Subscribe by Email

Your email:

Follow Protecode

Current Articles | RSS Feed RSS Feed

Disease Research: There’s An App for That


Recently, Apple revealed its ResearchKit for the iPhone, an open source project meant to help doctors aggregate patient data on common conditions such as breast cancer, heart disease, diabetes and Parkinson’s.  The new application enables everyday iPhone users to submit their health information, which the open source technology then aggregates in order to provide pertinent data for the use of healthcare researchers.  Open source software is using its dynamic and sizable data analytics capability to revolutionize information gathering in the healthcare field.

ResearchKit allows doctors to gather information such as height, weight, blood sugar measurements, and inhaler use. Through the application, the medical community can access larger pools of data than ever before. In the past, such information could only be gathered from medical institutions and it often lacked diversity which limited doctors’ medical insights.

The benefit of an open source tool is its ability to gather information from Apple users’ personal devices and translate and organize their data in order to provide more analytical power to healthcare workers. Furthermore, the open source standard which is the basis for this application has a dynamic and sizable data analytics capability. For instance, in the past data gathering and analysis have been time consuming aspects of health care research. With ResearchKit, patients and doctors alike can access data and tools almost instantly, all from a mobile device.

In this application, open source software has enabled people to freely modify and distribute software, which has lead to great strides in disease research—as big data tools have helped researchers obtain data faster and more efficiently. Open source tools, such as Apple’s ResearchKit, are enabling more urgent solutions to medical data analytics.

Now, researchers can start analyzing data faster as doctors no longer need to depend on obtaining this information from in person patient visits. Rather, chronic disease patients can upload data that can be immediately accessed by healthcare professionals. As such, data analytics and disease management alike are seeing real-time benefits from open source software.

The Open Source Community Support System


Whether you’re a novice Web developer or seasoned CIO, at some point you will require technical support with either a new IT development, task or project. What  type of support will you want? With open source software, the flexibility and choice is yours.

That’s because the open source community’s flexible software support resources - like commercial, paid and free options - tend to overshadow that of proprietary software vendors. Specifically, proprietary technical support is one-dimensional - a particular vendor can only provide guidance on a product-specific level, which engenders exorbitant consultation fees and limited customer support. In contrast, technical support from the open source community is fluid  - individuals can choose from support options that are backed by a readily available community of supporters.

Whether you need help choosing an open source license compliance vendor to audit your code or assistance with deploying commercial software, here are three different open source support options to consider:

  • Commercial support: This option is offered by the big names in the open source software community such as Linux. For instance, open source projects that use Linux software are granted commercial support as it comes along with the software as a package.
  • Paid support: Open source software is touted for its cost efficiency due to its free and open standards; therefore it may seem contradictory to have to then pay a consultant for technical support or ongoing maintenance post-deployment. But remember that the consultancy is backed by a large following of knowledgeable and experienced open source community members, and in the end it still proves more economical than proprietary software consultancy.
  • Free support:  A core competency of the open source community is that it preserves its “free” and “open” standards—that is, anything from support to code collaboration are available at all times This option is most beneficial to code creators and software developers who want to communicate via online forums, as the community is constantly accessible through online platforms—think GitHub or Sourceforge.

The open source community’s technical support methods tip the scale when weighing its benefits compared to proprietary software. What are your top technical support priorities?Tell us in the comments section below.


What Your CIO Needs to Know About Open Source


Today’s businesses are becoming increasingly familiar with the many benefits of open source software. In fact, 74 percent of IT professionals, in the U.S. alone, agree that the software offers better quality of continuity and control than that of proprietary. However, some CIOs are still skeptical about adopting open source software into their IT infrastructure as they’ve grown accustomed to their proprietary software vendors.

