Open source software

Open source software (OSS) has become an important part of many enterprise IT strategies, and OSS products are available to support a wide range of IT needs. Products such as Linux, Apache, Ubuntu, MySQL and Firefox are widely used. We look at the latest trends and technologies.

Feature 26 Jun 2023
Could social media revolutionise war crimes trials?

Computer Weekly speaks with open source investigators about how they use social media to gather evidence of war crimes, and the trouble with using such evidence in legal proceedings Continue Reading
News 25 Jun 2023
Aussie-built database migration tool makes global debut

MongoDB’s engineering team in Australia has built a database migration tool to help customers migrate traditional relational databases to its document database Continue Reading

News 21 Jun 2023

Software spending grows fastest as finance firms spend $652bn on tech in 2023

Banks and investment firms are increasing their spending on IT despite gloomy economic outlook, but priorities have changed Continue Reading
News 15 Jun 2023

Enterprise software price hikes risk derailing digital transformation

Buying software and cloud services for strategic initiatives is all very well as long as the price is stable. But costs are escalating, which is impacting value Continue Reading
News 13 Jun 2023

RISC-V rises to software ecosystem challenge

The open source hardware and software system on a chip specification has recognised the need to coordinate low-level software development Continue Reading
Opinion 31 May 2023

Security Think Tank: A brief history of (secure) coding

From controlling who was allowed to work with IBM mainframes to present-day DevSecOps techniques, the concept of secure coding has a longer history than you might think Continue Reading
Opinion 26 May 2023

Security Think Tank: Why “secure coding” is neither

Ensuring the security of code is just one element of a complex software lifecycle and risk management process that people need to think about more holistically, says Ed Moyle Continue Reading
Blog Post 19 May 2023

A Full Monty for Python: KX open sources PyKX

KX is one of those companies. It’s one of those companies with 15 offices across North America, Europe and Asia Pacific with a fairly weighty installed base of users - largely in the financial ... Continue Reading
News 16 May 2023

CW Innovation Awards: SensorFlow reaps returns with re-architecture

Smart building management specialist SensorFlow re-architected its entire platform to reduce cost, complexity and implement a real-time business intelligence dashboard for its customers Continue Reading
Opinion 15 May 2023

Security Think Tank: To secure code effectively, verify at every step

Verification at every step is an important part of ensuring your code is secure, writes Petra Wenham Continue Reading
News 25 Apr 2023

Lloyds Bank joins industry IT standards group

UK banking giant Lloyds Banking Group has joined an industry group which promotes global IT standards Continue Reading
News 17 Apr 2023

Government launches Smart Data Council to lower utility bills

The council aims to find ways to use and encourage uptake of smart data to make it easier to switch utility providers and save money Continue Reading
News 30 Mar 2023

OSC&R supply chain security framework goes live on Github

The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework Continue Reading
News 30 Mar 2023

Wales is building a dragon of an NHS app

As NHS Wales is due to launch the public version of its own app, Computer Weekly takes a deep dive into the technical aspects of the Welsh NHS app, future plans and whether the expectations for the programme have stacked up to reality Continue Reading
News 28 Mar 2023

How ChatGPT will become a programmer’s best friend

ChatGPT has shown it can produce code. It can also identify bugs and even figure out what a code snippet is trying to do Continue Reading
Blog Post 06 Mar 2023

Where is the ‘economic value’ of open source?

The Linux Foundation has analysed the state of open source software value to specifically look at the ‘economic value’ of open source. Its work may suggest that companies perceive the greatest ... Continue Reading
Blog Post 01 Mar 2023

What to expect from KubeCon + CloudNativeCon Europe 2023

It’s time to avoid the ‘coffee shops’ and one or two of Amsterdam’s other famed attractions (there’s no time for canal barge cruises and a visit to the Anne Frank museum) and get over to the ... Continue Reading
E-Zine 28 Feb 2023

The race to net zero

In this week’s Computer Weekly, we examine the role of green technology in helping businesses contribute to the government’s 2050 net-zero targets. We talk to Spotify about the importance of open source technologies in the music streaming service. And we look at the way hybrid working is evolving as the post-pandemic workplace continues to change. Read the issue now. Continue Reading
Blog Post 24 Feb 2023

Java: Time to try a different brew

Last year, during an interview at the reClosure virtual conference, posted on YouTube, James Gosling, the father of the Java programming language, said: “Being a project in Oracle Labs is not a ... Continue Reading
Podcast 16 Feb 2023

