this post was submitted on 15 Aug 2023
98 points (92.2% liked)

Open Source

31199 readers
253 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml
98
Will the cyber resilience act kill open source ? (en.m.wikipedia.org)
submitted 1 year ago by jungekatz@lib.lgbt to c/opensource@lemmy.ml
34 comments fedilink hide all child comments
 

Since the EU is bringing an act , that needs the products distributed to be flawless , and it applies to open source products too , if a single of their contributor / donor works for a corporate , what will be the future of FOSS in europe with this ?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] vsis 24 points 1 year ago (1 children)

Companies need to conduct cyber risk assessments before a product is put on the market and throughout its lifecycle effectively manage its vulnerabilities, regularly test it, and so on. Products assessed as 'critical' will need to undergo external audits.

I have not read the proposal. Legal language makes me want to rip my own eyes off.

The only winners I see are those security auditors and similar providers.

Privative corpos from USA and China will arrive with all "security assesments" and "auditions" in place, and still have backdoors lol

[โ€“] jungekatz@lib.lgbt 5 points 1 year ago

They prepared a list of software that need mandatory audit , like browsers and all !