Tags: Core Infrastructure Initiative

R Consortium Looks for Feedback on R Package Best Practices

The R Consortium Infrastructure Steering Committee (ISC) is exploring the benefits of recommending that R package authors, contributors, and maintainers adopt the Linux Foundation (LF) Core Infrastructure Initiative (CII) Best Practices Badge. This badge provides a means for Free/Libre and Open...
Read 0 Comments

Open Source Threat Modeling

What is threat modeling? Application threat modeling is a structured approach to identifying ways that an adversary might try to attack an application and then designing mitigations to prevent, detect or reduce the impact of those attacks. The description of an application’s threat model is...
Read 0 Comments

CII Audit Identifies Most Secure NTP Implementation

Since its inception the CII has considered network time, and implementations of the Network Time Protocol, to be “core infrastructure.” Correctly synchronising clocks is critical both to the smooth functioning of many services and to the effectiveness of numerous security protocols; as a result...
Read 0 Comments

kernel-security.jpg

Linux kernel security
The Core Infrastructure Initiative (CII) exists to support work improving the security of critical open source components. Over the past few years, the CII has been funding the Kernel Self Protection Project, the aim of which is to ensure that the kernel fails safely rather than just running safely.

CII Project Advances Linux Kernel Security as Firm Ends Free Patches

There has been some public discussion in the last week regarding the decision by Open Source Security Inc. and the creators of the Grsecurity® patches for the Linux kernel to cease making these patches freely available to users who are not paid subscribers to their service. While we at the Core...
Read 0 Comments

Hitachi Increases Investment in Open Source With Linux Foundation Platinum Membership

We are thrilled to announce that Hitachi has become the latest Linux Foundation Platinum member, joining existing Platinum members Cisco, Fujitsu, Huawei, IBM, Intel, Microsoft, NEC, Oracle, Qualcomm and Samsung. Hitachi has been a supporter of The Linux Foundation and Linux since 2000, and was...
Read 0 Comments

openssl_heartbleed.png

Rich Salz & Tim Hudson from the OpenSSL project talking about "OpenSSL After Heartbleed" at LinuxCon Europe in Berlin.

OpenSSL after Heartbleed

Despite being a library that most people outside of the technology industry have never heard of, the Heartbleed bug in OpenSSL caught the attention of the mainstream press when it was uncovered in April 2014 because so many websites were vulnerable to theft of sensitive server and user data. At...
Read 0 Comments

Linux Foundation Backs Reproducible Builds Effort for Secure Software

Building software securely requires a verifiable method of reproduction and that is why the Linux Foundation's Core Infrastructure Initiative is supporting the Reproducible Builds Project. In an effort to help open-source software developers build more secure software, the Linux Foundation is...
Read 0 Comments

Secure the Internet: Core Infrastructure Initiative's Aim

VIDEO: Nicko van Someren, CTO of the Linux Foundation, discusses how the CII is moving forward to make open-source software more secure. In the aftermath of the Heartbleed vulnerability's emergence in 2014, the Linux Foundation created the Core Infrastructure Initiative (CII)to help prevent that...
Read 0 Comments

badges_b.jpg

Best practices
Learn more about the Core Infrastructure Initiative (CII) Best Practices Badges Program. [Image credit: torbakhopper]

How to Get an Open Source Security Badge from CII

Co-authored by Dr. David A. Wheeler Everybody loves getting badges.  Fitbit badges, Stack Overflow badges, Boy Scout merit badges, and even LEED certification are just a few examples that come to mind.  A recent 538 article "Even psychologists love badges" publicized the value of a badge....
Read 0 Comments

This Week in Linux News: Open Source Jobs Report Reveals In-Demand Skills, CII Announces New Badge Program, & More

1) The Linux Foundation Jobs Report (published this week) shows Open source programming and DevOps skills to be in-demand amongst hiring managers. hiring_o.jpg Creative Commons Zero Linux Foundation: Open Source Programming and DevOps Jobs Plentiful- The VAR Guy 2) The Core...
Read 0 Comments
Click Here!