Slashdot Mirror

← Back to Stories (view on slashdot.org)

LAMP Lights the OSS Security Way

Posted by ryuzaki0 on from the bashing-in-the-heads-of-bugs dept.

Kevin Young wrote to mention a ZDNet article which goes into some detail on new results from a Department of Homeland security initiative. It's called the 'Open Source Hardening Project', and (funded to the tune of $1.24 Million) the goals of the initiative are to use a commercial tool for source code analysis to buck up the security base of many OSS projects. LAMP (the conglomeration of Linux, Apache, MySQL, and PHP/Perl/Python) was a 'winner' in the eyes of the project. From the article: "In the analysis, more than 17.5 million lines of code from 32 open-source projects were scanned. On average, 0.434 bugs per 1,000 lines of code were found, Coverity said. The LAMP stack, however, 'showed significantly better software quality," with an average of 0.29 defects per 1,000 lines of code, the technology company said.'"

9 of 178 comments (clear)

  1. Re:Solaris by Anonymous Coward · · Score: 2, Funny

    And it won't be long before Linux-zealots will start preemptively bashing Solaris to distract form the screaming shortcomings of their toy-OS. In fact, it will start in t 0.

  2. Re:Fucking LAMP. by Anonymous Coward · · Score: 1, Funny

    Yeah, but stick with LAMP though, because LAPP makes me think LAPPdance... Alot of security holes to attack! ;)

    Aaaah, but lapdancing is the one place where an unexpected hole is a feature ;-)

  3. Test of Leaked Vista/IIS code by RealProgrammer · · Score: 4, Funny

    Researchers at clandestine research labs in bases hidden deep in the Russian Alps have attempted to analyze portions of the leaked Internet Information Server (IIS) and Windows Vista code for similar flaws.

    The findings were remarkable. They found 4,669 flaws, but since they didn't have the source code it resulted in a divide-by-zero error when they calculated the statistics on their Excel spreadsheet. The error triggered an unheard-of lockup on their Windows XP desktop.

    On a positive note, recovering from the error alerted them to the presence of 43 strains of the MyDoom virus, 257 instances of Alexis spyware, and a bootleg copy of "Making of the Britney Spears Sonogram".

    --
    sigs, as if you care.
  4. Re:What about.... by frankm_slashdot · · Score: 2, Funny

    Parent: +1.33 (Sarcastic yet funny).

  5. Re:don't waste that $$$! by Bazzalisk · · Score: 3, Funny
    Ah, but how many lines of code will it take to correct the bugs? and will those bugfixes themselves contain bugs?

    Interested minds couldn't care less.

    --
    James P. Barrett
  6. From the lame-ass-metaphor dept. by tobiasly · · Score: 2, Funny

    "LAMP Lights the Way"?! Was Slashdot acquired by C|Net?

    For the love of all that's holy, please drop the hackish high-school-newsletter headlines.

  7. Checkpointing. by Ivan+Matveitch · · Score: 2, Funny

    The whole database concept is just fundamentally wrong.

  8. Hint to PHP devs by billcopc · · Score: 2, Funny

    Add more linefeeds!!! ;)

    --
    -Billco, Fnarg.com
  9. Re:And for Windows XP? by Phillup · · Score: 2, Funny

    Perhaps the Microsoft code does in 5 lines what the Open Source code does in 150.

    I didn't know MS used Perl.

    ;-)

    (unix tools excepted)

    --

    --Phillip

    Can you say BIRTH TAX