Language Selection

English French German Italian Portuguese Spanish

Is open source software bad for business?

Filed under
OSS

One security outfit which conducted a study into the use of open source software in the enterprise, the results of which are published today, seems to think so. It states that "Open Source Software (OSS) development communities have yet to adopt a secure development process and often leave dangerous vulnerabilities unaddressed."

New data from Fortify Software suggests that the rising adoption of open source software within the enterprise is putting the average business at far greater risk than it should.

The Open Source Security Study has just been published and reveals that some of the most widely-used open source software used within the business environment are leaving users exposed to a "significant and unnecessary business risk."

As well as insisting that OSS development communities do not adopt a secure development process that follows software security best practise, and therefore often leaves potentially dangerous vulnerabilities unaddressed, Fortify goes on to charge that "nearly all" such OSS communities are also failing to provide users access to the kind of security expertise that could help remedy the vulnerabilities and risks that remain.

The survey, which was undertaken by application security consultant Larry Suto, looked at a total of just 11 of the most common Java open source packages.

More here




More in Tux Machines

Snappy Open House Is Your Chance to Get Familiar with Ubuntu Snappy

Nicholas Skaggs had the great pleasure of announcing a couple of days ago yet another innovation from Canonical, Snappy Open House, a new way for Ubuntu developers, contributors, and members of the community to get familiar with the Snappy technology created by Canonical for its Ubuntu Linux operating system. Read more Also: First Ubuntu Snappy Open House Announced, UbuCon Germany Planning Continues

Linux 4.2 Bringing Support For ARCv2, HS38 CPU Cores

The ARC architecture updates for the Linux 4.2 kernel have landed. With the ARC architecture updates in Linux 4.2 comes support for HS38 cores, which in turn are based on the Synopsys next-gen ISA known as ARCv2. The ARCv2 ISA is faster and more feature-rich than their original instruction set architecture. The HS38 cores have a 10-stage pipeline core with MMU support, SMP up to four cores, and other new features. The HS38 processor is still 32-bit and is "optimized for high-performance embedded applications running Linux." Read more Also: Radeon & AMDGPU DRM Fixes Queue Up For Linux 4.2

Ubuntu Touch OTA-5 Will Bring a New Thumbnailer in Unity 8, Support for Refunds

Canonical's Alejandro J. Cura had the great pleasure of reporting a few hours ago that the upcoming OTA-5 update for the Ubuntu Touch mobile operating system will get some attractive new features in the Unity 8 user interface. Read more

The July 2015 issue of the PCLinuxOS Magazine

With the exception of a brief period in 2009, The PCLinuxOS Magazine has been published on a monthly basis since September, 2006. The PCLinuxOS Magazine is a product of the PCLinuxOS community, published by volunteers from the community. The magazine is lead by Paul Arnote, Chief Editor, and Assistant Editor Meemaw. The PCLinuxOS Magazine is released under the Creative Commons Attribution-NonCommercial-Share-Alike 3.0 Unported license, and some rights are reserved. Read more