Welcome Guest | Sign In
LinuxInsider.com

LinuxInsider Talkback

 
ECT News Community   »   LinuxInsider Talkback   »   Re: Companies Turn Blind Eye to Open Source Security Risks



Re: Companies Turn Blind Eye to Open Source Security Risks
Posted by: Jack M. Germain 2017-10-18 11:59:44
See Full Story

Many software developers and enterprise users have been lax or oblivious to the need to properly manage open source software, suggest survey results released Tuesday. The report highlights the consequences of failure to establish open source acquisition and usage policies, and to follow best practices. Flexera polled more than 400 commercial software suppliers and in-house software development teams within enterprises about their open source practices. More than half of the software products currently in use contain open source components.


Re: Companies Turn Blind Eye to Open Source Security Risks
Posted by: gluufederation 2017-10-31 07:29:45 In reply to: Jack M. Germain
Isn't the question that large companies use lots of software without properly updating it (both commercial and open source). Just as an example, Oracle waits a long time before it releases security patches for its various software. Thus, many vulnerabilities are announced and not patched for some time. It's also too simple to generalize about open source software. "Open Source" varies from commercially supported software, to publishing a pet project for your friends. Certainly we could make a case that responsibly published and maintained software is easy to keep up to date. If you can get the latest code with "apt update / apt upgrade" (or it's equivalent), and you don't... the license of the code isn't your problem.

Re: Companies Turn Blind Eye to Open Source Security Risks
Posted by: Wormwood 2017-10-19 08:15:22 In reply to: Jack M. Germain
Why SHOULD the majority of companies (small, uderfunded; low-quality, in general) care ANYTHING about the security risks of using FOSS? FOSS lends itself to being considered as nothing more than a 'free ride' by these entities who would have never considered developing a product and offering it for sale, had the development of that product included a healthy licensing fee for the (of-dubious-benefit, and contributing nothing, anyway) software...regardless of the "customer-security" claims and protestations of a major Operating System supplier.
What do we think is the reason for the cancer on our society known as 'the Internet of Things'? Major clue: we blame them--rightly so--for a lot of things, but it ain't Microsoft.
***********************************
A request--
I know that your main thrust is software these days, but I was wondering if you would, given your impressive Linux background, consider a review of what appears to be an excellent non-Microsoft laptop by a premier manufacturer: the HP 15.6" ZBook 15u, which runs the FreeDOS 2.0 operating system, and which could probably be made into a Linux machine as a 'no-brainer' (I really don't know, but would deeply appreciate the advice of an expert).
Jump to:
Facebook Twitter LinkedIn Google+ RSS
What is the most consequential impact of social media on society today?
It has opened up valuable new channels for civil discourse.
It has destroyed the meaning of "truth" and "fact."
It has made people stronger by facilitating grass roots activism.
It has deepened divisions among groups with opposing views.
It has made it easier for people to support and help each other.
It has made it easier for people to humiliate and hurt each other.