• Shortcuts : 'n' next unread feed - 'p' previous unread feed • Styles : 1 2

» Publishers, Monetize your RSS feeds with FeedShow:  More infos  (Show/Hide Ads)


Date: Monday, 06 Oct 2014 16:37

Richard Stallman will be delivering an address on Saturday at 11:30am.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Sunday, 05 Oct 2014 22:48

The next stable version of GNU make, version 4.1, has been released and is available for download from http://ftp.gnu.org/gnu/make/

This release consists mainly of bug fixes.

Please see the NEWS file that comes with the GNU make distribution for details on user-visible changes.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Sunday, 05 Oct 2014 18:56

THIS MONTH…..
-TRENDS
-EYE CATCHING
-ANNUAL PLAN
-DISCUSSIONS
-EXISTING CODE
-SECURITY
-LASTLY

-TRENDS
The stuff going on in the big picture now…..

United States Electricity Price per KWH
Current and Past

July August Trend % Change
$0.143 $0.143 Same 0.00%

 

Year August Trend % Change % Since Difference
2004 $0.100 Same 0.00% 0.00% 0.00%
2005 $0.105 Increase 5.00% 5.00% 5.00%
2006 $0.118 Increase 12.38% 18.00% 13.00%
2007 $0.121 Increase 2.54% 21.00% 3.00%
2008 $0.132 Increase 9.09% 32.00% 11.00%
2009 $0.130 Decrease -1.52% 30.00% -2.00%
2010 $0.133 Increase 2.31% 33.00% 3.00%
2011 $0.135 Increase 1.50% 35.00% 2.00%
2012 $0.133 Decrease -1.48% 33.00% -2.00%
2013 $0.137 Increase 3.01% 37.00% 4.00%
2014 $0.143 Increase 4.38% 43.00% 6.00%

United Kingdom Utility Prices
Current and Past

London by night, seen from the International Space Station

-EYE CATCHING
The stuff that has caught our eye…..

Demand Response

  • A new product line, from Ecobee, with an API.
  • An announcement, Echelon has sold their grid division. This bring the future of the LonWorks protocol into question.
  • A brief, recommending how to increase customer demand for Demand Response.
  • An article, identifying the Smart Grid as the next killer software application.

Smart Grid – Consumer

  • An article, reporting Amazon is working on launching a Smart Home device product line.
  • A conference, Demand Response World Forum 2014.
  • An article, reporting the United States Department of Energy has a final determination strengthening energy-efficiency for commercial building codes.
  • An article, reporting the United States Department of Energy has released a set of voluntary privacy recommendations for smart grid owners, operators, and third parties.
  • An article, reporting the impact of electric vehicle charging on the coming Smart Grid.
  • An article, reporting the United States Federal Energy Regulatory Commission is studying electricity market reforms.
  • An analysis, considering why consumers do not reduce their energy usage.
  • An article, describing the debate of owning customer energy data.
  • An article, discussing safety from hackers attacking Smart Home technologies.
  • An opinion, asserting the lack of federal oversight of Demand Response will hamper growth of Demand Response.
  • An article, discussing possibilities of Smart Grid mergers.
  • An article, considering low income Smart Grid customers.

Smart Grid – Producer

  • An article, reporting a federal appeals court upholds FERC Order 1000.
  • A website, the OpenADR Demand Response Research Center.
  • An article, discussing utilities needing to future-proof their mobile networks.
  • A report, finding electric transmission and distribution challenges include aging assets, equipment and technology investments, upgrading capacity verses lessening susceptibility, and power delivery system redesign plans.

Smart Grid – Security

  • A company, using proprietary technology to collect electric meter readings via small aircraft.
  • An effort, to develop and test a next generation energy management system. This effort does not speak of a security component.
  • An article, describing the need to secure the Smart Grid.
  • An article, addressing the current security status of the United States Smart Grid effort.
  • An article, describing the ten most dangerous Home Automation devices.
  • An opinion, recommending what utilities should do with their customer data.
  • A new Home Automation product line, having loads of interoperability, with little to no comprehensive security plan.

-ANNUAL PLAN
Status Update of our 2014 Plan…..

Demand Response

  • Further discussions with members of the electronics industry.
  • No other work since the April newsletter.

Unattended Server Side Automation

  • No other work since the April newsletter.

Power Line Communication

  • Further discussions with the members of the electronics industry.
  • No other work since the January newsletter.

Talk to us with your comments and suggestions on our plan for this year.

-DISCUSSIONS
The stuff we are talking about now…..

FSF INTERVIEW
The Free Software Foundation (FSF) interviewed the GNU remotecontrol team. GNU remotecontrol is a member of the Free Software Foundation. The article is a comprehensiveness then-to-now writing, in combination with where the software project will most likely go in the future.

FIVE YEAR HOME EFFICIENCY EXPERIMENT
The Tennessee Valley Authority has completed a study of combining various energy efficiency approaches. This study is the first time these approaches have been combined to this extent, for this long of a period. The outcome is the efficiency benefits are there to be gained, without exerting much expense. The question each person must decide is how long they are willing to wait for their payback period to arrive.

OTHER TYPES OF THERMOSTATS?
Many people have asked us about adding other types of thermostats to GNU remotecontrol. There are three questions that need to be answered before we can offer GNU remotecontrol support for any IP thermostat. These questions are:

  • How to CONNECT to it (NETWORK).
  • How to READ from it (CODE).
  • How to WRITE to it (CODE).

It is our hope to have dozens and dozens of thermostat types that work with GNU remotecontrol. Let us know if you designed or manufactured a device and you would like to test it with GNU remotecontrol.

-EXISTING CODE
The stuff you may want to consider…..

BUGS
We have 0 new bugs and 0 fixed bugs since our last Blog posting. Please review these changes and apply to your GNU remotecontrol installation, as appropriate.

TASKS
We have 1 new tasks and 0 completed tasks since our last Blog posting. Please review these changes and apply to your GNU remotecontrol installation, as appropriate.

-SECURITY
The stuff you REALLY want to consider…..

BLACK HAT USA 2014
Black Hat is the most technical and relevant global information security event series in the world. Their 2014 conference clearly demonstrates the electronics industry is not moving fast enough to secure Smart Home technologies. This problem is not only caused by the electronics industry. It is also caused by an end-user willingness to have functionality over security. The final result is often property theft or identity theft. The need for security of both the Smart Grid and the Smart Home cannot be overstated.

REMEMBER
GNU remotecontrol relies on OS file access restrictions, Apache authentication, MySQL authentication, and SSL encryption to secure your data. Talk to us you want to find out how you can further strengthen the security of your system, or you have suggestions for improving the security of our current system architecture.

-LASTLY
Whatever you do…..don’t get beat up over your Energy Management strategy. GNU remotecontrol is here to help simplify your life, not make it more complicated. Talk to us if you are stuck or cannot figure out the best option for your GNU remotecontrol framework. The chances are the answer you need is something we have already worked through. We would be happy to help you by discussing your situation with you.

…..UNTIL NEXT MONTH!

Why the Affero GPL?

GNU Affero General Public License LOGO

GNU remotecontrol LOGO


Author: "--"
Send by mail Print  Save  Delicious 
Date: Saturday, 04 Oct 2014 20:03

So I (Mike Gran) mentioned to a colleague the other day that my brother is Stephen Gran.

"Isn't there a Stephen Gran that does something for Debian," he said.

"I think so," I said. "I've run across that name before.... Yeah Debian Steve is #5 in the Google searches for Stephen Gran."

"But that's not your brother?," he asked

"Sadly, no. Looks like my brother is the #10 Stephen Gran, down here where it says 'suspects arrested'."

Author: "noreply@blogger.com (Mike)"
Send by mail Print  Save  Delicious 
Date: Saturday, 04 Oct 2014 18:37

Dear community

GNU Health patchset 2.6.4 has been released !

Priority: High

Table of Contents

  • About GNU Health Patchsets
  • Summary of this patchset
  • Installation notes
  • List of Bugs

About GNU Health Patchsets

We provide "patchsets" to stable releases. Patchsets allow quick bug fixes and updates for production systems.

Patches and Patchsets maximize uptime for production systems, and keep your system updated, without the need to do a whole installation. Some of them, and thanks to the magic of Tryton can be applied to running system.

