Aspose Cloud SDK for .NET
Aspose Cloud SDK for .NET is an open source software development kit that makes it super simple to call Aspose Cloud APIs. Please check http://goo.gl/VHrySy for details.

By: Aspose Marketplace

Continue reading here:
Aspose Cloud SDK for .NET - Video

By Jack M. Germain 11/12/14 5:45 PM PT

The amount of open source software used by the U.S. government might well be one of the biggest secrets in Washington. Not even purveyors of FOSS, as in free and open source software, know the extent of federal agency adoption of nonproprietary software.

Some in the Beltway Loop contend that open source is very prevalent. Others suggest that open source is avoided because its code is exposed for anyone to see.

One thing seems very sure, however. Most government agencies cling to well-known commercial software for desktop services. However, server-side and specialized software is a mixture of contracted code and community packages promulgated on Github and other open source software repositories.

Just how passionately government agencies support and use open source software may be a question nobody has bothered to pursue. For example, OpenSource.com claims that the U.S. government has directed that open source projects are to be considered equally with proprietary products -- but no government guidance is offered for carrying out that directive.

"The involvement varies. A lot of the initiatives for using open source takes a cultural change," Steve Wallo, chief solutions architect for Brocade Federal, told LinuxInsider.

Some agencies look at open source for a particular mission. Others look at open source for large scale deployment. So OSS adoption on the federal level is at different stages, said Wallo.

Some of the largest U.S. agencies are known users of open source. For instance, the U.S. Department of Veterans Affairs often is cited as one of the largest federal users of open source software. If accurate, that would be a significant investment in OSS. The VA is the second largest agency of the U.S. federal government.

Take MongoDB, for instance. This open source next-generation database has a broad list of government customers, according to Will LaForest, Senior Director of MongoDB Federal. That customer base includes the intelligence community, the Defense Department and civilian agencies in healthcare, finance and energy.

"There is actually quite a bit of variation within the government. Some favor OSS as a policy, others "permit" OSS, and some are not open to it at all," LaForest told LinuxInsider.

Continued here:
The US Government's Tenuous Relationship With Open Source

In todays IT environments, security has become a major concern. Despite recent reports of software vulnerabilities in open source code, including Shellshock, the OpenSSL Heartbleed and GoToFail, companies still prefer to use open source software.

But, open source developers dont always adhere to best practices when it comes to security such as conducting regular security audits and using static analysis, found Coverity Inc.s Spotlight report. The Coverity Scan Security Spotlight identifies several common defects and exposures (CVEs) in open source code, and identifies that the GoToFail vulnerability could have been detected in the scan.

The provider of application development testing added its Security Advisor to the Coverity Scan service, which resulted in the discovery of almost 4,000 defects. Almost 2400 of these were high severity defects, followed by 1330 low severity and 260 and so medium severity.

The Coverity Scan service analyzed several hundreds of millions of lines of code from more than 1,500 open source projects including C/C++ projects such as NetBSD, FreeBSD, LibreOffice and Linux, and Java projects such as Apache Hadoop, HBase and Cassandra.

The scan also detected 688 Open Web Application Security Project (OWASP) Top 10 issues in 37 open source projects, including big data, network management, and blog server projects. The top 10 issues found on the scan are injection, broken authentication and session management, cross-site scripting (XSS), insecure direct object references, security misconfiguration, sensitive data exposure, missing function level access control, cross-site request forgery (CSRF), using components with known vulnerabilities, and unvalidated redirects and forwards.

The road to application quality and security starts in development, said Zack Samocha, senior director of products at Coverity. With three major security issues related to open source code defects this year, its imperative that open source developers design code security into their projects starting as early as possible

That means utilizing security experts to help, adds Samocha. Vulnerable areas in code arent always immidiately obvious and how attackers will use them is even less obvious at the developer level. Most code bugs dont even become a problem until code is being executed in production; after its released from the sanitary world of the development environment.

The solution: regular security audits and in-depth vulnerability exams that try to suss out the problems before theyre exploited.

There have been several highly publicized open source vulnerabilities this year alone, including Heartbleed and Shellshock. Those two flaws impacted a large number of users because of the widespread implementation of open source software.

Coverity introduced its monthly Coverity Scan Project Spotlights due to high demand for the annual Coverity Scan Report and the insight it provides into the state of open-source software quality. The Coverity Scan Report has become something of a standard for measuring the state of open-source software quality.

Original post:
Coverity Security Report: Open source projects severely in need security programs

Satya Nadellas rapid reinvention of Microsoft continues.

In yet another bid to make up lost ground in the long march to the future of computing, Microsoft is now open sourcing the very foundation of .NETthe software that millions of developers use to build and operate websites and other large online applicationsand it says this free code will eventually run not only on computer servers that use its own Windows operating system, but also atop machines equipped with Linux or Apples Mac OS, Microsofts two main operating system rivals.

We want to have a developer offering that is relevant and attractive and valuable to any developer working on any kind of application, says S. Soma Somasegar, the 25-year Microsoft veteran oversees the companys wide range of tools for software developers.

With the move, Microsoft is embracing the reality that modern software and online services run atop a variety of operating systemsand that Windows no longer dominates the market the way it once did. At least tacitly, the software giant is acknowledging that so many businesses and developers now choose to run their software atop computer servers loaded with the open source Linux operating system, which, in recent years, has evolved in ways that Windows has not. Most notably, it offers whats called containers, a new means of streamlining the way applications are built and operated.

Today, people who are stuck on the .NET platform have to use a server environment that doesnt have what Linux does, says James Watters, who, at a company called Pivotal, works hand-and-hand with a wide range of developers and companies as they build large online software applications. Theyre stuck with a generation-behind technology.

For Watters, Microsoft has ample ground to make up. But in opening sourcing whats called the .NET Core runtimefreely sharing it with the world at largethe company at least gives itself a fighting chance as it seeks to maintain a hold on the way the world builds and runs software.

In theory, an open source .NET that runs on Linux and Mac OS will expand the use of Microsofts developer tools. Then the company can pull in revenue through other channelsthrough premium versions of its developer tools and through its cloud computing service, Microsoft Azure, a means of building and running software without setting up your own servers.

The move is just the latest in a long line of rather large changes Microsoft has made since Nadella took over as CEO in Januaryall with an eye towards the rise of rival operating systems and open source software. The company now offers free versions of its Office applications for Apple iPhones and iPads. It provides a free version of Windows for phones and other small devices, hoping to catch up with Googles open source Android operating system. And it says that the next version of Windows for computer servers will run Docker, a hugely important container technology that was originally built on Linux.

All this seemed unlikely under previous CEO Steve Ballmerand all can help Microsoft find new relevance in the ever-changing world of online computing.

Among developers and businesses building websites and other large online services, .NET is one of the primary competitors to Java. Its widely used among companies that rely heavily on Microsoft software the company says .NET was installed more than 1.8 billion times over the last yearbut according to most estimates, Java is still the more popular tool. And many consider it the more powerful.

Excerpt from:
Microsoft Open Sources .NET, Saying It Will Run on Linux and Mac

Prague, Czech Republic (PRWEB) November 12, 2014

Open source software developer Sourcefabric has signed Australian Associated Press to help develop an end-to-end news creation, production, curation, distribution and publishing platform.

The two parties are inviting other news publishers to participate in the project, called Superdesk.

Through Superdesk, AAP aims to better equip its editorial operations amid increasing cost pressure and ever-growing demands for innovative digital products and services.

AAP editor-in-chief Tony Gillies said, Over the past 10 years, our existing editorial platform has proven increasingly inflexible. The time is right for some true innovation in this area and we believe that Sourcefabric will set us on the right path.

Sava Tati, Sourcefabric managing director, said he was thrilled to be partnering with Australias national news agency.

Tati described the partnership as a great opportunity for Sourcefabric to showcase the power and flexibility of open source software to news and media organisations worldwide.

Sourcefabric is ready to serve as the custodian of the new code base for journalism, which will be open source, he said.

About Superdesk

Superdesk is a native editorial system for managing workflows and production in traditional, digital and converged news organisations. It has been designed specifically to be scalable to suit news operations of any size, and its modular approach makes it easily extensible without requiring rewrites of the base code.

Read more:
Sourcefabric signs Australian news agency AAP to open source project