Free, Libre, and Open Source Software Leftovers

posted by Roy Schestowitz on Jan 17, 2024

F is for Freedom

• Medevel ☛ 12 Open-source Free Duplicate File Finder and Duplicate Removal Apps

  A duplicate finder and removal app is absolutely necessary for multiple reasons. Firstly, duplicate files consume valuable storage space on your device. By identifying and eliminating duplicates, you can liberate storage and optimize your device's performance.

• Beyond backup: Independent mirror boosts software resilience

  Past, present, code: Italy's ENEA and Software Heritage team up to mirror the future.

• Dedoimedo ☛ LuxCoreRender - Powerful open-source 3D tool, a bit complex

  Over the past almost two decades, I've done a great deal of 3D design. After some trial and error, I ended up using SketchUp for actual drawing and Kerkythea for rendering. Both of these programs are primarily intended for Windows, not Linux. That said, I got both of them running really well in Linux - part of my migration away from the proprietary operating system. So far so good. But we can perhaps do better?

  The one obvious limitation of Kerkythea is that it only does CPU-based rendering. No GPU. Effectively, this means if you have a beefy graphics card, it just sits idle there. But in practice, it could be used to render your models a good order of magnitude faster, perhaps even more, than using your o'dinary processor. This intrigue sent me on a search for a new, modern and Linux-native rendering tool - with the necessary SketchUp export plugin, of course. I found LuxCoreRender, and this is my early review and impression of that experiment.

• Gergely Nagy ☛ A YaCy experiment

  However, once I gathered enough courage to go and poke at things, it’s… not so bad! I’m never going to like it, but luckily, I do not have to. I can use the API to add things to the crawl queue - though that API is… quite something too, but it’s there, and I can use it.

  Crawling has so far been reasonably fast, and I feel like there’s plenty of control over what and how I crawl.

• BSD

  • TuMFatig ☛ FreeBSD bhyve hypervisor to run OpenBSD virtual machines

    Because I’m not 100% satisfied with my OmniOS bhyve experiment for running OpenBSD virtual machines, I’m giving it a try on a stock FreeBSD 14. And as usual, I’ll write down how I did it in case you are interested too :)

• Education

  • Kodi Foundation ☛ Kodi at FOSDEM 2024

    This is just a quick note to let everyone know that Team Kodi will be present at the Free and Open Source Developers European Meeting (FOSDEM) in Brussels on 3 & 4 February 2024. We will have a booth in Building H level 1 where you can try out Kodi and chat with us at your leisure :)

• Licensing / Legal

  • System76 ☛ Defense Unicorns: Bridging the Gap Between National Security and Open Source

    One of the key aspects that sets Defense Unicorns apart is their commitment to open source. All of their core technology is open source and is released under an Apache 2.0 license. This approach not only fosters wider adoption and better security practices but also allows for faster learning, broader community engagement, and access to innovation from diverse perspectives. Open source also serves as a powerful recruiting and branding tool for the company, attracting top talent interested in their work at the code level.

• Web Browsers/Web Servers

  • Daniel Stenberg ☛ curl is a CNA

    In plain English, this means that we will reserve and manage our own CVEs in the future directly against the CVE database with no middle man, and also that we have a scope for CVEs that is our territory: curl and libcurl. No one else can now register CVEs for our products – without involving us. (There’s an appeals process so someone can still actually file CVEs for issues even if we say no, but at least there’s a process where both sides will argue their points.)

  • Chromium

    • Security Week ☛ Google Warns of Chrome Browser Zero-Day Being Exploited

      The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine.

      As is customary, Google did not provide any additional details on scope of the observed attacks or share telemetry to help defenders hunt for signs of compromise.