Enterprise open source: A Computer Weekly Downtime Upload podcast

We speak to Spotify’s open source tech lead, Per Ploug, on supplier relationship management in open source Continue Reading
News 14 Feb 2023

OSC&R framework to stop supply chain attacks in the wild

The backers of a new MITRE ATT&CK style framework called OSC&R hope to help organisations get to grips with threats to their software supply chains Continue Reading
News 14 Feb 2023

Executive interview: Putting a value on open source

Spotify’s open source tech lead discusses why open source is failing those whose free time is dedicated to maintaining code Continue Reading
News 08 Feb 2023

India launches homegrown BharOS

The homegrown Android-based mobile operating system could reduce India’s reliance on foreign software, but uncertainties around market adoption and software updates remain Continue Reading
News 31 Jan 2023

GitHub warns Desktop, Atom users after code-signing certificates pinched

Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users Continue Reading
Feature 30 Jan 2023

How to make the most of a composable enterprise architecture

Enterprise software is shifting away from highly integrated stacks to cloud-native architectures that use best-of-breed and in-house components Continue Reading
Blog Post 27 Jan 2023

Airbyte takes the biscuit for open source data integration

Airbyte is the creator of an open source data integration platform. The company has this month announced its Free Connector Programme to provide free use of any data pipeline on Airbyte Cloud that ... Continue Reading
News 23 Jan 2023

Trellix automates patching for 62,000 vulnerable open source projects

Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months Continue Reading
Feature 23 Jan 2023

Is composable business most essential technology trend to meet challenges of 2023 and beyond?

By 2024, Gartner believes that 70% of large and medium-sized enterprises will have composability as a key criteria for new application planning Continue Reading
Blog Post 16 Jan 2023

Armo goes CNCF sandbox, wider platform offering emerges

Armo is cybersecurity company. The company developed an end-to-end open source Kubernetes security platform known as Kubescape. Kubescape has now been accepted by the Cloud Native Computing ... Continue Reading
Feature 16 Jan 2023

How to design enterprise applications that are composable by default

Gartner presents a composable business index to help IT leaders assess and advance the agility of their applications Continue Reading
News 12 Jan 2023

Chrome vulnerability could have led to widespread data theft

A dangerous vulnerability in Google Chrome and Chromium-based browsers could have put billions of users’ files at risk of being stolen Continue Reading
Opinion 12 Jan 2023

Europe’s cyber security strategy must be clear about open source

Europe’s cyber security policy on open source is lagging behind the US, and despite growing government awareness of the issues, that poses a problem Continue Reading
News 11 Jan 2023

Should we be worried about malicious use of AI language models?

WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned? Continue Reading
Blog Post 01 Jan 2023

Open Assistant, the launch of a ‘ChatGPT replicant’

Newly launched and open source, Open Assistant represents the arrival of a ‘ChatGPT replicant’ for the user/developer community. The project’s intention is to create a chat-based large language ... Continue Reading
News 20 Dec 2022

Top 10 software development stories of 2022

We look at how software development has adapted to the changing economic climate over the past 12 months Continue Reading
News 19 Dec 2022

GitHub CEO: Artificial intelligence will not replace developers

Artificial intelligence will enable developers to learn at their own pace and become more productive rather than take over their jobs, says GitHub CEO Thomas Dohmke Continue Reading
News 09 Dec 2022

Iranian APT seen exploiting GitHub repository as C2 mechanism

A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading
Blog Post 07 Dec 2022

Can WebAssembly (Wasm) ease the pain of cloud-native development?

This is a contributed piece for Computer Weekly Open Source Insider written in full by Liam Randall in his role as co-creator and maintainer of CNCF wasmCloud and CEO Cosmonic - a company that aims ... Continue Reading
News 07 Dec 2022

Google, MS, Oracle vulnerabilities make November ’22 a big month for patching

Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
Blog Post 06 Dec 2022

Shaker maker, TriggerMesh launches AWS EventBridge alternative

TriggerMesh has announced Shaker, an open source AWS EventBridge (serverless event bus service) alternative. Driven by trends such as platform engineering and serverless, platform engineers, ... Continue Reading
News 05 Dec 2022

