From Fedora Project Wiki

< FWN‎ | Beats

No edit summary
No edit summary
Line 6: Line 6:
Contributing Writer: [[JoshBressers]]
Contributing Writer: [[JoshBressers]]


=== Open Source Security ===
=== Firefox Emergency ===
One of the dead horses that various security folks like to beat is claiming that Open Source software is less secure because anyone can look at it and analyse its security weaknesses. So what happens when a system should be closed, but is suddenly broken open?
On Friday, a new version of Firefox <ref>http://blog.mozilla.com/security/2009/03/26/cansecwest-2009-pwn2own-exploit-and-xsl-transform-vulnerability/</ref> was released. The number of hours that went into this event are amazing to even consider. For most of the week, there were various groups working non stop to make this happen. Be sure to update your firefox, it's pretty important.
'''Marine One Data Breech'''<ref>http://news.cnet.com/8301-1009_3-10184558-83.html</ref>
 
It seems that Iran (the country), may have acquired sensitive information about the helicopter the President of the United States uses. When you're an organization with virtually limitless resources, the easy solution here is probably to just get a different helicopter, but suppose something similar happens to a piece of closed source software. Now you're at an elevated level of risk because people <strong>haven't</strong> been analysing your source code for weakness. Any good security system should still hold up even if complete details are made public. By purposely putting the source in public view, Open Source software has a very real advantage over a similar system that relies on obscurity as a feature.


<references/>
<references/>

Revision as of 16:57, 29 March 2009

Security Week

In this section, we highlight the security stories from the week in Fedora.

Contributing Writer: JoshBressers

Firefox Emergency

On Friday, a new version of Firefox [1] was released. The number of hours that went into this event are amazing to even consider. For most of the week, there were various groups working non stop to make this happen. Be sure to update your firefox, it's pretty important.

  1. http://blog.mozilla.com/security/2009/03/26/cansecwest-2009-pwn2own-exploit-and-xsl-transform-vulnerability/
Retrieved from "https://fedoraproject.org/w/index.php?title=FWN/Beats/SecurityWeek&oldid=93281"