The CEO of Wireline -- a cloud application marketplace and serverless architecture platform -- is pushing for an open source development fund to help sustain projects, funded by an initial coin offering. "Developers like me know that there are a lot of weak spots in the modern internet," he writes on MarketWatch, suggesting more Equifax-sized data breaches may wait in our future. In fact, many companies are not fully aware of all of the software components they are using from the open-source community. And vulnerabilities can be left open for years, giving hackers opportunities to do their worst. Take, for instance, the Heartbleed bug of 2014... Among the known hacks: 4.5 million health-care records were compromised, 900 Canadians' social insurance numbers were stolen. It was deemed "catastrophic." And yet many servers today -- two years later! -- still carry the vulnerability, leaving whole caches of personal data exposed...

[T]hose of us who are on the back end, stitching away, often feel a sense of dread. For instance, did you know that much of the software that underpins the entire cloud ecosystem is written by developers who are essentially volunteers? And that the open-source software that underpins 70% of corporate America is vastly underfunded? The Heartbleed bug, for instance, was created by an error in some code submitted in 2011 to a core developer on the team that maintained OpenSSL at the time. The team was made up of only one full-time developer and three other part-timers. Many of us are less surprised that a bug had gotten through than that it doesn't happen more often.
The article argues that "the most successful open-source initiatives have corporate sponsors or an umbrella foundation (such as the Apache and Linux foundations). Yet we still have a lot of very deeply underfunded open-source projects creating a lot of the underpinnings of the enterprise cloud."

An anonymous reader quotes the Hollywood Reporter: Looking at the most-ordered comic books in the North American comic market, DC Entertainment had a particularly strong year, with seven of the top 10 issues of the year being published by the home of Superman, Batman and the Justice League... just three years ago, not one DC title made it to the list, with nine titles coming from Marvel alone. (By comparison, Marvel takes just three places this year, with one of those due to its inclusion in a subscription mystery box service)... Perhaps surprisingly, the big winner of 2017 looking at the top 10 list is DC's crossover between its DC Universe and Watchmen properties. The first issue of the Doomsday Clock series charted third â" and could end up higher on the final list for the year, depending on re-order numbers in December â" but all four issues of the prologue storyline "The Button," from summer issues of Batman and The Flash, also made it into the top 10.

it's worth noting that, across the board, order numbers for comics in the North American market fell 10 percent compared with last year. The market is shrinking, unless something turns it around soon... One last thing to note about the year's top 10, and also the comic market as it currently exists in general: It's probably time to stop pretending that mass media projects significantly impact comic book orders. In a year with Justice League, Wonder Woman, Guardians of the Galaxy Vol. 2, Logan, Thor: Ragnarok and Spider-Man: Homecoming in theaters, there isn't a Justice League, Wonder Woman, Guardians of the Galaxy, Wolverine, Thor or Spider-Man title in the top 10. Indeed, Marvel has just canceled the Guardians of the Galaxy comic book series.
Mavel had the most-ordered comic book of the year -- Marvel Legacy No. 1 -- though the article notes that all of its numbers are inevitably skewed by "ordering incentives put in place by publishers that require that a certain number of copies are ordered by stores in order to achieve a specific discount."

The Kodi media player is now available to download on your Xbox One, making it one of the best Xbox One exclusives of the year. The Verge reports: Kodi is a very capable player that's highly expandable thanks to third-party add-ons like live TV and DVR services -- something Microsoft isn't going to provide. But Kodi is perhaps best known as the go to app for piracy due to a wide variety of plugins that let you illegally stream television shows, professional sports, and films from the comfort of your living room. This has led to a cottage industry of so-called "Kodi boxes," often built around cheap HDMI dongles like Amazon's Fire TV sticks. While the XBMC Foundation has attempted to distance itself from the illegal third-party plugins, it's also benefited from the exposure. In a blog post, Kodi warns that the Xbox One download isn't finished and may contain missing features and bugs. Fun fact: Kodi began life fifteen years ago as the XBMP (Xbox Media Player). The only way to get the open-source player running on an original Xbox was to hack the console. XBMP eventually evolved into XBMC (Xbox Media Center), which then became Kodi.