If you’ve been trying to make the case for open source software, but your CIO still isn’t convinced, strengthen your argument with this list of benefits:

  • Improved security measures: Open source code tends to be more transparent than proprietary in detecting security flaws; that is, issues can be found and fixed by in-house IT personnel or outsourced to a third party, such as an intellectual property software audit service. For instance, potential security problems are identified and solved more efficiently as there is no need to wait for a proprietary software company to notify your company about a software bug.
  • Compatibility: You can always find an open source software that best fits your product environment or IT infrastructures, unlike proprietary software, which is built to be compatible with specific environments or systems. In addition, proprietary software only offers company-specific features as a means of staying competitive with rival developers. With open source, an organization can configure and modify the software to meet pertinent business needs.
  • Cost savings: Overall, open source software costs less, as hidden fees associated with the vendor’s marketing and development strategies are less prevalent. As well, company’s can add features and scale to open source software without paying for an expensive upgrade or investing in an entirely new proprietary software solution. That is, open source software enables businesses to adjust their IT needs while experiencing more potential for ROI.

Now that you’ve got a powerful stance on the advantages of open source software, it’s time to learn about compliance and management. Inform your CIO about resources that help you implement an open source software adoption process so your business can reap the benefits of open sources software worry-free. 

GitHub: Now Supporting Open Source License Compliance


OctocatAsk any developer where to turn for access to the latest software code for open source projects, and you’ll likely be directed to GitHub—one of the largest providers of open source code online.

While GitHub has always been a great site for developers to come together, network and share code, up until a few years ago, the website had a problem. Though it was easy for developers to share code, finding the right software license to go along with it was much harder. The majority of downloads on GitHub, therefore, were taking place without the critical software license component.  

Why was this a problem? A software license is one of the most important aspects of any open source project. This document certifies a developer as the original creator and owner of the code, and it grants specific permissions as to how others can use it. There are many different software licenses solutions available, among them General Public License, or GNU, which allows use of the software on condition that the resulting code is also put back in the open source world with the same license (copyleft license). Other common licenses are the Lesser General Public License (LGPL) that allows usage of libraries without requiring divulgence of source code (weak copyleft) , or permissive licenses such as MIT and Apache.

While licenses are not required for open source projects, developers are strongly encouraged to use them as, without one, open source code that is placed into the public domain via a  service like GitHub is essentially unusable by anyone else.  

In July 2013, GitHub addressed this problem by releasing a tool called that makes it simple for developers to pick a software license for their code, and to understand how their code can be used. And just recently, GitHub released new data which shows that the service is accomplishing its intended task of increasing open source license usage with developers. In fact, license usage has increased by at least 20 percent since the tool was released, indicating that a greater number of developers are now using it.

At Protecode we’re thrilled to see more developers using software licenses for their open source projects. Check out our resources on license compliance here, see a nifty infographics on the licenses and forges here or watch our webinar on composite projects with licensed and unlicensed code here.

Google Code Is Closing: Here’s Where to Migrate Your Projects


Since 2006, Google Code has provided the open source community with a project-hosting platform on its website for managing code, licensing options and community collaboration. Project-hosting websites such as this are important to the regulatory practice of open source software license management as the code repositories that reside there provide developers with licensing options for their codes as they are created.

However, due to the increasing abundance of spam and abuse emerging on Google’s hosting site, it has decided to end its code development support entirely come Jan. 25, 2016. In fact, the site ended its support of new project creation just recently, on March 12th.

Google Code’s shutdown means developers need to transfer their data off the hosting site to an alternate project management platform. This project migration shouldn’t be too difficult for developers, though, as Google is providing an exporting option to the well-known project website GitHub, while another popular project-hosting site, SourceForge, is offering an importing service for the seamless relocation of projects from Google Code.

GitHub and SourceForge are both prominent repository sites that offer comprehensive licensing options and guidance for their users. Here’s a bit of information about each:

  • GitHub: Choosing a license is an important step in open source software creation as it protects the creator’s innovation and preserves copyleft practices valued within the community. As such, GitHub created this simple to use web page to aid community members in choosing a license best suited to their needs. For example, if code developers are most concerned with sharing improvements, GitHub suggests the GPL (v2 or v3) license.
  • SourceForge: This code repository website offers licensing options similar to GitHub’s. When developers accept SourceForge’s terms of use, they are obligated to choose from a variety of OSI-approved licenses. Like GitHub, this website offers its users the freedom to choose the license that works best with their projects’ goals. In contrast, other hosting platforms—like the Apache Software Foundation (ASF)—provide developers with code-creating resources but they must operate on an Apache license. For code creators looking for more expansive options, a more liberal platform, like SourceForge, is the best choice.

