Odprtokodni pogled

Opensource view


The COSM Project

tuxmachines.org - Tor, 07/02/2019 - 21:26

In 2017, contributors to the Open Document Format (ODF) specification at OASIS (Organization for the Advancement of Structured Information Standards) noted that while the Technical Committee continues to generate changes, the integration of these changes – a substantial task, which is key for the future of the ODF standard – is only being conducted on a volunteer basis.

To support current adoptions of the ODF standard format by governments and enterprises and potential adoptions in the future, it would have been important to release the new ODF 1.3 version in a timely manner, to avoid that delays could affect the position of ODF in the marketplace.

Open Document Format 1.0 was published as an ISO/IEC international standard ISO/IEC 26300 – Open Document Format for Office Applications in 2006. Open Document Format 1.2 was published as ISO/IEC standard in 2015.

In early 2018, the Board of Directors of The Document Foundation addressed the need of evolving the standard by establishing the independent COSM – Community of ODF Specification Maintainers – project at Public Software CIC (a UK Community Interest Company) to hold funds and to retain editors to work at the Technical Committee.

read more

What is the Raspberry Pi 4? Everything you need to know about the tiny, low-cost computer

tuxmachines.org - Tor, 07/02/2019 - 21:23

The Raspberry Pi 4 Model B is the latest version of the low-cost Raspberry Pi computer. The Pi isn't like your typical device, in its cheapest form it doesn't have a case, and is simply a credit-card sized electronic board -- of the type you might find inside a PC or laptop, but much smaller.

It costs as little as $35, although you might want to choose the $55 version with its 4GB of RAM for its better all-round performance.

The Raspberry Pi 4 can do a surprising amount. Amateur tech enthusiasts use Pi boards as media centers, file servers, retro games console, routers, and network-level ad-blockers, for starters. However that is just a taste of what's possible. There are hundreds of projects out there, where people have used the Pi to build tablets, laptops, phones, robots, smart mirrors, to take pictures on the edge of space, to run experiments on the International Space Station -- and that's without mentioning the more wacky creations -- teabag dunker anyone?

read more

Endeavour OS – Ready To Be Released

tuxmachines.org - Tor, 07/02/2019 - 21:22

XFCE is a great environment to explore Linux so they are shipping distro with the offline installer that installs XFCE environment. In case, you are already familiar with a different desktop environment, they are also planning an online installer that will provide 10 desktop environments — Base, i3-wm, Openbox, Mate, Xfce, KDE, Cinnamon, Gnome, Deepin, and Budgie.

The team will release the online installer after 15th July. No date for online installer has been given. For the community forum, the team is planning to use Discourse. The forum will also be made public on 15th July.

So far this is everything we know about this distribution. Their website does not mention much about its future and specific things they will be focusing on.

I installed the beta version in Virtualbox. You can check the screenshots above. The distro is very fast as it uses XFCE and it ships with a great set of applications for daily use including Firefox web browser, Pidgin internet messenger, Parole media player, Qt Designer, and many other daily use system utilities.

read more

MintBox 3 Linux Mint-Powered Mini PC Announced as the Most Powerful MintBox Ever

tuxmachines.org - Tor, 07/02/2019 - 21:05

Yes, we're talking about MintBox 3, the third generation of the tiny and powerful MintBox computer powered by the ever popular Linux Mint operating system. MintBox 3 comes in two variants and promises to be the most powerful MintBox computer ever built in collaboration with Compulab.

"We’re working with Compulab on the most powerful MintBox ever," said Clement Lefebvre, leader of the Linux Mint project. "MintBox 3 will be based on the Airtop 3. I’ve been using an Airtop 1 as my main computer for a while now and it’s a beautiful machine."

read more

Linux Mint 20 and Future Releases Will Drop Support for 32-bit Installations

tuxmachines.org - Tor, 07/02/2019 - 21:03

As you might know, Canonical announced last month that they plan to drop support for 32-bit systems all together, not only for new installations, but they ended up realizing that some major projects like Wine and Steam still need 32-bit libraries, so starting with Ubuntu 19.10 (Eoan Ermine) they'll only build select 32-bit packages.

