Information Security News mailing list archives
DARPA pulls OpenBSD funding
From: InfoSec News <isn () c4i org>
Date: Fri, 18 Apr 2003 06:37:40 -0500 (CDT)
Forwarded from: William Knowles <wk () c4i org> http://news.com.com/2100-1016-997393.html By Robert Lemos Staff Writer, CNET News.com April 17, 2003 The unused portion of a grant from the Defense Advanced Research Projects Agency to fund development of the open-source operating system OpenBSD has been pulled for unspecified reasons. The project's leader, Theo de Raadt, said Thursday he was informed by email that the remaining portion of the $2.3 million grant has been pulled. An email from a professor who is managing the grant did not provide a reason, but de Raadt said he believes the cancellation was prompted by concerns about the money going to too many foreign developers and antiwar statements that de Raadt made to reporters. "They decided that they didn't want (our project) anymore," de Raadt said Thursday, less than hour after he received notification. "This is it. It's over." DARPA, the arm of the U.S. Department of Defense that funds research and development and is best known for funding the project that later became the Internet, awarded the grant in 2001 as part of its Composable High-Assurance Trusted Systems (CHATS) projects, said de Raadt. About $1 million had been allotted to add new security features to OpenBSD, an open-source OS that many consider to be the most secure free implementation of a Unix-like system. The project had finished most of the work in the first three months of the grant and had been recently using the money to fund more security enhancements to the software, de Raadt said at a recent security conference. A University of Pennsylvania computer science professor, Jonathan Smith, had originally applied for the grant under the title, "Portable Open-Source Security Enhancements," or POSSE. About $500,000 of the money went to several U.K. researchers to do a vulnerability analysis on OpenSSL, a widely used program for encrypting communications, especially to and from Web sites. A handful of flaws were found, de Raadt said. Smith refused to comment on the funding, citing the sensitivity of the issue. An email to the POSSE projects DARPA representative wasn't answered. Earlier this week, de Raadt said he was told that officials from DARPA were concerned about statements appearing in press reports that indicated most of the grant was being funneled to foreign researchers, an apparent no-no for government-funded projects. Moreover, de Raadt believed that the U.S. government took exception to comments he made indicating that the money spent on his project meant that fewer cruise missiles were being built. "In the U.S., today, free speech is just a myth," de Raadt said. He estimated that about 85 percent of the money has already been spent and that the remaining portion would have continued the project for another six months. "The only money that I got was my salary," he said. With nearly 60 OpenBSD hackers traveling to Canada to take part in a hackathon--a week's worth of solid programming sessions--the project now finds itself about $30,000 short of the money it needs to house the attendees. "We are left in the lurch very seriously...and will need to struggle to keep our conference facilities in some way," de Raadt said. The project will ship version 3.3 of the OpenBSD system on Friday. An acknowledgment of the role that DARPA played, which was to appear on the back of the box, will instead be covered by a sticker, he said. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- DARPA pulls OpenBSD funding InfoSec News (Apr 18)