Nvidia is publishing their Linux GPU kernel modules as open-source and will be maintaining it moving forward. Phoronix's Michael Larabel reports: To much excitement and a sign of the times, the embargo has just expired on this super-exciting milestone that many of us have been hoping to see for many years. Over the past two decades NVIDIA has offered great Linux driver support with their proprietary driver stack, but with the success of AMD's open-source driver effort going on for more than a decade, many have been calling for NVIDIA to open up their drivers. Their user-space software is remaining closed-source but as of today they have formally opened up their Linux GPU kernel modules and will be maintaining it moving forward. [...] This isn't limited to just Tegra or so but spans not only their desktop graphics but is already production-ready for data center GPU usage.

"While Valve has yet to actually release a proper ISO for SteamOS 3 used on the Steam Deck, others have been taking it into their own hands to provide," reports GamingOnLinux, "like with the new HoloISO.

"This is possible, since 99% of what SteamOS uses is open source (not the Steam client though)..." So people can easily hack away at it to do whatever they want. [HoloISO] is not exactly the same as SteamOS 3 but it's probably the closest I've seen yet, with the main packages coming direct from Valve with "zero possible edits" the developer says.
It's described as a "first beta release."

Neowin supplies some context: Back in early March, Valve released the Steam Deck recovery image for Deck users who need to get back to a factory state. When it was released, many of us over at the Steam OS subreddit did the first thing any reasonable enthusiast would do and tried installing it on a standard PC. The results of this approach were mixed, and only partial successes were achieved. Then HoloISO happened....

The first release, called 'Ground Zero', was released today and allows users to install Steam OS on any machine. But there are some things you need to know before installing this for yourself....
There's a bunch of caveats, but the article still concludes that "If you're team red and you want to give this a shot, head over to the project's Github page to read more and download."

Thanks to Slashdot reader segaboy81 for sharing the story!

An anonymous Slashdot reader writes: Remember that patent lawsuit filed against GNOME's Shotwell in 2019? An enterprising open source lawyer has challenged it within the patent office and gotten the whole thing canceled!
OpenSource.org argues that decision by the U.S. patent office "may well give patent trolls cause to steer clear of open source projects — even more than the fierce resistance the community impressively funded and mounted in the GNOME case." Of the many methods developed over the past 20 years to eliminate patent threats against FOSS, none is as powerful as challenging the nefarious patents directly. That's what McCoy Smith, founder of OSI sponsor LexPan Law, did.... Smith pointed out in a re-examination request to the U.S. Patent & Trademark Office that the patent was not for any new invention.

They agreed. As a result, all of these "claims" in the Rothschild '086 Patent — the part of a patent describing what the patent rights cover — have consequently been canceled. The Rothschild '086 patent can no longer be used against any victim, including open source projects.

Of course, that's little comfort to the 20+ victims attacked after GNOME with the now-proven-worthless Rothschild '086 patent, or the 50+ companies targeted with related patents that haven't yet been re-examined.... Still, it's good to know there are open source champions of all sizes defending the development of open software.

Bluesky, Twitter's open-source offshoot, has released early code for a decentralized social network protocol. The Verge reports: The system is dubbed the Authenticated Data Experiment (or ADX) and is available on GitHub for developers to test, although Bluesky emphasizes that it's incomplete. It's one of the most substantive windows into Bluesky's workings since the project was conceived in 2019 and formally incorporated in early 2022. Bluesky CEO Jay Graber writes that ADX will be the start of a semi-public development process. "We're going to take a middle path of releasing work before it's complete, but also giving ourselves time to workshop new directions at early stages," Graber says. The GitHub repository includes an overview of ADX's goals and design as well as some experimental code. "Feel free to play around, but don't try to build your next big social app on this yet. Things are missing, and things are going to change," Graber says. The code is available under an open source MIT License.

