Since there are people whose day job is to write the exploit for the latest vulnerability... other people who want to prevent that also need to take the job seriously.
Linux Foundation rolls bunch of overlapping groups into one to tackle growing number of open-source security vulns
The Linux Foundation has formed the Open Source Security Foundation (OpenSSF) with founding board members representing companies including IBM, GitHub, Google, JPMorgan Chase, Microsoft, NCC Group, and Red Hat. The OpenSSF is a consolidation of several pre-existing efforts in the same space and intends bring the Open Source …
COMMENTS
-
-
-
Monday 3rd August 2020 21:11 GMT RM Myers
And who, pray tell, does have a great record in security?
If you have written millions of lines of code for other people, and it runs on systems accessible from the internet, you're going to have security issues. Especially considering how much code was derived from older code that was created when security was a much smaller concern.
-
Tuesday 4th August 2020 00:11 GMT jake
Re: And who, pray tell, does have a great record in security?
Code which comes from companies which are run by marketing have a distinctly worse security track record than code that comes from pretty much everywhere else. All of the outfits listed are run by marketing.
Wait ... are you actually suggesting that current code derived from old code has holes, but it's OK, because security was less stringent when the old code was written?
-
-
-
This post has been deleted by its author