"Most code remains closed and proprietary, even though open source now dominates enterprise platforms," notes Matt Asay, former COO at Canonical (and an emeritus board member of the Open Source Initiative). "How can that be?" he asks, in an essay noting it's been almost 20 years since the launch of the Open Source Initiative, arguing that so far open source "hasn't changed the world as promised." [T]he reason most software remains locked up within the four walls of enterprise firewalls is that it's too costly with too small of an ROI to justify open-sourcing it. At least, that's the perception. Such a perception is impossible to break without walking the open source path, which companies are unwilling to walk without upfront proof. See the problem? This chicken-and-egg conundrum is starting to resolve itself, thanks to the forward-looking efforts of Google, Facebook, Amazon, and other web giants that are demonstrating the value of open-sourcing code.

Although it's unlikely that a State Farm or Chevron will ever participate in the same way as a Microsoft, we are starting to see companies like Bloomberg and Capital One get involved in open source in ways they never would have considered back when the term "open source" was coined in 1997, much less in 2007. It's a start. Let's also not forget that although we have seen companies use more open source code over the past 20 years, the biggest win for open source since its inception is how it has changed the narrative of how innovation happens in software. We're starting to believe, and for good reason, that the best, most innovative software is open source.
The article strikes a hopeful note. "We're now comfortable with the idea that software can, and maybe should, be open source without the world ending. The actual opening of that source, however, is something to tackle in the next 20 years.

chicksdaddy writes from a report via Digital Guardian: If you want to understand the ground shaking change that the EU's General Data Protection Rule (GDPR) will have when it comes into force in May of 2018, look no further than hotel giant Hilton Domestic Operating Company, Inc., formerly known as Hilton Worldwide, Inc (a.k.a. "Hilton."). On Tuesday, the New York Attorney General Eric T. Schneiderman slapped a $700,000 fine on the hotel giant for two 2015 incidents in which the company was hacked, spilling credit card and other information for 350,000 customers. Schneiderman also punished Hilton for its response to the incident. The company first learned in February 2015 that its customer data had been exposed through a UK-based system belonging to the company, which was observed by a contractor communicating with "a suspicious computer outside Hilton's computer network." Still, it took Hilton until November 24, 2015 -- over nine months after the first intrusion was discovered -- to notify the public. That kind of lackluster response has become pretty typical among Fortune 500 companies (see also: Equifax). And why not? The $700,000 fine from the NY AG is a palatable $2 per lost record -- and a mere rounding error for Hilton, which reported revenues of $11.2 billion in 2015, the year of the breach. That means the $700,000 fine was just %.00006 of Hilton's annual revenue in the year of the breach. Schneiderman's fine was less "bringing down the hammer" than a butterfly kiss for Hilton's C-suite, board and shareholders.

But things are going to be different for Hilton and other companies like it come May 2018 when provisions of the EU's General Data Protection Rule (or GDPR) go into effect, as Digital Guardian points out on their blog. Under that new law, data "controllers" like Hilton (in other words: organizations that collect data on customers or employees) can be fined up to 4% of annual turnover in the year preceding the incident for failing to meet the law's charge to protect that data. What does that mean practically for a company like Hilton? Well, the company's FY 2014 revenue (or "turnover") was $10.5 billion. Four percent of that is a cool $420 million dollars -- or $1,200, rather than $2, for every customer record lost. Needless to say, that's a number that will get the attention of the company's Board of Directors and shareholders.

An anonymous reader writes "My spouse, who is an elementary school science teacher, has had some experience in e-learning, since her school gave iPads to all the students. She found that students used these devices, not for school purposes like note taking, but for gaming, etc. It got to the point that she banned them from her classroom. Do technology aids help, or hinder, education? Is the idea that students can be home-schooled electronically realistic, or absurd?"

An anonymous reader writes "The high profile hacks to Sony's systems this year were quite costly — Sony estimated losses at around $200 million. Their insurance company was quick to point out that they don't own a cyber insurance policy, so the losses won't be mitigated at all. Because of that and all the other notable hacking incidents recently, analysts expect the cyber insurance industry to take off in the coming year. 'Last October, the S.E.C. issued a new guidance requiring that companies disclose "material" cyber attacks and their costs to shareholders. The guidance specifically requires companies to disclose a "description of relevant insurance coverage." That one S.E.C. bullet point could be a boon to the cyber insurance industry. Cyber insurance has been around since the Clinton administration, but most companies tended to "self insure" against cyber attacks.'"

retroworks writes "As translated from Central Asia Online, Cellular News reports that militants from South Waziristan set ablaze about 300 cellular phones and a number of computers in Wana because the devices were allegedly used to spread obscene materials. Prior to taking the action, they gave everyone fair warning with 'leaflets.' 300 cell phones down, 5 or 6 billion to go.