NOTE: Patchsets are applied on previously installed systems only. For new installations, download and install the whole tarball (ie, gnuhealth-2.6.4.tar.gz)

For more information about GNU Health patches and patchsets you can visit https://en.wikibooks.org/wiki/GNU_Health/Patches_and_Patchsets

Summary of this patchset

  • Affected modules (excludes localization / typos) : health, health_calendar
  • health : Fix appointment institution link, to point now to the new Institution model.
  • health_calendar : Fix Health Professional Work Schedule wizard

Installation Notes

You must apply previous patchsets before installing this patchset. If your patchset level is 2.6.3, then just follow the general instructions. You can find the patchsets at GNU Health FTP site (ftp://ftp.gnu.org/gnu/health/)

Follow the general instructions at https://en.wikibooks.org/wiki/GNU_Health/Patches_and_Patchsets

Source the GNU Health profile (source $HOME/.gnuhealthrc) to update your environment

Update your database ( update=all )

List of bugs related to this patchset

#43347 Invalid assignment of institution in appointments ( https://savannah.gnu.org/bugs/index.php?43347 )
#43350 Institution field in Work Schedule still points to party ( https://savannah.gnu.org/bugs/index.php?43350 )

Author: "--"
Send by mail Print  Save  Delicious 
Date: Friday, 03 Oct 2014 23:13

Today's Friday Free Software Directory (FSD) IRC Meeting comes after a very active week of users updating and adding new entries to the Directory. User Mviinama made over 80 edits alone! And, I was happy to see that such productivity continued during our meeting today, as well.

Two new packages added today worth highlighting are:

  • Traccar, a Java server that displays map and other data from various GPS tracking devices. It is under the Apache 2.0 license.
  • Seafile, a server based filestore with clients for multiple different platforms. It serves as a replacement for SaaSS such as dropbox. The server is licensed under the Apache 2.0 license and clients
    are licensed GNU GPL version 3 (only).

In addition to adding new packages and updating many more, we also had a lively discussion about font licensing and about the MPL, and we brainstormed some ideas for new icons and other art to brighten up the pages on the Directory.

You too can join in our discussions and help improve the Directory: find out how to attend our Friday Free Software Directory IRC Meetings by checking our blog or by subscribing to the RSS feed.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Friday, 03 Oct 2014 16:28
Recently, I had a discussion with RMS about being a speaker for Free Software.   In the end I was told simply to record some of my talks and that I would be given some feedback, but during the discussion I explained why I think GNUstep is important to free software and I believe that this is something that I think is important for other people to understand as well:

Hey Richard,

That shouldn't be hard to do.  I get invited to speak about GNUstep a
lot.  Not just about the technical aspects, but about it's importance
to free software.

While I have your attention, I would like to tell you the following...

I tend to see GNUstep as very important to the free software movement
as it facilitates developers moving away from environments such as
Cocoa and UIKit.  Apple has always been a power for control and an
enemy of freedom which is why I am so passionate about GNUstep.  I
don't like that they have locked down users like they have.

I realize that the rest of the community may not share my view and,
honestly, I have been somewhat disheartened as of late as I have
always had trouble getting other developers to see GNUstep as I do.
They focus on GNOME and KDE and consider Objective-C ugly or not
elegant.  I think that's a shame.   Which brings me to my final point.
  
Apple has recently introduced a new language called Swift.   It has
become abundantly clear that they have no intention of releasing Swift
even as open source (which I understand is a different movement, but
it would, at least, be a step for them in something which resembles
the right direction).

I feel like speaking about free software and, specifically, speaking
about how GNUstep can play an important role in it is why I would like
to be listed on the speakers list.   It would give me more of an
opportunity to speak out about Apple's evils and generally raise
awareness.

Thanks, GC

So, if anyone would like me to come and speak about free software or about GNUstep, please let me know.  I would be grateful for the opportunity.
Author: "noreply@blogger.com (GregC)"
Send by mail Print  Save  Delicious 
Date: Wednesday, 01 Oct 2014 21:36

Join the FSF and friends on Friday, October 3, from 2pm to 5pm EDT (18:00 to 21:00 UTC) to help improve the Free Software Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on freenode.


Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.


While the Free Software Directory has been and continues to be a great resource to the world over the past decade, it has the potential of being a resource of even greater value. But it needs your help!


If you are eager to help and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today!

Author: "--"
Send by mail Print  Save  Delicious 
Date: Wednesday, 01 Oct 2014 15:07

To get announcements of most new GNU releases, subscribe to the info-gnu mailing list: http://lists.gnu.org/mailman/listinfo/info-gnu. Nearly all GNU software is available from http://ftp.gnu.org/gnu/, or preferably one of its mirrors (http://www.gnu.org/prep/ftp.html). You can use the url http://ftpmirror.gnu.org/ to be automatically redirected to a (hopefully) nearby and up-to-date mirror.

This month, we welcome Nik Nyby as a new co-maintainer of GNU librejs.

A number of GNU packages, as well as the GNU operating system as a whole, are looking for maintainers and other assistance: please see http://www.gnu.org/server/takeaction.html#unmaint if you'd like to help. The general page on how to help GNU is at http://www.gnu.org/help/help.html. To submit new packages to the GNU operating system, see http://www.gnu.org/help/evaluation.html.

As always, please feel free to write to me, karl@gnu.org, with any GNUish questions or suggestions for future installments.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Tuesday, 30 Sep 2014 09:20

Richard Stallman tomará parte en un encuentro con educadores de la Universidad Nacional Autónoma de Mejico, quienes presentarán una distribución GNU/Linux denominada Jarro Negro en la Universidad Distrital Francisco José de Caldas, Facultad de Tecnología, y asistirá a un taller sobre GNU/EMACS, con el fin de incentivar su utilización en el entorno académico.

Favor de rellenar este formulario, para que podamos contactarle acerca de eventos futuros en la región de Bogotá.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Monday, 29 Sep 2014 16:11
In the past weeks, quite some polish was added in windows support.

First, there was a bug affecting Popup Menus and contextual menus that affected only certain computers. It was fixed.




Then the controls were not properly initialized. Native file-dialogs, for example, as well as upcoming print dialogs (work in progress by Gregory) did not fit the theme properly. On XP, Window 7 and Windows 8 they should follow the native look, instead they always got the "Win 95" look creating a strange mix.

The fix requires initializing Windows' controls. I put the initialization code inside the WinUX theme loading. If it will not prove safe, then it needs to be moved into NSApplication. Furthermore, an XML resource file to enable the correct loading.




I really does look nice, doesn't it?
Author: "noreply@blogger.com (Riccardo)"
Send by mail Print  Save  Delicious 
Date: Monday, 29 Sep 2014 07:28
Hi Guys,

  In this month's news we have:
  
  * The GDB project is removing support for the following platforms:
    - MIPS IRIX (mips*-sgi-irix5*, mips*-sgi-irix6*)
    - Alpha Tru64 (alpha*-*-osf*)

    This only affect code maintained by GDB project (not binutils or GCC).  Also, support for any other target on MIPS (including embedded ones) will be maintained as is.

  * GCC now supports the MIPS R6 and ARM CORTEX-A17 architecture variants.

  * The is a new gcc attribute called no_reorder.  This tells GCC not to change the order of the marked functions and variables, relative to each other.  (Unmarked functions and variables can still be reordered).  This attribute is similar to the -fno-topleve-reorder option, except that it only applies to the marked symbols.

  * There is a new GCC command line optionn: -freport-bug

    This tells GCC to collect and dump debug information into temporary file if an internal compiler error occurs.  This information can be helpful to whomever has to fix the bug.

Cheers
  Nick
Author: "--"
Send by mail Print  Save  Delicious 
Date: Sunday, 28 Sep 2014 21:47

I am pleased to announce a new version of GNU guile-ncurses. guile-ncurses is a library for the creation of text user interfaces in the GNU Guile dialect of the Scheme programming language. It is based on the ncurses project's curses, panel, form, and menu libraries.

This version is a bug-fix release with no new functionality.

The web page for GNU guile-ncurses is
http://www.gnu.org/software/guile-ncurses/

Its canonical download location is http://ftp.gnu.org/gnu/guile-ncurses/

Or you can download it from a mirror at
http://ftpmirror.gnu.org/guile-ncurses/

The NEWS for this release is

- parallel 'make check' is now supported
- will now look for ncurses headers in <ncursesw/curses.h> as well
- the wcwidth procedure is not provided if it is not supported by the
underlying libraries
- update autoconfigury
- Cygwin: support pty devices with guile-ncurses-shell
- MinGW: avoid C library functions that are unavailable
- MinGW: building guile-ncurses-shell is no longer attempted
- MinGW: the libguile-ncurses dll is now unversioned so that Guile can
find it

Author: "--"
Send by mail Print  Save  Delicious 
Date: Sunday, 28 Sep 2014 05:00
No associated text to display
Author: "gnucash-devel@gnucash.org (GnuCash Developers)"
Send by mail Print  Save  Delicious 
Date: Saturday, 27 Sep 2014 22:06

I'm very pleased to announce the release of a new version of GNU PSPP. PSPP is a program for statistical analysis of sampled data. It is a free replacement for the proprietary program SPSS.

