Planet GNU

Aggregation of development blogs from the GNU Project

May 31, 2015

Alfred M. Szmidt

GNU inetutils 1.9.3

The GNU inetutils team is proud to present version 1.9.3 of the GNU networking utilities. The GNU Networking Utilities are the common networking utilities, clients and servers of the GNU Operating System.

The following is new in this release:

  • ftp

    An old inability to allow other names than the canonical name has been corrected. This means that a machine entry in the .netrc file will now be used as expected. Previously any alias name was replaced by the corresponding canonical name, before reading the .netrc file.

    The internal command ‘hash’ accepts a suffixed letter to the size argument, like ‘12k’, instead of 12288. Made a minor change to the syntax of the command itself, allowing size changes independently of activation of hash markings. After a transfer the summary gives the speed as ‘Mbytes/s’, ‘kbytes/s’, or ‘bytes/s’.

    The .netrc file can be overridden by the environment variable NETRC. Of even higher precedence is the new option ‘-N/–netrc’. The access to the resulting file, whatever method, is now denied unless it is a regular file.

  • ifconfig

    Better command line parsing on BSD and Solaris systems. Touch only changeable flags on all systems.

  • logger

    The ability to use numerical facilities is restored to full range.

  • ping, ping6

    The ability to specify a pattern as payload is corrected.

  • syslogd

    A new switch ‘-T/–local-time’ makes the service ignore a time stamp passed on by the remote host, recording instead the local time at the moment the message was received. As a short form of ‘–pidfile’, the switch ‘-P’ is new.

    In common with other syslogd implementations, rsyslogd and sysklogd, there has for a long time existed an attack vector based on large facility numbers, made public in CVE-2014-3684. This is now mended in our code base.

  • telnetd

    The ability to autologin a client, without using authentication, is now functional in the expected manner, i.e., the prompt for a user name is suppressed in favour of an immediate password prompt.

    In a setting where the client is using a UTF-8 encoding, it was common to observe strange characters in most responses. This was caused by the server daemon, due to incomplete purging of internal protocol data. The issue should now be resolved.

  • whois

    Improved cooperation with servers like ‘whois.arin.net’, ‘whois.eu’, and ‘whois.ripe.net’.

by ams at May 31, 2015 12:00 AM

May 28, 2015

easejs @ Savannah

GNU ease.js 0.2.5 release [stable]

This is a feature release, focused primarily on the continued development of traits.

This release succeeds v0.2.4, which was released 07 Aug, 2014. There are no
backwards-incompatible changes; support continues for ECMAScript 3+.

Changes between 0.2.4 and 0.2.5:
- [doc] Manual has been updated to reflect an implementation detail that
causes `this.__super` to remain in scope after a call to a private
method.
- This is not a bug, but is undefined behavior.

Trait support is currently under development and will be undocumented
until v0.3.0; it is included currently as a preview and is functional and
comprehensively tested, but is incomplete. For a list of outstanding
tasks, see `README.traits`.

* [preview] Traits may now "extend" classes.
- Extending a class C denotes compatibility with C's interface: the
trait may then only be mixed into C or its subtypes.
- Extending traits is not yet supported, but will be in the next
release.
- Releated test cases:
- test/Trait/{Abstract,ClassExtend}Test.js

- [preview] Staging object returned by `#use` calls---representing an
eventual mixin---now statisfy the `Class.isClass` predicate.

Examples of Trait use can be found in the extensive test cases (test/Trait)
and in the resources found on the ease.js homepage:
https://www.gnu.org/software/easejs/#traits

Historical release notes are available at:
https://www.gnu.org/software/easejs/release-notes.html

Getting GNU ease.js
-------------------
Here are the compressed sources and a GPG detached signature[*]:
https://ftp.gnu.org/gnu/easejs/easejs-0.2.5.tar.gz
https://ftp.gnu.org/gnu/easejs/easejs-0.2.5.tar.gz.sig

Alternative download options are available at:
http://www.gnu.org/software/easejs/download.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify easejs-0.2.5.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 8EE30EAB

and rerun the 'gpg --verify' command.

Free Your JavaScript!
---------------------
<http://www.gnu.org/software/easejs/whyfreejs.html>

See the FSF's Free JavaScript Campaign at
<https://fsf.org/campaigns/freejs>.

Are you a JavaScript developer? Consider joining the campaign's JavaScript
Developers Task Force mailing list at
<https://lists.gnu.org/mailman/listinfo/js-devs-task-force>.

About GNU ease.js
-----------------
GNU ease.js is a classical object-oriented framework for JavaScript,
intended to eliminate boilerplate code and "ease" the transition into
JavaScript from other object-oriented languages. Features include simple and
intuitive class definitions; classical inheritance; abstract classes and
methods; traits as mixins; interfaces; public, protected, and private access
modifiers; static and constant members; and more. Please see the
comprehensive documentation at
<https://www.gnu.org/software/easejs/manual.html> for more information,
examples, and implementation details.

by Mike Gerwitz at May 28, 2015 05:46 AM

May 26, 2015

FSF Events

Richard Stallman to speak in Rennes, France

This speech by Richard Stallman will be nontechnical, admission is gratis, and the public is encouraged to attend.

Speech topic, start time, and exact location to be determined.

Please fill out our contact form, so that we can contact you about future events in and around Rennes.

May 26, 2015 05:47 AM

May 22, 2015

FSF Blogs

Asking Obama to protect encryption, and why that's not enough

In addition to civil society organizations like the FSF, the letter* was signed by some of the most important cryptologists in the world, including the inventors of many of the key technologies behind modern encryption.

The letter is a response to recent requests from the US Federal Bureau of Investigation (FBI) and other agencies for laws requiring that backdoors and attack vectors be built into any encrypted system made by US companies. These backdoors would be specially created to allow law enforcement to snoop on the personal information of the company's customers. Even if you trust the government not to misuse your personal information, this is very risky; any backdoor created for the government will significantly weaken software against other attacks as well.

While free software advocates may not all agree on the details of how narrow government surveillance must be to keep civil liberties intact, we must draw a line at surveillance that prevents effective whistleblowing on corporate and government misbehavior. Mandatory backdoors would definitely do that. Whistleblowers exist outside the NSA—people must be able to expose (as hypothetical examples) inappropriate influence by Apple on US congresspeople, or secret patent intimidation by Microsoft against free software distributors. Without strong encryption, such sources will know that their identity can be easily discovered, providing a serious deterrent against doing the right thing.

Another unacceptable result of government-mandated backdoors is that they would effectively make it impossible for US companies to use free software encryption in systems that handle customers' information. The laws requiring specific unmodifiable anti-features would prevent both companies and users from exercising freedom 1 of the Free Software Definition, the freedom to study how a program works and change it so it does your computing as you wish.

We are strongly opposed to government-mandated backdoors and are supportive of this letter's intent, but we signed it with some trepidation. This is because the only real victory in control over our software lies not in petitioning the government, but in moving away from proprietary software. Free software can be much more difficult for centralized entities—either government or corporate—to control, because any backdoors or other vulnerabilities added to a given version can be reversed in another version and spread to everyone using the program (I wrote more about this resilience in a 2013 article, How can free software protect us from surveillance?). Conversely, proprietary software is never guaranteed to serve our interests—even if we are assured by the developers of the software that they have not built in a backdoor, we can't verify this because we can't see the source code.

Let's keep pressuring our government to resist any requirement to deliberately install backdoors in our software, but not put all our eggs in that basket: to really have freedom and security, we need to use our own solutions that we control, from the source code up. A variety of such free software, encrypted communication tools already exist. Systems like GnuPG (learn how to use it here), OpenSSL, and the rest in the Free Software Directory's encryption category are easily available and new ones are being created every day to meet changing needs. There are even new, free software-based, decentralized, surveillance-resistant systems that we hope will someday replace the massive restrictive corporate systems that government agencies so desperately want complete access to. If we're successful, we'll eventually reach a point where we won't need to petition leaders to protect our privacy in this area, because we'll be able to protect it ourselves.

*The letter uses the term "free and open source," but the term "open source" misses the point of free software. Read more about the two terms on gnu.org.

May 22, 2015 10:10 PM

FSF Events

Richard Stallman to speak in Frankfurt, Germany

Richard Stallman's speech will be nontechnical, admission is gratis, and the public is encouraged to attend.

Speech topic to be determined.

Please fill out our contact form, so that we can contact you about future events in and around Frankfurt.

May 22, 2015 01:04 PM

Richard Stallman to speak in Frankfurt, Germany

Richard Stallman's speech will be nontechnical, admission is gratis, and the public is encouraged to attend.

Speech topic to be determined.

Please fill out our contact form, so that we can contact you about future events in and around Frankfurt.

May 22, 2015 12:45 PM

gxmessage @ Savannah

gxmessage 3.4.1 for GTK3 has been released

gxmessage is a GTK based alternative to xmessage.

This is a maintenance release keeping up with changes in GTK3, and updated using the latest GNU tools.

Also, I'm pleased to announce a new mailing list for gxmessage users:

https://lists.gnu.org/mailman/listinfo/gxmessage

by Timothy Musson at May 22, 2015 08:37 AM

gxmessage 2.20.2 for GTK2 has been released

gxmessage is a GTK based alternative to xmessage.

This is a maintenance and minor bug-fix release of the GTK2 based version of gxmessage.

Also, I'm pleased to announce a new mailing list for gxmessage users:

https://lists.gnu.org/mailman/listinfo/gxmessage

by Timothy Musson at May 22, 2015 08:33 AM

May 21, 2015

parallel @ Savannah

GNU Parallel 20150522 ('Nepal') released [stable]

GNU Parallel 20150522 ('Nepal') has been released. It is available for download at: http://ftp.gnu.org/gnu/parallel/

No new functionality was introduced so this is a good candidate for a stable release.

Haiku of the month:

Many jobs to run.
Idle cores is not your thing.
Use GNU Parallel.
-- Ole Tange

New in this release:

  • Security: After further security analysis the issue fixed in 20150422 also fixed the problem for --tmux.
  • Bug fixes and man page updates.

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job is can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2011): GNU Parallel - The Command-Line Power Tool, ;login: The USENIX Magazine, February 2011:42-47.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://www.gnu.org/s/parallel/merchandise.html
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --bibtex)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

by Ole Tange at May 21, 2015 10:48 PM

FSF Blogs

Friday Free Software Directory IRC meetup: May 22

Join the FSF and friends Friday, May 22, from 2pm to 5pm EDT (18:00 to 21:00 UTC) to help improve the Free Software Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on freenode.

Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.

While the Free Software Directory has been and continues to be a great resource to the world over the past decade, it has the potential of being a resource of even greater value. But it needs your help!

If you are eager to help and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today!

May 21, 2015 08:15 PM

Friday Free Software Directory IRC meetup: May 15

Join the FSF and friends Friday, May 15, from 2pm to 5pm EDT (18:00 to 21:00 UTC) to help improve the Free Software Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on freenode.

Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.

While the Free Software Directory has been and continues to be a great resource to the world over the past decade, it has the potential of being a resource of even greater value. But it needs your help!

If you are eager to help and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today!

May 21, 2015 08:11 PM

May 19, 2015

Simon Josefsson

Scrypt in IETF

Colin Percival and I have worked on an internet-draft on scrypt for some time. I realize now that the -00 draft was published over two years ago, turning this effort today somewhat into archeology rather than rocket science. Still, having a published RFC that is easy to refer to from other Internet protocols will hopefully help to establish the point that PBKDF2 alone no longer provides state-of-the-art protection for password hashing.

I have written about password hashing before where I give a quick introduction to the basic concepts in the context of the well-known PBKDF2 algorithm. The novelty in scrypt is that it is designed to combat brute force and hardware accelerated attacks on hashed password databases. Briefly, scrypt expands the password and salt (using PBKDF2 as a component) and then uses that to create a large array (typically tens or hundreds of megabytes) using the Salsa20 core hash function and then de-references that large array in a random and sequential pattern. There are three parameters to the scrypt function: a CPU/Memory cost parameter N (varies, typical values are 16384 or 1048576), a blocksize parameter r (typically 8), and a parallelization parameter p (typically a low number like 1 or 16). The process is described in the draft, and there are further discussions in Colin’s original scrypt paper.

The document has been stable for some time, and we are now asking for it to be published. Thus now is good time to provide us with feedback on the document. The live document on gitlab is available if you want to send us a patch.

by simon at May 19, 2015 12:55 PM

May 18, 2015

FSF Events

Richard Stallman - "Software Libero and Internet Freedom" (Genoa, Italy)

Richard Stallman will be speaking at the 21° Festival Internazionale di Poesia (2015-06-10--20). His speech will be nontechnical, admission is gratis, and the public is encouraged to attend.

Please fill out our contact form, so that we can contact you about future events in and around Genoa.

May 18, 2015 03:00 PM

ignuit @ Savannah

ignuit-2.24.0 released

Maintenance and minor feature enhancements.

by Timothy Musson at May 18, 2015 02:13 PM

Nick Clifton

May 2015 GNU Toolchain Update

Hi Guys,

  There are several things to report this month:

    * GCC now supports targets configured to use the MUSL C library:   http://www.musl-libc.org/


    * The Compiler has a new warning option: -Wmisleading-indentation
  
      This generates warnings when the indentation of the code does not reflect the block structure.  For example:

       if (some_condition ())
          foo ();
          bar ();
/* Gotcha: this is not guarded by the "if".  */

      The warning is disabled by default.


    * The Compiler also has a new shift warning: -Wshift-negative-value
    
      This generates warnings when left shifting a negative value.  The warning is enabled by -Wextra in C99 and C++11 modes (and newer).  The warning can be suppressed by an appropriate cast.  For example:
    
       val |= ~0 << loaded;       // Generates warning
       val |= (unsigned) ~0 << loaded;    // Does not warn


    * GCC supports a new option: -fno-plt

      When compiling position independent code this tells the compiler not to use PLT for external function calls.  Instead the address is loaded from the GOT and then branched to directly.  This leads to more efficient code by eliminating PLT stubs and exposing GOT load to optimizations.

      Not all architectures support this option, and some other optimization features, such as lazy binding, may disable it.


    * GCC's sanitizer has a new option: -fsanitize=bounds-strict

      This option enables strict instrumentation of array bounds.  Most out of bounds accesses are detected, including flexible array members and flexible array member-like arrays.


    * The AArch64 backend supports a new option to enable a workaround for the ARM Cortex-A53 erratum number 843419.  The workaround itself is implemented in the linker, but it can be enabled via the compiler option:

        -mfix-cortex-a53-843419
    
      Note, specifying -mcpu=cortex-a53 is not enough to enable this option as not all versions of the A53 need the erratum.


    * The AArch64 backend also supports a new core type of "native".  When used as -mcpu=native or -mtune=native it tells the backend to base its core selection on the host system.  If the compiler cannot recognise the processor of the host system then the option does nothing.


    * The Linker now supports the Intel MCU architecture:  https://groups.google.com/forum/#!topic/ia32-abi/cn7TM6J_TIg


    * GDB 7.9.1 has been released!

      GDB 7.9.1 brings the following fixes and enhancements over GDB 7.9:

     + PR build/18033 (C++ style comment used in gdb/iq2000-tdep.c and gdb/compile/compile-*.c)
     + PR build/18298 ("compile" command cannot find compiler if tools configured with triplet instead of quadruplet)
     + PR tui/18311 (Random SEGV when displaying registers in TUI mode)
     + PR python/18299 (exception when registering a global pretty-printer in verbose mode)
     + PR python/18066 (argument "word" seems broken in Command.complete (text, word))
     + PR pascal/17815 (Fix pascal behavior for class fields with testcase)
     + PR python/18285 (ptype expr-with-xmethod causes SEGV)

Cheers
  Nick

May 18, 2015 09:32 AM

May 14, 2015

guix @ Savannah

GNU Guix 0.8.2 released

We are pleased to announce the next alpha release of GNU Guix, version 0.8.2.

The release comes both with tarballs, which allow you to install it on top of a running GNU/Linux system, either from source or from a binaries, and a USB installation image to install the standalone Guix System Distribution (GuixSD).

The highlights for this release include:

See http://lists.gnu.org/archive/html/guix-devel/2015-05/msg00195.html for details.

Special thanks go to Luis Felipe López Acevedo, the incredible designer of the new web site and GuixSD logo!

About GNU Guix

GNU Guix is a functional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686 or x86_64 machine. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and armv7.

by Ludovic Courtès at May 14, 2015 11:52 AM

May 13, 2015

FSF Blogs

Friday Free Software Directory IRC meetup: May 15

Join the FSF and friends Friday, May 15, from 2pm to 5pm EDT (18:00 to 21:00 UTC) to help improve the Free Software Directory by adding new entries and updating existing ones. We will be on IRC in the #fsf channel on freenode.

Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.

While the Free Software Directory has been and continues to be a great resource to the world over the past decade, it has the potential of being a resource of even greater value. But it needs your help!

If you are eager to help and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today!

May 13, 2015 10:00 PM

FSF News

May 12, 2015

FSF Blogs

LibrePlanet forever! Watch five sessions from 2015 online

Chris Webber's LibrePlanet 2015 talk
  • Stand up for the GNU GPL! (slides available for download) by Karen Sandler, executive director of Software Freedom Conservancy. Karen shares an account of Conservancy's support for Christoph Hellwig's recent suit against VMWare to defend the GNU General Public License.
  • Free software, free hardware, and other things by Richard Stallman, founder of the Free Software Foundation. Richard gives his take on some major issues facing the world of free software and explains how the free software philosophy extends to hardware.
  • Let's encrypt by Seth Schoen, senior staff technologist at the Electronic Frontier Foundation. Let's Encrypt is a robotic certificate authority that will soon issue publicly-trusted certificates, at no charge, by the millions.
  • Style or substance? Free software is totally the 80's by Deb Nicholson of the Open Invention Network, OpenHatch, and GNU MediaGoblin. Deb discusses the need to look at free software development from a long-term perspective, focusing on robust designs.
  • Federation and GNU by Chris Webber, lead developer of GNU MediaGoblin. Federation refers to the loose networking relationship that allows the creation of decentralized Web systems like GNU MediaGoblin, pump.io, and GNU social.

Want more info about a session? Full descriptions are up on the LibrePlanet 2015 Web site.

There are many more videos on their way from the 2015 conference; we wish we could have them all up today, but some are still being prepared. All published videos are hosted on , our instance of the publishing platform GNU MediaGoblin, which also includes videos from LibrePlanet 2014 and 2013.

Finally, we want to say thanks again to all the volunteers who worked hard designing and running our free software streaming and recording system and transcoding and editing the videos. You keep LibrePlanet spinning!

May 12, 2015 08:30 PM

guix @ Savannah

GNU Guix talk at OpenTechSummit, Berlin, May 14th

Ricardo Wurmus will be giving a talk about GNU Guix and GuixSD at the OpenTechSummit in Berlin, Germany, on May 14th. The talk will take place at 3:15pm in track 2 and covers topics such as the fundamentals of functional package management, software management features with GNU Guix, and system description in GuixSD.

Ricardo has been making major contributions to Guix over the last year and is a long-time free software contributor. If you are in Berlin area, do not miss the talk!

About GNU Guix

GNU Guix is a functional package manager for the GNU system. The Guix System Distribution (GuixSD) is an advanced distribution of the GNU system that relies on GNU Guix.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. It also offers a declarative approach to operating system configuration management. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language.

At this stage the Guix System Distribution can be used on an i686 or x86_64 machine. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and armv7.

by Ludovic Courtès at May 12, 2015 06:52 AM

May 11, 2015

FSF Blogs

Why doesn't the FSF release GPG-signed copies of its licenses?

One relatively frequent request we receive is for the FSF to provide GPG-signed copies of our licenses. GPG is a tool that lets users cryptographically sign or encrypt documents and emails. A GPG-signed document lets anyone who receives it know that they have received the exact same document as the one that was signed. By providing signed documents, users will be able to easily ensure that they have received an unmodified copy of the license along with their software. It's also possible that some system of signing the documents could help projects tracking the use and adoption of various free software licenses. Providing these signed documents is a simple task: run a command and publish the documents. A trivial investment of resources, or at least that is how it appears at first.

The reality is that projects can comply with their duty to provide a copy of a license while also modifying the format of the license documents to meet their own needs. To our knowledge, there's no simple way to correctly identify when a document is the proper license, given that the formatting or structure of the document can vary between distributions. Many distributors even put the license at the end of a longer document or manual. If a valid copy of the license were to fail our check, resolving this issue could waste resources and lead to further problems. We don't want to cause undue grief for projects that are properly licensed under a free license, simply because they want to shift around some white space on the license, wrap the lines at different points, or store the document in a different encoding system.

We turned to our licensing team for ideas about how to reap the same benefits with fewer false failures. Possibilities included flattening the document and removing white space before generating a hash of the document. But testing showed that some valid copies of licenses in the wild would fail this check. There doesn't seem to be a simple method that will accurately verify that the text of the document is unchanged, without constricting the ability of free software developers in how they format the document.

The fact remains that even if users could check that a document they receive is a legitimate, unmodified copy of a GNU license, that doesn't mean that the accompanying software is free of impermissible restrictions. Additional restrictions on the software do not need to be written into the license. In fact, proprietary developers have mastered the art of using many different documents to place restrictions on their software, and the same can happen when a user receives a piece of software that purports to be under a free license. Additional restrictions could be hidden in a README file, a manual, or even a separate licensing or TOS document.

In the end, while it would be convenient and useful to verify via command line that a document is a genuine copy of a GNU license, the problems this can cause are unfortunately more trouble than they are worth. The license, like the documentation, is among the few things distributed with software that are meant exclusively for humans to understand, not for computers to process. After all, it's always great for users to take the time to read the license themselves.

May 11, 2015 06:58 PM

FSF Events

Richard Stallman - "The Danger of Software Patents" (Athens, Greece)

"The Danger of Software Patents"
Richard Stallman will explain how software patents obstruct software development. Software patents are patents that cover software ideas. They restrict the development of software, so that every design decision brings a risk of getting sued. Patents in other fields restrict factories, but software patents restrict every computer user. Economic research shows that they even retard progress.

Richard Stallman's speech will be nontechnical, admission is gratis, and the public is encouraged to attend.

Please fill out our contact form, so that we can contact you about future events in and around Athens.

May 11, 2015 03:10 PM

CANCELLED - Richard Stallman to speak in Heraklion, Crete

This speech has unfortunately had to be cancelled.

Please fill out our contact form, so that we can contact you about future events in and around Heraklion.

May 11, 2015 11:10 AM

Richard Stallman - "A Free Digital Society" (Heraklion, Greece)

There are many threats to freedom in the digital society. They include massive surveillance, censorship, digital handcuffs, nonfree software that controls users, and the War on Sharing. Other threats come from use of web services. Finally, we have no positive right to do anything in the Internet; every activity is precarious, and can continue only as long as companies are willing to cooperate with it.

Richard Stallman's speech will be nontechnical, admission is gratis, and the public is encouraged to attend.

Please fill out our contact form, so that we can contact you about future events in and around Heraklion.

May 11, 2015 10:55 AM

May 07, 2015

FSF News

The FSF is hiring: Seeking a Boston-area full-time web developer

This position, reporting to the executive director, works closely with our sysadmin team to maintain and improve the FSF's Web presence. It's an especially exciting time to join the FSF team, because we will be celebrating our 30th anniversary this October.

The FSF uses several different free software web platforms in the course of its work, both internally and externally. These platforms are critical to work supporting the GNU Project, free software adoption, free media formats, and freedom on the Internet; and to opposing bulk surveillance, Digital Restrictions Management, software patents, and proprietary software.

We are looking for someone who is primarily interested in keeping these systems up-to-date and working, as well as customizing them when necessary. While the main duties will relate to the backend systems, frontend experience with templates, HTML, CSS, JavaScript, and design tools will be a big plus.

The web developer will also contribute to decisions about which new platforms to use or which existing ones to retire. The infrastructure of www.fsf.org, shop.fsf.org, and audio-video.gnu.org will likely be changed this year, so there will be some critically important research and work to be done right away.

We emphasize opportunities to contribute work done at the FSF to the upstream projects we use, to benefit the broader free software community.

You'll primarily work with:

  • CiviCRM
  • Drupal
  • MediaWiki
  • Plone / Zope
  • Ikiwiki
  • Request Tracker
  • Django / Satchmo
  • Etherpad
  • CAS
  • GNU social
  • GNU MediaGoblin

Because the FSF works globally and seeks to have our materials distributed in as many languages as possible, multilingual candidates will have an advantage. English, German, French, Spanish, Mandarin, Malagasy, and a little Japanese, are represented among current FSF staff.

With our small staff of twelve, each person makes a clear contribution. We work hard, but offer a humane and fun work environment at an office located in the heart of downtown Boston.

The FSF is a mature but growing organization that provides great potential for advancement; existing staff get the first chance at any new job openings. This position is a great starting point for anyone who might be interested in other roles on our technical team in the future.

Benefits and salary

The job must be worked on-site at FSF's downtown Boston office. An on-site interview will be required with the executive director and other team members.

This job is a union position. The salary is fixed at $51,646.40 annually. Other benefits include:

  • conference travel opportunities,
  • full family health coverage through Blue Cross/Blue Shield's HMO Blue program,
  • subsidized dental plan,
  • four weeks of paid vacation annually,
  • seventeen paid holidays annually,
  • public transit commuting cost reimbursement,
  • 403(b) program through TIAA-CREF,
  • yearly cost-of-living pay increases, and
  • potential for an annual performance bonus.

Application instructions

Applications must be submitted via email to hiring@fsf.org. The email must contain the subject line "Web Developer". A complete application should include:

  • resume,
  • cover letter, and
  • links to any previous work online.

All materials must be in a free format (such as plain text, PDF, or OpenDocument, and not Microsoft Word). Email submissions that do not follow these instructions will probably be overlooked. No phone calls, please.

Applications will be reviewed on a rolling basis until the position is filled. To guarantee consideration, submit your application by Wednesday, May 27th, 10:00AM EDT.

The FSF is an equal opportunity employer and will not discriminate against any employee or application for employment on the basis of race, color, marital status, religion, age, sex, sexual orientation, national origin, handicap, or any other legally protected status recognized by federal, state or local law. We value diversity in our workplace.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

May 07, 2015 07:25 PM

gnubik @ Savannah

Gnubik 2.4.2 has been released.

Gnubik Version 2.4.2 has been released.

Gnubik is a 3D single player game which displays an interactive cube similar to the well known Rubik Cube.

This is a minor release to update localasations.

The primary download location is http://ftp.gnu.org/gnu/gnubik
Nearby mirrors are listed at http://ftpmirror.gnu.org/gnubik

by John Darrington at May 07, 2015 07:20 AM

liquidwar6 @ Savannah

Release of Liquid War 6 0.6.3902

This is a bug-fix release, network still only works at a prototype stage. However, a bunch of bugs have been fixed, including a good deal show-stoppers which were preventing the game from starting some os OS/hardware combinations.

Have a nice day,

Christian.

by Christian Mauduit at May 07, 2015 04:46 AM

May 05, 2015

FSF News

Community is the focus of 2015's International Day Against DRM

The groups are united in envisioning a world without Digital Restrictions Management (DRM), technology that places arbitrary restrictions on what people can do with digital media, often by spying on them. As the largest anti-DRM event in the world, the International Day Against DRM is an important counterpoint to the pro-DRM message broadcast by powerful media and software companies. The Day is coordinated by Defective by Design, the anti-DRM campaign of the Free Software Foundation.

This year, community members are the highlight of the Day. Activists have organized twelve events in Bangladesh, Canada, England, Guatemala, Italy, the Netherlands, Portugal, the US, and Greece (as of May 5th).

Map of events for the 2015 International Day Against DRM

Events in at least nine countries. See dayagainstdrm.org for the most up-to-date list.

Four individuals with unique perspectives also worked with Defective by Design to write community posts: two blind anti-DRM activists, an anti-DRM tech librarian, and a social scientist/activist analyzing the rise of DRM in streaming media services.

Bookstores and publishers, including O'Reilly Media, are offering sales on DRM-free media and advocacy organizations allied with Defective by Design will also be making official statements. Activists in Russia, Romania, and France have already translated the anti-DRM flyer into their native languages, and more translations are in progress. More groups are expected to join on the day itself.

Zak Rogoff, campaigns manager for the Free Software Foundation, said "Powerful entertainment and technology companies use DRM to restrict our use of digital media, demanding control over our computers and network connections in the process. Our community is doing everything we can to organize and build tools to protect our freedom. Our opponents are strong enough to have the government on their side in most countries, but when we come together, we are strong too."

Individuals can participate with a variety of online and in-person actions on dayagainstdrm.org, from media downloads to gatherings. To be part of Defective by Design's year-round anti-DRM campaigns, supporters can join the low-volume Action Alerts email list or join the discussion on the email discussion list or #dbd IRC channel. Media stores, activist organizations and other groups interested in participating in the International Day Against DRM today or in 2016 should contact info@defectivebydesign.org.

About Defective By Design

Defective by Design is the Free Software Foundation's campaign against Digital Restrictions Management (DRM). DRM is the practice of imposing technological restrictions that control what users can do with digital media, creating a good that is defective by design. DRM requires the use of proprietary software and is a major threat to computer user freedom. It often spies on users as well. The campaign, based at defectivebydesign.org, organizes anti-DRM activists for in-person and online actions, and challenges powerful media and technology interests promoting DRM. Supporters can donate to the campaign at https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=40.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

Media Contact

Zak Rogoff
Campaigns Manager
Free Software Foundation
(202) 489-6887
campaigns@fsf.org

###

May 05, 2015 09:40 PM

May 04, 2015

GNU Remotecontrol

Newsletter – May 2015

THIS MONTH…..

  • TRENDS
  • EYE CATCHING
  • ANNUAL PLAN
  • DISCUSSIONS
  • EXISTING CODE
  • SECURITY
  • LASTLY
 TRENDSThe stuff going on in the big picture now

United States Electricity Price per KWH
Present and Past

 

February March Trend % Change
$0.138 $0.136 Decrease -1.45%

 

Year March Trend % Change % Since Difference
2005 $0.094 Same 0.00% 0.00% 0.00%
2006 $0.109 Increase 15.96% 15.96% 15.96%
2007 $0.113 Increase 3.67% 20.21% 4.26%
2008 $0.116 Increase 2.65% 23.40% 3.19%
2009 $0.126 Increase 8.62% 34.04% 10.64%
2010 $0.125 Decrease -0.79% 32.98% -1.06%
2011 $0.127 Increase 1.60% 35.11% 2.13%
2012 $0.127 Same 0.00% 35.11% 0.00%
2013 $0.128 Increase 0.79% 36.17% 1.06%
2014 $0.135 Increase 5.47% 43.62% 7.45%
2015 $0.136 Increase 0.74% 44.68% 1.06%

United Kingdom Utility Prices
Present and Past

London by night, seen from the International Space Station

EYE CATCHINGThe stuff that has caught our eye

Demand Response
The United States Congress has passed legislation forcing electric water heaters of a particular size to be connected to the national Smart Grid, under the discretion of the Secretary of Energy. The President of the United States has signed this bill into law. The exact language of the law states:

“(ii) GRID-ENABLED WATER HEATER.—The term ‘grid-enabled water heater’ means an electric resistance water heater that—
“(I) has a rated storage tank volume of more than 75 gallons;
“(II) is manufactured on or after April 16, 2015;

The connection methodology of this law states:
“(iv) REQUIREMENTS.—In carrying out this paragraph, the Secretary shall require that grid-enabled water heaters be equipped with communication capability to enable the grid-enabled water heaters to participate in ancillary services programs if the Secretary determines that the technology is available, practical, and cost-effective.”;

It is recommended to read the entire law, to completely understand the scope of the impact. The biggest impact is residential housing is now mandated to connect to the Smart Grid, given these specifications, meaning irrevocable cultural impact. It is reasonable to conclude other residential technologies will also be required to connect to the Smart Grid at some future date, through some form of federal legislation.

The United States Supreme Court recently reviewed the request to have the Federal Energy Regulatory Commission (FERC) both define and regulate Demand Response. The court has announced they have accepted the case. An analysis of the announcement is presented. A recent article affirms there is no certainly in Demand Response efforts until authority is both defined and assigned.

