Long-time Slashdot reader theodp writes: CACM [Communications of the ACM] Is Now Open Access," proclaims the Association for Computing Machinery (ACM) in its tear-down-this-CACM-paywall announcement. "More than six decades of CACM's renowned research articles, seminal papers, technical reports, commentaries, real-world practice, and news articles are now open to everyone, regardless of whether they are members of ACM or subscribe to the ACM Digital Library."

Ironically, clicking on Google search results for older CACM articles on Aaron Swartz currently returns page-not-found error messages and the CACM's own search can't find Aaron Swarz either, so perhaps there's some work that remains to be done with the transition to CACM's new website. ACM plans to open its entire archive of over 600,000 articles when its five-year transition to full Open Access is complete (January 2026 target date).
"They are right..." the site's editor-in-chief told Slashdot. "We need to get Google to reindex the new site ASAP."

This week Linux Foundation Charities launched "a groundbreaking open source software solution for real-time fraud prevention" named Tazama — "with support from the Bill & Melinda Gates Foundation."

They're calling it "the first-ever open source platform dedicated to enhancing fraud management in digital payments." Until now, the financial industry has grappled with proprietary and often costly solutions that have limited access and adaptability for many, especially in developing economies.

This challenge is underscored by the Global Anti-Scam Alliance, which reported that nearly $1 trillion was lost to online fraud in 2022. Tazama challenges this status quo by providing a powerful, scalable, and cost-effective alternative that democratizes access to advanced financial monitoring tools that can help combat fraud... The solution's architecture emphasizes data sovereignty, privacy, and transparency, aligning with the priorities of governments worldwide. Hosted by LF Charities, which will support the operation and function of the project, Tazama showcases the scalability and robustness of open source solutions, particularly in critical infrastructure like national payment switches.
Jim Zemlin, executive director of the Linux Foundation, described their reaction as "excited to see an open source solution that not only enhances financial security but also provides a platform for our community to actively contribute to a project with broad societal impacts."

And the announcement also includes a comment from the Bill & Melinda Gates Foundation's deputy director for payment systems. "This pioneering open source platform helps address critical challenges like fraud detection and compliance and paves the way for innovative, inclusive financial solutions that serve everyone, especially those in low-income countries.

"The launch of Tazama signifies another stride towards securing and democratizing digital financial services."

Some news from "Copyleft Currents", the blog of open-source/IP lawyer Heather Meeker: On February 14, 2024, the Court of Appeal of Paris issued an order stating that Orange, a major French telecom provider, had infringed the copyight of Entr'Ouvert's Lasso software and violated the GPL.

They ordered Orange to pay €500,000 in compensatory damages and €150,000 for moral damages.

This case has been ongoing for many years. Entr'ouvert is the publisher of Lasso, a reference library for the Security Assertion Markup Language (SAML) protocol, an open standard for identity providers to authenticate users and pass authentication tokens to online services. This is the open protocol that enables single sign-on (SSO). The Lasso product is dual licensed by Entr'Ouvert under GPL or commercial licenses.

In 2005, Orange won a contract with the French Agency for the Development of Electronic Administration to develop parts of the service-public.fr portal, which allows users to interact online with the government for administrative procedures. Orange used the Lasso software in the solution, but did not pass on the rights to its modifications free of charge under GPL, or make the source code to its modifications available. Entr'Ouvert sued Orange in 2010, and the case wended its way through the courts, turning on, among other things, issues of proof of Entr'Ouvert 's copyright interest in the software, and whether the case properly sounded in breach of contract or copyright infringement...

The compensatory damages were based on both lost profits of the plaintiff and disgorgement of profits of Orange. Moral damages compensate the plaintiff for harm to reputation or other non-monetary injury.
Thanks to long-time Slashdot reader AmiMoJo for sharing the article.

Angie Byron, a long-time member of the Drupal community, offers guidance on avoiding common mistakes and general good-practices for those new to contributing to open-source projects: [...] You might not know it yet, but as a newcomer to an open source project, you have this AMAZING superpower: you are often-times the only one in that whole project capable of reading the documentation through new eyes. Because I can guarantee, the people who wrote that documentation are not new. :-)

So take time to read the docs and file issues (or better yet, pull requests) for anything that was unclear. This lets you get a "feel" for contributing in a project/community without needing to go way down the deep end of learning coding standards and unit tests and commit signing and whatever other bananas things they're about to make you do. :) Also, people are more likely to take time to help you, if you've helped them first!