How HashiCorp is driving cloud provisioning and management

HashiCorp CEO Dave McJannet talks up how the company is supporting cloud provisioning in a hybrid environment and its investments in Asia-Pacific to capitalise on the region’s growth potential Continue Reading
News 29 Nov 2022

Cyber criminals exploiting naked TikTok ‘challenge’

Malware operators lured targets by promising them they would be able to view nude videos of TikTok users Continue Reading
News 22 Nov 2022

How Singapore’s OCBC is harnessing open source

OCBC using the OpenShift container platform to modernise its applications, reduce its reliance on proprietary software and deliver new business capabilities Continue Reading
Blog Post 07 Nov 2022

Snakes in the snow, Snowflake Snowpark for Python

Continuing to gain traction in the data management space, Snowflake wrapped up its its Snowday 2022 software release update event with one final leg in San Francisco, to form the final stop on its ... Continue Reading
Blog Post 07 Nov 2022

Kubernetes and the open-source maintainer question

While much of last month’s KubeCon-CloudNativeCon North America was focused on specific software projects, case studies and tech challenges, there was a discernible undercurrent of concern. And it ... Continue Reading
Blog Post 03 Nov 2022

All rise, Open Source Law, Policy & Practice

Technology needs law. Equally and perhaps more so, the legal industry needs to understand what is changing around information technology. Alongside the need to move off of paper-based statute books ... Continue Reading
News 03 Nov 2022

Russia risks shortage of PCs and software

Russian consumers and businesses could face a shortage of IT equipment including PCs and software Continue Reading
News 02 Nov 2022

OpenSSL vulnerabilities ‘not as bad as feared’

As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared Continue Reading
Blog Post 01 Nov 2022

Digital identity and opening up the smartwallet

When an 80 year-old relative asks you how she can use her phone to both pay for shopping and get her supermarket loyalty points, like her friends do, you know that digital wallets are a success. ... Continue Reading
Blog Post 31 Oct 2022

SonarSource: Google’s Carbon language is a successor, not a replacement, for C++

This is a guest post for Computer Weekly written by Phil Nash in his role as developer advocate at SonarSource - the company is known for its platform that developers and development teams to write ... Continue Reading
News 31 Oct 2022

Prepare today for potentially high-impact OpenSSL bug

OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed Continue Reading
News 31 Oct 2022

SoftIron’s HyperCloud to ease private cloud deployments

SoftIron claims its technology stack fully automates the provisioning of storage, compute, networking and infrastructure services, providing a fully functioning, multi-tenant cloud Continue Reading
Tip 25 Oct 2022

5 advantages and 6 disadvantages of open source software

Open source software is popular with both small and large organizations, and for good reason. But CIOs should understand which situations works best for this lower cost option. Continue Reading
Feature 20 Oct 2022

What do the US’s new software security rules mean for UK organisations?

The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
News 18 Oct 2022

Apache vulnerability a risk, but not as widespread as Log4Shell

A newly disclosed Apache Commons Text vulnerability may put many at risk, but does not appear to be as impactful or widespread as Log4Shell Continue Reading
News 18 Oct 2022

Virtually all vulnerable open source downloads are avoidable

Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report Continue Reading
News 11 Oct 2022

With Java 19, Oracle boosts developer productivity with an eye on the future

Major features in Java 19 will make it easier for Java developers to build applications that interface with non-Java code, among other capabilities in the 10th edition of the platform’s six-month release cadence Continue Reading
Feature 10 Oct 2022

Forrester: How to expand your API strategy

Digital bonding is a mechanism for bridging enterprise boundaries by using application programming interfaces Continue Reading
News 04 Oct 2022

Red Hat CEO on OpenShift roadmap, competitive play

Red Hat’s newly minted CEO Matt Hicks talks up OpenShift’s roadmap, the competition with VMware and opportunities in the Asia-Pacific region Continue Reading
Feature 03 Oct 2022

Key ingredients for a successful API recipe

We look at how application programming interfaces can provide connectivity to drive internal and external business processes Continue Reading
Opinion 28 Sep 2022

Security Think Tank: Three steps to a solid DevSecOps strategy

Read about how buyers can manage third-party risk when procuring applications, how to secure the software development process, and even how to affect cultural change among developers not used to thinking cyber first Continue Reading
E-Zine 27 Sep 2022

