Tagged: open source


VNC Client and Server Software Vulnerabilities Found

The Hacker News reports that dozens of new VNC client and server vulnerabilities have been found in the open source versions of the tools used by IT departments all over the world. If you are like me and think “VNC, who uses that any more?” then you should go check out a YouTube video by Tobias Mädel where he connects to open VNC servers all over the internet. Sure, the video is from 2015, but when you think about how quickly industrial plant management software and device firmware is updated you can bet money that there are still plenty of open VNC servers still running and accessible.

The moral of the story? Don’t expose critical systems and services (like RDP and VNC) over the internet unless it is absolutely essential. If it is essential, and you can’t put them behind a VPN, then you had better use a very strong and complex password to secure the access. Even with a VPN you should do that. Lastly, you need to makes sure you and any vendor you are purchasing software and devices from have a strong policy of pushing out updates anytime a vulnerability is found. You can’t afford to wait five years for an update when your chemical plan control system is left completely exposed on the internet through remote access software flaws.


Robotic Process Automation Goes Open Source

If you have had your eyes and ears open at all for the past year or so, you know the new hotness is Robotic Process Automation (RPA) in enterprise IT. Basically that is a really fancy name for a system that mimics a user’s actions on another system so that a person doesn’t have to do it. Truth be told, there have been scheduling and automation platforms around for a long time that have done a lot of what modern RPA solutions are doing. The biggest difference is that the focus is now more about interacting with a GUI versus just focusing on what could already be done through scripting like moving files around.

This week Robocorp and the Robot Framework have been starting to make a splash within the industry as the first organizations looking to take the RPA movement into the open source space and make it more accessible to organizations that don’t want to buy into a major commercial platform or that want to do something more custom with their current tool set.

As a user of commercial RPA technologies currently, the idea of an open source framework and a company looking to make that more accessible to the masses is very exciting. The cost of current RPA solutions is a significant barrier to entry for many smaller organizations and Robocorp has the chance to increase the user base for RPA significantly by making it more cost effective for these smaller organizations. Just knowing that this is coming in the future makes me want to spin up a virtual machine with the Robot Framework running to start playing around. Then when Robocorp has a product ready, I can be primed to pick up and start using their solution.

After all, as their site says:

If you can document it, you can automate it. Never send a human to do a machine’s job.


That is music to my programming ears 🙂