FOSS News #5 - Free and Open Source News Review February 24 - March 1, 2020

Hi all!

We continue to review the news of free and open source software (and some hardware). All the most important things about penguins and not only in Russia and the world.

In issue #5, February 24 - March 1, 2020:

1. "FreeBSD: much better than GNU/Linux" - a slightly provocative and detailed comparison from an experienced author
2. Free Software Foundation plans to launch a new platform for joint development and code hosting
3. FOSS licenses: which one to choose and why
4. The European Commission chose the free messenger Signal for security reasons
5. Manjaro Linux 19.0 distribution release
6. The Smithsonian has released 2.8 million images into the public domain.
7. 5 Best Open Source Alternatives to Slack for Team Communication
8. Full home automation in a new building
9. First release of Monado, a platform for virtual reality devices
10. Project leader changed in Arch Linux
11. Melissa Di Donato is about to rethink the development of SUSE
12. Security Approaches Using Open Source Applications
13. Mirantis makes it easy for customers to work with Open Source container solutions
14. Salient OS is an Arch Linux-based distribution worthy of attention from developers and gamers
15. Open Source and e-bike
16. Open Cybersecurity Alliance Launches First Open Cybersecurity Interoperability Framework
17. The Brave browser integrates a call to archive.org to view deleted pages
18. ArmorPaint received a grant from the Epic MegaGrant program
19. 7 Open Source Cloud Security Monitoring Tools You Should Know About
20. Short Scholarship Programs for Programming Students
21. Rostelecom began substituting its advertising into subscriber traffic
22. Programmer and musician algorithmically generated all possible melodies and made them public domain

"FreeBSD: much better than GNU/Linux" - a slightly provocative and detailed comparison from an experienced author

An interesting, albeit controversial, study was published on Habré by an author who has been dealing exclusively with UNIX systems for the last more than 20 years, approximately equally with FreeBSD and GNU / Linux. The author compares the two systems in a number of ways, from looking at the OS design as a whole to analyzing specific issues such as support for individual file systems and network technologies, and concludes that FreeBSD is "high quality, reliability, convenience and ease of use", and GNU/Linux is "a zoo, a cesspool of loosely coupled code, little to complete, no documentation, chaos, a bazaar".

We stock up on beer and chips and read comparison with comments

Alternative view on the topic and explanation of the prevalence of GNU/Linux

Free Software Foundation plans to launch a new platform for joint development and code hosting

The Free Software Foundation has announced plans to create a new code host that supports collaborative development tools and meets the ethical criteria for free software hosting that has been established so far. The new platform will be built to complement Savannah's existing hosting, which will continue to be maintained. The purpose of creating a new platform is to solve the problem with the free software development infrastructure. Now many free projects depend on platforms that do not publish their code and force the use of proprietary software. The platform is planned to be launched in 2020, building it on the basis of already created free solutions for collaborating on code, developed by independent communities that are not tied to the interests of individual companies. The most likely contender is the Pagure platform, developed by the developers of Fedora Linux.

Details

FOSS licenses: which one to choose and why

Ars Technica publishes a detailed discussion of choosing a FOSS license for your project, explaining which licenses exist, how they differ and why choosing a license for your project is so important. If you don’t understand how a free license differs from an open one, confuse “copyright” and “copyright”, get confused about “all these” GPLs of different versions and prefixes, MPL, CDDL, BSD, Apache License, MIT, CC0, WTFPL - then this this article will definitely help you.

Details

The European Commission chose the free messenger Signal for security reasons

The Verge reports that the European Commission (the highest executive body of the European Union) has recommended that its employees switch to Signal, a free encrypted messenger, to improve communication security. Politico adds that earlier this month, a message appeared on the commission's internal site, "Signal has been selected as the recommended app for external contacts." However, Signal will not be used for all communication. Encrypted emails will continue to be used for unclassified but important information, and special means will still be used to transfer documents with a security class.

