GCHQ chief warns of Chinese . US open source software bill advances. Financial Stability Board on crypto regulation.

At a glance.

Jeremy Fleming, director of the UK Government Communications Headquarters, gave a rare speech in London on Tuesday warning the public that Beijing has deliberately and patiently set out to gain strategic advantage by shaping the worlds technology ecosystems. The spy chief said that Chinese Communist Party leadership has plans to use digital currency and satellites, among other existing and emerging technologies, to further its control over global markets and extend its surveillance capabilities around the world.

Fleming also claimed that Chinese efforts to build a central-bank digital currency could allow officials to monitor transactions and potentially evade future international sanctions. Describing the rising threat as the national security issue that will define our future, he also indicated that the Chinese government plans to leverage its tech exports to create client economies and governments and aims to spread its authoritarian practices to other nations. Fleming warned that unless lawmakers invest in emerging security technologies like quantum computing, the divergent values of the Chinese state will be exported through technology.

Mao Ning, a spokeswoman for Chinas Foreign Ministry, denied Flemings claims at a Tuesday daily briefing, stating, The remarks of the British official have no factual basis at all. Chinas technological development is aimed at making lives better for the Chinese people. It does not target anyone, still less pose any threat. Western officials have been sending warning signals about the potential use of equipment exported from Chinese tech leader Huawei Technologies Co. for digital espionage, but both Huawei and Beijing have denied these accusations.

In a bipartisan decision, the US Senate Homeland Security Committee has approved the Securing Open Source Software Act 2022, legislation that calls on the Cybersecurity and Infrastructure Security Agency (CISA) to create a risk framework regarding the use of open source code within the government and critical infrastructure agency. Prompted by the infamous Log4j vulnerability, the draft act requires CISA to hire experts who are able to identify and remediate vulnerabilities in open source code, and any open source software being used will be continuously monitored and checked by CISA. The act also directs some agencies to create in-house open source programs.

"This software needs curation to be secure and the responsibility for that curation lies firmly with the user, in this case our public sectors across the globe," Amanda Brock, CEO of not-for-profit group OpenUK, told Computing. However, as Brock noted, the bill is unclear about how CISA will coordinate this framework, especially when third-party services are involved. "Where there is payment associated with open source software, that is not for the software itself, and understanding that is key. Liability for these - as with any paid for services - rests with the provider, but these are part of the act of curation that all end users need to ensure," Brock added. The draft act will need to be passed by the full Senate before becoming law, but some experts say regardless, clouding companies might take it upon themselves to implement heightened security measures. "I strongly suspect the cloud provider industry will actually solve this meaningfully sooner than the government will, said Michel Isbitski, director of cybersecurity strategy at cloud security firm Sysdig. They have to because of the amount of open source software they use in their offerings. They also have the benefit of scale on their side."

US policymakers gathered yesterday in Washington, DC for Fintech Week, where the Financial Stability Board, which coordinates international financial regulation, is expected to share its plan for regulating the cryptocurrency market. The Washington Post explains that although the board has no power to set legislation, its recommendations have motivated lawmakers in the past. Its fair to say the US wants to lead on this globally and largely has been leading on it, said Patrick Dougherty, a former Securities and Exchange Commission lawyer who is now on the board of the Global Digital Asset and Cryptocurrency Association. The White House is also calling for a crackdown on the illicit use of digital assets, and last week, the Financial Stability Oversight Council issued a warning urging lawmakers to restrict cryptocurrency use before it threatens global finance systems. The board will also examine issuing rules for the use of stablecoins after the fall of the Terra stablecoin in May led to a massive downturn in the crypto market. The cryptocurrency industry continues to push back at the possibility of regulation, with industry group the Crypto Council for Innovation warning that a heavy-handed approach could cut this technology off at its knees.

Labour frontbencher advocates for open source software and regulatory innovation - Computing - February 9th, 2024
Open Source Software: Meaning, Importance, and Examples | Spiceworks - Spiceworks News and Insights - February 9th, 2024
Office of National Cyber Director Issues 2023 Year-End Report on Open Source Software Security Initiative - Executive Gov - February 1st, 2024
40 Must-Have Free Open Source Software for 2023 - Tecmint - October 16th, 2023
What Is Open Source Software and How Does It Work? | Synopsys - March 5th, 2023
15 Best Open Source Software You Must Try in 2023 - Turing - February 25th, 2023
Cyber Security Today, Feb. 24, 2023 Holes in open source software, ransomware gang tries to evade cyber insurers and more - IT World Canada - February 25th, 2023
What is Open Source Software? - SourceForge Articles - February 15th, 2023
About the Open Source Initiative | Open Source Initiative - December 28th, 2022
Comparison of free and open-source software licenses - December 20th, 2022
Building an open source software community - SAS Users - December 4th, 2022
The US Securing Open Source Software Act of 2022 is a step in the right direction - TechCrunch - November 25th, 2022
Microsoft: Hackers are using open source software and fake jobs in ... - November 17th, 2022
Open Source Software Directory - OSSD - October 23rd, 2022
Source Code for Open Source Software Components - Oracle - October 15th, 2022
We dont teach developers how to write secure software Linux Foundations David A Wheeler on reversing the CVE surge - The Daily Swig - October 15th, 2022
Learn Linux online for free with Linux Foundation Courses from edX - TechRepublic - October 15th, 2022
The Blockchain Sector is growing with the help of Open-Source Technology - Wales 247 - October 15th, 2022
When transparency is also obscurity: The conundrum that is open-source security - Help Net Security - October 7th, 2022
You thought you bought software all you bought was a lie - The Register - October 7th, 2022
Linux Foundation Energy Gains More Industry Support to Drive the Energy Transition - PR Newswire - October 7th, 2022
State of Open Source Survey By OpenLogic To Take Place In 2023 - Open Source For You - September 29th, 2022
15-Year-Old Python Vulnerability Still Affects Over 350,000 Open-Source Projects - Spiceworks News and Insights - September 29th, 2022
How Can Open Source Sustain Itself without Creating Burnout? - thenewstack.io - September 29th, 2022
OpenAI opens doors to DALL-E after the horse has bolted to Midjourney and others - The Register - September 29th, 2022
Red Hat And NdcTech Collaborate To Deliver Solutions Based On Open Source - Open Source For You - September 21st, 2022
Paladin Cloud Joins the Cloud Native Computing Foundation - GlobeNewswire - September 21st, 2022
Open Source Software - W3 - September 13th, 2022
Understanding the hows and whys of open source audits - Security Boulevard - September 13th, 2022
New Metaverse Track at O3DCon to Tackle Big Questions and Practical Applications of Emerging Graphical Technology - PR Web - September 13th, 2022
TechOps is a mess: Open source is the solution - BetaNews - September 13th, 2022
Rezilion Recognized as SBOM Tool Provider in Gartner Emerging Technologies Trend Report on Software Bills of Materials (SBOM) USA - English - USA -... - September 13th, 2022
Open Security: The next step in the evolution of cybersecurity - SC Media - September 13th, 2022
11 Interesting Firefox Add-ons to Improve Your Browsing Experience - It's FOSS - September 13th, 2022
why the giants fight over open source - Gearrice - September 5th, 2022
Compare Files in Linux With These Tools - It's FOSS - September 5th, 2022
Microsoft and ByteDance are collaborating on a big AI project, even as US-China rivalry heats up - CNBC - August 28th, 2022
OpenSSF Announces 13 New Members Committed to Strengthening the Security of the Open Source Software Supply Chain - DARKReading - August 20th, 2022
How W4 plans to monetize the Godot game engine using Red Hats open source playbook - TechCrunch - August 20th, 2022
Secure Open Source Rewards' to help in preventing assaults on the software supply chain. Check out how! - Economic Times - August 20th, 2022
Free Dev Tools! But Whats the Catch? - DevOps.com - August 20th, 2022
This Company is Aiming to Do to the Guest what VMWare and AWS Did to the Host - GeekWire - August 20th, 2022
What Is Open-Source Software? (Definition and Examples) - August 12th, 2022
What is open source software? | IBM - August 12th, 2022
55+ Best Open Source PC Software for almost Everything - August 12th, 2022
80 percent of enterprises use open source software and nearly all worry about security - BetaNews - August 12th, 2022
The US Military Should Red-Team Open Source Code - Defense One - August 12th, 2022
Boeing joins the ELISA Project as a Premier Member to Strengthen its Commitment to Safety-Critical Applications - PR Newswire - August 12th, 2022
Looking for simplicity in the cloud? The future is going to be open and hybrid - The Register - August 12th, 2022
AAIS & The Linux Foundation Welcome Jefferson Braswell as openIDL Project Executive Director - The Bakersfield Californian - August 4th, 2022
Wicked Good Development Episode 13: Hacks and Ax, July Edition - Security Boulevard - August 4th, 2022
Microsoft changes its policy against the sale of open source software in the Microsoft Store - BetaNews - July 26th, 2022
BMW Group Joins the Linux Foundation's Yocto Project - PR Newswire - July 18th, 2022
Free and Open Source Software (FOSS) - UNESCO - July 9th, 2022
Know Your Enemy and Yourself: A Deep Dive on CISA KEV - Security Boulevard - June 29th, 2022
CD Foundation Announces State of CD in 2022 Report, Opens Third Annual cdCon with New Project CDEvents, New... - DevOps.com - June 10th, 2022
Samsung teams up with Red Hat for memory software development - The Korea Herald - May 25th, 2022
OpenSSF Helping to Secure Open Source Software - ITPro Today - May 25th, 2022
Only Microsoft can give open-source the gift of NTFS. Only Microsoft needs to - The Register - May 11th, 2022
Protestware: what organisations should be aware of when using open source software - Lexology - May 11th, 2022
This Week in Washington IP: Open Source Cybersecurity Solutions, Civil Capabilities for Space Situational Awareness and Using AI for Effective RegTech... - May 11th, 2022
Red Hat Expands Capabilities to Provide Streamlined Application Development and Delivery in the Cloud - Business Wire - April 28th, 2022
Industry 4.0 why smart manufacturing is moving closer to the edge - The Register - April 28th, 2022
Open source software and DevOps: What are they, and how can your business benefit? - SmartCompany - April 13th, 2022
Truist Joins the Open Invention Network - GlobeNewswire - April 13th, 2022
OpenMetal Joins the Open Infrastructure Foundation - PR Newswire - April 13th, 2022
An Early Test of The Adams Administration's Values and Tech Prowess - Gotham Gazette - April 13th, 2022
Open Source Software Faces Threats of Protestware and Sabotage - WIRED - April 1st, 2022
The Promise of Open Source Code and the Paradox of ProtestWare - Security Boulevard - April 1st, 2022
Software Composition Analysis Market to Witness Massive Growth by 2029 | Open Source Software, Oracle, Smartbear Software - Digital Journal - April 1st, 2022
Why now is the time to host your code in the cloud - TechRadar - April 1st, 2022
Those looking for clues to Googles search demise are asking the wrong question - TechRepublic - April 1st, 2022
Open Source Sabotage Incident Hits Software Supply Chain | eSecurityPlanet - eSecurity Planet - January 15th, 2022
Open-source software and threats to critical infrastructure. - The CyberWire - January 15th, 2022
Google wants secure open-source software to be the future - TechRadar - January 15th, 2022
Baumer, Infineon, Qualcomm Innovation Center, Percepio and Silicon Labs Select Zephyr RTOS for their Next Generation of Products and Solutions - Yahoo... - January 15th, 2022
How Open Source Is Shaping The World Around Us - Outlook India - December 19th, 2021
The Projects and People That Shaped Security in 2021 The New Stack - thenewstack.io - December 19th, 2021
Log4j: Where's Fancy Bear been? Right there, choppin' lumber... - The CyberWire - December 19th, 2021
Aqua Security acquires Argon to protect the software supply chain - VentureBeat - December 6th, 2021