Changes from 0.8.3 to 0.8.4:

  • Formatting of SYSFILE INFO output was made easier to read.
  • Bug fixes, including the following notable ones:
    • FREQUENCIES works properly for string variables. (This bug was introduced in 0.8.2.)
    • CROSSTABS now correctly computes all of the measures that it offers. Some measures have been removed because they were not computed correctly.
    • The NPAR TESTS calculation of significance for the RUNS subcommand has been corrected.
    • Planned comparisons in ONEWAY ANOVA now correctly handle negative T-values.
    • Conformance fixes to Open Document output format.

Please send PSPP bug reports to bug-gnu-pspp@gnu.org.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Friday, 26 Sep 2014 20:54

Today's Friday Free Software Directory (FSD) IRC Meeting was focused on bug fixes. In particular, we fixed some HTTPS errors we were having with images, we found and deleted the rare spam entry or two that gets submitted, and we did some other minor house cleaning tasks. There were also some important conversations on what constitutes "corresponding source" of a work as well as further discussions of our art licensing policy. Free software licensing is an important and recurring topic in our weekly IRC meetings, but this week's discussion were especially interesting and thought provoking.

You, too, can join in on the fun. Find out how to attend our Friday Free Software Directory IRC Meetings by checking our blog or subscribing to the RSS feed.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Friday, 26 Sep 2014 19:58

Bitcoin Armory

In this edition, we conducted an email-based interview with Alan Reiner, core developer of Bitcoin Armory, a bitcoin wallet focused on security. Bitcoin Armory is licensed under the terms of GNU Affero General Public License version 3, or (at your option) any later version.

Tell us about yourself and Bitcoin Armory

I am the CEO of Armory Technologies, Inc and core developer of Armory Bitcoin Wallet which is a popular, free software wallet application focused on security for enterprise business and advanced users. It was the first and only Bitcoin wallet to make "cold storage" (offline wallets) accessible through an intuitive user interface, and is one of the most trusted tools for securing and managing large bitcoin investments. I have degrees in applied mathematics and engineering mechanics, and additional background in statistics, data mining, and cryptography. I spent seven years developing image & video processing algorithms at a physics lab in Maryland before switching to Armory full-time and founding Armory Technologies, Inc in mid-2013. I became one of the top Bitcoin experts in the community, and a trusted source for security best practices and innovation. My goal is to pioneer the world of Bitcoin wallets, and make high-security easy to practice even for "regular" users.

What inspired you to create Bitcoin Armory?

There were no other Bitcoin wallets that provided the security features I wanted. I knew how to implement them, so I did it! It turns out other people wanted it, too.

How are people using it?

Of all the DIY Bitcoin wallets out there, Armory is the one focused most squarely on security. The software is trusted by some of the biggest Bitcoin holders to keep their coins secure, featuring backup, offline, and multi-sig features not available elsewhere.

What features do you think really sets Bitcoin Armory apart from similar software?

The ability to manage wallets/crypto keys that are kept on computers that are not internet-connected, yet be able to gather signatures from offline devices in a secure manner. And recently, the ability to do "multi-signature" transactions without a third-party service (all locally-run instances of our software). You can even combine the two and do anonymous cold-multisig. These are critical features for major investors and enterprise users and no other software has it.

Why did you choose the AGPL as Bitcoin Armory's license?

We wanted to make the project free software, as we don't believe that a piece of software as security-sensitive as ours could survive as a proprietary application. The ability for code auditing is critical when people perceive a risk that the developers could inject code to steal their money. However, we didn't want to limit our monetization options by picking a permissive license. AGPL gives us the ability to assert some control (and incentivises dual-licensing) while allowing us to keep all the source code free.

How can users (technical or otherwise) help contribute to Bitcoin Armory?

Bitcoin Armory software is now maintained by Armory Technologies, Inc. which is a for-profit startup that will focus on the needs of advanced and enterprise users. We have accepted code contributions before, but I doubt few would contribute anymore without being on our payroll. At this time we have 5 full-time developers, and we haven't had a non-paid contribution to the codebase in months.

If someone is interested in contributing, we'd encourage them to contact us and send us their resume. Due to the nature and sensitivity of our software, there's actually a pretty high learning curve to get over to be able to make meaningful contributions to the code (that are both effective and secure).

What's the next big thing for Bitcoin Armory?

We are working on some technical advancements, as well as promoting our enterprise services. On the technical side, we are focusing on multi-user encryption features that would allow enterprise clients to appoint a set of employees to manage each signing device, without any one employee having exclusive access. Hardware Security Modules (HSMs) are typically used for this purpose, but are extremely expensive ($20k+), and we wanted to be able to provide a pure-software solution that provides most of the same benefits on consumer hardware, especially for small businesses.

Further, we are ironing out our enterprise services, which will involve custom adaptations and plugins to the base free software project, as well as security consulting and training. There's a lot brewing and not enough time to do it all!

Enjoyed this interview? Check out our previous entry in this series featuring Stephen H. Dawson and the rest of the GNU Remotecontrol team.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Friday, 26 Sep 2014 09:55
Richard Stallman hablará sobre las metas y la filosofía del movimiento del Software Libre, y el estado y la historia del sistema operativo GNU, el cual junto con el núcleo Linux, es actualmente utilizado por decenas de millones de personas en todo el mundo.

Esa charla de Richard Stallman formará parte de la Semana Distrital de la Cultura Libre (2014-10-06--10). No será técnica y será abierta al público; todos están invitados a asistir.

Favor de rellenar este formulario, para que podamos contactarle acerca de eventos futuros en la región de Bogotá.

Author: "--"
Send by mail Print  Save  Delicious 
Date: Friday, 26 Sep 2014 06:46
I really do hate being right sometimes.  I believe that's enough said on the subject, don't you?  All I know now is that action must be taken.   The era of closed source languages is over and has been for some time.
Author: "noreply@blogger.com (GregC)"
Send by mail Print  Save  Delicious 
Date: Thursday, 25 Sep 2014 21:35

Bash is the GNU Project's shell; it is part of the suite of software that makes up the GNU operating system. The GNU programs plus the kernel Linux form a commonly used complete free software operating system, called GNU/Linux. The bug, which is being referred to as "shellshock," can allow, in some circumstances, attackers to remotely access and control systems using Bash (and programs that call Bash) as an attack vector, regardless of what kernel they are running. The bug probably affects many GNU/Linux users, along with those using Bash on proprietary operating systems like Apple's OS X and Microsoft Windows. Additional technical details about the issue can be found at CVE-2014-6271 and CVE-2014-7169.

GNU Bash has been widely adopted because it is a free (as in freedom), reliable, and featureful shell. This popularity means the serious bug that was published yesterday is just as widespread. Fortunately, GNU Bash's license, the GNU General Public License version 3, has facilitated a rapid response. It allowed Red Hat to develop and share patches in conjunction with Bash upstream developers efforts to fix the bug, which anyone can download and apply themselves. Everyone using Bash has the freedom to download, inspect, and modify the code -- unlike with Microsoft, Apple, or other proprietary software.

Software freedom is a precondition for secure computing; it guarantees everyone the ability to examine the code to detect vulnerabilities, and to create new and safe versions if a vulnerability is discovered. Your software freedom does not guarantee bug-free code, and neither does proprietary software: bugs happen no matter how the software is licensed. But when a bug is discovered in free software, everyone has the permission, rights, and source code to expose and fix the problem. That fix can then be immediately freely distributed to everyone who needs it. Thus, these freedoms are crucial for ethical, secure computing.

Proprietary, (aka nonfree) software relies on an unjust development model that denies users the basic freedom to control their computers. When software's code is kept hidden, it is vulnerable not only to bugs that go undetected, but to the easier deliberate addition and maintenance of malicious features. Companies can use the obscurity of their code to hide serious problems, and it has been documented that Microsoft provides intelligence agencies with information about security vulnerabilities before fixing them.

Free software cannot guarantee your security, and in certain situations may appear less secure on specific vectors than some proprietary programs. As was widely agreed in the aftermath of the OpenSSL "Heartbleed" bug, the solution is not to trade one security bug for the very deep insecurity inherently created by proprietary software -- the solution is to put energy and resources into auditing and improving free programs.

Development of Bash, and GNU in general, is almost exclusively a volunteer effort, and you can contribute. We are reviewing Bash development, to see if increased funding can help prevent future problems. If you or your organization use Bash and are potentially interested in supporting its development, please contact us.

The patches to fix this issue can be obtained directly at http://ftp.gnu.org/gnu/bash/.

Media Contacts

John Sullivan
Executive Director
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

Author: "--"
Send by mail Print  Save  Delicious 
Next page
» You can also retrieve older items : Read
» © All content and copyrights belong to their respective authors.«
» © FeedShow - Online RSS Feeds Reader