Farmers Fight For Right To Repair Their Own Equipment – Food Tank

The Right to Repair (R2R) movement is helping farmers protect their right to fix their own farm equipment without facing legal repercussions.

The R2R movement lobbies for repair-friendly legislation, standards, and regulations through organizations like the Repair Association. The Association advocates for guaranteeing property rights, obtaining equal access to information, non-discriminatory pricing of parts and tools, and unlocking software.

Were trying to maintain our consumer rights which means wed still like to be able to repair and modify our tractors just like our dad, grandfather, and great grandfather did years ago, says Kevin Kenney, an Alternative Fuel Systems Engineer at Grassroots Energy LLC, and a member of the R2R movement, tells Food Tank President Danielle Nierenberg on Food Talk Live.

The R2R movement is confronting corporations like John Deere who control machinery that farmers use. These companies prevent farmers from repairing equipment such as tractors and instead force farmers to hire outside contractors. According to Kenney, this can cost farmers up to US$150 an hour.

Kenney explains that corporations are able to do this through tactics such as lengthy Extended Use License Agreements (EULAs). Companies argue that farmers who sign these EULAs do not own their tractors, but receive alicense to operate the vehicle. This forces farmers to comply with the manufacturers instructions and prevents them from repairing either the equipment or the software on their own.

Kenney tells Food Tank, with major equipment manufacturersthey make us sign these [EULA]s; and its just like your cell phone where you have the right to use your cell phone but you dont really own it.

One of the main concerns of the R2R movement is aging farm equipment, often called legacy equipment. When manufacturers introduce new software, they often stop supporting the old version, making it nearly impossible for farmers to repair existing equipment.

The problem that we are having is if [manufacturers] decide to quit supporting [equipment] with software, we cant get it fixed, Kenney tells Food Tank.

This practice forces farmers to buy new software and equipment, which can reach up to US$600,000 dollars.

The cost does not only force current farmers to invest in costly new equipment or repairs to continue their work. Kenney explains that it also acts as a barrier for young farmers who lack access to capital to acquire these technologies when starting their farms.

But while the R2R movement fights for the right to own and repair farm equipment, companies are pushing back. John Deere argues that the R2R movement puts farmers safety at risk and violates intellectual property rights.

In response to this criticism, many farmers are using the auto industrys Memorandum of Understanding to show that the right to repair is possible. In 2014, car manufacturers voluntarily agreed to make the same information and tools they provide to franchised dealers available to independent repair shops.

Kenney asks, If you can fix your car or truck, why not your tractor?

Kenney and other members of the R2R movement are also advocating for open source software, which gives users freedom to share, study, and modify software. Kenney is currently working with the Free Software Foundation to create open source resources for farmers.

To date, 35 states have proposed R2R legislation, demonstrating that farmers want to learn how to fix their own equipment and build on-farm ingenuity, according to Kenney.

Kenney is urging both urban and rural communities to come together to support farmers in this movement and distribute power from large companies to the many. Were tired of this urban versus rural split, Kenney tells Food Tank.

The fact that you are taking business away from the very very few and offering up assistance to 50-60,000 farmers [in Nebraska]How could that be a bad thing?

Photo courtesy of Unsplash.com

Original post:
Farmers Fight For Right To Repair Their Own Equipment - Food Tank

Open Source The Path To Software Riches For IBM i – IT Jungle

December 2, 2020Alex Woodie

For what is supposed to be a proprietary platform, the IBM i server sure has a lot of open source software running on it. In recent months, it appears that the majority of new programs introduced to IBM i are open source in nature. That pattern shows no signs of changing any time soon, according to a recent report by OpenLogic.

Open software has existed on the IBM i platform for many years. The first highly publicized dip into the open source well occurred in 2005, when IBM partnered with a company called Zend to bring its PHP runtime to the iSeries and the i5/OS. That Zend open source lineage now lives on at Perforce thanks to its 2019 acquisition of Rogue Wave, which acquired an open source software company called OpenLogic back in 2013.

OpenLogic provides professional technical support for hundreds of open source packages, from CentOS and Docker to MariaDB and Kubernetes. Among the open source support packages it offers are the ones to support enterprise versions of the Zend runtime for IBM i and associated tooling, such as Z-Ray code inspector, which are only available from Perforce.

But OpenLogic is a supporter of open source in general, including specifically on IBM i. In its November white paper Advantages of Open Source on IBM i, OpenLogic makes a strong case for the adoption of open source software on the platform.

In May of 2018, IBM released its support for the open source package management (rpm/yum) ecosystem on IBM i, OpenLogic wrote. Since then, the availability and adoption of open source on the platform has been growing at a healthy clip.

In fact, IBM has done the work to bring more than 400 open source packages to IBM i via the RPM and Yum methods, according to OpenLogic. [T]he availability of open source on IBM i continues to grow at a break-neck pace, it writes.

In addition to adopting the same RPM and Yum software delivery methods that are widely used in the open source community, another reason for the open source surge is the availability of the PASE environment.

PASE, of course, is the AIX runtime that enables AIX applications to run with little to no changes on the IBM i server. Its essentially an operating system within an operating system, and it opens up another path for getting software onto IBM i.

As OpenLogic explains, the PASE environment is quite complete:

PASE runs on top of the same hardware as IBM i and programs running within PASE have access to IBM i items such as Db2 resident data, programs (RPG, Cobol, CL), commands, data areas, and data queues (to name a few) via the syscall interface between PASE and the TIMI layer of IBM i, OpenLogic writes. This enables the implementation of *NIX-like applications within PASE that have native access to IBM i resources while being able to leverage the benefits of POWER Systems including processor allocation strategies, such as shared processors, memory sharing, and I/O performance.

While PASE provides the runtime mechanism and RPM/Yum the distribution mechanism for bringing existing apps to the platform, open source also provides fertile soil upon which developers can create brand spanking new applications for IBM i.

The path to open source riches is widened with the availability of the iAMP stack. (Image courtesy OpenLogic)

Specifically, OpenLogic mentions the popular LAMP stack, which the broader open source community is quite familiar with. LAMP, of course, refers to the combination of the Linux OS, Apache Web Server, MariaDB, and PHP. Most of these can run on IBM i, including Linux, but that OS isnt necessarily necessary.

A simple install of PHP and MariaDB and you have your own variant of the LAMP stack referred to as iAMP the same Apache Web Server, the same MariaDB open source database, the same PHP scripting language as other platforms, OpenLogic writes, just a better operating system than any other platform offers and the solutions on top of the stack again that run unchanged.

A key element of the IBM i is its integrated nature, and that advantage continues with open source software. While new open source apps may expect MySQL or its newer follow-on, MariaDB, most IBM i shops will have a lot of data housed in a Db2 for i database. So for that reason, access to the Db2 for i database is a big benefit when running open source applications on the IBM i.

There are a couple of ways to tap into that Db2 for i database. OpenLogic touts the ibm_db2 database driver that has traditionally been a way for PHP applications to get data out of Db2 for i. But a better solution is to use the ODBC driver, which IBM is positioning as the standard way to access all flavors of Db2, including the one for IBM i.

IBMs XMLService utility plus a toolkit can alleviate program-level integration with open source software on IBM i. (Image courtesy OpenLogic)

But the database is just part of the story, and sometimes users need to access programs. For that, OpenLogic presents IBMs open source XMLService utility as the best way to tapping into ILE RPG and Cobol, as well as CL programs (as well as data areas and data queues). The company says that by using a language-specific toolkit (such as the one that Perforce provides for PHP on IBM i), developers can reduce the simplify the process of calling ILE items and processing the results.

With an abundance of pre-built open source applications and tooling for developing more, the barriers to using open source on IBM i are melting away, according to OpenLogic.

The advantages of open source on IBM i are significant and they include choice of solution, innovation to the platform, and integration with IBM i data, programs, and artifacts to extend their reach and usefulness, the company concludes in its white paper. Getting started on open source on IBM i is easy it just takes a willingness to embrace new methods and new solutions to strengthen an already powerful platform to take it to even higher capabilities.

To get a copy of the white paper, go to http://www.openlogic.com/resources/advantages-open-source-ibm-i.

IBM Brings More Open Source to IBM i

Apache Kafka And Zookeeper Now Supported On IBM i

More Open Source Databases Coming To IBM i

Man-DB Brings Documentation to IBM i

Open Source Is the Future, So Where Does IBM i Fit In?

Go here to see the original:
Open Source The Path To Software Riches For IBM i - IT Jungle

Open Source Software Market to Witness Mounting Growth in Approaching Time – Murphy’s Hockey Law

The selective research report on the Global Open Source Software Market 2020 analyzes the market in detail alongside concentrating on huge market elements for the key players working in the market. Worldwide Open Source Software Industry research report offers granulated at this point top to bottom examination of income share, advertise portions, income gauges and different areas over the globe. This report contains a total item outline and its extension in the market to characterize the key terms and give the customers a comprehensive thought of the market and its propensity. It completely assesses the worldwide Open Source Software advertise with alternate points of view to give a nitty gritty, instructive, and precise investigation of local development, rivalry, showcase division, and other significant viewpoints.

Request free sample copy of this reporthttps://www.reportsintellect.com/sample-request/1319020?utm_source=erealty&utm_medium=24

Key players in globalOpen Source Software market include:Intel,Epson,IBM,Transcend,Oracle,Acquia,OpenText,Alfresco,Astaro,RethinkDB,Canonical,ClearCenter,Cleversafe,Compiere,Continuent and more.

The statistical surveying insight report on title Global Open Source Software Market gives stick guide examination toward changing focused elements and a forward-looking viewpoint on changed variables driving or limiting industry development. The Open Source Software industry report gives vital and helper information which is spoken to in pie-graphs, tables, methodical outline, and item charts. The Open Source Software Report likewise decide the economic situations including the item value, particular, inquire about approach, money related and specialized subtleties which will extend the market activities. The Market research report gives the most recent industry information and industry future patterns, enabling you to distinguish the items and end clients driving income development and gainfulness.

This report also splits the market by region: Breakdown data in Chapter 4, 5, 6, 7 and 8.

Americas, United States, Canada, Mexico, Brazil, APAC, China, Japan, Korea, Southeast Asia, India, Australia, Europe, Germany, France, UK, Italy, Russia, Middle East & Africa, Egypt, South Africa, Israel, Turkey and GCC Countries.

Inquire for a discounthttps://www.reportsintellect.com/discount-request/1319020?utm_source=erealty&utm_medium=24

Objective of Studies:

About Us:

Reports Intellect is your one-stop solution for everything related to market research and market intelligence. We understand the importance of market intelligence and its need in todays competitive world.

Our professional team works hard to fetch the most authentic research reports backed with impeccable data figures which guarantee outstanding results every time for you.

So whether it is the latest report from the researchers or a custom requirement, our team is here to help you in the best possible way.

Contact Us:

[emailprotected]

PH +1-706-996-2486

Read the original post:
Open Source Software Market to Witness Mounting Growth in Approaching Time - Murphy's Hockey Law

Open Source Software Market 2020 Top Emerging Trends Impacting the Growth Due to COVID19 and In-Depth Compitative Intelligence – Cheshire Media

Open Source Software market research study provides an all-inclusive assessment of the market while propounding historical intelligence, actionable insights, and industry-validated & statistically-upheld market forecast. A verified and suitable set of assumptions and methodology has been leveraged for developing this comprehensive study. Information and analysis of key market segments incorporated in the report have been delivered in weighted chapters.

Global Open Source Software Market research report provides the historical, present & future situation of Market Size & Share, Revenue, the demand of industry and the growth prospects of the Open Source Software industry in globally. This Open Source Software Market report has all the important data and analysis of market advantages or disadvantages, the impact of Covid-19 analysis & revenue opportunities and future industry scope all stated in a very clear approach. Open Source Software market report also calculates the Market Impacting Trends, Strategic Analysis, Market DROC, PEST Analysis, Porters 5-force Analysis, Market News, sales channels, distributors and forecast to 2026.

Open Source Software market report covers profiles of the top key players in Open Source Software, with price, sales, revenue and global market share. The Open Source Software competitive situation, sales, revenue and global market share of top manufacturers are analyzed emphatically by landscape contrast.

Top key players covered in Open Source Software market research report:

Request for a sample report to browse TOC, full company coverage & many more @ https://www.in4research.com/sample-request/10786

Open Source Software market segmentation based on the product Type and Applications, with sales, market share and growth rate.

Based on Product Type:

Break down of Open Source Software Applications:

Open Source Software market breakdown data are shown at the regional level, to show the sales, revenue and growth by regions.

Impact of COVID-19 on Open Source Software Market

The report also contains the effect of the ongoing worldwide pandemic, i.e., COVID-19, on the Open Source Software Market and what the future holds for it. It offers an analysis of the impacts of the epidemic on the international market. The epidemic has immediately interrupted the requirement and supply series. The Open Source Software Market report also assesses the economic effect on firms and monetary markets. Futuristic Reports has accumulated advice from several delegates of this business and has engaged from the secondary and primary research to extend the customers with strategies and data to combat industry struggles throughout and after the COVID-19 pandemic.

