Hacker News new | past | comments | ask | show | jobs | submit login
Freshermeat – Open-Source Security Software (open-source-security-software.net)
67 points by adulau 53 days ago | hide | past | web | favorite | 19 comments

For those who were wondering what "Freshermeat" has to do with the website (since it's not mentioned anywhere on the front page): The website is based on "Freshermeat"[1]. The GitLab page[2] describes it as "an open source software directory and release tracker".

[1] https://open-source-security-software.net/about

[2] https://gitlab.com/cedric/Freshermeat

I believe both are a callback to Freshmeat.net, one of the original OSS release trackers.

I remember almost getting in trouble in high school because I had freshmeat.net bookmarked on my lab computer.

The counselor was afraid to even click it!

Same here but at my first job. It took me a while to figure out why they thought I had downloaded hundreds of megs of porn. Finally told them to just click through and got an oh, nevermind.

correct, this was my intention.

Good description. It also provide a feed of CVEs: https://open-source-security-software.net/cves.atom

There are a lot of projects listed that seem to have a questionable connection to "security software": liquidsoap, pelican, geoplot, lounge, Julia, pytesseract, etc. Am I missing something?

A list with only relevant Oss security tools can be foundation on https://github.com/nocomplexity/SecurityPrivacyReferenceArch...

Indeed, I need to clean the list a bit. These are projects I imported some times ago.

It is also possible to submit a project for review: https://open-source-security-software.net/submit/

Things like Julia have components that are intended for security purposes but which cannot be used independently.

Nice. I use some of these.

Unfortunately,commercial software is a few years ahead for some of the more complicated projects.

I prefer opensource but lack of support is a deal breaker in many professional environments.

Security is a funny old thing. I don't think that a discussion that starts with worrying about open source vs not open source is too relevant. I use quite a few of those tools as well and I'm blowed if I'll spend much money on software in this sphere. I'll spend it on expertise though, if I need help. I do have a sub for a Nessus scanner for some simple marking of my homework and laying a baseline.

If you need "professional grade" support for this stuff, then you are probably in the wrong line of work.

Not true at all. I have stood up some of those projects in this post and when I left the org,there was no one else to support them and it became cheaper to pay some vendor to give you an appliance than run it all in-house.

With abundance of internal staff who can support it,opensource is viable but not always competitive either.

> If you need "professional grade" support for this stuff, then you are probably in the wrong line of work.

Given that approximately 99% of itsec is consultants I'm not sure where you get that from. Not everybody knows every subfield and tool, sometimes you pay people for their real world experience with one they gained from other clients. And of course licensing, prices, and support matter in the real world.

Nothing about open source prohibits professional support. Indeed, a lot of companies make money providing professional support of Open Source software. If you want paid support for OSS, then go look for it... you will often find it.

Just curiosity: why did you choose python flask?

Simply because I like simple and little things (to not call it framework) like Flask. I did some other projects with, like for example: https://shelter-database.org/ (https://github.com/rodekruis/shelter-database)

Before I was working with CherryPy. I switched to Flask like 6 years ago.

thanks for your reply! BTW I believe you should check that shelter db project, does not show any shelters.

yep, I didn't noticed this. Thank you. This should be recent. I have no more access to the database.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact