Articles about Open Source

Observability is key to allowing organizations to manage their systems effectively, helping improve performance, cut workloads and save money.

Grafana has released its latest Obervability Survey, based on responses from over 300 industry practitioners which shows that 70 percent of teams are using four or more observability technologies.

Continue reading →

When OpenTelemetry was first released in 2019, there was a good deal of excitement about the prospect of a single standard set of telemetry data for the entire modern software stack.

OpenTelemetry set out to make robust, portable telemetry a built-in feature of cloud-native software, and give developers and platform engineers a common mental model for all the telemetry types.

Continue reading →

Tails 6.0, the newest version of the privacy-focused Linux distribution, is now available for download. It is notable for being the first version of Tails to be based on Debian 12 (Bookworm) and use the GNOME 43 desktop environment. This update also introduces a host of new features, security enhancements, and usability improvements, alongside updated versions of the majority of the software included in Tails.

In Tails 6.0, users will find a new error detection feature for the Persistent Storage, which alerts them about errors when reading or writing from the Tails USB stick. This helps in diagnosing hardware failures and prompts users to backup their Persistent Storage before it's too late. The update also brings automatic mounting of external devices. When an external storage device is plugged in, Tails 6.0 mounts it automatically, and if the device contains an encrypted partition, it offers to unlock the encryption automatically.

Continue reading →

The percentage of codebases with high-risk open source vulnerabilities -- those that have been actively exploited, have documented proof-of-concept exploits or are classified as remote code execution vulnerabilities -- increased from 48 percent in 2022 to 74 percent in 2023, according to new research.

The Open Source Security and Risk Analysis (OSSRA) report from Synopsys is based on findings from more than 1,000 commercial codebase audits across 17 industries. While codebases containing at least one open source vulnerability remain consistent year-on-year at 84 percent, significantly more codebases contained high-risk vulnerabilities in 2023.

Continue reading →

In a surprising turn of events, the popular IRC client HexChat has announced its final release, 2.16.2, marking the end of an era for the open-source project. The release, which was made public on February 9, 2024, includes a handful of minor fixes and features that have been in the works over the past two years.

The decision to cease development comes from the project's lead, who revealed that HexChat has been largely unmaintained for several years. Despite the lack of active maintenance, the client continued to be a favorite among many in the IRC community. However, with no one stepping up to take over the reins, the time has come to say goodbye.

Continue reading →

According to a new report by Harvard Business School and University of Toronto researchers,open source contributes trillions of dollars to the global economy. If you look at the direct supply-side valuation for widely used open source software, the valuation is $4.15billion. If you look at the demand-side figures, which cover all the indirect value generated by use of open source, open source software is worth $8.8trillion. When global gross domestic product for 2024 is estimated to be $109trillion, the value of open source comes into far sharper view.

Alongside this valuation, the report authors estimate that -- if open source did not exist -- companies would have to spend around 3.5 times more on their IT and technology investments to get the same results.

Continue reading →

Super Bowl Sunday may be tomorrow, but for Linux nerds, there is something far more exciting than watching the Kansas City Chiefs and San Francisco 49ers play championship football. You see, The Debian project has just released the fifth update to its stable distribution, Debian 12, codenamed “Bookworm.” And so, if you don’t care about NFL Football, Taylor Swift, or her boyfriend Travis Kelce, installing this Linux distribution could be a fun thing to do instead of watching “the big game.”

Version 12.5 of the operating system primarily focuses on implementing corrections for security vulnerabilities and making a few adjustments to address significant issues. Detailed security advisories, which have been previously published, are referenced in this update for users' convenience.

Continue reading →

IBM is launching a new version of its LinuxONE system, engineered to deliver cybersecurity, resiliency, scalability and AI inferencing for hybrid cloud environments, and making the technology more accessible for smaller and medium businesses.

IBM LinuxONE 4 Express is a pre-configured rack mount system designed to extend IBM LinuxONE to startups and small and medium sized businesses and within new data center environments.

Continue reading →

The draft EU Cyber-Resilience Act (CRA), backed by MEPs in July, is intended to reduce the risk of European citizens experiencing data breaches and malicious attacks on their devices. The CRA aims to achieve this by mandating security best practices across Europe’s tech industry. As part of this, it will enforce minimum security standards for end-user tech products sold across the EU, such as IoT devices, desktop computers, and smartphones. 

To realise its goals, the CRA also needs to apply these standards to the software and hardware that make up the supply chains behind end-user products. However, along with commercial solutions within the software supply chain, the CRA is looking to apply these strict security standards to non-commercial open source projects and communities. This could place tens of thousands of volunteers at risk of legal action and do significant harm to the continent’s tech sector. The legislators behind the CRA need to urgently revisit how they treat open source software.

Continue reading →

Closed AI products like Bard and ChatGPT (ironically from OpenAI) have already delivered a practical, powerful chatbot experience and are being employed by many businesses.

Open AI by contrast is still in its early stages and has not seen wide adoption. We spoke to Mike Finley, CTO and co-founder of AnswerRocket, to find out the differences between the two and how they're set to develop.

Continue reading →

The Solus development team has released version 4.5 of the Linux distribution. Code-named “Resilience,” it marks a significant update in the Solus operating system lineup. This release brings forth a ton of enhancements, including updated applications and kernels, revamped software stacks, a new installation experience, and the introduction of an ISO edition with the XFCE desktop environment.

A standout feature of Solus 4.5 is the implementation of the Calamares installer, replacing the Python 2-based os-installer. This transition not only makes installation more straightforward, particularly with filesystems like BTRFS, but it also represents a strategic move away from Python 2. The installer now allows users to customize their partition layout directly, significantly enhancing the installation process.

Continue reading →

Open source software has been around for decades, it's thriving, effective and disrupting in the enterprise more than ever.

We talked to, Cédric Gégout, VP product management at Canonical, to discuss the evolution of open source in the enterprise and protecting its fundamentals for continued success.

Continue reading →

You may have come across the term 'root of trust', it’s a source, such as a hardware module, that can always be trusted within a cryptographic system. The system trusts the keys and other cryptographic information it receives from the root of trust module as always authentic and authorized.

Mostly this involves being tied into a specific vendor, but OpenTitan has developed an open source silicon root of trust for use in for use in data center servers, storage, peripherals, and more.

Continue reading →

Open-source software (OSS) is now so widely used that it is incredibly difficult to find an organization that doesn’t incorporate OSS in some form or another -- whether that be in a standalone open-source product, or more commonly, in the form of OSS packages. Though its usefulness cannot be doubted, the prevalence of this software is exactly what makes it a major target for cyber-attacks.

A prime example of this is Log4j, a popular logging utility used by scores of organizations for recording events such as status reports and errors. In a situation which came to be known as 'Log4shell', a zero-day vulnerability allowed threat actors to compromise systems using malicious code and take control all while remaining undetected. At the time, its impact was described as "enormous" and the implications of its implementation into countless commercial products underlined the inherent vulnerabilities of some open-source technologies when weak points are exposed.

Continue reading →

Many large enterprises still rely heavily on mainframes to offer a reliable and secure basis for their systems.

But as digital transformation efforts gain pace, developers are eyeing frameworks that can boost their modernization efforts. We spoke to Phil Buckellew, president of infrastructure modernization at Rocket Software, to find out how open source software can bridge the divide between modern applications and mission-critical mainframe infrastructure.

Continue reading →