Slashdot Mirror

← Back to Stories (view on slashdot.org)

US DHS Testing FOSS Security

Posted by kdawson on from the bug-list-half-empty dept.

Stony Stevenson alerts us to a US Department of Homeland Security program in which subcontractors have been examining FOSS source code for security vulnerabilities. InformationWeek.com takes a glass-half-empty approach to reporting the story, saying that for FOSS code on average 1 line in 1000 contains a security bug. From the article: 'A total of 7,826 open source project defects have been fixed through the Homeland Security review, or one every two hours since it was launched in 2006 ...' ZDNet Australia prefers to emphasize those FOSS projects that fixed every reported bug, thus achieving a clean bill of health according to DHS. These include PHP, Perl, Python, Postfix, and Samba.

4 of 203 comments (clear)

  1. Stop, colleberate and listen! by Anonymous Coward · · Score: -1, Troll

    Hammertime!

  2. creators' planet/population rescue kode bug free by Anonymous Coward · · Score: -1, Troll

    no gadgets, or approval from anyone needed. the truly open source nature makes it also quite user friendly. let yOUR conscience be yOUR guide. you can be more helpful than you might have imagined. there are still some choices. if they do not suit you, consider the likely results of continuing to follow the corepirate nazi hypenosys story LIEn, whereas anything of relevance is replaced almost instantly with pr ?firm? scriptdead mindphuking propaganda or 'celebrity' trivia 'foam'. meanwhile; don't forget to get a little more oxygen on yOUR brain, & look up in the sky from time to time, starting early in the day. there's lots going on up there.

    http://news.yahoo.com/s/ap/20071229/ap_on_sc/ye_climate_records;_ylt=A0WTcVgednZHP2gB9wms0NUE

    http://www.nytimes.com/2007/12/31/opinion/31mon1.html?em&ex=1199336400&en=c4b5414371631707&ei=5087%0A

    is it time to get real yet? A LOT of energy is being squandered in attempts to keep US in the dark. in the end (give or take a few 1000 years), the creators will prevail (world without end, etc...), as it has always been. the process of gaining yOUR release from the current hostage situation may not be what you might think it is. butt of course, most of US don't know, or care what a precarious/fatal situation we're in. for example; the insidious attempts by the felonious corepirate nazi execrable to block the suns' light, interfering with a requirement (sunlight) for us to stay healthy/alive. it's likely not good for yOUR health/memories 'else they'd be bragging about it? we're intending for the whoreabully deceptive (they'll do ANYTHING for a bit more monIE/power) felons to give up/fail even further, in attempting to control the 'weather', as well as a # of other things/events.

    http://video.google.com/videosearch?hl=en&q=video+cloud+spraying

    dictator style micro management has never worked (for very long). it's an illness. tie that with life0cidal aggression & softwar gangster style bullying, & what do we have? a greed/fear/ego based recipe for disaster. meanwhile, you can help to stop the bleeding (loss of life & limb);

    http://www.cnn.com/2007/POLITICS/12/28/vermont.banning.bush.ap/index.html

    the bleeding must be stopped before any healing can begin. jailing a couple of corepirate nazi hired goons would send a clear message to the rest of the world from US. any truthful look at the 'scorecard' would reveal that we are a society in decline/deep doo-doo, despite all of the scriptdead pr ?firm? generated drum beating & flag waving propaganda that we are constantly bombarded with. is it time to get real yet? please consider carefully ALL of yOUR other 'options'. the creators will prevail. as it has always been.

    corepirate nazi execrable costs outweigh benefits
    (Score:-)mynuts won, the king is a fink)
    by ourselves on everyday 24/7

    as there are no benefits, just more&more death/debt & disruption. fortunately there's an 'army' of light bringers, coming yOUR way. the little ones/innocents must/will be protected. after the big flash, ALL of yOUR imaginary 'borders' may blur a bit? for each of the creators' innocents harmed in any way, there is a debt that must/will be repaid by you/us, as the perpetrators/minions of unprecedented evile, will not be available. 'vote' with (what's left in) yOUR wallet, & by your behaviors. help bring an end to unprecedented evile's manifestation through yOUR owned felonious corepirate nazi glowbull warmongering execrable. some of US should consider ourselves somewhat fortunate to be among those scheduled to survive after the big flash/implementation of

  3. Wow... FOSS looks pretty pathetic by Anonymous Coward · · Score: 0, Troll

    So in other words, this thing started in 2006. So if Big Daddy Gubment had not come by with what's essentially a bailout of FOSS, it would STILL be a buggy mess.

    Kind of hilarious, how no matter how much of an insecure, buggy, crappy mess FOSS proves to be, they still whine about Microsoft.

    Guess it's easier to point the finger than it is to get your own house in order.

  4. Some perspective here. by DerekLyons · · Score: 0, Troll

    According to McAfee recently (http://yro.slashdot.org/article.pl?sid=08/01/05/0215201) and Microsoft et al, having your code exposed lets the bad guys exploit it's vulnerabilities.

    That should be so obvious as to not require stating, by McAfee or anyone else. How large that risk really is can be debated, but its existence is as certain as the sun rising tommorow.
     
     

    Of course if or when a weakness is taken advantage of, it would likely be fixed vary quickly through the FOSS community, instead of on the first Tuesday of every month like as in Microsoft's business model.

    Fixing it some uncertain time after it has been exploitied is fine by the [relatively] sloppy standards of the FOSS community. But neither having it fixed the first Tuesday nor some uncertain time later is of much consolation to the guy who suffers business or data loss.