Slashdot Mirror

https://github.com/openx/openx-source

It's still trivial to break: https://gist.github.com/Glyxbaer/4564489

You can also give NewsBlur a try, and if you like it you have two choices: pony up for a full account or self-host, since it is totally open source: https://github.com/samuelclay/NewsBlur

There are lots of alternatives that can play back YouTube videos without using Google's JavaScript or Adobe Flash (e.g. ViewTube, youtube-dl, UnPlug, quvi and youtube-viewer (which also supports viewing comments).

Um, I'll bite, it's on Github and licensed under AGPL.

I give you Mjolnir: https://github.com/halgari/mjolnir It's a project that uses Clojure (a Lisp dialect) plus LLVM ( the compiler ) to generate highly optimized machine code. I'm not associated with the project in any way, and I don't know if the generated code comes close to well-written C++ for performance (both in terms of CPU and memory use efficiency). But the potential is there.

Obviously running a Lisp interpreter in an embedded RTOS isn't practical.

And also this

This concerns more file "tagging", but a while ago I grew frustrated with the lack of real solutions for file organization (the oft-discussed but surprisingly absent-in-implementation semantic file system), so I decided to start writing my own. It can best be described as a multidimensional hierarchical abstract file system that is implemented on top of regular POSIX file systems using hard links and a handful of scripts and FUSE. It's still not feature-complete as I want it, but the basic tagging framework is done. Here's the repository for anyone interested: https://github.com/darkfeline/dantalian

With the close of google reader I switched to OwnCloud News running on my own hardware.

Pro: Not reliant on others, Con: I only have myself to blame if I go offline =)

Most important: NewsBlur is open source. I'm glad I paid the 24$, but if anything goes wrong with their business model, I don't lose anything, I can run it myself: https://github.com/samuelclay/NewsBlur

one quine to rule them all. forever.

It's existed for longer than this one in emacs and is called Vundle.

https://github.com/gmarik/vundle

Check out XPrivacy. Of course, it requires the Xposed Framework to be installed. Which requires root.
Or, of course, the Privacy Guard on the new CyanogenMod 10.1 builds, but which requires CyanogenMod.
Or OpenPDroid, but that requires patching your rom.

We use a django app for that. wat you can do is go to /admin, log in and create a facebook app in which you set the key and secret to an arbitrary value. that takes away the error message. Please go ahead and file that bug report to those who created the django app. https://github.com/pennersr/django-allauth I was filing it previously and was told to forget about it.

I was going to make flippant remark as I am not in love with CyanogenMod music player (I am a vanilla Music Player Fan). I like CyanogenMod because it is basically stock Android, and this is another deviation from that.

Whay I didnt realise is CyanogenMod has received a takedown Notice under DMCA from DxO Labs SA https://github.com/github/dmca/blob/master/2013-03-12-DxO-Labs.md for allegedly using its code unlicensed.

Better article here http://www.androidcentral.com/cyanogenmod-focal-camera-app-nemesis looks great..shame about that icon.

There's also a CLR (.Net) version of Clojure.

My personal preferences put Clojure as a clear winner over Scheme overall from a language perspective (there are things I like about Scheme better of course, but they are outweighted in other areas), though I can't compare implementations.

Well, of course I goofed, it's not that easy (well it is, read on). A snapshot keeps track of what has changed, yes, but it records not the new state, but the old state. What you want to transfer over is the new state. So you can use the snapshot for the location of changed state (for its metadata only), and the parent volume for the actual state.

That's precisely what lvmsync does. That's the tool you want to do what I said above, only that it'll actually work :)

Lately I've been using the same coordinates library to generate static KML files of GPS tracks in Google Earth. These files don't have the same realtime interest that the satellite tracking one does, since the GPS tracks are being gathered earlier and being batched processed. I have several C++ libraries up on Github, if you're curious.

...And how is the keychain "easily snooped"? That's news to me. Please elaborate....

https://github.com/ptoomey3/Keychain-Dumper

This only works for Jailbroken devices. AFAIK, iOS6.1.3+ is not capable of jailbreak. How are you going to get the keys from my iOS devices running iOS6.1.3?

...And how is the keychain "easily snooped"? That's news to me. Please elaborate....

https://github.com/ptoomey3/Keychain-Dumper

While I haven't tried any of it yet, reading over this reminds me a bit of coding assembly language routines on those old Z80-based systems to do things that the ROM BASIC wasn't capable of (or didn't want you to do).

As cool as using bittorrent protocol would be, at least owncloud's developers do release the source code, and there are sync clients too. It may not be distributed (it requires a regular server setup), but I'll take that over not having the code.

Presuming it can be plugged in - there's always the IOIO, though that does add another few $$ to the price. But since most people tend to use their RPi as little more than a media streamer or bitcoin mining host for FPGA's / ASICs, etc. then the Android devices are a better option - and GPIO can be added on later if they wanted to (and can then be re-used if they switch/upgrade their Android device, etc.).

Evalimine is a publication, on github, of the software the Estonian government uses for electronic voting. Confusion has arisen on that project ( see the issues ) about the license the guys used who put that code on github: they chose Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License which basically forbids forking. Strange.

AFAIK, RDP lets you see the entire remote screen, not the windows of a single program.

https://github.com/FreeRDP/FreeRDP/wiki/RemoteApp

1 Samsung Arm CB + x2go + Chrubuntu (13.10 xubuntu) =

full access to running programs on my home Linux PC from anywhere, with HUGE battery life, at less than 2 lbs and $250. With x2go I can run applications remotely, and the chromebook only has to handle the UI, not the actual processing. As a result, I can run Intel apps and it feels pretty fast, even from 2000 miles away. If the computer gets stolen, it's only a loss of $250 as opposed to the thousands a lightweight laptop would cost, and the data is on my home computer, not the cb...

x2go btw is amazing, tunneling linux application's interfaces through ssh, so they feel like they're running on the chromebook, but aren't. If you can set up ssh, you can set up x2go.

Under a NoDeriv license so it cannot be built upon. http://creativecommons.org/licenses/by-nc-nd/3.0/

You're right. Thats a bad choice of license in my opinion, but at least its out there to look at. Completely undocumented though. Readme is empty!

Look at this source file (chosen at random): master/ivote-server/common/election.py. Number of comments other than license: 0.

Looks like its all in python, served as a CGI through apache. Not what I would use, but nothing particularly wrong with that.

Readme is empty, so I can't even figure out what algorithm they are using.

My open source election software is BSD licensed, and has a readme that says what it does, and some comments in the code. Its also more self documenting (type safe language!). Sure, mine is no where near usable, but at least its licensed such that it can be used. I just started it recently, and its just a hobby project of mine, so don't expect too much. I'm not looking for help or review of my system yet, but I'll get there eventually!

My approach is based on RSA blind signing and should be secure (either correct or provably fraudulent while protecting voter anonymity) in the face of a hostile authority running all the servers, assuming you can agree on a list of registered voters and collect public keys from them (and yes, I know thats very non trivial).

Anyway, given their license and lack of documentation, I'll just keep working on mine. I don't even know where I'd start a review of their system. Can anyone actually figure out what their system does from a algorithm /cryptography standpoint?

Under a NoDeriv license so it cannot be built upon. http://creativecommons.org/licenses/by-nc-nd/3.0/

You're right. Thats a bad choice of license in my opinion, but at least its out there to look at. Completely undocumented though. Readme is empty!

Look at this source file (chosen at random): master/ivote-server/common/election.py. Number of comments other than license: 0.

Looks like its all in python, served as a CGI through apache. Not what I would use, but nothing particularly wrong with that.

Readme is empty, so I can't even figure out what algorithm they are using.

My open source election software is BSD licensed, and has a readme that says what it does, and some comments in the code. Its also more self documenting (type safe language!). Sure, mine is no where near usable, but at least its licensed such that it can be used. I just started it recently, and its just a hobby project of mine, so don't expect too much. I'm not looking for help or review of my system yet, but I'll get there eventually!

My approach is based on RSA blind signing and should be secure (either correct or provably fraudulent while protecting voter anonymity) in the face of a hostile authority running all the servers, assuming you can agree on a list of registered voters and collect public keys from them (and yes, I know thats very non trivial).

Anyway, given their license and lack of documentation, I'll just keep working on mine. I don't even know where I'd start a review of their system. Can anyone actually figure out what their system does from a algorithm /cryptography standpoint?

If you find any bugs, would like to request any features, or want to help out by contributing to some open source code, please let us know in our issue tracker [1]. The beauty of open source is that you have the ability to affect the trajectory of the project! [1] https://github.com/mozilla/r2d2b2g/issues

I was talking about grbl's problem with the lack of FTDI chip on recent Arduinos causing XON/XOFF flow control problems.

Do you have a suggestion for a firmware to use on a desktop CNC, apart from grbl?

Any application intended to resist modern government surveillance is going to be extremely difficult to write, because it has to be resistant to bogus secret "court orders". The only way I know to do that is to have many independent developers engage in multi-party signatures of reproducible builds based on audited and reviewed open source code. If they're just going to run a company that develops it in a proprietary manner how will they achieve that?

I am more interested in Pond. It's being written by an actual cryptographer and he already has real, working code (though it's nowhere near releasable). It's up front about its security model and which threats can break it. It's built on top of Tor and even supports using the TPM chip so that when you press delete, the data is really really gone beyond the ability of any forensics tools to recover. It's even designed to resist traffic analysis. Anyone can run a server.

The main differences are that, obviously, Pond is not developed by a company, and it is focussed on asynchronous email style messaging rather than instant messaging. It's also got a very strong threat model that means it compromises on usability - for instance, there are no addresses in Pond, instead you are expected to hand out small files (perhaps on NFC tags?) to people who you want to be able to receive messages from (this is an anti-spam measure).

Despite all that it's a very interesting piece of research.

... which works for local communications even when the internet itself is down. Importantly, this is an application that already exists. Plus everything we're doing is open source and we'll never lock any features behind a paywall.

I've been working on Serval's software for a couple of years now building the core feature set; encrypted calling and messaging, distributed phone number lookups, file distribution, software updates and installs in the field...

But since we're initially targeting android phones, we're stuck with the range limitations of Wi-Fi. So we're trying to fund the design and manufacture of a pocket sized device with much longer range (totally shameless plug).

There's still a few missing features in our software that we'll need to finish before we call it version 1.0. But with a enough funding I could easily build a P2P directory to provide services across the internet. With no centrally controlled servers at all.

That is exactly the problem that Phusion Passenger solves. It is a Node.js application server, built on Nginx, and not only provides world-class HTTP management but also things like auto-scaling processes, supervisoring, load balancing, resource management, etc.

That is hilarious. So you're saying that this bug can't be from this code:

5-Dec-1990 -by- Paul Butzi [paulb]

/
* EPATHOBJ::pprFlattenRec(ppr)
*
* Cruise over a path, translating all of the beziers into sequences of lines.
*
* History:
* 5-Dec-1990 -by- Paul Butzi [paulb]
* Wrote it.
/
PPATHREC EPATHOBJ::pprFlattenRec(PATHRECORD *ppr)
{ // Create a new record

        PATHRECORD *pprNew;
        COUNT maxadd;

        if ( newpathrec(&pprNew,&maxadd,MAXLONG) != TRUE )
                return (PPATHREC) NULL; // Take record of Beziers out of path list, and put a new record // in its place. Update 'pprNew->pprnext' when we exit.

        pprNew->pprprev = ppr->pprprev;
        pprNew->count = 0;

There are several languages that are written on top of OpenCL - that is the whole idea of this API. But if your read the article, it seems this guy was the actual inventor of the wheel.

