An up-to-date overview of free software and its makers
Projects on the Move
The final release of the Songbird web player hits the tightly packed music player scene. With the same extensibility common to the Mozilla family, Songbird gets ready to find its niche and ruffle some feathers.
Web browsers and music players are some of the most commonly used desktop applications. Viewed superficially, the two software types did not appear to be directly linked, until Mozilla's Songbird entered the scene.
Wanderer Between the Worlds
Version 1.0 of Songbird , which took one and a half years to complete, is referred to by its developers as a "web player." At first glance, the software looks like any other music player, although it is unusual in that it relies on XULRunner  (Figure 1). This Mozilla runtime environment, which all applications from this vendor rely on, resides above other Internet tools, like browsers or mail clients. However, the underpinnings offer one major benefit: like Firefox and Thunderbird, Songbird also runs natively on almost any operating system, including Windows, Mac OS, Solaris, and, of course, Linux.
Songbird's basic functionality is similar to that of other music players. When launched, it prompts the user for the directory containing the digital music collection and adds any tracks it finds there to its own media store. To play, users can then select songs individually, by genre, artist, or album.
Songbird also supports playlists. Just like other players, the program distinguishes between static and intelligent, dynamic lists. Users manually add tracks to the former and save the results for future use. In contrast, intelligent playlists automatically play tracks that fulfill criteria defined by the user. This can be a specific artist or album, but just as easily the last played date, the origin of the file, or the date on which a track was added to the collection.
Songbird works around the package management system by default: The developers simply provide a tarball that includes all required libraries. The libraries include XULRunner and the GStreamer  multimedia framework, including codec plugins for MP3, AAC, OGG Vorbis, FLAC, and WMA music formats.
The package leaves no dependencies to be resolved, but it does weigh in at a bulky 30MB. Because XULRunner and GStreamer are preinstalled on many desktop systems, this duplicate installation is inefficient and very much opposed to the Linux package management system philosophy. Distribution-specific Songbird packages for Fedora, Ubuntu, Gentoo Linux, and Open Solaris  resolve the problem. Compared with the official tarball, the two programs use only half the disk space. Songbird is licensed under the GPL, and the source code for the program is accordingly available for download if you need it.
Songbird's interface shows its kinship with Firefox. The Tools menu resembles the other members of the Mozilla family to a T. This leads to another similarity: The Add-ons item takes the user to a plugin structure that can be used to extend Songbird's functionality almost infinitely. The Get Extensions link opens the subpage on the Songbird site directly. This does not mean launching the browser; instead, a new tab displays the website directly in the player program (Figure 2). This is where the XULRunner foundations come into their own: They easily display websites with very little programming.
The variety of plugins available for Songbird extends its functionality, making it an all-around app, like the Firefox browser. For example, installing Meshtape gives you information, pictures, and videos of the artist while a track plays; the add-on draws on services such as Flickr, YouTube, and Last.fm for these resources.
A separate plugin for the Last.fm Web 2.0 music application will transfer tracks you play to your online profile and receive recommendations for your own playlist via the same route, if you so desire.
Songbird can use SHOUTcast to access online radio stations; other plugins support portable MP3 players, including Apple's iPod, which is not renowned for its compatibility.
New release comes with better semantic search and improvements to Kontact.
Annual code quality report shows FOSS is more secure at all project size levels.
A new class of problems lets a malicious app pre-configure an invisible privilege update.
New Hack language adds static typing and other conveniences.
New crypto policy system will offer easier configuration and more uniform security.
Ubuntu founder denounces insecurity in proprietary, close-source software blobs.
Vulnerability affects many Linux web servers