Language Selection

English French German Italian Portuguese Spanish

Is open source software bad for business?

Filed under
OSS

One security outfit which conducted a study into the use of open source software in the enterprise, the results of which are published today, seems to think so. It states that "Open Source Software (OSS) development communities have yet to adopt a secure development process and often leave dangerous vulnerabilities unaddressed."

New data from Fortify Software suggests that the rising adoption of open source software within the enterprise is putting the average business at far greater risk than it should.

The Open Source Security Study has just been published and reveals that some of the most widely-used open source software used within the business environment are leaving users exposed to a "significant and unnecessary business risk."

As well as insisting that OSS development communities do not adopt a secure development process that follows software security best practise, and therefore often leaves potentially dangerous vulnerabilities unaddressed, Fortify goes on to charge that "nearly all" such OSS communities are also failing to provide users access to the kind of security expertise that could help remedy the vulnerabilities and risks that remain.

The survey, which was undertaken by application security consultant Larry Suto, looked at a total of just 11 of the most common Java open source packages.

More here




More in Tux Machines

San Francisco Open Source Voting System Project Continues On

At the February 15 Elections Commission meeting, the Elections Commission voted unanimously to ask the Mayor's Office to allocate $4 million towards initial development of the open source voting project for the 2018-19 fiscal year (from Aug. 2018 - July 2019). This would go towards initial development once the planning phase is complete. Read more

Detailed change log for deepin 15.4 RC

deepin is a Linux distribution devoted to providing beautiful, easy to use, safe and reliable system for global users. After public test of deepin 15.4 Beta, we have received a lot of suggestions and feedback, we adopted part of them and fixed a lot of problems. Read more

GNOME 3.24: New Linux desktop is fast, responsive

I’ve been a fan of the work of the GNOME team for quite some time. They put together one heck of an excellent Linux desktop environment. But of late, I’ve found myself gravitating towards some of the more lightweight environments. MATE (which is a forked version of GNOME 2) and xmonad. I like my systems to be light on resource usage and highly responsive—those are two absolutely critical things for the way I use my computers. With this week’s release of GNOME 3.24, I decided to jump back into the world of modern GNOME desktops and kick the tires again. In order to give it the best possible shot, I did a clean install of openSUSE Tumbleweed (the rolling release version of openSUSE) and then installed GNOME 3.24 on top of it. (Side note: 3.24 was not yet available in the default repositories when I wrote this article, but it should be shortly.) Read more Also: Applying to Outreachy and GSoC for Fedora and GNOME

OpenSuse Leap Reinforces Linux Faith

Leap is a solid performer. I had no trouble installing it on MBR and EFI systems. Secure Boot tends to be buggy with some configurations, but it was incident-free with this installation. The bootloader handles multiboot with other Linux distributions or Windows fairly trouble-free. Installation is routine, thanks to the graphical format used. Only 64-bit versions are available for x86 computers, which limits access to legacy hardware in the 32-bit machines. ARM ports are available if you can track them down through the project's wiki. Read more