Two new presentations: “Open Source Software and Software Assurance” and “Open Standards and Security”
I’ve put two presentations on my website you might find of interest.
The first one is Open Source Software and Software Assurance. Here I talk about Free-Libre / Open Source Software (FLOSS) and its relationship to software assurance and security. It has lots of actual statistics, and a discussion on review. I also deal with the chestnut “can’t just anyone insert malicious code into OSS?” — many questioners don’t realize that attackers can change proprietary software too (attackers generally don’t worry about legal niceties); the issue is the user’s supply chain. I gave this presentation at FOSE 2006 in Washington, DC, and I’ve given variations of this presentation many times before.
The second presentation is “Open Standards and Security”. Here I focus on the role of open standards in security, which turns out to be fundamental.
I’ll be giving the “Open Standards and Security” presentation at the “LinuxWorld Government Day: Implementing Open Standards” track, April 4, 2006, in Boston, Massachusetts. I’ll speak at 12:45, so come hear the presentation… you’ll miss much if you only read the slides.
path: /security | Current Weblog | permanent link to this entry