Slashdot Mirror

← Back to Stories (view on slashdot.org)

US DHS Testing FOSS Security

Posted by kdawson on from the bug-list-half-empty dept.

Stony Stevenson alerts us to a US Department of Homeland Security program in which subcontractors have been examining FOSS source code for security vulnerabilities. InformationWeek.com takes a glass-half-empty approach to reporting the story, saying that for FOSS code on average 1 line in 1000 contains a security bug. From the article: 'A total of 7,826 open source project defects have been fixed through the Homeland Security review, or one every two hours since it was launched in 2006 ...' ZDNet Australia prefers to emphasize those FOSS projects that fixed every reported bug, thus achieving a clean bill of health according to DHS. These include PHP, Perl, Python, Postfix, and Samba.

4 of 203 comments (clear)

  1. What about MS? by Anonymous Coward · · Score: 5, Funny

    Now if they would do the same to Microsoft. Oh yeah...

  2. Fixed? by sjbe · · Score: 5, Funny

    A total of 7,826 open source project defects have been fixed through the Homeland Security review


    Do they mean fixed or fixed?
  3. Must be run by Engineers... by ComputerSlicer23 · · Score: 4, Funny

    Uh.. from the article, the software is called "Prevent Software Quality System"... Wow, I can't think of a bigger misnomer for something that should help improve software quality. I sure don't want to prevent software quality in my own products.

  4. Re:"The" PHP? by grcumb · · Score: 5, Funny

    ..the PHP, Perl, and Tcl dynamic languages...
    "The" in this sentence refers to the list, not just PHP.

    How could he possibly know that? He said already that he stopped reading after 'the PHP'.

    /me ducks and runs...

    --
    Crumb's Corollary: Never bring a knife to a bun fight.