Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
The U.S. Government: Paying to Undermine Internet Security, Not to Fix It
from ProPublica:
The U.S. Government: Paying to Undermine Internet Security, Not to Fix It
One lesson of the Heartbleed bug is that the U.S. needs to stop running Internet security like a Wikipedia volunteer project.
by Julia Angwin
ProPublica, April 15, 2014, 12:50 p.m.
The Heartbleed computer security bug is many things: a catastrophic tech failure, an open invitation to criminal hackers and yet another reason to upgrade our passwords on dozens of websites. But more than anything else, Heartbleed reveals our neglect of Internet security.
The United States spends more than $50 billion a year on spying and intelligence, while the folks who build important defense software — in this case a program called OpenSSL that ensures that your connection to a website is encrypted — are four core programmers, only one of whom calls it a full-time job.
In a typical year, the foundation that supports OpenSSL receives just $2,000 in donations. The programmers have to rely on consulting gigs to pay for their work. "There should be at least a half dozen full time OpenSSL team members, not just one, able to concentrate on the care and feeding of OpenSSL without having to hustle commercial work," says Steve Marquess, who raises money for the project.
Is it any wonder that this Heartbleed bug slipped through the cracks? ...................(more)
The complete piece is at: http://www.propublica.org/article/the-u.s.-government-paying-to-undermine-internet-security-not-to-fix-it
