Facebook’s open source library has grown to 9.9M lines of code

Facebook loves to share how much it likes open source, and the social network has followed through on that note with a status update on its activities this year.

Here’s a rundown, by the numbers:

• Launched 63 new projects since January 2014
Total active Github portfolio stands at exactly 

• 200 for projects spread across Facebook, Instagram and Parse

• Facebook’s open source projects have seen 13,000 total commits, an increase of 45 percent from the second half of 2013.

• Projects collectively have netted 20,000 forks and 95,000 followers.

• Facebook’s total open source library stands at approximately 9.9 million lines of code.

The Menlo Park, Calif.-based company highlighted a number of its more popular projects in a blog post on Friday, putting user interface Javascript library React and iOS/OS X animation engine Pop in the spotlight.

The latter has played a large role in a pair of other Facebook projects with which end users might be more familiar.

That would be the first two projects rolled out from Facebook’s Creative Labs department: digital news reader app Paper and Snapchat-competitor Slingshot.

Facebook engineers revealed Pop “spawned a host of extensions and integrations, including the iOS version of our very own Slingshot.” Pop has also grown to become Facebook’s second most popular open source project ever.

Looking forward, Facebook is following through on some of the products it unveiled to developers at F8 in San Francisco back in April. One product making its way out the door today in beta access is Display Node, Facebook’s open source asynchronous UI framework.

Source: ZD Net

MIT researchers bring Javascript to Google Glass

Open Source Wearscript puts Javascript on Google Glass, with many new, and some unexpected, input choices.

Earlier this week, Brandyn White, a PhD candidate at the University of Maryland, and Scott Greenwald, a PhD candidate at MIT, led a workshop at the MIT Media Lab to showcase an open source project called WearScript, a Javascript environment that runs on Google Glass. The category of wearables is still evolving. Besides activity trackers and smartwatches, the killer wearable app is yet to be discovered because wearables don’t have the lean back or lean forward human-machine interface (HMI) of tablets and smartphones. Wearscript lets developers experiment with new user interface (UI) concepts and input devices to push beyond the HMI limits of wearables.

The overblown reports of Google Glass privacy distract from the really important Google Glass discussion – how Glass micro apps can compress the time between user intent and action. Micro apps are smaller than apps and are ephemeral because they are used in an instant and designed to disappear from the user’s perception once completing their tasks. Because of the Glass wearable form factor, micro apps deviate from the LCD square and touchscreen/keyboard design of smartphone, tablet, and PC apps, and are intended to be hands-free and responsive in the moment. Well-designed Glass apps employ its UI to let the user do something that they could not otherwise do with another device. Glass’s notifications are a good example of this; want to get breaking news or preview important email without interruption from a phone or PC? Tilt your head up slightly and capture it in a glance, but if you want to read the news or give a detailed response to an email – better to pick up a smartphone, tablet or PC. The best consumer-facing Google Glass experiences highlight how apps can leverage this micro app programmable wearable form factor.

Early on during the MIT Media Lab workshop, White demonstrated how Glass’s UI extends beyond its touchpad, winks, and head movements by adding a homemade eye tracker to Glass as an input device. The camera and controller were dissected from a $25 PC video camera and attached to the Glass frame with a 3D-printed mount. A few modifications were made, such as replacing the obtrusively bright LEDs with infrared LEDs, and a cable was added with a little soldering. The whole process takes about 15 minutes for someone with component soldering skills. With this eye tracker and a few lines of Wearscript, the researchers demonstrated a new interface by playing Super Mario on Google Glass with just eye movements.

To this audience of software engineers, wearable enthusiasts, students, and hardware hackers, repurposing an inexpensive device with some hacking and soldering is not unusual. But the impact of the demonstration set the tone for rethinking Glass apps with Wearscript and unconventional Glass input devices.

For more information follow the source link below.

Source: Network World

POPCORN TIME: Open Source Torrent Streaming

Popcorn Time, a cross-platform and BitTorrent-powered movie streaming app, may very well be Hollywood’s worst nightmare. The software can be best described as a Netflix for pirates, allowing users to stream the latest blockbusters at no cost. TF talks to one of the developers to find out how the app came about.

Over the years BitTorrent has become fairly mainstream, with hundreds of millions of people using torrent clients to download the latest entertainment.

Despite its popularity the downloading process can be cumbersome at times, especially for novices. Faced with this challenge Sebastian, a designer from Buenos Aires, Argentina, decided to come up with a piece of software that would make the process as easy as Netflix.

“As a designer I love the challenge of simplification. Take something hard for the common user and make it usable. I have a lot of friends who don’t understand torrents and I wanted to make it easy and effortless to use torrent technology,” Sebastian tells Torrent Freak.

What started out as an experiment for a group of friends soon developed into something much bigger. Popcorn Time now has 20 collaborators on Github and continues to expand at a rapid pace. Developers from all over the world have added new features and within 24 hours it was translated into six languages.

Sebastian explains that Popcorn Time uses node-webkit and is available for Windows, Mac and Linux. It’s basically a browser that uses HTML, CSS and JavaScript to serve the movie streams.

“The technology behind the app is very simple. We consume a group of APIs, one for the torrents, another for the movie info, and another for the poster. We also have an API for the subtitles. Everything is automated, we don’t host anything, but take existing information and put it together,” Sebastian says

The torrent files all come from YTS (formerly YIFY), which has an API Popcorn Time taps into. The application can search this database and allows users to stream the torrent on demand. When finished the app will continue to share for a while after the download is finished, to avoid leeching.

For more information and details follow the source link below.

Source: Torrent Freak

Link: Popcorn Time

iOS Mobile Banking Apps Vulnerable to Man in the Middle Attacks

It’s mighty convenient to load up a mobile banking app with a slick interface as opposed to logging into the website via your smartphone’s web browser, but in doing so, you may inadvertently be putting yourself at a greater risk of so-called mail-in-the-middle attacks, hijack attempts, and other unfriendly behavior. A recent study suggests that mobile banking apps for iOS may be less secure than you think.

A researcher at IOActive tested 40 mobile apps from 60 of the leading banks from around the world. His various tests covered transport security, compiler protection, UIWebViews, insecure data storage, logging, and binary analysis. What he found is pretty alarming.

Some 40 percent of the audited apps did not validate the authenticity of SSL certificates presented, which makes them susceptible to man-in-the-middle attacks. Almost all of them — around 90 percent — contained several non-SSL links throughout the application. According to IOActive, this allows an attacker to intercept the traffic and inject arbitrary JavaScript and HTLM code in an attempt to create a fake login prompt or some other similar scam.

The list of vulnerabilities goes on, such as half of the apps being found susceptible to JavaScript injections via insecure UIWebView implementations.

“Home banking apps that have been adapted for mobile devices, such as smartphones and tablets, have created a significant security challenge for worldwide financial firms. As this research shows, financial industries should increase the security standards they use for their mobile home banking solutions,” the report concludes.

Source: Hot Hardware