GNU is Not Unix

FLIF: Free Lossless Image Format 290

nickweller sends a link to an informational post about FLIF, the Free, Lossless Image Format. It claims to outperform PNG, lossless WebP, and other popular formats on any kind of image. "On photographs, PNG performs poorly while WebP, BPG and JPEG 2000 compress well (see plot on the left). On medical images, PNG and WebP perform relatively poorly while BPG and JPEG 2000 work well (see middle plot). On geographical maps, BPG and JPEG 2000 perform (extremely) poorly while while PNG and WebP work well (see plot on the right). In each of these three examples, FLIF performs well — even better than any of the others." FLIF uses progressive decoding to provide fully-formed lossy images from partial downloads in bandwidth-constrained situations. Best of all, FLIF is free software, released under the GNU GPLv3.

LibreOffice Turns Five 147

An anonymous reader writes: Italo Vignoli, founding member of The Document Foundation, reflects on the project's five-year mark in an article on "LibreOffice was launched as a fork of on September 28, 2010, by a tiny group of people representing the community in their capacity as community project leaders. At the time, forking the office suite was a brave -- and necessary -- decision, because the open source community did not expect to survive for long under Oracle stewardship." The project that was does still exist, in the form of Apache Open Office, but along with most Linux distros, I've switched completely to LibreOffice, after some initial misgivings.
Electronic Frontier Foundation

EFF: DMCA Hinders Exposing More Software Cheats Like Volkswagen's 166

ideonexus writes: Automakers have argued that the 1998 Digital Millennium Copyright Act makes it unlawful for researchers to review the code controlling their vehicles without the manufacturer's permission, making it extremely difficult to expose software cheats like the one Volkswagen used to fake emissions tests. Arguing that this obfuscation of code goes so far as to endanger lives at times, the Electronic Frontier Foundation (EFF) maintains that, "When you entrust your health, safety, or privacy to a device, the law shouldn't punish you for trying to understand how that device works and whether it is trustworthy."

How the Car Industry Has Hidden Its Software Behind the DMCA 126

Lucas123 writes: The DCMA has allowed carmakers to keep third parties from looking at the code in their electronic control modules. The effect has been that independent researchers are wary of probing vehicle code, which may have lead companies like Volkswagen to get away with cheating emissions tests far longer than necessary. In a July letter to the U.S. Copyright Office, the Environmental Protection Agency expressed its own concern of the protection provided by the DMCA to carmakers, saying it's "difficult for anyone other than the vehicle manufacturer to obtain access to the software." Kit Walsh, an attorney with the Electronic Frontier Foundation, said the legal uncertainly created by the DMCA "makes it easier for manufacturers to conceal intentional wrongdoing. The EFF has petitioned the U.S. Copyright Office for an exemption to the DMCA for embedded vehicle code so that independent research can be performed on electronic control modules (ECMs), which run a myriad of systems, including emissions. Eben Moglen was right.

AMD Confirms Vulkan Driver For Linux, But To Start Off As Closed-Source 47

An anonymous reader writes: AMD has finally revealed some basic details concerning their support of Vulkan on Linux. AMD has a Vulkan driver but it will begin its life as closed-source, reports Phoronix. In time the AMD Vulkan driver will transition to being open-source. This Vulkan driver is built to interface with their new AMDGPU kernel DRM driver that's part of their long talked about AMD open-source strategy for Linux. This closed-then-open Vulkan driver will be competing with Valve's Intel Vulkan driver that will be open from day one.
Open Source

XPRIZE's Jono Bacon On the Next Great Challenge 20

itwbennett writes: After just under 8 years at Canonical where he was Community Manager of Ubuntu, Jono Bacon left in search of a new challenge. Now, a year and a half into his tenure at the XPRIZE Foundation as Senior Director of Community, Bacon reflects on the changing nature of community and how he is working to bring the 'anybody can play a role in a bigger picture' aspect of open source to "solve the grand challenges facing humanity." Update: 09/17 00:20 GMT by T : Jono wants everyone to know that he's certainly not leaving the world of open source software, either; headline has been updated to reflect that.
Open Source

The Era of Open Source Cars 31

An anonymous reader writes: An article at Ars Technica details how open source is slowly but surely working its way into the automotive manufacturing industry. A company named StreetScooter is flattening the design process, having designers and engineers work directly with suppliers right from the get-go. Another company, Local Motors, has built an open source community that's 50,000-strong, whose members include everybody from hobbyists to industrial engineers. Even the existing auto-giants are getting in on it: Ford has created OpenXC, a platform that is attempting to standardize how to get data out of a car's computer. The article concludes, "These various automotive open source advocates come at the topic from different backgrounds and with different approaches, but they can all recognize we've entered an era for open source cars that simply didn't exist before."

