Category Archives: Open Source Blog

News about Google’s open source projects and programs

Students announced for Google Summer of Code 2016

2016 Google Summer of Code


It's that time of year again: 1,206 students have been accepted for our 2016 Google Summer of Code! Congratulations all around. We want to thank everyone who applied — it was another competitive year with 178 mentoring organizations receiving 7,543 proposals from 5,107 students.

Now we enter the community bonding period when students get acquainted with their mentors and familiarize themselves with their new community before they begin coding in May. In this period, students will do things like hang out in IRC channels and read documentation, become familiar with the code base and set their deadlines and milestones with their mentors.

If you want to review important dates or learn more about the 178 organizations that the accepted students will be working with over the summer, please visit the program website.

Here's to another exciting and productive summer of contributing to open source.

By Josh Simmons, Open Source Programs Office

CCTZ v2.0 — now with more civil time

Last September we announced an open source project called CCTZ, a C++ library that enables computing with arbitrary time zones. Today we're announcing CCTZ v2.0 which introduces a new civil time library. Civil time is a legally recognized representation of time used by humans (i.e., year, month, day, hour, minute and second). The most common example of a civil time is a time zone independent date. In version 2.0, CCTZ's time zone and new civil time libraries cooperate with the standard C++ <chrono> library to give programmers a complete (and simple!) framework in which to reason about and solve even the most complicated time programming problems.

To learn more, please check out the project page on GitHub. Pay particular attention to the fundamental concepts section which establishes a simple, cross-platform and language agnostic mental model that will help you reason about time programming challenges with ease and confidence. And don't forget to subscribe to the new CCTZ mailing list to ask questions and learn about future announcements.

by Greg Miller and Bradley White, Google Engineering

Google Summer of Code marches on!

Google Summer of Code 2016 (GSoC) is well underway and we’ve already seen some impressive numbers — all record highs!
sun.png
  • 18,981 total registered students (up 36% from 2015)
  • 17.34% female registrants
  • 142 countries
  • 5107 students submitting  7,543 project proposals

Student proposals are currently being reviewed by over 2300 mentors and organization administrators from the 180 participating mentor organizations. We will announce accepted students on April 22, 2016 on the Open Source blog and on the program site.

Last week, members of the Google Open Source Programs team attended FOSSASIA in Singapore, Asia’s premier open technology event, to talk about GSoC and Google Code-in. There, we met dozens of former GSoC and GCI students and mentors who were excited to embark on another great year. To learn more about Google Summer of Code, please visit our program site.


By Stephanie Taylor, Open Source Programs

Google Code-in 2015 Wrap Up: Sustainable Computing Research Group (SCoRe)

For the next several weeks, we will be showcasing wrap up posts from the 12 organizations that participated as mentor organizations for Google Code-in 2015. This week we feature SCoRe, an open source research project based in Sri Lanka.
The Sustainable Computing Research Group (SCoRe) at University of Colombo School of Computing conducts research covering various aspects of wireless sensor networks, embedded systems, digital forensic, information security, mobile applications and e-learning. The goal of our research is to generate computing solutions through identifying low cost methodologies and strategies that lead to sustainability. The solutions we get by sustainable computing research projects conducted at SCoRe lab are important for developing countries like Sri Lanka.

Inspired by our participation in Google Summer of Code (GSoC), for the very first time, SCoRe lab participated in Google Code-in 2015 (GCI), with 13 other open source organizations around the world. We offered 250 claimable task for students and we had 27 mentors, mentoring students who successfully completed 164 tasks! We gained active contributors to SCoRe, from students who contribute to our open source projects even after the contest ended.

The tasks covered code, user interface, research, quality assurance, outreach and documentation. 44 students completed at least one task with us this year and eight students completed at least three tasks with us to earn a GCI t-shirt. Six students completed over ten  tasks each in competition to become grand prize winners.

However among these students we had to choose the ones who we felt had the most impactful contributions. We’d like to congratulate the two grand prize winners from SCoRe: Brayan Alfaro and Anesu Mafuvadze.

Below is a comment received from a student who participated:

“It was my pleasure working with you and the SCoRe Community. This contest helped me to enhance my knowledge in software development...I gained a lot of knowledge through the tasks I did. My mentors guided me every time and I would gladly work with this community in the future. I would love to contribute to you in every possible way.”

We give our special thanks to our mentors who voluntarily worked throughout the contest around their busy schedules and vacation plans. We’d also like to thank all the students who actively participated and contributed to our organization. SCoRe was pleased to be selected as a mentoring organization for GCI 2015 and we hope to participate in both GSoC and GCI again in future!

By Dilushi Piumwardane, GCI mentor, SCoRe

Something different — code up hardware in Google Summer of Code

In 1983, the same year I was born, a company called Altera was founded and created the EP300, their first reprogrammable logic device. The event was considered a major step towards the development of devices we now call “Field Programmable Gate Arrays” or FPGAs for short. In the following 33 years, FPGAs would go from extremely expensive devices found only in high end military and telecommunications equipment, to something even a student can afford.

The EP300 in all it's glory
FPGAs are exciting because they make the development process for hardware the same as software. Developers are able to create designs in a hardware description language (HDL), compile and then use them almost instantly! They make hardware code. Turning hardware into code makes it easy for open source developers to share, collaborate and improve the hardware in ways that would have been extremely hard, or even impossible in the past. 

There were 180 open source organizations accepted to participate in Google Summer of Code 2016 (GSoC), and it is exciting to see several of the organizations using these technologies. I've highlighted some of the different types of hardware coding opportunities in GSoC this year below. (Anything I've missed? Feel free to add it in the comments section below!)

In the area of CPU architectures, OpenRISC and it’s spiritual successor, the RISC-V, are attempting to make a truly open hardware at the most fundamental level. In 2016 you could help this goal via participating in GSoC with either the FOSSi Foundation or lowRISC project.


Not content with the existing HDLs, both the ArchC organization and MyHDL organization (a sub-organization of the Python group), are attempting to make it easier to create these hardware designs. MyHDL is particularly cool because Python is normally considered to be as far away from hardware as you can get.


My own project, TimVideos.us, is using much of the work from these other projects to develop high speed video processing hardware for conference and user group recording (or maybe even video DJing).

Imagine developing hardware in the same way you write code. With FPGAs you can — and GSoC has numerous opportunities to create hardware using this exciting technology. With only 7 days left to submit your application, you better get cracking!


By Tim ‘mithro’ Ansell, Software Engineer on Chrome by day, open source hardware hacker by night

Student applications now open for Google Summer of Code!

Are you a university student looking to learn more about open source software development? Look no further than Google Summer of Code (GSoC) and spend your summer break working on an exciting open source project, learning how to write code.
vertical GSoC logo.jpg
For twelve years running, GSoC gives participants a chance to work on an open source software project entirely online. Students, who receive a stipend for their successful contributions, are paired with mentors who can help address technical questions and concerns throughout the program. Former GSoC participants have told us that the real-world experience they’ve gained during the program has not only sharpened their technical skills, but has also boosted their confidence, broadened their professional network and enhanced their resumes. 

Students who are interested can submit proposals on the  program site now through Friday, March 25 at 19:00 UTC. The first step is to review the 180 open source projects and find project ideas that appeal to you. Since spots are limited, we recommend a strong project proposal to help increase your chances of selection. Our Student Manual provides lots of helpful advice to get you started on choosing an organization and crafting a great application. 

For ongoing information throughout the application period and beyond, see the Google Open Source Blog, join our Google Summer of Code discussion lists or join us on internet relay chat (IRC) at #gsoc on Freenode.

Good luck to all the open source coders out there, and remember to submit your proposals early — you only have until Friday, March 25 at 19:00 UTC to apply!


By Mary Radomile, Google Open Source team

Goodnight Melange

The time has come to say farewell to Melange, the website software which ran Google Summer of Code from 2009 to 2015, and Google Code-in from 2010 to 2014. Both programs have migrated to new websites.

Starting on Thursday, March 31, www.google-melange.com will become a limited static archive of what projects and tasks were completed. It will contain titles, descriptions, and display names, but no other project information. If there is any data from the site you wish to save, you should extract it now. Melange has facilitated over 11,000 students to get involved in open source software development, working on projects big and small. We encourage our users to export the data and keep it alive.

The code for Melange will continue to be open source but Google will not be doing any further development on it. We'd be pleased to hear someone forked the code and continued working on Melange as a new project.

Thanks to everyone who contributed to Melange and kept it running over the past 7 years: Aditi, Akeda, Anatoly, Andrew, Anthony, Arc, Aruna, Ashish, Augie, Chen, Dan, Daniel, David, Denys, Dmitri, Doug, Drew, Felix, Gilles, Jacob, James, Jasvir, Jenn, Johannes, John, Jonn, Kevin, Lennard, Leo, Leon, Madhusudan, Marcelo, Mario, Matthew, Mayank, Nathaniel, Orcun, Pankaj, Pawel, Piotr, Piyush, Praveen, Raul, Robert, Rylan, Savitha, Selwyn, Shikher, Simon, Sriharsha, Suyash, Sverre, Syed, Tim, Tobias, Todd, Vivek and Zachary.

Melange served us well for a long time, and we hope it enjoys its retirement!

By Stephanie Taylor, Open Source Programs


Scalable vendor security reviews

At Google, we assess the security of hundreds of vendors every year. We scale our efforts through automating much of the initial information gathering and triage portions of the vendor review process. To do this we've developed the Vendor Security Assessment Questionnaire (VSAQ), a collection of self-adapting questionnaires for evaluating multiple aspects of a vendor's security and privacy posture.

We've received feedback from many vendors who completed the questionnaires. Most vendors found them intuitive and flexible — and, even better, they've been able to use the embedded tips and recommendations to improve their security posture. Some also expressed interest in using the questionnaires to assess their own suppliers.

Based on this positive response, we've decided to open source the VSAQ Framework (Apache License Version 2) and the generally applicable parts of our questionnaires on GitHub: https://github.com/google/vsaq. We hope it will help companies spin up, or further improve their own vendor security programs. We also hope the base questionnaires can serve as a self-assessment tool for security-conscious companies and developers looking to improve their security posture.

The VSAQ Framework comes with four security questionnaire templates that can be used with the VSAQ rendering engine:


All four base questionnaire templates can be readily extended with company-specific questions.
Using the same questionnaire templates across companies may help to scale assessment efforts. Common templates can also minimize the burden on vendor companies, by facilitating the reuse of responses.

The VSAQ Framework comes with a simple client-side-only reference implementation that's suitable for self-assessments, for vendor security programs with a moderate throughput, and for just trying out the framework. For a high-throughput vendor security program, we recommend using the VSAQ Framework with a custom server-side component that fits your needs (the interface is quite simple).

Give VSAQ a try! A demo version of the VSAQ Framework is available here:

Excerpt from Security and Privacy Programs Questionnaire

Let us know how VSAQ works for you: contact us. We look forward to getting your feedback and continuing to make vendor reviews scalable — and maybe even fun!

By Lukas Weichselbaum and Daniel Fabian, Google Security

New algorithms may lower the cost of secure computing

Here at Google we strive to make computing not only more cost-efficient, faster, and easier but also more secure. Hash functions are essential building blocks in computing, but must be protected against certain inputs. Today, we are open-sourcing 3 new hash function implementations: faster, data-parallel versions of SipHash, a fast cryptographically strong pseudorandom function, and the entirely new HighwayHash, which reaches even higher speeds thanks to the data parallel features of modern computers.

Our first hash function produces the same output as SipHash, but 1.5 times as quickly thanks to AVX-2 instructions. The second improvement uses j-lanes tree hashing to process multiple inputs in parallel, which is 3 times as fast. This technique is known to be secure, but produces different output than the original SipHash and is slightly slower for short inputs.

HighwayHash is based on a new way of mixing inputs with just a few AVX-2 multiply and permute instructions. We are hopeful that the result is a cryptographically strong pseudorandom function, but new cryptanalysis methods might be needed for analyzing this promising family of hash functions. HighwayHash is significantly faster than SipHash for all measured input sizes, with about 7 times higher throughput at 1 KiB.

We believe our efforts represent the current state of the art in high-speed attack-resistant hashing. These new functions can lower the cost of safe and secure computing. We invite everyone to use, study, and analyze the open-source implementations.

By Jan Wassenberg and Jyrki Alakuijala, Google Research