Get in touch to know more about the Impact of COVID-19 & Revenue Opportunities in Open Source Software Market: https://www.in4research.com/impactC19-request/10786

Open Source Software Market Report Provides Comprehensive Analysis as Following:

Frequently Asked Questions

Ask for more details or request a custom report from our industry experts @https://www.in4research.com/customization/10786

FOR ALL YOUR RESEARCH NEEDS, REACH OUT TO US AT:

Contact Name: Rohan S.Email: [emailprotected] Phone: +1 (407) 768-2028

Read more:
Open Source Software Market 2020 Top Emerging Trends Impacting the Growth Due to COVID19 and In-Depth Compitative Intelligence - Cheshire Media

Why the Open Source Security Foundation was a long time coming – ARNnet

The Open Source Security Foundation (OpenSSF) is a few months old now, but the question is why it isnt years old.

After years of attackers exploiting bugs in OpenSSL, Apache Struts, and countless other projects, along with our laziness in patching them, it seems that long ago we would have combined to protect the open source supply chain upon which every organisation depends.

But we havent. It wasnt until 2020 that we decided as an industry to stop piece-mealing our approach to security.

Why?

Thats the question I asked Kim Lewandowski, a Google product manager and member of the OpenSSFs governing board. According to Lewandowski, We all depend on open source, and theres no reason for us to all try to solve this individually or in a silo. Shes right, but why did it take us so long to get to this point?

You and you and you and

One of the problems with open source security is that its not any one companys problem. Goldman Sachs, for example, wants the software on which it depends to be secure, but why should it bear the brunt of paying to secure software that everyone uses? Ditto Google, which has contributed and uses a great deal of open source software.

As Lewandowski stated, Google is not going to go in and rewrite every single open source software package that exists on the internet today that our customers and we are using.

Even if Google wanted to do so, it really couldnt. Theres simply too much. Sure, the company could fix OpenSSL or Apache Struts or whichever project is currently compromised, but the universe of open source code is gargantuan and always expanding.

This simply isnt a task that any one company can reasonably tackle alone.

Different projects, different needs

This fact is complicated by the diverse needs of each project. According to Lewandowski, each project is different and as convenient as it would be to throw money at the security problem, that doesnt necessarily work. Weve seen some maintainers where they dont want the money, or cant take the money, or simply cant apply it for things that we need.

Other projects need help with security audits, which the OpenSSF plans to enable. Such audits currently take place within the CNCF and other foundations or organisations, but theyre incomplete as they are.

According to Lewandowski, the audits weve seen have been great and have uncovered a lot of things, but then the projects can get stuck with a bunch of work that needs to be fixed if [the auditor] doesnt see [the audit] all the way through to remediation. And sometimes, she continued, Folks will fix bugs just to pass the audit or as a quick fix and the deeper underlying security issue is still there.

So how can a community rally to not only find but also fix problems?

Lewandowski explained that the OpenSSF is currently considering different models to engage contributors to help resolve security vulnerabilities. It turns out its not necessarily straightforward, however.

Some organisations, for example, want to contribute the expertise of their engineers to help fix the bugs, which is great, but how can OpenSSF hold them accountable?

If a number of member organisations pledge five engineers each, for example, how do you show accountability such that all of those engineers are doing exactly what we hoped they would do inside the Foundation? These are tough problems, and more help is needed.

Despite the daunting challenges, progress is being made. In partnership with ISRG, for example, the popular cURL is getting a new back end written in Rust that promises to deliver even better security. Such a collaboration is a great example of the kind of thing OpenSSF can foster.

But why did it take so long?

Better late than never

Its kind of eerie how many similarities you can draw to the current pandemic, Lewandowski pointed out. Its like no one really cared to do too much about it until theres this huge outbreak impacting us all.

While there wasnt any trigger event for OpenSSF, there has been a steady drumbeat alerting us to the need for years. From time to time, weve reacted. The Heartbleed rupture of OpenSSL, for example, gave rise to the Core Infrastructure Initiative, led by the Linux Foundation. Similar objectives arose elsewhere in response to different threats.

Even so, they were still largely siloed efforts.

Some of those silos spring from companies running open source in (periodically not so blissful) ignorance.

Organisations might think theyre paying for proprietary software but, as WhiteSource and others have highlighted, upwards of 95 per cent of all software includes open source components. No matter what the outward license, theres open source inside. Always.

This fact is starting to sink in, making now the perfect time for the OpenSSF to make a significant impact on the industry. Of course, as Lewandowski stressed, Its a delicate balance on how you talk about it. You want to drive awareness, but you cant scare everyone away.

So lets say it this way: Open source is foundational to all software today, which software increasingly powers even the most remote aspects of our lives. The process behind open source the process by which we find and fix bugs is the right way to tackle software security, but it can be that much better if we coordinate our efforts.

The OpenSSF offers us a chance to do that, and needs involvement not just from software vendors, but also from companies like JP Morgan Chase, Facebook, Uber, and, hopefully, you.

Error: Please check your email address.

Tags open sourcesecurity

See the article here:
Why the Open Source Security Foundation was a long time coming - ARNnet

Adopting open source in the face of fragmentation – Techerati

Open source fragmentation is enabling innovation and efficiency, but also increasing security risks, writes Lech Sandecki, Product Manager at Canonical the publisher of Ubuntu

In 2020, 99 percent of enterprise codebases contain open source components. Businesses have come to realise that the collective approach of open source toward innovation has incredible benefits, and will help them to integrate technologies such as cloud computing, artificial intelligence (AI), machine-learning (ML), and microservices into their solutions.

But with this goldrush, which has brought a sharp rise in new applications, its becoming more difficult to see, or simply just to know, how many open source components are involved. This fragmentation is consequently hurting compliance officers, who are unable to keep up with the software supply chain. These same officers are struggling with visibility and cannot keep up pace.

The challenge is that the landscape is unrecognisable from just a decade ago. Back then, a much smaller pool of commercial open source vendors licensed their software to customers, understood everything about the code, and dealt with every security patch.

Today, however, the risk landscape has become increasingly fragmented, with many old or unpatched subcomponent versions used in applications. Whilst innovation and efficiency is consistently growing on account of fragmentation, so do the security risks.

Open source is on the rise, and its growth has continued even throughout Covid-19, as developers, in particular, continue to recognise the vast benefits. But these benefits are being undermined by the cybersecurity issues which arise when open source components are not kept up to date or or properly maintained. Sonatype recently found that there has been a 430% surge in next-gen cyber-attacks aimed at infiltrating open source software supply chains, revealing a lack of understanding when it comes down to open source security.

Nobody could have predicted just how fast the expansion of open source would be, and now comes the growing challenge of adopting it safely and within wider compliance frameworks. For compliance officers and IT teams, there are of course ways to successfully manage the transition securely and effectively.

At the very least, compliance officers should always track the open source components being used. With full visibility and oversight over the process, it is far easier to understand and pinpoint vulnerabilities with accuracy. In manufacturing, businesses have a comprehensive inventory of all the materials and parts needed to make a product. If one is found to be defective, the manufacturer can pinpoint the wider impact immediately.

By adopting a similar approach, enterprises can garner insight into the clutter of open source components that their developers are using. As a result, they can take control of ensuring that their open source components are secure, rather than relying on information from the community.

Many organisations are now turning to automation to help manage the day-to-day side of security. Compliance officers themselves are stretched. Automating core security processes, which will prioritise vulnerabilities, can give time back to compliance officers and security workers, so that they can work on more pressing issues.

Organisations can consequently boost security posture. Businesses should prioritise integrating automation within the production environment, as this can often seem an easy target to attackers. CI / CD pipelines usually contain a path to what is given in production, which is why restrictive access controls based on multi-factor authentication must be implemented.

Officers should also select trusted proxies whenever they can. Good Linux publishers usually have a comprehensive program to review, prioritise, and fix their software packages for vulnerabilities. Although not all open source applications might be covered by default, it is worth checking which open source packages and versions can benefit from security patching, long term support (LTS), or extended security maintenance (ESM).

OS publishers maintain their own databases to track remediation of the latest public vulnerabilities from various sources, including MITRE, NIST NVD, and others. If an open-source provider has these qualities, it is likely you can trust it and make use of these tools through the adoption process.

To stay competitive, businesses are feeling the pressure to deploy new applications, but this should never come at a security cost. This is why every company should embrace DevSecOps, which applies better hygiene to application delivery, by introducing security earlier in the application life cycle and requiring security tests and verification at every step. This approach views security as an integral part of DevOps automated CI / CD pipeline, and not just a step at the end of the journey.

A DevSecOps culture, as well as having the right skills in place, will make open source adoption all the smoother. Enterprises will either need to more aggressively develop new security skills internally or look to external organisations that already have these capabilities in place.

Research from digital risk protection specialist Skurio this summer found that 50% of UK firms were looking to outsource security services, while 80 percent had problems with team skills and knowledge. The uptick in cyber incidences and increased security risks mean that it has never been so important for teams to ensure security specialists are in place throughout the adoption process.

Along with great developers, organisations crucially require great compliance officers that can tackle fragmentation head on. It is often overlooked just how fundamental compliance offers are as ultimately, they can make or break the success of open source adoption. A change in skills and culture, to prioritise compliance and security, whilst simultaneously allowing developers to run with the innovation involved, will be key to the growth of the industry.

Originally posted here:
Adopting open source in the face of fragmentation - Techerati

Keeping the Software Supply Chain Secure – BankInfoSecurity.com

Application Security , Endpoint Security , Internet of Things Security

IoT devices and software applications often use a range of components, including third-party libraries and open source code. All of those pose risks if vulnerabilities are discovered.

See Also: Business Case for PAM Playbook for CISOs

Ensuring devices and services are secure requires keeping track of the status of those software ingredients, promptly applying patches when available. But that can be challenging, says Steve Springett, creator of the open source project called Dependency-Track, a supply chain component analysis platform.

"Whenever you use third-party and open source software, you're ultimately using code that you didn't write yourself," Springett says. "In many cases, code can be slipped in, and you're not even aware that you were using it in the first place. Even when you include your first-level dependencies, those dependencies also have dependencies in many cases."

Dependency-Track, which is part of the Online Web Application Security Project, is a free application that helps identify out-of-date and risky software components by using a software bill of materials, which describes the exact software components that an application contains.

Springett also created CycloneDX, a vendor agnostic specification for creating a software bill of materials.

In this video interview with Information Security Media Group, Springett discusses:

Springett, creator of Dependency-Track, is a senior security architect with ServiceNow in Chicago.

Read the original:
Keeping the Software Supply Chain Secure - BankInfoSecurity.com

Linux and open source: The biggest issue in 2020 – TechRepublic

This year was rough for all involved--even Linux and open source didn't come through unscathed. See what Jack Wallen considers to be the biggest issue for Linux in 2020.

Image: iStockphoto/TimArbaev

For the most part, 2020 was actually pretty good for open source. Enterprise-level companies embraced open source software even further, containers and the cloud became even more crucial to both businesses and consumers, the Linux community found a larger piece of the support pie from large manufacturers like Microsoft, and distributions continued to wow.

That doesn't mean the year was full of celebrations, as there were some rather cringe-worthy moments. A good number of major open source projects suffered from poorly written or out of date documentation, DockerHub started throttling image downloads, etc.

There was, however, one particular issue open source faced in 2020 that will not only go down as a thorn in the side of the community for the year, but will probably haunt us moving forward.

What was that issue?

Since I started my Linux journey over 20 years ago, I have only experienced one instance of a Linux machine getting hacked. I believe that happened around 2006. The machine in question was an Ubuntu server for a hair salon that served up its website via WordPress and email via Sendmail. I was the admin of that server and I was absolutely certain it was safe. Little did I know...

By way of an out of date WordPress plugin, someone gained access to the server and installed a rootkit. No matter what I did, I couldn't roll back the problem. My only recourse was to blow away the compromised OS and reinstall everything.

It was a humbling lesson. Until that day, I was certain the mere act of using Linux ensured my servers were safe from bad actors. Again, little did I know. A simple update to a single piece of open source software could have prevented that problem.

SEE: Linux commands for user management (TechRepublic Premium)

We all knew this day would come. However, most of us had very powerful blinders covering our eyes, but the writing was on the wall. With more and more enterprise companies depending on open source software to build their backends and serve up web applications and services, a target had been drawn on the metaphorical backs of many projects.

This year pulled back those blinders and forced that reality upon us. Linux and open source have weaknesses.

More to the point, hackers are now specifically targeting open source software. No matter how secure the platform is, where there's a hacker, there's a way.

I've had a few conversations with bank employees lately that were rather enlightening. From those conversations, a single, grim conclusion has been drawn--hackers are better at what they do than security pros and developers are at what they do.

Hackers have more resources, more tools, more time, and more incentive to break into systems than developers and admins have the ability to lock down those systems. That's not to say security admins and developers don't know what they're doing. They do. Many are incredibly brilliant at their jobs. But, hackers are a different breed altogether and their incentive is they don't make money until they get the job done.

That's a pretty big incentive.

It also translates to those hackers finding vulnerabilities in everything, including Linux--2020 was proof of that.

Boothole

SAD DNS

BleedingTooth

ShellShock

The above shortlist is just the celebrity vulnerabilities found in Linux. There were plenty of others that didn't warrant a nickname, that may not have been quite as rampant and dangerous, but were still issues discovered within the Linux stack. You can view any number of CVE listings and see for yourself. For instance, takethis listing of Linux kernel CVEs. There are plenty of them, many of which rate in the sevens (which is considered High).

Prior to 2020, Linux and open source vulnerabilities were pretty easy to shrug off as anomalies. Sure they happened, but we all knew it was a passing phase and that Linux vulnerability couldn't possibly be on the same level as Windows.

It isn't... yet.

Within the realm of enterprise business, Linux and open source have become the foundation for which everything is built. That means only one thing: Hackers are going to hack. Linux will be their target for the foreseeable future--there is no getting around that.

The truth is, Linux and open source were already standing on that precipice for some time and 2020 only served to tip it over the edge.

For all this doom and gloom speak, there is hope. After all, this is Linux and open source. The silver lining is that the very nature of open source means the code is available for a world of engineers to vet. With this growing rise of attacks on Linux, you can bet those developers will take heed the shot sent across the bow of the USS Open Source.

Linux and open source have some of the best developers in the world. Those vulnerabilities will be found and patched faster than you can say "proprietary."

If 2020 has taught us a lesson, it's to never take anything for granted, even the security of Linux and open source. Let's take that lesson into the future and develop stronger software and build even more secure systems.

Besides, there's only a month and a half left in 2020. What more can happen?

Subscribe to TechRepublic's How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.

You don't want to miss our tips, tutorials, and commentary on the Linux OS and open source applications. Delivered Tuesdays

Visit link:
Linux and open source: The biggest issue in 2020 - TechRepublic

Open Source Software Market By Applications, Types, New Technology Opportunity Analysis And Forecast: 2020 2026 – Cheshire Media

Open Source Softwaremarket has been analyzed by utilizing the best combination of secondary sources and in-house methodology along with a unique blend of primary insights. The real-time assessment of the Open Source Software market is an integral part of our market sizing and forecasting methodology, wherein our industry experts and team of primary participants helped in compiling the best quality with realistic parametric estimations.

In4Researchs latest market research report on theOpen Source Software market, with the help of a complete viewpoint, provides readers with an estimation of the global market landscape. This report on the Open Source Software market analyzes the scenario for the period of 2020 to 2026, wherein, 2019 is the base year. This report enables readers to make important decisions regarding their business, with the help of a variety of information enclosed in the study.

This report on the Open Source Software market also provides data on the developments made by important key companies and stakeholders in the market, along with competitive intelligence. The report also covers an understanding of strengths, weaknesses, threats, and opportunities, along with the market trends and restraints in the landscape.

Questions Answered in Open Source Software Market Report:

Request for a sample copy of the report to get extensive insights into Open Source Software market @https://www.in4research.com/sample-request/2054 Based on Product type, Open Source Software market can be segmented as:

Based on Application,Open Source Software market can be segmented:

The Open Source Software industry study concludes with a list of leading companies/suppliers operating in this industry at different stages of the value chain.

List of key players profiled in the report:

If you are planning to invest into new products or trying to understand this growing market, this report is your starting point.

Ask for more details or request custom reports from our industry experts @https://www.in4research.com/customization/2054

Regional Overview & Analysis of Open Source Software Market:

Analysis of COVID-19 Impact & Post Pandemic Opportunities in Open Source Software Market:The outbreak of COVID-19 has brought along a global recession, which has impacted several industries. Along with this impact COVID Pandemic has also generated few new business opportunities for Open Source Software market. Overall competitive landscape and market dynamics of Open Source Software has been disrupted due to this pandemic. All these disruptions and impacts has been analysed quantifiably in this report, which is backed by market trends, events and revenue shift analysis. COVID impact analysis also covers strategic adjustments for Tier 1, 2 and 3 players of Open Source Software market.

Table of Content: Global Open Source Software Market

Chapter 1. Research Objective1.1 Objective, Definition & Scope1.2 Methodology1.2.1 Primary Research1.2.2 Secondary Research1.2.3 Market Forecast Estimation & Approach1.2.4 Assumptions & Assessments1.3 Insights and Growth Relevancy Mapping1.3.1 FABRIC Platform1.4 Data mining & efficiency

Chapter 2. Executive Summary2.1 Open Source Software Market Overview2.2 Interconnectivity & Related markets2.3 Ecosystem Map2.4 Open Source Software Market Business Segmentation2.5 Open Source Software Market Geographic Segmentation2.6 Competition Outlook2.7 Key Statistics

Chapter 3. Strategic Analysis3.1 Open Source Software Market Revenue Opportunities3.2 Cost Optimization3.3 Covid19 aftermath Analyst view3.4 Open Source Software Market Digital Transformation

Chapter 4. Market Dynamics4.1 DROC4.1.1 Drivers4.1.2 Restraints4.1.3 Opportunities4.1.4 Challenges4.2 PEST Analysis4.2.1 Political4.2.2 Economic4.2.3 Social4.2.4 Technological4.3 Market Impacting Trends4.3.1 Positive Impact Trends4.3.2 Adverse Impact Trends4.4 Porters 5-force Analysis4.5 Market News By Segments4.5.1 Organic News4.5.2 Inorganic News

Chapter 5. Segmentation & Statistics5.1 Segmentation Overview5.2 Demand Forecast & Market Sizing

Any Questions/Queries or need help? Speak with our analyst: https://www.in4research.com/speak-to-analyst/2054

FOR ALL YOUR RESEARCH NEEDS, REACH OUT TO US AT:Contact Name: Rohan S.Email:[emailprotected]

Phone:+1 (407) 768-2028

Read more:
Open Source Software Market By Applications, Types, New Technology Opportunity Analysis And Forecast: 2020 2026 - Cheshire Media

The Few, the Tired, the Open Source Coders – WIRED

While you're surfing the web, you ought to thank Jacob Thornton for making it so pretty.

He's a programmer who, along with web designer Mark Otto, created Bootstrap, free software that the pros use to make their sites look spiffy. If you've ever noticed that a lot of websites have the same big chunky buttons, or the same clean forms, that's likely because an estimated one-fifth of all websites on the planet use Bootstrap.

One reason for its spread is that Thornton and Otto made Bootstrap open source. Anyone can use it without permission, and anyone can tweak it and improve it. Thornton didn't get a salary for making Bootstrap. When he and Otto first released it, back in 2010, they had day jobs working for Twitter. But both were propelled by classic open source motivations: It was a cool challenge, it burnished their reputations, and it felt neat to help people. Plus, watching it surge in popularityGreen Day's website used it, as did Barack Obama's White Housewas thrilling.

But open source success, Thornton quickly found, has a dark side. He felt inundated. Countless people wrote him and Otto every week with bug reports, demands for new features, questions, praise. Thornton would finish his day job and then spend four or five hours every night frantically working on Bootstrapmanaging queries, writing new code. I couldn't grab dinner with someone after work, he says, because he felt like he'd be letting users down: I shouldn't be out enjoying myself. I should be working on Bootstrap!

The feeling that I had was guilt, he says. He kept at it, and nine years later he and Otto are still heading up Bootstrap, along with a small group of core contributors. But the stress has been bad enough that he often thought of bailing.

When the open source concept emerged in the '90s, it was conceived as a bold new form of communal labor: digital barn raisings. If you made your code open source, dozens or even hundreds of programmers would chip in to improve it. Many hands would make light work. Everyone would feel ownership.

Making and remaking code requires high-level synthesiswhich, as it turns out, is hard to break into little pieces.

Now, it's true that open source has, overall, been a wild success. Every startup, when creating its own software services or products, relies on open source software from folks like Thornton: open source web-server code, open source neural-net code. But, with the exception of some big projectslike Linuxthe labor involved isn't particularly communal. Most are like Bootstrap, where the majority of the work landed on a tiny team of people.

Recently, Nadia Eghbalthe head of writer experience at the email newsletter platform Substackpublished Working in Public, a fascinating book for which she spoke to hundreds of open source coders. She pinpointed the change I'm describing here. No matter how hard the programmers worked, most still felt underwater in some shape or form, Eghbal told me.

Why didn't the barn-raising model pan out? As Eghbal notes, it's partly that the random folks who pitch in make only very small contributions, like fixing a bug. Making and remaking code requires a lot of high-level synthesiswhich, as it turns out, is hard to break into little pieces. It lives best in the heads of a small number of people.

Yet those poor top-level coders still need to respond to the smaller contributions (to say nothing of requests for help or reams of abuse). Their burdens, Eghbal realized, felt like those of YouTubers or Instagram influencers who feel overwhelmed by their ardent fan basesbut without the huge, ad-based remuneration.

Sometimes open source coders simply walk away: Let someone else deal with this crap. Studies suggest that about 9.5 percent of all open source code is abandoned, and a quarter is probably close to being so. This can be dangerous: If code isn't regularly updated, it risks causing havoc if someone later relies on it. Worse, abandoned code can be hijacked for ill use. Two years ago, the pseudonymous coder right9ctrl took over a piece of open source code that was used by bitcoin firmsand then rewrote it to try to steal cryptocurrency.

Read the original here:
The Few, the Tired, the Open Source Coders - WIRED