Making digital a key ingredient at Mondelez

In this week’s Computer Weekly, we talk to snack giant Mondelez, the owner of Cadbury, about how AI and data are transforming its business. SAP is increasing support costs for the first time in years – we assess the impact on customers. And a Ukrainian tech CEO tells us how his company kept going despite the Russian invasion. Read the issue now. Continue Reading
Blog Post 26 Sep 2022

A software 'six-pack' for Cloud Native Computing Foundation Kubecon USA 2022

The Computer Weekly Developer Network and Open Source Insider team is soon Detroit-bound. Why? Because the city is this year home to the Cloud Native Computing Foundation’s (CNCF) KubeCon + ... Continue Reading
News 21 Sep 2022

15-year-old Python bug present in 350,000 open source projects

A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix Continue Reading
Blog Post 16 Sep 2022

Newly formed Linux Foundation Europe provides inside track on OSS Dublin 2022

This is a guest post written by Dan Whiting, director of media relations and communications for the Linux Foundation. Whiting has filed this piece writing live this month from the Open Source ... Continue Reading
Blog Post 08 Sep 2022

Luos 'plugs' microservices into IoT

Open source software for edge and embedded distributed systems Luos has added support for the popular ESP32 multipoint control unit (MCU) to its technology cadre. In working motion, ESP32 is said ... Continue Reading
Opinion 02 Sep 2022

Security Think Tank: Shift left, shift right. What about shift everywhere?

The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading
News 31 Aug 2022

Google debuts open source bug bounty programme

Google is calling on hackers to take pot-shots at its open source projects for the first time through a new vulnerability research programme Continue Reading
Podcast 25 Aug 2022

James Hatch, BAE Systems: Computer Weekly Downtime Upload podcast

We speak to the chief digital officer at BAE Systems’ Digital Intelligence business about the challenges of “digital” in high-trust organisations Continue Reading
News 22 Aug 2022

Google Cloud and Singapore government team up on AI

Singapore’s National AI office will tap Google Cloud’s expertise in artificial intelligence to build artificial intelligence applications and train public sector officers on AI Continue Reading
Podcast 22 Aug 2022

State of open source: Computer Weekly Downtime Upload podcast

In this special edition of the Computer Weekly Downtime Upload podcast, OpenUK’s Amanda Brock speaks to Cliff Saran about open source challenges Continue Reading
News 10 Aug 2022

GitHub targets vulnerable open source components

There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted Continue Reading
News 02 Aug 2022

VMware CEO defends Broadcom deal

Raghu Raghuram is confident that Broadcom will invest in growing VMware through a broad portfolio of assets that will serve its entire customer base, not just its biggest customers Continue Reading
Blog Post 21 Jul 2022

Cilium speeds sidecar-optioned cloud-native networking

The Cilium project has reached general availability of Cilium 1.12. Great news, they’re (the Cilium team) excited… and so are we, but what is Cilium? Cilium is widely regarded as a (if not the) ... Continue Reading
News 15 Jul 2022

Log4Shell on its way to becoming ‘endemic’

US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading
Blog Post 14 Jul 2022

Keptn cooks up, becomes CNCF Incubator

The CNCF Technical Oversight Committee (TOC) has voted to accept Keptn as a CNCF incubating project. Keptn is an event-driven orchestration engine that connects observability with operations in ... Continue Reading
Podcast 14 Jul 2022

Bloomberg CTO interview: Computer Weekly Downtime Upload podcast

In this special edition of the Computer Weekly Downtime Upload podcast, Bloomberg CTO Shawn Edwards discusses real-time data and open source Continue Reading
Blog Post 05 Jul 2022

Databricks hoists mainsail on flagship open source projects

Data and AI company Databricks has announced several contributions to popular data and AI open source projects including Delta Lake, MLflow and Apache Spark. At the Data + AI Summit, the largest ... Continue Reading
News 24 Jun 2022

Developers grapple with open source software security

Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds Continue Reading
News 23 Jun 2022

SolarWinds unveils new development model to avoid a repeat of Sunburst

SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry Continue Reading
Feature 20 Jun 2022

Challenges of securing a software supply chain

The US president has issued an executive order to improve cyber security, which has ramifications across the software development supply chain Continue Reading
Blog Post 10 Jun 2022

The challenge of open source in the enterprise is not technical

There is no doubt that open source is the future of software development. But IT leaders trying to instil an open source culture in their organisation may struggle due to business practices ... Continue Reading
News 10 Jun 2022

Commercialising open source

Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business Continue Reading
News 07 Jun 2022

