Microsoft and IBM release MS-DOS 4.00 source code

In a celebration of innovation and preserving computing history, Microsoft has released the source code for MS-DOS 4.00 in partnership with IBM. The release – available under the permissive MIT license – includes the operating system's source code, binary files, and original documentation.

The decision to open source MS-DOS 4.00 stems from recent correspondence between a researcher named Connor "Starfrost" Hyde and former Microsoft CTO Ray Ozzie. While exploring Ozzie's...

GitHub updates Innovation Graph with latest developer trends

GitHub's Innovation Graph has been updated with data from Q4 2023, offering a comprehensive view of global developer activity over the past four years.

The latest findings highlight the increasing popularity of AI among developers, leading to a rise in project documentation. This trend is attributed to the widespread use of chat-based generative AI tools like GitHub Copilot Chat and ChatGPT.

"While we recognise that it's not a panacea, perhaps generative AI technologies...

Use open-source digital twins to track live systems

Recent technology innovations have made real-time monitoring of live systems easier and more powerful. Digital twins are one of the latest game-changing technologies.

The Digital Twin Consortium defines digital twins as virtual representations of real-world entities and processes, synchronised at a specified frequency and fidelity. They use real-time and historical data to represent the past and present and simulate predicted futures.

Michael Grieves first introduced the...

GitHub enables secret scanning push protection by default

In response to the alarming trend of API keys, tokens, and other confidential data being inadvertently exposed, GitHub has taken further steps to fortify its platform against potential breaches.

Within the first two months of 2024, GitHub has uncovered one million leaked secrets across public repositories, averaging over a dozen incidents per minute. Such alarming figures underscore the pressing need for robust safeguards to protect users and their data.

Since August...

Python packages caught using DLL sideloading to bypass security

ReversingLabs researchers have uncovered Python packages using DLL sideloading to bypass security tools.

On 10 January 2024, Karlo Zanki, a reverse engineer at ReversingLabs, stumbled upon two suspicious packages on the Python Package Index (PyPI). These packages – named NP6HelperHttptest and NP6HelperHttper – were found to be utilising DLL sideloading, a known technique used by malicious actors to execute code discreetly and evade detection from security tools.

This...

GitHub invites open-source AI developers to apply for Accelerator

GitHub has announced applications are now open for the next cohort of its Accelerator program, which provides funding, mentoring, and other benefits for early-stage open-source projects. There is a particular focus this year on developers building AI solutions.

Applications will be accepted on a rolling basis until 5 March 2024. Ten projects will be selected to participate in the 10-week program beginning 22 April 2024.

The 2024 GitHub Accelerator cohort focuses on the...

Open source wins concessions in new EU cyber law

The European Cyber Resilience Act (CRA) has undergone substantial revisions, bringing relief to the open-source community.

Back in April, the Python Software Foundation (PSF) had expressed concerns about potential repercussions for CPython and PyPI if the initial form of CRA were to be enacted.

The primary worry was that, in the course of providing open-source software, the PSF and the Python community might assume legal responsibility for security issues in products...

Checkmarx uncovers persistent Python package threat

Checkmarx has uncovered a threat actor that has been quietly infiltrating the open-source ecosystem for nearly six months, planting malicious Python packages with a focus on deception and financial gain.

The malicious actor employed a systematic approach, disguising their packages with names closely resembling popular legitimate Python packages. These decoy packages, camouflaged to blend in, successfully garnered thousands of downloads. The malicious payload, embedded within the...

GitHub launches Innovation Graph for interactive development insights

GitHub has unveiled its Innovation Graph, an open data and insights platform for measuring and understanding the global impact of developers.

The ambitious initiative aims to address a longstanding challenge faced by policymakers and researchers: the lack of reliable and comprehensive data on trends in software development.

Understanding the Innovation Graph

The Innovation Graph is a repository of longitudinal metrics that track software development across economies...

Ruby on Rails creator deplores ‘open-source hooliganism’

Ruby on Rails creator David Heinemeier Hansson has expressed his concerns about what he called "open-source hooliganism."

Hansson recounted a recent incident involving the TypeScript community and their reaction to a decision made by the team behind Turbo.

Hansson began by acknowledging the passion that many developers have for their preferred programming languages and tools. He noted that the enthusiasm displayed by these individuals is a testament to their dedication...