Despite its overwhelming advantages, open source adoption is inhibited by concerns about the availability of reliable support, which is often needed to address security concerns. That is one of eight conclusions from the survey The New Stack conducted with Tidelift. —Lawrence Hecht
Whether it is to justify spending, quantify risk, or generally keep the executive suite up on security doings, CISOs discussions are now awash in dashboards, charts, and key performance indicators. The only problem? A lot of the numbers security teams and their leadership uses are, well, not very useful. —Ericka Chickowski
The Internet Association (IA) is a trade group funded by some of the largest tech companies in the world, including Google, Microsoft, Facebook, Amazon, and Uber. Many of its members keep their lights on by tracking users and monetizing their personal data. So why do they want a federal consumer privacy law? —Bennett Cyphers
MITRE today published a draft of the Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors, a list of the most widespread and critical weaknesses that could lead to severe software vulnerabilities, as the organization explained a release on the news. —Kelly Sheridan
In July 2019, Capital One made news headlines not for achieving another milestone but because it had been breached. Capital One was using AWS cloud services, as many businesses are doing nowadays. The problem stemmed (in part) because Capital One had a misconfigured open-source Web Application Firewall (WAF) hosted in the cloud with Amazon Web Services (AWS). —Anastasios Arampatzis
With few commercial participants, early free software and open source communities were, by definition, community-led. Software was designed and created organically by communities of users in response to their needs and inspiration. The results, to a degree nobody predicted, were often magical. —Donald Fisher
This article is an overview of how proxy servers form the basis of online anonymity. We’ll discuss how you can use proxies to help both users and web applications. —Victoria Drake
For six years, the site RegExCrossword.com has been offering crossword puzzles made from programming language regular expressions. “Welcome to the fantastic world of nerdy regex fun!” reads a greeting on its home page. —David Cassel
Immediately after Mozilla announced its plan to soon enable ‘DNS over HTTPS’ (DoH) by default for Firefox users in the United States, Google today says it is planning an experiment with the privacy-focused technology in its upcoming Chrome 78. —Swati Khandelwal
Related
