Adobe made a surprise announcement at the annual ATypI conference
in Barcelona, Spain, releasing one of the company's proprietary font-production tools under an open-source license. In
addition, the team convinced another popular font-development project
to release its core library as open source, too. Adobe
framed the release as a move designed to
help improve the quality of fonts produced with any application, but
there may be other benefits as well—such as increasing the
spread of Adobe's own open fonts.
The GNOME project has released GNOME 3.14. "This is another exciting release for GNOME, and brings many new features
and improvements, including multitouch, captive portal support, greatly
improved sharing settings. This release also includes improved and
redesigned applications for weather, maps, PDF viewing, running VMs,
The Wayland support has matured to the point where it is ready for
day-to-day use." See the release notes
Bruce Schneier is a cryptographer and security specialist who is
well-known in computer circles even though he has often branched into more
general security areas in recent years. His blog is a great source of
security news (and, of "quotes of the week" for the Security page, as readers
know). Beyond all that, he travels to many security conferences to give
talks, which is just what he did at AppSec USA in Denver on
ACM's Queue has a
lengthy article on the security failures in the HTTPS layer and the
prospects for improvement. "This article outlines the systemic
vulnerabilities of HTTPS, maps the thriving market for certificates, and
analyzes the suggested regulatory and technological solutions on both sides
of the Atlantic.
post from Peter Hutterer on why the X.Org input stack is a mess and the
new "libinput" stack is needed. "It looks like a big happy family at
first, but then you see that synaptics won't talk to evdev because of the
tapping incident a couple of years back, mouse and keyboard have no
idea what forks and knives are for, wacom is the hippy GPL cousin that
doesn't even live in the same state and no-one quite knows why elographics
keeps getting invited.
Ars Technica takes
a look at Kali Linux NetHunter, a penetration testing platform for
Nexus devices. "NetHunter is still in its early stages, but it already includes the ability to have the Nexus device emulate a USB human interface device (HID) and launch keyboard attacks on PCs that can be used to automatically elevate privileges on a Windows PC and install a reverse-HTTP tunnel to a remote workstation.
The Fedora project has released Fedora 21 Alpha. This is the first release
of Fedora.next, which introduces three products rather than the traditional
single deliverable. The Fedora 21 Base includes only the base set of
packages (such as kernel, RPM, yum, systemd, and Anaconda) used by all the
products. Fedora 21 Cloud includes images for use in private cloud
environments like OpenStack, as well as AMIs for use on Amazon, and a new
image streamlined for running Docker containers.
opensource.com article holds out Ansible as an example of a project
worth emulating and delves into the reasons for its success. "The
idea that a user can try something out over a lunch break, and understand
it—and then learn what is left to learn—is a key success driver for open
source software. Too many projects fail needlessly because they don’t
invest in this critical idea."