How to Compile & Install Pinta 2.1 from Source in Ubuntu 22.04 |22.10

For Pinta users who do NOT like the Snap and Flatpak packages that run in sandbox. Here’s how to build the 2.1 release from source tarball in Ubuntu 22.04 & 22.10.

Pinta has switch to .NET 6.0 framework since version 2.0. Which however needs internet connection to fetch something for the first time during the build time. And, most Linux so far still has Pinta v1.x in their system repositories.

Thankfully, building Pinta 2.1 from source is not hard. And, here’s the step by step guide show you how!

1. Firstly, press Ctrl+Alt+T on keyboard to open terminal. When it opens, run command to install .NET 6 as well as dev libraries for building the package.

sudo apt install dotnet-sdk-6.0 debhelper autotools-dev autoconf-archive gettext intltool libgtk-3-dev

NOTE: If you’ve already installed dotnet 7.0 from Microsoft repository, skip dotnet-sdk-6.0 in command.

2. Next, download the source tarball from github release page (under ‘Assets’ section):

3. Then, extract the tarball in file manager. Right-click on source folder and select “Open in Terminal”.

4. The last step will open a terminal window and automatically navigate to the Pinta source folder as working directory.

In the terminal window, run command to configure the source:


And, finally compile and install it via:

sudo make install

NOTE: This step needs internet connection if you’re first time using dotnet to build a package. And, it may fail if you’ve ever installed .NET 7.0 but removed (not completely) and use .NET 6.0 now.

If everything’s done without any error, you should now be able to search for and launch Pinta from system start menu (‘Activities’ overview).


Until you remove the source folder, you can run sudo make uninstall at any time from in that folder to uninstall Pinta package.

If you’ve removed the source folder, re-do the previous steps and replace the last command with sudo make uninstall.

How Secure is Using Open Source Components?

Open source has always been the epitome of security, and this is now more so the case than ever due to the recent influx of software like open source analysis. However, it is still natural for people to have their doubts, and it would be misleading to say that using open source components is always safe one hundred percent of the time. 

Luckily, there are a few ways for us to gauge the security of open source components by looking at the moving parts behind the curtains, and this is exactly what we are going to be delving into in this article. Let’s take a look at how secure using open source components truly is. 


lock on keyboard


Any Weaknesses Will Be Dealt With As Soon As They Exposed

One of the biggest features that sets open source apart from any other solutions is that its code is accessible by anyone. There are usually thousands of developers working on a project at any given time, and as a direct result of this, any weaknesses are likely going to be resolved near immediately. 

Having this many developers helps improve security all over the board. Not only are any threats/weaknesses going to have much higher chances of being detected with open source, but there is also going to be a whole community of people working for a solution whenever a problem rears its head. This means that the security that open source components can offer is usually far superior to anything else on the market.

This is all the more noticeable when you begin to factor in the fact that issues with fixed solutions can be incredibly difficult to detect, and even when potential problems are detected, it can still take a while for any changes to be made.

Open source components just have a huge advantage over fixed solutions due to the sheer number of people that are working on them, and for an area as delicate as security, this can be extraordinarily beneficial. 


The Stakes Have Never Been Higher

If you have ever asked yourself the question of should I use open-source components, there is one crucial factor that you just cannot leave out of the conversation. With open source components, most developers who work on them tend to also have some kind of stake in the venture themselves – why else would they be working on it?

No one is forced to work on open source technology. It is completely voluntary. The only reasons why someone would be working on an open source project would be because they also gain benefit from the component in question or because they happen to have a particular interest in a certain field and want to see it excel.

This means that the people who are working on any given open source component are usually invested in the company themselves, and it is in everybody’s best interest to make sure said technology is the best it can possibly be.

You just don’t get this kind of collateral when working with fixed solutions developed by people who have no stake in the matter – everyone involved has something to lose, and the incentive to improve because of one’s own investment is way stronger than just a good review or the ability to acquire repeat customers. 


More Cooks Do Not Always Spoil The Broth 

You have all heard the saying; more cooks spoil the broth. This is true in more than just a few situations – but when it comes to online security, more is usually better. Having thousands of talented/invested developers working on a component is going to lead to far better results than just a small team whose only goal is to make a profit, and this is especially the case since bug testing can be particularly troublesome with a smaller team.

The unusually high number of developers that work on open source projects make finding any issues an absolute breeze, and the chances of a problem being discovered are exponentially higher. 

In practical terms, this means that open source components are going to be much more polished/bug-free than regular solutions, and if you choose to utilise them, you are likely going to get access to security that is much better than anything else you could potentially get your hands on. 

Open source is a prime example of how more cooks can actually be a good thing if the dish in question happens to be practically intricate, and in the vast majority of situations, it is going to be superior to any fixed alternatives. 

We truly hope the insight you have been able to gain from this article will be of use to you. Open source is much safer than you can imagine, and in most cases, it is going to be the better option when compared to fixed solutions. 

There are just too many benefits to open source to ignore – cost-effective, secure, efficient; what else could you ask for? If you choose to use open-source components in any of your upcoming projects, you are going to be much better off for it, and you will soon come to realise just how effective open source can be. 

The post How Secure is Using Open Source Components? appeared first on IT Security Guru.

Elevate Your Organization’s Open Source Strategy

The role of software, specifically open source software, is more influential than ever and drives today’s innovation. Maintaining and growing future innovation depends on the open source community. Enterprises that understand this are driving transformation and rising to the challenges by boosting their collaboration across industries, understanding how to support their open source developers, and contributing to the open source community.

They realize that success depends on a cohesive, dedicated, and passionate open source community, from hundreds to thousands of individuals. Their collaboration is key to achieving the project’s goals.   It can be challenging to manage all aspects of an open source project considering all the different parts that drive it. For example:

Project’s scope and goals
Participating members, maintainers, and collaborators
Management and governance
Legal guidelines and procedures
IT services 
Source control, CI/CD, distribution, and cloud providers
Communication channels and social media

The Linux Foundation’s LFX provides various tools to help open source communities design and adopt a successful project strategy considering all moving parts. So how do they do it? Let’s explore that using the Hyperledger project as an example. 

1. Understand your project’s participation

Through the LFX Individual Dashboard, participants can register the identity they are using to contribute their code to GitHub and Gerrit (Since the Hyperledger project uses both). Then, the tool uses that identity to connect users’ contributions, affiliations, memberships, training, certifications, earned badges, and general information. 

With this information, other LFX tools gather and propagate data charts to help the community visualize their participation in GitHub and Gerrit for the different Hyperledger repositories. It also displays detailed contribution metrics, code participation, and issue participation.  

The LFX Organization Dashboard is a convenient tool to help managers and organizations manage their project memberships, discover similar projects to join, and understand the team’s engagement in the community. In detail, it provides information on:

Code contributions
Committee members
Event speakers and attendees 
Training and certification
Project enrollments

It is vital to have the project’s members and participant identities organized to understand better how their work makes a difference in the project and how their participation interacts with others toward the project’s goals.  

2. Manage your project’s processes

LFX Project Control Center offers a one-stop portal for program managers to organize their project participation, IT services, and quick access to other LFX tools.

Project managers can also connect:

Their project’s source control
Issue tracking tool
Distribution service
Cloud provider
Mail lists
Meeting management
Wiki and hosted domains 

For example, Hyperledger can view all related organizations under their Hyperledger Foundation umbrella, analyze each participant project, and connect services like GitHub, Jira, Confluence, and their communication channels like and Twitter accounts.

Managing all the project’s aspects in one place makes it easier for managers to visualize their project scope and better understand how all their services impact the project’s performance.

3. Reach outside and get your project in the spotlight

Social and earned media are vital to ensure your project reaches the ears of its consumers. In addition, it is essential to have good visibility into your project’s influence in the Open Source world and where it is making the best impact.

LFX’s Insights Social Media Metrics provides high-level metrics on a project’s social media account like:

Twitter followers and following information 
Tweets and retweet breakdown
Trending tweets
Hashtag breakdown 
Contributor and user mentions

In the case of Hyperledger, we have an overall view of their tweet and retweet breakdown. In addition, we can also see how tweets by Bitcoin News are making an impression on the interested communities. 

Insights help you analyze how your project impacts other regions, reaches diverse audiences by language, and adjust communication and marketing strategies to reach out to the sources that open source participants rely on to get the latest information on how the community contributes and engages with others. For example, tweets written in English, Japanese, and Spanish made by Hyperledger contributors are visible in an overall languages chart with direct and indirect impressions calculated.

The bottom line

A coherent open source project strategy is a crucial driver of how enterprises manage their open source programs across their organization and industry. LFX is one of the tools that make enterprise open source programs successful. It is an exclusive benefit for Linux Foundation members and projects. If your organization and project would like to join us, learn more about membership or hosting your project.

The post Elevate Your Organization’s Open Source Strategy appeared first on Linux Foundation.

The post Elevate Your Organization’s Open Source Strategy appeared first on

The Linux Foundation Announces Keynote Speakers for Open Source Summit Europe 2022

Global visionaries headline the premier open source event in Europe to share on OSS adoption in Europe, driving the circular economy, finding inspiration through the pandemic, supply chain security and more. SAN FRANCISCO, August 4, 2022 — The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the keynote speakers for Open Source Summit…


The post The Linux Foundation Announces Keynote Speakers for Open Source Summit Europe 2022 appeared first on

Public-private partnerships in health: The journey ahead for open source

This original article appeared on the LF Public Health project’s blog.

The past three years have redefined the practice and management of public health on a global scale. What will we need in order to support innovation over the next three years?

In May 2022, ASTHO (Association of State and Territorial Health Officials) held a forward-looking panel at their TechXPO on public health innovation, with a specific focus on public-private partnerships. Jim St. Clair, the Executive Director of Linux Foundation Public Health, spoke alongside representatives from MITRE, Amazon Web Services, and the Washington State Department of Health.

Three concepts appeared and reappeared in the panel’s discussion: reimagining partnerships; sustainability and governance; and design for the future of public health. In this blog post, we dive into each of these critical concepts and what they mean for open-source communities.

Reimagining partnerships

The TechXPO panel opened with a discussion on partnerships for data modernization in public health, a trending topic at the TechXPO conference. Dr. Anderson (MITRE) noted that today’s public health projects demand “not just a ‘public-private’ partnership, but a ‘public-private-community-based partnership’.” As vaccine rollouts, digital applications, and environmental health interventions continue to be deployed at scale, the need for community involvement in public health will only increase.

However, community partnerships should not be viewed as just another “box to check” in public health. Rather, partnerships with communities are a transformative way to gain feedback while improving usability and effectiveness in public-health interventions. As an example, Dr. Anderson referenced the successful VCI (Vaccination Credential Initiative) project, mentioning “When states began to partner to provide data… and offered the chance for individuals to provide feedback… the more eyeballs on the data, the more accurate the data was.”

Cardea, an LFPH project that focuses on digital identity, has also benefited from public-private-community-based partnerships. Over the past two years, Cardea has run three community hackathons to test interoperability among other tools that use Cardea’s codebase. Trevor Butterworth, VP of Cardea’s parent company, Indicio, explained his thoughts on community involvement in open source: “The more people use an open source solution, the better the solution becomes through stress testing and innovation; the better it becomes, the more it will scale because more people will want to use it.” Cardea’s public and private-sector partnerships also include Indicio, SITA, and the Aruba Health Department, demonstrating the potential for diverse stakeholders to unite around public-health goals.

Community groups are also particularly well-positioned to drive innovation in public health: they are often attuned to pressing issues that might be otherwise missed by institutional stakeholders. One standout example is the Institute for Exceptional Care (IEC), a LFPH member organization focused on serving individuals with intellectual and developmental disabilities, “founded by health care professionals, many driven by personal experience with a disabled loved one.” IEC recently presented a webinar on surfacing intellectual and developmental disabilities in healthcare data: both the webinar and Q&A showcased the on-the-ground knowledge of this deeply involved, solution-oriented community.

Sustainability and governance

Sustainability is at the heart of every viable open source project, and must begin with a complete, consensus-driven strategy. As James Daniel (AWS) mentioned in the TechXPO panel, it is crucial to determine “exactly what a public health department wants to accomplish, [and] what their goals are” before a solution is put together. Defining these needs and goals is also essential for long-term sustainability and governance, as mentioned by Dr. Umair Shah (WADOH): “You don’t want a scenario where you start something and it stutters, gets interrupted and goes away. You could even make the argument that it’s better to not have started it in the first place.”

Questions of sustainability and project direction can often be answered by bringing private and public interests to the same table before the project starts. Together, these interests can determine how a potential open-source solution could be developed and used. As Jim St. Clair mentioned in the panel: “Ascertaining where there are shared interests and shared values is something that the private sector can help broker.” Even if a solution is ultimately not adopted, or a partnership never forms, a frank discussion of concerns and ideas among private- and public-sector stakeholders can help clarify the long-term capabilities and interests of all stakeholders involved.

Moreover, a transparent discussion of public health priorities, questions, and ideas among state governments, private enterprises, and nonprofits can help drive forward innovation and improvements even when there is no specific project at hand. To this end, LFPH hosts a public Slack channel as well as weekly Technical Advisory Council (TAC) meetings in which we host new project ideas and presentations. TAC discussions have included concepts for event-driven architecture for healthcare data, a public health data sharing mesh, and “digital twins” for informatics and research.

Design for the future of public health

Better partnerships, sustainability, and governance provide exciting prospects for what can be accomplished in open-source public health projects in the coming years. As Jim St. Clair (LFPH) mentioned in the TechXPO panel: “How do we then leverage these partnerships to ask ‘What else is there about disease investigative technology that we could consider? What other diseases, what other challenges have public health authorities always had?’” These challenges will not be tackled through closed source solutions—rather, the success of interoperable, open-source credentialing and exposure notifications systems during the pandemic has shown that open-source has the upper hand when creating scalable, successful, and international solutions.

Jim St. Clair is not only optimistic about tackling new challenges, but also about taking on established challenges that remain pressing: “Now that we’ve had a crisis that enabled these capabilities around contact tracing and notifications… [they] could be leveraged to expand into and improve upon all of these other traditional areas that are still burning concerns in public health.” For example, take one long-running challenge in United States healthcare: “Where do we begin… to help drive down the cost and improve performance and efficiency with Medicaid delivery? … What new strategies could we apply in population health that begin to address cost-effective care-delivery patient-centric models?”

Large-scale healthcare and public-health challenges such as mental health, communicable diseases, diabetes—and even reforming Medicaid—will only be accomplished by consistently bringing all stakeholders to the table, determining how to sustainably support projects, and providing transparent value to patients, populations and public sector agencies. LFPH has pursued a shared vision around leveraging open source to improve our communities, carrying forward the same resolve as the diverse groups that originally came together to create COVID-19 solutions. The open-source journey in public health is only beginning.

The post Public-private partnerships in health: The journey ahead for open source appeared first on Linux Foundation.

The post Public-private partnerships in health: The journey ahead for open source appeared first on

People of Open Source: Neville Spiteri, Wevr

This post originally appeared on the Academy Software Foundation’s (ASWF) blog. The ASWF works to increase the quality and quantity of contributions to the content creation industry’s open source software base. 

Tell us a bit about yourself – how did you get your start in visual effects and/or animation? What was your major in college?

I started experimenting with the BASIC programming language when I was 12 years old on a ZX81 Sinclair home computer, playing a game called “Lunar Lander” which ran on 1K of RAM, and took about 5 minutes to load from cassette tape.

I have a Bachelor’s degree in Cognitive Science and Computer Science.

My first job out of college was a Graphics Engineer at Wavefront Technologies, working on the precursor to Maya 1.0 3D animation system, still used today. Then I took a Digital Artist role at Digital Domain.

What is your current role?

Co-Founder / CEO at Wevr. I’m currently focused on Wevr Virtual Studio – a cloud platform we’re developing for interactive creators and teams to more easily build their projects on game engines.

What was the first film or show you ever worked on? What was your role?

First film credit: True Lies, Digital Artist.

What has been your favorite film or show to work on and why?

TheBlu 1.0 digital ocean platform. Why? We recently celebrated TheBlu 10 year anniversary. TheBlu franchise is still alive today. At the core of TheBlu was/is a creator platform enabling 3D interactive artists/developers around the world to co-create the 3D species and habitats in TheBlu. The app itself was a mostly decentralized peer-to-peer simulation that ran on distributed computers with fish swimming across the Internet. The core tenets of TheBlu 1.0 are still core to me and Wevr today, as we participate more and more in the evolving Metaverse.

How did you first learn about open source software?

Linux and Python were my best friends in 2000.

What do you like about open source software? What do you dislike?

Likes: Transparent, voluntary collaboration.

Dislikes: Nothing.

What is your vision for the Open Source community and the Academy Software Foundation?

Drive international awareness of the Foundation and OSS projects.

Where do you hope to see the Foundation in 5 years?

A global leader in best practices for real-time engine-based production through international training and education.

What do you like to do in your free time?

Read books, listen to podcasts, watch documentaries, meditation, swimming, and efoiling!

Follow Neville on Twitter and connect on LinkedIn.  

The post People of Open Source: Neville Spiteri, Wevr appeared first on Linux Foundation.

The post People of Open Source: Neville Spiteri, Wevr appeared first on

OSS Security Highlights from the 2022 Open Source Summit North America

By Ashwin Ramaswami

Last month, we just concluded the Linux Foundation’s 2022 Open Source Summit North America (OSS NA), when developers, technologists, and community leaders from industry, academia, and government converged in Austin, Texas, from June 21-24 to talk about all things open source. Participants and speakers highlighted open source innovation and efforts to ensure a sustainable open source ecosystem.

What did the summit tell us about the state of OSS security? Several parts of the conference addressed different aspects of this issue – OpenSSF Day, Critical Software Summit, SupplyChainSecurityCon, and the Global Security Vulnerability Summit. Overall, the summit demonstrated an increased emphasis on open source security as a community effort with various stakeholders. More ambitious and innovative approaches to handling the open source security problem – including collaboration, tools, and training – were also introduced. Finally, the summit highlighted the importance for open source users to give back to the community and contribute upstream to the projects they depend on.

Let’s explore these ideas in more detail!

Click on the list on the upper right of this video to view the entire OpenSSF Day playlist (13 videos)

Open source security as a community effort

Open source security is not just an isolated effort by users or maintainers of open source software. As OSS NA showed, the stakes of open source security have turned it into a community effort, where a wide variety of diverse stakeholders have an interest and are beginning to get involved.

As Todd Moore (IBM) mentioned in his keynote, incidents such as log4shell have made open source security a bigger priority for governments – and it is important for existing open source stakeholders, both users and maintainers, to work as a community to take a cohesive message back to the government to articulate our community’s needs and how we are responding to this challenge.Speakers at a panel discussion with the Atlantic Council’s Cyber Statecraft Initiative and the Open Source Security Foundation (OpenSSF) discussed the summit held by OpenSSF in Washington, DC on May 12 and 13, where representatives from industry and government met to develop the Open Source Software Security Mobilization Plan, a $150 million plan for better securing the open source ecosystem.A panel discussion explored how major businesses are working together to improve the security of the open source supply chain, particularly through the governance structure of the OpenSSF.

New approaches to address open source security

OSS NA featured several initiatives to address fundamental open source security issues, many of which were particularly ambitious and innovative.

The OpenSSF’s Alpha-Omega Project was announced to address software vulnerabilities for OSS projects that are most critical (alpha) and at the long tail (omega).Eric Brewer (Google) gave a keynote discussing the fundamental problem of ensuring accountability in the open source software supply chain. One way of solving this is through curation: creating a repository of vetted and secure packages.Standards continue to be important, as always: Art Manion (CERT/CC) discussed the history and future of the CVE Program, while Jennings Aske (New York-Presbyterian Hospital) and Melba Lopez (IBM) discussed the importance of a Software Bill of Materials (SBOM).The importance of security tooling was emphasized, with discussions on tools such as sigstore, automation of security checks through Infrastructure as Code tools, and CI/CD pipelines.David Wheeler (Linux Foundation) discussed how education in secure software development is critical to ensuring open source software security. Courses like the OpenSSF’s Secure Software Development Fundamentals Courses are available to help developers learn this topic.

Giving back to the community

Participants at the summit recognized that open source security is ultimately a matter of community, governance, and sustainability. Projects that don’t have the right resources or governance structure may not be able to ensure their projects are secure or accept the right funding to do so.

Steve Hendrick (Linux Foundation) and Matt Jarvis (Snyk) discussed the release of the 2022 State of Open Source Security report from Snyk and the Linux Foundation. The report noted that open source software is often a one-way street where users see significant benefits with minimal cost or investment. It is recommended that organizations need to close the loop and give back to OSS projects they use for larger open source projects to meet user expectations.Aeva Black (Microsoft) discussed approaches to community risk management through drafting and enforcing a code of conduct, and how ignoring community health can lead to sometimes catastrophic technical outcomes for OSS Projects.Sean Goggins (CHAOSS) discussed the relationship between community health and vulnerability mitigation in open source projects by using metrics models from the CHAOSS projects.Margaret Tucker and Justin Colannino (GitHub) discussed the role that package registries have in open source security, beginning to formulate some principles that would balance these registries’ responsibility for safety and reliability with the freedom and creativity of package maintainers.Naveen Srinivasan (Endor Labs) and Laurent Simon (Google) explored the OpenSSF Scorecard to more easily analyze the security of open source projects and proactively improve their security.Amir Montazery (OSTIF) discussed the Open Source Technology Improvement Fund’s efforts to help OSS maintainers to work with security experts to improve their projects’ security posture.


In sum, the talks and conversations at OSS Summit NA help paint a picture of how key stakeholders in the open source software ecosystem – OSS communities, industry, academia, and government – are thinking about conceptualizing big-picture issues and directing efforts around OSS security.

But these initiatives and talks still have a lot of room for input! Whether individually or through your institution, consider adding your voice to this discussion as we continue to support the open source software community. Join an OpenSSF working group, another initiative, or contribute upstream to open source projects that you depend on.

The post OSS Security Highlights from the 2022 Open Source Summit North America appeared first on Linux Foundation.

