Article: Improving Open-source Software Security for Java Developers

Open Source, Software

Improving Open-source Software Security for Java Developers

Whether it be next-generation supply chain attacks like the Codecov incident or social engineering attempts to deliberately introduce vulnerabilities in the Linux kernel code, threats against developers are consistently evolving and come from least expected places.

The introduction of vulnerable code in an upstream repository or a published release – whether intentional or not, can threaten the security of the wider software supply chain, especially for open-source components that are trusted and consumed by thousands.

Therefore, introducing automatic pre-flight security checks before a component enters the distribution stage can help spread awareness among software publishers and highlight insights that might have otherwise been missed.

Bringing awareness to security issues lurking in applications in this way safeguards the wider software supply chain from known bugs and vulnerable dependencies.

Read full article

Article: Interview: Open Source’s Path From Skunk Works to Mainstream

Hardware, Open Source, Operating Systems, Software

Interview: Open Source’s Path From Skunk Works to Mainstream

“Hello and welcome to seven layers where every episode we look at a different aspect of technology, from literal wires in the ground to switches and routers and all the way up to the exploding amount of smart devices around us.

I’m your host Connor Craven associate studios editor at SDxCentral. This week, we are continuing to look at open source technology. In just a moment, you’ll hear from Deb Bryant, senior director of the Open Source Program Office at Red Hat. If you haven’t listened to our last episode on open source tech, I highly recommend going back and giving it a listen before Deb and I began our conversation. I won’t delay you any longer, please sit back and enjoy my interview with Deb Bryant of Red Hat.”

Read full article

Article: Open Source: More Dominant Than You Think

Open Source, Operating Systems, Software

Open Source: More Dominant Than You Think

Simply, open source software is software that is licensed in a way that allows people to freely use, study, modify, and distribute the software. These open source licenses differ greatly from proprietary software licenses, where only the original owner can copy, alter, or distribute the software.

Since open source refers to a wide variety of software programs, the use cases vary greatly. However, a Red Hat open source enterprise report found open source software is critical to infrastructure networks.

95% of respondents said open source software was strategically important to the enterprise’s overall infrastructure strategy, up from 89% in 2019. Only 42% of respondents report using proprietary software, down from 55% in 2019 and respondents expect that to keep falling — this number is expected to be down to just 32% in two years.

Read full article

Article: Blockchain for Social Good: A Field in Expansion

Blockchain, Decentralized Internet

Blockchain for Social Good: A Field in Expansion

We hope European institutions will support blockchain and other decentralized technologies so that they may contribute their transformative potential towards social justice. In the meanwhile, we are continuing to work with this vision in the P2P Models project, letting our work be guided by this technology so that it may foster collaboration, the commons, and social justice in general. We try to recognize the socio-political potential of the technology we use, without falling in techno-determinist visions. Therefore, when we work with communities we focus on co-designing with them, so that they are the ones leading the technology, rather than the other way around.

Read full article

Penguin: Cloudera Doubles Down, Giving Away All Its Software

Cloud, Software

Cloudera Bucks an Industry Trend, Doubles Down on Open Source

Hadoop wrangler Cloudera has bucked a trend to tighten control of open source code by protecting it under ever more restrictive licences, today announcing plans to go all-in on AGPL and Apache 2.0 licences, make closed licence components of its products open source, and double-down on its Apache Software Foundation (ASF) activity.

The commitment by the US-based enterprise data specialist will extend to its forthcoming Cloudera Data Platform (CDP); the company’s much-awaited joint product with Hortonworks following last year’s $5.2 billion merger (which closed in January this year). Cloudera hopes to emulate Red Hat’s support-based commercial success it said.