US finances open-source bug hunt


US finances open-source bug hunt

Antony Savvas

The US Department of Homeland Security is paying out $1.24m (£730,000) to hunt for bugs in open-source software and develop an open-source code scanner to help prevent future errors.

The department is financing the project because an increasing number of mission-critical systems in the internet and IT infrastructure are using open-source solutions.

The bulk of the money is going to Stanford University in the US, with smaller sums going to Coverity, a software engineering company that uses technology developed in the Computer Systems Laboratory at Stanford University, to fund development of an open-source code scanner. Security software giant Symantec will also receive funding.

Open-source software that will be analysed by the project includes Apache, Firebird, Firefox, FreeBSD, KDE, Linux, MySQL, OpenLDAP, OpenSSL, OpenVPN and Samba.

Under the project, Stanford and Coverity will build and maintain a system to conduct daily scans of code contributed to popular open-source projects.

Symantec will provide security intelligence and double-check the database results. The automated system is expected to be running by March and the database of bugs will be accessible to developers.

It is hoped that developers will consult the database before releasing open-source solutions as finished code.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Read More


COMMENTS powered by Disqus  //  Commenting policy