Wednesday, July 26, 2006
Bugle - Google Source Code Bug Finder
by Nik Kalyani
Wednesday, July 26, 2006 9:17:48 AM (Pacific Standard Time, UTC-08:00)

Bugle is a project that consists of Google queries that help identify security bugs in open source software. This is a very interesting concept and while it may help hackers find vulnerabilities in software easier than scouring the code, I think it is more useful for open source project teams.

By their very nature, open source projects are generally collaborative and therefore it is easy for unsecure code to creep in. The Bugle technique effectively helps detect high-level vulnerabilities in contributed code that has not been carefully scrutinized by the project security administrator.

This brings up another topic, which is better suited for its own post, but I will briefly mention here. While open source is supposed to result in more secure code because many more eyeballs are reviewing the code, the reality is that few people that use open source software actually look at the code. Most people are in it for the “free” aspect, not necessarily for the code. If the project developers miss a vulnerability in the code, it may not be detected for a long time. How is this any different from commercial, closed source projects? 

#    Comments [0] - Trackback    

Name
E-mail
(will show your gravatar icon)
Home page

Comment (Some html is allowed: a@href@title, b, i, u) where the @ means "attribute." For example, you can use <a href="" title=""> or <blockquote cite="Scott">.  

Enter the code shown (prevents robots):
Live Comment Preview
RSS feed
Search and Links
Home
DotNetNuke
DotNetNuke Corporation
Bling

View Nik Kalyani's profile on LinkedIn

Contact me: nik*kalyani.com (replace "*")

Archives
August, 2008 (6)
July, 2008 (1)
June, 2008 (2)
April, 2008 (3)
March, 2008 (5)
February, 2008 (2)
January, 2008 (7)
December, 2007 (3)
November, 2007 (3)
October, 2007 (5)
September, 2007 (1)
August, 2007 (1)
July, 2007 (2)
June, 2007 (7)
February, 2007 (3)
January, 2007 (9)
November, 2006 (1)
September, 2006 (5)
August, 2006 (8)
July, 2006 (7)
April, 2006 (1)
February, 2006 (3)
January, 2006 (6)
December, 2005 (7)
November, 2005 (6)
October, 2005 (4)
September, 2005 (3)
August, 2005 (17)
July, 2005 (6)
June, 2005 (14)
May, 2005 (6)
April, 2005 (13)
March, 2005 (14)
February, 2005 (21)
January, 2005 (5)
October, 2004 (1)
September, 2004 (3)
August, 2004 (1)
TechBubble
Tags
Annoyances (3) AppEngine (3) Articles (4) Ask Nik (7) ASP.Net (20) Baby Edutainment (2) BlackBerry (1) Cambrian (2) CSS (4) Das Blog (8) DotNetNuke (46) Edutainment (1) Email (2) Freebase (1) Home (1) Internet (3) Javascript (7) Marketing (2) Media (1) Open Force (3) Open Source (3) Opinion (1) Phrogram (1) Random Stuff (6) Silicon Valley (1) Software (3) Tagged Web (2) Tips & Tricks (14) Web 2.0 (3) WebDAV (4) WHS (1) Working Smart (3) WTF (5)
www.flickr.com
This is a Flickr badge showing public photos from techbubble. Make your own badge here.
Statistics
Total Posts: 214
This Year: 32
This Month: 0
This Week: 0
Comments: 238
About the author/Disclaimer

Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

© Copyright 2008
Nik Kalyani
Sign In
All Content © 2008, Nik Kalyani