Many users were asking if Ubuntu-based distributions will be affected by this major change, which shouldn't be a surprize to anyone in 2019, so it looks like Linux Mint, one of the most popular Ubuntu-based operating systems out there will follow on Ubuntu's steps to drop support for 32-bit systems in future releases, starting with Linux Mint 20.

read more

[$] OpenPGP certificate flooding

LWN.net - Tor, 07/02/2019 - 20:42
A problem with the way that OpenPGP public-key certificates are handled by key servers and applications is wreaking some havoc, but not just for those who own the certificates (and keys)—anyone who has those keys on their keyring and does regular updates will be affected. It is effectively a denial of service attack, but one that propagates differently than most others. The mechanism of this "certificate flooding" is one that is normally used to add attestations to the key owner's identity (also known as "signing the key"), but because of the way most key servers work, it can be used to fill a certificate with "spam"—with far-reaching effects.

Security Leftovers

tuxmachines.org - Tor, 07/02/2019 - 20:41
  • Ransomware Hits Georgia Courts As Municipal Attacks Spread [iophk: "Windows TCO"]

    "There’s definitely an increase or uptick in the amount of ransomware campaigns that we’re seeing out there, but it’s not specific to municipalities or state or federal organizations, it’s just pretty much across the board in every industry vertical," says David Kennedy, CEO of the penetration testing and incident response consultancy TrustedSec. "We’re working seven consecutive ransomware attacks right now—a couple of manufacturing, a couple of credit unions, and one local type of government incident."

  • Singapore Government Announces Third Bug Bounty Program

    The latest bug bounty program, similar to the previous two, will be hosted by HackerOne. The project is conducted in collaboration with the Cyber Security Agency of Singapore (CSA) and the Government Technology Agency of Singapore (GovTech).

    HackerOne will invite approximately 200 international hackers and 100 local hackers to take part in the challenge, which offers payouts between $250 and $10,000 per vulnerability report. The program will run from July to August and results will be announced in September.

  • US officials are talking about banning end-to-end encryption again

    A source believed to have been in attendance said, "The two paths were to either put out a statement or a general position on encryption, and [say] that they would continue to work on a solution, or to ask Congress for legislation," adding that the importance of the matter was reflected by the attendance of a group of Number 2s (from different stakeholder agencies, it's not a scatological reference).

    The problem for end users doesn't end with the NSA getting a better foothold on your WhatsApp chats because whilst it'll be easier for law enforcement and security agencies to see if you're up to no good, relaxing encryption also opens up a much wider foothold for [attackers] and cybercriminals to abuse the services too. And that's not to mention that if friendly intelligence can access your data, then foreign spies and snoopers can as well - it's all or nothing.

  • Exploit Using Microsoft Excel Power Query for Remote DDE Execution Discovered

    The Mimecast Threat Center team reached out to the Microsoft Security Response Center (MRSC) with our information and a working proof of concept. MRSC opened a case but Microsoft decided not to fix this behavior, and their response included a workaround by either using a Group Policy to block external data connections or use the Office Trust center to achieve the same. MRSC accepted our request to publish this research per the CVD policy.

  • How [Attackers] Turn Microsoft Excel's Own Features Against It [iophk: fails to mention improved options like LibreOffice and Calligra]

    On Thursday, researchers from threat intelligence firm Mimecast are disclosing findings that an Excel feature called Power Query can be manipulated to facilitate established Office 365 system attacks. Power Query allows users to combine data from various sources with a spreadsheet—like a database, second spreadsheet, document, or website. This mechanism for linking out to another component, though, can also be abused to link to a malicious webpage that contains malware. In this way, attackers can distribute tainted Excel spreadsheets that wreak havoc, from granting attackers system privileges to installing backdoors.

    "Attackers don’t need to invest in a very sophisticated attack—they can just open up Microsoft Excel and use its own tools," says Meni Farjon, Mimecast's chief scientist. "And you have basically 100 percent reliability. The exploit will work in all the versions of Excel as well as new versions, and will probably work across all operating systems, programming languages, and sub-versions, because it's based on a legitimate feature. That makes it very viable for attackers."

  • Cyber warfare is here

    Cybereason said they weren’t going to name the affected providers, but said many were sizable, and that it didn’t find evidence that North American providers had been infiltrated.

    The company also didn’t notify the targeted individuals.

    Cybereason thinks a [attack] this sophisticated is very likely the work of a nation-state.

read more

Games: Aeon's End, Lamentum, Slay the Spire, Encodya

tuxmachines.org - Tor, 07/02/2019 - 20:04

read more

Odake BladeX: A 4K 15.6-inch Portable Monitor Supporting HDMI & USB-C

Phoronix - Tor, 07/02/2019 - 19:00
A few years back we looked at the ASUS ZenScreen USB-C Portable Monitor that took until recently when it began playing working nicely on Linux due to its DisplayLink hardware and also the state of Type-C DP AlternateMode support at the time. What we've been trying out over the past week has been the Odake BladeX as a much more interesting portable monitor: it's a 15.6-inch display in 1080p and 4K options that also supports native HDMI input and other functionality unmatched by the ZenScreen.

Android Leftovers

tuxmachines.org - Tor, 07/02/2019 - 18:32

read more

Tiny, Linux-driven Cortex-A5 SBC supports FeatherWing add-ons

tuxmachines.org - Tor, 07/02/2019 - 18:10

Groboards has launched an open-spec, Adafruit Feather-like “Giant Board” starting at $50. The 51 x 23mm SBC runs Linux on Microchip’s Cortex-A5-based SAMA5D SoC and can load more than 60 FeatherWing add-ons.

In January, Groboards showed off a Giant Board SBC that adopts the Adafruit Feather form factor and supports FeatherWing add-on boards. Instead of the usual MCU, you get a beefier Cortex-A5-based Microchip SAMA5D27 SoC that runs Debian Linux. Now, the company has gone to Crowd Supply to sell the 51 x 23mm board starting at $50.

read more

Graphics: AMD, Canonical's Mir, NVIDIA and X.Org

tuxmachines.org - Tor, 07/02/2019 - 17:47
  • AMD Radeon Pro WX 3200 Announced As A Small Form Factor $199 USD Workstation Card

    For those looking for a small form factor workstation-oriented graphics card or just a budget workstation GPU in general, AMD today announced the Radeon Pro WX 3200.

    This single-slot graphics card for $199 USD is based on AMD's Polaris architecture and not the newer Vega or Navi architecture. The WX 3200 has 10 compute units, 1.66 TFLOPS performance for compute, support for 4K/8K displays, and 4GB of GDDR5 video memory.

  • AMD "GFX8" Hardware Now Has Expanded DCC Support With RADV Vulkan Driver

    The latest work by Valve open-source Linux graphics driver contributor Samuel Pitoiset is on offering Delta Color Compression (DCC) support for layers with the Vulkan RADV driver.

    On top of the Delta Color Compression support already within RADV, this Mesa Radeon Vulkan driver now has DCC support for Vulkan layers.

  • Mir 1.3 Released With Wayland Improvements, New AL Features

    Mir 1.3 was released today as the newest version of Canonical's project making it easier to write desktop shells with Wayland support.

    Mir 1.3 has Wayland improvements around more eagerly sending buffer release events, more punctually executing work on the Wayland thread, and renaming of their zxdg_output_v1 protocol to zxdg_output_manager_v1.

  • NVIDIA 418.52.14 Linux Driver Brings Full-Screen Exclusive & Calibrated Timestamps

    The NVIDIA 418.52.14 Linux driver adds support for VK_EXT_calibrated_timestamps, VK_EXT_full_screen_exclusive, VK_EXT_shader_demote_to_helper_invocation, and VK_EXT_texel_buffer_alignment. The two later extensions are for new bits added with Vulkan 1.1.113 while the full-screen exclusive and calibrated timestamps are excited to finally see exposed in full by the NVIDIA Vulkan driver. VK_EXT_full_screen_exclusive has the potential of helping to improve performance by bypassing system composition (the compositor) during full-screen gaming, but of course does require games/engines to make use of this extension.

  • NVIDIA Announces GeForce RTX 2060 / 2070 / 2080 SUPER GPUs
  • It's A Last Call For Speakers At X.Org's XDC2019 Event

    The 2019 X.Org Developers Conference for "all-things open-source graphics" is coming up at the start of October. But if you've been wanting to talk about something related to the Linux kernel, Mesa, Wayland, or related components, this week is your last chance to apply.

read more

Audio With DeaDBeeF, Demise of Apple's "Pod" Empire, New Podcast About Go

tuxmachines.org - Tor, 07/02/2019 - 17:39
  • DeaDBeeF 1.8.1 Released! How to Install in Ubuntu 18.04 / Higher

    Deadbeef audio player 1.8.1 was released a few days ago with various bug-fixes and performance improvements for the 1.8 series.

