Discover Security Projects News
GitHub calls for contributions to new cybersecurity Advisory Database
GitHub has announced that their Advisory Database for security data is now open to contributions from experts. The full contents of the Advisory Database have already been published to encourage collaboration.
Alpha-Omega Project takes a human-centered approach to open-source software security
The Linux Foundation and OpenSSF Alpha-Omega Project, backed by Microsoft and Google, aims to improve the security of 10,000 open-source projects through a human-centered approach to open-source software security.
OpenSSF Announces The Alpha-Omega Project to Improve Software Supply Chain Security for 10,000 OSS Projects
Following a meeting with government and industry leaders at the White House, OpenSSF is excited to announce the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing.
Rust-Written Replacement To GNU Coreutils Progressing, Some Binaries Now Faster
Along with the broader industry trend of transitioning security-sensitive code to memory-safe languages like Rust, there has been an effort to write a Rust-based replacement to GNU Coreutils. For nearly a year that Rust Coreutils has been able to run a basic Debian system while more recently they have been increasing their level of GNU Coreutils compatibility and in some cases now even outperforming the upstream project.
LVFS Exploring Alternate, Open-Source Firmware For Capable End-Of-Life Devices
The Linux Vendor Firmware Service (LVFS) with Fwupd for firmware updating on Linux could soon be making it easier to transition older, end-of-life devices off official firmware packages and onto the likes of open-source Coreboot for capable aging PC hardware. This not only would make the system run on more free software but would extend the life of the hardware with firmware updates where the vendor has ceased their support.
Intel's Unaccepted Memory Support Updated For Substantially Faster Booting Of TDX VMs
Way back in August Intel posted a set of Linux kernel patches for supporting "unaccepted memory" by the Linux kernel in preparation for next-generation Xeon processors and speeding up the boot time for guest virtual machines making use of Intel's Trust Domain Extensions (TDX) security feature. Unaccepted memory support hasn't yet made it to the mainline kernel but now a second iteration of the patches have been posted.
