2020, was made on August 11; readers with engineering interests may want to take a look.

CAELinux's first stable version was released in 2007 and was based on PCLinuxOS 2007. The distribution was created to make the GPL-licensed finite element analysis tool Salome-Meca easier to obtain. CAELinux 2020 is now the eighth release of the distribution, which is based on Xubuntu 18.04 LTS, and has expanded its focus over the years into an impressive array of open-source CAE-related tools.

The minimum requirements for CAELinux 2020 are a x86-64 platform with 4GB of RAM for "simple analysis." For professional use, the project recommends 8GB of RAM or more with a "modern AMD/NVidia graphic card." The entire distribution can be run from an 8GB USB memory drive, with the option to install it to disk (35GB minimum). For those users (like me) who wanted to run the distribution as a virtual machine, the project recommends the commercial VMware Player over the open-source VirtualBox project due to "some graphical limitations" of VirtualBox.

There are too many different software packages unique to the CAELinux distribution to cover them all in a single article. Since the distribution is built on top of Xubuntu, CAELinux comes with all of the standard tools available in the base distribution. In addition to the standard packages, however, CAELinux bundles CAE pre/post processors, CAD and CAM software, finite element solvers, computational fluid dynamics applications, circuit board design tools, biomedical image processing software, and a large array of programming language packages. A review of the release announcement provides a full list of the specific open-source projects available, including a few web-based tools that merely launch the included browser to the appropriate URL.

It would be impossible for me to claim familiarity with the full range of tools provided, but I was familiar with many. For example, FreeCAD has been written about at LWN, and CAMLab was used in our article on open-source CNC manufacturing. I have personally used other bundled packages like FlatCAM for isolation routing of homemade circuit boards and Cura to slice 3D models for printing. What was particularly neat about exploring the distribution was getting introduced to new open-source software that matched my interests. I discovered KiCad EDA's PCB Calculator utility (simple, but handy), and I am looking forward to checking out CAMotics as another CAM alternative for my CNC router.

Read more

Syndicate content

More in Tux Machines

Programming Leftovers

  • Better Fujitsu A64FX Support Arrives For GCC, LLVM Clang Compilers - Phoronix

    The high performance Fujitsu A64FX ARM processor now has the possibility of performing even better if relying upon the upstream open-source compilers from GCC and LLVM. The Fujitsu A64FX, which powers the "Fugaku" supercomputer among other accomplishments, has seen open-source compiler work going back a year while now the latest upstream GNU Compiler Collection (GCC) and LLVM Clang are seeing more complete support.

  • 4 DevOps books to read this year | Opensource.com

    We have just entered 2021, and DevOps will become much more relevant. It is smack dab in the spotlight given that the world is experiencing a pandemic and businesses are fighting to stay digitally relevant and competitive.

  • Vger security analysis

    I would like to share about Vger internals in regards to how the security was thought to protect vger users and host systems.

  • After years of dithering companies are embracing automation

    Bosses have boasted of automating their operations for years without an awful lot to show for it. Covid-19 has spurred them to put their money where their mouths are. Hernan Saenz of Bain, a consultancy, reckons that between now and 2030 American firms will invest $10trn in automation. Nigel Vaz, chief executive of Publicis Sapient, a big digital consultancy, says that the downturn offers bosses the perfect cover. “The unrelenting pressure for short-term financial results from investors has temporarily been suspended,” he says. “Firms are not just going back pre-pandemic, but completely reimagining how they work,” says Susan Lund, co-author of a forthcoming report from the McKinsey Global Institute, a think-tank. A recent survey by the institute’s sister consultancy found that two-thirds of global firms are doubling down on automation.

  • Dirk Eddelbuettel: Rcpp 1.0.6: Some Updates

    The Rcpp team is proud to announce release 1.0.6 of Rcpp which arrived at CRAN earlier today, and has been uploaded to Debian too. Windows and macOS builds should appear at CRAN in the next few days. This marks the first release on the new six-months cycle announced with release 1.0.5 in July. As reminder, interim ‘dev’ or ‘rc’ releases will often be available in the Rcpp drat repo; this cycle there were four. Rcpp has become the most popular way of enhancing R with C or C++ code. As of today, 2174 packages on CRAN depend on Rcpp for making analytical code go faster and further (which is an 8.5% increase just since the last release), along with 207 in BioConductor.

