An anonymous reader quotes a report from TechCrunch: For the past couple of years, the startup has been iterating on a brand-new CRM platform and making everything available on GitHub under a permissive AGPLv3 license. While Twenty doesn't have all the features that you can find in Salesforce [comparison], the company is slowly building a community of CRM and open source enthusiasts around it, with more than 300 contributors in the last year and 20,000 stars on GitHub. [...] Twenty is trying to build a flexible platform that can be tweaked to every company's needs and that can serve as a basis for other tools and use cases. Each entry in a CRM is an object. It can be a standard, pre-defined object like a person or a company. But customers can also create their own custom objects. If you're a conference organizer, you can create a conference object. If you're a restaurant chain manager, you can create a restaurant object. As you may have guessed, Twenty also lets you create custom fields for each object. This way, it's easier to capture and compare data across multiple entries. This customer data can be viewed in Twenty directly in list or Kanban views. People can sort and filter entries, add tasks and notes, all the usual CRM stuff. But data in Twenty can also be reused with GraphQL and REST APIs. And that's how you can extend Twenty beyond its CRM roots. Eventually, Twenty hopes there will be an active ecosystem of developers working on extensions and plugins to build a proper alternative to the Salesforce product suite. But we're not there yet. "Building a CRM is a daunting task, especially for us because of the way we've chosen to do it. We're building a platform, and we're not taking any shortcut. In fact, we still need to work on workflows, on automation and more," [said Twenty co-founder and CEO Felix Malfait]. "People often don't understand why Salesforce is so big, so powerful," Malfait said. Salesforce's platform utilizes a flexible data model -- a programming language called Apex to execute code on Salesforce's servers and a front-end customization framework. "So when you have these three bricks you can store data, do logic on the back end, and display the result as you like," Malfait said. "It means that you can do everything. And that's what we want to enable in the long term."

Read more of this story at Slashdot.

Long-time Slashdot reader samj — also a long-time Debian developer — tells us there's some opposition to the newly-released Open Source AI definition. He calls it a "fork" that undermines the original Open Source definition (which was originally derived from Debian's Free Software Guidelines, written primarily by Bruce Perens), and points us to a new domain with a petition declaring that instead Open Source shall be defined "solely by the Open Source Definition version 1.9. Any amendments or new definitions shall only be recognized with clear community consensus via an open and transparent process." This move follows some discussion on the Debian mailing list: Allowing "Open Source AI" to hide their training data is nothing but setting up a "data barrier" protecting the monopoly, disabling anybody other than the first party to reproduce or replicate an AI. Once passed, OSI is making a historical mistake towards the FOSS ecosystem. They're not the only ones worried about data. This week TechCrunch noted an August study which "found that many 'open source' models are basically open source in name only. The data required to train the models is kept secret, the compute power needed to run them is beyond the reach of many developers, and the techniques to fine-tune them are intimidatingly complex. Instead of democratizing AI, these 'open source' projects tend to entrench and expand centralized power, the study's authors concluded." samj shares the concern about training data, arguing that training data is the source code and that this new definition has real-world consequences. (On a personal note, he says it "poses an existential threat to our pAI-OS project at the non-profit Kwaai Open Source Lab I volunteer at, so we've been very active in pushing back past few weeks.") And he also came up with a detailed response by asking ChatGPT. What would be the implications of a Debian disavowing the OSI's Open Source AI definition? ChatGPT composed a 7-point, 14-paragraph response, concluding that this level of opposition would "create challenges for AI developers regarding licensing. It might also lead to a fragmentation of the open-source community into factions with differing views on how AI should be governed under open-source rules." But "Ultimately, it could spur the creation of alternative definitions or movements aimed at maintaining stricter adherence to the traditional tenets of software freedom in the AI age." However the official FAQ for the new Open Source AI definition argues that training data "does not equate to a software source code." Training data is important to study modern machine learning systems. But it is not what AI researchers and practitioners necessarily use as part of the preferred form for making modifications to a trained model.... [F]orks could include removing non-public or non-open data from the training dataset, in order to train a new Open Source AI system on fully public or open data... [W]e want Open Source AI to exist also in fields where data cannot be legally shared, for example medical AI. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests. Privacy rules also give a person the rightful ability to control their most sensitive information — like decisions about their health. Similarly, much of the world's Indigenous knowledge is protected through mechanisms that are not compatible with later-developed frameworks for rights exclusivity and sharing. Read on for the rest of their response...

