Security Basics mailing list archives
RE: DHS helping to secure open source code
From: "Roger A. Grimes" <roger () banneretcs com>
Date: Fri, 20 Jan 2006 16:52:26 -0500
Kudos to whoever got the funding started on this project. This is wonderful news...although $1.24 million over three years is kinda meager. A typical source code review project on a single product of a much smaller scale would be $100K-200K normally. With the exception of maybe Ethereal, all of these projects are much larger than that. So this is a wonderful announcement. Better than nothing for sure...but on the outside appears to be underfunded. -----Original Message----- From: Saqib Ali [mailto:docbook.xml () gmail com] Sent: Tuesday, January 17, 2006 7:00 PM To: Security-Basics (E-mail) Subject: DHS helping to secure open source code For people who doubt the secure coding practices in open source projects: http://www.schneier.com/blog/archives/2006/01/dhs_funding_ope.html http://www.eweek.com/article2/0,1895,1909946,00.asp http://news.zdnet.com/2100-1009_22-6025579.html DHS is funding the security analysis of the source-code for the following OpenSource applications: Apache, BIND, Ethereal, KDE, Linux, Firefox, FreeBSD, OpenBSD, OpenSSL and MySQL -- Saqib Ali, CISSP http://www.xml-dev.com/blog/ "I fear, if I rebel against my Lord, the retribution of an Awful Day (The Day of Resurrection)" Al-Quran 6:15 ------------------------------------------------------------------------ --- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- DHS helping to secure open source code Saqib Ali (Jan 20)
- Re: DHS helping to secure open source code Shawn Merdinger (Jan 20)
- <Possible follow-ups>
- RE: DHS helping to secure open source code Craddock, Larry (Jan 20)
- RE: DHS helping to secure open source code Roger A. Grimes (Jan 22)
- RE: DHS helping to secure open source code Mike Fetherston (Jan 23)
- RE: DHS helping to secure open source code Mike Fetherston (Jan 23)
- RE: DHS helping to secure open source code Craddock, Larry (Jan 24)