Same response happened when some guy made Rootbeer and let some marketeer write an alike article. It was suggested that you could just run existing Java-code on the GPU, but that was not true at all - you had to rewrite the code to the rootbeer-API. This Harlan-project is comparable: just beta-software that has not run into the real limits of GPU-computing - but still making big promises that in contrary to their peers they actually will fix the problem.
I'm not saying it can be in the future, but just that this article is a marketing-piece with several promises on future advancements.

Check out Aparapi and VexCL to name just two. There are loads and loads of these solutions - many of these wrappers slowly advance to higher level languages, and have been in the field a lot longer.

I think it can, but seems it is so complicated and unreadable that sample project at https://github.com/csabahruska/GFXDemo is using gsl for shaders...

float.kfc shows the basic Scheme-style syntax.

I wonder why it uses .kfc as its extension...

One other meme on this: http://pcast.ideascale.com/a/dtd/The-need-for-FOSS-intelligence-tools-for-sensemaking-etc./76207-8319
"As with that notion of "mutual security", the US intelligence community needs to look beyond seeing an intelligence tool as just something proprietary that gives a "friendly" analyst some advantage over an "unfriendly" analyst. Instead, the intelligence community could begin to see the potential for a free and open source intelligence tool as a way to promote "friendship" across the planet by dispelling some of the gloom of "want and ignorance" (see the scene in "A Christmas Carol" with Scrooge and a Christmas Spirit) that we still have all too much of around the planet. So, beyond supporting legitimate US intelligence needs (useful with their own closed sources of data), supporting a free and open source intelligence tool (and related open datasets) could become a strategic part of US (or other nation's) "diplomacy" and constructive outreach.
    Now, there are many people out there (including computer scientists) who may raise legitimate concerns about privacy or other important issues in regards to any system that can support the intelligence community (as well as civilian needs). As I see it, there is a race going on. The race is between two trends. On the one hand, the internet can be used to profile and round up dissenters to the scarcity-based economic status quo (thus legitimate worries about privacy and something like TIA). On the other hand, the internet can be used to change the status quo in various ways (better designs, better science, stronger social networks advocating for some healthy mix of a basic income, a gift economy, democratic resource-based planning, improved local subsistence, etc., all supported by better structured arguments like with the Genoa II approach) to the point where there is abundance for all and rounding up dissenters to mainstream economics is a non-issue because material abundance is everywhere. So, as Bucky Fuller said, whether is will be Utopia or Oblivion will be a touch-and-go relay race to the very end. While I can't guarantee success at the second option of using the internet for abundance for all, I can guarantee that if we do nothing, the first option of using the internet to round up dissenters (or really, anybody who is different, like was done using IBM computers in WWII Germany) will probably prevail. So, I feel the global public really needs access to these sorts of sensemaking tools in an open source way, and the way to use them is not so much to "fight back" as to "transform and/or transcend the system". As Bucky Fuller said, you never change thing by fighting the old paradigm directly; you change things by inventing a new way that makes the old paradigm obsolete."

Some attempts by us at such FOSS tools:
http://www.rakontu.org/
https://code.google.com/p/rakontu/
https://github.com/pdfernhout/Pointrel20130202
https://github.com/pdfernhout/Pointrel20120623

We've built other stuff in the past, but sadly it is proprietary. Hopefully people can go beyond all this in their own ways.

A billion dollars could see a good start on this project. :-) Or a "basic income" for all, to give coders who want to do this the time to do it.