  • Jony Ive ‘dispirited’ by Tim Cook’s lack of interest in product design: WSJ

    The WSJ report follows a similar piece published by Bloomberg last week. Both reports describe an Apple design team, led by Jony Ive, increasingly frustrated by his absence after the launch of the Apple Watch in 2015. They tell the story of a company that once put design at the forefront, progressively being led by operational concerns. Ive’s absence was “straining the cohesion central to product development,” according to the WSJ, causing several key design team members to leave Apple over the last few years.

  • Gabbing About Go | Coder Radio 364

    Mike and Wes burrow into the concurrent world of Go and debate where it makes sense and where it may not.

    Plus gradual typing for Ruby, a new solution for Python packaging, and the real story behind Jony Ive’s exit.

read more

NVIDIA Open-Sources TensorRT Library Components

Phoronix - Tor, 07/02/2019 - 17:37
NVIDIA announced via their newsletter today that they've open-sourced their TensorRT library and associated plug-ins...

KDE: Installing KDE Neon, Usability/Productivity Sprint 2019 and Gcompris

tuxmachines.org - Tor, 07/02/2019 - 17:36
  • The KDE ISO Image Writer is Coming to Windows

    Windows users will soon have another way to create a live, bootable USB drive of their fave Linux distribution.

    A KDE ISO writer tool for Windows desktops is being developed as part of the Google Summer of Code (GSoC).

    The app uses the same look and layout as the Linux version, which is available in the ‘development’ repos of the KDE Neon Linux distro.

    “KDE ISO Image Writer on Windows to allow people that want to install KDE Neon to easily write the ISO image onto a USB flash drive,” explains Farid Boudedja in a blog post update.

  • Usability & Productivity Sprint 2019

    I [partially, only 2 days out of the 7] attended the Usability & Productivity Sprint 2019 in Valencia two weekends ago.

    I was very happy to meet quite some new developer blood, which is something we had been struggling a bit to get lately, so we're starting to get on the right track again And I can only imagine it'll get better and better due to the "Onboarding" goal

    During the sprint we had an interesting discussion about how to get more people to know about usability, and the outcome is that probably we'll try to get some training to members of KDE to increase the knowledge of usability amongst us. Sounds like a good idea to me

  • Multiple Datasets: Tutorial

    This post is a step by step tutorial for adding multiple datasets to an activity in Gcompris.
    The procedure of adding multiple datasets to an activity is fairly simple in Gcompris. The steps for it are given below.
    Note: In these steps we'll refer the activity in consideration as current_activity. Also we assume that we plan to add 3 datasets to current_activity.

read more

Microsoft and Google Openwashing

tuxmachines.org - Tor, 07/02/2019 - 17:32

read more

OSS: TODO Group at OSI, Open Source Sees Donations Blocked, Mozilla Wants Web Regulation, LibreOffice GSoC Report and WordPress Chrome Extensions That You Should Try

tuxmachines.org - Tor, 07/02/2019 - 17:30
  • Open Source Initiative Welcomes TODO Group as Affiliate Member

    The Open Source Initiative ® (OSI), the non-profit corporation with global scope formed to educate about and advocate for the benefits of open source and to build bridges among different constituencies in the open source community, announced today the affiliate membership of TODO Group. Boasting membership from some of today's most active corporations working in and with Open Source Software, the TODO Group shares experiences, develops best practices, and collaborates around common tooling to address some of the most common challenges related to open source program management, development, deployment, and management.

    As Open Source Software continues its growth into and across corporate infrastructure, more and more companies are seeking peers and partners to help understand, not only "the value of open source" but "the open source ethos" as well. Businesses across industries--not just technology--use, contribute to, and maintain, thousands of open source projects, both large and small. Despite open source's twenty year history, many of these programs face challenges in ensuring high-quality and frequent releases, engaging with developer communities, and contributing back to other projects effectively. Here, as a resource to those seeking authentic engagement with open source communities of practice, the OSI and TODO Group will work together, helping organizations identify potential projects, assess community alignment, and participate credibly and reliably to foster success.

  • I am sorry, we are unable to accept donations right now

    About two weeks ago, an attacker tried to use presumably stolen credit card information on our donation form. He was able to try around 300 different numbers in only a few hours before we noticed this and tried to block him. We consulted with the technical support hotline of our payment provider.

    Unfortunately, the risk department decided to disable our account at the same time before we could implement some better protection against fraud like this and was not able to contact us about it. After endless calls with them and lots and lots of promises about being called back, I was finally able to get hold of someone who told me that they are no longer able to provide their services to us - without any specific reason.

