free software | Steve Woods

Debian 11 ‘bullseye’ due for release on 14th August

28/07/2021 Steve WoodsLinux, Open Source, Tech

Version 11 of Debian GNU/Linux, codenamed ‘bullseye‘, is due for release on 14th August The Register reports.

A new Debian release is an important event in the world of Linux and free and open source software as it doesn’t happen all that frequently, the last version release being over 2 years ago.

Not only is Debian an important distribution in its own right, but is also influential since it froms the basis for many others including the various flavours of Ubuntu (e.g. Kubuntu, Xubuntu, etc. Ed.), Mint, Devuan, Knoppix, Tails, Raspbian, Pop!_OS and SteamOS, to name but a few.

A post to Debian’s developer announcements list stated: “We plan to release on 2021-08-14”.

It’s a little over 2 years since the last stable Debian version, Debian 10 or ‘buster‘, was made available for download.
Happy 20th birthday, FSFE!

27/07/2021 Steve WoodsOpen Source, Open Standards, Tech

Way back in 2001, the prescient souls who established the Free Software Foundation Europe foresaw that people should be in control of technology and not vice versa.

Twenty years down the road the FSFE is concentrating its daily work on three main pillars to help software freedom thrive in Europe: public awareness, policy advocacy, and legal support.

The FSFE has had some major campaign successes over its 2 decades.

For instance there was the campaign to promote free software PDF readers, which encouraged over 2,000 European public sector organisations to remove links for Adobe’s proprietary Acrobat reader from their websites.
A major current FSFE campaign is Public Money, Public Code, an initiative to ensure that publicly financed software developed for the public sector be made publicly available under a Free and Open Source Software licence. If it is public money, it should be public code as well. Code paid by the people should be available to the people!

Finally here’s FSFE President Matthias Kirschner speaking to the openSUSE Virtual Conference 2021 about two decades of the FSFE.

https://fsfe.org/news/2021/news-20210721-01.en.html

Many happy returns, FSFE. Keep up the good work for the good of all.
Tor Browser squashes user tracking bug

12/07/2021 Steve WoodsOpen Source, Privacy, Tech

The Tor Project has updated its browser after the discovery of a bug with more than dangerous repercussions for user privacy. URLs based on onion services version 2 should migrate to version 3 before September 2021.

A recent update of the Tor Browser to version 10.0.18 has enabled several bugs to be corrected, including a rather serious vulnerability for users, French IT news site Le Monde Informatique reports. As a matter of fact, this bug, which is based on version 2 of its onion services, enabled some sites to track users from the applications installed on their devices.

Tor Browser running on Ubuntu Linux. Image courtesy of Wikimedia Commons.

The vulnerability tracked users via their browsers, enabling any website or government to discover a user’s actual IP address, which is contrary to the basic principle of the Tor project. URLs actually benefit from a security gain with version 3 of onion services. This is due to the fact that they use “cleaner” code with stronger cryptography which is proving to be less susceptible to brute force attacks due to its complexity.

URLs under onion services V2 no longer supported from 15 July

The project also announced it would start to deprecate URLs under onion services version 2 by initially advising the operators and clients that access them. With effect from 15 July, Tor will no longer support V2 URLs V2 and support for them will be removed from the browser codebase.

So as to ensure that each user and website administrator is well aware of this change, a message will be displayed “when visiting sites which are still using V2 URLs advising they will shortly be deprecated and the site will be inaccessible unless it is updated to version 3 of onion services“.
Estonia – government software is now public software

07/07/2021 Steve WoodsOpen Source, Politics, Tech
The Baltic Republic of Estonia has clearly taken note of the Free Software Foundation Europe’s Pubic Money Public Code campaign to have publicly funded software released as free software.

Joinup,the EU’s news site for open source IT developments reports that the Estonian government decided to make all government software publicly available.

The Estonian Parliament, the Riigikogu, approved the necessary changes to the Estonian State Property Act on 12 May 2021 and the the new rules came into effect on 1st June 2021.

All software to which the Estonian state owns the property rights in whole or part shall henceforth ould be made available publicly. If only parts are owned by the state, those parts owned by the state will be made available.

Under the new regulations, the authority in charge of the software shall decide if the software is to be made available and has to provide the following:
- a description of the public software to be made available for use;
- the conditions of use of the public software to be made available.
However, there are some restrictions on the release of publicly-funded software to the pubic. For example, if such a release would be detrimental to the state, such as a potential threat to public order and national security or cybersecurity reasons, in which case the authority in question can refuse to make the software publicly available.

With his move, Estonia joins other European countries such as Spain, Italy and France, which already publish most of government-owned software publicly
ODF 1.3 becomes OASIS standard

25/06/2021 Steve WoodsOpen Source, Open Standards, Tech

Version 1.3 of OpenDocument Format for Office Applications (ODF) has been approved as an OASIS Committee Standard, Italo Vignoli writes on The Document Foundation (TDF) blog.

ODF is a free, open XML-based document file format for office applications for use for documents containing text, spreadsheets, charts and graphical elements. In addition,ODF is the native file format used by TDF’s free and open source LibreOffice productivity suite, as well as other free and open source suites such as Apache OpenOffice, whilst the format can also be handled by major proprietary office suites. Furthermore, ODF has been adopted by the UK government’s Open Standards Board for document exchange with citizens and other victims.

ODF 1.3 is an update to the international standard Version 1.2, which was approved by the International Organization for Standardization (ISO) as ISO/IEC 26300 (2015). The update was approved with 14 affirmative consents and no objections.

The most important new features of ODF 1.3 include digital signatures for documents and the OpenPGP-based encryption of XML documents, with improvements in areas such as change tracking and document security, additional details in the description of elements in first pages, text, numbers and charts.

The full ODF 1.3 Specification can be downloaded from OASIS website.

The new version of ODF has been funded by TDF.

Finally, it is hoped that the new ODF 1.3 will complete the process to update its existing ISO/IEC standard 26300 in early 2022.
Improved security in GRUB 2.06 bootloader

16/06/2021 Steve WoodsLinux, Open Source, Tech

The newest version – 2.06 – of the GRUB bootloader used by most Linux distributions contains two new features, German IT news site heise reports. The software now supports boot partitions encrypted with LUKS2 and the update also contains several bug fixes and security improvements. This is the first new version of GRUB in nearly 2 years. It was originally to have been released in summer 2020, but developers were thwarted by a nasty security hole.

Attackers could gain access to the boot process and execute malicious code via a vulnerability named BootHole. To begin with Linux distributors patched their own GRUB packages. Unfortunately, BootHole patches for Red Hat, CentOS, Debian and Ubuntu blocked GRUB2. GRUB has now officially patched BootHole with the new version

GRUB developers have taken over the additional patches used in the meantime by Red Hat, Debian and a few other distributors to secure their own GRUB packages. The distributors had tried to bridge the gap in the lone release times between GRUB versions. In addition, several errors have been eliminated and GRUB’s code tidied up. GRUB can now be compiled with the GCC 10 and Clang 10 C compilers.

GRUB bootloader menu on Ubuntu Linux machine

New security module

As a new feature, GRUB 2.06 supports the Xen hypervisor’s XSM/FLASK security module and Secure Boot Advanced Targeting (SBAT). The developers of the Shim bootloader came up with the latter technology to further complicate attacks on the boot process. In simple terms, the procedure automatically considers outdated versions of a program involved in the boot process to be unsafe. In addition to this, GRUB 2.06 offers a lockdown mechanism that is similar to the equivalent of the Linux kernel of the same name.
REUSE Booster provides free software licensing and copyright support

09/06/2021 Steve WoodsOpen Source, Tech, Uncategorized

REUSE is a set of best practices to make Free Software licensing much easier. Using simple guidelines, it helps developers stipulate their copyright and conditions for code re-use, as well as providing documentation and low-threshold tools to get the job done.

With REUSE Booster, the Free Software Foundation Europe (FSFE) is to start providing direct support for free software projects.

Since its inception, the aim of the FSFE’s REUSE initiative has been to make licensing and copyright easier for developers, especially those without legal experience and assistance.

REUSE offers standardised ways to mark all files in a project with their relevant licence and copyright. For developers, creating free software and giving notice of the conditions for code re-use are now easier than ever. before. REUSE comes with tutorial and FAQ, as well as the REUSE helper tool and the API to automate once manual processes.

The FSFE is constantly working on improving REUSE.

Introducing REUSE Booster

With REUSE Booster, the FSFE is inviting free software projects to register for support by the its legal experts. As the name suggests, this will boost the process of adopting best practice, together with a general understanding of licensing and copyright.

Accepted projects will participate in an initial workshop in which the process is explained and typical questions answered. Each project will then receive an individual evaluation revealing potential challenges on their path to full REUSE compliance. Guidance will be provided by direct contacts if unforeseen problems arise. Last but not least, the FSFE will share practical suggestions on how to maintain a stable licensing status. The FSFE already provides similar support for all projects in the Next Generation Internet Zero (NGI0) project. As consortium partners, the FSFE helps developers resolve licensing and copyright uncertainties and avoid legal pitfalls. Furthermore, many NGIO projects adopt REUSE best practice to streamline their compliance.

The FSFE now wants to build on this practical experience and enable other projects to benefit. This has made possible by REUSE sponsors such as Siemens and individual support from FSFE volunteers and supporters.
Free Software project managers are asked to register before 8 July 2021 for support in becoming REUSE compliant.
France – the state of open source

02/06/2021 Steve WoodsOpen Source, Open Standards, Tech

In France the Conseil National des logiciel libres (CNLL – National Free Software Council) has just published its 2020/2021 survey (PDF) into free and open source software in France.

The report’s findings can be summarised as follows.

Free and open source companies are typically micro-businesses (59%) and SMEs (35.1%). They are generally well established youngish businesses with an average age of 11.5 years. They have a very varied customer base in all sectors and exports account for over 20% of their turnover, as opposed to 16.7% in the digital sector.

Besides service activities, there has been a move from solutions-based financial models (invoicing for use, sale of licences) whereas 57.1% are software producers, playing a vital ecosystem role.

During the Covid crisis, the majority (64.6%) of companies reported stable or increasing activities, with 82.8% of managers saying they were confident about the future of their companies and 61.1% seeking to recruit staff. However, 53.7% are worried about the French economy over the long term, particularly as regards the durability of B2B customers.

Although it has been recommended by the Secretariat-General for National Defence and Security (SGDSN) to reassert digital sovereignty, only 29.3% of respondents think that France is implementing an open source industrial strategy to counter the Big Tech companies and 64.6% of them believe the powers that be are not giving sufficient encouragement to open source as provided for by law, particularly in respect of public sector procurement.

Plus de 80% des entreprises sont déjà engagées dans une démarche éthique libre et responsable vis-à-vis de critères spécifiques : la moitié d’entre elles a déjà formalisé de tels engagements et l’autre se déclare prête à le faire.

Businesses are very involved in the ecosystem and contribute to more than 35 organisations. Furthermore, 9.7% report that their region has an open source-based digital strategy which has tangible results, albeit with marked regional disparties.
Printed manuals available for LibreOffice 7

29/05/2021 Steve WoodsLinux, Media, Open Source, Tech

The Document Foundation (TDF) blog reports today that users of the TDF’s free and open source LibreOffice suite can now acquire hard copies of guides to the various modules in version 7.* of the suite (Writer, Calc, Impress, Math and Base) as well as a general Getting Started Guide.

These new guides are full of tips, tricks and tutorials to help users get the best out of the whole office suite.

The guides are already available for download in both PDF and ODT versions.

There will nevertheless always be people who appreciate hard copies of manuals, so the LibreOffice Documentation community has joined forces with online bookshop Lulu (which was started by Red Hat co-founder Bob Young) made these available guides. The guides will be printed on demand in various locations and be shipped to anywhere in the world.

Pricing for the UK is shown as £10 per guide. Lulu also provide guides for earlier versions of LibreOffice.
LibreOffice 7.1 Calc Guide available

23/05/2021 Steve WoodsOpen Source, Tech

The Document Foundation (TDF), the organisation behind the free and open source cross-platform LibreOffice suite, announced on its blog on Friday that a new guide for the suite’s Calc spreadsheet module had been released. Version 7.1 of LibreOffice was released in February this year.

The guide has been produced by members of the LibreOffice documentation community to take account of the improvements to Calc in the new release.

The Guide includes the volunteer effort of many members of the documentation community – Rafael Lima from Brazil, Martin Van Zijl and Kees Kriek from the Netherlands and Celia Palacios from the Spanish language community. Yusuf Keten from the Google Summer of Code program merits a special mention for work new extensions and template dialogs, as does Steve Fanning for his editorial review and to Jean Hollis Weber for her work on improving and organising the text. Work on the new guide was co-ordinated by Felipe Viggiano from Brazil.

The 545-page guide is available as a PDF and covers all of Calc’s basic and advanced features, making it a must-read for getting the most out of Calc.

URLs under onion services V2 no longer supported from 15 July

New security module

Introducing REUSE Booster

Posts navigation