-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Open source and the ‘fear factor’ mentality
,----[ Quote ]
| We have certainly learned just by watching the world at large that those who
| promote fear and foreboding do so to promote their own political or personal
| agenda, and ultimately to try and control the end result to their benefit. We
| will continue to see the promotion of this “fear factor” around open source
| by proprietary vendors in hopes that organizations will stay away and that
| innovation will be kept locked behind closed doors, moving forward only when
| the big guns say it is OK. The bottom line is this. Open source is a threat –
| to the bottom line and gold lined pockets of every closed source software
| provider across the world.
`----
http://blogs.zdnet.com/security/?p=1763
Recent:
Ingres gives Fortify security study a good fisking
,----[ Quote ]
| Her main points:
|
| 1. There are other security toolkits other than Fortify. Just because you
| don’t use their system doesn’t mean you don’t care.
| 2. When reading vendor-sponsored studies consider the source. Always a
| wise move.
| 3. Open source projects in Fortify’s Open Review report fewer defects per
| thousand lines of code than proprietary products in the same review. I
| didn’t know that.
`----
http://blogs.zdnet.com/open-source/?p=2691
FORTIFY-MICROSOFT ALLIANCE
,----[ Quote ]
| Microsoft and Fortify Software are enabling software developers and testers
| to build and deliver more secure applications. Visual Studio 2005 Team
| Edition for Software Testers offers an easy-to-use yet powerful framework for
| testing. Fortify leverages this infrastructure and adds Web application
| security testing capabilities. The combination of the two effectively brings
| basic security testing out of the realm of specialized experts and into the
| hands of software testers. In addition, Fortify provides its award-winning
| source code analysis capabilities to Visual Studio Team Edition for
| Developers so security flaws discovered in development and testing can be
| diagnosed and fixed quickly. Working closely with the Visual Studio team has
| enabled Fortify Software to incorporate its innovative software security
| capabilities within the powerful Visual Studio...
`----
http://www.microsoft .com/windowsserversystem/applicationplatform/launch2005/partners/fortify.mspx
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkitW7IACgkQU4xAY3RXLo7x7QCeMYAdgpXZp2Zv6X5+aRR6qhNN
GJ0An3RBAkWbPGMWl+aMSeQT1KJTohZr
=rG/5
-----END PGP SIGNATURE-----
|
|
