LOGIN | REGISTER NOW | SUBSCRIBE
 
SD TIMES BLOG
dworthington

Acting in good faith

by David Worthington 05/20/2009 04:48 PM EST

Last month, I essentially "called out" software makers for not being forthcoming about the security processes they use while developing software. Only one of them has cared enough to follow up about it, even if it did take an e-mail from an influential member. Props to the Apache Foundation for caring about software security.

Over 60 Apache projects for their own security, "and they often consult with the ASF Security team if there are specific issues that need to be addressed," a spokesperson said. I'm following up with Lars Eilebrecht, a founding member of that team, to learn more.

Here's a list of companies that haven't followed up with me since my report was published:

Adobe, Amazon, Apple, CollabNet (the CEO did e-mail me asking about when I contacted it), the Eclipse Foundation, the Free Software Foundation, IBM, Intel, the Linux Foundation, Oracle, Red Hat, Software AG, Sun Microsystems, Sybase, VMware and Yahoo. Nokia and Salesforce.com acknowledged the request but were unable to provide comment by my story deadline—not a word since then.

Any of these companies can contact me at any time to discuss what is being done by their development teams to protect customers. Security is an important topic for our readers and important to the industry as a whole. Hopefully I will hear from at least one other company... Any takers?

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Share this link: http://www.sdtimes.com/blog/1433

Tags: , ,

Microsoft | security

E-mail | Kick it! | DZone it! | del.icio.us
Permalink | Comments (0) | Post RSSRSS comment feed

Add comment


 
 

biuquote
  • Comment




 
 
News on Monday
more>>
SharePoint Tech Report
more>>


   

 
 

Download Current Issue
FEBRUARY 2012 PDF ISSUE

Need Back Issues?
DOWNLOAD HERE

Want to subscribe?


 
blogs tab
Are you at risk for burnout?
Burnout is a severe problem and it can strike at any time. Here's how to tell if you are nearing the edge.
02/09/2012 02:16 PM EST

Agility, mom, and apple pie
If we're to evaluate the state-of-the-art in software development, we should start with the values espoused in the Agile Manifesto.
02/07/2012 11:57 AM EST

RIM woos developers with free tablet
How do you get more apps ported to the BlackBerry PlayBook? By giving every developer a free tablet, of course!
02/04/2012 01:57 PM EST

GitHire: Use Headhunters to Find Your Perfect Programmer
Are you a hiring manager tired of scouring the job boards? Check out this new service that will find 5 people interested in your jobs.
02/03/2012 12:17 PM EST

Facebook claims hacker cred
Facebook's SEC S-1 filing form includes a short essay on the Hacker Way by Mark Zuckerberg himself.
02/02/2012 08:26 AM EST

Ryan Dahl steps down
Ryan Dahl, creator of Node.js, steps back from his position as gatekeeper for the project.
02/01/2012 04:58 PM EST

 
Events calendar tab
Cloud Connect
2/13/2012 to 2/16/2012
Santa Clara
TechWeb

SPTechCon: The SharePoint Technology Conf.
2/26/2012 to 2/29/2012
San Francisco
BZ Media

RSA Conf.
2/27/2012 to 3/2/2012
San Francisco
RSA

IBM Pulse Conf.
3/4/2012 to 3/7/2012
Las Vegas
IBM Tivoli

Game Developer Conf.
3/5/2012 to 3/9/2012
San Francisco
TechWeb