Home page logo
/

basics logo Security Basics mailing list archives

RE: DHS helping to secure open source code
From: "Craddock, Larry" <l_craddock () wfec com>
Date: Fri, 20 Jan 2006 11:01:40 -0600

"US-CERT's (United States Computer Emergency Readiness Team) 2005 year-end
vulnerability statistics found a startling increase in flaws in Unix/Linux
operating systems. The controversial data revealed 812 flaws in Windows,
compared with 2,328 vulnerabilities in various Unix/Linux packages. "

Looks to me like the reason the DHS is funding the project is because they
*do* have some doubts.


Larry Craddock
 

-----Original Message-----
From: Saqib Ali [mailto:docbook.xml () gmail com] 
Sent: Tuesday, January 17, 2006 6:00 PM
To: Security-Basics (E-mail)
Subject: DHS helping to secure open source code

For people who doubt the secure coding practices in open source projects:

http://www.schneier.com/blog/archives/2006/01/dhs_funding_ope.html
http://www.eweek.com/article2/0,1895,1909946,00.asp
http://news.zdnet.com/2100-1009_22-6025579.html

DHS is funding the security analysis of the source-code for the following
OpenSource applications:

Apache, BIND, Ethereal, KDE, Linux, Firefox, FreeBSD, OpenBSD, OpenSSL and
MySQL

--
Saqib Ali, CISSP
http://www.xml-dev.com/blog/
"I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day
of Resurrection)" Al-Quran 6:15

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich
University program offers unparalleled Infosec management education and the
case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault