I’ve put two presentations on my website you might find of interest.
The first one is Open Source Software and Software Assurance. Here I talk about Free-Libre / Open Source Software (FLOSS) and its relationship to software assurance and security. It has lots of actual statistics, and a discussion on review. I also deal with the chestnut “can’t just anyone insert malicious code into OSS?” — many questioners don’t realize that attackers can change proprietary software too (attackers generally don’t worry about legal niceties); the issue is the user’s supply chain. I gave this presentation at FOSE 2006 in Washington, DC, and I’ve given variations of this presentation many times before.
The second presentation is “Open Standards and Security”. Here I focus on the role of open standards in security, which turns out to be fundamental.
I’ll be giving the “Open Standards and Security” presentation at the “LinuxWorld Government Day: Implementing Open Standards” track, April 4, 2006, in Boston, Massachusetts. I’ll speak at 12:45, so come hear the presentation… you’ll miss much if you only read the slides.
path: /security | Current Weblog | permanent link to this entry