| version 1.155, 2000/11/09 17:44:03 |
version 1.156, 2000/11/12 19:09:00 |
|
|
| <h2>October, 2000</h2> |
<h2>October, 2000</h2> |
| |
|
| <li><font color=#009000><strong> |
<li><font color=#009000><strong> |
| |
<a href="http://securityportal.com/closet/closet20001025.html">Auditing |
| |
Code</a>, Kurt's Closet, Security Portal, October 31, 2000 |
| |
</strong></font><br> |
| |
|
| |
Kurt Seifried interviews John Viega, author of the ITS4 code auditing |
| |
system. While he acknowledges the value of OpenBSD's strictly |
| |
expert-based auditing process, he argues that using even an imperfect |
| |
auditing tool is better than no audit at all. |
| |
<p> |
| |
|
| |
<li><font color=#009000><strong><a |
| |
href="http://www.zdnet.com/intweek/stories/news/0,4164,2644279,00.html">Linux |
| |
Boosts Unix</a>, ZDnet Inter@ctive Week, October 23, 2000 |
| |
</strong></font><br> |
| |
|
| |
Charles Babcock suggests that Unix and freenix OSes like Linux and |
| |
OpenBSD are putting the squeeze on Microsoft Windows 2000's share of |
| |
the high end server market. Not bad for a bunch of hackers who just do |
| |
it because they love coding... |
| |
<p> |
| |
|
| |
<li><font color=#009000><strong> |
| |
<a href="http://www.stallion.com/html/support/bsdcon-paper.html">Porting |
| |
OpenBSD to the Motorola ColdFire</a>, BSDCon, October 18, 2000 |
| |
</strong></font><br> |
| |
|
| |
Dean Fogarty and David O'Rourke, engineers at Stallion Technologies |
| |
Pty Ltd in Australia, presented this paper at BSDCon.<br> |
| |
<i>"Making an Internet embedded appliance for public |
| |
consumption is not a simple task. Choices including hardware, code |
| |
development and user interface design must be made, each of which could |
| |
either help or hinder a product. This paper outlines how and why |
| |
Stallion Technologies used the Motorola ColdFire CPU and the OpenBSD |
| |
operating system to create a successful Internet appliance."</i> |
| |
<p> |
| |
|
| |
<li><font color=#009000><strong> |
| <a href="http://www.feedmag.com/essay/es405lofi.html">Cry |
<a href="http://www.feedmag.com/essay/es405lofi.html">Cry |
| Hackerdom!</a>, FEED, October 17, 2000 |
Hackerdom!</a>, FEED, October 17, 2000 |
| </strong></font><br> |
</strong></font><br> |
|
|
| Developer Aaron Campbell is interviewed by Upside reporter Sam Williams |
Developer Aaron Campbell is interviewed by Upside reporter Sam Williams |
| about the recent concern over format string vulnerabilities and how |
about the recent concern over format string vulnerabilities and how |
| OpenBSD has responded to the threat. |
OpenBSD has responded to the threat. |
| |
<p> |
| |
|
| |
<li><font color=#009000><strong> |
| |
<a href="http://www.networkmagazine.com/article/NMG20001003S0001/1">The Pros and Cons of Posting Vulnerabilities</a>, October 5, 2000 |
| |
</strong></font><br> |
| |
|
| |
Dissipating the smokescreen of FUD surrounding "full |
| |
disclosure" is a never ending thankless task. Rik Farrow shows how |
| |
it works by picking a particularly busy day in the life of BUGTRAQ, the |
| |
full disclosure security mailing list. He concludes with a tip of the |
| |
white hat to OpenBSD:<br> |
| |
<i>"The true goal should be to write secure software in the first |
| |
place. One Unix version, OpenBSD, gets all of its code audited for |
| |
security bugs before it gets shipped."</i> |
| <p> |
<p> |
| |
|
| <li><font color=#009000><strong> |
<li><font color=#009000><strong> |
![[BACK]](/icons/back.gif){kind=icon}
Return to press.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www