85329477
submission
dwheeler writes:
The US federal government just released a new Federal Source Code policy. For each of the next 3 years, at least 20% of custom-developed Federal source code is to be released as open source software. Details here: https://www.whitehouse.gov/sit...
59668025
submission
dwheeler writes:
Heartbleed was bad vulnerability in OpenSSL. My article How to Prevent the next Heartbleed explains why so many tools missed it... and what could be done to prevent the next one. Are there other ways to detect these vulnerabilities ahead-of-time? What did I miss?
6651229
submission
dwheeler writes:
The U.S. Department of Defense (DoD) has just released "Clarifying Guidance Regarding Open Source Software (OSS)", a new official memo about OSS. This memo is important for anyone who works with the DoD (including contractors) on software and systems that include software, and may influence many other organizations as well. The DoD had released a memo back in 2003, but "misconceptions and misinterpretations... have hampered effective DoD use and development of OSS". The new memo tries to counter those misconceptions and misinterpretations, and is very positive about OSS. In particular, it lists a number of potential advantages of OSS, and recommends that in certain cases the DoD release software as OSS.