ADX isn't a single, standalone social network design. It's a protocol built around user-controlled "Personal Data Repositories" that social network developers could choose to support. Among other things, it's supposed to let users transfer social media posts or engagement between networks without eroding the networks' own moderation options. "On the Web, this data lives on the social platform where it was created. In ADX, this data will live in Personal Data Repositories owned by the user," the overview explains. Platforms can choose to only index some of this content -- drawing a distinction between "speech," or the ability to keep data in the repository, and "reach," or being able to see that data on a given platform.

Microsoft 3D Movie Maker was initially launched in 1995. The program allowed you to place 3-D objects within environments to create films. The software looks dated now, but it was a fun way to play around with 3-D effects back in the day. Now, the classic program has been open sourced by Microsoft. From a report: It appears that a 3D Movie Maker enthusiast was able to convince Microsoft's Scot Hanselman to open source the software by "nerd sniping." That term refers to when a person claims something cannot be done with the aim of someone proving them wrong. "What's the best way to get something done? Nerd-snipe an engineer and tell them it can't be done. I HATE being told something can't be done," said Microsoft's Scott Hanselman.

Fedora project leader Matthew Miller spoke to TechRepublic's Jack Wallen this week, sharing some thoughts on the future of Linux — and on open source in general: Matthew Miller: I think it's a lost cause to try to "sell" our quirky technology interest to people who don't see it already. We need to take a different approach.... I think our message, at its root, has to be around open source.... [W]ith Linux, when you install an open-source distro, you're not just part of a fan community. You're part of a colossal, global effort that makes software more available to everyone, makes that software better and better, and makes the whole world better through sharing... Just by using it you're sharing in this amazing undertaking, part of a move away from scarcity to an economy based on abundance....

Jack Wallen: What's the biggest difference in Linux today vs. Linux of 10 years ago?

Matthew Miller: I think first we have to start with just the amazing ubiquity of it. Ten years ago, it was cute to find a TV that ran Linux. Now, not only is it definitely powering your TV, you've probably got Linux running on your lightbulbs! It's everywhere. And while Linux had pushed proprietary Unix from the server room, ten years ago Windows-based servers were pushing back. The cloud changed that — now, the cloud is Linux, almost completely. (Anything that isn't is a legacy app that it was too much trouble to port!) From tiny devices to the most powerful mainframes and supercomputers: Linux, Linux, Linux....

Jack Wallen: If Linux has an Achilles' heel, what is it?

Matthew Miller: Linux and the whole free and open-source software movement grew up with the rise of the internet as an open communication platform. We absolutely need that to continue in order to realize our vision, and I don't think we can take it for granted.

That's more general than an Achilles' heel, though, so right now let me highlight one thing that I think is troubling: Chrome becoming the dominant browser to the point where it's often the only way to make sites work. Chromium (the associated upstream project) is open source, but isn't really run as a community project, and, pointedly, very very few people run Chromium itself. I'd love to see that change, but I'd also like to see Firefox regain a meaningful presence.
Miller also said Fedora's next release is focused on simplicity. ("When the OS gets in the way, it drops from the conversation I want to have about big ideas to ... well, the boring technical details that people never want to deal with")

And he also shared his thoughts on what Linux needs most. "What I'd really like to see more of are more non-technical contributors. I mean, yes, we can always benefit from more packagers and coders and engineers, but I think what we really need desperately are writers, designers, artists, videographers, communicators, organizers and planners. I don't think big companies are likely to provide those things, at least, not for the parts of the Linux world which aren't their products."

"We need people who think the whole grand project I've been talking about is important, and who have the skills and interests to help make it real."

New submitter Mononymous writes: Created by Graham Nelson, Inform 7 compiles a powerful object-oriented language resembling English into a working text adventure. Friendly GUIs for various platforms have been open source for many years, but the core compiler remained proprietary. Now, 16 years after its initial freeware release, Nelson has released the source code under the Artistic License 2.0 in a public GitHub repo. Inform 7 is one of the largest "literate programs" ever released.