Details: [1], [2]

Manjaro Linux 19.0 distribution release

According to OpenNET, the GNU/Linux distribution of Manjaro Linux 19.0, built on top of Arch Linux but aimed at beginners, has been released. Manjaro has a simpler graphical installer, support for hardware auto-detection and driver installation. The distribution comes as live builds with KDE, GNOME and Xfce graphical environments. To manage repositories, Manjaro uses its own toolkit BoxIt, designed in the image of Git. In addition to its own repository, there is support for using the AUR repository (Arch User Repository). Version 19.0 introduces the Linux 5.4 kernel, updated versions of Xfce 4.14 (with the new Matcha theme), GNOME 3.34, KDE Plasma 5.17, KDE Apps 19.12.2. GNOME offers a switcher for desktop skins with different themes. The Pamac package manager has been updated to version 9.3 to include support for self-contained snap and flatpak packages by default, which can be installed via the new Bauh application management interface.

Details

The Smithsonian has released 2.8 million images into the public domain.

Not related to software, but related topic. OpenNET writes that the Smithsonian Institution (formerly the National Museum of the United States) has released a collection of 2.8 million images and 3D models to the public for free use. The images are published in the public domain, that is, they are allowed to be distributed and used in any form by everyone without restrictions. A special online service and API for accessing the collection have also been launched. The archive includes photographs of the collections of 19 museums, 9 research centers, 21 libraries, archives and the National Zoo. In the future, it is planned to expand the collection and share new images as 155 million exhibits are digitized. Including, during 2020, about 200 thousand additional images will be published.

Source

5 Best Open Source Alternatives to Slack for Team Communication

It's FOSS brings up a small overview of the analogues of Slack, one of the most popular services for work communication. Basic functionality is available for free, additional options are available in paid tariff plans. Although Slack can be installed on GNU/Linux thanks to the Electron application, it is not open source, neither a client nor a server. The following FOSS alternatives are briefly reviewed:

1. Riot
2. zulip
3. rocket.chat
4. Mattermost.
5. Wire

All of them are naturally available for download and deployment at home, but there are also paid plans if you want to use the developer infrastructure.

Details

Full home automation in a new building

A very interesting example of how a person using FOSS tools built a “smart house” in his one-room apartment from scratch was published on Habré. The author writes about the choice of technologies, provides wiring diagrams, photos, configurations, gives a link to the apartment configuration sources in openHAB (open source home automation software written in Java). True, a year later, the author switched to Home Assistant, which he is going to write about in the second part.

Details

First release of Monado, a platform for virtual reality devices

OpenNET announces the first release of the Monado project, which aims to create an open source implementation of the OpenXR standard. OpenXR is an open, royalty-free standard for accessing virtual reality and augmented reality platforms and devices. The project code is written in C and distributed under the free license Boost Software License 1.0, compatible with the GPL. Monado provides a fully OpenXR compliant runtime that can be used to run virtual and augmented reality experiences on smartphones, tablets, PCs, and other devices. Monado develops several basic subsystems:

1. spatial vision engine;
2. character tracking engine;
3. composite server;
4. interaction engine;
5. tools.

Details

Project leader changed in Arch Linux

According to OpenNET, Aaron Griffin stepped down as the head of the Arch Linux project. Griffin has been the leader since 2007, but has been less active lately and has decided to give up his seat to a new man. Levente Poliak was chosen as the new leader of the project during the voting of developers. For reference: Arch Linux, according to Wikipedia, is an independent, general-purpose distribution of GNU/Linux optimized for the x1986-125 architecture that aims to provide the latest stable versions of software following a rolling release model.

