Information security in open projects, report from RIF + CIB 2015
On April 22–24, 2015, the RIF + KIB, the main spring event of the Runet, took place 19 times in the Moscow region.
In the section “Current issues of cybersecurity” at RIF + CIB 2015, experts discussed trends in the field of cybercrime, as well as the results of 2014 and plans for 2015. Among the participants was Alexey Bragin, who delivered his report “Information Security in Open Projects”.
In 2014, several large-scale critical vulnerabilities in open source projects were discovered that affect millions of computers around the world. For example, the famous Heartbleed, FREAK, POODLE and BEAST in the OpenSSL library, the usual SQL Injection in the popular Drupal content management system. Is it possible to deal with this? Are there any advantages in the open model of development from the point of view of security?
')
Superior sound: soundcloud.com/aleksey-bragin-1/2015a
Slides to the report:
In the section “Current issues of cybersecurity” at RIF + CIB 2015, experts discussed trends in the field of cybercrime, as well as the results of 2014 and plans for 2015. Among the participants was Alexey Bragin, who delivered his report “Information Security in Open Projects”.
In 2014, several large-scale critical vulnerabilities in open source projects were discovered that affect millions of computers around the world. For example, the famous Heartbleed, FREAK, POODLE and BEAST in the OpenSSL library, the usual SQL Injection in the popular Drupal content management system. Is it possible to deal with this? Are there any advantages in the open model of development from the point of view of security?
')
Superior sound: soundcloud.com/aleksey-bragin-1/2015a
Slides to the report:
Source: https://habr.com/ru/post/256675/
All Articles