Once again, attention is being drawn to the underfunding of open-source projects, especially small software libraries. They’re hard to monetize, yet many companies rely on them. This time the criticism is aimed at Google. The company could do more, but has for many years supported the projects with staff time and funding. Steven J. Vaughan-Nichols writes in »FFmpeg to Google: Fund Us or Stop Sending Bugs« for thenewstack.io ...
Cisco’s study “Death by a Thousand Prompts: Open Model Vulnerability Analysis” shows that so‑called multi‑turn jailbreaks against open AI models (Open-Weight-LLMs) succeed in up to 92% of cases, revealing serious security vulnerabilities in their architecture. The text was automatically translated from German into English. The German quotations were also translated in sense.
IONOS advertises on theregister.com for itself, Dataport and the now discontinued dPhoenixSuite. Still a nice call for more digital sovereignty. IONOS writes in »Why digital sovereignty is key public sector transformation« for theregister.com If administrative IT infrastructure comes under the control of other countries or depends on opaque technology stacks, then sovereignty is nothing more than a facade. Only when both the infrastructure and IT operations remain fully under European control can public institutions guarantee genuine digital sovereignty. ...
The DNS resolver Quad9 writes in its post [A public and free DNS service for a better security and privacy](https://quad9.net/news/blog/when-enforcing-copyright-starts-breaking-the-internets-plumbing/ „Quad9 | A public and free DNS service for a better security and privacy“), that infrastructure providers are increasingly under financial strain. The reason, it says, is short-sighted court rulings that have mostly been decided in favor of copyright holders’ interests. Those hit hardest are smaller, non-profit providers, while large tech companies can easily absorb such costs into their business models. If this trend continues, we risk an Internet that is almost entirely run and controlled by big IT companies. It’s an example of how the economic interests of a few are protected at the expense of the public. ...
On September 23, 2025, several open-source organizations published the open letter »Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship«. The message is that public software infrastructure is fundamental to the digital economy, but it is not free. What’s at stake Public package registries like Maven Central, PyPI, crates.io, or Packagist underpin the software supply chains Running them requires people, hosting, and security — costs that have so far often been borne by a few organizations or volunteers Expectations are rising, for example around availability, signing, compliance, and protection against abuse What’s being called for are models where large users contribute more, without restricting openness I can empathize with the pain described and at the same time see the dilemma. Those who invest time or money take on responsibility, but by doing so also put themselves at a competitive disadvantage compared with those who use everything for free. That’s manageable for large companies, but barely feasible for small firms in fierce competition. Still, it remains indisputable that the infrastructure — and the ecosystem — will not be sustainable in the long run without contributions. ...