Trustworthy open-source computing
When I was in the military, one of the things I learned about was holding a perimeter. The perimeter could be around anything: a camp, a hill, a beer garden, or whatever. The perimeter was your position on the battlefield, and you were obligated to defend it to keep everything inside the perimeter safe.
Under no circumstance were you to ever let your perimeter get overrun. If you were forced to defend it, you fought with superhuman strength. If you thought your perimeter was going to be overrun, you called any and everybody that you thought could help: air support, artillery, armor... anybody.
We've seen exactly this kind of exercise in the open-source world in the last few weeks, though not necessarily from the same school of training or thought. Two high-profile projects experienced compromises. They announced it to the community, essentially letting everybody know that their perimeters had been overrun, and that they needed all the help they could get.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.