Also this November, as has happened for several years now, Edge9 participated in the SFSCONa two-day event dedicated to the world of open source and free software held at NOI Techpark of Bolzano, a technology park that hosts companies, start-ups and research institutions. An event full of very short sessions, 15 minutes each, so as to keep attention high and not risk boring the audience with endless presentations. This year, among other things, was the opportunity for a small change in format: the sessions, in fact, were no longer moderated by NOI Techpark staff, as per tradition, but by journalists invited for the occasion, including which Vittorio Manti by Edge9, which focused on interventions focused on open hardware, DevOPS e cybersecurity.
Monetize from free software
To open the dance, as per tradition, Patrick Ohneweinhead of the Tech Transfer Digital unit of the NOI Techpark and the creator of the event. Which, let us remember, was born 24 years ago. Initially it was mostly a meeting between free software enthusiasts, but in a short time the attention grew rapidly, so much so that SFSCON 24 was attended by more than 1,000 people. “At the first meeting we were ten people”, explains Ohnewein, “but over the years the event has become a point of reference on the topic of free software”, focusing both on the benefits that open source brings to end users, but also on the benefits for companies and research, development and innovation institutions. In fact, we often make the mistake of considering free software as a sort of passion, without realizing that it is actually a full-fledged business. “Open source is present in almost all solutions today: it is part of the supply chain for the creation of an IT product. A supply chain that also depends on small projects that are perhaps maintained by a single developer. This is why it is necessary to create business models that also support the development of these libraries”Ohnewein points out.
And this very theme was at the center of theintervention Of Emily Omierfounder of Emily Omier Consulting, who gave a speech on this very topic during the keynote. The consultancy founded by Omier does just that: it helps people in the free software industry find the most effective way to monetize. Basically, according to Omier there are three most suitable approaches: the classic support that comes from user donations (tip jar); the choice to get paid by large companies to maintain the development of libraries or portions of code used by many companies; the creation of companies that create value around these projects, such as distributions dedicated to the enterprise world. Because creating a company means structuring yourself, organizing activities to generate value, and more generally contributing to the growth of the ecosystem. Naturally without giving up profits, even if you don’t sell the product directly.
Why large companies should actively support open source
SFSCON 24 was not only attended by enthusiasts and people working on open source projects. In fact, among the speakers there were employees of large companies such as Microsoft, AWS, FOS Group (which is also a sponsor of the event). And a point raised by more than one speaker was precisely the importance of finding a way to support open source projects, especially the most critical ones: we are talking about libraries and pieces of code that are used within software on which the correct functioning of key infrastructures, including cloud ones. Projects that are often carried out by very few people, sometimes even just one or two, who do it in their free time: greater support from the companies that then use this code could give further stimuli to development, also guaranteeing greater security .
Not just free software: the role of open hardware
Hardware should also be free, where freedom means the possibility of knowing how the chips work, of having access to the schematics.
It is the thesis of Luca Aloattiwhich in his intervention highlighted how many of the functions present in chips, for example processors, are hidden, inaccessible to users, who have no way of reusing these chips for purposes other than those for which they were intended, and must trust them in terms of security .
If in the context of free software it is in fact possible to analyze the code in search of possible bugs or backdoors, what happens inside a modern chip is to all intents and purposes unknown. In the case of Intel CPUs, for example, there is no information on the design, the layout is secret, the BIOS is closed-source, and there are undocumented and potentially dangerous instructions.
But we are not just thinking about processors: also the design of much simpler objects, such as identity documents which today are often equipped with chips and which in some cases contain vulnerabilities, such as ROCApresent in many smart cards and TPM modules (including YubiKeys tokens), which allows an attacker to recover the private key from the public key.
Open source and EU rules
Among the topics addressed by the speakers were also those of EU regulations, including the Digital Markets Act and the EU AI Act, which are having a significant impact on the market and on open source software itself. “The rules are fundamental, dice Ohneweinma it’s important That “business models are also introduced that allow startups to do business that leverage open source. Businesses that must be sustainable, adequate to support the entire supply chainincluding developers who take care of the many small libraries used in various projects.
Ultimately, SFSCON continues to grow and attract the attention of a greater number of entities, including the big names in the technological world, updating itself and covering more and more topics, although linked to the world of free software, such as sustainability, as he explained to us Joseph P. De Veaugh-GeissKDE project community manager Echo of KDE eV
Source: edge9.hwupgrade.it
