security

GitHub has come out in favor of a Sovereign Tech Fund. Such a funding model is also used by the Sovereign Tech Agency. Felix Reda writes in »We need a European Sovereign Tech Fund« on github.blog: There is a profound mismatch between the importance of open source maintenance and the public attention it receives. The demand-side value of open source software to the global economy is estimated at $8.8 trillion, and the European Commission’s own research shows that OSS contributes a minimum of €65-95 billion to the EU economy annually. Basic open source technologies, such as libraries, programming languages, or software development tools, are used in all sectors of the economy, society, and public administrations. ...

Ellen Nakashima, Yvonne Wingett Sanchez and Joseph Menn write in »Global hack on Microsoft product hits U.S., state agencies, researchers say« for washingtonpost.com What’s also alarming, researchers said, is that the hackers have gained access to keys that may allow them to regain entry even after a system is patched. Once again, a security vulnerability in Microsoft’s software was exploited. And of course: no system is completely secure. But when almost everyone uses the same software, a single flaw becomes a widespread risk. That’s exactly the case with Microsoft Office, SharePoint, or Windows. ...

The European Commission wants to gradually shift its cloud services from Microsoft Azure to European providers like OVH Cloud to bolster its digital sovereignty. Details are in the article, unfortunately behind a paywall. Commission eyes ditching Microsoft Azure for France’s OVHcloud over digital sovereignty fears The text was automatically translated from German into English. The German quotations were also translated in sense. ...

If macOS’s built-in window-management features aren’t enough, MacsyZones offers a promising alternative. This open-source window manager lets you organize windows much like on Windows, but with extended customization options. The source code is available at öffentlich zugänglich, and the software can be purchased to support further development. The text was automatically translated from German into English. The German quotations were also translated in sense.

You can’t trust the stars on GitHub — I just learned that. Like on other social networks, stars can be bought on GitHub. This creates the misleading impression that a piece of software is especially popular and trustworthy. Unfortunately, this tactic appears to be frequently used to spread malware. The Rise of Fake GitHub Stars: A Growing Security Threat for cyberinsider.com ...