An anonymous reader quotes a report from Motherboard: Social media platform Mastodon, often seen as an alternative to Twitter, gained nearly 30,000 new users on the day that Elon Musk bought Twitter. On Tuesday a Mastodon domain became unresponsive. Eugen Rochko, Mastodon's CEO, later told Motherboard in an email that there were performance issues. "I'm sorry I couldn't have responded sooner," he wrote. "I was working all day on fixing performance issues on the Mastodon servers I operate due to the influx of new and returning users following Twitter's acquisition by Elon Musk." Rochko added that Mastodon has seen an increase of 41,287 active users, including both returning users and new users. When breaking that figure down by just new users, 28,391 new people have joined Mastodon in the past day, Rochko said.

Mastodon is a piece of open-source software that people can use as a base to create their own social networks. Although its appearance is similar to Twitter, it also differs from Twitter in the sense that Twitter is a single social network people sign up for. When it comes to the social network side of things, Mastodon holds more similarities with Discord, in that users have to find specific Mastodon instances to join. Those looking to create their own Mastodon instance also have to host it themselves, a step that may alienate many non-technical users. Donald Trump's social media site, Truth Social, is based on Mastodon and was recently called out by the company for failing to provide the source code for the site built on top of it. Two weeks later, the social media site quietly acknowledged Mastodon in a dedicated section labeled "open source."

In regard to the matter, Mastodon founder Eugen Rochko said: "Compliance with our AGPLv3 license is very important to me as that is the sole basis upon which I and other developers are willing to give away years of work for free."

Twitter did confirm some fluctuations in follower counts after Musk's deal was made official, although they said they were organic in nature.

"We have worked on Overgrowth for 14 years," begins their new announcement. Development first began in 2008, and the game runs on Windows, macOS and Linux platforms. Overgrowth's page on Wikipedia describes the realistic 3D third-person action game as "set in a pre-industrial world of anthropomorphic fighter rabbits, wolves, dogs, cats and rats."

And now, "Just like they did with some earlier games, Wolfire Games have now open sourced the game code for Overgrowth," reports GamingOnLinux. "[J]ump, kick, throw, and slash your way to victory.... The source code is available on GitHub. You can buy it on Humble Store and Steam."

The Overwatch site adds as a bonus that "we're also permanently reducing the game's price by a third worldwide" (so U.S. prices drop from $29.99 to $19.99).

"Only the code is getting open sourced," the announcement notes, "not the art assets or levels, the reason is that we don't want someone to build and sell Overgrowth as their own." Wolfire CEO Max Danielsson explains in a video that "you'll still have to own the game to play and mod it." "What it does mean, however, is that everyone will have full and free access to all our source code, including the engine, project files, scripts, and shaders.

"We'll be releasing it under the Apache 2.0 license, which allows you to do whatever you want with the code, including relicensing and selling it, with very few obligations. We tried to keep this easy...

"This isn't the next big engine. We don't intend to compete with any other great open source game engines like Godot, which is a great option if you're looking for a general-purpose game engine. But if you're interested in looking at what shipped game code can look like, want to look at specific code, like the procedural animation system, or if you're an Overgrowth modder who wants to make an involved total conversion mod, then this is for you.
"We have wanted to open source Overgrowth for a long time," says the announcement on Wolfire's site, "and we are incredibly grateful to our team and community for making this happen.

"We are excited to see what people do with this code and we look forward to the spirit of Overgrowth living on for another 14 years."

Thoughtworks is a technology consultancy/distributed agile software design company. The principle technologist in its CTO's office warns that managers of IT assets "need to keep up" with the changing economics of open source: Early 2022 has brought with it an unusually high level of commotion in the open-source community, largely focused on the economics of who — and how we — should pay for "free" software. But this isn't just some geeky flame war. What's at stake is critical for vast swaths of the business world....

We know of many open-source enthusiasts who maintain their software personally while leading busy professional lives — the last thing they want is the responsibility of a service-level agreement because someone paid them for their creation. So, is this the end of the road for the open-source dream? Certainly, many of the open-source naysayers will view the recent upheavals as proof of a failed approach. They couldn't be more wrong. What we're seeing today is a direct result of the success of open-source software. That success means there isn't a one-size-fits-all description to define open-source software, nor one economic model for how it can succeed.

