Securing open-source code isn't going to be cheap
Devs and maintainers are getting paid ... though not to concentrate on security.
Devs and maintainers are getting paid ... though not to concentrate on security.
The Linux Vendor Firmware Service (LVFS) that integrates with Fwupd for delivering firmware updates primarily to Linux users is surging with around three times the normal traffic volume. Unfortunately, this boost in traffic appears to be due to vendor(s) releasing new system firmware updates ahead of disclosing a presumptive security issue.
The new year has brought some bad news for Linux users and enthusiasts. Research reveals that Linux-specific malware saw a 35% increase in 2021 compared to a year before.
Security is a process, not a product. We're going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn't that it was open-source software. It's how we track and use open-source code.
The tech industry is readying solutions to the security risks posed by the collaborative software that underpins modern-day computing — but aid from Washington could be essential to the project’s success.
Linux and open-source software will be hotter than ever, but the real changes will be in how they're secured.