Monday, March 16, 2009 at 4:30 PM
The Jaiku code base is now Open Source and running on Google App Engine. Everyone is welcome and encouraged to check out the code and help shape the future of Jaiku. You can find full details on the Jaikido Blog.
Open Source at Google
News about Google's Open Source projects and programs
Developers Wanted: JaikuEngine
The Jaiku code base is now Open Source and running on Google App Engine. Everyone is welcome and encouraged to check out the code and help shape the future of Jaiku. You can find full details on the Jaikido Blog.
Spreading the Summer Love is Easy!
at 1:41 PM
Google Summer of CodeTM is on, and it's time to spread the Summer love. As Leslie noted in a previous post, former students and mentors are hosting more than 20 informational sessions worldwide, from Peru to Switzerland. In the last two weeks, I have lead information sessions at universities around Chicago: The University of Chicago, Northwestern University, DePaul University, the Illinois Institute of Technology, and the University of Illinois at Chicago. I'd like to share some of my experiences organizing some of these sessions, to show you how easy it is to promote Google Summer of Code at your local colleges and universities.
So, let's say you've participated in Google Summer of Code as a student or mentor, and you want to spread the word about how great it is to flip bits, not burgers, during the summer. All you need is the following:
First of all, you're going to need an audience. More specifically, you want to get as many student coders from your local college or university in the same room. But what if you don't have any contacts at the university? Don't let this hinder you: try contacting the university's ACM or IEEE student chapter, Linux User Group, Computing Club, etc. Most universities have at least one, and they are usually listed in the website of the more computer-centered department on campus (typically Computer Science, Computer Engineering, or Electrical Engineering). Sometimes just typing http://acm.cs.foobar.edu/ is a surprisingly effective way of finding the ACM student chapter for Foobar University. If they're not listed anywhere, try the general contact e-mail for the department, and ask if there is some sort of student computing association on campus.
Once you've pinpointed the right group, contact them and introduce yourself as a former Google Summer of Code mentor/student. Ask them if they would be interested in hosting a GSoC informational session. These groups are generally accustomed to hosting external speakers, so they will probably be more than happy to host a talk and handle all the logistics for you (reserving a room, advertising the talk, plastering campus with flyers, etc.). All you'll have to do is show up and present. Even if the group you contact can't host a talk, you can ask them to alternatively just post flyers around campus, and forward the flyer to mailing lists that are populated by geeks.
Next, you need a presentation to deliver. Not to worry: There is an existing slideset you can use. Even if you don't plan on using slides, the slideset can help you structure your presentation. And if you need further inspiration, you can watch videos of other GSoC informational sessions. Using the Google-provided slideset, my presentations typically involved a 20 or 30 minute talk followed by a Q&A. If you'd like to invite other local GSoCers to speak along with you, the folks from Google's Open Source Programs Office can help put you in touch with other folks in your area. Make sure to let them know when your presentation is scheduled so it can be added to the program calendar.
Finally, you need time to deliver the presentation. Unless you're like me and work in academia, you probably can't sneak out of work for an hour or two in the middle of the day. In my experience, however, student associations tend to prefer scheduling these events in the evening, since there are no classes at that time and it makes it easier for students with jobs to attend. Just let them know what your time restrictions are, and they'll probably be able to accommodate them.
Do you have any other tidbits of advice on how to organize a GSoC information session? Let us know in the comments! In any case, I hope you'll join us in spreading a bit of Summer love.
Thandy: Secure Update for Tor
Friday, March 13, 2009 at 3:52 PM
Nick Mathewson, The Tor ProjectLong ago, Tor was a single executable that you could usefully run on its own. Over time, we added a relatively long list of recommended dependencies, including Privoxy to avoid DNS leaks, Vidalia for a user interface, and Torbutton for safe browsing. Now, due to the increasing complexity of our packages such as the Vidalia Bundle, the Tor Browser Bundle, and related projects, a full installation can contain five or more specially configured pieces of software.
We needed to help users keep all of this software updated. When we make security fixes, quick uptake helps narrow the window in which attackers can take advantage of newly discovered problems. But many people don't subscribe to or-announce, and so they only find out about new releases sporadically. Updates need to be easy, too: each additional upgrade step is an opportunity for people to make mistakes, and an annoyance means that more users will stay with older, insecure versions. The administration needs to be easy as well; Tor doesn't have a release engineering team, so we can't add too many hard steps to putting out each new release.
Most of all, updates need to be secure. We already sign all of our packages so that people can be sure they come from us, but most users never actually check the signatures on them. (The most careful binary-package users seem to be those who download the OS X bundles, and only around 7 percent of them actually seem to download the signature files too. We count total downloads, but don't record other user info.)
Most free Unix-like operating systems already have a built-in package distribution and update system with some amount of support for the above features, but for Windows and OS X, we're kind of out of luck: none of the existing free-software package distribution systems we evaluated had the level of security and detailed specifications we wanted.
With these goals in mind and funding from Google's Open Source Programs Office, we designed a secure update protocol primarily for Tor's needs, but can also be adapted to other software projects. It's named "Thandy" for obscure reasons, and you can check out the specifications or even try it out yourself.
I'm especially happy with Thandy's security architecture. We assume an adversary who can operate compromised mirrors and who can possibly compromise the main repository. At worst, such an adversary can DOS users' updates in a way that users can detect. Unlike lots of other update tools, we're immune to rollback attacks (where an adversary convinces users to install an old, compromised version of the software), we can detect frozen mirrors (where an adversary just doesn't serve updates), and we can even handle key compromise relatively gracefully. Most encouragingly, the fact that Thandy is both decently secure and well-specified has garnered us some attention from serious security researchers like Justin Cappos, coauthor of a great paper about software updaters in last year's CCS, a conference on computer and communications security.
The software is still in an experimental stage, and there are a number of efficiency opportunities it would be neat for us (or anybody) to follow up on in the future, but so far it seems to be working well. Have a look at the source, and let me know if you're interested on hacking on it!
Spreading the Summer Love
Tuesday, March 10, 2009 at 10:49 AM
Each year, we ask for help from the community to help us spread the word about Google Summer of CodeTM. We're thrilled that the outpouring of support has been so great for 2009. Even before the program started yesterday, volunteers translated our program flyer into more than 50 languages. We've also had former students and mentors host more than 20 informational sessions worldwide, from Peru to Switzerland, with more to follow. For those who want to learn more about the program, Hackystat mentor for 2008, Philip Johnson, contributed this excellent video:
If you want to get involved but are looking for more information, check out our Frequently Asked Questions or join us in #gsoc on Freenode. You can find screencasts of work done by past student participants and more informational videos in our program YouTube channel.Interested students may find our recent post on the Google for Students Blog useful. And, of course, don't forget about our discussion list.
We can always use more help spreading the Summer love, so if you'd like to contribute, post our flyer wherever geeks near you congregate. You can also follow our updates and spread the word to your friends on your favorite social networking sites. We can also use help to translate the program flyers and presentations. Short on time but full of zest for Open Source? We'd love it if you'd attend a local information session to share your experiences with newbies.
Many thanks to all the community members who contributed their time to promote the program!
Google Summer of Code: Applications Now Open for Mentoring Organizations
Monday, March 9, 2009 at 1:17 PM
Looking for new contributors and fresh perspectives for your Open Source software project? Through the Google Summer of CodeTM program, we fund students worldwide to work with mentors from the FLOSS community on a three month coding project. Over the past four years, we've successfully paired nearly 2,500 students with more than 2,500 mentors from industry to academia, with some spectacular results: more than 5 million lines of source code produced and over $15M in funding provided to open source development. We're particularly excited by the social ties our students form through the course of the program. We've connected people in more than 98 countries, and hope to bring people from even more places into the Google Summer of Code community this year. We're looking forward to our fifth year and welcoming another group of 1,000 student developers to the program.
We're now accepting applications from Open Source projects who wish to act as mentoring organizations. We'll be taking mentoring organization applications through Friday, March 13th at 19:00 UTC. Our list of approved organizations will be published on the 2009 Google Summer of Code site on March 18th. Interested students will then have several days to discuss their ideas with those organizations who are accepted before student applications open on March 23rd.
Check out our Frequently Asked Questions page for more details and a preview of the application. And remember, if you have any questions, you can always find us in the Google Summer of Code Discussion group or in #gsoc on Freenode. Best of luck to all of our applicants, and here's to our fifth Google Summer of Code!
New Functionality for Moodle
Thursday, February 26, 2009 at 10:32 AM
We're always excited to jump into the world of education and when it helps Open Source, we're all the happier. Moodlerooms, a partner of Moodle, the Open Source learning management system, recently approached to fund a project which would allow Moodle users to easily integrate Google Apps Education Edition, our communication and collaboration suite. Our Open Source Programs Office sponsored the work and the result is an Open Source single sign-on integration between Moodle and Google. The best part is the extensibility features allow any educational software vendor to take a similar approach to provide user directory synchronization, single sign-on, and user data integration. Check out the full story on the Google Enterprise Blog.
W3C Forms Working Group Convenes at the Googleplex
Wednesday, February 25, 2009 at 9:00 AM
Post by T.V. Raman, Research ScientistI have been a member of the W3C Forms Working Group since its inception in early 2000, and it gave me great pleasure to be able to host the group's recent three day face to face meeting on the Google campus February 9th - 11th. This Working Group develops an XML vocabulary that is used for creating forms-based Web interaction. During our meeting, the group spent its time finishing up the test suite for its current suite of specifications. A significant portion of the meeting was devoted to designing the necessary APIs for implementing the Forms technology within current-day browsers via pluggable JavaScript. Implementing the Forms technology in a cross-browser fashion using open JavaScript libraries holds the promise of delivering cross-browser, cross-platform Web interaction that is authored almost exclusively via declarative markup, which helps authors create Web interaction without having to program. In addition to myself , meeting participants included:
- John Boyer, Senior Technical Staff Member at IBM and current chair of the W3C Forms Working Group
- Erik Bruchez, developer of Orbeon Forms , an XForms-based open source forms solution
- Leigh Klotz, software architect for Xerox Corporation
- Ulrich Nicolas Lissé, XML Technologist and Standards Architect at DreamLab Technologies
- Steven Pemberton, from CWI, an institute for research in mathematics and computer science
- Nick Van den Bleeken, Research & Development Manager at Inventive Designers, a document and intelligent eForms automation solutions provider
- Charlie Wiecha, Manager of Multichannel Web Interaction at the IBM T.J. Watson Research Center
A breakdown of the agenda is available.
Zurich Open Source Jam 6
Tuesday, February 24, 2009 at 1:14 PM
We started the evening slowly, and by around 18:30 almost everyone had arrived to enjoy the food and beer. Thirty-three guests from all over Switzerland and surrounding countries were there, and we even had one visitor from Canada.
After everybody enjoyed the first round of food, Gürkan Sengün started with the first lightning talk about hugin, a software package used to create panorama photos. Hugin creates panorama photos by wrapping around other scripts, such as finding common points in two images and putting the images together. Gürkan did a live demo of the software by going through all the steps to create a panorama photo of the audience.
The next round of talks was started by Michael Schwarz, who is working on leanXcam. leanXcam is a small Open Source camera running uClinux that not only takes photos but is also able to process them on the device. After a quick introduction Michael gave us a demo how the camera works.
The last talk was about JExample by Adrian Kuhn. JExample is an extension for JUnit, a testing framework for Java, and fully compatible with it. JExample provides unit test dependencies to make debugging unit tests easier, providing graphs where you can see which components failed without running the actual tests. Adrian illustrated this functionality by testing a defective stack implementation.
It was a really interesting evening and everyone attending enjoyed it immensely. Thanks to everyone and hopefully we'll see you soon again. To stay informed about future Open Source Jams in Zurich, please join the Open Source Jam Zurich Google Group.
OpenStreetMap's New API Database Server
Thursday, February 19, 2009 at 7:19 PM
A few weeks ago Mano Marks, a Geo Developer Advocate here at Google, informed the Open Source Programs Office of OpenStreetMap's server upgrade fundraiser. Recognizing the good work that OpenStreetMap does by providing free geographic data of the world, we were happy to respond. We donated 5,000 GBP to the cause, and along with contributions from around the world, OpenStreetMap exceeded their goal in a single week! Congratulations to OpenStreetMap for building such an active and devoted community.
If you are interested in a collaborative project to create a free editable map of the world, we encourage you to check out their site and see what all the excitement is about.
Software Construction Toolkit Released
Friday, February 13, 2009 at 3:10 PM
If you've ever worked on a cross-platform software project, you know how often changes made on one platform break the build on other platforms. If you're using native project files (Xcode on Mac, makefiles on Linux, etc.), every developer needs access to every platform just to add a single source file. You can use a single makefile shared between all the platforms, but writing a makefile which "Does The Right Thing" on each platform is tricky. On all platforms, you need simple ways to express dependencies, run unit tests, and rebuild individual project components. You need to be able to extend the build tool to cover the 5% of your project that doesn't fit the usual build patterns. Oh, and the tool should be documented, tested, and free of charge.
To meet those challenges, we've written a cross-platform Software Construction Toolkit, built on the Open Source SCons build tool. It's written in Python, and builds on Windows, Mac, and Linux.
In addition to contributing fixes and enhancements back to SCons itself, we've released full source and documentation for the toolkit.
We always look forward to your feedback, so check out the code or an example project and send us your comments in our discussion group.