Source

Melissa Di Donato is about to rethink the development of SUSE

Linux.com reports on the latest development plans for SUSE. SUSE is one of the oldest Open Source companies and the first to enter the corporate market. Also, SUSE is in second place in terms of contribution to the Linux kernel among distributions (source - 3dnews.ru/1002488). In July 2019, the company changed its CEO, Melissa Di Donato became the new director, and like the new CEO of Red Hat, Jim Whitehurst did not come from the world of Open Source, but was a SUSE client for the last 25 years of her career. Donato has a very clear vision for the future of the company and states:

«We are going to build this company on the basis of innovative and flexible thinking. We are not going to give up the stability and quality of our core. What we are going to do is surround the core with truly innovative cutting edge technologies that will set us apart from our competitors… You will experience a whole new feeling because we will announce ourselves much louder than ever before»

Details

Security Approaches Using Open Source Applications

With examples, SdxCentral analyzes approaches to securing Open Source applications and solutions based on them, which will allow organizations to secure their applications and networks, avoiding expensive proprietary solutions, and draws the following main conclusions:

1. Open Source programs are usually platform-independent, which allows them to be used in almost any cloud and with any application.
2. Encryption is a fundamental need.
3. Initiatives like Let's Encrypt help secure the communication protocols of website domains and other programs.
4. Virtualized security features are best used with software orchestration because it adds the benefits of automation and scalability.
5. Using an Open Source system update framework like TUF can make life much harder for attackers.
6. Open Source policy control works on top of clouds and platforms and allows application policies to be applied more uniformly and consistently across these environments.
7. Modern Open Source security tools can better protect cloud applications because they can work with many such applications in multiple clouds.

Details

Mirantis makes it easy for customers to work with Open Source container solutions

Linux.com writes about Mirantis. The company, which gained popularity with its OpenStack-based solutions, is now moving very aggressively towards Kubernetes. The company took over the Docker Enterprise business last year. This week they announced the hiring of Kubernetes experts from the Finnish company Kontena and are setting up an office in Finland. Mirantis already has a significant presence in Europe with customers such as Bosch and Volkswagen. The Kontena team mainly worked with two technologies: 1) Kubernetes distribution kit Pharos, which differed from others by specializing in solving application lifecycle management tasks; 2) Lens, "Kubernetes dashboard on steroids”, according to Dave Van Everen, SVP of Marketing at Mirantis. Everything Kontena has done is Open Source. Mirantis plans to integrate much of Kontena's work by hiring their engineers and incorporating the best of their offerings into their Docker Enterprise and Kubernetes technologies.

«We are the experts in open source and continue to provide the most flexibility and choice in our industry, but we do it in a way that safeguards are in place so companies don't have something too complex and unmanageable or misconfigured.”, concluded Van Everen.

Details

Salient OS is an Arch Linux-based distribution worthy of attention from developers and gamers

Forbes writes about another distribution based on Arch Linux, rolling release GNU/Linux builds with frequent updates and fresh software - Salient OS for gamers, content creators and multimedia enthusiasts. The distribution is notable for its easy installation, a large amount of useful pre-installed software and a “perfectly polished” Xfce environment. If you are interested in games, 99% of the programs you might need are already installed here. And while the longevity of a distro maintained by a lone enthusiast can be worrisome, the fact that Salient OS is based on Arch means that there is great documentation and you will always find an answer if you need help.

Details

Another Look at the Same Distribution

Open Source and e-bike

If anyone is not in the know, Open Source has its place in the world of e-bikes. Hackaday writes that there are two ways in this world. The first is a homemade bike with motors and controllers from China. The second is a finished bike from a manufacturer like Giant with motors and controllers from China that will be twice as slow and cost three times as much. According to the publication, the choice is clear, and there are other advantages in choosing the first path, such as the use of such equipment, which now has open source firmware. As an example, Hackaday cites a Tong Sheng TSDZ2 engine with new open source firmware that improves ride, improves engine sensitivity and battery efficiency, and unlocks the ability to use any of several color displays.

Details

Open Cybersecurity Alliance Launches First Open Cybersecurity Interoperability Framework

ZDNet announces the launch of OpenDXL Ontology, a framework designed to exchange data and commands between programs related to cybersecurity. A new framework designed to overcome the fragmentation between cybersecurity tools has been introduced to the Open Source community. OpenDXL Ontology is developed by the Open Cybersecurity Alliance (OCA), a consortium of cybersecurity vendors including IBM, Crowdstrike, and McAfee. The OCA stated that OpenDXL Ontology is "the first open source language for connecting cybersecurity tools through a common messaging system." The OpenDXL ontology aims to create a common language between cybersecurity tools and systems, eliminating the need for custom integrations between products, which can be most effective when interacting with each other, between end systems, firewalls and more, but suffer from fragmentation and vendor-specific architecture .

Details

The Brave browser integrates a call to archive.org to view deleted pages

According to OpenNET, the Archive.org (Internet Archive Wayback Machine) project, which has archived many sites since 1996, spoke about a joint initiative with the developers of the Brave web browser to make the Internet more accessible when there are any problems with the availability of sites. When trying to open a non-existent or inaccessible page in Brave, the browser will check for the existence of the page in archive.org and, if found, will display a suggestion to open the archived copy. This feature is implemented in Brave Browser 1.4.95 release. Safari, Chrome and Firefox have add-ons with similar functionality. The development of the Brave browser is led by Brenden Eich, the creator of the JavaScript language and former head of Mozilla. The browser is based on the Chromium engine, focused on ensuring the privacy and security of users and is distributed under the free MPLv2 license.

Details

ArmorPaint received a grant from the Epic MegaGrant program

Following grants for Blender ($1,2M) in July 2019 and Godot ($250K) in February 2020, Epic Games has continued to support open source software development. This time the grant went to ArmorPaint, a program for texturing 3D models, similar to Substance Painter. The reward amounted to $25. The author of the program said on his Twitter that this amount would be enough for him to develop during 2020. ArmorPaint is developed by one person.

Sources: [1], [2], [3]

7 Open Source Cloud Security Monitoring Tools You Should Know About

Another security material, this time on the RUVDS blog on Habré. “The widespread use of cloud computing helps companies scale their business, but the use of new platforms also means the emergence of new threats,” the author writes and brings to attention the following must-have tools:

1. osquery
2. GoAudit
3. Grapl
4. OSSEC
5. Suricata
6. Zeek
7. Panther

Details

Short Scholarship Programs for Programming Students

A new round of programs is approaching to involve students in open-source development. Here are some of them:

1. summerofcode.withgoogle.com is a program from Google that gives students the opportunity to participate in the development of open-source projects under the guidance of mentors.
2. socis.esa.int - a program similar to the previous one, but the emphasis is on the space direction.
3. www.outreachy.org is a program for women and minorities in IT, allowing them to join the open-source developer community.

Details

As an example of the application of one's strength within the framework of GSoC, you can see kde.ru/gsoc

Rostelecom began substituting its advertising into subscriber traffic

It does not directly relate to free and open source software, but could not pass by such a blatant case of a corporation's attitude towards its customers. OpenNET writes that Rostelecom, the largest broadband operator in Russia and serving about 13 million subscribers, has launched a system for substituting advertising banners into unencrypted HTTP traffic of customers without much publicity. After sending the claim, the representatives of the corporation indicated that the substitution of advertising is carried out within the framework of the service for displaying banner advertising to subscribers, which has been operating since February 10. Use HTTPS, citizens, and trust no one.

Details

Programmer and musician algorithmically generated all possible melodies and made them public domain

Let's finish with a positive Habr. The truth is also not directly related to free and open source software, but copyright and copyleft are the same, only in art. Two enthusiasts, software lawyer Damien Reel and musician Noah Rubin, have worked hard to solve the problem of copyright infringement lawsuits over accusations of plagiarism in music. Using a software algorithm they developed (available on GitHub under a Creative Commons Attribution 4.0 license) called make all the music, they "generated all possible melodies contained in one octave, saved them, copyrighted this archive and made it into the public domain, so that in the future these melodies will not be subject to intellectual property rights.” All generated melodies are published in the Internet Archive, 1,2 TB in MIDI format. Damian Reel also spoke about this initiative at TED.

Details

A critical look

That's all, until next Sunday!

Subscribe to our Telegram channel or RSS so you don't miss out on new editions of FOSS News.

Previous issue

Source: habr.com