Open-source News

Fedora Cloud 35 Looking To Use The Btrfs File-System By Default  Phoronix

Fedora Workstation has been defaulting to the Btrfs file-system since F33 while other editions of Fedora Linux have continued using their defaults. With Fedora Cloud 35, this cloud spin of Fedora is now also looking to migrate to Btrfs...

ShellHub is a cloud server that allows universal access to your networked devices from any external network. Using it prevents being blocked by firewalls or overly complex networks because ShellHub uses the HTTP protocol to encapsulate the SSH protocol. This transport layer allows seamless use on most networks, as it is commonly available and accepted by most companies' firewall rules and policies.

read more

The post 10 Most Used Linux Distributions of All Time first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

In this article, we will review the 10 most used Linux distributions based on the huge availability of software, ease of installation and use, and community support on web forums. That said, here’s the

The post 10 Most Used Linux Distributions of All Time first appeared on Tecmint: Linux Howtos, Tutorials & Guides.

How do you follow a two-day, global event packed with more than 30 Ask the Expert sessions, new product announcements, award-winning customer success stories, and celebrity meet-and-greets? Invite everyone back for more, and make it an even more personalized experience. 

The BLAKE3 high performance crypto hashing function that is much speedier than MD5, SHA-1/SHA-2/SHA-3, and the former BLAKE2, is nearing its v1.0 release for its official Rust and C implementations...

Valve's Switch-like console is reportedly in the works  OnMSFT.com

Windows on 1.3 billion computers, a new language written by AI and Linux Foundation - Connect.cz  Pakistan Christian TV

As we think about the future of the software industry, we believe we have a responsibility to help build a better future – a more sustainable future – both internally at our organizations and in partnership with industry leaders around the globe. With data centers around the world accounting for 1% of global electricity demand, and projections to consume 3-8% in the next decade, it’s imperative we address this as an industry.

To help in that endeavor, we’re excited to announce the formation of The Green Software Foundation – a nonprofit founded by Accenture, GitHub, Microsoft, and ThoughtWorks established with the Linux Foundation and the Joint Development Foundation Projects LLC to build a trusted ecosystem of people, standards, tooling, and leading practices for building green software.

Read more at The Microsoft Blog

The post The Linux Foundation joins Accenture, GitHub, Microsoft, and ThoughtWorks to Launch the Green Software Foundation to put sustainability at the core of software engineering appeared first on Linux Foundation.

Author: Kate Stewart, VP of Dependable Systems, The Linux Foundation

In a previous Linux Foundation blog, David A. Wheeler, director of LF Supply Chain Security, discussed how capabilities built by Linux Foundation communities can be used to address the software supply chain security requirements set by the US Executive Order on Cybersecurity. 

One of those capabilities, SPDX, completely addresses the Executive Order 4(e) and 4(f) and 10(j) requirements for a Software Bill of Materials (SBOM). The SPDX specification is implemented as a file format that identifies the software components within a larger piece of computer software and metadata such as the licenses of those components. 

SPDX is an open standard for communicating software bill of material (SBOM) information, including components, licenses, copyrights, and security references. It has a rich ecosystem of existing tools that provides a common format for companies and communities to share important data to streamline and improve the identification and monitoring of software.

SBOMs have numerous use cases. They have frequently been used in areas such as license compliance but are equally useful in security, export control, and broader processes such as mergers and acquisitions (M&A) processes or venture capital investments. SDPX maintains an active community to support various uses, modeling its governance and activity on the same format that has successfully supported open source software projects over the past three decades.

The LF has been developing and refining SPDX for over ten years and has seen extensive uptake by companies and projects in the software industry.  Notable recent examples are the contributions by companies such as Hitachi, Fujitsu, and Toshiba in furthering the standard via optional profiles like “SPDX Lite” in the SPDX 2.2 specification release and in support of the SPDX SBOMs in proprietary and open source automation solutions. 

This de facto standard has been submitted to ISO via the Joint Development Foundation using the PAS Transposition process of Joint Technical Committee 1 (JTC1). It is currently in the enquiry phase of the process and can be reviewed on the ISO website as ISO/IEC DIS 5962.

There is a wide range of open source tooling, as well as commercial tool options emerging as well as options available today.  Companies such as FOSSID and Synopsys have been working with the SPDX format for several years. Open Source tools like FOSSology (source code Analysis),  OSS Review Toolkit (Generation from CI & Build infrastructure), Tern (container content analysis), Quartermaster (build extensions), ScanCode (source code analysis) in addition to the SPDX-tools project have also standardized on using SPDX for the interchange are also participating in Automated Compliance Tooling (ACT) Project Umbrella.  ACT has been discussed as community-driven solutions for software supply chain security remediation as part of our synopsis of the findings in the Vulnerabilities in the Core study, which was published by the Linux Foundation and Harvard University LISH in February of 2020.   

One thing is clear: A software bill of materials that can be shared without friction between different teams and companies will be a core part of software development and deployment in this coming decade. The sharing of software metadata will take different forms, including manual and automated reviews, but the core structures will remain the same. 

Standardization in this field, as in others, is the key to success. This domain has an advantage in that we are benefiting from an entire decade of prior work in SPDX. Therefore the process becomes the implementation of this standard to the various domains rather than the creation, expansion, or additional refinement of new or budding approaches to the matter.

Start using the SPDX specification here:https://spdx.github.io/spdx-spec/. Development of the next revision is underway, so If there’s a use case you can’t represent with the current specification, open an issue, this is the right window for input.   

To learn more about the many facets of the SPDX project see: https://spdx.dev/

The post SPDX: It’s Already in Use for Global Software Bill of Materials (SBOM) and Supply Chain Security appeared first on Linux Foundation.

Google Fuchsia OS finally rolls out  ZDNet

Google has released Chrome 91 as a rather exciting feature update to their open-source, cross-platform web browser...

Linux 5.14 to debut later in the summer will allow for hot unplugging of AMD Radeon graphics cards such as when using an external GPU enclosure or passing back a GPU from a virtual machine to the host. Up until now the AMDGPU kernel driver hasn't cooperated nicely with the Radeon GPU for hot unplug events...

Feeling Overwhelmed With Vim? Try Micro Text Editor Instead  MUO - MakeUseOf

Microsoft: Windows 10 Insiders can now can run Linux GUI apps  BleepingComputer

The Rowhammer security exploit affecting DRAM memory modules has a new chapter with Google now detailing "half-double" as a new technique for exploit of system memory...

CSGO Devs Fix Trust Factor Issues for Linux Users  TalkEsport

How to transfer files between Android and Linux with Warpinator  TechRepublic

IBM WebSphere App Server Now Available on Azure Linux VMs  Redmondmag.com

Microsoft, the Linux Foundation, and others team up to make software sustainable  Yahoo Tech