EU flings 1m at open source security audit wheeze

EU institutions have finally got the memo about it being a good idea to pinpoint and fix security vulnerabilities.

Next year the European Parliament has allocated up to 1m for a project to audit free software programs in use at the European Commission (EC) and the EU Parliament in order to find and repair potential weaknesses.

A further 500,000 is being made available to work on encrypting communications among EU institutions.

Free Software Foundation Europe president Karsten Gerloff, said it was good to see the institutions investing at least a little in improving the quality and the programs they use.

However, he added that to make the best use of their efforts, institutions should work closely with upstream developers and make audit results public as soon as possible.

John Sullivan, executive director, Free Software Foundation, said: Free software cannot guarantee your security, and in certain situations may appear less secure on specific vectors than some proprietary programs. As was widely agreed in the aftermath of the OpenSSL Heartbleed bug, the solution is not to trade one security bug for the very deep insecurity inherently created by proprietary software - the solution is to put energy and resources into auditing and improving free programs.

The EC runs its IT on more than 350 Linux servers. All new web applications are protected by an open source-based solution for authentication, currently serving more than 300 existing web applications, more than 60,000 users and performing more than 10,000,000 authentications on a yearly basis with more than 17,000 different users every day, according to the commishs informatics department (DG DIGIT).

Within the EC's IT network an open source-based developer collaboration platform hosts more than 770 projects accessed by more than 3,000 developers.

Sponsored: How to determine if cloud backup is right for your servers

Continued here:
EU flings 1m at open source security audit wheeze

Related Posts

Comments are closed.