Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

EU flings €1m at open source security audit wheeze

Might also think about encrypting stuff. Maybe. You know... next year, perhaps?

EU institutions have finally got the memo about it being a good idea to pinpoint and fix security vulnerabilities.

Next year the European Parliament has allocated up to €1m for a project to audit free software programs in use at the European Commission (EC) and the EU Parliament in order to find and repair potential weaknesses.

A further €500,000 is being made available to work on encrypting communications among EU institutions.

Free Software Foundation Europe president Karsten Gerloff, said it was good to see the institutions investing “at least a little in improving the quality and the programs they use.”

However, he added that to make the best use of their efforts, institutions should work closely with upstream developers and make audit results public as soon as possible.

John Sullivan, executive director, Free Software Foundation, said: “Free software cannot guarantee your security, and in certain situations may appear less secure on specific vectors than some proprietary programs. As was widely agreed in the aftermath of the OpenSSL “Heartbleed” bug, the solution is not to trade one security bug for the very deep insecurity inherently created by proprietary software - the solution is to put energy and resources into auditing and improving free programs.”

The EC runs its IT on more than 350 Linux servers. All new web applications are protected by an open source-based solution for authentication, currently serving more than 300 existing web applications, more than 60,000 users and performing more than 10,000,000 authentications on a yearly basis with more than 17,000 different users every day, according to the commish’s informatics department (DG DIGIT).

Within the EC's IT network an open source-based developer collaboration platform hosts more than 770 projects accessed by more than 3,000 developers. ®

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like