'a D3 plugin for visualizing time series. Use Cubism to construct better realtime dashboards.' Apache-licensed; nice realtime update style; overlays multiple data sources well. I think I now have a good use-case for this

'a set of adapters for complete interoperability between 10 popular construction toys.' this is like a patent-infringement lawsuit magnet, surely. Will make an interesting test case...

'Do intellectual property (IP) rights on existing technologies hinder subsequent
innovation? Using newly-collected data on the sequencing of the human genome by
the public Human Genome Project and the private rm Celera, this paper estimates
the impact of Celera's gene-level IP on subsequent scientic research and product
development. Genes initially sequenced by Celera were held with IP for up to two
years, but moved into the public domain once re-sequenced by the public eort.
Across a range of empirical specications, I nd evidence that Celera's IP led to
reductions in subsequent scientic research and product development on the order of
20 to 30 percent. Taken together, these results suggest that Celera's short-term IP
had persistent negative eects on subsequent innovation relative to a counterfactual
of Celera genes having always been in the public domain.' (via Tony Finch)

An amazing article, via Nelson Minar -- careful examination of the evolution of chess programs over the past 8 years appears to show clear signs of code/algorithm copying and unauthorised reverse engineering -- by many of the developers. 'Dr Søren Riis of Queen Mary University in London shows how most programs (legally) profited from Fruit, and subsequently much more so from the (illegally) reverse engineered Rybka. Yet it is Vasik Rajlich who was investigated, found guilty of plagiarism, banned for life, stripped of his titles, and vilified in the international press – for a five-year-old alleged tournament rule violation. Ironic.'

Amazing response to a security bug report. 'what's happening in this bug report right now is a perfect example of how *not* to do security response. When faced with two people who clearly know a few things about secure coding, rather than taking their advice and actually fixing the root cause of the problem (or abandon it as a hopeless situation, which is probably the more appropriate response), you've chosen to waste our time by demanding that we write weaponized exploits to exploit what most people already know to be exploitable. To top it off, when shown repeatedly how your half-baked "fixes" don't actually fix anything, rather than taking our advice you just add another small hurdle that can be trivially bypassed. It would be sad if it weren't so funny. I've decided that it's time to stop beating a dead horse. Usually I get paid good money to own software this hard, and I don't think you're worth making an exception. Best of luck, I'm sure you'll figure it out eventually.'

'I’m going to talk about the costs associated with modifying and maintaining free software “out of tree” – that is, when you don’t work with the developers of the software to have your changes integrated. But I’m also going to talk about the costs of working with upstream projects. It can be easy for us to forget that working upstream takes time and money – and we ignore that to our peril. It’s in our interests as free software developers to make it as cost-effective as possible for people to work with us.

Hopefully, if you’re a commercial developer, you’ll come away from this article with a better idea of when it’s worthwhile to work upstream, and when it isn’t. And if you’re a community developer, perhaps this will give you some ideas about how to make it easier for people to work with you.'

Oisin Hurley on viable strategies for a commercial software company to handle participation in open source. Shame I've never found anywhere to viably put these into action, but they sound accurate

'Storing 50,000 2.5KB items in a traditional hash set requires over 125MB, but if you're willing to accept a 1-in-10,000 false positive rate on lookups, [this] bloom filter requires under 500KB' - interesting variation on the basic concept.  Java, Apache-licensed

'I would like to call it "B.E.S.T. Scanner" so people kind of get stuck calling it "the best scanner". We can figure out what BEST means later.' omgwtf. Is this guy 12 years old?

from a former SixApart PM. I'd put my money on "unambiguously free" (ie. OSS) which in turn drives the developer ecosystem, myself

'Preconditions, postconditions, and invariants are added as Java boolean expressions inside annotations.'  nice

YA make-replacement build system. the thread is better than the linked article, btw

'we are supporting the WebM (VP8) and Theora video codecs, and will consider adding support for other high-quality open codecs in the future. Though H.264 plays an important role in video, as our goal is to enable open innovation, support for the codec will be removed and our resources directed towards completely open codec technologies.'

'to help citizens access to high value, machine readable datasets generated by the Irish Government and public sector authorities; to improve access to the Irish Government data and to establish an innovative platform that can demonstrate to government how and why they should share data'

'It is alleged that some ex-developers (and the company<br />
they worked for) accepted US government money to put backdoors into [the OpenBSD] network stack, in particular the IPSEC stack. Around 2000-2001'

'a (python) library and a tool to clusterize similar files using fuzzy hashing techniques. This project is inspired by the well known tool ssdeep.' Via Nelson

'A set of programs for creating, manipulating, and outputing a stream of Records, or hashes. Inspired by Monad.' looks very powerful

Twitter seem to be attempting to control misbehaving clients, by using the "consumer key" pair as a secret key for app developers. This is proving impossible for FOSS clients to work with, and is trivially hacked to allow third-party app impersonation. Bad idea, Twitter

'Solaris is the #1 Enterprise Operating System. We have the leading<br />
share of business applications on Solaris today, including both SPARC<br />
and x64. We have more than twice the application base of AIX and HP-UX combined.' Well, that about sums it up. Enterprisey!

on "Haystack", a vaporous censorship-evading product aimed at Iran's internet surveillance, which as of yet is a site soliciting donations and a lot of press, and not a lot of techie details

open audio/video for the web, from Google; VP8 video codec, Ogg for audio, and a subset of Matroska as the container format. still a patents minefield, though, I'd guess

yay, Red Hat beat down patent troll IP Innovation, L.L.C. (a subsidiary of Acacia Technologies), in East Texas no less

version 0.94.x got end-of-lifed a year after the release of .95, to fix a bug that would increase bandwidth consumption on their mirrors. To mandate upgrades, the devs sent a kill-switch trigger to .94 installations in the field. chaos ensues, unsurprisingly

this year's open-source BarCamp, in Dublin, April 17th. no way I'll be able to get a talk together (again) but hopefully I can attend ;)

woot!

Google resync to the latest kernel every 17 months or so -- not bad, actually

'an open source version of the scalable, non-blocking web server and tools that power FriendFeed. The FriendFeed application is written using a web framework that looks a bit like web.py or Google's webapp, but with additional tools and optimizations to take advantage of the underlying non-blocking (epoll) infrastructure.'

'I work for a for-profit company that is willing to sponsor projects in exactly the way described in this article. We are looking for (a) control, (b) stability, and (c) a development model that is cheaper than doing it ourselves. If such cooperatives existed we would be interested in them. I'm sure we are not alone, because this is how all for-profit businesses tend to think. The cooperative is a viable model because of the way it reinforces and maximizes member interests.'

wow, sounds good! looking forward to this hitting production-ready status

Canonical _finally_ open source (under the AGPL) their bug tracker/project hosting platform. yay! here's hoping it's reasonably easy to deploy. maybe it would be viable for the ASF... hmm