For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×
SourceForge

SourceForge Suspends Independent Project Mirroring 124 124

Posted by Soulskill
from the reflecting-on-mirrors dept.
vivaoporto writes: In a reversal motivated by community concerns (like the high profile outcry over the distribution of an ads-enabled installer for GIMP and the accusation by Fyodor of the hijacking of the nmap SourceForge project), SourceForge has discontinued third-party bundling of mirrored content.

Along with that, as of June 18th, SourceForge started "removing SourceForge-maintained mirrored projects" and engaging their "newly-formed Community Panel to discuss site features and program policies including a redesigned mirror program." Of the 295 mirrored projects, they removed all that were "not co-maintained with one or more of the original developers, except where the upstream site has been discontinued." For those wanting to reach SourceForge for some constructive feedback, they point to the recently-established Community Voice forum.
Note: SourceForge and Slashdot share a corporate overlord.
SourceForge

SourceForge Responds To nmap Maintainer's Claims 172 172

Posted by Soulskill
from the before-the-weekend dept.
An anonymous reader writes: A few days ago, the maintainer of nmap (an open source network mapping tool) complained that SourceForge had taken over the nmap project page. SourceForge has now responded with a technical analysis of the nmap project history. They said, "We've confirmed conclusively that no changes were made to the project or data, and that all past download delivery by nmap on SourceForge was through our web hosting service where content is project-administered."

They detail the history of services used by the nmap project, and use screenshots from the Internet Archive to show how long the project was empty. SourceForge said, "The last update date in 2013 relates to the migration of the nmap project (along with all other projects on the site) from SourceForge's sfx code base to the new Apache Allura-based code base. This migration was an automated operation conducted for all projects, and this platform change did not augment data in the Project Web service or File Release System. We therefore conclude that no content has been removed from the nmap project page." They also confirmed that nmap downloads were never bundled with ads: "Infosec professionals do not generally wish to install secondary offers."
Note: SourceForge and Slashdot share a corporate overlord.
SourceForge

nmap Maintainer Warns He Doesn't Control nmap SourceForge Mirror 145 145

Posted by Soulskill
from the shorter-weekend dept.
vivaoporto writes: Gordon Lyon (better known as Fyodor, author of nmap and maintainer of the internet security resource sites insecure.org, nmap.org, seclists.org, and sectools.org) warns on the nmap development mailing list that he does not control the SourceForge nmap project.

According to him the old Nmap project page (located at http://sourceforge.net/projects/nmap/, screenshot) was changed to a blank page and its contents were moved to a new page (http://sourceforge.net/projects/nmap.mirror/, screenshot) which is controlled by sf-editor1 and sf-editor3, in a pattern mirroring the much discussed takeover of the GIMP-Win page discussed last week on Ars Technica, IT World and eventually this week on Slashdot.

On Monday, Sourceforge promised to stop "presenting third party offers for unmaintained SourceForge projects," and to their credit Fyodor states, "So far they seem to be providing just the official Nmap files," but reiterates "that you should only download Nmap from our official SSL Nmap site: https://nmap.org/download.html."
To browse the projects and mirrors currently controlled by SourceForge, you can look at these account pages: sf-editor1, sf-editor2, and sf-editor3.
SourceForge

SourceForge and GIMP [Updated] 384 384

Posted by Soulskill
from the yelling-on-the-internet dept.
New submitter tresf writes: In response to a Google+ post from the Gimp project claiming that "[Sourceforge] is now distributing an ads-enabled installer of GIMP," Sourceforge had this response: "In cases where a project is no longer actively being maintained, SourceForge has in some cases established a mirror of releases that are hosted elsewhere. This was done for GIMP-Win.

Submitter's note: Gimp is actively being maintained and the definition of "mirror" is quite misleading here as a modified binary is no longer a verbatim copy. Download statistics for Gimp on Windows show SourceForge as offering over 1,000 downloads per day of the Gimp software.

In an official response to this incident, the official Gimp project team reminds users to use official download methods. Slashdotters may remember the last time news like this surfaced (2013) when the Gimp team decided to move downloads from SourceForge to their own FTP service. "Therefore, we remind you again that GIMP only provides builds for Windows via its official Downloads page." Note: SourceForge and Slashdot share a corporate parent.
Editor's note: I just got back from a busy weekend to see that a bunch of people are freaking out that we're "burying" this story, so here it is. Go hog wild. Sorry it took so long. (And for future reference, user submissions are easily found in the firehose, listed in the order they appear, newest first.)

Update: 06/01 22:37 GMT by T : The SourceForge blog has a welcome update; SourceForge, it says, has effective today "stopped presenting third party offers for unmaintained SourceForge projects. ... At this time, we present third party offers only with a few projects where it is explicitly approved by the project developer, or if the project is already bundling third party offers."
Programming

Building a Procedural Dungeon Generator In C# 83 83

Posted by samzenpus
from the random-encounters dept.
Nerval's Lobster writes Procedural dungeon generation is a fun exercise for programmers. Despite the crude interface, such games continue to spark interest. A quarter century ago, David Bolton wrote a dungeon generator in procedural Pascal; now he's taken that old code and converted it to C#. It's amazing just how fast it runs on a five-year-old i7 950 PC with 16GB of RAM. If you want to follow along, you can find his code for the project on SourceForge. The first part of the program generates the rooms in a multilevel dungeon. Each level is based on a 150 x 150 grid and can have up to 40 rooms. Rather than just render boring old rectangular rooms, there are also circular rooms. "There are a couple of places where corridor placement could have been optimized better," Bolton wrote about his experiment. "However, the dungeon generation is still very fast, and could provide a good programming example for anyone exploring what C# can do." For C# beginners, this could represent a solid exercise.
Programming

India Blocks Code Sharing Websites On Anti-Terror Advisory 78 78

Posted by samzenpus
from the no-code-for-you dept.
darkstar019 writes The Indian government has banned websites under the pretext that ISIS is using them for anti-Indian purposes. The list includes code sharing websites like Pastebin, Github and Sourceforge. As of now, these websites are still up. From the article: "Officials from the department of Information Technology and the department of telecom were not available for comment. 'These are all providing very dangerous kind of cut and paste services..You can take code, cut it, paste it, remove it, delete it,' said one government official who requested anonymity."
Books

Book Review: Build Your Own Website: A Comic Guide to HTML, CSS, and WordPress 31 31

Posted by samzenpus
from the read-all-about-it dept.
MassDosage writes "At the the risk of exposing my age I remember building my first website using a rudimentary Unix text editor (Joe) and carefully handcrafting the Hypertext Markup Language (HTML) while directly logged on to the web server it was being served from. Back then Cascading Style Sheets (CSS) weren't even a glint in the eyes of their creators. A lot has changed and there's now a world of fancy WYSIWYG web page editors to choose from as well as Content Management Systems that allow you to create websites without looking at the underlying code at all. While this is all very useful and allows less technical people to create websites I still feel that having at least some knowledge of how everything works under the hood is empowering — especially in situations where you want to go beyond the limits placed on you by a certain tool. This is where Build Your Own Website: A comic guide to HTML, CSS and Wordpress comes into the picture. Its aim is to enable people new to web development to learn the subject by teaching the fundamentals of HTML and CSS first and only then describing how to use a Content Management System (CMS) — in this case Wordpress. While Wordpress might not be everyone's kettle of fish it's a good choice as an example of a modern CMS that is easily accessible and very popular. The concepts presented are simple enough that it should be easy enough for a reader to apply them to a different CMS should they want to. Read below for The rest of MassDosage's review.
Programming

Tao3D: a New Open-Source Programming Language For Real-Time 3D Animations 158 158

Posted by timothy
from the not-quite-minecraft dept.
descubes (35093) writes "Tao3D is a new open-source programming language designed for real-time 3D animations. With it, you can quickly create interactive, data-rich presentations, small applications, proofs of concept, user interface prototypes, and more. The interactivity of the language, combined with its simplicity and graphical aspects, make it ideal to teach programming.

Tao3D also demonstrates a lot of innovation in programming language design. It makes it very easy to create new control structures. Defining if-then-else is literally a couple of lines of code. The syntax to pass pass blocks of code to functions is completely transparent. And it is fully reactive, meaning that it automatically reacts as necessary to external events such as mouse movements or the passage of time.

The source code was just made available under the GNU General Public License v3 on SourceForge [as linked above], GitHub and Gitorious."
Open Source

Ask Slashdot: Aging and Orphan Open Source Projects? 155 155

Posted by Soulskill
from the try-craigslist dept.
osage writes: Several colleagues and I have worked on an open source project for over 20 years under a corporate aegis. Though nothing like Apache, we have a sizable user community and the software is considered one of the de facto standards for what it does. The problem is that we have never been able to attract new, younger programmers, and members of the original set have been forced to find jobs elsewhere or are close to retirement. The corporation has no interest in supporting the software. Thus, in the near future, the project will lose its web site host and be devoid of its developers and maintainers. Our initial attempts to find someone to adopt the software haven't worked. We are looking for suggestions as to what course to pursue. We can't be the only open source project in this position.
Programming

A Beginner's Guide To Programming With Swift 72 72

Posted by timothy
from the how-swift-is-it? dept.
Nerval's Lobster (2598977) writes Earlier this year, Apple executives unveiled Swift, which is meant to eventually replace Objective-C as the programming language of choice for Macs and iOS devices. Now that iOS 8's out, a lot of developers who build apps for Apple's platforms will likely give Swift a more intensive look. While Apple boasts that Swift makes programming easy, it'll take some time to learn how the language works. A new walkthrough by developer David Bolton shows how to build a very simple app in Swift, complete with project files (hosted on SourceForge) so you can follow along. A key takeaway: while some Swift features do make programming easier, there's definitely a learning curve here.
Businesses

Larry Rosen: A Case Study In Understanding (and Enforcing) the GPL 191 191

Posted by timothy
from the he-actually-wrote-the-book dept.
lrosen (attorney Lawrence Rosen) writes with a response to an article that appeared on Opensource.com late last month, detailing a court case that arose between Versata Software and Ameriprise Financial Services; part of the resulting dispute hinges on Versata's use of GPL'd software (parsing utility VTD-X, from Ximpleware), though without acknowledging the license. According to the article's author, attorney Aaron Williamson (former staff attorney for the Software Freedom Law Center), "Lawyers for commercial software vendors have feared a claim like this for essentially the entire 20-odd-year lifetime of the GPL: a vendor incorporates some GPL-licensed code into a product—maybe naively, maybe willfully—and could be compelled to freely license the entire product as a result. The documents filed by Amerprise in the case reflect this fearful atmosphere, adopting the classically fear-mongering characterization of the GPL as a 'viral' license that 'infects' its host and 'requires it to become open source, too.'" Rosen writes: I want to acknowledge Aaron's main points: This lawsuit challenges certain assumptions about GPLv2 licensing, and it also emphasizes the effects of patents on the FOSS (and commercial) software ecosystem. I also want to acknowledge that I have been consulted as an expert by the plaintiff in this litigation (Ximpleware vs. Versata, et al.) and so some of what I say below they may also say in court. Read on for the rest (and Williamson's article, too, for a better understanding of this reaction to it). An important take-away: it's not just the license that matters.
Open Source

Meet Apache Software Foundation VP Rich Bowen (Video) 14 14

Posted by Roblimo
from the a-patchy-server-rules-the-online-world dept.
Apache is behind a huge percentage of the world's websites, and the Apache Software Foundation is the umbrella organization that provides licensing and stucture for open source projects ranging from the Apache Web server to Apache OpenOffice to small utilities that aren't household names but are often important to a surprising number of people and companies. Most of us never get to meet the people behind groups like the Apache Software Foundation -- except today we tag along with Tim Lord at OSCON and chat with Apache Software Foundation Executive Vice President Rich Bowen -- who is also Red Hat's OpenStack Community Liason. (Alternate Video Link) Update: 07/30 22:23 GMT by T : Note that Bowen formerly served as Slashdot sister site SourceForge's Community Manager, too.
Open Source

Ask Slashdot: Where Do You Get (or Share) News About Open Source Projects? 85 85

Posted by timothy
from the just-start-typing-random-ips dept.
An anonymous reader writes "Now that freshmeat.net / freecode.com doesn't accept any updates, I wonder how the Slashdot crowd gets news about new projects, and even new versions of existing projects. For project managers, where could you announce new versions of your project, so that it can reach not just those who already know the project. Freshmeat / Freecode had all the tools to explore and discover projects, see screenshots (a mandatory feature for any software project, even with only a console interface or no interface at all) and go to the homepage of the project. I subscribed years ago to the RSS feed and sometimes found interesting projects this way. You could replace these tools by subscribing to newsletters or feeds from the projects you follow, but that doesn't cover the discovery part." And do any of the major development / hosting platforms for Free / Open Source projects (GitHub, Launchpad, or Slashdot sister-site SourceForge) have tools you find especially useful for skimming projects of interest?
Classic Games (Games)

ScummVM 1.7.0 Released 26 26

Posted by Unknown Lamer
from the manic-mansion dept.
jones_supa (887896) writes It's been a while since a new ScummVM release, but version 1.7.0 is now here with many exciting features. New games supported are The Neverhood, Mortville Manor, Voyeur, Return to Ringworld and Chivalry is Not Dead. The Roland MT-32 emulator has been updated, there is an OpenGL backend, the GUI has seen improvements, AGOS engine is enhanced, tons of SCI bug fixes have been applied, and various other improvements can be found. This version also introduces support for the OUYA gaming console and brings improvements to some other more exotic platforms. Please read the release notes for an accurate description of the new version. SCUMM being the language/interpreter used by many classic adventure games.
Operating Systems

FreeDOS Is 20 Years Old 133 133

Posted by Unknown Lamer
from the commander-keen dept.
Jim Hall (2985) writes "In a June 29, 1994 post in comp.os.msdos.apps on USENET, a physics student announced an effort to create a completely free version of DOS that everyone could use. That project turned into FreeDOS, 20 years ago! Originally intended as a free replacement for MS-DOS, FreeDOS has since advanced what DOS could do, adding new functionality and making DOS easier to use. And today in 2014, people continue to use FreeDOS to support embedded systems, to run business software, and to play classic DOS games!"
Google

Intel Adds SIMD Vectorization to JavaScript 1 1

Posted by timothy
from the frontiers-of-possibility dept.
Engineers at Intel have been working to modify the open source JavaScript engines used by Chrome and Firefox to support SIMD vectorization -- which will bring JavaScript one step closer to supporting near-native applications. Jeff Cogswell takes a look at some of the sample code and see if he can figure out what they’re doing. One particularly interesting aspect about this code is that it was written in part by a guy who works at Google and is active in Google’s Dart language. Dart was created to be a replacement to JavaScript as a browser language, but there has been some resistance.
Software

Freecode Freezeup 62 62

Posted by Unknown Lamer
from the long-live-freshmeat dept.
LeadSongDog (1120683) writes The venerable Freecode site has today gone static, blaming low traffic. No new content is being accepted, but they continue to serve existing content. They recommend projects consider moving to Sourceforge. Probably obvious, but Freecode/SourceForge/Slashdot share a corporate parent.
Security

Project Un1c0rn Wants To Be the Google For Lazy Security Flaws 43 43

Posted by Unknown Lamer
from the always-blame-wordpress dept.
Daniel_Stuckey (2647775) writes "Following broad security scares like that caused by the Heartbleed bug, it can be frustratingly difficult to find out if a site you use often still has gaping flaws. But a little known community of software developers is trying to change that, by creating a searchable, public index of websites with known security issues. Think of Project Un1c0rn as a Google for site security. Launched on May 15th, the site's creators say that so far it has indexed 59,000 websites and counting. The goal, according to its founders, is to document open leaks caused by the Heartbleed bug, as well as 'access to users' databases' in Mongo DB and MySQL. According to the developers, those three types of vulnerabilities are most widespread because they rely on commonly used tools. For example, Mongo databases are used by popular sites like LinkedIn, Expedia, and SourceForge, while MySQL powers applications such as WordPress, Drupal or Joomla, and are even used by Twitter, Google and Facebook."
Encryption

The Sudden Policy Change In Truecrypt Explained 475 475

Posted by timothy
from the maybe-your-canary-needs-a-canary dept.
X10 (186866) writes "I use Truecrypt, but recently someone pointed me to the SourceForge page of Truecrypt that says it's out of business. I found the message weird, but now there's an explanation: Truecrypt has received a letter from the NSA." Anyone with a firmer source (or who can debunk the claim), please chime in below; considering the fate of LavaBit, it sure sounds plausible. PCWorld lists some alternative software, for Windows users in particular, but do you believe that Microsoft's BitLocker is more secure?
Encryption

TrueCrypt Website Says To Switch To BitLocker 566 566

Posted by Soulskill
from the so-long-and-thanks-for-all-the-Jkkms0EuPPlvOmW7Mk5x2A== dept.
Several readers sent word that the website for TrueCrypt, the popular disk encryption system, says that development has ended, and Windows users should switch to BitLocker. A notice on the site reads, "WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues. ... You should migrate any data encrypted by TrueCrypt to encrypted disks or virtual disk images supported on your platform." It includes a link to a new version of TrueCrypt, 7.2, and provides instructions on how to migrate to BitLocker. Many users are skeptical of a site defacement, and there's been no corroborating post or communication from the maintainers. However, the binaries appear to be signed with the same GPG key that the TrueCrypt Foundation used for previous releases. A source code diff of the two versions has been posted, and the new release appears to simply remove much of what the software was designed to do. It also warns users away from relying on it for security. (The people doing an audit of TrueCrypt had promised a 'big announcement' soon, but that was coincidental.) Security experts are warning to avoid the new version until the situation can be verified.