Homeland Security helps secure open-source code - Mozilla

This is a discussion on Homeland Security helps secure open-source code - Mozilla ; Received this morning from C-Net News. Question: Will SeaMonkey request code review for security flaws from Stanford University, Coverity and Symantec prior to public release? "The U.S. Department of Homeland Security is extending the scope of its protection to open-source ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Homeland Security helps secure open-source code

  1. Homeland Security helps secure open-source code

    Received this morning from C-Net News.

    Question: Will SeaMonkey request code review for security flaws from
    Stanford University, Coverity and Symantec prior to public release?

    "The U.S. Department of Homeland Security is extending the scope of its
    protection to open-source software.

    Through its Science and Technology Directorate, the department has given
    $1.24 million in funding to Stanford University, Coverity and Symantec
    to hunt for security bugs in open-source software and to improve
    Coverity's commercial tool for source code analysis, representatives for
    the three grant recipients told CNET News.com.

    The Homeland Security Department grant will be paid over a three-year
    period, with $841,276 going to Stanford, $297,000 to Coverity and
    $100,000 to Symantec, according to San Francisco-based technology
    provider Coverity, which plans to announce the award publicly on
    Wednesday. "

    "The data is meant to help secure open-source software, which is
    increasingly used in critical systems, analysts said. Programmers
    working on the Linux operating system, Apache Web server, BIND Internet
    infrastructure software and *Firefox browser*, for example, will be able
    to fix security vulnerabilities flagged by the system before their code
    becomes part of a released application or operating system."

    Read the full article at:
    http://news.com.com/Homeland+Securit...3-6025579.html

    Firefox and Thunderbird (Firebird) are both listed, but not Mozilla
    Suite or SeaMonkey.

    Michael

  2. Re: Homeland Security helps secure open-source code

    Michael wrote:
    > Received this morning from C-Net News.
    >
    > Question: Will SeaMonkey request code review for security flaws from
    > Stanford University, Coverity and Symantec prior to public release?
    >
    > "The U.S. Department of Homeland Security is extending the scope of its
    > protection to open-source software.
    >
    > Through its Science and Technology Directorate, the department has given
    > $1.24 million in funding to Stanford University, Coverity and Symantec
    > to hunt for security bugs in open-source software and to improve
    > Coverity's commercial tool for source code analysis, representatives for
    > the three grant recipients told CNET News.com.
    >
    > The Homeland Security Department grant will be paid over a three-year
    > period, with $841,276 going to Stanford, $297,000 to Coverity and
    > $100,000 to Symantec, according to San Francisco-based technology
    > provider Coverity, which plans to announce the award publicly on
    > Wednesday. "
    >
    > "The data is meant to help secure open-source software, which is
    > increasingly used in critical systems, analysts said. Programmers
    > working on the Linux operating system, Apache Web server, BIND Internet
    > infrastructure software and *Firefox browser*, for example, will be able
    > to fix security vulnerabilities flagged by the system before their code
    > becomes part of a released application or operating system."
    >
    > Read the full article at:
    > http://news.com.com/Homeland+Securit...3-6025579.html
    >
    >
    > Firefox and Thunderbird (Firebird) are both listed, but not Mozilla
    > Suite or SeaMonkey.
    >
    > Michael


    "Firebird" in the article refers to the relational database of that
    name, not Thunderbird. Firebird was an early name for Firefox, not
    Thunderbird, which was abandoned on request from this same Firebird project.

    --
    Jeff Beal

  3. Re: Homeland Security helps secure open-source code

    Michael schrieb:
    > Firefox and Thunderbird (Firebird) are both listed, but not Mozilla
    > Suite or SeaMonkey.


    Firebird is something different, as Jeff Beal already explained.

    Additionally, by far the most part of such vulnerabilities etc. happen
    in the various backends, mainly in Gecko, and most of that stuff is
    shared by Firefox and SeaMonkey, so we profit from that help as well.

    Robert Kaiser

  4. Re: Homeland Security helps secure open-source code

    Robert Kaiser wrote:

    > Michael schrieb:
    >
    >> Firefox and Thunderbird (Firebird) are both listed, but not Mozilla
    >> Suite or SeaMonkey.

    >
    >
    > Firebird is something different, as Jeff Beal already explained.
    >
    > Additionally, by far the most part of such vulnerabilities etc. happen
    > in the various backends, mainly in Gecko, and most of that stuff is
    > shared by Firefox and SeaMonkey, so we profit from that help as well.
    >
    > Robert Kaiser


    Thank you Robert and Jeff for the correction.

    Michael

+ Reply to Thread