Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Cyber Monday Sale! Courses ranging from coding to project management - all eLearning deals 25% off with coupon code "CYBERMONDAY25". ×

Submission + - Security Firm Confirms FOSS Devs Fix Bugs Faster (

sgtrock writes: This story was reported in several places yesterday. From Dark Reading:

Around 58 percent of the applications tested by application security testing service provider Veracode in the past year-and-a-half failed to achieve a successful rating in their first round of testing. "The degree of failure to meet acceptable standards on first submission is astounding — and this is coming from folks who care enough to submit their software to our [application security testing] services," says Roger Oberg, senior vice president of marketing for Veracode. "The implication here is that more than half of all applications are susceptible to the kinds of vulnerabilities we saw at Heartland, Google, DoD, and others — these were all application-layer attacks."


"The conventional wisdom is that open source is risky. But open source was no worse than commercial software upon first submission. That's encouraging," Oberg says. And it was the quickest to remediate any flaws: "It took about 30 days to remediate open-source software, and much longer for commercial and internal projects," he says.

Stellar rays prove fibbing never pays. Embezzlement is another matter.