First, some good news for the security of open source software. The Mozilla Foundation has allocated US$500,000 to audit the security of open source tools. The money funds the Secure Open Source (SOS) Fund as part of the Mozilla Open Source Support (MOSS) program.
I believe this will be a big help in making open source tools more secure. Three audits have been completed so far, and the results are available on the SOS site. The audits are performed by commercial security auditing companies. Some folks have claimed that since the source code is available for open source software, it must be secure. As the results show, there can, indeed, be security issues in open source software (OSS) tools. By funding the auditing, The Mozilla Foundation is helping not the development community, but also those who incorporate OSS in internal projects. I applaud them for this effort.
Second, I am generally reluctant to promote myself here. However, I received an award in May of this year and wanted to share the information with you.
You may be wondering why someone who usually posts here on cyber security received an award for contributions to Learning. Part of the story is that I have been in the business of adult learning for over 30 years. Learning and performance are my real passion. I have an MS in Computer Engineering and did study what little security we could back then. I co-wrote Learning Tree’s introductory security course something like a dozen years ago. One of my graduate professors wrote the first Learning Tree security course back then, but I’d never heard of the company!
From the Association for Talent Development press release:
“Eagle Nest, New Mexico, [Date]– J-K International is pleased to announce that John McDermott, CPLP received the Association for Talent Development.
The CPLP Contributor Award recognizes holders of the CPLP (Certified Professional in Learning and Performance) credential for outstanding volunteer efforts to support, promote, and advance the CPLP program.
John was one of the first professionals to earn the CPLP designation in April 2005 He also served on the Program Advisory Committee for ATD2015 and ATD2016 – The Association for Talent Development’s International Conference and Exposition for 2015 and 2016. The conference draws more than 10,000 attendees from around the world.
The Association for Talent Development (ATD) is the world’s largest professional membership organization supporting those who develop the knowledge and skills of employees in organizations around the world. The association was previously known as the American Society for Training & Development (ASTD).”
To your safe computing,