So, the Linux kernel and 2000+ various Linux Distros aren’t alone with their security issues, i.e. the entire Open-source software (OSS) ‘project’ is experiencing a “Rampant” rise in security issues and other vulnerabilities.
- Open source vulnerabilities rose by nearly 50 percent in 2019 over the previous year, based on a report released Thursday.
- The vulnerability rate is expected to continue rising.
- Open source usage and research continues to proliferate. Along with the growing popularity of open source projects, the number of reported open source vulnerabilities continues to grow.
- With the continued increase of both open source usage and security research, the number of reported open source vulnerabilities will keep rising, the 2019 vulnerability report predicts.The open source community increasingly is seeking ways to address the chaos in the open source security process with new initiatives.
- However, the rosy predictions of the current WhiteSource report may not hold true, suggested Thomas Hatch, CTO of SaltStack, as open source software has undergone a transformation in recent years.
- “The nature of OSS has been shifting, and the present state of OSS software is arguably worse than in the past,” he told LinuxInsider. “But instead of looking at OSS as good or bad, we should keep in mind that the way we approach these opportunities changes the nature of how they work.”
- Originally, dedicated engineers with religious zeal made open source software. They worked to create the cleanest software they could, with a goal to take over the world with open source, Hatch suggested.
- These issues occur in practically all of our favorite open source software projects, according to the report. The most important takeaway is that just because popular open source projects have vulnerabilities does not mean they are inherently insecure.
- Instead, it means open source users need to be aware of the security risks. That includes making sure they keep dependencies up to date.
This is probably the longest article I have ever seen Jack M. Germain write, and even he appears a little unsure of what all these recent security issues and vulnerability problems actually mean for Linux and the entire Open-source software (OSS) ‘project’ … a great read tho, especially if you’re considering using Linux as you main desktop/laptop Operating System (OS). Will add this post to the *Linux Security Issues* page…