Jacob Kaplan-Moss, one of the lead developers of Django, writes in a long post that he says has come from a place of frustration: [...] Instead, every time a maintainer finds a way to get paid, people show up to criticize and complain. Non-OSI licenses "don"t count" as open source. Someone employed by Microsoft is "beholden to corporate interests" and not to be trusted. Patreon is "asking for handouts." Raising money through GitHub sponsors is "supporting Microsoft's rent-seeking." VC funding means we're being set up for a "rug pull" or "enshitification." Open Core is "bait and switch."

None of this is hypothetical; each of these examples are actual things I've seen said about maintainers who take money for their work. One maintainer even told me he got criticized for selling t-shirts! Look. There are absolutely problems with every tactic we have to support maintainers. It's true that VC investment comes with strings attached that often lead to problems down the line. It sucks that Patreon or GitHub (and Stripe) take a cut of sponsor money. The additional restrictions imposed by PolyForm or the BSL really do go against the Freedom 0 ideal. I myself am often frustrated by discovering that some key feature I want out of an open core tool is only available to paid licensees.

But you can criticize these systems while still supporting and celebrating the maintainers! Yell at A16Z all you like, I don't care. (Neither do they.) But yelling at a maintainer because they took money from a VC is directing that anger in the wrong direction. The structural and societal problems that make all these different funding models problematic aren't the fault of the people trying to make a living doing open source. It's like yelling at someone for shopping at Dollar General when it's the only store they have access to. Dollar General's predatory business model absolutely sucks, as do the governmental policies that lead to food deserts, but none of that is on the shoulders of the person who needs milk and doesn't have alternatives.

Michael Larabel reports via Phoronix: Back in 2022 Cloudflare announced they were ditching Nginx for an in-house, Rust-written software called Pingora. Today Cloudflare is open-sourcing the Pingora framework. Cloudflare announced today that they have open-sourced Pingora under an Apache 2.0 license. Pingora is a Rust async multi-threaded framework for building programmable network services. Pingora has long been used internally within Cloudflare and is capable of sustaining a lot of traffic while now Pingora is being open-sourced for helping to build infrastructure outside of Cloudflare. The Pingora Rust code is available on GitHub.

"Today, the KDE Community is announcing a new major release of Plasma 6.0 and Gear 24.02," writes longtime Slashdot reader jrepin. "The new version brings new windows and desktop overview effects, improved color management, a cleaner theme, better overall performance, and much more." From the announcement: KDE Plasma is a modern, feature-rich desktop environment for Linux-based operating systems. Known for its sleek design, customizable interface, and extensive set of applications, it is also open source, devoid of ads, and makes protecting your privacy and personal data a priority.

With Plasma 6, the technology stack has undergone two major upgrades: a transition to the latest version of the application framework, Qt 6, and a migration to the modern Linux graphics platform, Wayland. We will continue providing support for the legacy X11 session for users who prefer to stick with it for now. [...] KDE Gear 24.02 brings many applications to Qt 6. In addition to the changes in Breeze, many applications adopted a more frameless look for their interface.

"Documentation authors at Canonical have launched the Open Documentation Academy to offer an easy way to get started contributing to open-source projects," writes longtime Slashdot reader tykev. From the blog post: Open and inclusive collaboration, and the sharing of ideas, remains the best way to develop software (and to do many other things!), but we also recognise that this "getting involved" step can be difficult. Where do you start? Who do you ask? What needs to be done? We all very much want to help people become open source contributors by building an on-ramp process. It may take some time, and we will need to adapt, but this is exactly why we've started our Open Documentation Academy.

To help you get involved, the Open Documentation Academy provides a curated list of documentation tasks. Choose one, let us know, and get started. Tasks include testing and fixing tutorials, updating the outdated, restructuring large documents, and anything else you may want to suggest. Our list is growing, and a big part of the Documentation Academy will be ensuring there's always a wide range of tasks available, across as many projects and technologies as possible. And of course, we're here to help. We'll guide you through your first contributions, provide advice on approaches, and help you build your confidence.

TechTarget notes it was Linkerd's original developers who coined the term "service mesh" — describing their infrastructure layer for communication between microservices.

But "There has to be some way of connecting the businesses that are being built on top of Linkerd back to funding the project," argues Buoyant CEO William Morgan. "If we don't do that, then there's no way for us to evolve this project and to grow it in the way that I think we all want."

And so, TechTarget reports... Beginning May 21, 2024, any company with more than 50 employees running Linkerd in production must pay Buoyant $2,000 per Kubernetes cluster per month to access stable releases of the project...

The project's overall source code will remain available in GitHub, and edge, or experimental early releases of code, will continue to be committed to open source. But the additional work done by Buoyant developers to backport minimal changes so that they're compatible with existing versions of Linkerd and to fix bugs, with reliability guarantees, to create stable releases will only be available behind a paywall, Morgan said... Morgan said he is prepared for backlash from the community about this change. In the last section of a company blog post FAQ about the update, Morgan included a question that reads, in part, "Who can I yell at...?"

But industry watchers flatly pronounced the change a departure from open source. "By saying, 'Sorry but we can no longer afford to hand out a production-ready product as free open source code,' Buoyant has removed the open source character of this project," said Torsten Volk, an analyst at Enterprise Management Associates. "This goes far beyond the popular approach of offering a managed version of a product that may include some additional premium features for a fee while still providing customers with the option to use the more basic open source version in production." Open source developers outside Buoyant won't want to contribute to the project — and Buoyant's bottom line — without receiving production-ready code in return, Volk predicted.

Morgan conceded that these are potentially valid concerns and said he's open to finding a way to resolve them with contributors... "I don't think there's a legal argument there, but there's an unresolved tension there, similar to testing edge releases — that's labor just as much as contributing is. I don't have a great answer to that, but it's not unique to Buoyant or Linkerd."
And so, "Starting in May, if you want the latest stable version of the open source Linkerd to download and run, you will have to go with Buoyant's commercial distribution," according to another report (though "there are discounts for non-profits, high-volume use cases, and other unique needs.") The Cloud Native Computing Foundation manages the open source project. The copyright is held by the Linkerd authors themselves. Linkerd is licensed under the Apache 2.0 license.

Buoyant CEO William Morgan explained in an interview with TNS that the changes in licensing are necessary to continue to ensure that Linkerd runs smoothly for enterprise users. Packaging the releases has also been demanding a lot of resources, perhaps even more than maintaining and advancing the core software itself, Morgan explained. He likened the approach to how Red Hat operates with Linux, which offers Fedora as an early release and maintains its core Linux offering, Red Hat Enterprise Linux (RHEL) for commercial clients.

"If you want the work that we put into the stable releases, which is predominantly around, not just testing, but also minimizing the changes in subsequent releases, that's hard hard work" requiring input from "world-leading experts in distributed systems," Morgan said.

"Well, that's kind of the dark, proprietary side of things."

Longtime Slashdot reader Rei writes: In a blog post today, Bluesky, the social media network founded by Jay Graber, announced that they have finally opened to federation. Users can now operate their own PDS (backend) servers. How to do so is discussed on the developers' blog and a new Discord channel for PDS administrators.

As the blog notes, there are key differences between the AT Protocol/Bluesky federation and ActivityPub/Mastodon federation, including: global conversation (rather than local-server based with remote content only brought in from follows); a decentralized user account not bound to a specific host; user-composable moderation lists not inherently tied to a specific server, offsetting the need for defederation; user-composable feeds/algorithms, not tied to servers; and full account portability, without the need to be initiated by your server, protecting users from rogue admins or servers that disappear.

Despite the difference, a number of projects, such as Bridgy-Fed, plan to bridge Bluesky and Mastodon together, with all of Bluesky appearing as a single Mastodon server on ActivityPub, and Mastodon users being translated to a decentralized identifier (DID) for AT Protocol (atproto) calls.

Michael Larabel reports via Phoronix: With Valve's release today of the Steam Audio SDK 4.5.2 they have made the software development kit fully open-source under an Apache 2.0 license. Steam Audio 4.5.2 may not sound exciting in the context of a version number but as described in the release announcement is now "the first open source release of the Steam Audio SDK source code." The rest of this work in this Steam Audio SDK release amounts to bug fixes and other standard changes.

In a SteamCommunity.com announcement posted today entitled "Steam Audio Open Source Release," it notes: "The entire Steam Audio codebase, including both the SDK and all plugins, is now released under the Apache 2.0 license. This allows developers to use Steam Audio in commercial products, and to modify or redistribute it under their own licensing terms without having to include source code. We welcome contributions from developers who would like to fix bugs or add features to Steam Audio." You can learn more about Steam Audio via the project site.

By 2022 the VC firm Sequoia Capital had about $85 billion in assets under management, according to Wikipedia. Its successful investments include Google, Apple, PayPal, Zoom, and Nvidia.

And now the VC firm "plans to fund up to three open source software developers annually," according to TechCrunch, which notes it "a continuation of a program it debuted last year." The Silicon Valley venture capital firm announced the Sequoia Open Source Fellowship last May, but it was initially offered on an invite-only basis with a single recipient to shout about so far. Moving forward, Sequoia is inviting developers to apply for a stipend that will cover their costs for up to a year so they can work full-time on the project — without giving up any equity or ownership.... "The open source world is to some extent divided between the projects that can be commercialized and the projects that are very important, very influential, but just simply can't become companies," said Sequoia partner Bogomil Balkansky. "For the ones that can become great companies, we at Sequoia have a long track record of partnering with them and we will continue partnering with those founders and creators."

And this is why Sequoia is making two distinct financial commitments to two different kinds of open source entities, using grants to support foundational projects that might be instrumental to one of the companies it's taking a direct equity stake in. "In order for Sequoia to succeed, and for our portfolio of companies that we partner with to succeed, there is this vital category of open source developer work that must be supported in order for the whole ecosystem to work well," Balkansky added. From today, Sequoia said it will accept applications from "any developer" working on an open source project, with considerations made on a "rolling basis" moving forward. Funding will include living expenses paid through monthly installments lasting up to a year, allowing the developer to focus entirely on the project without worrying about how to put food on the table.
Spotify, Salesforce and even Bloomberg have launched their own grant programs too, the article points out.

"But these various funding initiatives have little to do with pure altruism. The companies ponying up the capital typically identify the open source software they rely on most, and then allocate funds accordingly..."

From a blog post by Greg Kroah-Hartman: As was recently announced, the Linux kernel project has been accepted as a CVE Numbering Authority (CNA) for vulnerabilities found in Linux.

This is a trend, of more open source projects taking over the haphazard assignments of CVEs against their project by becoming a CNA so that no other group can assign CVEs without their involvment. Here's the curl project doing much the same thing for the same reasons. I'd like to point out the great work that the Python project has done in supporting this effort, and the OpenSSF project also encouraging it and providing documentation and help for open source projects to accomplish this. I'd also like to thank the cve.org group and board as they all made the application process very smooth for us and provided loads of help in making this all possible.

As many of you all know, I have talked a lot about CVEs in the past, and yes, I think the system overall is broken in many ways, but this change is a way for us to take more responsibility for this, and hopefully make the process better over time. It's also work that it looks like all open source projects might be mandated to do with the recent rules and laws being enacted in different parts of the world, so having this in place with the kernel will allow us to notify all sorts of different CNA-like organizations if needed in the future.
Kroah-Hartman links to his post on the kernel mailing list for "more details about how this is all going to work for the kernel." [D]ue to the layer at which the Linux kernel is in a system, almost any bug might be exploitable to compromise the security of the kernel, but the possibility of exploitation is often not evident when the bug is fixed. Because of this, the CVE assignment team are overly cautious and assign CVE numbers to any bugfix that they identify. This explains the seemingly large number of CVEs that are issued by the Linux kernel team...

No CVEs will be assigned for unfixed security issues in the Linux kernel, assignment will only happen after a fix is available as it can be properly tracked that way by the git commit id of the original fix. No CVEs will be assigned for any issue found in a version of the kernel that is not currently being actively supported by the Stable/LTS kernel team.
alanw (Slashdot reader #1,822) worries this could overwhelm the CVE infrastructure, pointing to an ongoing discussion at LWN.net.

But reached for a comment, Greg Kroah-Hartman thinks there's been a misunderstanding. He told Slashdot that the CVE group "explicitly asked for this as part of our application... so if they are comfortable with it, why is no one else?"

Modern U.S. farming is being transformed by precision agriculture, writes Paul Roberts, the founder of securepairs.org and Editor in Chief at Security Ledger.

Theres autonomous tractors and "smart spraying" systems that use AI-powered cameras to identify weeds, just for starters. "Among the critical components of precision agriculture: Internet- and GPS connected agricultural equipment, highly accurate remote sensors, 'big data' analytics and cloud computing..." As with any technological revolution, however, there are both "winners" and "losers" in the emerging age of precision agriculture... Precision agriculture, once broadly adopted, promises to further reduce the need for human labor to run farms. (Autonomous equipment means you no longer even need drivers!) However, the risks it poses go well beyond a reduction in the agricultural work force. First, as the USDA notes on its website: the scale and high capital costs of precision agriculture technology tend to favor large, corporate producers over smaller farms. Then there are the systemic risks to U.S. agriculture of an increasingly connected and consolidated agriculture sector, with a few major OEMs having the ability to remotely control and manage vital equipment on millions of U.S. farms... (Listen to my podcast interview with the hacker Sick Codes, who reverse engineered a John Deere display to run the Doom video game for insights into the company's internal struggles with cybersecurity.)

Finally, there are the reams of valuable and proprietary environmental and operational data that farmers collect, store and leverage to squeeze the maximum productivity out of their land. For centuries, such information resided in farmers' heads, or on written or (more recently) digital records that they owned and controlled exclusively, typically passing that knowledge and data down to succeeding generation of farm owners. Precision agriculture technology greatly expands the scope, and granularity, of that data. But in doing so, it also wrests it from the farmer's control and shares it with equipment manufacturers and service providers — often without the explicit understanding of the farmers themselves, and almost always without monetary compensation to the farmer for the data itself. In fact, the Federal Government is so concerned about farm data they included a section (1619) on "information gathering" into the latest farm bill.

Over time, this massive transfer of knowledge from individual farmers or collectives to multinational corporations risks beggaring farmers by robbing them of one of their most vital assets: data, and turning them into little more than passive caretakers of automated equipment managed, controlled and accountable to distant corporate masters.
Weighing in is Kevin Kenney, a vocal advocate for the "right to repair" agricultural equipment (and also an alternative fuel systems engineer at Grassroots Energy LLC). In the interview, he warns about the dangers of tying repairs to factory-installed firmware, and argues that its the long-time farmer's "trade secrets" that are really being harvested today. The ultimate beneficiary could end up being the current "cabal" of tractor manufacturers.

"While we can all agree that it's coming...the question is who will own these robots?" First, we need to acknowledge that there are existing laws on the books which for whatever reason, are not being enforced. The FTC should immediately start an investigation into John Deere and the rest of the 'Tractor Cabal' to see to what extent farmers' farm data security and privacy are being compromised. This directly affects national food security because if thousands- or tens of thousands of tractors' are hacked and disabled or their data is lost, crops left to rot in the fields would lead to bare shelves at the grocery store... I think our universities have also been delinquent in grasping and warning farmers about the data-theft being perpetrated on farmers' operations throughout the United States and other countries by makers of precision agricultural equipment.
Thanks to long-time Slashdot reader chicksdaddy for sharing the article.

Michael Larabel writes via Phoronix: While there have been efforts by AMD over the years to make it easier to port codebases targeting NVIDIA's CUDA API to run atop HIP/ROCm, it still requires work on the part of developers. The tooling has improved such as with HIPIFY to help in auto-generating but it isn't any simple, instant, and guaranteed solution -- especially if striving for optimal performance. Over the past two years AMD has quietly been funding an effort though to bring binary compatibility so that many NVIDIA CUDA applications could run atop the AMD ROCm stack at the library level -- a drop-in replacement without the need to adapt source code. In practice for many real-world workloads, it's a solution for end-users to run CUDA-enabled software without any developer intervention. Here is more information on this "skunkworks" project that is now available as open-source along with some of my own testing and performance benchmarks of this CUDA implementation built for Radeon GPUs. [...]

For those wondering about the open-source code, it's dual-licensed under either Apache 2.0 or MIT. Rust fans will be excited to know the Rust programming language is leveraged for this Radeon implementation. [...] Those wanting to check out the new ZLUDA open-source code for Radeon GPUs can do so via GitHub.

Remember "Servo," Mozilla's "next-generation browser engine," focused on performance and robustness?

"The developers of Servo are starting 2024 by going all in..." reports It's FOSS News, citing a social media post from FOSDEM. "[T]he Servo Project team were there showing off the work done so far." If you were not familiar, Servo is an experimental browser engine that leverages the power of Rust to provide a memory-safe and modular experience that is highly adaptable. After Mozilla created Servo back in 2012 as a research project, it saw its share of ups and downs over the years, with it making a comeback in 2023; thanks to a fresh approach by the developers on how Servo should move forward.

Even though there are plenty of open source Chrome alternatives, with this, there's a chance that we will get some really cool options based on Servo that just might give Blink and Gecko a run for the money! Just a few months back, in September 2023, after The Servo Project officially joined Linux Foundation Europe, the existing contributors from Igalia stepped up their game by taking over the project maintenance. To complement that, at Open Source Summit Europe last year, Manuel Rego from Igalia shared some really useful insights when he presented.

He showcased stuff like the WebGL support, cross-platform support including mobile support for Android and Linux, among other things. They have experimented with Servo for embedded applications use-cases (like running it on Raspberry Pi), and have plans to make advances on it. As far as I can see, it looks like, Servo is faster for Raspberry Pi compared to Chromium. You can explore more such demos on Servo's demo webpage.
2024's roadmap includes "Initial Android support, that will see Servo being made to build on modern Android versions," according to the article, "with the developers publishing nightly APKs on the official website some time in the future."

One fun fact? "Even though Mozilla dropped the experimental project, Firefox still utilizes some servo components in the browser"

Another FOSDOM update from social media: "Thunderbird is also embracing Rust."

An anonymous Slashdot reader shared this report from SiliconANGLE: The Rust Foundation, which supports the development of the popular open-source Rust programming language... shared that Google LLC had made a $1 million contribution specifically earmarked for a C++/Rust interoperability effort known as the "Interop Initiative." The initiative aims to foster seamless integration between Rust and the widely used C++ programming language, addressing one of the significant barriers to Rust's adoption in legacy systems entrenched in C++ code.

Rust has the ability to prevent common memory errors that plague C++ programs and offers a path toward more secure and reliable software systems. However, transitioning from C++ to Rust presents notable challenges, particularly for organizations with extensive C++ codebases. The Interop Initiative seeks to mitigate these challenges by facilitating smoother transitions and enabling organizations to leverage Rust's advantages without completely overhauling their existing systems.

As part of the initiative, the Rust Foundation will collaborate closely with the Rust Project Leadership Council, stakeholders and member organizations to develop a comprehensive scope of work. The collaborative effort will focus on enhancing build system integration, exploring artificial intelligence-assisted code conversion techniques and expanding upon existing interoperability frameworks. By addressing these strategic areas, the initiative aims to accelerate the adoption of Rust across the software industry and hence contribute to advancing memory safety and reducing the prevalence of software vulnerabilities.
A post on Google's security blog says they're excited to collaborate "to ensure that any additions made are suitable and address the challenges of Rust adoption that projects using C++ face. Improving memory safety across the software industry is one of the key technology challenges of our time, and we invite others across the community and industry to join us in working together to secure the open source ecosystem for everyone."

The blog post also includes this quote from Google's VP of engineering, Android security and privacy. "Based on historical vulnerability density statistics, Rust has proactively prevented hundreds of vulnerabilities from impacting the Android ecosystem. This investment aims to expand the adoption of Rust across various components of the platform."

The Register adds: Lars Bergstrom, director of Android platform tools and libraries and chair of the Rust Foundation Board, announced the grant and said that the funding will "improve the ability of Rust code to interoperate with existing legacy C++ codebases.... Integrating Rust today is possible where there is a fallback C API, but for high-performance and high-fidelity interoperability, improving the ability to work directly with C++ code is the single biggest initiative that will further the ability to adopt Rust...."

According to Bergstrom, Google's most significant increase in the use of Rust has occurred in Android, where interoperability started receiving attention in 2021, although Rust is also being deployed elsewhere.... Bergstrom said that as of mid-2023, Google had more than 1,000 developers who had committed Rust code, adding that the ad giant recently released the training material it uses. "We also have a team working on building out interoperability," he added. "We hope that this team's work on addressing challenges specific to Google's codebases will complement the industry-wide investments from this new grant we've provided to the Rust Foundation."

Google's grant matches a $1 million grant last November from Microsoft, which also committed $10 million in internal investment to make Rust a "first-class language in our engineering systems." The Google-bucks are expected to fund further interoperability efforts, along the lines of KDAB's bidirectional Rust and C++ bindings with Qt.

An anonymous reader shares a report: A new open-source language model has claimed the throne of the best in the world, according to the latest rankings from Hugging Face, one of the leading platforms for natural language processing (NLP) research and applications.

The model, called "Smaug-72B," was released publicly today by the startup Abacus AI, which helps enterprises solve difficult problems in the artificial intelligence and machine learning space. Smaug-72B is technically a fine-tuned version of "Qwen-72B," another powerful language model that was released just a few months ago by Qwen, a team of researchers at Alibaba Group.

What's most noteworthy about today's release is that Smaug-72B outperforms GPT-3.5 and Mistral Medium, two of the most advanced open-source large language models developed by OpenAI and Mistral, respectively, in several of the most popular benchmarks. Smaug-72B also surpasses Qwen-72B, the model from which it was derived, by a significant margin in many of these evaluations.

An anonymous reader quotes a report from TechCrunch: After almost a year as an invite-only app, Bluesky is now open to the public. Funded by Twitter co-founder Jack Dorsey, Bluesky is one of the more promising micro-blogging platforms that could provide an alternative to Elon Musk's X. Before opening to the public, the platform had about 3 million sign-ups. Now that anyone can join, the young platform faces a challenge: How can it meaningfully stand up to Threads' 130 million monthly active users, or even Mastodon's 1.8 million?

Bluesky looks and functions like Twitter at the outset, but the platform stands out because of what lies under the hood. The company began as a project inside of Twitter that sought to build a decentralized infrastructure called the AT Protocol for social networking. As a decentralized platform, Bluesky's code is completely open source, which gives people outside of the company transparency into what is being built and how. Developers can even write their own code on top of the AT Protocol, so they can create anything from a custom algorithm to an entirely new social platform.

"What decentralization gets you is the ability to try multiple things in parallel, and so you're not bottlenecking change on one organization," Bluesky CEO Jay Graber told TechCrunch. "The way we built Bluesky actually lets anyone insert a change into the product." This setup gives users more agency to control and curate their social media experience. On a centralized platform like Instagram, for example, users have revolted against algorithm changes that they dislike, but there's not much they can do to revert or improve upon an undesired app update.

Carl Franzen reports via VentureBeat: Hugging Face, the New York City-based startup that offers a popular, developer-focused repository for open source AI code and frameworks (and hosted last year's "Woodstock of AI"), today announced the launch of third-party, customizable Hugging Chat Assistants. The new, free product offering allows users of Hugging Chat, the startup's open source alternative to OpenAI's ChatGPT, to easily create their own customized AI chatbots with specific capabilities, similar both in functionality and intention to OpenAI's custom GPT Builder â" though that requires a paid subscription to ChatGPT Plus ($20 per month), Team ($25 per user per month paid annually), and Enterprise (variable pricing depending on the needs).

Phillip Schmid, Hugging Face's Technical Lead & LLMs Director, posted the news on the social network X (formerly known as Twitter), explaining that users could build a new personal Hugging Face Chat Assistant "in 2 clicks!" Schmid also openly compared the new capabilities to OpenAI's custom GPTs. However, in addition to being free, the other big difference between Hugging Chat Assistant and the GPT Builder and GPT Store is that the latter tools depend entirely on OpenAI's proprietary large language models (LLM) GPT-4 and GPT-4 Vision/Turbo. Users of Hugging Chat Assistant, by contrast, can choose which of several open source LLMs they wish to use to power the intelligence of their AI Assistant on the backend, including everything from Mistral's Mixtral to Meta's Llama 2. That's in keeping with Hugging Face's overarching approach to AI -- offering a broad swath of different models and frameworks for users to choose between -- as well as the same approach it takes with Hugging Chat itself, where users can select between several different open source models to power it.