{"id":608978,"date":"2023-02-17T07:49:15","date_gmt":"2023-02-17T13:49:15","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/02\/17\/enterprise-open-source-a-computer-weekly-downtime-upload-podcast\/"},"modified":"2023-02-17T07:49:15","modified_gmt":"2023-02-17T13:49:15","slug":"enterprise-open-source-a-computer-weekly-downtime-upload-podcast","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/02\/17\/enterprise-open-source-a-computer-weekly-downtime-upload-podcast\/","title":{"rendered":"Enterprise open source: A Computer Weekly Downtime Upload podcast"},"content":{"rendered":"<div id=\"content-header\">\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Cliff-Saran\">Cliff Saran<\/a>,<span> Managing Editor<\/span>\n\t\t\t\t\t<\/li>\n<\/ul><\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<section id=\"content-body\">\n<div>\n<p><img decoding=\"async\" alt src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/CWPodcast_DownTimeUpload.jpg\"><\/p>\n<div>\n<p><span>Listen to this podcast<\/span><\/p>\n<p>We speak to Spotify\u2019s open source tech lead, Per Ploug, on supplier relationship management in open source<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div>\n<p>There are some business and IT leaders who will point to the billions Microsoft is investing in ChatGPT and question whether open source has the ability to do similar things. Per Ploug, open source tech lead at Spotify, thinks so. He says an enormous amount of <a href=\"https:\/\/www.computerweekly.com\/blog\/Open-Source-Insider\/Open-Assistant-the-launch-of-a-ChatGPT-replicant\">innovation and knowledge<\/a> is built up over time in open source. This is now being commoditised.<\/p>\n<p>As an example, Ploug points to an artificial intelligence (AI)-based open source image generator tool. \u201cYou don\u2019t need to be a machine learning PHD to understand this tool, but it represents a massive amount of innovation,\u201d he says. The tool effectively combines the AI know-how of the open source community into a simple command that any user can run via a Linux terminal screen.<\/p>\n<p>Business and IT leaders will also point to open source\u2019s security failings, however.<\/p>\n<p>Ploug was part of an IT security team managing the <a href=\"https:\/\/www.computerweekly.com\/news\/252512071\/Top-three-questions-about-the-Log4j-vulnerability\">Log4J vulnerability<\/a>. \u201cI think it is interesting to see how these poor maintainers, who are spending their free time on this project, got overwhelmed by security companies and big enterprises yelling at them for not handling this fast enough,\u201d he says.<\/p>\n<p>People choose to use their free time to <a href=\"https:\/\/www.computerweekly.com\/blog\/Write-side-up-by-Freeform-Dynamics\/Kubernetes-and-the-open-source-maintainer-question\">maintain open source code<\/a>, out of passion, because they like doing so. But, says Ploug, \u201cthe expectation that people work out of passion is part of the problem with open source\u201d.<\/p>\n<p>The large enterprises using products affected by Log4J had no idea where it was being used. They had no idea where the vulnerable Java logging tool exploited by Log4J had been deployed. \u201cNor did they know how to fix it themselves because it was just something they took off the shelf,\u201d says Ploug.<\/p>\n<p>He says many companies did not take time to understand how it actually works, claiming \u201cthey just consumed it blindly\u201d.<\/p>\n<p>Ploug adds: \u201cI think we need to be more thoughtful about how we consume these things and actually understand the technology.\u201d In doing so, he says enterprise users who deploy such open source technology will not only have a better idea of how they are affected by a vulnerability or bug, but they will also be in a better position to fix problems themselves.<\/p>\n<p>\u201cWhen you consume open source code, you should also start training your staff and begin contributing to these projects,\u201d he adds.<\/p>\n<p>It is still not a common practice for companies to support open source projects financially. Ploug would like to see more companies that use open source offer financial support for such projects.<\/p>\n<p>Looking back at open source security issues, Ploug does not believe the concept of a software security supply chain works for open source. Since the maintainers of open source code are not being paid, they are not a supplier, he says. \u201cYou don&#8217;t have a supply chain.\u201d<\/p>\n<p>By sponsoring projects, however, or developing the technical know-how required to support maintainers directly, enterprise users have a way to reduce risk and protect those mission-critical applications that rely on open source components.<\/p>\n<\/p><\/div>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/podcast\/Enterprise-open-source-A-Computer-Weekly-Downtime-Upload-podcast\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Tama Klemp<\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Cliff Saran, Managing Editor Listen to this podcast We speak to Spotify\u2019s open source tech lead, Per Ploug, on supplier relationship management in open source There are some business and IT leaders who will point to the billions Microsoft is investing in ChatGPT and question whether open source has the ability to do similar<\/p>\n","protected":false},"author":1,"featured_media":608979,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38854,3278,46],"tags":[],"class_list":{"0":"post-608978","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-source","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/608978","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=608978"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/608978\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/608979"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=608978"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=608978"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=608978"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}