DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Open Source

LinuxQuestions Users Choose Their Favorite Distro: Slackware (zdnet.com) 145

ZDNet summarizes some of the surprises in this year's poll on LinuxQuestions, "one of the largest Linux groups with 550,000 member". An anonymous reader quotes their report: The winner for the most popular desktop distribution? Slackware...! Yes, one of the oldest of Linux distributions won with just over 16% of the vote. If that sounds a little odd, it is. On DistroWatch, a site that covers Linux distributions like paint, the top Linux desktop distros are Mint, Debian, Ubuntu, openSUSE, and Manjaro. Slackware comes in 28th place... With more than double the votes for any category, it appears there was vote-stuffing by Slackware fans... The mobile operating system race was a runaway for Android, with over 68% of the vote. Second place went to CyanogenMod, an Android clone, which recently went out of business...

Linux users love to debate about desktop environments. KDE Plasma Desktop took first by a hair's breadth over the popular lightweight Xfce desktop. Other well-regarded desktop environments, such as Cinnamon and MATE, got surprisingly few votes. The once popular GNOME still hasn't recovered from the blowback from its disliked design change from GNOME 2 to GNOME 3.

Firefox may struggle as a web browser in the larger world, but on Linux it's still popular. Firefox took first place with 51.7 percent of the vote. Chrome came in a distant second place, with the rest of the vote being divided between a multitude of obscure browsers.

LibreOffice won a whopping 89.6% of the vote for "best office suite" -- and Vim beat Emacs.
Security

Trend Micro's Own Cybersecurity Blog Gets Hacked (silicon.co.uk) 17

Mickeycaskill quotes Silicon: Just to illustrate that you can never be too careful, cybersecurity specialist Trend Micro has confirmed that one of the blogs it uses to communicate with customers was itself the victim of a content spoofing attack. The culprits exploited a vulnerability in WordPress to inject fake content onto the blog before it was removed by Trend Micro and the bug fixed... "Unfortunately there are many different URLs attackers can use to carry out the same attack, so a couple of fake 'articles' ended up posted on CounterMeasures," head of security research Rik Ferguson told Silicon. "We have responded and shut down the vulnerability completely to resolve the issue."
The chairman of Trend Micro claimed in 2011 that open source software was inherently less secure than closed source -- but instead of blaming Wordpress, Ferguson "said it goes to show how breaches are an unfortunate fact of life and that companies should be judged on how they respond... 'Of course technology and best practice can mitigate the vast majority of intrusion attempts, but when one is successful, even one as low-level as this, you are more defined by how you respond than you are by the fact that it happened.'"
Education

Pioneering Data Genius Hans Rosling Passes Away At Age 68 (bbc.com) 53

An anonymous reader writes: On Tuesday, Sweden's prime minister tweeted that Hans Rosling "made human progress across our world come alive for millions," and the public educator will probably best be remembered as the man who could condense 200 years of global history into four minutes. He was a geek's geek, a former professor of global health who "dropped out" because he wanted to help start a nonprofit about data. Specifically, it urged data-based decisions for global development policy, and the Gapminder foundation created the massive Trendalyzer tool which let users build their own data visualizations. Eventually they handed off the tool to Google who used it with open-source scientific datasets. The BBC describes Rosling as a "public educator" with a belief that facts "could correct 'global ignorance' about the reality of the world, which 'has never been less bad.'" Rosling's TED talks include "The Best Data You've Never Seen" and "How Not To Be Ignorant About The World," and in 2015 he also gave a talk titled "How to Beat Ebola." Hans Rosling died Tuesday at age 68.
Hardware Hacking

Reporter Pans Open Source Laptop Kit TERES-I (theverge.com) 133

The Verge's Paul Miller has some harsh words for the $242 open source DIY laptop kit TERES-I from Olimex. Instead of buying one hyper-integrated board that has all of the laptop's brains and I/O on it, you buy several little boards and wire them together. Then you put them inside a mostly finished case built by Olimex -- although if you want to go ultra DIY you can 3D print your own case, too. Everything, from the shell's CAD design to the motherboard's wiring, is available on GitHub for perusal or modification, and the modular nature of the internals means you can add a more powerful chipset or modify just about anything you find unsatisfying about the computer if you have the know-how or if Olimex or others offer compatible parts.

But, unfortunately, almost everything about this laptop is unsatisfying right now. It runs a quad-core ARM64 chip, though x86 and MIPS chips might be offered later on. It has a tiny 11.6-inch screen, a huge bezel, a tiny trackpad, a cramped-looking keyboard, and a whole lot of plastic. The OS (Linux, naturally) runs off a microSD card. At least the LCD comes in a 1080p variant, because the default 1366 x 768 resolution is a real throwback. There's even 802.11n Wi-Fi, which has me questioning what decade it is.

But are there any better alternatives? In the comments share your own thoughts about open source laptop kits.
Firefox

Mozilla Binds Firefox's Fate To The Rust Language (infoworld.com) 236

An anonymous reader quotes InfoWorld: After version 53, Firefox will require Rust to compile successfully, due to the presence of Firefox components built with the language. But this decision may restrict the number of platforms that Firefox can be ported to -- for now... Rust depends on LLVM, which has dependencies of its own -- and all of them would need to be supported on the target platform. A discussion on the Bugzilla tracker for Firefox raises many of these points...

What about proper support for Linux distributions with long-term support, where the tools available on the distro are often frozen, and where newer Rust features might not be available? What about support for Firefox on "non-tier-1" platforms, which make up a smaller share of Firefox users? Mozilla's stance is that in the long run, the pain of transition will be worth it. "The advantage of using Rust is too great," according to maintainer Ted Mielczarek. "We normally don't go out of our way to make life harder for people maintaining Firefox ports, but in this case we can't let lesser-used platforms restrict us from using Rust in Firefox."

InfoWorld points out most Firefox users won't be affected, adding that those who are should "marshal efforts to build out whatever platforms need Rust support." Since most users just want Mozilla to deliver a fast and feature-competitive browser, the article concludes that "The pressure's on not only to move to Rust, but to prove the move was worth it."
Operating Systems

OPNsense 17.1 Released, Based On FreeBSD 11 (phoronix.com) 39

An anonymous reader quotes Phoronix: OPNsense 17.1 is now available as the newest release of this network-focused FreeBSD-based operating system forked from pfSense. It's now been two years since the first official release of OPNsense and to celebrate they have out a big update. OPNsense 17.1 re-bases to using FreeBSD 11.0, there's now a SSH remote installer, new language support, more hardening features used from HardenedBSD, new plugins, integrated authentication via PAM, and many other improvements. Some of the new plug-ins include FTP Proxy, Tinc VPN, and Let's Encrypt support.
This version has been named "Eclectic Eagle".
Microsoft

LibreOffice 5.3 Released, Touted As 'One of the Most Feature-Rich Releases' Ever (omgubuntu.co.uk) 224

An anonymous reader shares a report: A new month, and a brand new version of open-source office suite LibreOffice is now available to download. And what a release it is. LibreOffice 5.3 introduces a number of key new features and continues work on improving the look and feel of the app across all major platforms. The Document Foundation describes LibreOffice 5.3 as "one of the most feature-rich releases in the history of the application." One of the headline features is called MUFFIN interface, a new toolbar design similar to the Microsoft Office Ribbon UI.
Chrome

Google Open-Sources Chrome For iOS (venturebeat.com) 39

Google has uploaded its Chrome for iOS code into the open-source Chromium repository. In other words, Chrome for iOS has now been open-sourced like Chrome for other platforms, letting anyone examine, modify, and compile the project. From a report: Chromium is the open-source Web browser project that shares much of the same code as Google Chrome, and new features are often added there first. Google intended for Chromium to be the name of the open-source project, while the final product name would be Chrome, but developers have taken the code and released versions under the Chromium name. Eventually, many browser makers started using it as a starting point; Opera, for example, switched its browser base to Chromium in 2013. Since its inception, Chromium was a desktop-only affair. That changed in May 2015 with the open-sourcing of Chrome for Android.
AI

Who's Responsible For Accidents Caused By Open Source Self-Driving Car Software? (ieee.org) 114

Here's the problem. "You could download Comma.ai's new open-source Python code from Github, grab the necessary hardware, and follow the company's instructions to add semi-autonomous capabilities to specific Acura and Honda model cars (with more vehicles to follow)," writes IEEE Spectrum. But then who's legally responsible if there's an accident? Long-time Slashdot reader Registered Coward v2 writes: While many legal experts agree OSS is "buyer beware" and that Comma.ai and its CEO Georg Hotz would not be liable, it's a gray area in the law. The software is release under the MIT OSS license and the Read Me contains the disclaimer "This is alpha-quality software for research purposes only... You are responsible for complying with local laws and regulatons." The U.S. Supreme Court, in a series of court cases in the 1990s, ruled open source code as free speech protected under the First Amendment of the U.S. Constitution.

The question is does that release the author(s) from liability. The EU has no EU wide rules on liability in such cases. One open question is even if the person who used the software could not sue, a third party injured by it might be able to since they are not a party to the license agreement.

An EFF attorney told HotHardware "Prosecutors and plaintiffs often urge courts to disregard traditional First Amendment protections in the case of software." But not everyone agrees. "Most legal experts that spoke with IEEE Spectrum -- and Hotz himself -- believe that if you use the company's code and something goes wrong, then it isn't liable for damages. You are."
Android

Do Android Users Still Use Custom Roms? (androidauthority.com) 215

"With all of the drama at CyanogenMod, Android Authority takes a look at the current state of custom ROM development," writes Slashdot reader Thelasko. From the article: The future of CyanogenMod appears uncertain, after the open source ROM was forced to fork under the name Lineage OS. Fortunately there are already other remixed versions of Android available, with some of the most popular being Paranoid Android, Resurrection Remix, and Dirty Unicorns... [But] with each new version of Android, the gap between Android and popular custom ROMs has shrunk, which begs an interesting question: Are custom ROMs even necessary anymore? To answer this, let's take a quick look at the state of custom ROM development as it exists today.
The article points out that mobile virtual reality is "on the verge of becoming mainstream and the wearable market has grown tremendously," asking whether custom firmware will also integrate these newer technologies. But the original submission also asks a question that's closer to home. What custom ROMs do Slashdot users have installed?
Open Source

Free Software Foundation Shakes Up Its List of Priority Projects (networkworld.com) 103

alphadogg quotes Network World: The Free Software Foundation Tuesday announced a major rethinking of the software projects that it supports, putting top priority on a free mobile operating system, accessibility, and driver development, among other areas. The foundation has maintained the High Priority Projects list since 2005, when it contained just four free software projects. [That rose to 12 projects by 2008, though the changelog shows at least seven projects have since been removed.] Today's version mostly identifies priority areas, along with a few specific projects in key areas.
The new list shows the FSF will continue financially supporting Replicant, their free version of Android, and they're also still supporting projects to create a free software replacement for Skype with real-time voice and video capabilities. But they're now also prioritizing various projects to replace Siri, Google Now, Alexa, and Cortana with a free-software personal assistant, which they view as "crucial to preserving users' control over their technology and data while still giving them the benefits such software has for many."

And other priorities now include internationalization, accessibility, decentralization and self-hosting, and encouraging governments to adopt free software.
Open Source

Raspberry Pi Gets Competitors (hackaday.com) 115

Hackaday reports that Asus has "quietly released their Tinker board that follows the Pi form factor very closely, and packs a 1.8 GHz quad-core ARM Cortes A17 alongside an impressive spec At £55 (about $68) where this is being written it's more expensive than the Pi, but Asus go to great lengths to demonstrate that it is significantly faster."

And though the Raspberry Pi foundation upgraded their Compute Module, Pine64 has just unveiled their new SOPINE A64 64-bit computing module, a smaller version of the $15 Pine64 computer. An anonymous reader quotes ComputerWorld: At $29, the SOPINE A64 roughly matches the price of the Raspberry Pi Compute Module 3, which ranges from $25 to $30. The new SOPINE will ship in February, according to the website. The SOPINE A64 can't operate as a standalone computer like the Pine64. It needs to be plugged in as a memory slot inside a computer. But if you want a full-blown computer, Pine64 also sells the $15 SOPINE Baseboard Model-A, which "complements the SOPINE A64 Compute Module and turns it into a full single board computer," according to the company...

The original Pine64 was crowdsourced and also became popular for its high-end components like a 64-bit chip and DDR3 memory... It has 2GB RAM, which is twice that of Raspberry Pi's compute module. SOPINE also has faster DDR3 memory, superior to DDR2 memory in Raspberry Pi Compute Module 3 board.

Open Source

Will The Death of the PC Bring 'An End To Openness'? (infoworld.com) 501

Slashdot reader snydeq shared "11 Predictions For the Future of Programming" by InfoWorld's contributing editor -- and one prediction was particularly dire: The passing of the PC isn't only the slow death of a particular form factor. It;s the dying of a particularly open and welcoming marketplace... Consoles are tightly locked down. No one gets into that marketplace without an investment of capital. The app stores are a bit more open, but they're still walled gardens that limit what we can do. Sure, they are still open to programmers who jump through the right hoops but anyone who makes a false move can be tossed...

For now, most of the people reading this probably have a decent desktop that can compile and run code, but that's slowly changing. Fewer people have the opportunity to write code and share it. For all of the talk about the need to teach the next generation to program, there are fewer practical vectors for open code to be distributed.

Open Source

Ask Slashdot: What's The Best Place To Suggest New Open Source Software? 225

dryriver writes: Somebody I know has been searching up and down the internet for an open source software that can apply GPU pixel shaders (HLSL/GLSL/Cg/SweetFX) to a video and save the result out to a video file. He came up with nothing, so I said "Why not petition the open source community to create such a tool?" His reply was "Where exactly does one go to ask for a new open source software?"

So that is my question: Where on the internet can one best go to request that a new open source software tool that does not exist yet be developed? Or do open source tools only come into existence when someone -- a coder -- starts to build a software, opens the source, and invites other coders to join the fray?

This is a good place to discuss the general logistics of new open source projects -- so leave your best answers in the comments. What's the best place to suggest new open source software?
Debian

Debian 8.7 Released (debian.org) 124

Debian 8.7 has been released. An anonymous reader quotes Debian.org: This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. Please note that this update does not constitute a new version of Debian 8 but only updates some of the packages included.

There is no need to throw away old "jessie" CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated. Those who frequently install updates from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update.

86 packages have been updated -- including some fixes for systemd. ("Rework logic to determine when we decide to add automatic deps for mounts; various ordering fixes for ifupdown; systemctl: Fix argument handling when invoked as shutdown...")
Open Source

Node.js's npm Is Now The Largest Package Registry in the World (linux.com) 133

Linux.com highlights some interesting statistics about npm, the package manager for Node.js.
  • "At over 350,000 packages, the npm registry contains more than double the next most populated package registry (which is the Apache Maven repository). In fact, it is currently the largest package registry in the world."
  • In the preceding four weeks, users installed 18 billion packages.
  • This translates into 6 billion downloads, "because approximately 66 percent of the installs are now being served from the cache."
  • ping.npmjs.com "shows that the registry's services offer a 99.999 uptime."
  • Every week roughly 160 people publish their first package in the registry

But what about the incident last year where a developer suddenly pulled all their modules and broke thousands of dependent projects? npm's Ashley Williams "admitted that the left-pad debacle happened because of naive policies at npm. Since, the npm team have devised new policies, the main one being that you are only allowed to unpublish a package within 24 hours of publishing it." And their new dissociate and deprecate policy allows developers to mark packages as "unmaintained" without erasing them from the registry.


Google

Google Boosts Python By Turning It Into Go (infoworld.com) 129

An anonymous reader quotes InfoWorld: Grumpy, an experimental project from Google, transpiles Python code into Go, allowing Python programs to be compiled and run as static binaries using the Go toolchain... In a blog post announcing the open source release, Google stated the project stemmed from its efforts to speed up the Python-powered front end for YouTube. But Google hit an obstacle that's familiar to folks who've deployed Python in production: It's hard to get CPython -- the default Python interpreter written in C -- to scale efficiently. "We think Grumpy has the potential to scale more gracefully than CPython for many real world workloads," writes Google...

Because it doesn't support C extensions, Grumpy doesn't have CPython's Global Interpreter Lock, which is commonly cited as a roadblock to running Python concurrent workloads smoothly. Grumpy also uses Go's garbage collection mechanisms to manage memory under the hood, instead of CPython's. Grumpy creates close interoperation between Python and Go by allowing Go packages to be imported and used with the same syntax as Go modules.

Open Source

Hands On With the First Open-Source Microcontroller (hackaday.com) 83

The folks at SiFive have offered Brian Benchoff from Hackaday a look at the HiFive 1, the first hands-on with the first Open Hardware microcontroller. From the report: The design files for the HiFive 1 were made with Altium, a proprietary and non-Free software. Basically, the HiFive 1 is the SiFive FE310 microcontroller packaged in an Arduino Uno form factor. The pin spacing is just as stupid as it's always been, and there is support for a few Adafruit shields sitting around in the SDK. There are no analog pins, but there are two more PWM pins compared to the standard Arduino chip. The Arduino Uno and Leonardo have 32 kilobytes of Flash, while the HiFive 1 has sixteen Megabytes of Flash on an external SOIC chip. The HiFive 1 supports 3.3 and 5V I/O, thanks to three voltage level translators. The support for 5V logic is huge in my opinion -- nearly every dev board manufacturer has already written off 5V I/O as a victim of technological progress. The HiFive doesn't, even though the FE310 microcontroller is itself only 3.3V tolerant. It should be noted the addition of the voltage level translators add at least a dollar or two to the BOM, and double that to the final cost of the board. It's a nice touch, but there's room for cost cutting here. Other than that, the only other chip of note on the board is the FTDI FT2232HL, a well-supported but most certainly not Free and Open Source USB to UART chip. This is a two-port chip that provides programming, serial, and debug connections simultaneously. The folks at SiFive realize documentation and SDKs are necessary to turn a chip into a development board. To that end, they have a bare-metal SDK and support for the Arduino IDE. The board itself comes with a bootloader, and when you plug the HiFive 1 into a USB you get the equivalent of the Blink sketch from the Arduino. Yes, you too can have Open Source blinkies. What a magical time to be alive. Right now there are two methods of programming the HiFive 1. The Freedom E SDK, and the Arduino IDE. The Arduino IDE appears to be dependent on the Freedom E SDK, so either way, you'll have to get the SDK running. Right now, the SDK only works under Linux (and OS X, and possibly Cygwin), but support for Windows is coming. For Linux users, the getting started guide is more than sufficient, although it will take quite a while (at least 30 minutes) to build all the tools. Once the Freedom E SDK is installed, support for the Arduino IDE pretty much falls into place. You'll have to futz around with the Boards Manager, but with a few clicks, you get something fantastic. You can blink an LED with Open Source Hardware.
Open Source

Pull Requests Are Accepted At About The Same Rate, Regardless of Gender (techinasia.com) 94

An anonymous reader writes: Remember that story about how women "get pull requests accepted more (except when you know they're women)." The study actually showed that men also had their code accepted more often when their gender wasn't known, according to Tech In Asia -- and more importantly, the lower acceptance rates (for both men and women) applied mostly to code submitters from outside the GitHub community. "Among insiders, there's no evidence of discrimination against women. In fact, the reverse is true: women who are on the inside and whose genders are easy to discern get more of their code approved, and to a statistically significant degree."

Eight months after the story ran, the BBC finally re-wrote their original headline ("Women write better code, study suggests") and added the crucial detail that acceptance rates for women fell "if they were not regulars on the service and were identified by their gender."

Open Source

Postal, the Legendarily Violent Video Game by Running With Scissors, Is Now Open Source (ndtv.com) 66

An anonymous reader writes: Video game developer Running With Scissors has announced that it is open sourcing the original version of its most popular title-Postal, which was released back in 1997. Even though violence in video games has been a topic of debate for over decades now, Postal has been one of the most criticised games out of the lot. Running With Scissors has published the code for the game on Bitbucket under the GPL2 license and further said that it is entrusting the fans with the fate of its game. "Anyone with the time and skills can now tweak/change/update/modify anything in the game at all!" the company was quoted as saying in the report. Postal is popularly known for being termed "digital poison" by US Senator Joe Lieberman but developed an audience for itself over the years. Earlier this year, a high-definition remaster of the game called Postal Redux was released on Steam as well as PS4.

Slashdot Top Deals