The post OSS Security Highlights from the 2022 Open Source Summit North America appeared first on

Bosch leverages open source model; teams with PolyCrypt to tackle blockchain for the Economy of Things

This post originally appeared on the Hyperledger Foundation’s blog. You can read the full case study here

Some years ago, researchers realized that IoT devices would need to buy and sell from one another. In this “Economy of Things,” the items to be traded will include power, data, and connectivity. Most transactions will be fast, low value, and high frequency.

For a company like The Bosch Group that’s active in everything from autonomous vehicles to thermal plants, the Economy of Things will touch many lines of business. That’s why, in 2017, the company’s advanced research group, Bosch Research, was looking to find a way to scale up blockchain transactions to support the Economy of Things.

Bosch set out to do meet that requirement by leveraging a specific, step-by-step open source strategy for developing new markets:

Identify a requirement
Set goals
Consider the terrain
Build a partnership
Pick a suitable license
Use open source archetypes

The goals were to lead an effort to create standards for the Economy of Things and to build a framework where different partners could work together.

A survey for likely partners led the Bosch team to Perun, an early layer-2 protocol that passes state information off-chain through virtual channels. Bosch joined forces with several academics to implement this protocol and start creating an ecosystem.

As part of the process, Perun needed a stable home where everyone could access the latest code, and other people could find it. Hyperledger Labs provides a space where developments can be started without the overhead of creating an official Hyperledger project.

In Q3 2020, Perun was welcomed into Hyperledger Labs, and development has continued with work from the team at Boch and PolyCrypt GbmH, a startup spun out of the Technical University Darmstadt, where much of the academic research behind Perun began.

The Bosch team was eager to talk about its approaches and contributions to Hyperledger Foundation. To that end, they worked with Hyperledger marketing and others in the Perun community on a case study that details not only the business and technology challenges they’ve set out to tackle but also the strategic way they are leveraging open source development to advance the industry for all.

We never know what technology will turn into the Next Big Thing.

Perhaps Perun will be one of them, powering billions of micropayments between IoT devices or enabling people to shop with Central Bank Digital Currencies (CBDCs) that are still on the drawing board today.

Read the full case study here.

The post Bosch leverages open source model; teams with PolyCrypt to tackle blockchain for the Economy of Things appeared first on Linux Foundation.

The post Bosch leverages open source model; teams with PolyCrypt to tackle blockchain for the Economy of Things appeared first on

Patrick Debois: Untold Stories of Open Source

Raise your hand if you ever downloaded software by recording a series of tones onto a cassette tape as it was being broadcast over a radio station. 

Patrick Debois did – back in the 1980s as a budding computer enthusiast. He recalled that Europe didn’t have the network of electronic BBSes that existed in the U.S. These radio broadcasts were one way to distribute software, although they were often thwarted “when your mom walked in the room saying something and ruined the recording.” 

Patrick was only temporarily deterred and continued exploring his passion for computers but missed a community. He found a community when Linux came on the scene. He recounts the value of the Linux community, “The fact that there was a sharing community, and the Linux community of tools that I could just use, especially as a student. I know open source is not about being for free. But it was tremendously helpful to me as a student at that time to be able to try new stuff, to learn new stuff, to dissect new stuff on the open source.”

In 1994, as a student at the University of Ghent, he setup a web page where anyone could contribute URLs to help people explore the Internet. This was about the same time that Yahoo! started manually indexing the Internet. His site was running on an old Spark machine, and it was fascinating for him to be using a machine running on shared source. He then moved to his first job out of college, where he ran a web server, a firewall, and other new technologies. 

Later, Patrick worked for the government, where he and his team ran the first mail server, first DNS service, etc., all on three AutoCAD stations. He was required to buy proprietary software from vendors, but was frustrated because when something didn’t work, he had to wait for the vendor to provide updates. He often wished he could just try and fix it himself and then share with others what he did. Sound familiar? 

Patrick voiced, “If people are yelling at you, right, and your only excuse is, we’re asking the vendor, and it will take like a week or a month, that’s no excuse. And that makes you feel powerless at those times. So that’s been the reason why we started taking the other route mixing both? Sometimes you get good support from vendors. It’s not like one or the other. Open source itself is also not the guarantee that you have good support, or that it’s easily written. But if there’s a community that’s supportive, and it’s open source, then you feel like a good citizen and a member to contribute your fixes and solutions.” 

Open source itself is also not the guarantee that you have good support, or that it’s easily written. But if there’s a community that’s supportive, and it’s open source, then you feel like a good citizen and a member to contribute your fixes and solutions.

