Open Source Convention highlights mobile open source efforts along with Linux, Web computing, and languages.
Mobile computing has become a dominant focus in the open source arena, a theme on prominent display at a major open source technology convention last week.
The O'Reilly Open Source Convention (OSCON) in the US highlighted mobile efforts along with Linux, Web computing, and languages. Mention of various mobile efforts abounded, including LiMo (Linux Mobile), Intel's Moblin, and the Google-backed Android platform.
"We've seen some amazing things happening in the Linux development process that's really going to impact the mobile world," said Jim Zemlin, executive director of the Linux Foundation, in a presentation at the Open Mobile Exchange portion of the conference. Zemlin explained that datacenter innovations pertaining to power consumption in Linux can be applied to the mobile world, translating to longer battery life. Real-time technology also is pertinent, he said.
Read More Article...
Thursday, July 31, 2008
Mobile computing now an open-source driver
The best place to host your open-source project
Just a few short years ago, there was one open-source hosting service worth considering: Sourceforge.net. It was by no means perfect (Alfresco's analytics, for example, have been down for over a month on Sourceforge, with no apparent urgency to fix the problem), but it was good enough, free, and everyone else used it.
Today, there are multiple options, including Google Code, Microsoft CodePlex, CodeHaus, GitHub, and, interestingly, Canonical's Launchpad.
Yes, Launchpad. Launchpad is the brainchild of Mark Shuttleworth's Ubuntu team, but it has aspirations beyond hosting the Ubuntu code, aspirations that recently attracted MySQL to move its code over to the Launchpad service.
I don't recall Launchpad starting with this third-party code hosting premise in mind, but it certainly has gone there fast. OStatic has an excellent write-up on its new features, and whether they're compelling enough to put your open-source project there.
For a new project, it's definitely an interesting choice. But the larger question is whether an established project - especially commercial projects - gets adequate value from any hosting service to justify hosting with a prefabricated hosting service. SugarCRM moved from Sourceforge to hosting its own project, and other companies have done the same. (My own company is in the process of exploring options.)
Read More Article...
Wednesday, July 30, 2008
Open source software fired into IBM top-10 vulnerability list
Large news websites also hosting malicious code
Open source software has emerged for the first time in a top ten list of products to face major vulnerabilities.
Open source software names such as Joomla!, Drupal, WordPress and Linux are now alongside large proprietary software firms including IBM, Microsoft, Apple, Sun, Cisco, and Oracle in the IBM Internet Security Systems ‘Midyear Trend Statistics’ report.
It is the first time that community-developed open source software such as the Drupal and Joomla! content-management software packages for the web also showed up on the list. Tom Cross, X-Force researcher at IBM ISS, said Drupal and Joomla! are open source packages that "have both been vulnerable to SQL injection attacks".
The report tracked 3,534 disclosed vulnerabilities in software for the first half of the year, a 5 percent increase from the first half of 2007.
According to another report, Websense’s ‘State of Internet Security Q1-Q2’, the situation regarding compromised websites is becoming dire.
Stephan Chenette, manager of the Websense Security Labs, said: "Sixty percent of the 100 most-popular websites have been hosting malicious code or inadvertently distributing it.” He added: "75 percent of malicious websites in general are actually legitimate websites that are compromised."
Read More Article...
Tuesday, July 29, 2008
Alitheia tool tests open source quality
Community-based project checks free and open source software
The European Commission's Software Quality Observatory for Open Source Software (SQO-OSS) project has announced the release of its Alitheia Core checking platform.
Alitheia has been developed by a consortium of European businesses, academics and open source developers.
The application analyses the quality of open source software and assesses the true potential of the development communities around the software.
SQO-OSS is a community-based project dedicated to checking the quality of free and open source software and making its data publicly available.
Read More Article...
Monday, July 28, 2008
Survey: Economy Pushing Users to Open Source
Results of a recent poll show that the stagnant economy may be leading more organizations to adopt open-source software to save on licensing fees, according ot the Open Solutions Alliance. Customers also are concerned about interoperability between open-source software and Microsoft Windows.
In the first annual survey of its membership and other open-source software and services companies, the OSA (Open Solutions Alliance) found that the stagnant economy may be helping to push open-source adoption.
In a survey of more than 100 of its member organizations, the OSA found that 83 percent said they expect to see a year-over-year increase in revenue in 2008 from open-source related software and services.
About 78 percent reported that the affordable price of open-source software is motivating their customers.
Read More Article...
New data shows open source software often doesn't employ best practices for securing code
Fortify Software has released its Open Source Security Study which reveals that the most widely-used open source software packages for the enterprise are exposing users to significant and unnecessary business risk.
The study validates that Open Source Software (OSS) development communities have yet to adopt a secure development process and often leave dangerous vulnerabilities unaddressed.
Additionally, the study found that nearly all OSS communities fail to provide users access to security expertise to help remediate these vulnerabilities and security risks.
“Open source software is an Achilles Heel in today’s corporate enterprises, and should be a significant concern for CIOs who depend on open source software to run their business,” said Howard Schmidt, former cyber security advisor to the White House and (ISC)2 Board Member. “This is an endemic issue that starts in the open source community, and while open source software faces the same vulnerabilities as commercial or in-house developed software, the mechanisms aren’t as prevalent in open source communities to influence a secure development process.”
Read More Article...
Friday, July 25, 2008
Microsoft: We're Open (Source) For Business
Redmond says it's changing into an open source-aware software company, but it's still going to take time.
For years, the poster child of the anti-open source movement was Microsoft, with its proprietary software model. In recent years, however, the company has changed its views, starting an open source software lab to work on interoperability issues. It's even become a purveyor of its own open source-approved licenses.
What do these efforts mean? For Sam Ramji, Microsoft's director of open source technology strategy, they indicate the company is "open" for business.
"The strategy is founded on meeting people where they are," Ramji told InternetNews.com. "Independent of whether or not the application programming layer is a Microsoft technology, we really look at ourselves as being an infrastructure layer, and our job is to support the workload and the development styles that people want to use."
Read More Article...
Study Paints Open-Source Software as a Security Risk
Open source software is a significant security risk for corporations that use it because in many cases, the open source community fails to adhere to minimal security best practices, according a study released Monday.
The study, carried out by Fortify Software with help from consultant Larry Suto, evaluated 11 open source software packages and each community's response to security issues over the course of about three months. The goal was to find out if the community for each open source software package was responsive to security questions or vulnerability findings, published security guidelines and maintained a secure development process, for example.
Open source application server Tomcat scored the best in the study, titled "Open Source Study -- How Are Open Source Development Communities Embracing Security Best Practices?"
Read More Article...
Wednesday, July 23, 2008
Software piracy hurts the open-source community too
July 23, 2008 (Computerworld) PORTLAND, Ore. -- Proprietary software vendors, movie companies and the music industry aren't the only businesses that don't like pirates stealing, copying and reselling their CDs and DVDs.
It turns out that pirated software can also hurt the open-source community. When stolen proprietary software is used by consumers, that's a lost opportunity for open source software makers to get their own software onto the computer hard drives of new users.
So says Louis Suarez-Potts, the community manager at Sun Microsystems Inc. for the OpenOffice.org open source project, who discussed the phenomenon here at the 10th annual O'Reilly Open Source Convention.
"Piracy hurts open source because open source asks people to help give back and contribute code, but they say 'why should I help? I have Microsoft Office for free,'" Suarez-Potts said.
Around the world, he said, many national governments are realizing that this hurts them, too, because their citizens are then consumers of stolen technology rather than active participants in open-source communities that can help people gain technology skills that benefit workforces and nations.
By cracking down on software piracy, nations around the globe are starting to see that they can help themselves dramatically by encouraging innovation and creativity -- as well as job growth and richer economies -- through open source development, he said.
Read More Article...
Tuesday, July 22, 2008
Open source software a security risk, study claims
Open source software is a significant security risk for corporations that use it because in many cases, the open source community fails to adhere to minimal security best practices, according a study released Monday.
The study, carried out by Fortify Software with help from consultant Larry Suto, evaluated 11 open source software packages and each community's response to security issues over the course of about three months. The goal was to find out if the community for each open source software package was responsive to security questions or vulnerability findings, published security guidelines and maintained a secure development process, for example.
Open source application server Tomcat scored the best in the study, titled "Open Source Study -- How Are Open Source Development Communities Embracing Security Best Practices?"
The remaining 10 open source application, tool and database packages -- Derby, Geronimo, Hibernate, Hipergate, JBoss, Jonas, OFBiz, OpenCMS, Resin and Struts -- had a dismal showing. Among these 10 packages, application server JBoss scored higher by providing a prominent link to security information on its Web site and easy access to security experts, but came up short for not having a specific e-mail alias for submission of security vulnerabilities.
Read More Article...
Monday, July 21, 2008
Enterprises warned on open source security
A study into eleven popular open source applications has suggested that enterprises are underestimating the security risks of using the code.
Security vendor Fortify studies the applications, including JBoss and OpenCMS, and found a number of security problems, which it partially blames on bad security practices and processes by open source programmers.
“Security best practices are a low priority to the open source projects surveyed,” said the company’s Open Source Security Study.
“Yet open source packages often claim enterprise-class capabilities but are not adopting - or even considering - industry best security practices. Only a few open source development teams are moving in the right direction.”
Mozilla was highlighted as one of the open source projects that took security most seriously, but the report found that many other projects were no taking security of design and implementation seriously.
Read More Article...
Sunday, July 20, 2008
Is Open Source Development Insecure?
A leading application security firm issues research report alleging that open source software developers are missing the security boat.
One of the basic theories behind open source and its relative security is the fact that many eyeballs are looking at code to identify potential and real trouble spots. According to application security vendor Fortify Software, many eyeballs alone aren't enough. In fact Fortify argues in a new study that open source software is insecure and is exposing enterprises to risk since secure development processes have not been properly adopted.
Fortify's study looked at 11 open source java projects and ran them through a barrage of tests to identify secure practices. In general Fortify argued that the projects had a variety of security vulnerabilities including Cross Site Scripting and SQL injection flaws and that there was an overall lack of secure development processes in place.
"We think that open source software is an area of under-explored risk that we want to help enterprises better understand it," Jacob West security research group manager at Fortify told InternetNews.com. "We found notable vulnerabilities in all of the eleven open source packages we looked at. Because of the rampant numbers we found we think that open source projects aren't leveraging security tools properly."
Read More Article...
Friday, July 18, 2008
Open source quality checker released
An open source software project, originally propped up by European Commission (EC) funds, has released an alpha version of its quality control program, Alitheia Core.
Software Quality Observatory for Open Source Software (SQO-OSS – pronounced squash) is intended to develop tools based on identified metrics to define and check the quality of open source software.
European businesses, academics and open source software projects developed the new application.
Alitheia Core has been released under the 2-clause BSD licence. Features include system admin for new project data installs, a cross-language metrics tool and a web-based user interface that will display calculation results.
The group’s project coordinator Professor Diomidis Spinellis said: “This release opens up SQO-OSS to the scrutiny of the open source software developers and users community. It demonstrates SQO-OSS's commitment to the deployment of a practical working system.”
In recent months the EC has upped its apparent commitment to open source adoption among government agencies throughout the 27 member states.
Read More Article...
Wednesday, July 16, 2008
Is single vendor-driven open source a greater security risk?
Ounce Labs, a software risk analysis company, has uncovered two security vulnerabilities in the Spring Framework.
Considering how long Spring has been in use, and its popularity, how could such vulnerabilities remain hidden so long? After all, isn't one of the hallmarks of open source the strong community vetting? Could it be that the shift towards single-vendor-driven open source is making open source riskier?
What the Spring vulnerabilities are
Kudos to Ryan Berg, chief scientist and co-founder of Ounce Labs, and Ounce team for uncovering the issues and working with SpringSource to raise awareness.
Read More Article...
Tuesday, July 15, 2008
The fastest way to learn open source
Since Big Money Matt opened up his summer reading list today, let me offer praise to a book, or rather a series of books, that could really change the world.
It’s O’Reilly’s Head First series, and it makes the Dummies series read like they were written for Einstein.
Tim O’Reilly has taken everything he and his company have learned training people in programming for two decades and condensed it into the format of this series. Even I can learn with it.
While I’ve been writing about programming and programmers for decades, I’ve never been able to actually do it. I’m like the sportswriter who can’t hit.
Read More Article...
