Articles about Open Source

Building software is hard. Building cloud software is even harder because things move much faster -- and require mission-critical reliability and availability. To effectively build software in the cloud, engineering teams need observability, CI/CD, reporting, and lots of tooling. But all of the tools available to engineering teams never quite fit together in a way that provides visibility and consistency. When things go wrong, developers scramble to troubleshoot systems with disparate data and systems.

TechOps teams are in charge of keeping everything running. But poorly integrated toolsets create an environment where teams have several interfaces and data sets to wrangle when operating critical services. Teams often try to solve this problem by creating one-off integrations of out-of-the box tools with internally developed tooling and process. These integrations are generally very shallow, and create a significant maintenance burden and reliability gaps.

Continue reading →

The European Union's relationship with big tech companies has long been a fractious one. Its Digital Markets Act is aimed at reigning in their power and, among other things, it's credited with forcing Apple to adopt the USB-C standard.

In the latest development a number of European governments are working with Nextcloud to create a 'digitally sovereign' office platform, the aim being to help governments regain their independence from a small number of tech giants and allow them to confidently roll out digitization efforts.

Continue reading →

Created and maintained by Chinese developers, deepin has long been considered one of the prettiest Linux-based operating systems. Understandably, due to its development happening in China, many people do not trust the distribution -- especially with biometrics being added. Not to mention the recent dustup over Taiwan and apparent ongoing genocide.

If you are someone that trusts deepin despite its country of origin, however, I have some really exciting news. Today, an official public preview of the upcoming deepin 23 becomes available for download. The developers highlight the inclusion of the new "Linglong" package format, atomic updates, and new repositories.

Continue reading →

Microsoft and Canonical have announced that the .NET development platform is available as a native experience on Ubuntu hosts and container images, starting in Ubuntu 22.04 LTS.

This means .NET developers will be able to start their Linux journey with Ubuntu and will benefit from timely security patches and new releases as the two companies work together to deliver them.

Continue reading →

Amazon, Microsoft, and Google are getting more employees involved in open source than ever before according to new analysis.

A study from Aiven of GitHub, the repository hosting service, finds the total number of active contributors to GitHub from Amazon, Microsoft, and Google has increased by 300 percent in six years -- from 2,654 contributors in May 2016 to 10,549 in May 2022.

Continue reading →

Earlier this month, we shared the news that Ubuntu 22.04.1 LTS (code-named "Jammy Jellyfish") was being delayed. Sadly, the first point release of this wildly popular operating system version was being pushed back an entire week -- an absolute eternity in the world of Linux.

Well, folks, a week has passed, and thankfully, Canonical stayed true to its word (this time) and sorted the show-stopping Ubuntu Linux 22.04.1 issue. Yes, the major bug that caused snaps not to open on computers that used the OEM install option is now resolved. Even better, starting today, Canonical will being prompting Ubuntu 20.04 users to upgrade to Jammy Jellyfish.

Continue reading →

A new study reveals that while 80 percent of enterprises are using open source software (OSS) -- set to rise to 99 percent in the next year -- a mere one percent say they aren't worried about security.

The report from Synopsys, based on research by Enterprise Strategy Group (ESG), shows that in response to high profile supply chain attacks 73 percent of respondents say they have increased their efforts significantly to secure their organizations' software supply chain.

Continue reading →

The power of software supply chain attacks was amply demonstrated by SolarWinds but two years on some organizations are still vulnerable thanks to the use of source code management (SCM) systems.

IBM's X-Force Red ethical hacking team has been able to successfully gain access to SCM systems during an adversary simulation engagement in most cases.

Continue reading →

The Log4j vulnerability first hit the headlines in December last year. Since then we've heard less about it, but it hasn't gone away, like most vulnerabilities it has a long tail.

A recent report from the Cybersecurity Safety Review Board takes a comprehensive look at the vulnerability and what can be learned from it.

Continue reading →

Having previously upset software developers by implementing a ban on the sale of open source software in its app store, Microsoft has reversed its decision.

The company says that it has listened to feedback -- which was vocal and negative -- and has updated the Microsoft Stores Policies, removing references to open source pricing. Microsoft has also clarified just why it put the ban in place.

Continue reading →

System76's "Launch" keyboard has been wildly popular with the Linux community thanks to its open source firmware, ability to be customized, and excellent build quality (it's made in the USA). Many people love the "split" spacebar too. Even though System76 is a Linux-focused company, its keyboard is obviously compatible with Windows and macOS as well.

The Launch keyboard uses a USB-C connector to interface with the host computer, but you can utilize either a USB-C to USB-C or USB-C to USB-A cable to connect it -- depending on what ports you have available. Launch even serves double-duty as a USB hub, allowing you to plug USB devices directly into it. And yes, the keyboard features RGB lighting too.

Continue reading →

The UK government committed itself to using more open source software in its Technology Code of Practice published in 2021, but 38 percent of government tech workers in a new study say they still don't use any open source software in their department.

On a more positive note the research from data management company Aiven shows 71 percent of UK government tech workers report the Government is now using more open source software compared to five years ago.

Continue reading →

Code visibility platform CodeSee is launching a new online community for developers of all skill levels to help them learn, contribute, explore, and connect across the globe.

Open Source Hub (OSH) provides developers tools to onboard and understand the massive amount of code in an open source project, making it easy to contribute, collaborate, and make a meaningful contribution.

Continue reading →

According to new research only three percent of 'critical' code vulnerabilities are attackable, which means developers should be able to better prioritize efforts and significantly reduce their workload.

The study from automated security testing firm ShiftLeft finds that focusing on the three percent allows teams to greatly speed up and simplify efforts. ShiftLeft saw a 37 percent improvement from last year in mean time to remediate new vulnerabilities with a median scan time of 1 minute 30 seconds.

Continue reading →

The widespread use of open source software within modern application development leads to significant security risks, according to a new report.

The research from developer security firm Snyk and the Linux Foundation finds 41 percent of organizations don't have high confidence in their open source software security.

Continue reading →