Fast forward to 2000 and open source is starting to gain more steam and broader acceptance. The Open Source Development Labs combined with the Free Standards Group to standardize Linux. The project morphed into the Linux Foundation in January 2007, at which point it gained nonprofit status and was funded and sponsored by a consortium of major technology vendors.

At first, Patrick had his doubts this could work, worried one company would be able to put their interests above those of the consortium when it comes to projects that are building standards. “I’ll be honest, I have my doubts in a way that I’ve probably seen too much of the discussion about open standards, or RFCs, or whatever, being kind of like written in certain directions that certain companies wanted to in these kind of situations. But I also liked the fact that there is a governance now, and that there is a discussion and not one part is owning this. So I see the Linux Foundation probably more as a mediator in the discussions between those companies. But I love them to remain neutral and not take a stance whether we should do a certain thing, yes or no. . .  I think we’re all conscious enough, when we were coming to the Foundation, that it’s a balance of multiple views on the problem.”

One of Patrick’s favorite Linux Foundation projects is sigstore, a new standard for signing, verifying, and protecting software. The project has 465 members from over 20 companies. He also has his eye on the LF AI & Data Foundation, notably the data side because, “You can share your source quite easily, but it’s the data that makes it interesting.” 

There is so much more to Patrick’s story, including being credited with helping coin the term DevOps.  The good news is that his story is on an episode of the Linux Foundation’s Untold Stories of Open Source podcast. Check out the full episode and subscribe on your favorite podcast platform. 

Do you have suggestions for future episodes or other comments, questions, etc.? Visit the podcast’s GitHub page.

The post Patrick Debois: Untold Stories of Open Source appeared first on Linux Foundation.

The post Patrick Debois: Untold Stories of Open Source appeared first on

OS-Climate unleashes power of open source to develop data and tools required to meet the Paris climate goals

From today, financial institutions, corporations, NGOs, regulators and academics can access the code behind OS-Climate’s tools to support climate-aligned financial decisionsDeveloped in collaboration with BNP Paribas, Allianz, Airbus, Amazon, Red Hat, Ortec Finance and The Linux FoundationSupports OS-Climate’s mission to provide the data and tools to enable the +$5 trillion annual climate-aligned investment required to meet the goals of the Paris AgreementLaunches collaboration in building a transparently governed, non-profit public utility of climate data and analytics

New York 20 July 2022 – Linux Foundation’s OS-Climate, the non-profit organization providing open source data and software tools to enable the global shift to climate-aligned finance and investing, has today released for public collaboration three analytic tools critical to tackling the climate crisis.

The three tools, Physical Risk & Resilience, Portfolio Alignment and Transition Analysis, were developed cooperatively by OS-Climate members, led by BNP Paribas, Allianz and Airbus respectively.

With today’s public release, OS-Climate’s tool development moves into an exciting new phase. Enabled by cloud services contributed by Amazon and Microsoft, the door opens to the global community of academic institutions, government agencies, modellers, and software developers for further powerful collaboration in building out the tools and Data Commons, a library of data and metadata suitable for use with OS-Climate’s toolset.

In addition to Airbus, Allianz, and BNP Paribas, OS-Climate’s financial services sector, technology sector, financial data and ‘real economy’ corporate members include, Amazon, BNY Mellon, EY, Federated Hermes, Goldman Sachs, London Stock Exchange Group, Microsoft, the UN-convened Net-Zero Asset Owner Alliance ($10.6 trillion asset under management), Ortec Finance, Red Hat, and S&P Global.

Truman Semans, CEO of OS-Climate, said: “These tools will generate the refined data and actionable insights needed for pension funds, asset managers, and banks to rapidly align their investments and loans to net zero and resilience goals. They can be used not only by the leading members within the Glasgow Financial Alliance for Net Zero (GFANZ) but the rest of the global financial community.”

The Linux Foundation’s community-led open source development approach, combined with strong, independent governance processes and methodological governance oversight, provides the transparency, trust, access and inclusion needed by all whose investment decisions impact climate change.

BNP Paribas leads the development of the Physical Risk & Resilience Tool that enables financial and non-financial stakeholders to identify and quantify risk related to climate resilience, through asset vulnerability models that use probability and severity forecasting of extreme climate events.

Allianz, with support from Ortec Finance, leads the development of the Climate Portfolio Alignment Tool, which helps financial stakeholders to align portfolios at individual holdings and loan levels with the Paris Accord target temperature increase of 1.5 degrees Celsius.

