Articles about Open Source

Incident investigations in today's environments such as the cloud, containers and serverless environments can be a challenge. In particular collecting volatile data quickly following an incident to help security teams identify root causes and respond faster.

Cado Security is launching a new new volatile artifact collector tool that allows security analysts to collect a snapshot of volatile data, adding critical context to incident investigations.

Continue reading →

With more open source being consumed than ever before, attacks targeting the software supply chain have increased too, both in frequency and complexity. A new report reveals a 633 percent year on year increase in malicious attacks aimed at open source in public repositories -- this equates to a 742 percent average yearly increase in software supply chain attacks since 2019.

The latest State of the Software Supply Chain Report from Sonatype, released today at the DevOps Enterprise Summit, also finds that 96 percent of open source Java downloads with known-vulnerabilities could have been avoided because a better version was available, but was ignored.

Continue reading →

A year ago we reported on the demise of Microsoft Silverlight and how OpenSilver offered an alternative for those still wanting to run Silverlight apps.

The OpenSilver developers haven't been idle in the meantime and today sees the launch of version 1.1. This allows 99.99 percent reuse of the Silverlight codebase and also guarantees an almost pixel perfect migration.

Continue reading →

Open source has gained enterprise popularity for its decentralized, collaborative approach to software development. By bringing large groups of developers together, it can boost efficiency, visibility and drive the adoption of new technologies.

However, taking a full open-source approach might not be the best fit for smaller enterprises. Dr. William Bain, founder and CEO of ScaleOut Software, cautions that the costs and legal risks associated with going full open source may be too great for smaller software companies. Instead, he recommends a hybrid open and closed-source model, we talked to him to learn more.

Continue reading →

Until today Amazon WorkSpaces cloud desktop solution simply offered the option of either Windows or Amazon Linux machines. Now though Canonical has announced the availability of Ubuntu WorkSpaces on AWS.

This is a fully managed virtual desktop infrastructure (VDI) on the public cloud and the first third-party Linux OS to be available on the platform. It gives developers access to a wide choice of open source tools and libraries in cutting-edge fields like data science, artificial intelligence/machine learning, cloud and internet-of-things.

Continue reading →

The desire for software supply chain integrity and transparency has left many organizations struggling to build in software security measures like signatures, provenance, and SBOMs to legacy systems and existing Linux distributions.

This has prompted Chainguard to produce Wolfi, a new Linux '(un)distribution' and build toolchain, that's been designed from the ground up to produce container images that meet the requirements of a secure software supply chain.

Continue reading →

New data reveals a significant increase in activities to secure open source components and integrate security into developer toolchains in order to protect the software supply chain.

The 13th edition of the Building Security In Maturity Model (BSIMM) report from Synopsys analyzes the software security practices of 130 organizations -- including Adobe, PayPal and Lenovo -- in their efforts to secure more than 145,000 applications built and maintained by nearly 410,000 developers.

Continue reading →

Digital wallet technology is something of a minefield at the moment, but the Linux Foundation may have a solution.

The organization has announced plans to form the OpenWallet Foundation (OWF) which will help to develop open source software to increase interoperability between digital wallets. There is no intention to create new standards, and the OWF will not publish a wallet of its own. Rather, the aim is to bring together a collaborative community to build an open source software engine that can be used by just about anyone to create digital wallets.

Continue reading →

Many companies are currently undertaking digital transformation projects, but while customers are quick to embrace the benefits of a customer experience reshaped by technology they have little patience when that technology doesn't work as expected.

To allow teams to define, monitor and manage modern app stacks to ensure they meet service level objectives (SLOs), Sumo Logic is launching a Reliability Management tool.

Continue reading →

Building software is hard. Building cloud software is even harder because things move much faster -- and require mission-critical reliability and availability. To effectively build software in the cloud, engineering teams need observability, CI/CD, reporting, and lots of tooling. But all of the tools available to engineering teams never quite fit together in a way that provides visibility and consistency. When things go wrong, developers scramble to troubleshoot systems with disparate data and systems.

TechOps teams are in charge of keeping everything running. But poorly integrated toolsets create an environment where teams have several interfaces and data sets to wrangle when operating critical services. Teams often try to solve this problem by creating one-off integrations of out-of-the box tools with internally developed tooling and process. These integrations are generally very shallow, and create a significant maintenance burden and reliability gaps.

Continue reading →

The European Union's relationship with big tech companies has long been a fractious one. Its Digital Markets Act is aimed at reigning in their power and, among other things, it's credited with forcing Apple to adopt the USB-C standard.

In the latest development a number of European governments are working with Nextcloud to create a 'digitally sovereign' office platform, the aim being to help governments regain their independence from a small number of tech giants and allow them to confidently roll out digitization efforts.

Continue reading →

Created and maintained by Chinese developers, deepin has long been considered one of the prettiest Linux-based operating systems. Understandably, due to its development happening in China, many people do not trust the distribution -- especially with biometrics being added. Not to mention the recent dustup over Taiwan and apparent ongoing genocide.

If you are someone that trusts deepin despite its country of origin, however, I have some really exciting news. Today, an official public preview of the upcoming deepin 23 becomes available for download. The developers highlight the inclusion of the new "Linglong" package format, atomic updates, and new repositories.

Continue reading →

Microsoft and Canonical have announced that the .NET development platform is available as a native experience on Ubuntu hosts and container images, starting in Ubuntu 22.04 LTS.

This means .NET developers will be able to start their Linux journey with Ubuntu and will benefit from timely security patches and new releases as the two companies work together to deliver them.

Continue reading →

Amazon, Microsoft, and Google are getting more employees involved in open source than ever before according to new analysis.

A study from Aiven of GitHub, the repository hosting service, finds the total number of active contributors to GitHub from Amazon, Microsoft, and Google has increased by 300 percent in six years -- from 2,654 contributors in May 2016 to 10,549 in May 2022.

Continue reading →

Earlier this month, we shared the news that Ubuntu 22.04.1 LTS (code-named "Jammy Jellyfish") was being delayed. Sadly, the first point release of this wildly popular operating system version was being pushed back an entire week -- an absolute eternity in the world of Linux.

Well, folks, a week has passed, and thankfully, Canonical stayed true to its word (this time) and sorted the show-stopping Ubuntu Linux 22.04.1 issue. Yes, the major bug that caused snaps not to open on computers that used the OEM install option is now resolved. Even better, starting today, Canonical will being prompting Ubuntu 20.04 users to upgrade to Jammy Jellyfish.

Continue reading →