Hacks

Linux Foundation and Harvard’s Lab identifies the most commonly used free and open-source software and the potential vulnerabilities associated. The Census II report determines the “important steps towards understanding and addressing structural and security complexities in the modern-day supply chain where open source is pervasive, but not always understood.” The report also identifies the commonly used application in production environments and examine them for potential vulnerabilities. “The Census II report addresses some of the most important questions facing us as we try to understand the complexity and interdependence among open-source software packages and components in the global supply chain,” said Jim Zemlin, executive director at the Linux Foundation. Starting from  Heartbleed  security bug, the importance of FOSS is understood than ever before and they are a critical part of a production environment, throughout the supply chain. Most-Used Packages ...

Besides rewarding ethical hackers from its pocket for responsibly reporting vulnerabilities in third-party open-source projects, Google today announced financial support for open source developers to help them arrange additional resources, prioritizing the security of their products. The initiative, called " Patch Rewards Program ," was launched nearly 6 years ago, under which Google rewards hackers for reporting severe flaws in many widely used open source software, including OpenSSH, OpenSSL, Linux kernel, Apache, Nginx, jQuery, and OpenVPN. So far, Google has paid hundreds of thousands of dollars as bounty to hackers across the world who helped improve the overall security of many crucial open source software and technologies that power the Internet, operating systems, and networks. The company has now also decided to motivate volunteer work done by the open source community by providing upfront financial help to project teams, using which they can acquire additiona...