In a significant shift for the software development community, Cal.com has announced it is moving away from open source licensing for its flagship scheduling platform, citing increased security vulnerabilities posed by artificial intelligence coding tools. The company, founded in 2022 as a proudly open-source project, argues that AI-powered attackers can now exploit publicly available codebases far more effectively than ever before, putting customer data at unacceptable risk.
Co-founder Peer Richelsen explained that the traditional open-source security model, which relied on community members to identify and patch vulnerabilities, has been fundamentally undermined by AI technology. "Now AI attackers are flaunting that transparency," he stated. CEO Bailey Pumfleet drew a stark comparison, describing open-source code as equivalent to "handing out the blueprint to a bank vault" whilst noting there are now "100x more hackers studying the blueprint." The company has specifically pointed to advanced AI tools like Claude Opus, which can systematically scan code to uncover security weaknesses.
Cal.com is transitioning from the GNU Affero General Public Licence (AGPL) to a proprietary licence for its commercial product. However, in an effort to maintain its connection to the open-source community, the company has released Cal.diy, a fully open-source version designed specifically for hobbyists and experimentation. This separate platform allows developers to continue tinkering without exposing sensitive commercial booking data to potential threats.
The decision has been influenced by security experts, including Huzaifa Ahmad, CEO of Hex Security, who claims that open-source applications are "5-10x easier to exploit than closed-source ones." Pumfleet emphasised that the company wants to focus on being a scheduling provider rather than a cybersecurity firm, and protecting sensitive customer information must take priority over philosophical commitments to open source. He did leave the door open for a potential return to open-source licensing should the security landscape change, stating that the decision is "entirely around the vulnerability that open source introduces" rather than a rejection of open-source principles themselves.
Fuente Original: https://yro.slashdot.org/story/26/04/15/1913213/calcom-is-going-closed-source-because-of-ai?utm_source=rss1.0mainlinkanon&utm_medium=feed
Artículos relacionados de LaRebelión:
- Linux 70 Released with Rust and Quantum Security
- OpenAIs AI Security Move Limited Cyber Model Release
- Microsofts Agent Toolkit Tackling Top AI Security Risks
- OCSF The Security Data Language Teams Need
- Tencents Lobster AI Dominating Enterprise with Open-Source
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario