Cal.com Transitions to Closed Source Due to AI-Driven Security Risks

Severity: High (Score: 64.5)

Sources: News.Ycombinator, Rss.Slashdot

Summary

Cal.com has announced its shift from open source to a closed source model for its scheduling software, citing the increased risk of AI-driven attacks that can easily exploit vulnerabilities in public codebases. Co-founder Peer Richelsen stated that the reliance on human effort for open source security is no longer viable, as AI tools can now rapidly identify and exploit weaknesses. The company emphasized the need to protect customer data, particularly booking information, which is sensitive and critical to their operations. While the main product will no longer be open source, Cal.diy will remain available for hobbyists under the MIT license. The decision reflects a broader trend in the software industry where open source projects may face heightened risks due to advancements in AI security tools. CEO Bailey Pumfleet noted that the transition is not a rejection of open source principles but a necessary step to mitigate risks in the current threat landscape. The company hopes to return to open source in the future as security conditions improve. Key Points: • Cal.com is moving to a closed source model to enhance security against AI-driven attacks. • AI tools can now scan open source codebases for vulnerabilities much faster than human efforts. • Cal.diy will remain an open source option for hobbyists despite the main product's transition.

Key Entities

• Cal.com (company)
• BSD Kernel (platform)
• Claude Opus (tool)