Businesses

GitHub Is Undergoing a Full-Blown Overhaul As Execs and Employees Depart (businessinsider.com) 246

mattydread23 writes: This is what happens when hot startups grow up. [GitHub] CEO Chris Wanstrath is imposing management structure where there wasn't much before, and execs are departing, partly because the company is cracking down on remote work. It's a lot like Facebook in 2009. Business Insider has the full inside story based on multiple sources in and close to the company.
Cloud

Docker Images To Be Based On Alpine Linux (brianchristner.io) 80

New submitter Tenebrousedge writes: Docker container sizes continue a race to the bottom with a couple of environments weighing in at less than 10MB. Following on the heels of this week's story regarding small images based on Alpine Linux, it appears that the official Docker images will be moving from Debian/Ubuntu to Alpine Linux in the near future. How low will they go?
Stats

The Performance of Ubuntu Linux Over the Past 10 Years (phoronix.com) 108

An anonymous reader writes: Tests were carried out at Phoronix of all Ubuntu Long-Term Support releases from the 6.06 "Dapper Drake" release to 16.04 "Xenial Xerus," looking at the long-term performance of (Ubuntu) Linux using a dual-socket AMD Opteron server. Their benchmarks of Ubuntu's LTS releases over 10 years found that the Radeon graphics performance improved substantially, the disk performance was similar while taking into account the switch from EXT3 to EXT4, and that the CPU performance had overall improved for many workloads thanks to the continued evolution of the GCC compiler.
Open Source

CFQ In Linux Gets BFQ Characteristics 65

jones_supa writes: Paolo Valente from University of Modena has submitted a Linux kernel patchset which replaces CFQ (Completely Fair Queueing) I/O scheduler with the last version of BFQ (Budget Fair Queuing, a proportional-share scheduler). This patchset first brings CFQ back to its state at the time when BFQ was forked from CFQ. Paolo explains: "Basically, this reduces CFQ to its engine, by removing every heuristic and improvement that has nothing to do with any heuristic or improvement in BFQ, and every heuristic and improvement whose goal is achieved in a different way in BFQ. Then, the second part of the patchset starts by replacing CFQ's engine with BFQ's engine, and goes on by adding current BFQ improvements and extra heuristics." He provides a link to the thread in which it is agreed on this idea, and a direct link to the e-mail describing the steps.
Open Source

Link Rot Rx: 'Amber' Add-on For WordPress and Drupal 17

David Rothman writes: If you run a WordPress or Drupal site, you can now fight link rot with Amber, a new open source add-on from Harvard's Berkman Center. If links are dead, visitors can still summon up the pages as stored on your server or, if you prefer, outside ones such as the Internet Archive. TeleRead has the details, and the Amber site is here, with download information.
Businesses

Open Source Pioneer Michael Tiemann On the Myth of the Average 126

StewBeans writes: In a recent article, Michael Tiemann, one of the world's first open source entrepreneurs and VP of Open Source Affairs at Red Hat, highlights an example from the 1950s US Air Force where the "myth of the average resulted in a generation of planes that almost no pilots could reliably fly, and which killed as many as 17 pilots in a single day." He uses this example to argue that IT leaders who think that playing it safe means being as average as possible in order to avoid risks (i.e. "Buy what others are buying. Deploy what others are deploying. Manage what others are managing.") may be making IT procurement and strategy decisions based on flawed data. Instead, Tiemann says that IT leaders should understand elements of differentiation that are most valuable, and then adopt the standards that exploit them. "Don't aim for average: it may not exist. Aim for optimal, and use the power of open source to achieve what uniquely benefits your organization."
Security

Chromodo Browser Disables Key Web Security (thestack.com) 54

An anonymous reader writes: A Google Security Research update has claimed that Comodo's internet browser Chromodo, based on the open-source project Chromium, contains significant security failings and puts its users at risk. This week's Google alert suggested that the Chromodo browser – available as a standalone download, as well as part of the company's Security package – is less secure than it promises. According to analysis, the browser is disabling the Same Origin policy, hijacking DNS settings, and replacing shortcuts with Chromodo links, among other security violations.
Open Source

Homemade Speed Trap Made By Former UVA CS Professor (cvilletomorrow.org) 564

An anonymous reader writes: Irritated by speeders in his neighborhood and frustrated with the City of Charlottesville's inability or unwillingness to enforce the speed limit, a former professor in the Computer Science department of the University of Virginia created a program in openCV to track vehicle speed on his residential neighborhood street: "You'll find that almost 85 percent of the cars going by are violators [of the neighborhood's 25mph limit]". This includes a city bus doing 34mph.
Encryption

Socat Weak Crypto Draws Suspicions Of a Backdoor (threatpost.com) 50

msm1267 writes: Socat is the latest open source tool to come under suspicion that it is backdoored. A security advisory published Monday warned that the OpenSSL address implementation in Socat contains a hard-coded Diffie-Hellman 1024-bit prime number that was not prime. "The effective cryptographic strength of a key exchange using these parameters was weaker than the one one could get by using a prime p," the advisory said. "Moreover, since there is no indication of how these parameters were chosen, the existence of a trapdoor that makes possible for an eavesdropper to recover the shared secret from a key exchange that uses them cannot be ruled out." Socat said it has generated a new prime that is 2048 bits long; versions 1.7.3.0 and 2.0.0-b8 are affected. The advisory adds that a temporary workaround would be to disable the Diffie-Hellman ciphers.
IOS

7 Swift 2 Enhancements iOS Devs Will Love 123

snydeq writes: InfoWorld's Paul Solt outlines how Apple has made good on Swift's emphasis on performance, approachability, and ease in its latest update, offering up seven worthwhile enhancements to Swift 2, along with code samples. 'Many of the enhancements to Swift, through both the Swift 2.0 update and subsequent Swift 2.1 update, have made the language more explicit and intentional, and in turns, Swift 2 code will be safer and easier to maintain for years to come (especially now that Swift is open source). New language constructs (keywords) in Swift 2 improve the readability of control flow — the order in which lines of code are executed. Thanks to these new keywords, collaborating on Swift code will be much more productive and efficient.'
Communications

Big Satellite Systems, Simulated On Your Desktop (sf.net) 44

An anonymous reader writes: Big systems of hundreds of satellites are under development to provide wireless Internet globally, with Richard Branson's OneWeb and Thales' LeoSat aiming at consumers and business markets respectively. It's like reliving the late 1990s, when Bill Gates' Teledesic and Motorola's Celestri were trying to do the same thing before merging their efforts and then giving up. And now you can simulate OneWeb and LeoSat for yourself, and compare them to older systems, in the new release of the vintage SaVi satellite simulation package, which was created in the 1990s during the first time around. Bear in mind Karl Marx's dictum of history: the first time is tragedy, and the second time is farce. Do these new systems stand a chance?
Open Source

Linux Kernel 2.6.32 LTS Reaches End of Life In February 2016 (softpedia.com) 116

An anonymous reader writes: The oldest long-term supported Linux kernel branch finally reaches end of life next month, but before going into the deepest darkest corners of the Internet, it just dropped one more maintenance release, Linux kernel 2.6.32.70 LTS. Willy Tarreau dropped the news about the release of Linux kernel 2.6.32.70 LTS on January 29, 2016, informing all us that this will most likely be the last maintenance release in the series, as starting with February 2016 it will no longer be supported with security patches and bugfixes. Linux 2.6 first came out in December, 2003, and 2.6.16 (the first long-term release) in March 2006.
Communications

Jailbreak Turns Cheap Walkie-Talkie Into DMR Police Scanner 82

An anonymous reader writes: Last Shmoocon, famous reverse engineer Travis Goodspeed presented his jailbreak of the Chinese MD380 digital handheld radio. The hack has since been published at GitHub with all needed source code to turn a cheap digital radio into the first hardware scanner for DMR digital mobile radio: a firmware patch for promiscuous mode that puts all talk groups through the speaker including private calling. In the U.S. the competing APCO-25 is a suite of standards for digital radio communications for federal users, but a lot of state/county and local public safety organizations including city police dispatch channels are using the Mototrbo MotorolaDMR digital standard.
Intel

Intel Gets Called Out Again For Their M.I.A. 3.0 X.Org Driver (phoronix.com) 110

An anonymous reader writes: The xf86-video-intel 3.0 DDX driver has been in development the past two and a half years without seeing an official release. The last development release even of xf86-video-intel 3.0 Git was 13 months ago with the xf86-video-intel 2.99.917 release. At that time it was said by Intel's lead DDX developer, "3 months have passed, we should make one more snapshot before an imminent release." Since then, there's been no communications about a stable release of this DDX driver that makes SNA the default acceleration architecture over UXA. Over on the intel-gfx mailing list users are bringing up again the state of xf86-video-intel 3.0 and why it isn't released yet, questioning if Intel is "able to maintain its own device driver in a usable way?"
Open Source

GitHub Service Outage (github.com) 117

New submitter thebigjeff writes: Beginning at around 7:30pm EST on 1/27/2016, GitHub's core services have been offline. Most repositories and other functionality is inaccessible. The status page is calling it a "significant network disruption." More from The Register: GitHub falls offline, devs worldwide declare today a snow day.
Facebook

Top Telcos Join Facebook Open Source Hardware Project (thestack.com) 18

An anonymous reader sends word about the latest telcos to join Facebook's Open Compute Project. The Stack reports: "A new wave of communications companies has joined Facebook's non-profit Open Compute Project (OCP), including AT&T, Verizon, Deutsche Telekom and South Korea's SK Telecom, as the movement seeks to share innovative hardware designs and drive down costs in the telecom arena. An OCP sub-section focused entirely on telecom requirements has been set up to look into servers and networking efficiency in the field. As one of the largest hardware buyers, telcos will provide a significant new market for the project, alongside its successful data center efforts.
Government

The US Government and Open Standards: a Tale of Personal Woe (thevarguy.com) 256

An anonymous reader writes: This article details a Linux user's struggles to submit a grant application when the process requires finicky, proprietary software. It also covers familiar ground made timely by the upcoming elections: the U.S. should prefer open source software and open standards over proprietary alternatives. The grant application required a PDF created by Adobe Acrobat — software Adobe no longer supports for Linux. Once the document was created, attempting to submit it while using Ubuntu fails silently. (On Windows 7, it worked immediately.) The reader argues, "By requiring Acrobat the government gives preference to a particular software vendor, assuring that thousands of people who otherwise would not choose to use Adobe software are forced to install it. Worse, endorsing a proprietary, narrowly supported technology for government data poses the risk that public information could become inaccessible if the vendor decides to stop supporting the software. Last but not least, there are privacy and fairness issues at stake. Acrobat is a totally closed-source program, which means we have to take Adobe's word for it that nothing sketchy is going on in its code. ... It would seem to be in the interest of the public for the government to prefer an open source solution, since it is much harder to hide nefarious features inside code that can be publicly inspected."
Security

Malware Operator Barters With Security Researcher To Remove Open Source Ransomware Code (softpedia.com) 34

An anonymous reader writes: The author of the Magic ransomware strain has agreed to release all decryption keys for free if Utku Sen, a Turkish security researcher, takes down his Hidden Tear open-source ransomware project from GitHub. Sen has released multiple open source ransomware projects, which contained backdoors and encryption flaws. The flaws disrupted the plans of several ransomware operators. This particular ransomware author is Russian, while Sen is Turkish, so just like Putin and Erdogan, the two struggled to come to an agreement. Utku Sen finally agreed to take down the Hidden Tear repository in three days, while the author of the Magic ransomware will provide all the encryption keys for free for the next 15 days.
AMD

AMD: It's Time To Open Up the GPU (gpuopen.com) 152

An anonymous reader writes: AMD has called for the opening up of GPU technology to developers. Nicolas Thibieroz, a senior engineering manager for the company, announced today the launch of GPUOpen, its initiative to provide code and documentation to PC developers, embracing open source and collaborative development with the community. He says, "Console games often tap into low-level GPU features that may not be exposed on PC at the same level of functionality, causing different — and usually less efficient — code paths to be implemented on PC instead. Worse, proprietary libraries or tools chains with "black box" APIs prevent developers from accessing the code for maintenance, porting or optimizations purposes. Game development on PC needs to scale to multiple quality levels, including vastly different screen resolutions." And here's how AMD wants to solve this: "Full and flexible access to the source of tools, libraries and effects is a key pillar of the GPUOpen philosophy. Only through open source access are developers able to modify, optimize, fix, port and learn from software. The goal? Encouraging innovation and the development of amazing graphics techniques and optimizations in PC games." They've begun by posting several technical articles to help developers understand and use various tools, and they say more content will arrive soon.
Firefox

Firefox 44 Arrives With Push Notifications (mozilla.org) 182

An anonymous reader writes: Mozilla today launched Firefox 44 for Windows, Mac, Linux, and Android. Notable additions to the browser include push notifications, the removal of RC4 encryption, and new powerful developer tools. Mozilla made three promises for push notifications: "1. To prevent cross-site correlations, every website receives a different, anonymous Web Push identifier for your browser. 2. To thwart eavesdropping, payloads are encrypted to a public / private keypair held only by your browser. 3. Firefox only connects to the Push Service if you have an active Web Push subscription. This could be to a website, or to a browser feature like Firefox Hello or Firefox Sync." Here are the full changelogs: Desktop and Android.

Slashdot Top Deals