version 1.155, 2000/11/09 17:44:03 |
version 1.156, 2000/11/12 19:09:00 |
|
|
<h2>October, 2000</h2> |
<h2>October, 2000</h2> |
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |
|
<a href="http://securityportal.com/closet/closet20001025.html">Auditing |
|
Code</a>, Kurt's Closet, Security Portal, October 31, 2000 |
|
</strong></font><br> |
|
|
|
Kurt Seifried interviews John Viega, author of the ITS4 code auditing |
|
system. While he acknowledges the value of OpenBSD's strictly |
|
expert-based auditing process, he argues that using even an imperfect |
|
auditing tool is better than no audit at all. |
|
<p> |
|
|
|
<li><font color=#009000><strong><a |
|
href="http://www.zdnet.com/intweek/stories/news/0,4164,2644279,00.html">Linux |
|
Boosts Unix</a>, ZDnet Inter@ctive Week, October 23, 2000 |
|
</strong></font><br> |
|
|
|
Charles Babcock suggests that Unix and freenix OSes like Linux and |
|
OpenBSD are putting the squeeze on Microsoft Windows 2000's share of |
|
the high end server market. Not bad for a bunch of hackers who just do |
|
it because they love coding... |
|
<p> |
|
|
|
<li><font color=#009000><strong> |
|
<a href="http://www.stallion.com/html/support/bsdcon-paper.html">Porting |
|
OpenBSD to the Motorola ColdFire</a>, BSDCon, October 18, 2000 |
|
</strong></font><br> |
|
|
|
Dean Fogarty and David O'Rourke, engineers at Stallion Technologies |
|
Pty Ltd in Australia, presented this paper at BSDCon.<br> |
|
<i>"Making an Internet embedded appliance for public |
|
consumption is not a simple task. Choices including hardware, code |
|
development and user interface design must be made, each of which could |
|
either help or hinder a product. This paper outlines how and why |
|
Stallion Technologies used the Motorola ColdFire CPU and the OpenBSD |
|
operating system to create a successful Internet appliance."</i> |
|
<p> |
|
|
|
<li><font color=#009000><strong> |
<a href="http://www.feedmag.com/essay/es405lofi.html">Cry |
<a href="http://www.feedmag.com/essay/es405lofi.html">Cry |
Hackerdom!</a>, FEED, October 17, 2000 |
Hackerdom!</a>, FEED, October 17, 2000 |
</strong></font><br> |
</strong></font><br> |
|
|
Developer Aaron Campbell is interviewed by Upside reporter Sam Williams |
Developer Aaron Campbell is interviewed by Upside reporter Sam Williams |
about the recent concern over format string vulnerabilities and how |
about the recent concern over format string vulnerabilities and how |
OpenBSD has responded to the threat. |
OpenBSD has responded to the threat. |
|
<p> |
|
|
|
<li><font color=#009000><strong> |
|
<a href="http://www.networkmagazine.com/article/NMG20001003S0001/1">The Pros and Cons of Posting Vulnerabilities</a>, October 5, 2000 |
|
</strong></font><br> |
|
|
|
Dissipating the smokescreen of FUD surrounding "full |
|
disclosure" is a never ending thankless task. Rik Farrow shows how |
|
it works by picking a particularly busy day in the life of BUGTRAQ, the |
|
full disclosure security mailing list. He concludes with a tip of the |
|
white hat to OpenBSD:<br> |
|
<i>"The true goal should be to write secure software in the first |
|
place. One Unix version, OpenBSD, gets all of its code audited for |
|
security bugs before it gets shipped."</i> |
<p> |
<p> |
|
|
<li><font color=#009000><strong> |
<li><font color=#009000><strong> |