A recent kerfuffle around an open source software creator asking for their package not to be included in a larger project has turned into a kind of rabbit-duck illusion for the open source community. What does it mean when the creator of a software package uses their social power - but not their legal power - to try and influence user behavior? Are they violating the spirit of open source? Or simply making requests that acknowledge open source realities?

Our movement rarely talks about freedom with much philosophical nuance. In this talk, I try to put some flesh on the bones of freedom by giving an introduction to Amartya Sen and Martha Nussbaum’s capability approach, and applying it to software. The capability approach (sometimes called the human development approach) is a framework for thinking about human freedom that, since its development in the early 90s, has been applied across a broad range of philosophical, economic, and policy problems. Focused on what options a person has to reach their goals, it is well-suited for understanding where we succeed - and fail! - at actually freeing people.

Read More

Even though we’re in the web browser business, we know you don’t go online to look at Firefox, it’s more that you look through Firefox to get to everything on the open web. In today’s major release, Firefox sports a fresh new design that gets you where you’re going online, fast and distraction-free. And since we’re all about privacy, we’re also expanding integrated privacy protections in Firefox, so you feel safe and free to be yourself online thanks to fewer eyes following you across the web.

Elk is an Audio Operating System developed from the ground up to deliver real time audio performances in embedded systems and remote networks.

May 24

In this post I’m gonna be making all kinds of fun of Urbit. And all that after spending just a few hours poking around it.


Originally, I wanted to write in the layout of the good, the bad, and the ugly, but I’m not entirely sure how that would pan out.1

Before I begin, I’ll somewhat oversimplify and explain Urbit to those of you not in the know.

And before I do that, here’s a PSA: there’s a tl;dr at the end. So you don’t need to read all this drivel. You’re welcome.

KolibriOS is a tiny yet incredibly powerful and fast operating system. This power requires only a few megabyte disk space and 8MB of RAM to run. Kolibri features a rich set of applications that include word processor, image viewer, graphical editor, web browser and well over 30 exciting games. Full FAT12/16/32 support is implemented, as well as read-only support for NTFS, ISO9660 and Ext2/3/4. Drivers are written for popular sound, network and graphics cards.

Have you ever dreamed of a system that boots in less than few seconds from power-on to working GUI? Applications that start instantly, immediately after clicking an icon, without annoying hourglass pointers? This speed is achieved since the core parts of KolibriOS (kernel and drivers) are written entirely in FASM assembly language! Try Kolibri and compare it with such heavyweights as Windows and Linux.

Read More

If you want to give anyone permission to use your code for any purpose, use the MIT License instead of the Eclipse Public License (EPL). The EPL has restrictions that make sense for Clojure Core but not for most libraries.

If your library is licensed EPL and someone wants to use your code in a GPL or MIT codebase, they must first contact you and get your permission to use your code because the EPL is not GPL- or MIT-compatible.

If your library is licensed EPL and you want to relicense your project in the future, you must request a copyright transfer from all external contributors or request their explicit permission to relicense the code they provided you.

The MIT License does not have either of these constraints.

Read More

Many Open Source projects regularly look for new contributors to help them develop new features. But, sometimes a lot of domain knowledge is required to make a real impact. Some features need a complete birds eye view of the project to estimate how changes will ripple through the remaining project and their consumers.

Hence, new contributors who want to get their hands dirty quickly may often hestitate as their efforts may never come to fruiton by becoming production code. Not everyone wants to be a documentation contributor. Altough, there is nothing wrong with it and it is one of the most important parts in any Open Source project.

Instead of jumping on the newest rewrite of module B in project A, why not tackle some of the issues that accumulated over time that were hacked together because the contributor had time constraints. These are often marked by the keyword TODO but seldomly earn their own issue or have simply been forgotten, or are even outdated. They may even be older than20 years you17 years. They may even be one of the most pressing security bugs out there…unfortunately.

Hence I suddenly got the idea to plot the development of outstanding TODOs in some of the most popular Open Source projects out there. I hope these graphs may convince you that there is abundant work to be tackled and cleaned up. Most of the graphs keep on growing consistently. This is your chance to make a contribution which may even earn you a second round in a future job interview for a highly paid position. Who knows.

Read More

Thoughts on linguistic diversity in FLOSS, arising from the Italian translation of the Django documentation.

What happened was, I was fooling around with zero-knowledge proof ideas and needed to post public keys on the Internet in textual form. I picked ed25519 keys (elliptic-curve, also known as EdDSA) so I asked the Internet “How do you turn ed25519 keys into short text strings?” The answer took quite a bit of work to find and, after I posted it, provoked a discussion about whether I was doing the right thing. So today’s question is: Should these things be encoded with the traditional PKIX/PEM serialization, or should developers just blast the key-bits into base64 and ship that?

Read More

AAA security is crucial to the modern telecom network. Here’s how the telecom AAA server benefits the operator and mitigates network risks.

As you’re surely aware, Signal has officially jumped the shark with the introduction of cryptocurrency to their chat app. Back in 2018, I wrote about my concerns with Signal, and those concerns were unfortunately validated by this week’s announcement. Moxie’s insistence on centralized ownership, governance, and servers for Signal puts him in a position of power which is easily, and inevitably, abused. In that 2018 article, and in articles since, I have spoken about the important of federation to address these problems. In addition to federation, what else does a chat app need?

Read More

The FSF is done, in my opinion. The should’ve never let RMS back on. Not because of ideological reasons, but it was bloody impractical to have him on the board.

Many major outlets reported on the incident. Often with misrepresentations of Stallman’s words that were so egregious it was hard to believe such mistakes were honest, rather than intentional hit pieces.

5G service-based architecture (SBA) unlocks next-gen use cases, opens monetization opportunities, and simplifies operations. Read its benefits in detail.

Adobe regularly sends takedown notices targeting pirated copies of its flagship software products but the company doesn’t limit itself to newer releases. F-Secure researcher Mikko Hyppönen has had one of his tweets taken down because it linked to an ‘unauthorized’ copy of a 27-year-old release of Acrobat Reader 1.0 for MS-DOS.

Software

This community is for general discussion about building software, not necessarily just programming.

Created on Oct 17, 2020
By @root