Thoughts on Security

Russel Coker has written a blog post on security.  He canvasses the possibility of moles being planted in software development teams, particularly of FLOSS projects,  with the goal of subverting the security of the software.  He observes that States capable of a nuclear weapons program are also capable of planting such a mole.  I don’t think the subversion of a  FLOSS project would be the end of the story.  If that were to happen, Governments who relied on the project would either need to: stop using the project; or undertake more stringent QA.  Since direct action is available as a remedy, it is quite plausible that the subversion of a project could give rise to a counter subversion by parties which might be affected by a security breach.  Governments might spend more time and effort running a counter-insurgency (eg more coding, more code QA, greater involvement in the development process).  Perhaps ironically, a compromise could be overall beneficial to a project if it provokes a spirited defence.  This is more likely in larger more critical projects – but then again, they are probably the more likely targets as well.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog Stats

  • 266,667 hits

OSWALD Newsletter

If you would like to receive OSWALD, a weekly open source news digest please send an email to oswald (with the subject "subscribe") at

%d bloggers like this: