Bruce Perens co-founded the Open Source Initiative with Eric Raymond -- and he's also Slashdot reader #3872. "The Electronic Frontier Foundation has filed an answering brief in defense of Bruce Perens in the merits appeal of the Open Source Security Inc./Bradley Spengler v. Bruce Perens lawsuit," reads his latest submission -- with more details at Perens.com: Last year, Open Source Security and its CEO, Bradley Spengler, brought suit against me for defamation and related torts regarding this blog post and this Slashdot discussion. After the lower court ruled against them, I asked for my defense costs and was awarded about $260K for them by the court.

The plaintiffs brought two appeals, one on the merits of the lower court's ruling and one on the fees charged to them for my defense... The Electronic Frontier Foundation took on the merits appeal, pro-bono (for free, for the public good), with the pro-bono assistance of my attorneys at O'Melveny who handled the lower court case...

You can follow the court proceedings here
"Sorry I can't comment further on the case," Perens writes in a comment on Slashdot, adding "it's well-known legal hygiene that you don't do that." But he's willing to talk about other things.

"Valerie and I are doing well. I am doing a lot of travel for the Open Source Initiative as their Standards Chair, speaking with different standards groups and governments about standards in patents and making them compatible with Open Source."

It's been 27 years since Linus Torvalds let a group of people know about his "hobby" OS. OMGUbuntu blog writes: Did you know that Linux, like Queen Elizabeth II, actually has two birthdays? Some FOSS fans consider the first public release of (prototype) code, which dropped on October 5, 1991, as more worthy of being the kernel's true anniversary date. Others, ourselves included, take today, August 25, as the "birth" date of the project. And for good reason. This is the day on which, back in 1991, a young Finnish college student named Linus Torvalds sat at his desk to let the folks on comp.os.minix newsgroup know about the "hobby" OS he was working on. The "hobby OS" that wouldn't, he cautioned, be anything "big" or "professional." Even as Linux continues to have lion's share in the enterprise world, it has only managed to capture a tiny fraction of the consumer space. Further reading: Ask Slashdot: Whatever Happened To the 'Year of Linux on Desktop'?

Which Linux-based distro do you use? What changes, if any, would you like to see in it in the next three years?

A new voting system that uses open-source software for counting ballots has been approved by California elections officials. "The certification of the new tally system for the county paves the way for other improvements, including redesigned absentee ballot packets, in the Nov. 6 election," reports Los Angeles Times. "It is the first election system of its kind, using publicly available source code that has been certified for use in California." From the report: The ballot-counting equipment is part of a broader redesign of Los Angeles County's voting system, which will include new equipment while relying on a traditional paper ballot. The county's existing system, portions of which are now decades old, has been targeted for replacement for several years.

Long-time Slashdot reader tdailey spotted a new version of Pale Moon, a customised version of Firefox optimized for speed and efficiency. Beta News reports it's the first major update since November of 2016:

There are virtually no visual or obvious changes in this new major build, but the under-the-hood changes are both extensive and necessary.... Despite all the updates, Moonchild is keen to stress certain things haven't changed -- unlike Firefox, for example, Pale Moon continues to support NPAPI plugins, complete themes and a fully customizable user interface. There is also no DRM built into the browser, although third-party plugins such as Silverlight are supported. It will also continue to work with certain "legacy" plugins of the type abandoned by Firefox.
Pale Moon strips out what one reviewer calls "little-used components" of Firefox, including parental controls and accessbility features, as well as crash reports and support for Internet Explorer's ActiveX and ActiveX scripting technology.

"Proving that open source leads to great development, Pale Moon takes the already decent Firefox web browser and makes it even better and a faster."

BrianFagioli writes: Debian is one of the most important open source projects ever. The Debian Linux operating system is extremely popular in its own right, but also, it is used as the base for countless other distributions. Ubuntu, for instance -- one of the most-used distros -- is Debian-based. Even Linux Mint, which is based on Ubuntu, also has a Debian edition. Not to mention, Raspbian -- the official Raspberry Pi OS -- which is based on Debian too.

Today, Debian is celebrating a very important milestone -- a 25th birthday! Yes, it is seriously that old -- its development was announced on August 16, 1993. When the late Ian Murdock announced 25 years ago in comp.os.linux.development, the imminent completion of a brand-new Linux release, [...] the Debian Linux Release', nobody would have expected the 'Debian Linux Release' would become what's nowadays known as the Debian Project, one of the largest and most influential free software projects. "Its primary product is Debian, a free operating system (OS) for your computer, as well as for plenty of other systems which enhance your life. From the inner workings of your nearby airport to your car entertainment system, and from cloud servers hosting your favorite websites to the IoT devices that communicate with them, Debian can power it all," says Ana Guerrero Lopez of Debian. Further reading: Slackware, Oldest Actively Maintained GNU/Linux Distribution, Turns 25.

Tesla CEO Elon Musk announced he would share the source code for Tesla's car security software with other manufacturers, adding that it would be "extremely important" to ensure the safety of future self-driving cars. Engadget reports: Musk didn't provide a timeline for availability, and you might not want to get your hopes up when it took years for Tesla just to post any source code. And this isn't strictly a selfless gesture. If rival brands adopt Tesla's approach, it could set an unofficial standard for connected car security that would look good from a marketing standpoint. The code could provide a boost to connected car security if and when it arrives. There are few common frameworks (technical or legal) for safeguarding networked vehicles, and security might not always be a top priority. This could give companies a baseline level of security that would save brands the trouble of developing an effective defense from scratch.

At the DefCon hacking conference on Friday, Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor at George Washington University, presented a number of studies they've conducted using machine learning techniques to de-anonymize the authors of code samples. "Their work could be useful in a plagiarism dispute, for instance, but it could also have privacy implications, especially for the thousands of developers who contribute open source code to the world," reports Wired. From the report: First, the algorithm they designed identifies all the features found in a selection of code samples. That's a lot of different characteristics. Think of every aspect that exists in natural language: There's the words you choose, which way you put them together, sentence length, and so on. Greenstadt and Caliskan then narrowed the features to only include the ones that actually distinguish developers from each other, trimming the list from hundreds of thousands to around 50 or so. The researchers don't rely on low-level features, like how code was formatted. Instead, they create "abstract syntax trees," which reflect code's underlying structure, rather than its arbitrary components. Their technique is akin to prioritizing someone's sentence structure, instead of whether they indent each line in a paragraph.

The method also requires examples of someone's work to teach an algorithm to know when it spots another one of their code samples. If a random GitHub account pops up and publishes a code fragment, Greenstadt and Caliskan wouldn't necessarily be able to identify the person behind it, because they only have one sample to work with. (They could possibly tell that it was a developer they hadn't seen before.) Greenstadt and Caliskan, however, don't need your life's work to attribute code to you. It only takes a few short samples.

An anonymous reader quotes InsideHPC: Today Julia Computing announced the Julia 1.0 programming language release, "the most important Julia milestone since Julia was introduced in February 2012." As the first complete, reliable, stable and forward-compatible Julia release, version 1.0 is the fastest, simplest and most productive open-source programming language for scientific, numeric and mathematical computing. "With today's Julia 1.0 release, Julia now provides the language stability that commercial customers require together with the unique combination of lightning speed and high productivity that gives Julia its competitive advantage compared with Python, R, C++ and Java."
The Register reports: Created by Jeff Bezanson, Stefan Karpinski, Viral Shah, and Alan Edelman, the language was designed to excel at data science, machine learning, and scientific computing.... Six years ago, Julia's creators framed their goals thus:

"We want a language that's open source, with a liberal license. We want the speed of C with the dynamism of Ruby. We want a language that's homoiconic, with true macros like Lisp, but with obvious, familiar mathematical notation like Matlab. We want something as usable for general programming as Python, as easy for statistics as R, as natural for string processing as Perl, as powerful for linear algebra as Matlab, as good at gluing programs together as the shell. Something that is dirt simple to learn, yet keeps the most serious hackers happy. We want it interactive and we want it compiled...."

In a julialang.org post announcing the milestone, the minders of the language claim to have achieved some of their goals.

Hollywood now has its very own open source organization: The Academy of Motion Picture Arts and Sciences has teamed up with the Linux Foundation to launch the Academy Software Foundation, which is dedicated to advance the use of open source in film making and beyond. From a report: The association's founding members include Animal Logic, Autodesk, Blue Sky Studios, Cisco, DNEG, DreamWorks, Epic Games, Foundry, Google Cloud, Intel, SideFX, Walt Disney Studios and Weta Digital. Together, they want to promote open source, help studios and others in Hollywood with open source licensing issues and manage open source projects under the helm of the Software Foundation. The cooperation between the Academy and the Linux Foundation began a little over two years ago, when the Academy's Science and Technology Council began to look into Hollywood's use of open source software. "It's the culmination of a couple of years of work," said Industrial Light & Magic (ILM) head Rob Bredlow in an interview with Variety this week.

One of the findings of that investigation: Almost everyone in Hollywood is using open source software in one way or another. An internal survey found that 80 percent of all companies were using open source. "It's a really big component of the motion picture industry," Bredlow said. Linux Foundation executive director Jim Zemlin argued that this kind of cooperation could be transformative for Hollywood. "I've seen this movie before in other industries," he punned, explaining that automotive companies had seen huge benefits from working together on open source projects.

The Document Foundation said on Wednesday it is releasing LibreOffice 6.1, the latest major update to its productivity suite. It is available to download for Linux, Windows, and macOS platforms. The new version offers, among other features, Colibre, a new icon theme for Windows based on Microsoft's icon design guidelines, which it says, makes the office suite visually appealing for users coming from the Microsoft environment. The Document Foundation also reworked the image handling feature on LibreOffice to make it "significantly faster and smoother thanks to a new graphic manager and an improved image lifecycle, with some advantages also when loading documents in Microsoft proprietary formats." Other new features and changes include: The reorganization of Draw menus with the addition of a new Page menu, for better UX consistency across the different modules. A major improvement for Base, only available in experimental mode: the old HSQLDB database engine has been deprecated, though still available, and the new Firebird database engine is now the default option (users are encouraged to migrate files using the migration assistant from HSQLDB to Firebird, or by exporting them to an external HSQLDB server). Significant improvements in all modules of LibreOffice Online, with changes to the user interface to make it more appealing and consistent with the desktop version. An improved EPUB export filter, in terms of link, table, image, font embedding and footnote support, with more options for customizing metadata. Online Help pages have been enriched with text and example files to guide the users through features, and are now easier to localize.

LibreOffice 6.1's new features have been developed by a large community of code contributors: 72% of commits are from developers employed by companies sitting in the Advisory Board like Collabora, Red Hat and CIB and by other contributors such as SIL and Pardus, and 28% are from individual volunteers. In addition, there is a global community of individual volunteers taking care of other fundamental activities such as quality assurance, software localization, user interface design and user experience, editing of help system text and documentation, plus free software and open document standards advocacy at a local level. You can read the full changelog here. Here's a video that walks through the new features and changes that LibreOffice is receiving with v6.1.

Kotlin, which Google blessed last year as an alternative to Java for programming Android apps, has already made its way into almost 12 per cent of open source Android apps, and in so doing has elevated their code quality. From a report: So we're told by computer scientists Bruno Gois Mateus and Matias Martinez, affiliated with University of Valenciennes in France, who observed that Google at the end of 2017 said Kotlin had infiltrated more than 17 per cent of Android apps developed with its IDE, Android Studio 3.0. Kotlin is an open source statically typed programing language that targets the JVM, Android, JavaScript (transpiling to ES5.1) and native platforms (via LLVM). JetBrains, the company that created it, contends Kotlin is more concise and more type-safe than Java. It estimates that apps written in Kotlin require about 40 per cent less code than they would with Java. With fewer lines of code, in theory, one can expect fewer bugs. In a paper distributed through pre-print service ArXiv, "An Empirical Study on Quality of Android Applications written in Kotlin language," Mateus and Martinez describe how they gathered 925 apps from the open source F-Droid repository, measured the amount of Kotlin code in each, and analyzed the code for "smells" as an indicator of code quality.

An anonymous reader quotes IEEE Spectrum: [W]hat's so compelling about RISC-V isn't the technology -- it's the economics. The instruction set is open source. Anyone can download it and design a chip based on the architecture without paying a fee. If you wanted to do that with ARM, you'd have to pay its developer, Arm Holding, a few million dollars for a license. If you wanted to use x86, you're out of luck because Intel licenses its instruction set only to Advanced Micro Devices. For manufacturers, the open-source approach could lower the risks associated with building custom chips.

Already, Nvidia and Western Digital Corp. have decided to use RISC-V in their own internally developed silicon. Western Digital's chief technology officer has said that in 2019 or 2020, the company will unveil a new RISC-V processor for the more than 1 billion cores the storage firm ships each year. Likewise, Nvidia is using RISC-V for a governing microcontroller that it places on the board to manage its massively multicore graphics processors.

An anonymous reader shares a blog post on OpenSourceMap: Most OSM commentary focuses on unimportant minutiae (layers, for goodness' sake, as if it's still 2004) without seeking to examine what makes OSM unique -- and whether that's still relevant in a rapidly changing market. Could OSM become a dead-end curio while Google, Apple, and an increasingly self-sufficient Mapbox hare off in another, common direction? OSM's continuing differentiation from Google/Apple boils down to two points.

First, a non-commercial imperative. Google and Apple (and Mapbox, TomTom, HERE) are beholden to their shareholders and investors. They do what makes them money, which means car navigation. (Once human-controlled, now, increasingly, self-guided. When people ask "How far ahead of Apple is Google Maps?", what they usually mean is "Who will get to self-driving cars first?") OSM, however, isn't ruled by shareholder value, but by the preoccupations of its contributor base. (We'll come onto that demographic later.) Whether that's a good thing depends on what you want from a map. But it's clearly a point of differentation.

Second, ground truthed local knowledge. Surveying by locals is the gold standard of OSM, building a rich, intricate compilation of contributors' preoccupations. The painstaking human curation of areas and topics remains unique to OSM. Neither of these are under threat from Google/Apple. Outsourced quick-fire digitisation of Street View-type imagery in cheap labour countries doesn't give you this. Nor does image recognition. OSM's points of differentation remain clear. In OSM's early days, commentators used the phrase "democratising mapmaking," and it remains true. You choose what to map; and you choose how to use the map. You participate. Other maps are a one-way street: sure, you can contribute (actively through map corrections, or passively through using a mobile app that phones home), but the provider chooses what you get back.

BrianFagioli shares a report from BetaNews: Microsoft seems eager to get programmers on the quantum bandwagon, as today, it launched the open-source Quantum Katas on GitHub. What exactly is it? It is essentially a project deigned to teach Q# programming for free. "For those who want to explore quantum computing and learn the Q# programming language at their own pace, we have created the Quantum Katas -- an open-source project containing a series of programming exercises that provide immediate feedback as you progress," says The Microsoft Quantum Team. "Coding katas are great tools for learning a programming language. They rely on several simple learning principles: active learning, incremental complexity growth, and feedback."

The team further says, "The Microsoft Quantum Katas are a series of self-paced tutorials aimed at teaching elements of quantum computing and Q# programming at the same time. Each kata offers a sequence of tasks on a certain quantum computing topic, progressing from simple to challenging. Each task requires you to fill in some code; the first task might require just one line, and the last one might require a sizable fragment of code. A testing framework validates your solutions, providing real-time feedback." You can view the project on GitHub here.

Slashdot reader fisted quotes NetBSD.org: The NetBSD Project is pleased to announce NetBSD 8.0, the sixteenth major release of the NetBSD operating system.

This release brings stability improvements, hundreds of bug fixes, and many new features. Some highlights of the NetBSD 8.0 release are:

— USB stack rework, USB3 support added.
— In-kernel audio mixer (audio_system(9)).
— Reproducible builds
— PaX MPROTECT (W^X) memory protection enforced by default
— PaX ASLR enabled by default
— Position independent executables by default
[...]

NetBSD is free. All of the code is under non-restrictive licenses, and may be used without paying royalties to anyone.

A crowdfunded project, known as "PeerTube," has blown through its initial goal with 53,100 euros collected in forty-two days. The project aims to be "a fully decentralized version of YouTube, whose computer code is freely accessible and editable, and where videos are shared between users without relying on a central system." The goal is PeerTube to officially launch by October. Quariety reports: PeerTube relies on a decentralized and federative system. In other words, there is no higher authority that manages, broadcasts and moderates the content offered, as is the case with YouTube, but a network of "instances." Created by one or more administrators, these communities are governed according to principles specific to each of them. Anyone can freely watch the videos without registering, but to upload a video, you must choose from the list of existing instances, or create your own if you have the necessary technical knowledge. At the moment, 141 instances are proposed. Most do not have specifics, but one can find communities centered on a theme or open to a particular region of the world. In all, more than 4,000 people are currently registered on PeerTube, for a total of 338,000 views for 11,000 videos. The project does not display ads, unlike YouTube. "In terms of monetization, we wanted to make a neutral tool," says Pouhiou, communication officer for Framasoft, the origin of PeerTube. The site will rely on a "support" button at the start, but "people will be able to code their own monetization system" in the future.

You asked questions, we've got the answers!

Christine Peterson is a long-time futurist who co-founded the nanotech advocacy group the Foresight Institute in 1986. One of her favorite tasks has been contacting the winners of the institute's annual Feynman Prize in Nanotechnology, but she also coined the term "Open Source software" for that famous promotion strategy meeting in 1998.

Christine took some time to answer questions from Slashdot readers.

Government Technology reports: On July 16, Google Maps is going to make it more difficult and expensive to use its API, which could make custom maps that rely on the service less sustainable or even unfeasible for the people who made them... First, Google Maps is requiring all projects to have an official API key in order to work. If a user doesn't have a key, the quality of the map will likely be reduced, or it could simply stop working. Second, API keys will only work if they are attached to somebody's credit card. Google will charge that card if users exceed a certain number of API requests, which is different for different services. Google will provide users a free $200 credit toward those costs each month...

There are a couple places where the changes might have more of an impact. One is in the civic hacking space, where people often work with government data to create niche projects that aim for low costs, or are free so that as many people as possible can use them... "I think that's what scares people a little bit, it certainly scares me, this thought of having this API out there and not knowing how many people are going to use it," said Derek Eder, founder of the civic tech company DataMade. "I don't want to suddenly get a bill for $1,000."
There's at least three Open Source alternatives, and Geoawesomeness.com lists nine more.

Slashdot reader Jiri_Komarek also points out that Google's move was good news for its competitor, MapTiler. "Since Google announced the pricing change the number of our users increased by 200%," said Petr Pridal, head of the MapTiler team. "We expect more people to come as they get their first bill from Google."

MrBrklyn (Slashdot reader #4,775) writes: Artix Linux, the young systemd free OS based on arch, is reaching a critical point in it's development and calling for new packagers.
Here's more from the ongoing thread on the project's forum: You don't have to be an expert in the occult arts for that; an elementary grasp of Linux in general and how PKGBUILD works should be enough for basic contributions. Help and training will be provided, free of charge!

Sean Michael Kerner, writing for eSecurity Planet: Back in 1999, Eric Raymond coined the term "Linus' Law," which stipulates that given enough eyeballs, all bugs are shallow. Linus' Law, named in honor of Linux creator Linus Torvalds, has for nearly two decades been used by some as a doctrine to explain why open source software should have better security. In recent years, open source projects and code have experienced multiple security issues, but does that mean Linus' Law isn't valid?

According to Dirk Hohndel, VP and Chief Open Source Officer at VMware, Linus' Law still works, but there are larger software development issues that impact both open source as well as closed source code that are of equal or greater importance. "I think that in every development model, security is always a challenge," Hohndel said. Hohndel said developers are typically motivated by innovation and figuring out how to make something work, and security isn't always the priority that it should be. "I think security is not something we should think of as an open source versus closed source concept, but as an industry," Hohndel said.