  • Use Bash Strict Mode (Unless You Love Debugging)

    Let's start with the punchline. Your bash scripts will be more robust, reliable and maintainable if you start them like this:

    	#!/bin/bash
    	set -euo pipefail
    	IFS=$'\n\t'
     

    I call this the unofficial bash strict mode. This causes bash to behave in a way that makes many classes of subtle bugs impossible. You'll spend much less time debugging, and also avoid having unexpected complications in production.

    There is a short-term downside: these settings make certain common bash idioms harder to work with. Most have simple workarounds, detailed below: jump to Issues & Solutions. But first, let's look at what these obscure lines actually do.

  • Java Built-In Functional Interfaces Cheatsheet and Examples

    In order to use lambda expressions in Java 8, you need a functional interface. For most of your needs, you can use the already built ones in Java which are as follows...

Proprietary Software and Digital Restrictions (DRM)

  • GitHub still won’t explain if it fired someone for saying ‘Nazi,’ and employees are pissed

    The current conflict began the day of the riots in Washington, DC when a Jewish employee told co-workers: “stay safe homies, nazis are about.” Some colleagues took offense to the language, although neo-Nazi organizations were, in fact, present at the riots. One engineer responded: “This is untasteful conduct for workplace [in my opinion], people have the right to protest period.”

  • Amazon Web Services opens first office in Greece

    It said services covered areas from big data analytics and mobile, web and social media applications to enterprise business applications and the internet of things.

  • Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes

    Researchers believe the vulnerability, tracked as CVE-2021-1647, has been exploited for the past three months and was leveraged by hackers as part of the massive SolarWinds attack. Last month, Microsoft said state-sponsored hackers had compromised its internal network and leveraged additional Microsoft products to conduct further attacks.

    Affected versions of Microsoft Malware Protection Engine range from 1.1.17600.5 to 1.1.17700.4 running on Windows 10, Windows 7 and 2004 Windows Server, according to the security bulletin.

  • Making Clouds Rain :: Remote Code Execution in Microsoft Office 365

    TL;DR; This post is a story on how I found and exploited CVE-2020-168751, a remote code execution vulnerability in Exchange Online and bypassed two different patches for the vulnerability. Exchange Online is part of the Office 365 suite that impacted multiple cloud servers operated by Microsoft that could have resulted in the access to millions of corporate email accounts.

  • Dropbox lays off 11% of its workforce as COO departs

    Dropbox in November provided revenue guidance of $497 million to $499 million for the fourth quarter. The company said at the time that it’s aiming to achieve margins of 28% to 30% in the long term.

  • Technical Error 'Saw 150,000 U.K. Police Records Wiped' From Databases

    Police have been asked to assess if there is a threat to public safety after it was revealed that thousands of police records were deleted in error, including data on fingerprints, DNA, and arrest histories.

    The error, first reported in the Times, saw 150,000 files lost, with fears it could mean offenders go free. A coding error is thought to have caused the earmarking of the files for deletion.

    The U.K. Home Office said the lost entries related to people who were arrested and then released without further action and no records of criminal or dangerous people had been deleted. Home secretary Priti Patel is now under pressure to explain the mistake, which the opposition Labour party said "presents huge dangers" for public safety.

  • January 2021 Linux Foundation Newsletter: Bootcamp Sale, SolarWinds Orion, New Kubernetes & WebAssembly Classes, LFX Webinar Series
  • How I hijacked the top-level domain of a sovereign state

    Note: This issue has been resolved and the .cd ccTLD no longer sends NS delegations to the compromised domain.

