OSS Presentation - Finish sections Thursday 13th 6pm

# OSS Presentation - Finish sections Thursday 13th 6pm https://docs.google.com/presentation/d/1dwOI4H9iEkwqB_YrENO2T3nU0C8BwQ9xpJ9f_OEfppY/edit?usp=sharing https://moodle.warwick.ac.uk/mod/resource/view.php?id=1558582 ## What is OSS? - Daniel ## How is it used? - Alex talk about businesses using OSS, profiting off free code etc.[https://www.datacenterknowledge.com/open-source/log4shell-vulnerability-highlights-software-supply-chain-issues] ### Is it time for organisations to pay back to the community? - Alex ## Benefits of OSS - Tommy https://opensource.com/article/17/8/enterprise-open-source-advantages Open Source projects have lots of benefits to them. This is often because of the wide range of additional talent which can contribute to the project to improve it compared to only allowing a specific team to contribute. The transparency of the source code also gives users a higher sense of trust in the software as anybody can vet the code themselves to find bugs or security flaws and report them. And with so many more professionals looking at the source it is likely that they could be found a lot sooner. "open source code now powers about 90% of the internet" ## OSS vulnerabilities/issues ### log4j - Eleanor ### faker.js colors.js - Daniel https://www.theverge.com/2022/1/9/22874949/developer-corrupts-open-source-libraries-projects-affected ### heartbleed - Dayyan ## Is it time to review this behaviour? - Dayyan ## From a security perspective, does the "many eyes" argument still apply? - Eleanor - log4j vuln was found this way - wouldnt have been found when it was if closed source ## Types of Open Source Licenses - Tommy https://www.whitesourcesoftware.com/resources/blog/open-source-licenses-explained/ https://opensource.org/licenses Open source licenses are licenses that allow free redistribution of software, access to source code and enable developers to derive their own work from an author's work. There are numerous OSS licenses, some popular ones include: - Apache License 2.0 - GNU General Public License - MIT License - Mozilla Public License 2.0 - Common Development and Distribution License There are two types of categories for licenses, copyleft and permissive. Copyleft licenses is a licence in which code derived from the original open source code inherits its license terms. Permissive licenses is a license which provides more freedom for reuse modification and distribution. https://snyk.io/wp-content/uploads/Licenses-image-768x451.png