Tor: Anonymous, and Now Apparently Bug-Free
by Kristin Shoemaker - Jan. 13, 2009Comments (1)- Related Blog Posts
- Over 50 Free, Must-Have Open Source Resources
- What Does a User Cost?
- Amarok Refreshed: Better, Stronger, Faster!
- