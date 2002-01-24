from the how-low-can-you-go? dept.
Bryan Lunduke has gone over the 2023 Linux Foundation report. He has observed that the foundation spends even less on the kernel than ever, both in absolute dollars and in percentage of the budget. It spends around 2% on Linux and 98% on everything else.
While it's true that The Linux Foundation continues to grow substantially -- now bringing in over a quarter of a Billion dollars per year (seriously) -- the total amount spent on the Linux kernel dropped roughly $400,000 in 2023. (Not surprising as The Lunduke Journal previously pointed out that lowering the total support of Linux appeared to be the goal.)
- The percentage of The Linux Foundation revenue spent on Linux dropped in 2023.
- And the total amount spent dropped as well.
- All while funding of non-Linux projects (such as AI and Blockchain) continued to dominate.
As many notice, budget aside, the foundation does not advance or promote the kernel, rather the opposite. It represents its members' corporate interests inside kernel development. Bruce Perens pointed out about six years ago that the membership the basically amounts to a GPL infringers club.
Related Stories
Blogger Daniel Lange takes a look at the Linux Foundation's 2020 annual report, and concludes that it was produced with Adobe, which is not available on Linux. Further sleuthing by a commentator reveals that the original was created on Microsoft Word. Stock images used for illustration mostly show Apple MacBooks. This is what you get for a $148 million annual budget.
No dog food today - the Linux Foundation annual report.
Linux Foundation unveils Sigstore:
The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks.
As demonstrated by the recent dependency confusion attacks and malicious typo-squatted NPM packages, the open-source ecosystem is commonly targeted for supply-chain attacks.
To pull these attacks Zaza, threat actors will create malicious open-source packages and upload them to public repositories using names similar to popular legitimate packages. If a developer mistakenly includes the malicious package in their own project, malicious code will automatically be executed when the project is built.
[...] To prevent these types of attacks, 'sigstore' will be a free-to-use non-profit software signing service that allows developers to sign open-source software and verify their authenticity.
"You can think of it like Let's Encrypt for Code Signing. Just like how Let's Encrypt provides free certificates and automation tooling for HTTPS, sigstore provides free certificates and tooling to automate and verify signatures of source code."
"Sigstore also has the added benefit of being backed by transparency logs, which means that all the certificates and attestations are globally visible, discoverable and auditable," Google explained in a blog post today.
Sigstore is built around short-lived certificates based on OpenID Connect grants, public Transparency Logs, and a special Root CA allocated for just code-signing.
Linux Foundation Launches Open 3D Foundation, Amazon Lumberyard Spun As Open 3D Engine
The Linux Foundation and their partners are today announcing their intent to form the Open 3D Foundation to help foster 3D game and simulation technologies. As a key part of this new Open 3D Foundation, Amazon's Lumberyard game engine that started off based on CryEngine is going to see an Apache 2.0 licensed copy made available as the Open 3D Engine (O3DE).
An "updated version" of Amazon's Lumberyard game engine is going to form the basis of the new Open 3D Engine being maintained by the Open 3D Foundation. Amazon previously made Lumberyard available on GitHub while keeping to a proprietary license but this move is indeed seeing Open 3D Engine made available under an Apache 2.0 license and "unencumbered by commercial terms and will provide the support and infrastructure of an open source community through forums, code repositories, and developer events."
[...] Besides Amazon AWS being involved with the Linux Foundation's new Open 3D Foundation, other notable vendors involved include AccelByte, Adobe, Apocalpyse Studios, International Game Developers Association, Niantic, PopcornFX, Red Hat, and Wargaming, among others.
The Open 3D Foundation website will be opening up today at o3d.foundation.
It will be interesting to see how this Open 3D Foundation and Open 3D Engine evolve over the months ahead. In today's embargoed news release there was no real mention of this being about Linux gaming -- while being an initiative backed by the Linux Foundation -- but rather a move about fostering open-source 3D efforts across vendors.
Linux Foundation launches new organization to maintain TLA+:
The LinuxFoundation, the nonprofit tech consortium that manages various open source efforts, today announced the launch of the TLA+ Foundation to promote the adoption and development of the TLA+ programming language. AWS, Oracle and Microsoft are among the inaugural members.
What is the TLA+ programming language, you ask? It's a formal "spec" language developed by computer scientist and mathematician Leslie Lamport. Best known for his seminal work in distributed systems, Lamport — now a scientist at Microsoft Research — created TLA+ to design, model, document and verify software programs — particularly those of the concurrent and distributed variety.
[...] "TLA+ is unique in that it's intended for specifying a system, rather than for implementing software," a Linux Foundation spokesperson told TechCrunch via email. "Based on mathematical concepts, notably set theory and temporal logic, TLA+ allows for the expression of a system's desired correctness properties in a formal and rigorous manner."
TLA+ includes a model checker and theorem prover to verify if a system's specification satisfies its desired properties. The goal is to assist developers with reasoning about systems above the code level, uncovering and preventing design flaws (hopefully) before they evolve into bugs during the later stages of software engineering.
(Score: 2) by crafoo on Wednesday January 03, @04:57AM
kernel development? booooooooring. we have DEI paperwork to process, nerds.
(Score: 2) by krishnoid on Wednesday January 03, @05:23AM
This is great! Now we know who they are, and that they have deep pockets. Let the lawsuit filings begin!