Slashdot Mirror
Google Found Over 1,000 Bugs In 47 Open Source Projects (helpnetsecurity.com)
Orome1 writes:
In the last five months, Google's OSS-Fuzz program has unearthed over 1,000 bugs in 47 open source software projects... So far, OSS-Fuzz has found a total of 264 potential security vulnerabilities: 7 in Wireshark, 33 in LibreOffice, 8 in SQLite 3, 17 in FFmpeg -- and the list goes on...
Google launched the program in December and wants more open source projects to participate, so they're offering cash rewards for including "fuzz" targets for testing in their software. "Eligible projects will receive $1,000 for initial integration, and up to $20,000 for ideal integration" -- or twice that amount, if the proceeds are donated to a charity.
Google launched the program in December and wants more open source projects to participate, so they're offering cash rewards for including "fuzz" targets for testing in their software. "Eligible projects will receive $1,000 for initial integration, and up to $20,000 for ideal integration" -- or twice that amount, if the proceeds are donated to a charity.
This is what open source is about. Together making software better and more secure!
Isn't it interesting how it takes a multi-billion dollar closed-source development company to clean up the security messes left by open source software?
Isn't it interesting how it takes an unpaid outfit to expose the hacks of a multi-billion dollar closed state-sponsored terrorist agency taking advantage of the security messes of multi-billlion dollar closed source development companies?
Pain is merely failure leaving the body