Comment 13E OpenBSD team is looking at OpenSSL

Story

Audit of TrueCrypt disk encryption software reveals low source code quality

Preview

OpenBSD team is looking at OpenSSL (Score: 4, Interesting)

by zocalo@pipedot.org on 2014-04-16 13:27 (#13E)

It's long overdue for an independant audit, IMHO, but the OpenSSL code is now getting a review and code clean up by the OpenBSD team and they certainly know their stuff. Whether the results and reporting on their findings will be as in-depth as the TrueCrypt audit remains to be seen, but it's still infinitely better than nothing. Really this ought to be the kind of the thing that the various FL/OSS projects should be pushing for from their commercial users as well as contributions to the code base itself. No in-house devs to help with contributions to the code, fine, then how about contributing some funds for an independant code audit instead? Help us make your systems more secure!

Moderation

Time Reason Points Voter
2014-04-17 13:33 Interesting +1 lhsi@pipedot.org
2014-04-17 01:22 Insightful +1 ploling@pipedot.org
2014-04-16 17:21 Interesting +1 songofthepogo@pipedot.org

Junk Status

Not marked as junk