SoylentNews is people
SoylentNews
Member of the European Parliament Julia Reda blogs
Security and liberty don't have to be opposites. I want the European Union to focus its energy and funds on projects that increase both the safety and the autonomy of its people at the same time. At my proposal, next year's EU budget will include a step in that direction:
€1 million of the EU's €40 million pilot project fund will be spent towards open source software security.
The European Union's interoperability page says
The European Parliament is funding a security audit of the free and open source solutions used by the Parliament and the European Commission. Last Wednesday, the EP allocated €1 million for the audit project, to be carried out by the EC Directorate General for Informatics (DIGIT). The project should also come up with best practices for code review and quality assessments of free software and open standards funded by the EU.
(Score: 5, Interesting) by edIII on Thursday December 25 2014, @02:57AM
Screw cynical.
They said $1,219,750 USD. It's a pittance. This is a security audit, and if we're going to be serious, it means actual auditing. There's been some real issues hidden deep for years overlooked in spite of the open review paradigm of free software. How much does paying a single security researcher (worth a damn) to review it thoroughly really cost? In other words, if we assembled a dream team of security researchers around the world, how many minutes would this fund it?
It's the EU representing the corporate interests above all else, and then ostensibly the human interests later. Just from that alone, they need to be adding a few zeros to the check. When you see a job bid that low, you know the managers and people funding it have absolutely no idea what something costs.
Don't take it seriously. Probably some nepotism where a family member is going to run it into the ground in a few months.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: -1, Offtopic) by Ethanol-fueled on Thursday December 25 2014, @04:14AM
Your momma's pussy smells like hitler.
(Score: -1, Offtopic) by Anonymous Coward on Thursday December 25 2014, @04:55AM
Please point to the place on the doll where the bad man touched you.
(Score: 2) by cafebabe on Thursday December 25 2014, @02:40PM
It may have involved [soylentnews.org] the bad man's left hand [postimg.org].
1702845791×2
(Score: 2) by edIII on Friday December 26 2014, @04:27AM
"That's not my bag baby"
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 0, Offtopic) by kaszz on Thursday December 25 2014, @04:34AM
University salaries and basement dwellers might perhaps be funded this way?
(Score: 4, Interesting) by edIII on Thursday December 25 2014, @05:49AM
We want a security audit. Having the poor person pass out from lack of nutrients probably makes for poor auditing. I'm thinking living wage, which means you might put together a small team for upwards of a year.
Even going low, I don't see how you're obtaining adequate resources for the project. This is just salaries. Is it all BYOD?
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 5, Insightful) by janrinok on Thursday December 25 2014, @10:30AM
Well, it is not a large amount of money - but it is better than nothing at all. Over to you, USA, how much are you going to contribute to checking open source software next year?
(Score: 1, Insightful) by Anonymous Coward on Thursday December 25 2014, @05:21PM
We thoroughly check both open and closed source software, and we have standing audit teams for your favorite operating system, whatever it may be. We've already found all the bugs that your EU team might find in the next ten years, and we even added some more while no one was looking.
Love,
the NSA.
(Score: 1, Insightful) by Anonymous Coward on Thursday December 25 2014, @07:04PM
Exactly.
Europe really needs _NEEDS_ to do more about this. Their present and future depend on it. Bad people (and others like the american nsa) can easily hurt a nation when they choose to. Its not a matter of if, but when.
Our lives do depend on software and hardware, and this dependency will only increase. So better save yourselves while you still have time.
(Score: 0) by Anonymous Coward on Thursday December 25 2014, @11:08PM
Europe already does plenty about this. Or, rather, the BND, DGSE, GCHQ, and their friends are all auditing software like madmen, looking for bugs to exploit. They're just not as photogenic as the NSA, with that evil American black-glass building and all.
The EU software is getting audited by European professionals, have no fear of that. They're just working against the EU and for the national governments (or, in the DGSE's case, God only knows who they're actually working for, because they sure aren't working for the French government). And that's the thing: when you say "can easily hurt a nation," you've got it backwards...
(Score: 2) by Yog-Yogguth on Friday December 26 2014, @02:17PM
“…the BND, DGSE, GCHQ…” “…just not as photogenic as the NSA…”
They are the same organization: Five Eyes, Nine Eyes, Fourteen Eyes,… [wikipedia.org]
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 2) by Yog-Yogguth on Friday December 26 2014, @02:24PM
Oops, I proofread my other comment but didn't catch how bad it sounded; it was meant as a brief statement in support of your comment.
Bite harder Ouroboros, bite! tails.boum.org/ linux USB CD secure desktop IRC *crypt tor (not endorsements (XKeyScore))
(Score: 1, Insightful) by Anonymous Coward on Friday December 26 2014, @01:58AM
Well, it is not a large amount of money - but it is better than nothing at all. Over to you, USA, how much are you going to contribute to checking open source software next year?
I'm certain NSA has already spent quite a bit more than $1m auditing open source. They are just not always ready to release their findings. (similar is probably true of GCHQ)