Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Foundation: Security Problems Threaten 'Golden Age' of Open Source (techweekeurope.co.uk)

Posted by Soulskill on from the they-never-seemed-to-slow-microsoft-down dept.

Mickeycaskill writes: Jim Zemlin, executive director of the Linux Foundation, has outlined the organization's plans to improve open source security. He says failing to do so could threaten a "golden age" which has created billion dollar companies and seen Microsoft, Apple, and others embrace open technologies. Not long ago, the organization launched the Core Infrastructure Initiative (CII), a body backed by 20 major IT firms, and is investing millions of dollars in grants, tools, and other support for open source projects that have been underfunded. This was never move obvious than following the discovery of the Heartbleed Open SSL bug last year. "Almost the entirety of the internet is entirely reliant on open source software," Zemlin said. "We've reached a golden age of open source. Virtually every technology and product and service is created using open source. Heartbleed literally broke the security of the Internet. Over a long period of time, whether we knew it or not, we became dependent on open source for the security and Integrity of the internet."

3 of 77 comments (clear)

  1. it needed to happen. by Gravis+Zero · · Score: 5, Interesting

    heartbleed was a blessing in disguise because companies were blindly assuming this software was secure and thus never investing a dime in it's development. this internet-scale problem woke up some people and now they are actually investing in real security.

    --
    Anons need not reply. Questions end with a question mark.
  2. Heartbleed should've been way more of a yawn by somepunk · · Score: 4, Interesting

    Still a serious bug, but if forward secrecy had been widely deployed, much, much less threat exposure would have occurred.

    That's the lesson. Code audits are great, but they still miss stuff and are expensive. Take good practices more seriously, and you get a lot of bang for your investment in time/money/whatever.

    --
    Those people who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
  3. Re:Billion dollar companies by Anonymous Coward · · Score: 1, Interesting

    Step 1: Get 100 million dollars. Surely you are born into money, so this step goes almost without saying.
    Step 2: Buy some companies.
    Step 3: Bribe politicians to pass laws that benefit you and your companies, while preventing pesky competition from stealing your profitsessss.
    Step 4: MOAR profits!
    Step 5: Repeat steps 2-4 until you are into the .1% range.