Smart Grid – Consumer
The first Quadrennial Energy Review (QER) is complete. An article reviewing thirteen key findings from the QER shows a decoupling of electricity demand and economic growth. This could make sense, if a productive economy using much energy, such as factories, existed compared to a consumer and services economy. This decoupling finding does not match other economic data, claiming high factory output nationally. The QER will take a few years for analysts and statisticians to consume and understand. If this decoupling claim is true, then the electrical industry has truly shifted to consumer dominance. A relevant article supports this reasoning. The latest study on Smart Grid efficiency benefits finds there is a clear need for much more research data to understand if efficiency gains are occurring. This data will not be available until more technologies are developed, such as a specification for an internationally accepted technology standard for the residential network connected HVAC thermostat. A recent survey shows most consumers essentially care about an even spread of topics, though with more on the environmental side. An economic commentary supports the position efficiency gains will only come when the utility and the consumer are each participating in a mutually beneficial relationship. There is more and more indication this relationship will need an extremely detailed billing statement before either party will commit to finding efficiency gains. A commentator is convinced there is plenty of marketing in play, but little hard evidence one way or the other, until more data is captured to prove how to obtain efficiency. It is our considered opinion this data will not be obtained until there is more agreement on international standards, structured testing is achieved, and the data is accredited. A lack of agreement on testing can easily invalidate any data obtained by testing.

Smart Grid – Producer
A recent article clearly states the future for any utility mandates improved grid resiliency. This improvement is constantly questioned by the impact of weather on any resiliency goals. Another article affirms the position the Smart Grid does offer safer options compared to the grid technologies of today. A research effort shows the Smart Grid business drivers are coming from power-hungry states. This is no surprise, but affirmation the market plays a big part in driving technology adoption. There is clear evidence to justify upgrading any grid segment with suitable information technologies.

Smart Grid – Security
An article discussing a recent speech, regarding security and the Internet of Things impacting the electric supply industry. The voiced concern is change is happening too fast, while system patching and updating are struggling to occur. The resulting risk is too many new technologies impacting older technologies with results unable to be seen, due to poor structured testing. The unstated recommendation is to either slow down implementing unproven technologies or improve testing methodologies.

ANNUAL PLAN

Status of our 2015 Plan

ModelViewController

  • More work on the items addressed in the April 2015 newsletter.

Translation Subsystem

  • More work on the items addressed in the April 2015 newsletter.

ANSI C

  • More work on the items addressed in the April 2015 newsletter.

Talk to us with your comments and suggestions on our plan for the next year.

DISCUSSIONS

WHEN?
We are receiving various emails, asking when we will release version 2.0 to the public. We are pleased to hear the interest and demand. We plan to have version 2.0 ready for enterprise usage. We have a substantial structured testing effort to accomplish, to justify the position we are ready for enterprise usage. The combination of Model-View-Controller and further automation efforts will help us deliver on being ready to interface with other existing software technologies. Please contact us, if you would like to participate in the completion of version 2.0.

OTHER TYPES OF THERMOSTATS?
Many people have asked us about adding other types of thermostats to GNU remotecontrol. There are three questions that need to be answered before we can offer GNU remotecontrol support for any IP thermostat. These questions are:

  • How to CONNECT to it (NETWORK).
  • How to READ from it (CODE).
  • How to WRITE to it (CODE).

It is our hope to have dozens and dozens of thermostat types that work with GNU remotecontrol. Let us know if you designed or manufactured a device and you would like to test it with GNU remotecontrol.

EXISTING CODEThe stuff you may want to consider

BUGS
We have 3 new bugs and 2 fixed bugs since our last Blog posting. Please review these changes and apply to your GNU remotecontrol installation, as appropriate.

TASKS
We have 0 new tasks and 0 completed tasks since our last Blog posting. Please review these changes and apply to your GNU remotecontrol installation, as appropriate.

SECURITYThe stuff you REALLY want to consider

F-E-A-R
A good acronym for the term fear is False Evidence Assuming Reality. We do not support the position of not acting, for the sake of waiting. Neither do we support the position of acting without considering and preparing. Achieving an internationally accepted technology standard for the residential network connected HVAC thermostat is part of our strategy to implement GNU remotecontrol. Structured testing of version 2.0 is also part of our strategy. Providing assured evidence and assuming nothing helps to keep reality, well…real.

REMEMBER
GNU remotecontrol relies on OS file access restrictions, Apache authentication, MySQL authentication, and SSL encryption to secure your data. Talk to us you want to find out how you can further strengthen the security of your system, or you have suggestions for improving the security of our current system architecture.

LASTLY

Whatever you do…..don’t get beat up over your Energy Management strategy. GNU remotecontrol is here to help simplify your life, not make it more complicated. Talk to us if you are stuck or cannot figure out the best option for your GNU remotecontrol framework. The chances are the answer you need is something we have already worked through. We would be happy to help you by discussing your situation with you.

…..UNTIL NEXT MONTH!

Why the Affero GPL?

GNU Affero General Public License LOGO

GNU remotecontrol LOGO


by gnuremotecontrol at May 04, 2015 11:08 PM

FSF Events

Richard Stallman to speak in Paris, France

This speech by Richard Stallman will be nontechnical, admission is gratis, and the public is encouraged to attend.

Speech topic and exact location to be determined.

Please fill out our contact form, so that we can contact you about future events in and around Paris.

May 04, 2015 01:47 PM