The Impact of Open Source on Cybersecurity
Open-source software is one of the most innovative developments of the past few decades. Open-source is code that is publicly available and editable.
Open-source software is one of the most innovative developments of the past few decades. Open-source is code that is publicly available and editable.
While some Linux enthusiasts eagerly recommend users boot their systems with the "mitigations=off" kernel parameter for run-time disabling of various relevant CPU security mitigations for Spectre, Meltdown, L1TF, TAA, Retbleed, and friends, with the new AMD Ryzen 7000 "Zen 4" processors while still needing some software mitigations, it's surprisingly faster for the most part leaving the relevant mitigations enabled.
Linux systems are a popular delivery mechanism for malware. While they’re not the most popular – that distinction goes to HTML and Javascript – don’t think you can ignore them. Linux-based attacks are very much still happening.
As the open-source model continues to prove its sustainability in the enterprise, the software community is ramping up its security-mindedness. That concern was evident in recent weeks as leading Linux groups led the way for better code security.
Data scientists, who often choose open source packages without considering security, increasingly face concerns over the unvetted use of those components, new study shows.
Rust is eating into our systems. The first Rusted drivers are being welded into Linux, while Microsoft's Azure CTO Mark Russinovich said C/C++ – until now, the systems languages of choice – should be dropped in favor of Rust henceforth.