If you’re a developer who needs to transfer your work-in-progress off of Google Code, try moving to GitHub or SourceForge. For more information, check out our infographic on open source forges by the numbers.

The Building Blocks of Open Source Innovation


Open source code creation opens the door for IT developers across varied industries to adopt, modify and customize technology to their organization’s specific needs. Companies are free to contribute to and adopt code so long as resources—such as intellectual property software audit services—are applied to ensure that the ground rules established by the code’s originator are acknowledged and followed.

Due to its availability for modification or enhancement, open source software is at the crux of technological creativity and ubiquity today; tinkerers and brainstormers are encouraged to join in on its development at their liberty. So, how does this flexible process of idea generation lead to adaptable technology? The following “building blocks” of open source innovation outline the process:

  • The originator: Simply put, open source code starts with a curiosity dreamt up by a software developer. From this spark of an idea the code formulates.
  • The ground rules: To share the code with the open source community in an organized and legally sound way, a license is set in place. This set of ground rules protects the developer’s intellectual property rights.
  • Opening the floor: Once the code’s license is laid down, the code can be released to the open source community. From there, developers build and modify the code in a collective process, in which contributors are inspired by the use cases of their fellow innovators.
  • Putting the code to work: Organizations, developers and programmers are free to customize code to suit their creative thirst or business needs. For instance, open source code is present in the imaginative applications we use on our smartphones each day. As well, businesses can modify code to strengthen their big data analytics technology.

The building blocks of open source are simply the framework from which unlimited evolution will be born. Learn even more about the open source process here.

Common Code Mistakes That Lead to Vulnerability


Today, cybersecurity is a principle concern for everyone from government officials to the average Joe whose online bank account has been hacked. Our society’s dependence on technology requires that measured steps be taken to better ensure Internet safety. For instance, we need to protect smartphone applications that store our personal information, and hosted servers that store pertinent business data.

In the case of open source software, avoiding security vulnerabilities means strengthening code from its inception. It also means that businesses need to utilize open source software license management resources to regularly audit code.

To gain further insight into the origins of code vulnerabilities, here are a few of the most common code mistakes:

  • Injection Flaws: These occur when unfiltered data is allowed past the SQL server. Cyberattackers exploit this shortcoming by injecting commands that are—in some cases— capable of complete system destruction. This can be avoided by eliminating access to external interpreters and filtering the system’s input properly through third-party audit services.
  • Broken Authentication: This vulnerability weakens a server’s security, as poor encryption grants attackers access to data. For instance, hackers can easily gain entry to a DNS server by manipulating IP addresses to appear as if they are part of the victim’s domain. Code must be tightly encrypted and audited often to ensure it cannot be so easily bypassed.
  • Insecure Direct Object References: This susceptibility occurs when a developer mistakenly omits authorizations from his or her code. As such, the direct object code reference, e.g., an internal object such as a file name, does not verify whether the user is authorized to view the information. This means pertinent data can easily be accessed by hackers.

Before deploying open source code in your business’s IT infrastructure, use an open source software license management system to ensure safe usage.


US Army Uses Open Source on the Defensive


The U.S. Army is now leveraging open source code to analyze the nature of cyberattacks. Threats to cybersecurity are a chief concern for not only government entities but the mass public as well. In fact, a survey conducted by PwC, titled “Global State of Information Security Survey 2015,” revealed that, in 2014, 42.8 million security incidents were reported worldwide, up 48 percent from 2013. It’s numbers such as these that have heightened awareness of the cyberattack threat and driven the military to make development of better prevention methods a primary focus.

The Army began its cyberattack exploration by posting its 5-year-old security code named Dshell to the repository hosting site Github. In doing so, it hoped to gain feedback from the open source community around the world about the nature of nongovernment cyberattacks, since the Army Research Laboratory (ARL) believes that cyberthreats against the army are similar to those that target society as a whole. A primary goal of the Army initiative is to promote further collaboration with developers on digital forensic technology and incident response.

With this knowledge, the Army can accelerate detection and implement defense mechanisms to fight against future cybercrime—not only for the U.S. Army but for the Department of Defense and academia as well.

So, how is Dshell helping the ARL and the open source community unite in investigating the nature of cyberattacks? Dshell is a framework from which users can create custom analysis units based on issues—specifically cyber forensic security compromises—they have experienced. To that end, this open source platform is now allowing the ARL to aggregate as much information as possible from sources outside the government for a well-rounded and informed look at cyberattacks.

If you want to make your own contributions to Dshell, the floor is open.

Whale Watch: The Future Is All About Docker


Docker, an open platform for distributed applications, created a lasting impression on the open source community last year, and the buzz about the project wasn’t just hype. The open source software (OSS) is improving the distribution of applications as well as making waves in its community of open source innovators. Whether the project’s team members are out actively contributing to open source community awareness or working to further Docker’s contributions to container technology, it’s clear the we haven’t seen the last of its distinguished whale logo.

If you’re just now dipping your toe into the Docker pool, here a few noteworthy details about the software that will get you up to speed:

Strong community presence

This past February, Docker leveraged its blue whale logo in partnering with the Oceanic Society for an open-source-a-thon to support whale and marine wildlife conservation. At the event, team members of the Docker project mentored attendees on everything they needed to know about contributing to open source development—from code to documentation, to tutorials, to videos. The program brought the power of open source technology to the conservation of ocean and marine life health.

Background and updates

Docker is used in helping developers build, ship and run distributed applications over one platform using lightweight containers in lieu of virtual machines. The use of containers—specifically Linux Containers (LXC)—allows for universal adoption on all Linux distributions or hardware. The OSS operates on an Apache 2.0 license; so, when developers leverage Docker for application deployment, they must maintain open source license compliance to make legitimate contributions. The software recently updated to Docker 1.5, which includes features such as IPv6 support, bug fixes and viewable resource-usage statistics.

If you’re thinking about adopting this newly updated software into your business, then learn more about open source software license management so you can start reaping the benefits of one of today’s most disruptive OSS technologies.

A Key Rule of Open Source: Play Nice


The open source community is comprised of innovative collaborators whose goals are typically to contribute and positively influence today’s technology. But, even with that said, it’s not a free-for-all in terms of what you’re allowed to do when using open source code; there are rules and regulations to follow.  If you neglect licensing rules or forego the advantages of tools like intellectual property software audit services, open source adoption could become more complicated.

Below are few real situations that will demonstrate the importance of playing by the rules:

Google v. Yandex:  The recent conflict between Google and Russian search engine Yandex is a great example of how a set of clear boundaries could have avoided a legal catastrophe. According to Yandex, Android is installed on 86 percent of Russian smartphones. Android’s open source background allowed for Google to move in and ultimately monopolize the application—pushing Yandex out of the picture. Open source code is primarily effective and innovative due to its flexibility and modification possibilities. However, conflicts such as this lead one to wonder: if more concrete boundaries were set in place, would Google and Yandex be able to positively coexist?

GPLv2 License Controversy: Versata originally went to court to stop its licensee, Ameriprise Financial Services, from modifying its commercial Distribution Channel Management (DCM) software.  Ameriprise counter claimed that since DCM included GPL code from XimpleWare, then they were allowed to make modifications. XimpleWare sued both of them, alleging that Versata's inclusion of XimpleWare code caused the whole of DCM to be licensed under the GPL and therefore they should both release their source code under GPL obligations. To make the matter more exciting, XimpleWare then claimed that they owned patents in their GPL-licensed code, and allowing the use of their code under GPL copyright license does not automatically mean a patent license permission. Operating in the dark is unwise as you could end up in legal trouble, >much like Versata.

The open source code community is growing and advancing every day, but only for those that abide by the rules. So before you jump in, >read up and remember to play nice.

All Posts