Article: Open-source software: freedom from ethics?

Open Source, Software

Open-source software: freedom from ethics?

Open-source software is distributed with a licence that generally allows anyone to use, study, change, or share its source code, without restrictions on how the software is used or by whom. The Open Source Initiative, which governs the most widely used open-source licences, even goes so far as to say that this means “giving evil people freedom, too.” Supporters of the Hippocratic Licence and other ethical licences like it believe it is time for programmers to take a less passive approach.

“It’s time for open-source to grow up and start taking responsibility for how it’s being used. We can’t stick to these […] libertarian ideals of ultimate freedom, when we exist in a society where the work that we do impacts others, sometimes in devastating ways,” said Ehmke. “I love the way open-source has transformed the world, and I think it has potential to continue. But we have to get our house in order.”

Read full article

Article: AppSec Decoded: What are organizations doing to manage open source vulnerabilities?

Cyber-Security, Open Source, Software

AppSec Decoded: Managing open source vulnerabilities | SynopsysAppSec Decoded: What are organizations doing to manage open source vulnerabilities?

One of the most important data points from the survey is that on average, open source code is present in 70% of codebases. This highlights how easy it is for hackers to exploit today’s open source vulnerabilities, and it reinforces the importance of DevSecOps and open source management practices.

So what can organizations do to manage open source vulnerabilities in their codebases? One thing is clear: implementing policies to govern the use of open source and integrating application security testing tools is vital.

Read full article