The fastest way to learn open source
Since Big Money Matt opened up his summer reading list today, let me offer praise to a book, or rather a series of books, that could really change the world.
It’s O’Reilly’s Head First series, and it makes the Dummies series read like they were written for Einstein.
Tim O’Reilly has taken everything he and his company have learned training people in programming for two decades and condensed it into the format of this series. Even I can learn with it.
While I’ve been writing about programming and programmers for decades, I’ve never been able to actually do it. I’m like the sportswriter who can’t hit.
Read More Article...
Monday, July 14, 2008
Open-source Quality Tester out in Alpha
The Software Quality Observatory for Open Source Software (SQO-OSS) project has released an alpha version of Alitheia Core, an open-source software quality-checking tool.
The SQO-OSS project, which has received support from the European Commission, is being developed by a group of academic institutions, companies and open-source projects around Europe.
"By analysing public data sources relating to open source projects (email, bug tracking data, code, version control metadata) the system utilises metric-based assessment techniques to assess quality characteristics," according to the project's Web site.
The initial release should be considered a "usable alpha," according to a press release: "Whilst core functionality is provided, performance issues remain and customisation is currently disabled." It is available under the two-clause BSD open-source license.
Read More Article...
Sunday, July 13, 2008
Closed Source vs. Open Source in Desktop Linux
When most people in IT think of Linux, they picture an open source operating system kernel, along with other software, coming together to create the server and desktop OS based on Free software. That image is accurate – and there’s no question that it’s open source code (and community cooperation) that has helped Linux to become the powerhouse that it is today.
But at what point do we accept that – whether we like it or not – closed source applications will eventually have to be let in to this otherwise "open" world? After all, this has already been happening for years, despite the Linux purists kicking and screaming the entire time.
In fact, closed source code is used everyday within the Linux world. And here’s the funny thing: most of us never really think twice about it.
Closed source with Linux – it's not a new concept.
While the core of the desktop Linux operating system (regardless of distribution) is powered by open source code, it is commonly used side by side with code that gets less attention – indeed, many Linux purists seem to forget about: Closed source software and drivers are used with desktop Linux every single day by thousands of people.
From specific firmware added by select distributions to ensure wireless compatibility to the open source software known as WINE, which allows users to run closed source Windows applications, proprietary code has its place on the Linux desktop.
Read More Article...
Friday, July 11, 2008
Open source - a quality perspective
Open source software (OSS) is software that has been developed, tested or improved through public collaboration and distributed on the understanding that the results will be shared with others, thus ensuring an open future collaboration between corporations, public and academic institutions and individuals.
OSS originally began as a marketing campaign for free software back in the 1980s but was changed in the late 1990s in order to be 'commercially acceptable' and the basis on which a licence could be attached, with the objective of making a product more understandable, modifiable, duplicatable, reliable or simply accessible, while still making it a marketable commodity.
Today most major organisations worldwide are running OSS to a greater or lesser extent and thus the open source market is growing rapidly. However, the quality of open source solutions has become a burning issue and one of today's core decision-making elements for any new application/project.
The maturity level of software quality assurance (SQA) is the characteristic that distinguishes the success rate of open source implementations. There are many open source software testing tools; however, the raising of the maturity levels of SQA needs to encompass expert skills, tools and techniques, as well as streamlined business processes. Thus, a strategy for quality assuring open source software must include all these three pillars, namely, people, processes and technologies.
Read More Article...
Open Source`s New Frontier
Open-source technologies are making their mark on a growing number of IT areas, including CRM, VoIP and mobility.
By now, every CIO should be aware of the enterprise potential of Linux and other popular open-source software offerings. But the number and breadth of open-source projects has increased steadily over the years, and organizations can apply these tools to virtually any type of business process.
Three emerging areas in which open source could make a dramatic difference for businesses are voice over IP (VoIP) telephony, customer relationship management (CRM) and mobility.
Today, companies generally employ open source in limited ways. “It’s primarily being used in a tactical fashion in skunkworks projects and in internal infrastructure efforts,” says Bernard Golden, CEO of Navica, a systems integration and consulting firm that focuses on open source.
Some organizations overtly favor open- source implementations over proprietary options, using the latter only when necessary. But hardly any enterprises have begun to recast their IT strategy with open source at its foundation.
Industry research backs that up. Open source is not a high priority among strategic software initiatives today. Instead, businesses use it as a tactical tool for achieving mission-critical initiatives, such as implementing enterprise collaboration strategies, adopting service-oriented architecture (SOA) and implementing Web 2.0, according to a December 2007 report by Forrester Research, an IT research and advisory firm.
Read More Article...
Thursday, July 10, 2008
Open source finally blooms at Google
I wrote a few weeks back that Google has discovered developers and, as part of that, has significantly invested in open source.
For all the bile that I and others have spewed at Google over the years for its adoption of open source, with little in the way of contributions back, it's amazing to see the trickle of open source from Google turn into an absolute flood. In just the past two weeks, we've seen Google open-source the following:
- Browser Sync, a "Firefox extension that continuously synchronizes your browser settings." Google is abandoning Browser Sync but wants to make sure it doesn't bury the dead without ensuring its code can live on as developers see fit.
- Ratproxy, an application security testing tool.
- Protocol Buffers, or Google's Data Interchange Format, which "allow[s] you to define simple data structures in a special definition language, then compile them to produce classes to represent those structures in the language of your choice."
It's a fantastic change of heart. It will be interesting to see how it shifts the competitive landscape of the Web.
Source : http://news.cnet.com/
Wednesday, July 9, 2008
Is Open source a synonym for Free software ?
The market for open source and free software is surging high with its appreciation in mainstream segment also. The free software products like Linux or others are moving from the walled boundaries of servers to desktops and laptops. Recently, launched Ultra low cost laptops were supported on Linux and that came as a major breakthrough for it to garner some spotlight from tech analysts.
But still the concept of free software and open source software is not clear with many of us. We are confused at the basic level and interchanging the terms for each other. We use the terms Free Source and Open Source interchangeably and get them confused with the concept that they are available for free.
To some extent the concept gels with what we consider “available for free” but not in complete sense. The word “free” is basically the misnomer. We confuse it with “free burgers” but it should be considered for “free speech”. No doubt that some softwares from both the communities are available for free of cost and are offered as free downloads but not all utilities.
Read More Article...
Tags: BPO Services | Outsource Medical Billing | Medical Billing Services | Medical Coding | Medical Transcription | Medical Transcription Services | CAD Drafting | CAD Design | CAD 3D Modeling | CAD Engineering | CAD Rendering | AutoCAD Drawing
Monday, July 7, 2008
The 'Other' Open Source Web Server
nginx: Open Source Web server with a small footprint and high load handling capability.
From a distance it seems like there are no new Web servers under the sun. After all, in Internet time, Apache and Microsoft IIS have together cornered 85 percent of the market for generations. As the major players have grown in influence, they've also grown in other ways — complexity and resource usage, to name two. In some contexts, administrators are turning to lightweight Web servers tuned to perform specific tasks with great efficiency.
Nginx, or "engineX," is the open source project of Russian developer Igor Sysoev. Although its footprint on the overall Web server market remains small, nginx is said to power more than 20 percent of Russian servers. According to the most recent Netcraft Web Server Surveys, nginx deployment doubled from 1 million to 2 million sites between May and June 2008 alone, making it the second most popular open source Web server behind Apache (admittedly, a long way behind).
Read More Article...
Microsoft Equipt vs open source and free software
The computer users of the world have been getting more interested in open source and free software for some time now and Microsoft’s new Equipt subscription service is aimed at defending the Office franchise.
As we reported the other day, the pricing model for Equipt will be $69.99 per year and you get a lot of software for the money that can be accessed by up to three computers.
Circuit City have got the exclusive rights to Equipt beginning mid-July and it’s hoped by Microsoft that the convenience of Equipt will stop some Office users moving towards the open source or free software route.
There is a lot of competition for Microsoft and that’s why this new service was needed to keep them in the game, as IBM is offering Lotus Symphony free and also other brands have similar free Office software packages.
The sales results for Office products have shown a downward pattern and the last quarter saw Office products among consumers drop 39%.
Will you use the new Equipt subscription service or do you have another favorite?
Source : http://www.product-reviews.net/
Friday, July 4, 2008
The Top 75 Open Source Security Apps
Anti-Virus/Anti-Malware
- ClamWin Free Antivirus
This Windows-only app uses the incredibly popular ClamAV engine to detect viruses and spyware. It includes a scanning scheduler, automatic downloads, and a Microsoft Outlook plug-in. However, it does not provide real-time scanning; you'll need to scan your files manually in order to be protected.
Operating System: Windows. - ClamAV
Numerous commercial and open-source products are based on the Clam Antivirus engine. Designed for protecting e-mail gateways, Clam AV offers automatic updates, a command line scanner, and more. Operating System: Unix, Linux, BSD. - Moon Secure Antivirus
Moon Secure is currently based on ClamAV, but the developers are working on an antivirus engine of their own that will enable real-time scanning. Operating System: Windows. - Rootkit Hunter
As you might expect from its name, Rootkit Hunter searches your system for rootkits and other unwanted tools. It does not provide live or scheduled scanning, but the Web site contains instructions for setting up your system to run Rootkit Hunter daily. Operating System: Linux, Unix. - AMaVis
Short for "A Mail Virus Scanner," AMaVis acts as a go between for your anti-virus software and your mail transport agent so that incoming e-mails can be scanned for viruses. The site contains the complete--and very extensive--list of supported applications. Operating System: OS Independent. - ClamMail
ClamMail combines a POP3 e-mail proxy with the ClamAV engine. The result is free antivirus protection for messages accessed via Outlook, Thunderbird, Eudora, or other POP3 apps. Operating System: Windows.
Thursday, July 3, 2008
Developer says RP should contribute to open source community
PASIG CITY, Philippines -- The Philippine open source community should speak up and contribute to global open source projects, an Australian developer and expert said in an interview here.
Greg Wilkins, a lead developer of the so-called "Jetty open source servlet server" and a member of an experts group for the servlet specification from the Java Community Process, said the country is in a good position to take an active role in the open source community.
While Southeast Asia has been primarily a consumer of open source software, Wilkins said the Philippines is in a good position to contribute more to the open source software community because it understands different cultures.
Read More Article...
Wednesday, July 2, 2008
Good-bye Windows XP, Hello Open Source?
That’s it. I’ve had enough. Today I draw a line in the sand with me and Windows XP on one side and Microsoft and any of its new operating systems—including Vista—on the other, for ever more.
What got me started on this—the reason for this pledge—is simple: Yesterday Microsoft said again (but I believe it this time,) that it will stop selling Windows XP in January, 2009. WHAT? Why on Earth would a company discontinue its most stable release yet? Simple. Because it wants to sell more copies of Vista, which in my (admittedly inexperienced but reasonably well-read) opinion is inferior.
Hey Microsoft, since you won’t be using Windows XP any more, why not contribute it the open source community? There’s obviously lots of people who still want to use it. But does that matter? Of course not.
Read More Article...
Tags: BPO Services | Outsource Medical Billing | Medical Billing Services | Medical Coding | Medical Transcription | Medical Transcription Services | CAD Drafting | CAD Design | CAD 3D Modeling | CAD Engineering | CAD Rendering | AutoCAD Drawing
SaaS collaboration tool goes open source
Users have the right to know what is under the hood, says founder
Christchurch’s Onlinegroups.net has officially launched its software-as-a-service for online collaboration. At the same time, the company has released GroupServer, the software that powers the service, as open source.
Onlinegroups.net aims to make online groups and sites easily available, without administration costs, says the company’s founder and CEO, Dan Randow.
The website, which has around 14,000 users worldwide, offers message boards, file-sharing, chat and discussion forums, suitable for virtual groups, inter-agency collaboration or hosted extranets, he says. Groups sit on a site of their own, which can be customised with logos, varying colour schemes and site introductions.
Public group sites are cost-free, while premium sites, with private work spaces, are charged with a subscription fee, says Randow. The main difference between Onlinegroups.net and other group collaboration sites, such as Yahoo Groups and Google, is that Onlinegroups.net is completely advertising-free, he says.
Tags: BPO Services | Outsource Medical Billing | Medical Billing Services | Medical Coding | Medical Transcription | Medical Transcription Services | CAD Drafting | CAD Design | CAD 3D Modeling | CAD Engineering | CAD Rendering | AutoCAD Drawing