The evolution of software methodologies is evident in the shift from Linux distributions to reliance on freely available repositories. However, recent security incidents have exposed the weaknesses of this approach. As risk mitigation measures resemble those provided by Linux distributions, there is potential for their comeback in application development. This could reduce the risk of supply chain attacks.
In January, 2006, I published this article on O'Reilly's OnLAMP.com site, which was recently shut down. I've always been proud of this essay, because I think I got a lot right. I'm republishing it now in the hopes that it will continue to educate others - and perhaps allow others to critically evaluate where… Continue reading There is No Open Source Community
Now that I work in an engineering environment tailored for SaaS development, I've developed a better understanding of the challenges they face when open sourcing their code. I wrote it up for OpenSource.com in a 2-part article, "How to decide whether to open source your SaaS solution." Some tidbits: The decision to open source code… Continue reading Open Source and SaaS
As part of our ongoing relationship with the Linux Foundation, we have another symposium coming up this week, co-located with the Open Source Summit in Prague. (Registration is $150 for OS Summit attendees) We have a great agenda! What: Open Source Entrepreneur Symposium When: Thursday, October 26, 9:00 - 17:00 Where: "London" Conference Room, Open… Continue reading Prague Symposium Agenda – Oct 26
https://youtu.be/jWccpP5844Q Shane Coughlan is the founder and manager of the Openchain Project, which "builds trust in open source by making open source license compliance simpler and more consistent." As any software asset management person can tell you, they get cross-eyed when it comes to open source license compliance. My opinion has always been that this… Continue reading Podcast: Shane Coughlan of Openchain
I have more to say about this. See the original article on TechRepublic. Basic argument goes like this, "individual developers working in their mom's basement no longer drive open source development! Now it's all about the corporate $$$$." My initial thought is "duh". I've always felt that the narrative about a decentralized army creating amazing… Continue reading TechRepublic: Open Source and Corporate Funding
If you've been watching this space, you know we've been gearing up for our LA symposium on September 14, co-located with the Linux Foundation's Open Source Summit. Swapnil Bhartiya walks through the different talks and why you should go - as well as a good bit from me about OSEN and the event: “The secret… Continue reading EnterpriseIT Writeup on LA Symposium
There's been a long-running debate over open source and security, and it goes something like this: Pro: Open source is awesome! Given enough eyes, all bugs are shallow. This is why open source software is inherently more secure. Con: Hackers can see the code! They'll look at the source code and find ways to exploit… Continue reading Is Open Source More Risky?
This is a webinar I did for the Linux Foundation earlier this month. If you missed it, you can catch it on demand! Linux Foundation webinar link: Open Source Entrepreneurship - How to Build a Business on Open Source
Or: My source code is your platform, and vice-versa. https://twitter.com/i/moments/897859467529912321 https://twitter.com/johnmark/status/897837253946466304
