The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider.
The geographic distribution of open-source contributions introduces geopolitical risks that organizations must urgently consider, especially with rising nation-state attacks, according to Lineaje. Open-source code risks rise with anonymous contributions Microsoft estimates that its customers face 600 million cyberattacks daily, 24% of which are nation-state attackers targeting the IT sector. With software supporting increasingly vital systems, the origin of code has become a matter of national and economic security. 34% of open-source contributions come from the … More →
The post 70% of open-source components are poorly or no longer maintained appeared first on Help Net Security.
This really highlights part of the beauty of open source code, though. You usually have plenty of options for large well-maintained projects. If an obscure, abandoned project fits your needs better, you're free to inspect the code, modify it as you see fit, and use it.
On the other hand, when Windows 10 goes end-of-life, I have no option to fork it and use it as a custom project. I can switch to Windows 11 (zero chance of this happening), use an outdated version of Windows 10, or convert to Linux.
Yeah after two biggest security fuck ups ever in one year on Azure (that were hushed) microsoft are the ones to sell the story about open-source bad cause unmaintained.