"Most code remains closed and proprietary, even though open source now dominates enterprise platforms," notes Matt Asay, former COO at Canonical (and an emeritus board member of the Open Source Initiative). "How can that be?" he asks, in an essay noting it's been almost 20 years since the launch of the Open Source Initiative, arguing that so far open source "hasn't changed the world as promised." [T]he reason most software remains locked up within the four walls of enterprise firewalls is that it's too costly with too small of an ROI to justify open-sourcing it. At least, that's the perception. Such a perception is impossible to break without walking the open source path, which companies are unwilling to walk without upfront proof. See the problem? This chicken-and-egg conundrum is starting to resolve itself, thanks to the forward-looking efforts of Google, Facebook, Amazon, and other web giants that are demonstrating the value of open-sourcing code.

Although it's unlikely that a State Farm or Chevron will ever participate in the same way as a Microsoft, we are starting to see companies like Bloomberg and Capital One get involved in open source in ways they never would have considered back when the term "open source" was coined in 1997, much less in 2007. It's a start. Let's also not forget that although we have seen companies use more open source code over the past 20 years, the biggest win for open source since its inception is how it has changed the narrative of how innovation happens in software. We're starting to believe, and for good reason, that the best, most innovative software is open source.
The article strikes a hopeful note. "We're now comfortable with the idea that software can, and maybe should, be open source without the world ending. The actual opening of that source, however, is something to tackle in the next 20 years.

A developer on the Internal Tools team at Stack Overflow reveals some new statistics from their 'Trends' tool: JavaScript UI frameworks and libraries work in cycles. Every six months or so, a new one pops up, claiming that it has revolutionized UI development. Thousands of developers adopt it into their new projects, blog posts are written, Stack Overflow questions are asked and answered, and then a newer (and even more revolutionary) framework pops up to usurp the throne...

There appears to be a quick ascent, as the framework gains popularity and then a slightly less quick but steady decline as developers adopt newer technologies. These lifecycles only last a couple of years. Starting around 2011, there seems to be major adoption of a couple of competing frameworks: Backbone, Knockout, and Ember. Questions about these tags appear to grow until around 2013 and have been in steady decline since, at about the same time as AngularJS started growing. The latest startup is the Vue.js framework, which has shown quick adoption, as it is one of the fastest growing tags on Stack Overflow. Only time can tell how long this growth will last.
"Let's be honest," the post concludes. "The size of a developer community certainly counts; it contributes to a thriving open source environment, and makes it easier to find help on Stack Overflow."

SourceForge on Tuesday introduced an overhaul of its website to give it a new look and add new features. Among the most notable additions, the popular repository, which hosts over 430,000 projects and 3.7 million registered developers, said it was creating a GitHub Importer tool which would enable developers to import their GitHub project to SourceForge and also sync their GitHub project file releases on SourceForce so they "can take advantage of the strengths of both platforms." In a blog post, the team wrote:We believe the open source community is always better served when there are multiple options for open source projects to live, and these options are not mutually exclusive. More improvements and new features are on track to be released throughout the year, the team wrote.

The Freedom of the Press Foundation is reporting that James Dolan, former Marine and co-creator of the whistleblower submission system SecureDrop alongside Aaron Swartz and Wired editor Kevin Poulsen, has died at age 36. He reportedly took his own life. Gizmodo reports: First deployed as StrongBox with The New Yorker, organizations such as the Washington Post, the New York Times, the Associated Press, and Gizmodo Media Group have all come to rely on SecureDrop -- which allows highly secure communication between journalists and sources in possession of sensitive information or documents. As an industry tool, it has become invaluable for reporters. Dolan joined the Freedom of the Press Foundation to maintain SecureDrop after co-creator Aaron Swartz took his life in 2013 at age 26, as pressure mounted in a federal investigation against him that many felt was overzealous. Memorial services have not yet been announced, and presently the circumstances of Dolan's death are not known.

Slashdot reader yeokm1 writes: The oldest x86 CPU that the Lnux kernel supports today is theoretically the 486. However is this theory actually true in practice? I decided to put this theory to the test in my project.
His site describes installing Gentoo Linux on an "ancient" IBM PS/1 Consultant 2133 19C (released in 1993), with 64MB SIMM-72 RAM. (Though to speed things up, he compiled that minimal version of Gentoo on a modern Thinkpad T430 released in 2012.) "Due to the age of the PC, the BIOS only supports booting from the floppy drive or internal HDD," so there was also some disk partitioning and kernel configuration. ("Must disable 64-bit kernel for obvious reasons!") A half-hour video shows that it takes almost 11 minutes just to boot up -- and five and a half minutes to shut down. "Despite the many roadblocks I faced, I was impressed by the level of support Linux has for ancient hardware like this."

And there's one more added bonus. "Given the age of the 486 (1989 technology), it does not support branch prediction... Ironically this makes it safe from the Meltdown and Spectre attacks."

An anonymous reader quotes Jason Perlow, the senior technology editor at ZDNet: Perhaps the Meltdown and Spectre bugs are the impetus for making long-overdue changes to the core DNA of the semiconductor industry and how chip architectures are designed... Linux (and other related FOSS tech that forms the overall stack) is now a mainstream operating system that forms the basis of public cloud infrastructure and the foundational software technology in mobile and Internet of Things (IoT)... We need to develop a modern equivalent of an OpenSPARC that any processor foundry can build upon without licensing of IP, in order to drive down the costs of building microprocessors at immense scale for the cloud, for mobile and the IoT. It makes the $200 smartphone as well as hyperscale datacenter lifecycle management that much more viable and cost-effective.

Just as Linux and open source transformed how we view operating systems and application software, we need the equivalent for microprocessors in order to move out of the private datacenter rife with these legacy issues and into the green field of the cloud... The fact that we have these software technologies that now enable us to easily abstract from the chip hardware enables us to correct and improve the chips through community efforts as needs arise... We need to stop thinking about microprocessor systems' architectures as these licensed things that are developed in secrecy by mega-companies like Intel or AMD or even ARM... The reality is that we now need to create something new, free from any legacy entities and baggage that has been driving the industry and dragging it down the past 40 years. Just as was done with Linux.
The bigger question is which chip should take its place. "I don't see ARM donating its IP to this effort, and I think OpenSPARC may not be it either. Perhaps IBM OpenPOWER? It would certainly be a nice gesture of Big Blue to open their specification up further without any additional licensing, and it would help to maintain and establish the company's relevancy in the cloud going forward.

"RISC-V, which is being developed by UC Berkeley, is completely Open Source."

BrianFagioli writes: About 16 years ago, a for-pay Linux distribution caused quite a stir all because of its name -- Lindows. Yes, someone actually thought kicking the billion dollar hornets nest that is Microsoft by playing off of the "Windows" name was a good idea. To be honest, from a marketing perspective, it was brilliant -- it got tons of free press. Microsoft eventually killed the Lindows name by use of money and the legal system, however. Ultimately, the Linux distro was renamed "Linspire." Comically, there was a Lindows Insiders program way before Windows Insiders!

After losing the Lindows name, the operating system largely fell out of the spotlight, and its 15 minutes of fame ended. After all, without the gimmicky name, it was hard to compete with free Linux distros with a paid OS. Not to mention, Richard Stallman famously denounced the OS for its non-free ways. The company eventually created a free version of its OS called Freespire, but by 2008, both projects were shut down by its then-owner, Xandros. Today, however, a new Linspire owner emerges -- PC/OpenSystems LLC. And yes, Lindows is rising from the grave -- as Freespire 3.0 and Linspire 7.0!

"Today the development team at PC/Opensystems LLC is pleased to announce the release of Freespire 3.0 and Linspire 7.0. While both contain common kernel and common utilities, they are targeted towards two different user bases. Freespire is a FOSS distribution geared for the general Linux community, making use of only open source components, containing no proprietary applications. This is not necessarily a limitation : through our software center and extensive repositories, Freespire users can install any application that they wish," says PC/OpenSystems LLC.
Back in 2003 the CEO of Lindows answered questions from Slashdot readers.

The first question was "Why oh why?"

The CEO of Wireline -- a cloud application marketplace and serverless architecture platform -- is pushing for an open source development fund to help sustain projects, funded by an initial coin offering. "Developers like me know that there are a lot of weak spots in the modern internet," he writes on MarketWatch, suggesting more Equifax-sized data breaches may wait in our future. In fact, many companies are not fully aware of all of the software components they are using from the open-source community. And vulnerabilities can be left open for years, giving hackers opportunities to do their worst. Take, for instance, the Heartbleed bug of 2014... Among the known hacks: 4.5 million health-care records were compromised, 900 Canadians' social insurance numbers were stolen. It was deemed "catastrophic." And yet many servers today -- two years later! -- still carry the vulnerability, leaving whole caches of personal data exposed...

[T]hose of us who are on the back end, stitching away, often feel a sense of dread. For instance, did you know that much of the software that underpins the entire cloud ecosystem is written by developers who are essentially volunteers? And that the open-source software that underpins 70% of corporate America is vastly underfunded? The Heartbleed bug, for instance, was created by an error in some code submitted in 2011 to a core developer on the team that maintained OpenSSL at the time. The team was made up of only one full-time developer and three other part-timers. Many of us are less surprised that a bug had gotten through than that it doesn't happen more often.
The article argues that "the most successful open-source initiatives have corporate sponsors or an umbrella foundation (such as the Apache and Linux foundations). Yet we still have a lot of very deeply underfunded open-source projects creating a lot of the underpinnings of the enterprise cloud."

BrianFagioli shares a report from BetaNews: Earlier this year, we shared with you that a pre-release version of Kodi 18 "Leia" 64-bit for Windows was available. There was a big catch, however -- it was not up to par with its 32-bit brother. And so, many people just stuck with the 32-bit version, because, well... why not? It is finally time to make the jump to the 64-bit variant, however, as according to the Kodi team, it is now identical to the 32-bit version from a feature perspective. "The 64-bit Kodi version for Windows is now feature complete and on the same level as 32-bit. From now on the 32-bit installer will include a warning to ask you to install the 64-bit instead. This upgrade from 32-bit to 64-bit version is seamless and you just need to install on top of the old version," says Kodi.

New submitter Jose Deras writes: Nearly 35 years ago, Apple released its first computer with a graphical user interface, called the Lisa. Starting next year, the Computer History Museum will release the Apple Lisa OS for free as an open-source project. According to a new report from Business Insider, the Computer History Museum will release the code behind the Apple Lisa operating system for free as open source, for anyone to try and tinker with. The news was announced via the LisaList mailing list for Lisa enthusiasts.

"While Steve Jobs didn't create the Lisa, he was instrumental in its development. It was Jobs who convinced the legendary Xerox PARC lab to let the Apple Lisa team visit and play with its prototypes for graphical user interfaces," reads the report. "And while Apple at the time said that Lisa stood for 'Local Integrated System Architecture,' Jobs would later claim to biographer Walter Isaacson that the machine was actually named for his oldest daughter, Lisa Nicole Brennan-Jobs." "Then-Apple CEO John Sculley had Jobs removed from the Lisa project, which kicked off years-long animosity between the two," continues the report. "Ultimately, a boardroom brawl would result in Jobs quitting in a huff to start his own company, NeXT Computer. Apple would go on to buy NeXT in 1996, bringing Jobs back into the fold. By 1997, Jobs had become CEO of Apple, leading the company to its present status as the most valuable in the world."

Long-time Slashdot reader donaldrobertson writes: The Free Software Foundation on Thursday announced PureOS as an endorsed GNU/Linux distro. PureOS is an operating system focused on privacy, security and ease of use. Endorsement means the system meets the FSF's Free System Distribution Guidelines by providing and promoting only free software, with a dedication to making sure the system always remains free.

Suren Enfiajyan writes: Red Hat worker and GNOME blogger Christian F.K. Schaller wrote why GNU/Linux failed to become a mainstream desktop OS... "My thesis is that there really isn't one reason, but rather a range of issues that all have contributed to holding the Linux Desktop back from reaching a bigger market. Also to put this into context, success here in my mind would be having something like 10% market share of desktop systems. That to me means we reached critical mass."

He named the following reasons:

- A fragmented market
- Lack of special applications
- Lack of big name applications
- Lack of API and ABI stability
- Apple's resurgence
- Microsoft's aggressive response
- Windows piracy
- Red Hat mostly stayed away
- Canonical's business model not working out
- Lack of original device manufacturer support

Then he ended with some optimism:

"So anyone who has read my blog posts probably knows I am an optimist by nature. This isn't just some kind of genetic disposition towards optimism, but also a philosophical belief that optimism breeds opportunity while pessimism breeds failure. So just because we haven't gotten the Linux Desktop to 10% marketshare so far doesn't mean it will not happen going forward. It just means we haven't achieved it so far.

"One of the key identifiers of open source is that it is incredibly hard to kill, because unlike proprietary software, just because a company goes out of business or decides to shut down a part of its business, the software doesn't go away or stop getting developed. As long as there is a strong community interested in pushing it forward it remains and evolves, and thus when opportunity comes knocking again it is ready to try again."
The essay concludes desktop Linux has evolved and is ready to try again, since from a technical perspective it's better than ever. "The level of polish is higher than ever before, the level of hardware support is better than ever before and the range of software available is better than ever before...

"There is also the chance that it will come in a shape we don't appreciate today. For instance maybe ChromeOS evolves into a more full fledged operating system as it grows in popularity and thus ends up being the Linux on the Desktop end game? Or maybe Valve decides to relaunch their SteamOS effort and it provides the foundation for a major general desktop growth? Or maybe market opportunities arise that will cause us at Red Hat to decide to go after the desktop market in a wider sense than we do today? Or maybe Endless succeeds with their vision for a Linux desktop operating system...."

Open-source veteran Gaël Duval created Mandrake Linux in 1998. But in a new essay, he writes that "I realized that I had become lazy. Not only wasn't I using Linux anymore as my main operating system, but I was using a proprietary OS on my smartphone. And I was using Google more and more."

Long-time Slashdot reader nuand999 writes: He's creating a non-profit project called eelo.io that's going to release a "privacy-friendly" smartphone OS and associated web-services... eelo is going to be forked fromLineageOS, and will ship with the existing open source bricks put together into a consistent and privacy-enhanced, yet desirable, smartphone OS + web-services. A crowdfunding campaign has just started on Kickstarter to fuel early developments.
"iOS is proprietary and I prefer Open Source Software," Gaël writes on Hacker Noon, while also adding that "like millions of others, I'VE BECOME A PRODUCT OF GOOGLE... I'm not happy because Google has become too big and is tracking us by catching a lot of information about what we do. They want to know us as much as possible to sell advertising..."

"People are free to do what they want. They can choose to be volunteery slaves. But I do not want this situation for me anymore. I want to reconquer my privacy. My data is MY data. And I want to use Open Source software as much as possible."

Long-time Slashdot reader SlaveToTheGrind writes: As previously discussed on Slashdot, Grsecurity developer Open Source Security sued Bruce Perens for allegedly defamatory statements about Grsecurity's licensing policies. Thursday, Magistrate Judge Laurel Beeler of the District Court for the Northern District of California dismissed the lawsuit, holding that Perens's statements were not libelous:

"Mr. Perens counters, and the court agrees, that the blog posts are opinions about a disputed legal issue, are not false assertions of fact, and thus are not actionable libel. . . . Mr. Perens -- who is not a lawyer — voiced an opinion about whether the Grsecurity Access Agreement violated the General Public License. No court has addressed the legal issue. Thus, his "opinion" is not a "fact" that can be proven provably false and thus is not actionable as defamation."

While Open Source Security technically has the ability to amend its complaint to allege a new legal theory, Judge Beeler said any amendment likely would fall under California's anti-SLAPP statute: "Mr. Perens's statements were made in a public forum and concern issues of public interest, and the plaintiffs have not shown a probability of prevailing on their claims."

BrianFagioli shares a report from BetaNews: Speaking of Spotify, the most popular streaming music service in the world has long supported Linux-based operating systems. Installing the official app was not an easy affair, however. Today this changes, as installation gets much simpler. You see, Spotify is now officially available as a Snap for easy installation on any Snap-supporting operating systems such as Ubuntu and Linux Mint. Canonical, the creator of both Ubuntu and Snaps, explains, "Snaps are containerized software packages designed to work perfectly and securely in any Linux environment. As well as supporting all major Linux systems from a single build, snaps can be also updated or rolled back automatically to ensure that users are always benefiting from the latest version of the application. Since their launch last year, close to 2,500 snaps have been released by developers as they adopt the format for its reliability and security."

Jamie Bennett, VP of Engineering, Devices & IoT, Canonical says, "In launching their own snap, Spotify has ensured that their users in the Linux ecosystem are now able to enjoy the latest version of their leading music streaming application as soon as it's released regardless of which distribution they are using. We're glad to welcome Spotify to the snaps ecosystem and look forward to unveiling more leading snaps in 2018."

New submitter samleecole shares a report from Motherboard: There's a video of Gal Gadot having sex with her stepbrother on the internet. But it's not really Gadot's body, and it's barely her own face. It's an approximation, face-swapped to look like she's performing in an existing incest-themed porn video. The video was created with a machine learning algorithm, using easily accessible materials and open-source code that anyone with a working knowledge of deep learning algorithms could put together. It's not going to fool anyone who looks closely. Sometimes the face doesn't track correctly and there's an uncanny valley effect at play, but at a glance it seems believable. It's especially striking considering that it's allegedly the work of one person -- a Redditor who goes by the name 'deepfakes' -- not a big special effects studio that can digitally recreate a young Princess Leia in Rouge One using CGI. Instead, deepfakes uses open-source machine learning tools like TensorFlow, which Google makes freely available to researchers, graduate students, and anyone with an interest in machine learning. Anyone could do it, and that should make everyone nervous.

"Systemd developers split the community over a tiny detail that decreases stability significantly and increases complexity for not much real value." So argues Nico Schottelius, talking about his experiences as the CEO of a Swiss company providing VM hosting, datacenters, and high-speed fiber internet. Long-time Slashdot reader walterbyrd quotes Nico's essay: While I am writing here in flowery words, the reason to use Devuan is hard calculated costs. We are a small team at ungleich and we simply don't have the time to fix problems caused by systemd on a daily basis. This is even without calculating the security risks that come with systemd. Our objective is to create a great, easy-to-use platform for VM hosting, not to walk a tightrope...

[W]hat the Devuan developers are doing is creating stability. Think about it not in a few repeating systemd bugs or about the insecurity caused by a huge, monolithic piece of software running with root privileges. Why do people favor Linux on servers over Windows? It is very easy: people don't use Windows, because it is too complex, too error prone and not suitable as a stable basis. Read it again. This is exactly what systemd introduces into Linux: error prone complexity and instability. With systemd the main advantage to using Linux is obsolete.
The essay argues that while Devuan foisted another choice into the community, "it is not their fault. Creating Devuan is simply a counteraction to ensure Linux stays stable. which is of high importance for a lot of people."

An anonymous reader writes: The Debian project is pleased to announce the third update of its stable distribution Debian 9 (codename stretch). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available. The Debian project also announces the tenth update of its oldstable distribution Debian 8 (codename jessie).

Please note that the point release does not constitute a new version of Debian 9 or 8 but only updates some of the packages included. There is no need to throw away old jessie or stretch DVD/CD media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror. This stable update adds a few important corrections to packages. New installation images will be available soon at the mirrors. Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release. One can use the apt command or apt-get command to apply updates. A step-by-step update guide is posted here.

jeditobe writes: OSNews reports that the latest version of ReactOS has been released: "ReactOS 0.4.7 has been released, and it contains a ton of fixes, improvements, and new features. Judging by the screenshots, ReactOS 0.4.7 can run Opera, Firefox, and Mozilla all at once, which is good news for those among us who want to use ReactOS on a more daily basis. There's also a new application manager which, as the name implies, makes it easier to install and uninstall applications, similar to how package managers on Linux work. On a lower level, ReactOS can now deal with Ext2, Ext3, Ext4, BtrFS, ReiserFS, FFS, and NFS partitions." General notes, tests, and changelog for the release can be found at their respective links. A less technical community changelog for ReactOS 0.4.7 is also available. ISO images are ready at the ReactOS Download page.

An anonymous reader writes: "On December 1st, 24 Pull Requests will be opening its virtual doors once again, asking you to give the gift of a pull request to an open source project in need," writes UK-based software developer Andrew Nesbitt -- noting that last year the site registered more than 16,000 pull requests. "And they're not all by programmers. Often the contribution with the most impact might be an improvement to technical documentation, some tests, or even better -- guidance for other contributors."

This year they're even touting "24 Pull Requests hack events," happening around the world from Lexington, Kentucky to Torino, Italy. (Last year 80 people showed up for an event in London.) "You don't have to hack alone this Christmas!" suggests the site, also inviting local communities and geek meetups (as well as open source-loving companies) to host their own events.
Contributing to open source projects can also beef up your CV (for when you're applying for your next job), the site points out, and "Even small contributions can be really valuable to a project."

"You've been benefiting from the use of open source projects all year. Now is the time to say thanks to the maintainers of those projects, and a little birdy tells me that they love receiving pull requests!"