Posts tagged free software
This year’s LibreOffice Conference will open at noon CEST on 23rd September and will conclude at 5:30p.m. CEST on 25th September.
The conference schedule has been finalised and is now available. Of course, there may last minute changes until 12th September when the schedule will be frozen. Sometime after that date the schedule will also be available on Android mobiles
People attending the LibreOffice Conference via Jitsi are asked to register by filling in this form. Registration will enable the conference organisers to manage conference sessions in the best way and provide a better experience than in 2020 (when a couple of unwelcome “guests” tried to spoil the event). LibreOffice advocates and conference attendees can support the event by purchasing LibreOffice Conference merchandise from Freewear.
In addition to the Document Foundation blog, conference announcements will be posted on two Telegram groups – LibreOffice Virtual Conference Announcements (https://t.me/LibOcon) and LibreOffice Virtual Conference (https://t.me/liboconvirtual), as well as the dedicated LibreOffice Conference website.
Your ‘umble scribe has been using Debian GNU/Linux for the best part of 15 years now.
Besides being a distribution in its own right, Debian is also used as the basis for many other Linux distros, such as the Ubuntu family and derivatives, as well as specialised distros like the security- and privacy-conscious Tails.
Furthermore, Debian stable version releases don't occur very often, only every 2-3 years (unlike the Ubuntu family, which is on a rigid twice-yearly release cycle. Ed.).
Consequently, a Debian stable version release is a major event and the latest release occurred on Friday, as announced in an email to the Debian Developer Announce mailing list
The start of the email reads as follows:
On 14th August 2021 we released Debian 11 “bullseye”.
There are too many people who should be thanked for their work on getting us to this point to list them all individually, and we would be sure to miss some. Nevertheless, we would like to particularly thank the installer team, the buildd and ftp teams, the CD team, the publicity team, the webmasters, the Release Notes editors, porters and all the bug squashers, NMUers, package maintainers and translators who have contributed to making bullseye a great release of which we should all be proud.
The email goes on the state that first point release for bullseye will take place about one month after the initial release.
Testing will soon start for the next Debian stable release – Debian 12, codenamed bookworm.
Finally, it’s worth noting that bullseye comes with 5 years’ support and an additional 10,000 software packages, as noted by ZDNet.
A new Debian release is an important event in the world of Linux and free and open source software as it doesn’t happen all that frequently, the last version release being over 2 years ago.
Not only is Debian an important distribution in its own right, but is also influential since it froms the basis for many others including the various flavours of Ubuntu (e.g. Kubuntu, Xubuntu, etc. Ed.), Mint, Devuan, Knoppix, Tails, Raspbian, Pop!_OS and SteamOS, to name but a few.
A post to Debian’s developer announcements list stated: “We plan to release on 2021-08-14”.
It’s a little over 2 years since the last stable Debian version, Debian 10 or ‘buster‘, was made available for download.
Way back in 2001, the prescient souls who established the Free Software Foundation Europe foresaw that people should be in control of technology and not vice versa.
Twenty years down the road the FSFE is concentrating its daily work on three main pillars to help software freedom thrive in Europe: public awareness, policy advocacy, and legal support.
The FSFE has had some major campaign successes over its 2 decades.
For instance there was the campaign to promote free software PDF readers, which encouraged over 2,000 European public sector organisations to remove links for Adobe’s proprietary Acrobat reader from their websites.
A major current FSFE campaign is Public Money, Public Code, an initiative to ensure that publicly financed software developed for the public sector be made publicly available under a Free and Open Source Software licence. If it is public money, it should be public code as well. Code paid by the people should be available to the people!
Finally here’s FSFE President Matthias Kirschner speaking to the openSUSE Virtual Conference 2021 about two decades of the FSFE.
Many happy returns, FSFE. Keep up the good work for the good of all.
The Tor Project has updated its browser after the discovery of a bug with more than dangerous repercussions for user privacy. URLs based on onion services version 2 should migrate to version 3 before September 2021.
A recent update of the Tor Browser to version 10.0.18 has enabled several bugs to be corrected, including a rather serious vulnerability for users, French IT news site Le Monde Informatique reports. As a matter of fact, this bug, which is based on version 2 of its onion services, enabled some sites to track users from the applications installed on their devices.
The vulnerability tracked users via their browsers, enabling any website or government to discover a user’s actual IP address, which is contrary to the basic principle of the Tor project. URLs actually benefit from a security gain with version 3 of onion services. This is due to the fact that they use “cleaner” code with stronger cryptography which is proving to be less susceptible to brute force attacks due to its complexity.
URLs under onion services V2 no longer supported from 15 July
The project also announced it would start to deprecate URLs under onion services version 2 by initially advising the operators and clients that access them. With effect from 15 July, Tor will no longer support V2 URLs V2 and support for them will be removed from the browser codebase.
So as to ensure that each user and website administrator is well aware of this change, a message will be displayed “when visiting sites which are still using V2 URLs advising they will shortly be deprecated and the site will be inaccessible unless it is updated to version 3 of onion services“.
The Baltic Republic of Estonia has clearly taken note of the Free Software Foundation Europe’s Pubic Money Public Code campaign to have publicly funded software released as free software.
Joinup,the EU’s news site for open source IT developments reports that the Estonian government decided to make all government software publicly available.
The Estonian Parliament, the Riigikogu, approved the necessary changes to the Estonian State Property Act on 12 May 2021 and the the new rules came into effect on 1st June 2021.
All software to which the Estonian state owns the property rights in whole or part shall henceforth ould be made available publicly. If only parts are owned by the state, those parts owned by the state will be made available.
Under the new regulations, the authority in charge of the software shall decide if the software is to be made available and has to provide the following:
- a description of the public software to be made available for use;
- the conditions of use of the public software to be made available.
However, there are some restrictions on the release of publicly-funded software to the pubic. For example, if such a release would be detrimental to the state, such as a potential threat to public order and national security or cybersecurity reasons, in which case the authority in question can refuse to make the software publicly available.
With his move, Estonia joins other European countries such as Spain, Italy and France, which already publish most of government-owned software publicly
Version 1.3 of OpenDocument Format for Office Applications (ODF) has been approved as an OASIS Committee Standard, Italo Vignoli writes on The Document Foundation (TDF) blog.
ODF is a free, open XML-based document file format for office applications for use for documents containing text, spreadsheets, charts and graphical elements. In addition,ODF is the native file format used by TDF’s free and open source LibreOffice productivity suite, as well as other free and open source suites such as Apache OpenOffice, whilst the format can also be handled by major proprietary office suites. Furthermore, ODF has been adopted by the UK government’s Open Standards Board for document exchange with citizens and other victims.
ODF 1.3 is an update to the international standard Version 1.2, which was approved by the International Organization for Standardization (ISO) as ISO/IEC 26300 (2015). The update was approved with 14 affirmative consents and no objections.
The most important new features of ODF 1.3 include digital signatures for documents and the OpenPGP-based encryption of XML documents, with improvements in areas such as change tracking and document security, additional details in the description of elements in first pages, text, numbers and charts.
The full ODF 1.3 Specification can be downloaded from OASIS website.
The new version of ODF has been funded by TDF.
Finally, it is hoped that the new ODF 1.3 will complete the process to update its existing ISO/IEC standard 26300 in early 2022.
The newest version – 2.06 – of the GRUB bootloader used by most Linux distributions contains two new features, German IT news site heise reports. The software now supports boot partitions encrypted with LUKS2 and the update also contains several bug fixes and security improvements. This is the first new version of GRUB in nearly 2 years. It was originally to have been released in summer 2020, but developers were thwarted by a nasty security hole.
Attackers could gain access to the boot process and execute malicious code via a vulnerability named BootHole. To begin with Linux distributors patched their own GRUB packages. Unfortunately, BootHole patches for Red Hat, CentOS, Debian and Ubuntu blocked GRUB2. GRUB has now officially patched BootHole with the new version
GRUB developers have taken over the additional patches used in the meantime by Red Hat, Debian and a few other distributors to secure their own GRUB packages. The distributors had tried to bridge the gap in the lone release times between GRUB versions. In addition, several errors have been eliminated and GRUB’s code tidied up. GRUB can now be compiled with the GCC 10 and Clang 10 C compilers.
New security module
As a new feature, GRUB 2.06 supports the Xen hypervisor’s XSM/FLASK security module and Secure Boot Advanced Targeting (SBAT). The developers of the Shim bootloader came up with the latter technology to further complicate attacks on the boot process. In simple terms, the procedure automatically considers outdated versions of a program involved in the boot process to be unsafe. In addition to this, GRUB 2.06 offers a lockdown mechanism that is similar to the equivalent of the Linux kernel of the same name.
REUSE is a set of best practices to make Free Software licensing much easier. Using simple guidelines, it helps developers stipulate their copyright and conditions for code re-use, as well as providing documentation and low-threshold tools to get the job done.
With REUSE Booster, the Free Software Foundation Europe (FSFE) is to start providing direct support for free software projects.
Since its inception, the aim of the FSFE’s REUSE initiative has been to make licensing and copyright easier for developers, especially those without legal experience and assistance.
REUSE offers standardised ways to mark all files in a project with their relevant licence and copyright. For developers, creating free software and giving notice of the conditions for code re-use are now easier than ever. before. REUSE comes with tutorial and FAQ, as well as the REUSE helper tool and the API to automate once manual processes.
The FSFE is constantly working on improving REUSE.
Introducing REUSE Booster
With REUSE Booster, the FSFE is inviting free software projects to register for support by the its legal experts. As the name suggests, this will boost the process of adopting best practice, together with a general understanding of licensing and copyright.
Accepted projects will participate in an initial workshop in which the process is explained and typical questions answered. Each project will then receive an individual evaluation revealing potential challenges on their path to full REUSE compliance. Guidance will be provided by direct contacts if unforeseen problems arise. Last but not least, the FSFE will share practical suggestions on how to maintain a stable licensing status. The FSFE already provides similar support for all projects in the Next Generation Internet Zero (NGI0) project. As consortium partners, the FSFE helps developers resolve licensing and copyright uncertainties and avoid legal pitfalls. Furthermore, many NGIO projects adopt REUSE best practice to streamline their compliance.
The FSFE now wants to build on this practical experience and enable other projects to benefit. This has made possible by REUSE sponsors such as Siemens and individual support from FSFE volunteers and supporters.
Free Software project managers are asked to register before 8 July 2021 for support in becoming REUSE compliant.
The report’s findings can be summarised as follows.
Free and open source companies are typically micro-businesses (59%) and SMEs (35.1%). They are generally well established youngish businesses with an average age of 11.5 years. They have a very varied customer base in all sectors and exports account for over 20% of their turnover, as opposed to 16.7% in the digital sector.
Besides service activities, there has been a move from solutions-based financial models (invoicing for use, sale of licences) whereas 57.1% are software producers, playing a vital ecosystem role.
During the Covid crisis, the majority (64.6%) of companies reported stable or increasing activities, with 82.8% of managers saying they were confident about the future of their companies and 61.1% seeking to recruit staff. However, 53.7% are worried about the French economy over the long term, particularly as regards the durability of B2B customers.
Although it has been recommended by the Secretariat-General for National Defence and Security (SGDSN) to reassert digital sovereignty, only 29.3% of respondents think that France is implementing an open source industrial strategy to counter the Big Tech companies and 64.6% of them believe the powers that be are not giving sufficient encouragement to open source as provided for by law, particularly in respect of public sector procurement.
Plus de 80% des entreprises sont déjà engagées dans une démarche éthique libre et responsable vis-à-vis de critères spécifiques : la moitié d’entre elles a déjà formalisé de tels engagements et l’autre se déclare prête à le faire.
Businesses are very involved in the ecosystem and contribute to more than 35 organisations. Furthermore, 9.7% report that their region has an open source-based digital strategy which has tangible results, albeit with marked regional disparties.