[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On 10/04/14 12:57, Martijn Grooten wrote:
On Thu, Apr 10, 2014 at 12:26:08PM +0100, Philip Hudson wrote:Spot on. Setting up and running (or sponsoring) comprehensive static analysis and regression testing of all the crypto code in the debian repos, or even the whole debian repo set, would be chump change to a Google or an Apple.Not sure about Apple, but Google does do a lot of good stuff like this, such as starting a bug bounty program for open source products. They also perform audits themselves, they are regularly listed as having found vulnerabilities in open and closed source code. Including this particular one. Martijn.
Not forgetting google summer of code of course, Paul -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq