| |||||||||||||
Coverty, exploits, DARPACoverty, exploits, DARPAPosted Jul 27, 2009 22:34 UTC (Mon) by brianomahoney (subscriber, #6206)Parent article: Finding Linux Bugs Before they Become Exploits (internetnews.com)
Coverty is a very valuable tool, developed largely at public expense as Stanford. Making it more widely available,is VERY important.
Perhaps DARPA should get Coverty, at least at its present level into the public domain.
(Log in to post comments)
Coverty, exploits, DARPA Posted Jul 28, 2009 9:39 UTC (Tue) by tialaramex (subscriber, #21167) [Link]
The really valuable thing would be experienced hackers reading the output and acting on it. DARPA _could_ fund that, but probably won't. Red Hat, or SPI or anyone could fund a hacker to do this, but probably won't.
Making the tool available is a side issue. If someone hired such a hacker for the next 12 months, or even if Linus, or Alan, or anyone else with a track record wanted to sit and spend August checking and fixing Coverity reports that could be done right now, no problem. It doesn't require putting Coverity into the public domain, which is good because AFAIU there's actually a significant difference between the technology "developed largely at public expense" and the nice shiny Coverity product.
|
|||||||||||||