Two recent events have shed light on some fundamental issues in getting security in Open Source projects. One of them is a serious bug referred to as "Heartbleed", and the other is the first part of a security audit of the TrueCrypt encryption program. By looking at both of these together and doing a Lessons Learned we can draw some conclusions about what is needed to have security in Open Source projects.Links: http://www.digitaltr...sl-bug-happen/#!FLdxR https://tools.ietf.org/html/rfc6520 https://www.novainfo...ruecrypt-audit/ http://arstechnica.c...o-fund-openssl/ http://podcasts.info...ce=rss_security http://www.zwilnik.com/?page_id=588
Go to this episode
HPR - HPR1529: TrueCrypt, Heartbleed, and Lessons Learned
No replies to this topic
BinRev is hosted by the great people at Lunarpages!