Posts tagged FOSS

🀝 Initiatives and Organizations Supporting Open Source

This page is continuously updated; it’s publication date reflects the last time changes were made.

Read more ...


🚨 On the XZ Utils Backdoor (CVE-2024-3094): FOSS Delivered on its Pitfalls and Strengths

The newly discovered backdoor[1] in the XZ Utils package[2] affecting numerous Linux distributions[3] and assigned CVE-2024-3094[4] is being dismissed by some members of the technology and security communities as yet another supply chain attack; relevant only because of how blatant it was and that it affected the Open Source ecosystem but in essence nothing out of the ordinary. Regardless of whether this perspective is gaining traction due to cynicism, as hyperbole for clicks or as a coping mechanism, I vehemently disagree with that stance.

../../../_images/openwall-andres-freund-report.png

Read more ...