For internet giants like Facebook or Netflix, the popularity, or otherwise, of their respective JavaScript library and software tool — React and Chaos Monkey — is beside the point. For such companies, open-source releases are almost a matter of employer branding — a way to show off their engineering chops to potential employees. The likelihood of them altering licensing models to create new revenue streams is small enough that most enterprises need not lose sleep over it. Nonetheless, if these open-source tools form a critical part of your software stack or development process, you might want some form of contingency plan — you're likely to have very little sway over future developments, so understanding your risks helps.

For companies that have built platforms containing open-source software, the risks are more uncertain. This is in line with Thoughtworks' view that all businesses can benefit from a greater awareness of what software is running in their various systems. In such cases, we advise companies to consider the extent to which they're reliant on that piece of software: are there viable alternatives? In extreme circumstances, could you fork the code and maintain it internally?

Once you start looking at crucial parts of your software stack where you're reliant on hobbyists, your choices begin to dwindle. But if Log4J's case has taught us anything, it's this: auditing what goes into the software that runs your business puts you in a better place than being completely caught by surprise.

Dirk Hohndel gets frequently mentioned on Slashdot. He was a very early contributor to Linux (and for the last five years the chief open source officer and vice president at VMware). But he's also the guy who interviews Linus Torvalds in the keynote sessions of Open Source Summits.

Hohndel "has a well known track record with Linux going back to the 1990's," reports Phoronix, and was even a member of the Linux Foundation Board of Directors.

But they add that now Hohndel has "somewhat surprisingly has moved on to promoting a blockchain effort."

Dirk Hohndel was CTO at SUSE going back to the mid-90's before joining Intel for a fifteen year run that ended in 2016 where he was Intel's Chief Linux and Open-Source Technologist...

When Dirk left VMware unexpectedly at the beginning of the year, he wrote on LinkedIn that he felt he completed his job at the company in driving open-source transformation. He was leaving to go "look for the next opportunity, the next step in my career" and now it apparently is with blockchain. The surprising news today is that he's joined the Cardano Foundation. The Cardano Foundation is a Swiss-based foundation built around the Cardano public blockchain platform. Cardano is open-source and is the most notable proof-of-stake blockchain that was started by Ethereum co-founder Charles Hoskinson. Cardano has its own cryptocurrency, ADA....

Dirk will be serving as the Cardano Foundation's Chief Open-Source Officer.
Interestingly, Linus Torvalds appears to be less enthralled with blockchain technologies. Last year ZDNet reported on the reaction when Linux Foundation executive director Jim Zemlin suggested Torvalds sell an NFT of the 1991 email that first announced Linux to the world.

"An amused and appalled Torvalds replied, "I'm staying out of the whole craziness with crypto and NFTs. Those people are cuckoo!"

"Russian software developers are reporting that their GitHub accounts are being suspended without warning if they work for or previously worked for companies under U.S. sanctions, writes Bleeping Computer: According to Russian media outlets, the ban wave began on April 13 and didn't discriminate between companies and individuals. For example, the GitHub accounts of Sberbank Technology, Sberbank AI Lab, and the Alfa Bank Laboratory had their code repositories initially disabled and are now removed from the platform.... Personal accounts suspended on GitHub have their content wiped while all repositories become immediately out of reach, and the same applies to issues and pull requests.

Habr.com [a Russian collaborative blog about IT] reports that some Russian developers contacted GitHub about the suspension and received an email titled 'GitHub and Trade Controls' that explained their account was disabled due to US sanctions. This email contains a link to a GitHub page explaining the company's policies regarding sanctions and trade controls, which explains how a user can appeal their suspension. This appeal form requires the individual to certify that they do not use their GitHub account on behalf of a sanctioned entity. A developer posted to Twitter saying that he could remove the suspension after filling out the form and that it was due to his previous employer being sanctioned.
A GitHub blog post in March had promised to ensure the availability of open source services "to all, including developers in Russia." So Bleeping Computer contacted a GitHub spokesperson, who explained this weekend that while GitHub may be required to restrict some users to comply with U.S. laws, "We examine government sanctions thoroughly to be certain that users and customers are not impacted beyond what is required by law." According to this, the suspended private accounts are either affiliated, collaborating, or working with/for sanctioned entities. However, even those who previously worked for a sanctioned company appear to be suspended by mistake.

This means that Russian users, in general, can suddenly find their projects wiped and accounts suspended, even if those projects have nothing to do with the sanctioned entities.

Last week 69-year-old Richard Stallman gave a 92-minute presentation on the state of the free software movement. Stallman covered numerous topics, but also added as an aside at one point: Ubuntu of course is a non-free distro, and I wouldn't recommend that anyone use it. Some important packages are now distributed only through their non-freedom-respecting package system, and not as Debian packages. So it's even harder than before to get any freedom out of an Ubuntu installation.
But Stallman also sees a larger issue: Another area where we have problems is there are several languages which come with a package library -- basically people post packages in them. And that might be fine if they had a good criterion for the licensing of the libraries people upload into those sites -- but they're not developed by free software activists, and they don't have such a criterion. There are non-free packages in those libraries too.

Now, some of them make it possible to find out whether a library is free. Some of them, it's difficult. Sometimes -- yeah, you could probably look at the source code and see what licenses are in it, and then you could look up those licenses in GNU.org/licenses/license-list.html and see if all those licenses are free... The problem is, they don't help you. At the very least they should make it easy to say, "Show me only the free packages." And then, "Show me only the GPL-compatible packages, because I'm writing a GPL-covered program, and I can't use the libraries that are not GPL compatible. And I certainly won't ever think of using a non-free library."

They're not interested in helping people move forward in freedom. And so we need people to write front-ends for those package archives, which will show only the freely-licensed packages, and which can be asked to show which ones are GPL-compatible, or show only those. This way they will be usable easily by the free software community. If you like one of the languages that has this problem, please show your appreciation for that language by reconciling its use with maintaining freedom.
And this leads Stallman to a related setback for the free software movement: the containers themselves that are packaging some programs with the libraries they need: The old way of doing this was you would make sure that your program said which versions of libraries it was compiled to work with, and in the source code you'd use something like Autoconf so that it could work with the various library versions. And this way you could build the program for a wide variety of free operating systems and versions of them.

Well, that's some work, so some developers, they release a free program -- not all of them release free programs, but some of them do release free programs -- using containers. And the container has one set of libraries in it. And how do you really know what's in there? It's not straightforward to verify that all the libraries in the container are free, and a lot of people won't realize that they should even think about it. So the use of containers, as they are implemented nowadays by people who are not free software activists and are not particularly concerned with this question, is an obstacle to verifying that you're installing free software.

Well, maybe some of these container systems could be improved, or maybe another one could be designed to solve these problems. If a container packaging system were designed by people who care about freedom, they might find good ways to satisfy this goal, as well as others. So it's something you could possibly work on.

Richard Stallman celebrated his 69th birthday last month. And Wednesday, he gave a 92-minute presentation called "The State of the Free Software Movement."

Stallman began by thanking everyone who's contributed to free software, and encouraged others who want to help to visit gnu.org/help. "The Free Software movement is universal, and morally should not exclude anyone. Because even though there are crimes that should be punished, cutting off someone from contributing to free software punishes the world. Not that person."

And then he began by noting some things that have gotten better in the free software movement, including big improvements in projects like GNU Emacs when displaying external packages. (And in addition, "GNU Health now has a hospital management facility, which should make it applicable to a lot more medical organizations so they can switch to free software. And [Skype alternative] GNU Jami got a big upgrade.")

What's getting worse? Well, the libre-booted machines that we have are getting older and scarcer. Finding a way to support something new is difficult, because Intel and AMD are both designing their hardware to subjugate people. If they were basically haters of the public, it would be hard for them to do it much worse than they're doing.

And Macintoshes are moving towards being jails, like the iMonsters. It's getting harder for users to install even their own programs to run them. And this of course should be illegal. It should be illegal to sell a computer that doesn't let users install software of their own from source code. And probably shouldn't allow the computer to stop you from installing binaries that you get from others either, even though it's true in cases like that, you're doing it at your own risk. But tying people down, strapping them into their chairs so that they can't do anything that hurts themselves -- makes things worse, not better. There are other systems where you can find ways to trust people, that don't depend on being under the power of a giant company.

We've seen problems sometimes where supported old hardware gets de-supported because somebody doesn't think it's important any more — it's so old, how could that matter? But there are reasons...why old hardware sometimes remains very important, and people who aren't thinking about this issue might not realize that...

Stallman also had some advice for students required by their schools to use non-free software like Zoom for their remote learning. "If you have to use a non-free program, there's one last thing... which is to say in each class session, 'I am bitterly ashamed of the fact that I'm using Zoom for this class.' Just that. It's a few seconds. But say it each time.... And over time, the fact that this is really important to you will sink in."

And then halfway through, Stallman began taking questions from the audience...

Read on for Slashdot's report on Stallman's remarks, or jump ahead to...

• How far should copyright law go?
• That NPM package that deleted files in Russia
• Does the free software world need more videogames?
• Stallman's upcoming manual for 'GNU C'
• Free Software's role in protecting our planet's environment

Oracle has begun making a new version of Solaris 11.4 available for free/open-source developers and for non-production personal use. Phoronix reports: Solaris 11.4 CBE is the "Common Build Environment" and intended for open-source developers and strictly non-production personal use... That is if you want Solaris for new installs in 2022. The new Solaris 11.4 "CBE" spin is effectively a rolling release and from Oracle's perspective hopes to ease the integration of the open-source software relied upon by Solaris rather than being bound to the dated 11.4.0 GA release.

Downloading the new Solaris 11.4 CBE does require an Oracle account. The CBE builds are also described as "similar to a beta, they are pre-release builds of a particular SRU." The non-production use license is put out under the Oracle Technology Network Early Adopter License Agreement for Oracle Solaris. Oracle will allow upgrading from these free CBE releases to paid SRU releases under Oracle support contracts. More details for those interested in Oracle Solaris 11.4 CBE via the Oracle Solaris blog.

An anonymous reader quotes a report from VentureBeat: Anyone who has worked in the financial services sector will at least be aware of Bloomberg Terminal, a research, data and analytics platform used to garner real-time insights on the financial markets. Bloomberg Terminal has emerged as something of an industry standard, used by more than 300,000 people at just about every major financial and investment-related corporation globally -- but it costs north of $20,000 per user each year to license, a fee that is prohibitively high for many organizations. This is something that OpenBB has set out to tackle, by democratizing an industry that has been "dominated by monopolistic and proprietary incumbents" for the past four decades -- and it's doing so with an entirely open source approach.

After launching initially last year as an open source investment research terminal called Gamestonk Terminal, the founding team, Didier Lopes, Artem Veremey, and James Maslek, were approached by OSS Capital to make an investment and build a commercial company on top of the terminal. And so OpenBB is formally launching this week with $8.5 million in funding from OSS Capital, with contributions from notable angel investors including early Google backer Ram Shriram, entrepreneur and investor Naval Ravikant, and Elad Gil. The newly named OpenBB Terminal is very much an alpha-stage product, one that's aimed at the more technically minded. It's pitched as a "Python-based integrated environment for investment research," allowing any trader to access data science and machine learning smarts to unpack raw, unrefined data.

OpenBB hopes that its open source credentials, and foundations in Python, will position it to win over many new users -- flexibility is the name of the game. [...] Indeed, being open source means that the broader community can add their own flavors to the OpenBB mix -- by way of example, one contributor who was interested in the foreign currency exchange market (Forex) added an Oanda integration to the project. Given that the entire source code is available for anyone to modify, companies can create their own version of the terminal with customizations that suit their niche use-cases. If they want to remove all the clutter and work purely with one type of asset, they can create a sort of light-weight version of the terminal with a much narrower focus on Forex, or cryptocurrency, for example. But who is the actual intended end-user, exactly? In truth, it could be anyone from regional investment banks and hedge funds, to venture capitalists, family offices, and mutual funds. Although the product isn't quite at that stage yet -- that is where the initial seed capital enters the fray. It's all about building the product into something that could serve a potentially large market. OpenBB Terminal will be free for now, but "there will be a concerted push to monetize it," adds VentureBeat. "Some ideas currently under consideration include building a 'slick 21st century UI,' as well as developing a software-as-a-service (SaaS) model, where OpenBB serves up the computational power to run machine learning models on vast amounts of data."

"OpenBB is also exploring ways to build bridges between data sources and investors."

An anonymous reader shares an opinion piece: Protest is an important element of free speech that should be protected. Openness and inclusivity are cornerstones of the culture of open source, and the tools of open source communities are designed for global access and participation. Collectively, the very culture and tooling of open source -- issue tracking, messaging systems, repositories -- offer a unique signaling channel that may route around censorship imposed by tyrants to hold their power.

Instead of malware, a better approach to free expression would be to use messages in commit logs to send anti-propaganda messages and to issue trackers to share accurate news inside Russia of what is really happening in Ukraine at the hands of the Russian military, to cite two obvious possibilities. There are so many outlets for open source communities to be creative without harming everyone who happens to load the update.

We encourage community members to use both the freedoms and tools of open source innovatively and wisely to inform Russian citizens about the reality of the harm imposed on Ukrainian citizens and to support humanitarian and relief efforts in and supportive of Ukraine. Longer term, it's likely these weaponizations are like spitting into the wind: The downsides of vandalizing open source projects far outweigh any possible benefit, and the blowback will ultimately damage the projects and contributors responsible. By extension, all of open source is harmed. Use your power, yes -- but use it wisely.

Russia's invasion of Ukraine turns up in Mike Melanson's column "This Week in Programming": While the Open Source Initiative's (OSI) definition of open source software is quite clear on the matter — there must be "no discrimination against persons or groups" and "no discrimination against fields of endeavor" — the issue of who should be allowed to use open source software, according to ethical considerations, has long been debated.

Over the last month, this topic has again become a focus of debate as Russia's invasion of Ukraine has led to developers calling for blanket bans by companies like GitHub and GitLab; and to some developers even taking action. Earlier this month, we wrote about how open source gateway Scarf began limiting access to open source packages for the Russian government and military entities, via its gateway.

As we noted at the time, there was a primary distinction made when Scarf took this action: distribution of open source software is separate from the licensing of it. Those points of the OSI definition pertain to the licensing, not to some entity actively providing the software to others.

Since then, discussions around these ideas have continued, and this week an essay by Bradley M. Kuhn, a policy fellow and hacker-in-residence at the Software Freedom Conservancy, argues that copyleft won't solve all problems, just some of them.

The essay specifically takes to task the idea that open source software can effectively affect change by way of licensing limitations. He spent nearly 3,000 words on the topic, before pointedly addressing the issue of Russia — with a similar conclusion to the one reached by Scarf earlier this month. Kuhn argues that "FOSS licenses are not an effective tool to advance social justice causes other than software freedom" and that, instead, developers have a moral obligation to take stances by way of other methods.

"For example, FOSS developers should refuse to work specifically on bug reports from companies who don't pay their workers a living wage," Kuhn offers in an example.

Regarding Russia specifically, Kuhn again points to distribution as an avenue of protest, while still remaining in line with the principles of free and open source software.

"Every FOSS license in existence permits capricious distribution; software freedom guarantees the right to refuse to distribute new versions of the software. (i.e., Copyleft does not require that you publish all your software on the Internet for everyone, or that you give equal access to everyone — rather, it merely requires that those whom you chose to give legitimate access to the software also receive CCS). FOSS projects should thus avoid providing Putin easy access to updates to their FOSS," writes Kuhn.

