Homeland Security secures open-source
With all the talk about highly critical Microsoft blunders and botch-ups floating around lately it’s good to finally read some good news in the technology world. The Dept. of Homeland Security is providing Stanford University, Coverity, and Symantec with $1.24 million to find bugs in numerous open-source applications.
In case you weren’t aware, any computers in the world that work with important information and services run on open-source software (because Microsoft is a health risk for computers). If user-friendliness isn’t a high priority then no one should be stupid enough to run Windows on the computer, and that’s why critical systems are increasingly switching to open-source alternatives.
Through this govt. funding, which they dubbed the “Vulnerability Discovery and Remediation, Open Source Hardening Project”, Stanford and Coverity will create and maintain a system designed to scan various open-source programs on a daily basis, adding any bugs found to a database that will be open to developers.
Three questions popped into my head when I first heard about this:
- Did they fire the guy that came up with those cool program names, like Operation Desert Storm?
- What in the world does Symantec know about open-source security?
- Why aren’t they doing this for Microsoft products?
Although I can’t comment on the first question, the other two have pretty quick answers.
- Absolutely nothing, except perhaps lying about OS security to make people think they actually need *Nix AntiVirus 2010.
- They refuse to let others see their God-like source code for fear people will find out it’s written in QBASIC.
Ignoring the fact that they’re wasting $100,000 on Symantec, this is great news in every other aspect. Some of the many software that will be scanned include: Apache, Firefox, FreeBSD, Gimp, Linux, MySQL, OpenBSD, and Samba. Personally I’m pretty excited to find out how many bugs they can find in FreeBSD and OpenBSD — very few I’m sure. Helping secure products that are already seen as the most secure in their class … how much better can it get?
