D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Heartbleed is a Free Software win

 


On 10/04/14 12:57, Martijn Grooten wrote:
On Thu, Apr 10, 2014 at 12:26:08PM +0100, Philip Hudson wrote:
Spot on. Setting up and running (or sponsoring) comprehensive static
analysis and regression testing of all the crypto code in the debian
repos, or even the whole debian repo set, would be chump change to a
Google or an Apple.
Not sure about Apple, but Google does do a lot of good stuff like this,
such as starting a bug bounty program for open source products. They
also perform audits themselves, they are regularly listed as having
found vulnerabilities in open and closed source code. Including this
particular one.

Martijn.


Not forgetting google summer of code of course,

Paul


--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq