2024-03-13 18:38:39
An interesting conversation about publishing, sparked by @… ‘s blog post, happening over on Bluesky: https://bsky.app/profile/danielbingham.bsky.social/…
An interesting conversation about publishing, sparked by @… ‘s blog post, happening over on Bluesky: https://bsky.app/profile/danielbingham.bsky.social/…
Hugging Face launches LeRobot, an open-source robotics code library, after hiring former Tesla scientist Remi Cadene to lead its open-source robotics project (Carl Franzen/VentureBeat)
https://venturebeat.com/automation/hugging-f…
RTAB-Map as an Open-Source Lidar and Visual SLAM Library for Large-Scale and Long-Term Online Operation
Mathieu Labb\'e, Fran\c{c}ois Michaud
https://arxiv.org/abs/2403.06341 …
GraphiQ: Quantum circuit design for photonic graph states
Jie Lin, Benjamin MacLellan, Sobhan Ghanbari, Julie Belleville, Khuong Tran, Luc Robichaud, Roger G. Melko, Hoi-Kwong Lo, Piotr Roztocki
https://arxiv.org/abs/2402.09285
Google's Jpegli open-source library can compress high quality images 35% more than traditional JPEG codecs
https://www.cnx-software.com/2024/04/05/googles-jpegli-open-source-libr…
neue Ausgabe der Zeitschrift 027.7:
"The Global Impact of #Library #Publishing. Proceedings of the IFLA Library Publishing SIG Satellite Programme and the Open Session at WLIC 2023 in the Netherlands"
This https://arxiv.org/abs/2111.00187 has been replaced.
link: https://scholar.google.com/scholar?q=a
RTAB-Map as an Open-Source Lidar and Visual SLAM Library for Large-Scale and Long-Term Online Operation
Mathieu Labb\'e, Fran\c{c}ois Michaud
https://arxiv.org/abs/2403.06341 …
This https://arxiv.org/abs/1808.01590 has been replaced.
link: https://scholar.google.com/scholar?q=a
"Open Library of Humanities launches 7 new journals: https://openlibhums.org/news/700/
This increases the OLH’s portfolio to 30 journals […], with a further 3 high-profile journals who will be leaving their commercial publishers in Spring-Summer 2024 to relaunch at the OLH.
This is…
This https://arxiv.org/abs/2111.00187 has been replaced.
link: https://scholar.google.com/scholar?q=a
Lunar Library: Das Wissen der Menschheit ist auf dem Mond archiviert
https://www.golem.de/news/lunar-library-das-wissen-der-menschheit-ist-auf-dem-mond-archiviert-2402-182578.html
Insights from Basilisk: Are Open-Source EDA Tools Ready for a Multi-Million-Gate, Linux-Booting RV64 SoC Design?
Philippe Sauter, Thomas Benz, Philippe Sauter, Frank K. G\"urkaynak, Luca Benini
https://arxiv.org/abs/2405.04257
Almost half of data scientists find it difficult to adopt streaming technologies. Join Chloe He at this year's Berlin Buzzwords to learn about basic streaming concepts, how her team created an open source library that unifies batch and streaming, and how to add streaming technologies to existing batch workloads with minimal code changes. #bbuzz
LawArXiv has been retired and replaced with "a new branded preprint service," Law Archive, that operates "under the Yale Law Library's umbrella" (h/t @…): https://www.cos…
New Belgium Brewing Company is running a pretty open-ended small grant program for cycling-related stuff.
I applied for one for the E-Bike Library; you should tell all your favorite bicycle non-profits to apply for one too.
https://www.newbelgium.com/company/mission
2/ Hat mir gerade jemand geschickt. Also #Philosophie scheint auch die Schnauze voll zu haben und sagt Tschüss. Sehr schön! #PoliticalPhilosphy #Wiley
„Die Open Library of Humanities hat jetzt Political Philosophy im Angebot. Political Philosophy ist ein großes Ding, jedenfalls in der theoretischen Politikwissenschaft. Es geht aus dem Wiley-Journal The Journal of Political Philosophy hervor, das aktuell kein Editorial Board hat.
Wiley hat den Editor in Chief, Robert Goodin, gefeuert, als dieser sich weigerte, mehr Artikel pro Jahr in dem Journal zu veröffentlichten. Daraufhin hat der Rest des Boards, ebenfalls sehr respektable Leute, hingeschmissen. [1] Du wirst Robert Goodin wahrscheinlich mögen, er hat u.a. ein Standardwerk zur politischen Theorie von Grüner Politik verfasst.
Wiley versucht offenbar, die Steuergelder abzuschöpfen, die in Gold-OA-Gebühren fließen. Diese Praxis kannte ich bisher nur von MDPI oder Frontiers. Die Preise bei Wiley für das Journal: $3840 oder 3190€. Ich glaube wir alle wissen, wie diese Preise zu bewerten sind ...“
[1] https://dailynous.com/2023/04/27/wiley-removes-goodin-as-editor-of-the-journal-of-political-philosophy/
We are now offering online, 6-week intensive summer courses in Elementary Biblical Hebrew and Elementary New Testament Greek, open to the public.
Course tuition is free for YDS students. For all others it is: $3,673
For more info and to apply: https://divi…
"The Open Library of Humanities (#OLH) is an award-winning publisher of #humanities scholarship based at Birkbeck, University of London. We play a leading role within a growing ecosystem of scholar-led digital publishing, that combines cutting-edge technology with community governance and not-for-profit…
QSpace - An open-source tensor library for Abelian and non-Abelian symmetries
Andreas Weichselbaum
https://arxiv.org/abs/2405.06632 https://
Achievement unlocked: good luck fool, level 3.
Tried to open the metro gate with a library card.
The important role #OpenSSL plays in securing the Internet has never been matched by the financial resources devoted to maintaining it.
The open source #cryptographic #software library secures hundreds of thousands of Web s…
Enshittification alert: I use YouTube Music, mostly because it has my own 10K songs I uploaded into its “Google Music” predecessor. In Android Auto, YTMusic used to support Library->Uploaded and I could shuffle that stuff. They took it away. You have to pull over, get out your phone, navigate to Uploaded, etc.
There’s an open issue on the YTMusic help, saying “Android Auto doesn’t support long lists.” It used to.
Feaugh.
This https://arxiv.org/abs/2404.06484 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csSE_…
This https://arxiv.org/abs/2405.04257 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csAR_…
This https://arxiv.org/abs/2311.02058 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csRO_…
new at the #nyc public library: #archives & records of the east village eye, 1979-1987. https://www.…
Kennt ihr die „Human Library“? Es ist ein Projekt aus Dänemark, bei dem Menschen als Bücher fungieren, in denen man „lesen“ kann. Ganz nach dem Motto: „Don’t judge the book by its cover.“
In dieser etwas anderen Bibliothek kann man sich also eine Gesprächspartnerin „ausleihen“, die vielleicht an Borderline leidet. Oder jemanden, der mal eingesessen hat. Oder, oder. 1/2
Definitely had some sort of anxiety dream last night that I was back in library school and everyone was upset at me for...smashing open a sealed unopenable box(?) while they were watching a film in class.
Very happy to share this exciting news that the California Digital Library (my workplace), Lyrasis, and the Big Ten Academic Alliance Libraries are joining together to advance Diamond OA in the US! https://osc.universityofcalifornia.edu/2024/04/better-together-btaa…
I've just landed a fix in #libreoffice that fixes a couple of bugs in PDF import, one of which has been open for 6.5 years old. It's been an odd couple of month trip through the Poppler PDF library and the weird convoluted path it's used in LO; since Poppler is GPL (no pre-L!) LO runs it in a separate process that then spits out a cursed intermediate format which LO then parses …
The lack of evening / nighttime Third Places that are not pushing alcohol is a serious gap.
How many of us have high school memories of Perkins or Waffle House or similar at 1am?
I remember a period in the 90s / early 00s when coffee shops were open until midnight or later. That was great. Seems rare now; am I imagining that?
…
_“The end game would be the ability to login to every Fedora, Debian and Ubuntu box on the internet. If it isn’t a state actor it should be…”_
Cryptographer Filippo Valsorda said, _“This might be the best executed supply chain attack we’ve seen described in the open, and it’s a nightmare scenario: malicious, competent, authorized upstream in a widely used library.”_
And awesome: FOSS community catched it, because tests slowdown
Efficient Open Modification Spectral Library Searching in High-Dimensional Space with Multi-Level-Cell Memory
Keming Fan, Wei-Chen Chen, Sumukh Pinge, H. -S. Philip Wong, Tajana Rosing
https://arxiv.org/abs/2405.02756
From the rare occasion when I head into the city. Love the orderly queue outside the British Library just before the doors open up. #AnalogPhotography #BelieveInFilm
This https://arxiv.org/abs/2111.00187 has been replaced.
link: https://scholar.google.com/scholar?q=a
"The West Virginia House passed House Bill 4654 – removing bona fide schools, public libraries, and museums from the list of exemptions from criminal liability relating to distribution and display to a minor of obscene matter – in a 85-12 vote Friday, sending the bill to the state Senate."
The vague law would open librarians to criminal prosecution if "obscene" material is found in their library.
#AGPL vs #SSPL
AGPL, add the requirement to include mgmt/monitoring/backup/storage/APIs/UIs such that you could run the service (e.g., other internal APIs or dashboards don't leak through in how AGPL is defined - only that library's API)
or, SSPL, but get rid of the "you aren't allowed to run a competing business" requirement (e.g., SSPL isn't truly open)
AGPL but more
SSPL but less
This https://arxiv.org/abs/2308.02921 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_ees…
This https://arxiv.org/abs/2404.06484 has been replaced.
initial toot: https://mastoxiv.page/@arXiv_csSE_…
On the Average Runtime of an Open Source Binomial Random Variate Generation Algorithm
Vincent A. Cicirello
https://arxiv.org/abs/2403.11018 https://…
From the rare occasion when I head into the city. Love the orderly queue outside the British Library just before the doors open up. #AnalogPhotography #BelieveInFilm
Yesterday, I had the pleasure of presenting to the #UKRI Science and Technology Facilities Council about #OpenAccess for #books.
Learn the differences between offline and online machine learning, how one can complement the other, and streaming concepts and best practices to start your online ML journey with River, an open source Python ML library, in this short talk by Tun Shwe at this year's Berlin Buzzwords. #bbuzz
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
Lio by Mark Tatulli for February 15, 2024 | GoComics.com
http://www.gocomics.com/lio/2024/02/15
Beacon, a lightweight deep reinforcement learning benchmark library for flow control
Jonathan Viquerat, Philippe Meliga, Pablo Jeken, Elie Hachem
https://arxiv.org/abs/2402.17402 …
Closed-Loop Open-Vocabulary Mobile Manipulation with GPT-4V
Peiyuan Zhi, Zhiyuan Zhang, Muzhi Han, Zeyu Zhang, Zhitian Li, Ziyuan Jiao, Baoxiong Jia, Siyuan Huang
https://arxiv.org/abs/2404.10220
This https://arxiv.org/abs/2309.01977 has been replaced.
initial toot: https://mastoxiv.page/@arX…
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
GeoFlood: Computational model for overland flooding
Brian Kyanjo, Donna Calhoun, David L. George
https://arxiv.org/abs/2403.15435 https://
It's been a while since I've complained about #RustLang itself, so…
Cargo insists on interacting with #git repositories. At the same time, cargo insists on vendoring an old version of #LibGit2 (1.6.2 FWICS). So, if your system is using a new git version (2.44.0), you won't be able to `cargo build`:
```
error: failed to determine package fingerprint for build script for uv v0.1.38 (/tmp/uv/crates/uv)
Caused by:
failed to determine the most recently modified file in /tmp/uv/crates/uv
Caused by:
failed to determine list of files in /tmp/uv/crates/uv
Caused by:
failed to open git index at /tmp/uv/.git/
Caused by:
invalid data in index - calculated checksum does not match expected; class=Index (10)
```
You have to clone everything with `-c index.skipHash=false` to work around this.
But yeah, I'm sure there's a great benefit to using an outdated vendored C library that NIHs git.
#Gentoo #NIH
GPU acceleration of ab initio simulations of large-scale identical particles based on path integral molecular dynamics
Yunuo Xiong
https://arxiv.org/abs/2404.02628
This https://arxiv.org/abs/2309.01977 has been replaced.
initial toot: https://mastoxiv.page/@arX…
LASY: LAser manipulations made eaSY
Maxence Th\'evenet, Igor A. Andriyash, Luca Fedeli, \'Angel Ferran Pousa, Axel Huebl, S\"oren Jalas, Manuel Kirchen, Remi Lehe, Rob J. Shalloo, Alexander Sinn, Jean-Luc Vay
https://arxiv.org/abs/2403.12191
This https://arxiv.org/abs/2402.17402 has been replaced.
initial toot: https://mastoxiv.page/@ar…