One other meme on this: http://pcast.ideascale.com/a/dtd/The-need-for-FOSS-intelligence-tools-for-sensemaking-etc./76207-8319
"As with that notion of "mutual security", the US intelligence community needs to look beyond seeing an intelligence tool as just something proprietary that gives a "friendly" analyst some advantage over an "unfriendly" analyst. Instead, the intelligence community could begin to see the potential for a free and open source intelligence tool as a way to promote "friendship" across the planet by dispelling some of the gloom of "want and ignorance" (see the scene in "A Christmas Carol" with Scrooge and a Christmas Spirit) that we still have all too much of around the planet. So, beyond supporting legitimate US intelligence needs (useful with their own closed sources of data), supporting a free and open source intelligence tool (and related open datasets) could become a strategic part of US (or other nation's) "diplomacy" and constructive outreach.
    Now, there are many people out there (including computer scientists) who may raise legitimate concerns about privacy or other important issues in regards to any system that can support the intelligence community (as well as civilian needs). As I see it, there is a race going on. The race is between two trends. On the one hand, the internet can be used to profile and round up dissenters to the scarcity-based economic status quo (thus legitimate worries about privacy and something like TIA). On the other hand, the internet can be used to change the status quo in various ways (better designs, better science, stronger social networks advocating for some healthy mix of a basic income, a gift economy, democratic resource-based planning, improved local subsistence, etc., all supported by better structured arguments like with the Genoa II approach) to the point where there is abundance for all and rounding up dissenters to mainstream economics is a non-issue because material abundance is everywhere. So, as Bucky Fuller said, whether is will be Utopia or Oblivion will be a touch-and-go relay race to the very end. While I can't guarantee success at the second option of using the internet for abundance for all, I can guarantee that if we do nothing, the first option of using the internet to round up dissenters (or really, anybody who is different, like was done using IBM computers in WWII Germany) will probably prevail. So, I feel the global public really needs access to these sorts of sensemaking tools in an open source way, and the way to use them is not so much to "fight back" as to "transform and/or transcend the system". As Bucky Fuller said, you never change thing by fighting the old paradigm directly; you change things by inventing a new way that makes the old paradigm obsolete."

Some attempts by us at such FOSS tools:
http://www.rakontu.org/
https://code.google.com/p/rakontu/
https://github.com/pdfernhout/Pointrel20130202
https://github.com/pdfernhout/Pointrel20120623

We've built other stuff in the past, but sadly it is proprietary. Hopefully people can go beyond all this in their own ways.

A billion dollars could see a good start on this project. :-) Or a "basic income" for all, to give coders who want to do this the time to do it.

https://github.com/search?q=nsa+backdoor+extension%3Arb+extension%3Apy+extension%3Ajava+extension%3Aphp&type=Code&ref=searchresults

Huh? Skipping mod points to say you are definitely wrong. The Chrome (chromium by it's open source name) source code is here and the android source code is here. nice try though.

Seems already solved pretty well, see this:

https://github.com/exaexa/codecrypt

Way to go AC answer my question before I got to ask it :) (don't have mod points)

Just FYI...

- The effect of Grover Search ("security bits doubling") of the search in O(n^0.5) is not that dramatic at all -- for brute-force attacks, you still need a decision tool that decides whether the experimentally-deciphered plaintext is the text you're looking for. AND you certainly will meet more than one valid (say, well formatted and correct English) plaintext. So it doesn't really break it, you still need some good information about what the plaintext should contain.

- All nubmer-theoretic based problems are reduced to log-times by quantum computing Shor's algorithm, as it was extended to solve dlog as well, and works on any group regardless whether it is numeric or made of elliptic curves. This breaks original RSA, DSA, ElGamal, Diffie-Hellman and EC-based stuff like ECRSA/ECDSA.

But hey, there already are quantum-intractable practical cryptosystems :) see
http://pqcrypto.org/
https://github.com/exaexa/codecrypt
etc...

Seems already solved pretty well, see this:

https://github.com/exaexa/codecrypt

I'm a Meteor developer, using full-stack Javascript 100% of the time... Node.js, MongoDB, and jQuery are my stock in trade. If you're not familiar, Meteor is basically 'Javascript on Rails'. And, in my experience, everything in the article is spot on. As to the jaw-dropping abilities...

- developing in a unified language has increased my productivity 5x to 10x. I get done in a weekend what used to take me a month or more to do in PHP or C#. That's jaw dropping from a business sense, and has allowed me to completely change my business structure and approach. Frameworks like Meteor and Derby are going to win out on productivity gains alone. I can go from an initial client meeting to launching a beta of a multi-user application in a weekend.

