Huge Hole in Open Source Software Found, Leaves Millions Vulnerable

Similar Messages

• How to Download SAP HANA " R " Open Source software ???

  Hi SAP HANA Experts,
  I had read that it is the open source software from SAP AG.....
  I want to download the SAP HANA " R " Software, Can anyone of you please provide me the link to download it.

  Hello Sekhar,
  As mentioned in SAP HANA R Integration Guide, To compile R, download the R (version 2.15) source package from the R Project for Statistical Computing website.
  R: The R Project for Statistical Computing
  Regards,
  Ning Tong

• Relying on 3rd-Party/Open Source Software for fully functionality in Vi

  Is it just me or are open source software engineers doing a better job than actual Creative software engineers?
  There are several threads linking to 3rd-Party hacks to get the majority of Creative Apps working in Vista. As well as this there are the KXProject Drivers floating around which appear to offer better compatability than the current Creative drivers.
  What's going on Creative? How many Software Engineers do you actually have working for you?
  Why is it, people you don't even pay are making much greater developments and progress in drivers and software for Vista?
  But i guess they're not charging customers to purchase?updates on?CD. I remember when the Audigy was released, instead of offering downloads, Creative actually asked people to buy an updated CD with software and drivers on. Of course we were only?charged for postage, but very expensi've postage nevertheless.Message Edited by AnnoyedCustomer on 03-09-200703:3 PM

  Hi welcome to the forum, I hope you find lots of help here and we look forward to your contributions as well
  In regards to your questions:
  1: No, you just put a swf file on the server
  2. You can host the smaller app on your site and then give them an iframe linking to it
  3. Nope, no problems there
  Hope this helps
  Best regards
  Nikos

• What happened to the Apple open source software page?

  I have used a lot of the open source software that Apple listed on their website. The address used to be:
  http://www.apple.com/downloads/macosx/unix_open_source/
  But that just directs to a cheesy downloads page with links to app store, etc.
  Does anybody know what happend to this part of the Apple web site? Is it just moved and I'm too dumb to find it? I've tried to search these forums, and the googles, but nothing coherant comes through!

  This is the developer page though, and doesn't contain the wealth of applications that were hosted (and kept up to date). These included GIMP, carbon emacs, etc.
  I realize many of these are available from macports, or even by building from the source in many cases, but some of these programs seem to have been only hosted and updated from this page.

• What do you think open source software is missing?

  What do you think open source software is missing? Can be any general gripe, missing tools, missing support, etc.
  I'm waiting for a skype replacement with a windows and linux client. I only use the video and voice functionality.

  @ ngoonee
  [I don't consider it OT, so I write it here - hope that OP doesn't mind]
  Wrt Paul Davis, he seems to get $4-5k/month now so things are looking up a bit for him. Who's to blame if the community isn't able to come up with enough support for it's prime members? Also, there are parts of the world where you can live rather comfortably on $4k/month. You just have to beware of the dragons ;-)
  Open Source is a lot like socialism: work as hard as you can, get as much as you need. In theory, it could work: some would eat 2x the avg but work 5x the avg while others would be the other way round. In practise ... People are lazy, people are evil.
  Why should they pay for sth if they don't have to? Why should they be interested in GNU / Linux? Because it's free? Hey, I've got tons of "free" apps, piracy ahoy! (Or should I say "arrrrr")
  Maybe that's the reason many 'big names' went to work for Microsoft: their dignity didn't allow them to beg for support.

• Making money from Open Source Software

  Hi Guys,
  I'm thinking of committing a cardinal sin and charging for some software I have been writing. Before I am executed by an angry mob (with pitch-forks) I wanted to explain why..
  I want to work with OS Software as my main career. My main aim is to create a company which can help start-up companies with their IT infrastructure. I am developing a system (which uses Arch Linux as the base-OS) which is similar to eBox (but is much more Windows and Mac friendly... including Single Sign On authentication for all clients); so these companies can save thousands (and sometime tens of thousands) of dollars/pounds on licensing and expensive hardware. (My system currently only required 256MB RAM and runs much faster than Winblows!).
  But herein lies my problem. If my system is based around MIT/GPL software such as Kerberos, DNSMasq, IPTables, LDAP etc... how can I make any money from it?
  What I'd like to do is to be hands on and go in and setup the systems myself; so I could charge labor and not have to invest a great deal of time on my own infrastructure (ie. making it idiot proof); but as getting software running on Arch is so trivial; I don't think I could sustain a business on this alone.
  I also read somewhere about a company who wrapped up Open Office.org and Firefox in an OS and sold it. It stuff like this legal? How do they get around selling something which is unmodified versions of OS software???
  My other option is a support contract for each company; which is probably my best option. I charge for a days labor for the initial installation (after topology designs have been signed-off) and then charge the company yearly for 24/7 support.
  Does anyone have experience making a living from FOSS? Does anyone have any suggestions or warnings for me?
  I'd love to keep my software open source; but I'd also like to eat! :S
  Thanks,
  tommed

  Our SOHO is managed by myself for the daily tasks, but I give the real administration of our network (installing, upgrading, debugging, adding new features etc.) to a self-employed Debian developer.
  He has set us up a system like the one you describe: Kerberos, LDAP, NFS, mail, asterisk etc. He has only charged us for the work he has spent making this happen. From our off-the-record-talks I gather that he does varying stuff, so it wouldn't pay off for him to spend time in making a solution for 1 case (admittedly, a case that you could easily adapt for other projects)
  Myself I'm writing a program in PHP to manage our office. It's more of a single frontend for all the free software that we are using already. I'm planning on the long term to release this frontend in a free license, only charging people for the cost to set it up and to maintain it.
  I'm by no means a GPL-specialist, but I think this is the way to do this.

• Apple open source software vulnerabilities

  Apple devices any iTunes installed to a PC when it is fastened but certain major information info.plist as copying and open source file automatic text document as a açılabılıy mobile phone number, device serial no imei no color model and What comes to mind if the installed programs and applications to cache takes it Close to block and of course our hands about this issue to get support from my or can be found in my profile. Thank you.
  <E-mail Edited by Host>

  That really doesn't make much sense. Perhaps you should try posting in your native language.

• Installing open source software remotely

  I am a trifle bit confused why many hosting companies offer
  one-step installation of Joomla, Wordpress, etc. on the remote
  server, when these applications require extensive testing--a
  potential disaster in the making in a shared hosting environment.
  Installing locally, then testing via XAMPP or some other server
  seems a much safer bet, though it is extremely tedious...

  > these
  > applications require extensive testing
  Do they? They seem to be tried and true established
  applications in wide use
  out there.
  -Darrel

• Free/open source plotting software

  The objective:
  Data processing, mostly one X and one Y axis, recorded from sensors.
  Formatting, to change how the chart looks, e.g. fonts of the axis label, weight and dashed lines of the plot, addition of lines or arrows.
  What's been found:
  Gnumeric and google spreadsheet.
  There is a wonder what the Free/open source software users among the research people are using. I ran into LaTeX and thinks it's a good software. Anything like this would be nice.
  Thanks.

  Fine. I found QtiPlot working really well on Linux systems with ease of availability free of charge. No flame setting (as I think Mac OS and linux are both Unix-like), but it's a bit hard to compile on Mac OS X.

• Open Source - Commercial Software?

  There's a lot of great open source code out there that comes in really handy for all sorts of common programming tasks. But upon reading carefully the licensing agreements, it seems to me that it's generally illegal to include such code in any standard commercial application.
  Example:
  A young programmer gets hired by a small software development company. The company gets a contract with a local business to write some custom applications for in-house use, and our programmer friend gets handed the specs. Several components of the software he is asked to write are already available as open source, and certainly more robust than anything he could write on his own.
  Legally, he only has two options:
  Convince his company and their client to release the final program as open source - even though it may have no use outside of their business and was never intended for public sale.
  Write all the code himself, ignoring the open source resources, taking much longer to create an inferior product.
  Does this make sense? Am I misunderstanding these license agreements? It would seem to me that, for instance, all those great and useful Apache products are perfect for commercial applications and indeed seem to be developed with that in mind. (I can't imagine using Log4J in a tiny program I hack out at home to organize my hard drive etc)
  Note that there is a difference between open source software (MySQL, Apache web server, other such apps), and open source tools (Log4J, Apache commons, many more) in that the tools are not really useful on their own but instead are used as part of other programs. The licenses seem to allow free use of the software, but require open-sourcing of any derivative software - meaning that a company can use MySQL as a database for anything they wish, but a developer working for that company can't use Log4J to write a frontend for that database without releasing the frontend as open source???

