this post was submitted on 04 Dec 2024
18 points (95.0% liked)

Pulse of Truth

537 readers
253 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 1 year ago
MODERATORS
[email protected]
18
70% of open-source components are poorly or no longer maintained (www.helpnetsecurity.com)
submitted 17 hours ago by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
 

The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks daily, 24% of which are nation-state attackers targeting the IT sector. With software supporting increasingly vital systems, the origin of code has become a matter of national and economic security. 34% of open-source contributions come from the … More → The post 70% of open-source components are poorly or no longer maintained appeared first on Help Net Security.

top 3 comments
sorted by: hot top controversial new old
[–] [email protected] 17 points 16 hours ago

This really highlights part of the beauty of open source code, though. You usually have plenty of options for large well-maintained projects. If an obscure, abandoned project fits your needs better, you're free to inspect the code, modify it as you see fit, and use it.

On the other hand, when Windows 10 goes end-of-life, I have no option to fork it and use it as a custom project. I can switch to Windows 11 (zero chance of this happening), use an outdated version of Windows 10, or convert to Linux.

[–] [email protected] 18 points 17 hours ago

Foss bad, big company good.

Look, it's not perfect but we KNOW that the big companies do not care about us, even the other way around.

So yeah, poorly maintained project that I need? Mayble I'll help maintain it then?

[–] [email protected] 10 points 15 hours ago

Yeah after two biggest security fuck ups ever in one year on Azure (that were hushed) microsoft are the ones to sell the story about open-source bad cause unmaintained.