    This is not the first time that an open source project has been fallen victim to being cut off of their payments and it is indeed threatening to the existence of all those projects. Now it seems to be our turn.

    To not go too much into detail, this seems to be a case of that our payment provider terminated our contract because of one simple reason: They do not know what an Open Source project is and how donations work. The concept does not seem to be anything that they can understand or are willing to learn. It would have helped us to know this when we set up our donations system with them, but unfortunately we could not foresee this.

    Some parts of the banking business in Germany really seems to be living in the eighteen-hundreds. The Germans being people who overwhelmingly prefer to pay things in cash, this does not come as a surprise. As a tourist I can only recommend to bring some cash to wherever you go or you won't be able to pay. Something that works the other way round in our neighbouring countries or elsewhere. Credit cards work everywhere.

  • Building on the UK white paper: How to better protect internet openness and individuals’ rights in the fight against online harms

    In April 2019 the UK government unveiled plans for sweeping new laws aimed at tackling illegal and harmful content and activity online, described by the government as ‘the toughest internet laws in the world’. While the UK government’s proposal contains some interesting avenues of exploration for the next generation of European content regulation laws, it also includes several critical weaknesses and grey areas. We’ve just filed comments with the government that spell out the key areas of concern and provide recommendations on how to address them.

    The UK government’s white paper responds to legitimate public policy concerns around how technology companies deal with illegal and harmful content online. We understand that in many respects the current European regulatory paradigm is not fit for purpose, and we support an exploration of what codified content ‘responsibility’ might look like in the UK and at EU-level, while ensuring strong and clear protections for individuals’ free expression and due process rights.

  • [LibreOffice GSoC] Week 5 Report

    At week 4 I have finished the first phase of the new UI logger which was the grammar and the new sentences of the log messages and rewrite all the log statement with the new grammar.

    This week I have started the implementation of the Compiler of the new logger grammar. This Compiler is responsible for taking the log file with the new grammar and generate a UI test case that performs the same as the user actions.

  • 12 Best WordPress Chrome Extensions That You Should Try

    Google Chrome browser is currently the most widely used desktop browser and it comes with hundreds of extensions to ease your work. In one of our previous articles, we discussed 25 best chrome extensions for productivity.

    Here keeping in mind the usage of WordPress users, we are listing out the 12 Best Chrome Extensions for WordPress that you should try and have been suggested by our experts. If you are currently building a website, these extensions are sure to make your life easy!

read more

Open Hardware: Difference Between SiFive and Microsoft

tuxmachines.org - Tor, 07/02/2019 - 17:26
  • Joining-SiFive

    I've accepted and offer for a full-time position with SiFive. I'll be starting on July 15th, 2019 and will be working on free software for RISC-V-based processors, among other tasks.

  • Longtime X11/Linux Developer Joins SiFive To Work On RISC-V Processors

    Keith Packard has joined RISC-V company SiFive. Yes, the same Keith Packard that is the longest still active (though somewhat more dormant these days) X Window System developer who for many years had led much of the X11/X.Org efforts and worked for nearly a decade at Intel on their open-source Linux graphics driver stack before working for HP Labs and also a side-gig for Valve improving the Linux stack for VR.

  • Microsoft tells FTC Repair poses a Cyber Risk. It doesn’t.

    In comments submitted to the Federal Trade Commission, Microsoft Corp. is arguing that repairing its devices could jeopardize the cyber security of Trusted Platform Module (TPM) security chip. Don’t believe them.

read more

AMDVLK 2019.Q3.1 Adds HDR10 Support For Direct Display Mode, Fixes Issues

Phoronix - Tor, 07/02/2019 - 17:03
AMDVLK 2019.Q3.1 is out as the latest update to AMD's official open-source Vulkan Linux driver...

Toughened up embedded computer runs Linux on i.MX8M

tuxmachines.org - Tor, 07/02/2019 - 16:40

Axiomtek is prepping a fanless, rugged “Agent336” embedded computer that runs Linux or Android on a quad Cortex-A53 i.MX8M and offers dual mini-PCIe, CANBus, and E-Mark certification for in-vehicle use.

Axiomtek has posted a product page for what appears to be its first i.MX8M-based embedded computer. The “coming soon,” automotive-focused Agent336 is only the second non-board level embedded product we’ve seen with NXP’s general-purpose heir to the i.MX6 after SolidRun’s CuBox Pulse mini-PC.

read more

Syndicate content