Proprietary Microsoft and Microsoft Openwashing
-
Dark Reading ☛ Iran's APT34 Abuses MS Exchange [Ed: Microsoft's fault, not Iran's; typical blame-passing]
A MOIS-aligned threat group has been using Microsoft Exchange servers to exfiltrate sensitive data.
-
TechCrunch ☛ Microsoft said it lost weeks of security logs for its customers’ cloud products | TechCrunch
Missing logs could make it more difficult to identify unauthorized access to the customers' networks during that two-week window.
-
Openwashing
-
Open Source Initiative ☛ ClearlyDefined’s Steering and Outreach Committees Defined [Ed: OSI doubles down on being a Microsoft front group, funded by Microsoft]
We are excited to announce the newly elected leaders for the [Microsoft] ClearlyDefined Steering and Outreach Committees!
-
Closing the Gap: Accelerating environmental Open Source
A recap of the Open Sustainable Technology project's first four years, focusing on its catalog of Open Source climate software and how you can get involved.
-
LWN ☛ The Open Source Pledge: peer pressure to pay maintainers
In the early days of open source, it was a struggle to get companies to accept the concept and trust its development model. Now, companies have few qualms about using it, but do tend to take open source and those who maintain it for granted. The struggle now is to find ways to compensate producers of the software, sustain the open‑source commons, and avoid burning out maintainers. The Open Source Pledge project is an effort to persuade companies to pay maintainers by making it a social norm. On October 8, the project is launching a marketing campaign to raise awareness and try to get a larger conversation started around paying maintainers.
Within the open-source community itself, there is no lack of awareness: people have been raising the alarm for years that open‑source projects are under‑funded, that maintainers are overworked and in danger of burnout. The xkcd dependency comic has appeared in so many presentations, reports, and blog posts about the topic that "random person in Nebraska" is part of the lexicon. And just in case anyone had missed the memo, the XZ utils backdoor put a powerful spotlight on the precarious nature of an ecosystem built on volunteer labor and the dangers of maintainer burnout.
As the saying goes, admitting that there is a problem is the first step toward recovery. Most agree that maintainers deserve to be paid for their work, and that things would be better if the maintainers were able to make a living working on open source. Unfortunately, there's little consensus about who should pay and how.
-