The Transitional Analysis Tool developed by Airbus will enable corporations to model, test and conduct scenario analysis for strategic climate-aligned decisions. This is the key to enabling the large-scale transition of real economy corporations toward Net Zero and resilience through climate-aligned investments in R&D, capital projects, other infrastructure and supply chains.

Commenting on its leading development role, Laurent David, Deputy Chief Operating Officer at BNP Paribas, said: “Robust and accessible data are essential to implement material climate policies and make sustainable finance credible. They are essential to allow financial institutions to set priorities, define objectives, and control their achievement. As a global financial institution, we can play a significant role in driving collaboration across the industry to help manage climate risk and increase investment in climate-aligned companies and projects. Through our collaboration with OS-Climate we can develop open source tools based on proper data far more rapidly than we could on our own. This will ultimately foster transparency and trust.

Günther Thallinger, Member of the Board of Management of Allianz SE said: “Allianz’s collaboration with OS-Climate reflects our commitment to support and embed climate-aligned investments and the critical transition to net-zero greenhouse gas emissions. We will continue to collaborate with a growing finance sector movement to harness the value of data that we as an industry will use to turn our commitments into real economy change.”

Robert Litterman, former chair of the Commodity Futures Trading Commission’s (CFTC) climate-related market risk subcommittee, said: “This platform could be a real game-changer. The Linux Foundation’s approach is uniquely able to build public goods that serve a wide range of public interests. This platform will accelerate innovation by commercial providers that can build on the ‘pre-competitive’ layers of data and technology OS-Climate is building. It also can help advance multiple goals of financial regulators for managing risk in the financial system, especially in terms of generating meaningful and comparable climate-related risk disclosures from corporations.”

Margaret Kuhlow, Finance Practice Leader, WWF International, said: “Dealing with the profound and compound crises of climate breakdown and nature loss means aligning global financial flows for a net-zero, nature-positive economy. This relies on securing good, decision-grade data, which is a challenge too large for any single institution or company to tackle alone. By supporting a systematic approach to the provision of high quality, open data on climate and nature risk, and integrating that with standard financial data, OS-Climate could help accelerate the development of robust data solutions that enable financial institutions, tech companies, and commercial data leaders to contribute to a fairer, greener, more resilient future.”

The tools will utilise the OS-Climate Data Commons, led by Red Hat, which will act as a public utility of corporate and other climate data and has enabled OS-Climate to significantly progress its technical roadmap announced at COP26. Development of the Data Commons, in collaboration with organizations including ClimateArc, will address the urgent need of the finance community for data that is transparent, consistent, and interoperable.

About OS-Climate

Linux Foundation’s OS-Climate is a breakthrough initiative creating a transparently governed public utility of open data and open source tools for climate-aligned finance investing, business, and regulation. OS-C uses the open collaboration approach that delivered rapid COVID vaccines, applying that to solve data gaps now blocking rapidly scalable transition of capital toward a resilient Net Zero economy.

Members contribute their data scientists, modellers, and software developers to cooperative projects building the OS-Climate Data Commons, a federated library of libraries of corporate and factor data, plus analytics tools to derive the actionable metrics crucial for asset allocation, portfolio construction, security analysis, credit analysis, corporate engagement, strategic planning and transition investment by corporates, and financial sector supervision. For more information visit OS-Climate.

Members and Community

OS-Climate’s asset owner, asset manager, bank, technology, financial data, and ‘real economy’ corporate members are Airbus, Allianz, Amazon, BNP Paribas, BNY Mellon, EY, Federated Hermes, Goldman Sachs, KPMG, London Stock Exchange Group, Microsoft, the UN-convened Net Zero Asset Owner Alliance ($10.6 trillion AUM), Ortec Finance, Red Hat, and S&P Global. NGO and academic Members include CPI, Open Climate Foundation, Polytechnique, and the World Benchmarking Alliance. Research NGOs sharing human capital and world-leading insights with OS-Climate include the World Resources Institute, RMI, and the London School of Economics through the Transition Pathways Initiative. Other data partners include Jupiter Intelligence,, and Urgentem.

About the Linux Foundation

Founded in 2000, the Linux Foundation and its projects are supported by more than 2,950 members. The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, ONAP, Hyperledger, RISC-V, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit

Media Contacts

North America
Ali Saville

Europe & Asia
Leela Lamont
+44 (0) 7874 383829

The post OS-Climate unleashes power of open source to develop data and tools required to meet the Paris climate goals appeared first on Linux Foundation.

The post OS-Climate unleashes power of open source to develop data and tools required to meet the Paris climate goals appeared first on