They've already had their DARPA contracts, and what have they contributed? No-exec patches for Linux. That's about it.
If the government had done their homework, they would have seen there are plenty of other companies that are NOT trying to capitalize on the security hype, and have a much greater pull and understanding of the community than Wirex. This project will fail, simply because Wirex cannot maintain and engage the community to an extent that it will become the premier bug-squashing center of the open source universe. If that is not the point of the project, then the money is wasted anyway.
I'd much rather see the US funding non-profit software-security initiatives. It needs to be non-profit, and not affiliated with any one vendor. They need to be actively involved in the security community; not just post a message when they get funding. I think we'd see much greater success.
Not that I am a business major, but patch levels make sense to me.
Time is definite issue. First of all, you want to get your product out the door.
Second, you want development to be as fast out of development and as feature rich as possible. This doesn't always allow for perfect code.
Third, you don't want your team to burn out.
Therefore, most (smart) software companies will release patches to their software. Also, releasing patches gives the consumer the impression that you are actually maintaining your code (whether you are or not).
Think about trying to write Windows XP or KDE or GNOME from the ground up-- in one release. Not going to happen, unless you have a lot of dedication and a lot of time. And by the time you finish, it might well be outdated, or even unliked.
On that note, an additional benefit of releasing software in patch levels (or SPs), is you get a large showing of customer feedback. If there are major bugs, they will be found. If your software is "good enough", you might be willing to distribute it. I suppose that's what makes Dilbert's "It compiles! Ship it!" so funny.
They were 911 documents, stolen from Bellsouth. That was the whole Steven Jackson Games fiasco. Bellsouth said the document cost ~$80k, but then it was found they offered it to the public for $20. Here's more info:
Slashdot Mirror
The simple truth: Wirex is out to make a profit.
They've already had their DARPA contracts, and what have they contributed? No-exec patches for Linux. That's about it.
If the government had done their homework, they would have seen there are plenty of other companies that are NOT trying to capitalize on the security hype, and have a much greater pull and understanding of the community than Wirex. This project will fail, simply because Wirex cannot maintain and engage the community to an extent that it will become the premier bug-squashing center of the open source universe. If that is not the point of the project, then the money is wasted anyway.
I'd much rather see the US funding non-profit software-security initiatives. It needs to be non-profit, and not affiliated with any one vendor. They need to be actively involved in the security community; not just post a message when they get funding. I think we'd see much greater success.
TiVO was mentioned in the episode that aired last night (1/31/02).
Rachael's Dad: "So, what's new with you?"
Rachael (pregnant): "Well, I got a, um, TiVO..."
VIM completely rules, and the newer versions have PHP support.
alias elite_php_ide="vim"
Not that I am a business major, but patch levels make sense to me.
Time is definite issue. First of all, you want to get your product out the door.
Second, you want development to be as fast out of development and as feature rich as possible. This doesn't always allow for perfect code.
Third, you don't want your team to burn out.
Therefore, most (smart) software companies will release patches to their software. Also, releasing patches gives the consumer the impression that you are actually maintaining your code (whether you are or not).
Think about trying to write Windows XP or KDE or GNOME from the ground up-- in one release. Not going to happen, unless you have a lot of dedication and a lot of time. And by the time you finish, it might well be outdated, or even unliked.
On that note, an additional benefit of releasing software in patch levels (or SPs), is you get a large showing of customer feedback. If there are major bugs, they will be found. If your software is "good enough", you might be willing to distribute it. I suppose that's what makes Dilbert's "It compiles! Ship it!" so funny.
Granted, this is all opinion.
http://www.2600.com/secret/sj/sj-cyberlaw.html
or Google for 911 Steven Jackson Games Bellsouth.