APIs, Not Apps: What the Future Will Be Like When Everyone Can Code 255

An anonymous reader writes: There's been a huge push over the last few years to make programming part of the core academic curriculum. Hype or not, software developer Al Sweigart takes a shot at predicting what this will be in a future where some degree of coding skill is commonplace and he has an interesting take on it: "More programmers doesn't just mean more apps in app stores or clones of existing websites. Universal coding literacy doesn't increase the supply of web services so much as increase the sophistication in how web services are used. Programming—by which I mean being able to direct a computer to access data, organize it, and then make decisions based on it— will open up not only a popular ability to make more of online services, but also to demand more.

Almost every major website has an Application Program Interface (API), a formal specification for software to retrieve data and make requests similar to human-directed browsers. ... The vast majority of users don't use these APIs—or even know what an API is—because programming is something that they've left to the professionals. But when coding becomes universal, so will the expectation that websites become accessible to more than just browsers."

OpenGL Library Mesa 11.0 Brings Open Source OpenGL 4 88

jj110888 writes: Mesa, the open source implementation of OpenGL, has just announced version 11.0. This adds support for the amdgpu driver, fixes for non-Windows platforms, new OpenGL ES extensions supported, and more. Most notable is the support for all extensions in OpenGL 4.1 by the radeonsi and nvc0 drivers, and support for extensions added in OpenGL 4.2 by the i965 driver. This brings the OpenGL version supported by core Mesa from 3.3 to 4.2, five and a half years after OpenGL 4 was released. Mesamatrix gives the status of which OpenGL extensions are supported by which open source driver. Vulkan, on the otherhand, will have an open source driver once the spec is released.
Open Source

Ask Slashdot: Definitive Password Management Best Practices Using OSS? 77

jmcbain writes: I am an software engineer for a client-server user account system handling both Web and smartphone clients. I have been searching for definitive and crystal-clear best practices for managing user account and password data using open-source software, but I have only cobbled together a complete picture from dozens of websites. I currently have a system that sends passwords over SSL and performs bcrypt hashing for storage and authentication checking at the server side. Is that good enough? The recent Ashley Madison breach and the exposure of MD5-hashed passwords (as opposed to bcrypt) has me worried again. Can someone please suggest a definitive, cookbook-style Web resource or book on how to use open-source software to handle user passwords for multiple client-server scenarios? I would like answers to questions such as: Where do I perform hashing (smartphone/web client or server)? What hash algorithm should I use? How do I store the hashes? How can clients recover forgotten passwords? etc.
Open Source

Open Source Router Firmware OpenWRT 15.05 Released 94

aglider writes: The newest stable iteration of the famous and glorious OpenWRT has just been released in the wild for all the supported architectures. The latest version is 15.05, codenamed "Chaos Calmer" after a cocktail drink, just like all previous ones. Major changes from the official announcements: "Linux kernel updated to version 3.18. Improved Security Features. Rewritten package signing architecture based on ed25519. Added support for jails. Added support for hardened builds. Improved Networking Support. Platform and Driver Support." For the full details you are welcome on the forums while the firmware itself and extra packages are available from the distribution servers.
Open Source

Ask Slashdot: Synchronizing Sound With Video, Using Open Source? 103

An anonymous reader writes: I have a decent video camera, but it lacks a terminal for using an external mic. However, I have a comparatively good audio recorder. What I'd like to do is "automagically" synchronize sound recorded on the audio recorder with video taken on the video camera, using Free / Open Source software on Linux, so I can dump in the files from each, hit "Go," and in the end I get my video, synched with the separately recorded audio, in some sane file format. This seems simple, but maybe it isn't: the 800-pound gorilla in the room is PluralEyes, which evidently lots of people pay $200 for --and which doesn't have a Linux version. Partly this is that I'm cheap, partly it's that I like open source software for being open source, and partly it's that I already use Linux as my usual desktop, and resent needing to switch OS to do what seems intuitively to be a simple task. (It seems like something VLC would do, considering its Swiss-Army-Knife approach, but after pulling down all the menus I could find, I don't think that's the case.) I don't see this feature in any of the Open Source video editing programs, so as a fallback question for anyone who's using LiVES, KDEnlive, or other free/Free option, do you have a useful workflow for synching up externally recorded sound? I'd be happy even to find a simple solution that's merely gratis rather than Free, as long as it runs on Ubuntu.