A recent post on the AWS Open Source blog announced that AWS "is investing in the sustainability of Rust, a language we believe should be used to build sustainable and secure solutions."

It was written by the chair of the Rust foundation (and leader of AWS's Rust team) with a Principal Engineer at AWS, and reminds us that Rust "combines the performance and resource efficiency of systems programming languages like C with the memory safety of languages like Java."

But there's another reason they're promoting Rust: Worldwide, data centers consume about 200 terawatt hours per year. That's roughly 1% of all energy consumed on our planet... [C]loud and hyperscale data centers have been implementing huge energy efficiency improvements, and the migration to that cloud infrastructure has been keeping the total energy use of data centers in balance despite massive growth in storage and compute for more than a decade... [I]s the status quo good enough? Is keeping data center energy use to 1% of worldwide energy consumption adequate..? [Will] innovations in energy efficiency continue to keep pace with growth in storage and compute in the future? Given the explosion we know is coming in autonomous drones, delivery robots, and vehicles, and the incredible amount of data consumption, processing, and machine learning training and inference required to support those technologies, it seems unlikely that energy efficiency innovations will be able to keep pace with demand...

[J]ust like security, sustainability is a shared responsibility. AWS customers are responsible for energy efficient choices in storage policies, software design, and compute utilization, while AWS owns efficiencies in hardware, utilization features, and cooling systems.... In the same way that operational excellence, security, and reliability have been principles of traditional software design, sustainability must be a principle in modern software design. That's why AWS announced a sixth pillar for sustainability to the AWS Well-Architected Framework. What that looks like in practice is choices like relaxing service-level agreements for non-critical functions and prioritizing resource use efficiency. We can take advantage of virtualization and allow for longer device upgrade cycles. We can leverage caching and longer times-to-live whenever possible. We can classify our data and implement automated lifecycle policies that delete data as soon as possible. When we choose algorithms for cryptography and compression, we can include efficiency in our decision criteria.

Last, but not least, we can choose to implement our software in energy efficient programming languages.

There was a really interesting study a few years ago that looked at the correlation between energy consumption, performance, and memory use.... What the study did is implement 10 benchmark problems in 27 different programming languages and measure execution time, energy consumption, and peak memory use. C and Rust significantly outperformed other languages in energy efficiency. In fact, they were roughly 50% more efficient than Java and 98% more efficient than Python. It's not a surprise that C and Rust are more efficient than other languages. What is shocking is the magnitude of the difference. Broad adoption of C and Rust could reduce energy consumption of compute by 50% — even with a conservative estimate....

No one developer, service, or corporation can deliver substantial impact on sustainability. Adoption of Rust is like recycling; it only has impact if we all participate. To achieve broad adoption, we are going to have to grow the developer community.
That "interesting study" cited also found that both C and Rust execute faster than other programming languages, the blog post points out, so "when you choose to implement your software in Rust for the sustainability and security benefits, you also get the optimized performance of C."

And the post also notes Linus Torvalds' recent acknowledgement that while he really loves C, it can be like juggling chainsaws, with easily-overlooked and "not always logical" type interactions. (Torvalds then went on to call Rust "the first language I saw which looked like this might actually be a solution.")

The Rust Foundation is a non-profit partnership between Amazon Web Services (AWS), Google, Huawei, Microsoft, and Mozilla.

jrepin writes: Plasma is a popular desktop environment, which will also be powering the desktop mode on the Steam Deck hand-held gaming console. Today, KDE Community announced release of KDE Plasma 5.24, a Long Term Support (LTS) release that will receive updates and bug fixes until the final Plasma 5 version, before transition to Plasma 6.

This new Plasma release focuses on smoothing out wrinkles, evolving the design, and improving the overall feel and usability of the environment. Highlights include: Overview effect for managing all your desktops and application windows, easy discovery of KRunner features with the help assistant, and unlocking screen and authentication using fingerprint reader. You will also notice a new Honeywave wallpaper, the ability to pick any color for accent, and critically important Plasma notifications now come with an orange strip on the side to visually distinguish them from less urgent messages.