Articles about Open Source

A new study reveals that while 80 percent of enterprises are using open source software (OSS) -- set to rise to 99 percent in the next year -- a mere one percent say they aren't worried about security.

The report from Synopsys, based on research by Enterprise Strategy Group (ESG), shows that in response to high profile supply chain attacks 73 percent of respondents say they have increased their efforts significantly to secure their organizations' software supply chain.

Continue reading →

The power of software supply chain attacks was amply demonstrated by SolarWinds but two years on some organizations are still vulnerable thanks to the use of source code management (SCM) systems.

IBM's X-Force Red ethical hacking team has been able to successfully gain access to SCM systems during an adversary simulation engagement in most cases.

Continue reading →

The Log4j vulnerability first hit the headlines in December last year. Since then we've heard less about it, but it hasn't gone away, like most vulnerabilities it has a long tail.

A recent report from the Cybersecurity Safety Review Board takes a comprehensive look at the vulnerability and what can be learned from it.

Continue reading →

Having previously upset software developers by implementing a ban on the sale of open source software in its app store, Microsoft has reversed its decision.

The company says that it has listened to feedback -- which was vocal and negative -- and has updated the Microsoft Stores Policies, removing references to open source pricing. Microsoft has also clarified just why it put the ban in place.

Continue reading →

System76's "Launch" keyboard has been wildly popular with the Linux community thanks to its open source firmware, ability to be customized, and excellent build quality (it's made in the USA). Many people love the "split" spacebar too. Even though System76 is a Linux-focused company, its keyboard is obviously compatible with Windows and macOS as well.

The Launch keyboard uses a USB-C connector to interface with the host computer, but you can utilize either a USB-C to USB-C or USB-C to USB-A cable to connect it -- depending on what ports you have available. Launch even serves double-duty as a USB hub, allowing you to plug USB devices directly into it. And yes, the keyboard features RGB lighting too.

Continue reading →

The UK government committed itself to using more open source software in its Technology Code of Practice published in 2021, but 38 percent of government tech workers in a new study say they still don't use any open source software in their department.

On a more positive note the research from data management company Aiven shows 71 percent of UK government tech workers report the Government is now using more open source software compared to five years ago.

Continue reading →

Code visibility platform CodeSee is launching a new online community for developers of all skill levels to help them learn, contribute, explore, and connect across the globe.

Open Source Hub (OSH) provides developers tools to onboard and understand the massive amount of code in an open source project, making it easy to contribute, collaborate, and make a meaningful contribution.

Continue reading →

According to new research only three percent of 'critical' code vulnerabilities are attackable, which means developers should be able to better prioritize efforts and significantly reduce their workload.

The study from automated security testing firm ShiftLeft finds that focusing on the three percent allows teams to greatly speed up and simplify efforts. ShiftLeft saw a 37 percent improvement from last year in mean time to remediate new vulnerabilities with a median scan time of 1 minute 30 seconds.

Continue reading →

The widespread use of open source software within modern application development leads to significant security risks, according to a new report.

The research from developer security firm Snyk and the Linux Foundation finds 41 percent of organizations don't have high confidence in their open source software security.

Continue reading →

As we reported a few weeks ago, OpenSSF in conjunction with the White House and others has launched a 10-point plan and funding with the aim of improving the security of the software supply chain.

OpenSSF has also announced a number of new members including premier members, Atlassian and Sonatype, who will join the OpenSSF governing board.

Continue reading →

White House officials, The Linux Foundation, OpenSSF and 37 private sector tech companies have announced a 10-point open source and software supply chain mobilization plan and $150 million of funding over two years.

At a summit meeting yesterday several participating organizations came together to collectively pledge an initial tranche of funding towards implementation of the plan. Those companies are Amazon, Ericsson, Google, Intel, Microsoft, and VMWare, pledging over $30M.

Continue reading →

In recent years we've seen a trend towards attacks targeting the software supply chain rather than being directly against businesses.

Attacks can include poisoning the software components, stealing secrets to compromise an account, or modifying code repositories to allow for exploits.

Continue reading →

Open source adoption rates are growing globally, with non-propriety code proving to be both efficient and cost-effective for a variety of organizations. Approximately 82 percent of IT decision-makers are more likely to choose a vendor that actively gives back to the open source community, according to a recent report from Red Hat. ­In the UK in particular, much of the reason for this open source drive is down to increased public cloud usage, the growing demand for rapid digital transformation and a greater understanding of open source’s cybersecurity resilience. 

To help continue this open source upsurge in a sustainable manner, organizations utilizing the technology need to be contributing back to the community, to best enable the development of the technology. 

Continue reading →

Open source software provides much of the backbone of our digital society. Yet many of the developers and maintainers working on some of the most critical projects embedded across networks and products remain unpaid or underpaid.

To help address this, Backend-as-a-Service (BaaS) platform Appwrite is launching a new Open Source Software Fund (OSS Fund), which will award $50,000 in its first year to open source maintainers whose projects provide the very foundation for today's digital infrastructure but who aren't being compensated as such.

Continue reading →

Microsoft has released a number of programs as open source over the years, and today it digs deep into its back catalog to make 3D Movie Maker freely available to all.

First released in 1995, 3D Movie Maker lets you put together animated scenes using 3D characters, props, backgrounds, text, sound, and special effects. This release also comes with a build of BRender from Argonaut software. While it’s a welcome move, you shouldn’t get too excited by today’s news because there is a catch.

Continue reading →