When Trusting Your Own Code is a Bad Idea

From Zero in a Bit (Tyler Shields)
Trust has long been a favorite target of malicious individuals. Most people would say that proper management of trust is one of the primary cornerstones of information security. Trust is a relative term and all trust relationships should be examined with a very critical eye. Ken Thompson’s seminal paper “Reflections on Trusting Trust”, which won a Turing Award, addresses in detail why we can never be fully sure of the trust relationships in our development environment. Read the full story [Zero in a Bit].

By Robert Lemos, SecurityFocus
A number of security-focused open-source projects have announced their participation as mentoring organizations in Google’s Summer of Code [].
They include the NMap Project, the OpenSSH project and the Honeynet Project.
Read the full article []

Google is (indirectly) buying security vulnerabilities from the security research community.

Under the guise of a Native Client Security Contest, the search engine firm is offering big cash prizes to hackers who find bugs and other security flaws in the open-source research technology for running x86 native code in Web applications.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.