disclose.io is a collaborative and vendor-agnostic project to standardize best practices around safe harbor for good-faith security research. The work of this project inspired by the Open Source Vulnerability Disclosure Framework and Dropbox’s call to better protect security researchers. From the project’s GitHub repo: Security is core to our values, and we value the input of […]
-
-
Mozilla has released the results of a study that was commissioned for internal purposes to better understand the various archetypes of open source projects. The goal of this study was to build a common vocabulary to use when discussing open source development, and to better understand the benefits and drawbacks of various project structures. These […]
-
Tidelift is a company that offers subscription services for companies to get development support for important open source; the company has raised $15M in funding to build out these services. From the article: The company wants to sign up independent developers working on core open-source projects as “lifters,” or ongoing maintainers of a given project, […]
-
goSDL is “is a web application tool that serves as a self-service entry point for following a Security Development Lifecycle checklist in a software development project.” Slack has released goSDL under an MIT license. Slack is known for churning out large amounts of code quickly with a relatively small developer team, and they had a hard […]
-
Quote from Tech Crunch: The Linux Foundation is adding yet another foundation to its stable: the LF Deep Learning Foundation. The idea behind the LF Deep Learning Foundation is to “support and sustain open source innovation in artificial intelligence, machine learning, and deep learning while striving to make these critical new technologies available to developers and data scientists everywhere.” The founding […]
-
ExpressVPN has released leak testing tools under an open source license. They were developed by the company’s Privacy Research Lab and have been released under an MIT license. The tools were build for two reasons: To provide robust, automated regression testing of ExpressVPN applications To facilitate leak testing investigations to further strengthen those applications The […]
-
Cockroach Labs recently released much of their interview process under an open source license on GitHub. This process does away with resumes and instead focuses on interactive exercises that test a person on the things they would be doing as a part of the job. The process has been released under a CC0 license and […]
-
Google has released DeepVariant as open source. From the announcement: Today, we announce the open source release of DeepVariant, a deep learning technology to reconstruct the true genome sequence from HTS sequencer data with significantly greater accuracy than previous classical methods. This work is the product of more than two years of research by the Google Brain […]
-
The ToDo group has published a document that covers the tools for managing open source programs on GitHub. From the Readme: This guide provides details and scenarios for how to get your open source tool collection started, including information about the most important tools to use to track and manage your open source projects. Many […]
-
External link opens in new tab.
-
OST Original
A Brief Introduction to Open Licensing
Open source communities rely heavily on the ability to freely share information with all participants; this participation requires some form of legal protection to ensure the people involved are not on the receiving end of potentially disastrous litigation. Open licensing serves as a legal method for ensuring the spread of information by protecting participants. This […]