- remember that javascript is based on actionscript, based on scheme, based on lisp. When you have your client, server, and database all using a functional language, you can start creating UI elements as monad operations on datastore elements. No objects ever on the heap. Just chained functions from database to server to client to UI. Among other things, this allows for things like reactive templates, demonstrated in the following screencast:

http://meteor.com/screencast

- besides the reactive templates, sharing of libraries between client and server makes every Meteor application theoretically capable of becoming a peer-to-peer distributed application. No PHP or Ruby or C# web application can do that. In theory, you could bundle the node.js libraries themselves into the client, and have each served client become a new peer-to-peer node.

- this allows mesh networking functionality, with monad operations defining computations between and through nodes. Think of it like routing protocols, but with computations. Lots of distributed computing possibilities here, obviously. More importantly is bandwidth usage, offline data synchronization, and the like. Instead of going to a data center to get the latest package updates, applications will be able to query neighbor nodes. Think IPv6 functionality, mesh networking, and being able to query data states from intermediary peers. The people in the Meteor dev community are actively working on things ranging from meters for smart energy grids to real-time bee pollination tracking.

Those technical details aside, the underlying reason why pure javascript can result in jaw-dropping applications is because, at it's core, javascript is a functional language, in the manner of lisp (if you know how to use the lambda calculus). It's lisp for the web (or scheme for the web, if you prefer). And putting it on both the server and client and database allows developers to do crazy monad calculations and method chaining. The monads will update and recalculate themselves in real time, as the underlying data changes. The end result is reactive templates and data-driven animations and UI elements.

If you want a better understanding how this is going to play out, check out the D3 visualization library here:

https://github.com/mbostock/d3/wiki/Gallery

Then, imagine all those visualizations used to create applications like in Processing:

http://processing.org/exhibition/

That's the direction this stuff is headed in. If you want to see some real examples in action, consider the interactives on the New York Times

http://www.nytimes.com/interactive/2012/05/17/business/dealbook/how-the-facebook-offering-compares.html?_r=0
http://www.nytimes.com/interactive/2012/02/13/us/politics/2013-budget-proposal-graphic.html

WTF Tizen is...

The only thing your copy/pasted explanation says, is that it's an open source OS, which seems like it should be obvious from the context.

A much better explanation is that Tizen is the bastard offspring of MeeGo (Intel/Nokia) and LiMo/SLP/Bada (Samsung).

If you'd really like to punish yourself, you can see the family tree, here:

https://github.com/kumadasu/tizen-history/blob/master/tizen-history.pdf

(1) NPM works just find for package management.
(2) https://github.com/rbranson/node-ffi

I guess we are good now.

(A) That is a year old, and node has had something like 6 releases since then
(B) Did you bother to read the substance of the test? His test was flawed. Each request he was doing file io in node, but not in vert.

"In your benchmarks nodejs is reading off the disk for every request. That’s the reason for the dramatic performance difference. Monitoring disk ops you can see this as well. Seems the JVM is doing some caching that v8 isn’t for reading the same file.

Also making a small change so that both Vert.x and node.js only read the file once using this:

https://gist.github.com/2652991

Then node.js ends up performing substantially better than Vert.x. I changed both Vert.x and node.js apps to match so it would be apples to apples comparison.

The results I got had node.js outperforming Vert.x by 50%."

Actually, most libraries will work in either client side browsers or node. See https://github.com/substack/node-browserify for an example of how some interop is being done. The browser engine (handling the js) is V8, which also happens to be the node.js engine. Any js related to the DOM does not make sense to run server side anyway (with the exception of server side DOM testing, which works just fine with selenium, zombiejs, or phantomjs, making you double wrong).

Has already been done in Tahoe-LAFS

It's called TGPPL

https://github.com/tahoe-lafs/tahoe-lafs/blob/master/COPYING.TGPPL.rst