Software house Mega achieves holistic SaaS security with Synopsys

Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards Continue Reading
Blog Post 24 May 2022

Like a teenager, Kubernetes looks almost grown-up, yet still a bit awkward and confused

Platform: that’s the key word that sprung to mind after attending Kubecon-CloudNativeCon Europe 2022, hosted by the Cloud Native Computing Foundation (CNCF) in Valencia last week. As in, Kubernetes ... Continue Reading
Blog Post 22 May 2022

What to expect from OpenInfra Summit 2022 Berlin

Berlin, according to David Bowie, is the greatest cultural extravaganza one can imagine - it’s a city brimming with art, music, architecture, history and, of course, enlightenment. The Thin White ... Continue Reading
Blog Post 17 May 2022

OpenUK CEO: What open source really means today

Listening to OpenUK CEO Amanda Brock speaking at Percona Live 2022, the Computer Weekly Open Source Insider team noted the following thoughts from her keynote… “If you were wondering what a nice ... Continue Reading
E-Zine 17 May 2022

Digitally transforming UK power networks for renewable energy

In this week’s Computer Weekly, we find out how the UK’s power networks need to be digital transformed to be ready for renewable energy – and the role of open source. Wi-Fi 6 was meant to give a boost to wireless connectivity – we examine why adoption has stalled. And we look at what a quantum datacentre might be like. Read the issue now. Continue Reading
News 13 May 2022

Open source community sets out path to secure software

A 10-point plan to improve the security and resilience of open source software was presented this week at a summit in the US Continue Reading
News 11 May 2022

IBM lived up to its neutrality promise to Red Hat

Red Hat CEO Paul Cormier claims IBM has lived up to its commitment to maintain the neutrality of Red Hat three years on Continue Reading
News 10 May 2022

NetApp’s cloud-era storage competitors in ‘world of hurt’

NetApp is busily reinventing itself as a cloud services provider, with its competition years behind, according to its public cloud vice-president Continue Reading
Blog Post 05 May 2022

Alibaba open sources privacy-preserving computation

Alibaba Group’s global research initiative Alibaba DAMO Academy has made the source code of its latest federated learning platform FederatedScope, a comprehensive platform with easy-to-use ... Continue Reading
News 11 Apr 2022

Open source CMS platform Directus patches XSS bug

A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data Continue Reading
Feature 11 Apr 2022

The role of infrastructure as code in edge datacentre computing

As datacentre computing is pushed to the edge of the organisation’s network, IT has to address the overheads associated with remote server management Continue Reading
News 08 Apr 2022

Was Spring4Shell a lot of hot air? No, but...

Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better Continue Reading
E-Zine 07 Apr 2022

CW Middle East: UAE and UK researchers work on ‘trustworthy’ cloud OS for datacentres

Imperial College London is embarking on a three-year project with an Abu Dhabi-based group of researchers to find ways for datacentre operators and cloud providers to secure their infrastructure. Also read how Dubai is positioning itself to reap the benefits of a promising global market for drone technology. Continue Reading
News 05 Apr 2022

Hackathon team uses origami in James Webb Space Telescope Pi project

The James Webb Space Telescope was the inspiration behind a NASA challenge which uses an IoT device based around folded paper Continue Reading
News 31 Mar 2022

Spring4Shell zero-day sprung on security teams

Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it? Continue Reading
News 29 Mar 2022

Wave of Log4j-linked attacks targeting VMware Horizon

Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading
Blog Post 29 Mar 2022

Aerospike ‘sharpens cloud’ for disparate real time data

Real-time data company Aerospike Inc. has sharpened its scope this month to now provide two new deployments for the Aerospike Real-time Data Platform. Why has Aerospike done this? It’s all about ... Continue Reading
E-Zine 29 Mar 2022

Ten years of the Raspberry Pi

In this week’s Computer Weekly, as the Raspberry Pi reaches its 10th anniversary, we look back on how the low-cost computing device went from schools to supercomputers and even into space. Gartner offers tips on how to motivate IT staff in a hybrid working environment. And we meet the Dutch hackers helping to secure the internet. Read the issue now. Continue Reading
Blog Post 08 Mar 2022

Sonatype’s sonar-smart sonata for open source

Nobody quite knows why Sonatype is called Sonatype, the developer-friendly tools specialist for software supply chain automation and security doesn’t make a song and dance about its moniker. Sona ... Continue Reading