Over the past quarter of a century, the open-source movement has gone from strength to strength. But that success and the openness inherent in the community have led to a major challenge – security. The more software that is developed, the greater the likelihood there is for vulnerabilities.
To make matters worse, the open-source world prides itself on openness and transparency. Therefore, any security vulnerabilities are disclosed publicly. In this age of organized gangs of cybercriminals, that is like placing an ad asking for an attack.
This has given rise to a large number of open source security tools. They take care of all aspects of the management of security in open source components, examine dependencies, fix bugs in code, and lower risk.
However, the tools themselves vary considerably in scope, sophistication, and function. The editors of eSecurity Planet find the following 20 open source security tools to be particularly useful. Some are open-source, some are commercial, but all are good security options for open source environments.
Adobe Photoshop is a raster graphics editor. Photoshop can edit and compose raster images in multiple layers and support masks, alpha compositing, and several color models including RGB, CMYK, CIELAB, spot color, and duotone. What are the best free and open source alternatives to Photoshop? Learn more about open-source graphics editors here.
Navigating Linux kernel APIs can be very time-consuming, so Linux ksplice guru Vegard Nossum put together a very handy time-saving cheat sheet to help traversing Linux kernel concurrency primitives.
As a child, I spent countless hours playing games on my Nintendo Game Boy. As I grew older and started programming in QBasic on MS-DOS, I also got curious about how Game Boy games worked.
At that time, I didn’t yet have an Internet connection at home, but I spent a lot of time at my parents’ workplaces after school, where I had access to the Internet. I would frequently bring stacks of floppies and load them up with anything I could download — QBasic programs, shareware, and all the programming tutorials and documentation I could find.
One of the things I found was the “Nintendo GameBoy Crib Sheet” by Justin “Otaku No” Lloyd. The Crib Sheet is a 4-page document, meant to be printed, that is packed with information about Game Boy assembly programming — instructions, opcodes, memory maps, IO registers, etc. At the time, I didn’t really understand a lot of it, but I marveled at it and treasured it.
My dad worked at a printing business, so he had the equipment to print the Crib Sheet in A3 (roughly “Tabloid/Ledger” in US paper sizes), two-sided and in color, and laminate it.
I eventually learned how to program the Game Boy, largely helped by my printed and laminated Crib Sheet.
Since then, I’ve had a bit of a soft spot for cheat sheets. They’re not for everybody, and that’s fine. To me, there is something magical about seeing the essence of something distilled down to a tightly packed overview that fits in your hands.
That’s why I decided to make one for Linux kernel concurrency primitives (click on the preview to download the PDF):
In some places, you’ll see some circled, colored number references. Those refer to potential variants of a function, and the variants are usually listed just below the table of functions.
This cheat sheet is necessarily incomplete — Linux kernel APIs are too numerous and diverse to be able to include every detail. I consider the cheat sheet to be a handy reference and a good starting point for exploring the APIs.
Two networking industry veterans have launched a network observability startup based on an open source model, with users paying for a fully supported enterprise version if needed.
Dinesh Dutt, former chief scientist at Cumulus Networks and a Cisco fellow who helped design many of the networking giant’s ASICs, and Neela Jacques, whose background includes VMware, Barracuda, the OpenDaylight Project, and Isovalent, have co-founded Stardust Systems based on Dutt’s work on the open source Suzieq network management tool.
Jacques, whose experience includes the OpenDaylight, eBPF, and Cilium open source projects, sees an open source business model as the best way to get their technology out to the market. His goal is to get Suzieq into the hands of as many users as possible, even if they never become paying customers.
“Some users will never pay for additional functionality, services, or support,” Jacques told Enterprise Networking Planet. “We think that’s the price of entry these days. We’re committed to giving users something solid of value, something they can use in production. We’re betting many of them will want more and happily pay for the enterprise version.”
Networks have never been more complicated or harder to understand — witness Facebook’s recent outage — and many network operators are afraid to make changes as a result.
“When a network fails, the outcome is spectacular,” Jacques said. “Most network operators don’t want to admit how fragile their networks are.”
Also read: The Future of Network Management with AIOps