×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Serious Network Function Vulnerability Found In Glibc

Soulskill posted yesterday | from the audits-finding-gold dept.

GNU is Not Unix 192

An anonymous reader writes: A very serious security problem has been found and patched in the GNU C Library (Glibc). A heap-based buffer overflow was found in __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to make an application call to either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the program. The vulnerability is easy to trigger as gethostbyname() can be called remotely for applications that do any kind of DNS resolving within the code. Qualys, who discovered the vulnerability (nicknamed "Ghost") during a code audit, wrote a mailing list entry with more details, including in-depth analysis and exploit vectors.

Ask Slashdot: Is Pascal Underrated?

timothy posted 2 days ago | from the let's-make-a-wager dept.

Programming 479

An anonymous reader writes In the recent Slashdot discussion on the D programming language, I was surprised to see criticisms of Pascal that were based on old information and outdated implementations. While I'm sure that, for example, Brian Kernighan's criticisms of Pascal were valid in 1981, things have moved on since then. Current Object Pascal largely addresses Kernighan's critique and also includes language features such as anonymous methods, reflection and attributes, class helpers, generics and more (see also Marco Cantu's recent Object Pascal presentation). Cross-platform development is fairly straightforward with Pascal. Delphi targets Windows, OS X, iOS and Android. Free Pascal targets many operating systems and architectures and Lazarus provides a Delphi-like IDE for Free Pascal. So what do you think? Is Pascal underrated?

Brought To You By the Letter R: Microsoft Acquiring Revolution Analytics

timothy posted 3 days ago | from the interesting-choice-of-letter dept.

Education 105

theodp writes Maybe Bill Gates' Summer Reading this year will include The Art of R Programming. Pushing further into Big Data, Microsoft on Friday announced it's buying Revolution Analytics, the top commercial provider of software and services for the open-source R programming language for statistical computing and predictive analytics. "By leveraging Revolution Analytics technology and services," blogged Microsoft's Joseph Sirosh, "we will empower enterprises, R developers and data scientists to more easily and cost effectively build applications and analytics solutions at scale." Revolution Analytics' David Smith added, "Now, Microsoft might seem like a strange bedfellow for an open-source company [RedHat:Linux as Revolution Analytics:R], but the company continues to make great strides in the open-source arena recently." Now that it has Microsoft's blessing, is it finally time for AP Statistics to switch its computational vehicle to R?

Linus Fixes Kernel Regression Breaking Witcher 2

timothy posted 4 days ago | from the where-is-your-itch? dept.

Bug 123

jones_supa writes There has been quite a debate around the Linux version of The Witcher 2: Assassins of Kings and the fact that it wasn't really a port. A special kind of wrapper was used to make the Windows version of the game run on Linux systems, similar to Wine. The performance on Linux systems took a hit and users felt betrayed because they thought that they would get a native port. However, after the game stopped launching properly at some point, the reason was actually found to be a Linux regression. Linus quickly took care of the issue on an unofficial Witcher 2 issue tracker on GitHub: "It looks like LDT_empty is buggy on 64-bit kernels. I suspect that the behavior was inconsistent before the tightening change and that it's now broken as a result. I'll write a patch. Serves me right for not digging all the way down the mess of macros." This one goes to the bin "don't break userspace". Linus also reminds of QA: "And maybe this is an excuse for somebody in the x86 maintainer team to try a few games on steam. They *are* likely good tests of odd behavior.."

Google Just Made It Easier To Run Linux On Your Chromebook

timothy posted 4 days ago | from the danger-in-keeping-that-little-fulcrum-in-place dept.

Google 169

TechCurmudgeon writes A story in PCWorld's "World beyond Windows" column outlines coming improvements in Chrome OS that will enable easily running Linux directly from a USB stick: "Have you ever installed a full desktop Linux system on your Chromebook? It isn't all [that] hard, but it is a bit more complex than it should be. New features in the latest version of Chrome OS will make dipping into an alternative operating system easier. For example, you'll be able to easily boot a full Linux system from a USB drive and use it without any additional hassle!"

