You might remember Freshmeat, a hacker site whose name was changed in 2011 to FreeCode (to me, it will always be Freshmeat). Freshmeat kept track of software packages, their newest versions, change logs, and updates. For project developers, it was a great way to get the word out about improvements to their software. For users, it was a spectacular way to search for and discover interesting and useful software. While not totally devoted to open source software, the bulk of the software was for Unix and Linux systems, and much of it was open source.
In 2012, FreeCode was bought by Dice Holdings, along with Slashdot and the rest of Geeknet's sites, for $20M. Two years later (ie, yesterday),
it was dead in the water.
As of yesterday, visitors to Freecode.com will see "Effective 2014-06-18 Freecode is no longer being updated (content may be stale)." Turns out, Freecode.com wasn't generating enough revenue via page impressions of ads, and Dice Holdings decided to stick a knife in its heart, explaining:
The Freecode site has been moved to a static state effective June 18, 2014 due to low traffic levels and so that folks will focus on more useful endeavors than site upkeep. The site contents have been retained in this static state as a continued path to access the linked software, much of which is on self-hosted servers and would be difficult to find otherwise.
It might seem better than nothing to just freeze FreeCode into a static site, but a site whose purpose is to track the latest and greatest is dead in the water if all of its information was frozen on 18 June. Rest in Peace, Freshmeat. [ed. note: Is it now rotten meat? Because I see flies on the carcass].
This story comes from CNet, who has dumbed the story down in a way that makes it a bit hard to understand [ed note: ironic]. But it appears
security researchers have reverse engineered over 880,000 of the Android app store's 1.1M free apps, and found a number of important security concerns .
The first concern is the existence of hard coded keys, which the article claims "username and password data -- which can then be used to steal user data or resources from entities such as Amazon and Facebook." That's not well explained, but that's CNet for you.
The second concern isn't so much a security issue as further evidence that the Android app store could use some better curating: the researchers discovered that roughly 25% of Android free apps are simply clones of other apps.
The researchers used a tool called "PlayDrone" which circumvents the App store's procedures to download apps and reverse engineer them to acquire source code.
The source article at Columbia University is better , or
PlayDrone yourself over at Github. A bit of nice work by researchers Jason Nieh and Nicolas Viennot.
Today, Amazon revealed the
Fire Phone , its new Amazon branded phone. The device sports a quad-core 2.2GHz processor, 2GB of RAM, 32GB or 64GB storage, and a 13MP back-facing camera. Although the 4.7 inch screen is not actually 3D, a matrix of four front-facing cameras track your movements to alter your prospective.
What makes this an Amazon phone and not just another Android phone? Well, for starters, there is a dedicated hardware button to launch
Firefly - Amazon's version of Eden-of-the-East - that can snap a picture and identify nearly any product and then link to the Amazon page. In short, it makes it really easy to buy things on Amazon. Also, Amazon is offering
unlimited photo storage in the cloud. Together with Amazon Prime's new streaming video and music features, they seem to be really pushing the "Everything to the cloud!" approach.
The question arose out of the urgency of the
heartbleed OpenSSL bug and the hurried round of patching that ensued:
what is the future of opensource security management, and what can we learn from this crisis? Shrikanth RP, executive editor for Times India writes: A recent report by Coverity found out that the quality of open source surpassed proprietary projects with a defect density of 0.59 per thousand lines of code for open source compared to 0.72 for proprietary code scanned. Defect density (defects per 1,000 lines of software code) is a commonly used measurement for software quality. The report mentions that nearly 50,000 defects were fixed in 2013 alone - the largest single number of defects fixed in a single year. More than 11,000 of these defects were fixed by the four largest projects in the service: NetBSD, FreeBSD, LibreOffice and Linux. So, what do these statistics mean for open source security, and how must organizations look at open source security post Heartbleed?
Better peer review, more atomic code commits and checks, periodic, 3rd party audits: what should we be doing to improve the quality of our code?
Lennart is at it again, this time
changing how /etc and /var are populated in a systemd system. In Linux, remember, system-wide configuration data (computer name, startup scripts, and such) are stored under the /etc directory, while all variable state data (caches, mail spools, and such) are stored under the /var directory. Both of these directories have traditionally been preserved across reboots.
