Security


	Search


	Menu


	Home Submit News News Aggregator About


	Bay Area Linux Events


	Projects


	Ubuntu at School LTSP Lab


	Blogs


	OSI and License Proliferation Is LogMeIn the route to laptop Linux? AD: Open source extremism lives Cloud Computing: Gartner Validates Nick Carr -- At Least Partially more


	User login


	Username: Password: Request new password


	Request an account


	Like to set up a new account on this site? Request for one now.


	Response time for bug fixing


	Submitted by sverma on Saturday, September 29, 2007 - 16:55	Security
	Here's an example for response turnaround time for fixing bugs. This one has to do with a buffer overflow in OpenSSL. The vulnerability was reported on September 27 in this thread. This morning (Sept 29), Ubuntu had two patches waiting for me. One is for OpenSSL, and the other is for libssl, the library that implements SSL. The vulnerability is the same. The update was actually released 17 hours ago, so It was no more than a day after the vulnerability was revealed. Of course, there are bugs that don't get patched for a long, long time, but in most of the cases, we see quick turnaround times in open source. This is yet another case where "many eyeballs make bugs shallow". [ login to post comments \| send this story \| 12328 reads ]


	OSSIM: A framework for Information Security Management


	Submitted by sverma on Wednesday, September 26, 2007 - 04:32	Security
	I came across OSSIM in a post earlier this evening. OSSIM stands for Open Source Security Information Management. It features projects like Arpwatch, Nessus, Snort,Ntop, and Nagios. From their website: Ossim stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant a network/security administrator with detailed view over each and every aspect of his networks/hosts/physical access devices/server/etc... [ login to post comments \| read more \| send this story \| 12456 reads ]


	Clipperz - Online password manager with source code to go


	Submitted by Kevin Severud on Wednesday, June 27, 2007 - 14:53	Code \| Security
	There are plenty of OpenSource clients for Windows, Linux, and Mac but what about an online one that works in your browser? Clipperz is one such beast that went live in March. The source code is in Google Code and you can build the same file that's loaded to your browser when you log in to Clipperz. [ login to post comments \| read more \| send this story \| 13857 reads ]


	Mozilla Firefox update fixes 7 holes


	Submitted by sverma on Sunday, September 17, 2006 - 11:17	Patch \| Security
	Mozilla this week pushed out a new version of its Firefox Web browser to mend at least seven security holes in the program, including at least four flaws that attackers could use to install software on vulnerable computers. http://blog.washingtonpost.com/securityfix/2006/09/new_firefox_version_fixes_seve_1.html [ login to post comments \| send this story \| 13368 reads ]


	Gendarmes dump IE


	Submitted by zetro on Sunday, February 5, 2006 - 18:10	News \| Security
	OPEN SOURCE supporters have been given a shot in the arm by news the French police are abandoning Microsoft's Internet Explorer for Mozilla Firefox. The gendarmerie's 70,000 desktops were being converted to Firefox and its email client Thunderbird because of the navigator's "reliability, security and inter-operability with other state services," said General Christian Brachet, IT director of the police force. Read the rest here [ login to post comments \| read more \| send this story \| 13376 reads ]

This website runs on Drupal, an open source content management system available at http://drupal.org/. All content posted here is the property of individual posters.

This website is hosted at:

San Francisco State University, 1600 Holloway Avenue, San Francisco, CA 94132 USA