Is Linux security good enough or does no-one actually care? It seemed like a good idea at the time. Set up a website that allows users and developers alike to check which pieces of Linux code have been checked for security holes. The project, dubbed Sardonix, was a classic open source solution to a clear problem. The scheme’s originator Crispin Cowan, chief research scientist at WireX Communications, said: “Auditing is needed not just because some developers refuse to read, or follow such standards, but also because humans make mistakes and may fail to completely, or correctly, follow all rules perfectly.” Yet few became involved because, according to Cowan, there’s no glory in auditing security holes. Funded initially by the US defence establishment body Defense Advanced Research Projects Agency (DARPA), the research grant aiming to centralise what was, and remains, a fairly loosely structured review process dried up nine months ago. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.