  But upon reading carefully the
  licensing agreements, it seems to me that it's
  generally illegal to include such code in anystandard
  commercial application.I don't think so, although I'm no more a lawyer than
  you are. The licence agreements vary widely. When I
  look at the agreement for log4j, for example, I only
  see the requirement that I have to put a copyright
  notice and an acknowledgement in my software. No
  prohibitions at all. That one's pretty
  straightforward. But I'm still trying to make sense of
  the LGPL.It all depends on the license.
  Apache license allows ANY use and license for software using it as long as the Apache license is made available with a mention that components under that license have been used.
  GPL on the other hand indeed requires that everything using any code released under GPL be released under GPL as well.
  So if you were to write a 10MB application using a single 1KB GPLd module you have no choice but to release all your code under the GPL as well. This makes code under GPL impossible to use in commercial products or anything for which code needs to remain in-house for any reason.
  Most other licenses fall somewhere in between. mySQL for example allows non-commercial use under any license but commercial use is barred unless you pay a license fee (in which case you get a different license).

• Logging with whereabouts using open source and freeware

  You can find the html version of this at:
  http://www.acelet.com/whitepaper/loggingWithWhereabouts.html
  Logging with whereabouts using open source and freeware
  The purpose of logging is to find out what had happened when needed. When the
  time comes to read log messages, you want to know both the log message and its
  whereabouts (class name, method name, file name and line number). So you need
  to hard code whereabouts.
  But hard coded whereabouts are very difficult to maintain: when you modify your
  source code, line number changes; when you copy and paste a line, its class name
  and method name change. If whereabouts are wrong, you introduce bugs in your logging
  logic and the log messages are useless at the best.
  This article shows you an example of using freeware Redress tool to rectify whereabouts
  programmatically in your Makefile or Ant build file. So your whereabouts are always
  correct for both Java and JSP source file.
  Redress tool is part of SuperLogging at http://www.ACElet.com. SuperLogging also
  provides an open source wrapper Alog.java, which redirects log method calls to
  your favorite logging package. Redress tool can rectify whereabouts information
  on all Alog's method calls in your application. So, if you call Alog's log methods,
  these calls will be rectified by Redress.
  JDK 1.4 introduces a new utility package java.util.logging. The example in this
  article is based on JDK logging. Log4J is a cousin of JDK logging. Log4J users
  should have no difficulties to modify this example for Log4J. Both JDK logging
  and Log4J are excellent logging software for single JVM.
  Note: Redress tool rectifies method calls on Alog, not JDK logging. You need to
  call Alog instead of JDK logging in your application.
  Source code of Alog.java
  The following is the source code of Alog's JDK logging version. It serves as an
  library file and should be on your CLASSPATH:
  * Copyright Acelet Corp. 2000. All rights reserved
  * License agreement begins >>>>>>>>>> <br>
  * This program (com.acelet.opensource.logging.Alog) ("Software") is an
  * open source software. <p>
  * LICENSE GRANT. The Software is owned by Acelet Corporation ("Acelet").
  * The Software is licensed to you ("Licensee"). You are granted a
  * non-exclusive right to use, modify, distribute the Software for either
  * commercial or non-commercial use for free, as long as: <br>
  * 1. this copyright paragraph remains with this file. <br>
  * 2. this source code (this file) must be included with distributed
  * binary code.<br>
  * NO WARRANTY. This comes with absolutely no warranty. <p>
  * <<<<<<<<<< License agreement ends <p><p>
  * The purpose of releasing this open source program is to prevent vendor
  * lock in. <p>
  * You can code your program using this class to indirectly use Acelet
  * SuperLogging (com.acelet.logging). If later you want to swith to other
  * logging package, you do not need to modify your program. All you have
  * to do is: <p>
  * 1. modify this file to redirect to other logging packages. <br>
  * 2. replace existing com.acelet.opensource.Alog with your modified one. <br>
  * 3. you may have to reboot your EJB server to make the changes effect.<br>
  * <p>
  * This program is just a wrapper. For detail information about the methods
  * see documents of underline package, such as com.acelet.logging.Logging.
  * <p>
  * Visit http://www.ACElet.com for more information.
  * <p>
  * This file is a modified for using JDK logging as an EXAMPLE.
  * <br>
  * You can use Redress tool to keep your whereabouts information
  * always correct. See http://www.ACElet.com/freeware for detail.
  * <p>
  * Please see http://www/ACElet.com/opensource if you want to see the
  * original version.
  package com.acelet.opensource.logging;
  import java.util.logging.*;
  public final class Alog {
  * Log level value: something will prevent normal program execution.
  public static int SEVERE = 1000;
  * Log level value: something has potential problems.
  public static int WARNING = 900;
  * Log level value: for significant messages.
  public static int INFO = 800;
  * Log level value: for config information in debugging.
  public static int CONFIG = 700;
  * Log level value: for information such as recoverable failures.
  public static int FINE = 500;
  * Log level value: for information about entering or returning a
  * method, or throwing an exception.
  public static int FINER = 400;
  * Log level value: for detail tracing information.
  public static int FINEST = 300;
  static Logger logger;
  static {
  logger = Logger.getLogger("");
  public Alog() {
  public static void alert(String subject, String message) {
  public static void error(String text, int level, String fullClassName,
  String methodName, String baseFileName, int lineNumber) {
  String[] para = {lineNumber + "", baseFileName};
  logger.logp(getLevel(level), fullClassName, methodName, text, para);
  public static Level getLevel(int levelValue) {
  if (levelValue == SEVERE)
  return Level.SEVERE;
  else if (levelValue == WARNING)
  return Level.WARNING;
  else if (levelValue == INFO)
  return Level.INFO;
  else if (levelValue == CONFIG)
  return Level.CONFIG;
  else if (levelValue == FINE)
  return Level.FINE;
  else if (levelValue == FINER)
  return Level.FINER;
  else if (levelValue == FINEST)
  return Level.FINEST;
  else
  return Level.ALL;
  public static void log(String text, int level, String fullClassName,
  String methodName, String baseFileName, int lineNumber) {
  String[] para = {lineNumber + "", baseFileName};
  logger.logp(getLevel(level), fullClassName, methodName, text, para);
  public static void sendMail(String to, String from, String subject,
  String text) throws Exception {
  public static void sendMail(String to, String cc, String bcc, String from,
  String subject, String text) throws Exception {
  Test program
  The simple test program is Test.java:
  import com.acelet.opensource.logging.Alog;
  public class Test {
  public static void main(String argv[]){
  Alog.log("Holle world", Alog.SEVERE, "wrongClassName", "wrongMethod",
  "wrongFileName", -1);
  How to run the test program
  1. Compile Alog.java (JDK 1.4 or later, not before):
  javac Alog.java
  2. Download freeware Redress tool from http://ACElet.com/freeware.
  3. Run Redress tool:
  java -cp redress.jar Test.java
  4. Check Test.java. The Alog.log method call should be rectified.
  5. Run test program:
  java Test
  You should see log message with correct class name and method name.

  Hi;
    I found this code and would like to share it with you :
  JCoDestination destination = JCoDestinationManager
    .getDestination(DESTINATION_NAME2);
    JCoFunction function = destination.getRepository().getFunction(
    "RFC_FUNCTION_SEARCH");
    if (function == null)
    throw new RuntimeException("RFC_FUNCTION_SEARCH not found in SAP.");
    function.getImportParameterList().setValue("FUNCNAME", "*");
    function.getImportParameterList().setValue("GROUPNAME", "*");
    try {
    function.execute(destination);
    JCoTable funcDetailsTable = function.getTableParameterList()
    .getTable("FUNCTIONS");
    int totalNoFunc = funcDetailsTable.getNumRows();
    if (totalNoFunc > 0) {
    for (int i = 0; i < totalNoFunc; i++) {
    System.out.println("Function Name: "
    + funcDetailsTable.getValue(i));
    } catch (AbapException e) {
    System.out.println(e.toString());
    return;
    System.out.println("RFC_FUNCTION_SEARCH finished");
  It is working and retrieving FM.
  Regards
  Anis

• Open Source releasing best practices?

  Hello,
  When creating open source software, I don't really know what the best way to release it (what kind of makefile, versioning system, etc...) is. It's also hard to find this info online, is there any good online info or book about this?
  Here are some of my questions...
  -How many operating systems should your makefile support? Should I make special cases for every single Linux distro and other OS in the makefile, or can I just  put a generic "g++ *.cpp" in the makefile, and let each OS and distro's own package managers take care of tailoring it to their OS?
  -For makefile complexity, I guess there is a scale ranging from a hack like just typing "g++ *.cpp" in it, through having nice sections, groups of files and definitions like "CFLAGS", all the way up to projects which have 20 different makefiles in them like "Makefile.in", "Makefile.pandora", etc.... Where on that scale should you ideally be?
  -Makefiles of many projects look incredibly complex, why?
  -What versioning system to use? When to make a 1.0.0? When to append "rc" at the end?
  -When to tag stable versions? And when you change something in head, do you need to change version number every single time?
  -When creating a dynamic library, and you tagged a stable version, and you then change something in head. Should in the makefile the version number of the library name be changed to something? If so, should it be changed to a next minor version, or to something with "-rc" at the end?
  -What names should be used for tags of versions?
  -Does there need to be both a zipped version of the source code and one under VCS, and if so why is that zipped version needed?
  -Are there any naming conventions for output binaries and libraries?
  -Are you supposed to let your makefile clean up .o files after compilation or not?
  -Are there any conventions for makefiles for names of sections and variables in it? E.g. is it a good idea to have a "clean:" in your makefile to remove everything?
  -When depending on another library which is hosted somewhere else, how to handle that? What when statically depending on it?
  -Any other things I should know?
  Thanks!
  Last edited by aardwolf (2013-05-07 12:32:57)

  aardwolf wrote:Hello,
  Many of your questions have no single correct response. I'll reply with my own opinions and experiences, based on my release of two open source projects (GPT fdisk and rEFInd).
  -How many operating systems should your makefile support? Should I make special cases for every single Linux distro and other OS in the makefile, or can I just  put a generic "g++ *.cpp" in the makefile, and let each OS and distro's own package managers take care of tailoring it to their OS?
  Ideally, a Makefile should build a package under every OS on the planet. In practice, this isn't always practical. Many developers use programs like Autotools to create Makefiles that are suited to a particular build environment. Other developers (myself included) create a handful of Makefiles for different environments -- for instance, my GPT fdisk has Makefiles for Linux, FreeBSD, OS X, and Windows. My rEFInd officially supports building only under Linux, although it supports two EFI toolkits (GNU-EFI and TianoCore EDK II) via a cascading set of Makefiles. Any of these Makefiles can require changes depending on the distribution and development environment in use, but that's not really my concern.
  If a distribution requires changes, that type of change is generally best left to a build system like Autotools or to the person who builds or packages the program. IMHO, it's unreasonable to ask a developer to make minor tweaks to a static Makefile to support every minor Linux variant on the planet.
  -For makefile complexity, I guess there is a scale ranging from a hack like just typing "g++ *.cpp" in it, through having nice sections, groups of files and definitions like "CFLAGS", all the way up to projects which have 20 different makefiles in them like "Makefile.in", "Makefile.pandora", etc.... Where on that scale should you ideally be?
  This is very much a matter of personal preference and project complexity. Autotools or something similar will make it easy for users and distribution maintainers, but can be tricky to use for the developer. If your program is a simple single-file C program, you might forego a Makefile completely; but for something on the scale of the Linux kernel, a Makefile (or something equivalent) is absolutely required.
  -Makefiles of many projects look incredibly complex, why?
  Some projects are very complex, as in the Linux kernel itself. Other times, the Makefiles generated by automated systems like Autotools can be more complex than they might be if they were hand-crafted. In still other cases the developers like complexity or are barely competent at creating Makefiles and so create something that's more complex than it needs to be.
  -What versioning system to use? When to make a 1.0.0? When to append "rc" at the end?
  AFAIK, there are no standards on this. A 1.0 release denotes that something has moved beyond "beta test" status -- in other words, you think it's stable and usable for the masses. Open source software authors tend to be conservative in making that judgment, so pre-1.0 releases in the open source world are often as good as post-1.0 releases of commercial software. The bottom line, though, is that it is a judgment call -- what I consider "1.0" software you might consider well beyond that point and something else might consider pre-beta.
  As to release candidate (RC), not all projects use that designation at all. It seems to me to be more common among large projects as they approach major release milestones, to denote something that is close to being finalized, but not quite -- essentially a sort of very late beta stage, even if the initial 1.0 release was made some time before.
  -When to tag stable versions? And when you change something in head, do you need to change version number every single time?
  If the code changes, you should definitely change the version number. Most developers accumulate several changes before making a new official release, though. Personally, I make full releases with three-digit numbers (like 0.8.6 or 0.6.10), and I upload minor changes to my project's git repository with four-digit numbers (like 0.8.6.1 or 0.6.10.2), but don't do full releases with tarballs and RPMs and whatnot for these, except in a limited way if I want specific people to test a recent change because they filed a bug report. Others have other systems.
  -When creating a dynamic library, and you tagged a stable version, and you then change something in head. Should in the makefile the version number of the library name be changed to something? If so, should it be changed to a next minor version, or to something with "-rc" at the end?
  The key difference with dynamic libraries is that the interfaces should not change with minor changes. IIRC, the second digit (like "2" in 1.2.3) is the cutoff point. In other words, a program that uses library version 1.2.3 should continue to work without changes or recompilation with library 1.2.4 or 1.2.2 (assuming no bugs). This enables users to upgrade the library (from 1.2.3 to 1.2.4 or the like) without upgrading every binary that relies on it. With version 1.3.0, though, the interface to the library might change in a way that would require recompilation of the program or even changes to the source code. Thus, changing the library from 1.2.4 to 1.3.0 will require the user to upgrade all the programs that use that dynamic library (or keep the old version around along with the new one). Note that I've never created a publicly-released library, and it's been a while since I've read up on this, so I might be a little off on these details.
  -What names should be used for tags of versions?
  I'm not sure what you mean by this.
  -Does there need to be both a zipped version of the source code and one under VCS, and if so why is that zipped version needed?
  You can do it any way you want; but as a general rule, you should provide source code in a tarball or .zip file because that's easier to download. Some package systems, such as RPM, require that a source package filename be specified, and so not providing source in such a package just complicates matters for packagers and therefore makes it less likely that they'll bother packaging your program at all. This in turn makes it harder for your users to use the program.
  Note that most Linux programs' source code is provided as tarballs rather than as .zip files. Some cross-platform programs can be exceptions to this rule. For instance, I used .zip for rEFInd (a boot loader) because .zip is a little more common in Windows -- although I'm sure either would have worked fine, in practice.
  You should probably provide binary builds of your software -- although in some cases this can be tricky because a binary built for Distribution A may not work on Distribution B because of library differences. The OpenSUSE Build Service (OBS) can help with this, although it's a bit of a pain to use.
  -Are there any naming conventions for output binaries and libraries?
  Not AFAIK, except of course for filename extensions like .so and .a.
  -Are you supposed to let your makefile clean up .o files after compilation or not?
  No, except for the "clean" target and anything else that's supposed to do this.
  -Are there any conventions for makefiles for names of sections and variables in it? E.g. is it a good idea to have a "clean:" in your makefile to remove everything?
  The "all" target builds everything, "clean" cleans up, "install" installs everything, and "uninstall" uninstalls everything. There's no law that says you have to have all of these, but they're common, particularly with big projects.
  -When depending on another library which is hosted somewhere else, how to handle that? What when statically depending on it?
  This type of thing is generally handled by packaging programs (pacman, rpm, dpkg, etc.), not by developers' Makefiles. That said, Makefile builders like Autotools should check for the relevant development libraries and stop if they aren't present. That will handle the static linking issue, as well as other problems. On another level, when using RPM, a source RPM will include dependencies on the relevant development libraries, and Debian source files have a similar feature. Putting these files together is the responsibility of distribution maintainers, not of program authors.
  -Any other things I should know?
  There's a huge range of acceptable practices on these issues. As a general rule, though, the smaller the package the more likely you are to find a simple Makefile that builds the whole project. Bigger projects are more likely to rely on multiple Makefiles, Autotools, or other complex pre-build software. More standardization emerges at the distribution level, in the form of source and binary RPMs, Debian packages, etc. You shouldn't need to worry too much about that. So long as your package builds with few or no changes on a variety of distributions, the distribution packagers can handle the rest. Build systems always support patches so that minor changes to Makefiles or whatnot can be incorporated. This frees you up to worry about other things rather than trying to support every minor variant distribution in existence.

• Good site for Video Editing tools (open source)

  I'm a recent convert to Mac, and I'm having a hard time finding comparable tools to what is available via open source on the Windows side. Specifially in the H.264 arena. There are a multitude of open source encoding tools for Windows. I'm sure there have to be some for Mac. Are there any good sites that list these? I'm tried versiontracker and The Mac Orchard, but I'm hoping for something more specific like VideoHelp.com
  Any suggestions? I'm looking for encoding software that can do inverse telecine, import DivX/Xvid/DV, Trim video (to remove letterboxing), and encode to H.264.
  Thanks!

  Can't help with the video stuff, but since you're a newcomer to the Mac, see these:
  Switching from Windows to Mac OS X,
  Basic Tutorials on using a Mac,
  MacFixIt Tutorials,
  MacTips, and
  Switching to the Mac: The Missing Manual, Leopard Edition.
  And a link to open source software: http://sourceforge.net/ Search for *multimedia for Mac*.
  Additionally, *Texas Mac Man* recommends:
  Quick Assist.
  Welcome to the Switch To A Mac Guides, and
  A guide for switching to a Mac.

• Open-source projects on Oracle

  I had actually asked this question a while ago, but the answer from Oracle was a little vague.
  Is it legal to use the downloadable versions of the Oracle database, AS, and other tools (such as JDeveloper) to author open-source software?
  Thanks,
  Sean

  A better way to say it would be
  Oracle corporation delivers free kit of full oracle10g solution which include database,AS,DS and many other CD's with the free evaluation license. you can use these product only for evaluation of the product or for study purpose but you can not use them in production/development environment. for a production/development environment you must purchase a license according to given requirements.

• Open Source JavaFX Petition

  To the Leaders, Management, and Board of Directors at Oracle Corporation,
  We the undersigned formally request that Oracle Corporation release the entire JavaFX Platform as open source software available for modification and reuse by individuals, educators, and corporations.
  Open source software has transformed the way that we build and use software. It has increased the educational reach of technology, allowed new and innovative applications to emerge, and spawned the growth of communities dedicated to software philanthropy. Java has been at the forefront of this revolution, providing a platform for open source development, and becoming an open source effort in itself.
  JavaFX is an innovative technology built on top of Java that allows the creation of next generation Rich Internet Applications (RIA). We believe that an essential part of the future success of this platform is to release it as open source software. This would increase adoption by companies that fear lock-in or are concerned about technology maturity. It would also make it competitive with other RIA platforms that have embraced the open source model.
  We recognize that Oracle Corporation has made a significant investment in JavaFX technology, and continues to grow and extend the platform. We encourage Oracle to continue their investment in the JavaFX platform, including monetization of the platform through training, support, and other professional services. In our estimation, the increased adoption of JavaFX will make the platform even more profitable for Oracle that it currently is as a proprietary technology.
  Therefore, we proudly make this request to open source the JavaFX platform in the mutual interest of JavaFX technology and the future success of Oracle Corporation.Sign it at here
  [http://steveonjava.com/javafx-petition/|http://steveonjava.com/javafx-petition/]
  Edited by: Surikov on Jul 8, 2010 12:23 AM

  According to the wikipedia page on JavaFX: "in the next two months". You just have to be patient and wait for further news. These things take time because before the release is made, it has to be 100% positive that there is no propriety code in there anymore.