Read more of this story at Slashdot.

Bitwarden describes itself as an "open source password manager for business." But it also made a change its build requirement which led to an issue on the project's GitHub page titled "Desktop version 2024.10.0 is no longer free software." In the week that followed Bitwarden's official account on X.com promised a fix was coming. "It seems a packaging bug was misunderstood as something more, and the team plans to resolve it. Bitwarden remains committed to the open source licensing model in place for years, along with retaining a fully featured free version for individual users." And Thursday Bitwarden followed through with new changes to address the concerns. The Register reports the whole episode started because of a new build requirement added in a pull request a couple of weeks ago titled "Introduce SDK client." This SDK is required to compile the software from source — either the Bitwarden server or any of its client applications... [But the changed license had warned "You may not use this SDK to develop applications for use with software other than Bitwarden (including non-compatible implementations of Bitwarden) or to develop another SDK."] Phoronix picks up the story: The issue of this effectively not making the Bitwarden client free software was raised in this GitHub issue... Bitwarden founder and CTO Kyle Spearrin has commented on the ticket... "Being able to build the app as you are trying to do here is an issue we plan to resolve and is merely a bug." The ticket was subsequently locked and limited to collaborators. And Thursday it was Bitwarden founder and CTO Kyle Spearrin who again re-appeared in the Issue — first thanking the user who had highlighted the concerns. "We have made some adjustments to how the SDK code is organized and packaged to allow you to build and run the app with only GPL/OSI licenses included." The sdk-internal package references in the clients now come from a new sdk-internal repository, which follows the licensing model we have historically used for all of our clients (see LICENSE_FAQ.md for more info). The sdk-internal reference only uses GPL licenses at this time. If the reference were to include Bitwarden License code in the future, we will provide a way to produce multiple build variants of the client, similar to what we do with web vault client builds. The original sdk repository will be renamed to sdk-secrets, and retains its existing Bitwarden SDK License structure for our Secrets Manager business products. The sdk-secrets repository and packages will no longer be referenced from the client apps, since that code is not used there.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Back in May, Google augmented its Gemini AI model with SynthID, a toolkit that embeds AI-generated content with watermarks it says are "imperceptible to humans" but can be easily and reliably detected via an algorithm. Today, Google took that SynthID system open source, offering the same basic watermarking toolkit for free to developers and businesses. The move gives the entire AI industry an easy, seemingly robust way to silently mark content as artificially generated, which could be useful for detecting deepfakes and other damaging AI content before it goes out in the wild. But there are still some important limitations that may prevent AI watermarking from becoming a de facto standard across the AI industry any time soon. Google uses a version of SynthID to watermark audio, video, and images generated by its multimodal AI systems, with differing techniques that are explained briefly in this video. But in a new paper published in Nature, Google researchers go into detail on how the SynthID process embeds an unseen watermark in the text-based output of its Gemini model. The core of the text watermarking process is a sampling algorithm inserted into an LLM's usual token-generation loop (the loop picks the next word in a sequence based on the model's complex set of weighted links to the words that came before it). Using a random seed generated from a key provided by Google, that sampling algorithm increases the correlational likelihood that certain tokens will be chosen in the generative process. A scoring function can then measure that average correlation across any text to determine the likelihood that the text was generated by the watermarked LLM (a threshold value can be used to give a binary yes/no answer).

Read more of this story at Slashdot.

Phoronix's Michael Larabel reports: Germany's Sovereign Tech Fund (STF) is today celebrating its second anniversary for "empowering public digital infrastructure." In the past two years it has invested more than $24.9 million into sixty open technologies. This effort backed by the German government has provided nearly $25 million USD in open-source funding over the past two years. In this time there has been more than 500 submissions proposing over 114 million euros in work. This Sovereign Tech Funding has helped open-source projects provide much needed maintenance to their software, enhance the security posture of the software, and make other open-source improvements in the public interest. You can learn more about the Sovereign Tech Fund via their blog.

Read more of this story at Slashdot.

David Heinemeier Hansson, creator of Ruby on Rails and co-founder and chief technology officer of Basecamp-maker 37signals, has criticized Automattic's demand for 8% of vendor WP Engine's revenues as a violation of open source principles and the GPL license. He argues this, among other things, undermines the clarity and certainty of open source licensing, threatening its integrity beyond WordPress. He writes: Ruby on Rails, the open-source web framework I created, has been used to create businesses worth hundreds of billions of dollars combined. Some of those businesses express their gratitude and self-interest by supporting the framework with dedicated developers, membership of The Rails Foundation, or conference sponsorships. But many also do not! And that is absolutely their right, even if it occasionally irks a little. That's the deal. That's open source. I give you a gift of code, you accept the terms of the license. There cannot be a second set of shadow obligations that might suddenly apply, if you strike it rich using the software. Then the license is meaningless, the clarity all muddled, and certainty lost. Look, Automattic can change their license away from the GPL any time they wish. The new license will only apply to new code, though, and WP Engine, or anyone else, are eligible to fork the project. That's what happened with Redis after Redis Labs dropped their BSD license and went with a commercial source-available alternative. Valkey was forked from the last free Redis version, and now that's where anyone interested in an open-source Redis implementation is likely to go. But I suspect Automattic wants to have their cake and eat it too. They want to retain WordPress' shine of open source, but also be able to extract their pound of flesh from any competitor that might appear, whenever they see fit. Screw that.

Read more of this story at Slashdot.

Boston-based engineer and photographer Wenting Zhang built his own full-frame camera and open-sourced the project on GitLab for anyone else to build upon. The camera, named Sitina S1, features a 10MP CCD sensor, custom electronics, and a 3D-printed body. Digital Photography Review reports: Zhang says he started the project in 2017, and it's not finished yet. "Engineers are usually bad at estimating how long things will take. I am probably particularly bad at that. I expected this project to be challenging, so it would take a bit longer, like probably one year. Turned out my estimation was off," he says. He makes clear to point out that this is a hobby project, purely for fun, and that his camera isn't going to achieve the level of image quality found in commercially available products from established companies. Despite that, his project provides a fascinating look into what's involved in building a camera from the ground up. Although CMOS has become the dominant sensor technology in consumer cameras, owing to factors like speed, lower power consumption and cost, Zhang's camera is built around a 10MP Kodak KAI-11000CM CCD sensor with a global electronic shutter, which he selected for a rather pragmatic reason: it was easy to source. "Most manufacturers (like Sony) aren't going to just sell a sensor to a random hobbyist, so I have to buy whatever is available on eBay. This 10MP CCD turned out to be available," he explains. The choice of sensor has a useful benefit. As he explains in one of his videos, designing and building a mechanical shutter is complicated and beyond his area of expertise, so his DIY design is based on using an electronic shutter. For similar reasons, he chose to use an LCD screen as a viewfinder rather than a prism-based optical design, resulting in a mirrorless camera. Zhang wanted his design to be compatible with existing lenses. His mirrorless design, with a short flange distance, provided a great deal of flexibility to adapt different lenses to the camera, and he's currently using E-mount with active electrical contacts. And that's just the start. Zhang also needed to integrate a CCD signal processor with an ADC (analog to digital converter), a CPU, battery, an LCD screen and buttons. He also designed and built his own circuit board with a power-only USB port, flash sync terminal, power button and SD card slot, and create the software and user interface to tie it all together. Finally, everything fits inside a 3D-printed enclosure that, to my eye, looks rather attractive.

Read more of this story at Slashdot.

An anonymous reader quotes a report from ZDNet: Getting open-source and artificial intelligence (AI) on the same page isn't easy. Just ask the Open Source Initiative (OSI). The OSI, the open-source definition steward organization, has been working on creating an open-source artificial intelligence definition for two years now. The group has been making progress, though. Its Open Source AI Definition has now released its first release candidate, RC1. The latest definition aims to clarify the often contentious discussions surrounding open-source AI. It specifies four fundamental freedoms that an AI system must grant to be considered open source: the ability to use the system for any purpose without permission, to study how it works, to modify it for any purpose, and to share it with or without modifications. So far, so good. However, the OSI has opted for a compromise regarding training data. Recognizing it's not easy to share full datasets, the current definition requires "sufficiently detailed information about the data used to train the system" rather than the full dataset itself. This approach aims to balance transparency with practical and legal considerations. That last phrase is proving difficult for some people to swallow. From their perspective, if all the data isn't open, then AI large language models (LLM) based on such data can't be open-source. The OSI summarized these arguments as follows: "Some people believe that full, unfettered access to all training data (with no distinction of its kind) is paramount, arguing that anything less would compromise full reproducibility of AI systems, transparency, and security. This approach would relegate Open-Source AI to a niche of AI trainable only on open data." The OSI acknowledges that the definition of open-source AI isn't final and may need significant rewrites, but the focus is now on fixing bugs and improving documentation. The final version of the Open Source AI Definition is scheduled for release at the All Things Open conference on October 28, 2024.

Read more of this story at Slashdot.

TechCrunch's Paul Sawers reports: Fledgling fintech startup OpenBB is revealing the next step in its plans to take on the heavyweights of the investment research world. The company is launching a new, free version of a product that will open its arsenal of data and financial tooling to more users. OpenBB is the handiwork of software engineer Didier Lopes, who launched the Python-based platform back in 2021 as a way for amateur investors and enthusiasts to do investment research using different datasets for free, via a command line interface (CLI). The company went on to raise $8.5 million in seed funding from OSS Capital and angel investors such as Ram Shriram, an early backer of Google. While the community-based, open source project has amassed some 50,000 users, OpenBB has also been building an enterprise incarnation called Terminal Pro. This paid version gives teams access to an interface, pre-built database integrations, an Excel add-in, and various security and support bolt-ons that would appeal to larger businesses. [...] The all-new OpenBB Terminal -- not to be confused with the previous CLI-based OpenBB Terminal that the startup sunsetted in March -- is a full-fledged web app, though it strips out many of the premium features of Terminal Pro. It's fully customizable, can run on any operating system or platform, and provides access to an AI-enabled OpenBB copilot. Like the previous OpenBB Terminal, the all-new web app is also free to use. OpenBB Terminal is perhaps something of a middle ground between the CLI centricity of the open source project and the bells-and-whistles feature set of the enterprise product. The OpenBB Terminal serves as a single end point for accessing financial information from some 100 data sources, spanning equity, options, forex, the macro economy, and more. Users can also throw all their new data into the mix -- the community has previously contributed financial datasets such as historical currency exchange rates and crypto pricing data. There are also a slew of extensions and toolkits to bring more functionality to OpenBB -- such as an AI stock analysis agent. Users are free to incorporate their own AI systems and large language models (LLMs), which might be particularly important for security and compliance use cases. But with the OpenBB Copilot, categorized as a "compound AI system," users can run natural-language queries about their data out of the box. While OpenBB has been likened to an "open-source Bloomberg," TechCrunch notes that it's not a direct competitor due to Bloomberg's massive data resources and built-in chat functionality. OpenBB, however, offers flexibility with its open-source platform and customization options. OpenBB filed for a trademark, but Bloomberg has requested an extension to potentially oppose it, despite the company asserting there's no link between OpenBB and Bloomberg's abbreviation "BBG". Lopes says the name originates from BlackBerry stock, where the founders had lost money during the meme stock craze.

Read more of this story at Slashdot.

"For the first time, scientists have created a flexible programmable chip that is not made of silicon..." reports IEEE Spectrum — opening new possibilities for implantable devices, on-skin computers, brain-machine interfaces, and soft robotics. U.K.-based Pragmatic Semiconductor produced an "ultralow-power" 32-bit microprocessor, according to the article, and "The microchip's open-source RISC-V architecture suggests it might cost less than a dollar..." This shows potential for inexpensive applications like wearable healthcare electronics and smart package labels, according to the chip's inventors: For example, "we can develop an ECG patch that has flexible electrodes attached to the chest and a flexible microprocessor connected to flexible electrodes to classify arrhythmia conditions by processing the ECG data from a patient," says Emre Ozer, senior director of processor development at Pragmatic, a flexible chip manufacturer in Cambridge, England. Detecting normal heart rhythms versus an arrhythmia "is a machine learning task that can run in software in the flexible microprocessor," he says... Pragmatic sought to create a flexible microchip that cost significantly less to make than a silicon processor. The new device, named Flex-RV, is a 32-bit microprocessor based on the metal-oxide semiconductor indium gallium zinc oxide (IGZO). Attempts to create flexible devices from silicon require special packaging for the brittle microchips to protect them from the mechanical stresses of bending and stretching. In contrast, pliable thin-film transistors made from IGZO can be made directly at low temperatures onto flexible plastics, leading to lower costs... "Our end goal is to democratize computing by developing a license-free microprocessor," Ozer says... Other processors have been built using flexible semiconductors, such as Pragmatic's 32-bit PlasticARM and an ultracheap microcontroller designed by engineers in Illinois. Unlike these earlier devices, Flex-RV is programmable and can run compiled programs written in high-level languages such as C. In addition, the open-source nature of RISC-V also let the researchers equip Flex-RV with a programmable machine learning hardware accelerator, enabling artificial intelligence applications. Each Flex-RV microprocessor has a 17.5 square millimeter core and roughly 12,600 logic gates. The research team found Flex-RV could run as fast as 60 kilohertz while consuming less than 6 milliwatts of power... The Pragmatic team found that Flex-RV could still execute programs correctly when bent to a curve with a radius of 3 millimeters. Performance varied between a 4.3 percent slowdown to a 2.3 percent speedup depending on the way it was bent.

Read more of this story at Slashdot.

When it comes to professional certifications, the long-running nonprofit Linux Professional Institute boasts they've issued 250,000, making them the world's largest Linux/Open Source certification body. And last week they announced a "strategic alliance" with the Open Source Initiative (OSI), which will now be "participating in development and maintenance of these programs." The announcement points out that the Open Source Initiative already has many distinct responsibilities. Besides creating the Open Source Definition — and certifying that Open Source licenses meet the requirements of Open Source software — the OSI's mission is to "encourage the growth of Open Source communities around the world," which includes "educational and outreach efforts to spread Open Source principles." So the ultimate goal is "strengthening Linux and Open Source communities," according to the announcement, by "nurturing the growth of more highly skilled professionals," with the OSI encouraging more people to get certifications for employers. The Open Source movement "has never been in greater need of educated professionals," says OSI executive director Stefano Maffulli, "to drive the next leap forward in Open Source understanding, innovation, and adoption... "This partnership with LPI is one in a series of initiatives that will increase accessibility to the certifications and community participation that Open Source needs to thrive." And the LPI's executive director says it's their group's mission "to promote the use of open source by supporting the people who work with it. A closer relationship with OSI makes a valuable contribution to this effort." The move "reaffirms the commitment of LPI and OSI to enhance the adoption of Linux and Open Source technology," according to the announcement.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: With the perennial tensions between proprietary and open source software (OSS) unlikely to end anytime soon, a $3 billion startup is throwing its weight behind a new licensing paradigm -- one that's designed to bridge the open and proprietary worlds, replete with new definition, terminology, and governance model. Developer software company Sentry recently introduced a new license category dubbed "fair source." Sentry is an initial adopter, as are some half dozen others, including GitButler, a developer tooling company from one of GitHub's founders. The fair source concept is designed to help companies align themselves with the "open" software development sphere, without encroaching into existing licensing landscapes, be that open source, open core, or source-available, and while avoiding any negative associations that exist with "proprietary." However, fair source is also a response to the growing sense that open source isn't working out commercially. "Open source isn't a business model -- open source is a distribution model, it's a software development model, primarily," Chad Whitacre, Sentry's head of open source, told TechCrunch. "And in fact, it places severe limits on what business models are available, because of the licensing terms." Sure, there are hugely successful open source projects, but they are generally components of larger proprietary products. Businesses that have flown the open source flag have mostly retreated to protect their hard work, moving either from fully permissive to a more restrictive "copyleft" license, as the likes of Element did last year and Grafana before it, or ditched open source altogether as HashiCorp did with Terraform. "Most of the world's software is still closed source," Whitacre added. "Kubernetes is open source, but Google Search is closed. React is open source, but Facebook Newsfeed is closed. With fair source, we're carving a space for companies to safely share not just these lower-level infrastructure components, but share access to their core product." Further reading: As Companies Try 'Open Source Rug Pull', Open Source Foundations Considered Helpful

Read more of this story at Slashdot.

"In the era of the open source rug pull, the role of open source foundations is more important than ever," argues the co-founder of the developer-focused industry analyst firm RedMonk: The "rug pull" here refers to companies that have used open source as a distribution mechanism, building a community and user base, before changing the license to be restricted, rather than truly open source. "This is capitalism, yo. We've got shareholders to satisfy. It's time to relicense that software, move to a Business Source license." [...] Where open source used to be a sustainable commitment, today too often it feels like a short term tactic. Commercial open source isn't what it used to be. Which means that open source foundations, which provide ongoing governance and intellectual property management for open source projects, are in an interesting position, in some cases becoming more adversarial than they historically have been with vendors.... [T]he Apache Software Foundation (ASF) has done a great job of fostering sustainable, commercial, open source for decades now, most notably in the data infrastructure space — think Hadoop, Spark, Kafka, Flink etc. ["[C]ommercial open source would almost certainly never have achieved critical mass and continued success without foundations in the mix," the article notes later. "The ASF was founded in 1999, and underpinned the adoption of open source middleware in the enterprise..."] One premise behind the Cloud Native Computing Foundation (CNCF) is that user organisations can within reason trust it to stand behind the projects it incubates and manages. While not an explicit commitment, adopters generally, and enterprises specifically, have seen the CNCF imprimatur as one that they can rely on. In the era of the open source rug pull this kind of promise becomes even more important.... Sid Sijbrandij, CEO of GitLab has argued that open source companies should commit to an Open Charter as a mechanism to protect users from open source rug pulls. "Open source software isn't useful if people can't rely on the project remaining open source. Adopting Open Charter offers open source users predictability amidst the growing licensing switch trend." With a CNCF project, though, the need for this kind of charter becomes less important, because the code is by design not single source, but has a diverse set of contributors. Which is to say that open source foundations can make rug pulls a lot less likely than adoption of open source technology built by a single company. Relying on benevolent dictators is generally pretty risky. And recently the benevolent dictators have seemed... less benevolent. In conclusion, "Open Source Foundations Considered Helpful," according to the post's title. It does argue that "Any company is within its rights to relicense its software, but it can certainly be problematic from a community and project health perspective. "Which is exactly why open source foundations are more important than ever."

Read more of this story at Slashdot.