    TL;DR: Imagine what could happen if the country-code top-level domain (ccTLD) of a sovereign state fell into the wrong hands. Here’s how I (@Almroot) bought the domain name used in the NS delegations for the ccTLD of the Democratic Republic of Congo (.cd) and temporarily took over 50% of all DNS traffic for the TLD that could have been exploited for MITM or other abuse.

  • Apple begins blocking M1 Mac users from side loading iPhone and iPad applications

    As a refresher, Apple Silicon Macs allow users to run iOS and iPad applications on their Mac, but developers can opt out of allowing their apps to be installed on the Mac. This is the path that many developers have taken, making the necessary change in App Store Connect to remove their app from the Mac App Store.

    But with that being said, until today, you could manually install iOS apps like Netflix, Instagram, and Facebook on an M1 Mac by using their respective IPA files downloaded under a valid Apple ID. Many people were using tools such as iMazing to complete this process.

    9to5Mac has now confirmed that, starting today, this is no longer possible unless the application is available on the Mac App Store. Apple has flipped the necessary sever-side switch to block iPhone and iPad applications from being installed on Apple Silicon Macs.

  • Apple is blocking Apple Silicon Mac users from sideloading iPhone apps

    Apple has turned off users’ ability to unofficially install iOS apps onto their M1 Macs (via 9to5Mac). While iOS apps are still available in the Mac App Store, many apps, such as Dark Sky and Netflix, don’t have their developer’s approval to be run on macOS. Up until now, there was a workaround that allowed the use of third-party software to install the apps without having to use the Mac App Store, but it seems like Apple has remotely disabled it.

    When we tried to install an unsupported app on an M1 Mac running macOS 11.1, we got an error message saying that we couldn’t install it and should “try again later”. You can see a screenshot at the top of this article.

  • Apple TV Plus Free Subscriptions Extended Again, This Time Through July 2021

    The tech giant is extending the free-access period for Apple TV Plus customers who have signed up through its 12-month free subscription offer through July 2021. That’s after it had previously pushed that gratis period to February. So if you were among the first to take the one-year-free deal back in November 2019, that’s turned into 21 months free of Apple TV Plus.

  • Spotify Enters Settlement Talks With PRO Music Rights Founder Jake P. Noch

    But a new legal filing, shared with DMN this afternoon, reveals that Spotify and Noch have officially entered settlement talks. The involved parties “jointly” moved for a 60-day stay, “including discovery and all deadlines,” so that they can “attempt to negotiate a resolution of this matter,” the three-page-long document (dated January 13th, 2021) indicates.

    Furthermore, the filing specifies that Sosa Entertainment, Jake P. Noch, and Spotify “have recently made progress towards a potential resolution of the litigation.” The joint motion doesn’t elaborate upon the terms of this possible agreement – though Noch said in a statement that he’s eager to begin working towards an “excellent resolution” in earnest.

  • The FSF fights for your right to repair

    It is this example of automated vehicles that served as inspiration for the FSF's animated video Fight to Repair.

    However, any technology we use could potentially be co-opted by the proprietary, DRM-controlled subscription model Tesla and the tractor manufacturers are proposing. Imagine your "smart home" having a broken lock, or worse, being broken into, and not having the control, or the simple right to repair the bug. Countless other examples can be found showing us that the key to a free future is the right to repair. We need to fight for a future in which the software used is free in order to maintain ownership and control not only over our technology, but over our lives.

Debian Developers: Christian Kastner, Junichi Uekawa, and Michael Prokop

  • Christian Kastner: Keeping your Workstation Silent

    I've tried numerous coolers in the past, some of monstrous proportions (always thinking that more mass must be better, and reputable brands are equally good), but I was never really satisfied; hence, I was doubtful that trying yet another cooler would make a difference. I'm glad I tried the Noctua NH-D15 anyway. With some tweaking to the fan profile in the BIOS, it's totally inaudible at normal to medium workloads, and just a very gentle hum at full load—subtle enough to disappear in the background. For the past decade, I've also regularly purchased sound-proofed cases, but this habit appears anachronistic now. Years ago, sound-proofed cases helped contain the noise of a few HDDs. However, all of my boxes now contain NVMe drives (which, to me, are the biggest improvement to computing since CPUs going multi-core). On the other hand, some of my boxes now contain powerful GPUs used for GPGPU computing, and with the recent higher-end Nvidia and AMD cards all pulling in over 300W, there is a lot of heat to manage. The best way to quickly dump heat is with good airflow. Sound-proofing works against that. Its insulation restricts airflow, which ultimately causes even more noise, as the GPU's fans need to spin at very high RPMs. This is, of course, totally obvious in hindsight.