Microsoft Announces VP9 Support For Edge 55

An anonymous reader writes: As noted by some a few days ago, Microsoft has started development on new multimedia container and codec support for Edge. Over on the Edge development blog, Microsoft has now officially announced that "WebM/VP9 support is now in development in Microsoft Edge. VP9 is an open source codec that offers efficient compression to stream HD content at lower bitrates, and is well suited to UHD streaming. Initial support for VP9 will be available in Windows Insider Preview builds soon. This is part of our continuing effort to expand codec offerings in Windows. We continue to evaluate other formats and look forward to receiving feedback as we work on implementing them."
GNU is Not Unix

The Free Software Foundation: 30 Years In 135

An anonymous reader writes: The Free Software Foundation was founded in 1985. To paint a picture of what computing was like back then, the Amiga 1000 was released, C++ was becoming a dominant language, Aldus PageMaker was announced, and networking was just starting to grow. Oh, and that year Careless Whisper by Wham! was a major hit. Things have changed a lot in 30 years. Back in 1985 the FSF was primarily focused on building free pieces of software that were primarily useful to nerdy computer people. These days we have software, services, social networks, and more to consider. In this in-depth interview, FSF executive director John Sullivan discusses the most prominent risks to software freedom today, Richard M. Stallman, and more.

Debian Working on Reproducible Builds To Make Binaries Trustable 130

An anonymous reader writes: Debian's Jérémy Bobbio, also known as Lunar, spoke at the Chaos Communication Camp about the distribution's efforts to reassert trustworthiness for open source binaries after it was brought into question by various intelligence agencies. Debian is "working to bring reproducible builds to all of its more than 22,000 software packages," and is pushing the rest of the community to do the same. Lunar said, "The idea is to get reasonable confidence that a given binary was indeed produced by the source. We want anyone to be able to produce identical binaries from a given source (PDF)."

Here is Lunar's overview of how this works: "First you need to get the build to output the same bytes for a given version. But others also must to be able to set up a close enough build environment with similar enough software to perform the build. And for them to set it up, this environment needs to be specified somehow. Finally, you need to think about how rebuilds are performed and how the results are checked."

New Release of the Trinity Desktop Environment 197

mescobal writes: A new release of the Trinity Desktop Environment (TDE) is out. TDE is "a computer desktop environment for Unix-like operating systems with a primary goal of retaining the function and form of traditional desktop computers" which translates into a fully functional KDE 3 style Desktop. Something is missing in the new generation of desktop environments, since some people (perhaps more than "some") feel at home with Gnome 2 or KDE i3. They have repositories for Debian and Ubuntu-based distros. I'm now using it on Ubuntu 15.04, amazed about how well-planned things were in the previous generation of DE. We may have gained some things with Gnome 3 and Plasma 5, but we lost a lot of good features too. TDE brings them back.

What Is Open Source Pharma (and Why Should You Care)? 165

Andy Updegrove writes: Humanity today is almost completely dependent on huge pharmaceutical companies to create the drugs we need. But these companies focus exclusively on drugs that can be sold at high prices to large populations — in other words, to patients in developed nations. This means that those who live in the emerging world that suffer from the remaining 'neglected diseases,' like Malaria and drug resistant TB, have no one to depend on for relief except huge charities, like the Gates Foundation. They also have no way to afford many of the patented drugs that do exist. But there is another way, modeled on open source software development, which relies on crowd sourced knowledge, highly distributed, volunteer efforts, and advanced open source tools. That methodology is called Open Source Pharma, and it has the potential to dramatically drive down drug development while saving millions of lives every year.
Open Source

Netflix Open Sources Sleepy Puppy XSS Hunter 12

msm1267 writes: Netflix has released a tool it calls Sleepy Puppy. The tool injects cross-site scripting payloads into a target app that may not be vulnerable, but could be stored in a database and tracks the payload if it's reflected to a secondary application that makes use of the data in the same field. "We were looking for a way to provide coverage on applications that come from different origins or may not be publicly accessible," said co-developer Scott Behrens, a senior application security engineer at Netflix. "We also wanted to observe where stored data gets reflected back, and how data that may be stored publicly could also be reflected in a large number of internal applications." Sleepy Puppy is available on Netflix's Github repository and is one of a slew of security tools its engineers have released to open source.
Open Source

How Open Film Project "Cosmos Laundromat" Made Blender Better 31

An anonymous reader writes: At the beginning of August the Blender Institute released Cosmos Laundromat: First Cycle, its seventh open project. More than just a 10-minute short film, Cosmos Laundromat is the Blender Institute's most ambitious project, a pilot for the first fully free and open animated feature film. In his article on animator and open source advocate Jason van Gumster highlights the film project and takes a look at some of its most significant contributions to the Blender open source project.
Open Source

Mutt 1.5.24 Released 38

kthreadd writes: Version 1.5.24 of the Mutt email client has been released. New features in this release includes among other things terminal status-line (TS) support, a new color object 'prompt', the ability to encrypt postponed messages and opportunistic encryption which automatically enables/disables encryption based on message recipients. SSLv3 is now also disabled by default.