With these changes one can perform a "factory reset" by simply removing these two directories and letting the system reconfigure itself with defaults or by dynamic means, such as DHCP. This idea isn't exactly new, as UNIX admins have been doing similar feats for network booting,
live disks , and
security conscious systems for many years. Still, though, by building it into systemd, wiping the installation to a clean state and maintaining a "stateless" system by default could get a lot easier in future distributions.
Mozilla's proposed CEO, Eich, departed due to his support of an anti-gay marriage proposition in California. But since then, nothing has changed, and Mozilla is
desperately in need of some leadership at a time when its $300M/year deal with Google is coming to an end (Dec 2014, to be precise). Writes Steven J. Vaughan-Nichols:
Today, months later, under the temporary leadership of acting CEO Chris Beard, Mozilla doesn't appear to be any closer to finding a new CEO.
In a June 3 blog posting, Surman wrote that one of the things on the top of his mind is "Finding the right balance between clear goals, working across teams and distributed leadership. If I'm honest, we've struggled with these things at [Mozilla] for the last 18 months or so. Our recent all hands in San Francisco felt like a breakthrough: focused, problem-solving, fast moving." How this will translate into true leadership remains an unanswered question.
What next for embattled Mozilla? And how to prevent the once mighty browser-giant from becoming the next Netscape?
Thank God for researchers.
From Lavazza, the folks who make that spectacular espresso coffee :
"An espresso coffee is what I miss most aboard the International Space Station." We have repeatedly heard this comment from the Italian astronauts who for 13 years have been at times working in the International Space Station, and today their espresso wish is about to become reality. In fact, Argotec and Lavazza are working together with the Italian Space Agency (ISA) to actually bring the authentic Italian espresso onto the International Space Station. ... Its name is ISSpresso. It takes its name from the International Space Station (ISS), where it is to be installed. It is the first capsule-based espresso system able to work in the extreme conditions of space, where the principles that regulate the fluid dynamics of liquids and mixtures are very different from those typical on Earth.
This, my friends, is scientific progress.
Like KDE? Looking for something new and innovative? Have a look at KaOS. As described on its home page, KaOS is "A lean KDE Distribution", and it gives these as the ideas and principles behind the distribution:
- Rolling distribution
- Built from scratch (not derived from some 'larger' distribution)
- KDE desktop / Qt toolkit only
- x86_64 architecture only
Interesting to have a distro that's not just a remash of some version of Ubuntu, and the narrow focus of the distro means there are fewer moving parts to worry about. I'll be giving it a look over the weekend.
Here is KaOS' page on Distrowatch. But J.A. Watson over at ZDNet
does a pretty reasonable job of reviewing it this week, too.
PCWorld is running an article about the rise of quality games on the Linux platform .
For the first time in a long time, Linux gamers have a reason to smile. Gaming on the open-source operating system has long meant dabbling in Wine and arcane workarounds, but ever since Valve launched Steam for Linux just over a year ago the number of native Linux games has positively exploded.
Sure, Valve's embrace of Linux may have a wee bit to do with advancing the Steam Machine ideal, but any game released for "SteamOS" works just fine on other Linux distros, too. Here are 7 killer, big-name PC games that've recently become Linux natives-starting with a juggernaut that landed on Linux just this week.
Warning: it's one of those articles where you have to click 7 times to see all ten entries, but if you can stomach the format, it's a pretty interesting article.
With upheaval in the Crimea, Iraq, and elsewhere again overwhelming the news, the military and their hardware are again in the forefront of everyone's consciousness. Good time then to see what kind of tech soldiers are using or will soon be using on the battlefield.
Not surprisingly,
the tech pioneered by Oculus Rift is extremely interesting to military planners . But as real life mirrors sci-fi and even comic books, it might be a surprise to see
the military is now debuting an Iron Man suit to protect its troops .
If the junction of hardware and battle tech interest you, you'll be disappointed to know you just missed a big
trade show in Paris where you could come browse the latest and greatest, presumably in the presence of hostile governments planning on using the same equipment against you! Don't worry, there will be others - the military market isn't going to disappear any time soon.