  • Junichi Uekawa: It's been 20 years since I became a Debian Developer.

    It's been 20 years since I became a Debian Developer. Lots of fun things happened, and I think fondly of the team. I am no longer active for the past 10 years due to family reasons, and it's surprising that I have been inactive for that long. I still use Debian, and I still participate in the local Debian meetings.

  • Michael Prokop: Revisiting 2020

    Mainly to recall what happened last year and to give thoughts and plan for the upcoming year(s) I’m once again revisiting my previous year (previous editions: 2019, 2018, 2017, 2016, 2015, 2014, 2013 + 2012). Due to the Coronavirus disease (COVID-19) pandemic, 2020 was special™ for several reasons, but overall I consider myself and my family privileged and am very grateful for that. In terms of IT events, I planned to attend Grazer Linuxdays and DebConf in Haifa/Israel. Sadly Grazer Linuxdays didn’t take place at all, and DebConf took place online instead (which I didn’t really participate in for several reasons). I took part in the well organized DENOG12 + ATNOG 2020/1 online meetings. I still organize our monthly Security Treff Graz (STG) meetups, and for half of the year, those meetings took place online (which worked OK-ish overall IMO). Only at the beginning of 2020, I managed to play Badminton (still playing in the highest available training class (in german: “Kader”) at the University of Graz / Universitäts-Sportinstitut, USI). For the rest of the year – except for ~2 weeks in October or so – the sessions couldn’t occur. Plenty of concerts I planned to attend were cancelled for obvious reasons, including the ones I would have played myself. But I managed to attend Jazz Redoute 2020 – Dom im Berg, Martin Grubinger in Musikverein Graz and Emiliano Sampaio’s Mega Mereneu Project at WIST Moserhofgasse (all before the corona situation kicked in). The concert from Tonč Feinig & RTV Slovenia Big Band occurred under strict regulations in Summer. At the beginning of 2020, I also visited Literaturshow “Roboter mit Senf” at Literaturhaus Graz.

Games: Familiars.io, Valve and Godot

  • Familiars.io is a MMO monster catching game where the creatures have permadeath

    Well this is quite unusual. You've played monster catching games before but not like this. Familiars.io put a fresh spin on it all and it's quite ingenious. Developed as a pixel-art retro-looking browser game, it's super accessible since you can play it on pretty much anything that can run some simple graphics in a browser window. It's an MMO too, so you can join up with others and chill out. When you want to, go off and catch some monsters, engage is some PvP and perhaps find a new favourite game waiting for you.

  • What we expect to come from Valve to help Linux gaming in 2021 | GamingOnLinux

    By now you've probably heard either through us in our previous article or elsewhere that Valve are cooking something up to help Linux gaming even further. We have an idea on what one part of it is. Valve already do quite a lot. There's the Steam Play Proton compatibility layer, the new container runtime feature to have Linux games both natively supported and Windows games in Proton run through a contained system to ensure compatibility, their work on Mesa drivers and much more. In Valve's review of Steam in 2020 that we covered in the link above, one thing caught our eye and has been gaining attention. Valve mentioned for 2021 they will be "putting together new ways for prospective users to get into Linux gaming and experience these improvements" so what exactly does that mean? Well, a big part of that might have already been suggested directly.

  • Godot Engine - Dev snapshot: Godot 3.2.4 beta 6

    While our main focus stays on the 4.0 branch, the current stable 3.2 branch is receiving a lot of great improvements, and the upcoming 3.2.4 release is going to be packed with many new features.