Local Motors Looks To Disrupt the Auto Industry With 3D-Printed Car Bodies

Soulskill posted 4 days ago | from the you-wouldn't-download-a-car? dept.

Transportation 127

An anonymous reader writes: Local Motors solicits design ideas through crowdsourcing, allows anyone to use open source software to contribute ideas, and then 3D prints car bodies according to the chosen specs in a matter of days. To prove they mean business, Local Motors 3D-printed a car on the floor of the Detroit Auto Show last week. "It took 44 hours to print the Strati’s 212 layers. Once 3D printing is complete, the Strati moves to a Thermwood CNC router—a computer-controlled cutting machine that mills the finer details—before undergoing the final assembly process, which adds the drivetrain, electrical components, wiring, tires, gauges, and a showroom-ready paint job."

Here's another big difference from the current auto industry: "Customers can also bring their vehicles in at any time for hardware and software upgrades, or they can choose to melt their vehicle down and, for instance, add a seat. Because Local Motors uses a distributed manufacturing system to make only what is purchased, it doesn't stock inventory. Anyone can come into a Local Motors microfactory, use its design lab, and work on a vehicle project free of charge."

User Plea Means EISA Support Not Removed From Linux

timothy posted about a week ago | from the otherwise-the-city-will-be-destroyed dept.

Open Source 188

jones_supa writes A patch was proposed to the Linux Kernel Mailing List to drop support for the old EISA bus. However a user chimed in: "Well, I'd like to keep my x86 box up and alive, to support EISA FDDI equipment I maintain if nothing else — which in particular means the current head version of Linux, not some ancient branch." Linus Torvalds was friendly about the case: "So if we actually have a user, and it works, then no, we're not removing EISA support. It's not like it hurts us or is in some way fundamentally broken, like the old i386 code was (i386 kernel page fault semantics really were broken, and the lack of some instructions made it more painful to maintain than needed — not like EISA at all, which is just a pure add-on on the side)." In addition to Intel 80386, recent years have also seen MCA bus support being removed from the kernel. Linux generally strives to keep support even for crusty hardware if there provably is still user(s) of the particular gear.

Time For Microsoft To Open Source Internet Explorer?

Soulskill posted about a week ago | from the if-you-can't-beat-'em dept.

Internet Explorer 165

An anonymous reader writes: Ars Technica's Peter Bright argues that it's time for Microsoft to make Internet Explorer open source. He points out that IE's major competitors are all either fully open source (Firefox), or partially open source (Chrome, Safari, and Opera), and this puts Microsoft at a huge disadvantage. Bright says, "It's time for Microsoft to fit in with the rest of the browser industry and open up Trident. One might argue that this argument could be made of any software, and that Microsoft should by this logic open source everything. But I think that the browser is special. The community that exists around Web standards does not exist in the same way around, say, desktop software development, or file system drivers, or user interfaces. Development in the open is integral to the Web in an almost unique way. ... Although Microsoft has endeavored to be more open about how it's developing its browser, and which features it is prioritizing, that development nonetheless takes place in private. Developing in the open, with a public bug tracker, source code repositories, and public discussion of the browser's future direction is the next logical step."

The Current State of Linux Video Editing

Soulskill posted about a week ago | from the stop-motion-tux dept.

Media 223

An anonymous reader writes: The VFX industry has for most of the last 30 years been reliant on Macs and Windows machines for video editing, primarily because all of the Linux-based FOSS tools have been less than great. This is a shame, because all of the best 3D and 2D tools, other than video, are entrenched in the Linux environment and perform best there. The lack of decent video editing tools on Linux prevents every VFX studio from becoming a Linux-only shop. That being said, there are some strides being made to bridge this gap. What setup do you use? What's still missing?

With Community Help, Chrome Could Support Side Tabs Extension

timothy posted about two weeks ago | from the thinking-along-different-axes dept.

Chrome 116

jones_supa writes The lack of a vertical tab strip (or "Tree Style Tab" as the Firefox extension is called) has been under a lot of discussion under Chrome/Chromium bug tracker. Some years ago, vertical tabs existed as an experimental feature enabled with a "secret" command line parameter, but that feature was eventually removed from the browser. Since then, Google has been rather quiet about whether such feature is still on the roadmap. Now, a Google engineer casts some light on the issue. He says that a tree-style interface for tabs would be overly complex as a native implementation, but Google would back the idea of improving the extensions interface to support a sidebar-like surface to render the tab UI on, if someone from the open source community would step forward to do the work to drive the feature to completion.

Why Run Linux On Macs?

timothy posted about two weeks ago | from the horses-for-courses dept.

OS X 591

jones_supa writes Apple has always had attractive and stylish hardware, but there are always some customers opting to run Linux instead of OS X on their Macs. But why? One might think that a polished commercial desktop offering designed for that specific lineup of computers might have less rough edges than a free open source one. Actually there's plenty of motivations to choose otherwise. A redditor asked about this trend and got some very interesting answers. What are your reasons?

Andy Wolber Explores Online Word Processors' ODF Support

timothy posted about two weeks ago | from the export-friendly dept.

Software 70

TechCurmudgeon writes with a look at how well Google Docs and Microsoft Word Online are at dealing with documents that start (or are exported) in Open Document Format. Does using proprietary document formats make any more sense than buying a coffee maker that uses only one type of coffee, or an ebook you can only read on one device, or a nail that you can only hit with one type of hammer? Why do we use document formats that lock us into only one specific piece of software? Why are we limiting ourselves to only one type of tool? "Control of a format or distribution channel can make it harder to use a competitive solution. That's one problem of proprietary formats: a switch costs you time and/or money. You don't want to buy a new coffee maker to try different coffee, a new e-reader to read a different book, or new software to edit a new document. Open formats or distribution channels make it easier for people to choose a different solution. ... Fortunately, Google re-enabled support for ODF in December 2014. That means you can leverage the collaborative capabilities of Google Docs, Sheets, and Slides, then export your completed work to a file in an open, non-proprietary format." Spoiler alert: On balance, both Google Docs and Word Online handle ODT files reasonably well.

Systemd's Lennart Poettering: 'We Do Listen To Users'

Soulskill posted about two weeks ago | from the disagreeing-is-not-ignoring dept.

Open Source 551

M-Saunders writes: Systemd is ambitious and controversial, taking over a large part of the GNU/Linux base system. But where did it come from? Even Red Hat wasn't keen on it at the start, but since then it has worked its way into almost every major distro. Linux Voice talks to Lennart Poettering, the lead developer of Systemd, about its origins, its future, its relationship with Upstart, and handling the pressures of online flamewars.

SystemD Gains New Networking Features

samzenpus posted about two weeks ago | from the making-things-better dept.

Debian 553

jones_supa writes A lot of development work is happening on systemd with just the recent couple of weeks seeing over 200 commits. With the most recent work that has landed, the networkd component has been improved with new features. Among the additions are IP forwarding and masquerading support (patch). This is the minimal support needed and these settings get turned on by default for container network interfaces. Also added was minimal firewall manipulation helpers for systemd's networkd. The firewall manipulation helpers (patch) are used for establishing NAT rules. This support in systemd is provided by libiptc, the library used for communicating with the Linux kernel's Netfilter and changing iptables firewall rulesets. Those wishing to follow systemd development on a daily basis and see what is actually happening under the hood, can keep tabs via the systemd Git viewer.

Where Cellular Networks Don't Exist, People Are Building Their Own

Soulskill posted about two weeks ago | from the teach-a-man-to-mobile-and-he'll-tweet-for-the-rest-of-his-life dept.

Wireless Networking 104

New submitter TechCurmudgeon writes: According to a story at Wired, towns in Mexico that aren't served by the nation's telecom monopoly are taking matters in their own hands with the help of a non-profit and open source technology. "Strategically ignored by Mexico's major telecoms, Yaee is putting itself on the mobile communications grid with the help of a Oaxaca-based telecommunications non-profit called Rhizomatica." A locally-made tower is the backbone of Yaee's first cellular network. The town's network is composed of two antennas and an open-source base station from a Canadian company called NuRAN. Once Yaee gets the tower installed and the network online, its 500 citizens will, for the first time, be able to make cell phone calls from home, and for cheaper rates than almost anywhere else in Mexico.

Exploring Some Lesser-Known Scripting Languages

Soulskill posted about two weeks ago | from the it's-dangerous-to-go-alone,-import-this dept.

Programming 60

Nerval's Lobster writes: Scripting languages are used in everything from games and Web pages to operating-system shells and general applications, as well as standalone scripts. While many of these scripting languages are common and open to modification, there are some interesting, open-source ones that are worth a look, even if they don't have the substantial audience of some of the popular ones. Wren, Candle, Fancy, Pikt, and PPL all show what a single developer can do if they set out with enough motivation to create open-source scripting languages. The results often prove surprisingly powerful.

KDE Frameworks 5.3 and Plasma 2.1 – First Impressions

timothy posted about two weeks ago | from the developing-tools dept.

KDE 84

jones_supa writes Ken Vermette has done a write-up on his experience with the new KDE desktop encompassing Frameworks 5.3 and Plasma 2.1. For starters, some patience is still needed for apps to be ported to KF5, and most of them will be KF4-based for now. Many of the widgets you may have used don't exist yet either, but the good news is that the Plasma goodies which do make an appearance are universally improved. The new search widget is shockingly fast and the notifications tray has been reworked. Visual outlook of desktop has been simplified and things don't feel so tightly packed together anymore. The system settings application has been completely regrouped more by goal than underlying mechanics. Unfortunately the desktop stability leaves a lot to desire: there was several crashes and Plasma had at one point managed to forget colour and wallpaper settings. However the developers seem to be knowing what they are doing, and there's a real feeling that this software will reach rock-solid stability very quickly given the state of it as it stands.

NetHack Development Team Polls Community For Advice On Unicode

timothy posted about two weeks ago | from the pressing-issues dept.

Classic Games (Games) 165

An anonymous reader writes After years of relative silence, the development team behind the classic roguelike game NetHack has posteda question: going forward, what internal representation should the NetHack core use for Unicode characters? UTF8? UTF32? Something else? (See also: NH4 blog, reddit. Also, yes, I have verified that the question authentically comes from the NetHack dev team.)

Crowdfunded Linux Voice Magazine Releases Second Issue CC-BY-SA

Soulskill posted about two weeks ago | from the coming-through-on-a-promise dept.

Open Source 19

M-Saunders writes: As covered previously on Slashdot, Linux Voice crowdfunded its way to success in late 2013, showing how a small team can make things happen with a different business model (giving profits and content back to the community). Now, a few months after the magazine made issue 1 freely available, they've released issue 2 under the Creative Commons for everyone to share and modify. If you've ever fancied making your own Raspberry Pi-powered arcade machine, there's a full guide in the second issue.

Big Names Dominate Open Source Funding

Soulskill posted about two weeks ago | from the all-about-the-open-source-benjamins dept.

Open Source 32

jones_supa writes: Network World's analysis of publicly listed sponsors of 36 prominent open-source non-profits and foundations reveals that the lion's share of financial support for open-source groups comes from a familiar set of names. Google was the biggest supporter, appearing on the sponsor lists of eight of the 36 groups analyzed. Four companies – Canonical, SUSE, HP and VMware – supported five groups each, and seven others (Nokia, Oracle, Cisco, IBM, Dell, Intel and NEC) supported four. For its part, Red Hat supports three groups (Linux Foundation, Creative Commons and the Open Virtualization Alliance).

It's tough to get more than a general sense of how much money gets contributed to which foundations by which companies – however, the numbers aren't large by the standards of the big contributors. The average annual revenue for the open-source organizations considered in the analysis was $4.36 million, and that number was skewed by the $27 million taken in by the Wikimedia Foundation (whose interests range far beyond OSS development) and the $17 million posted by Linux Foundation.

Slashdot Login

Need an Account?

Forgot your password?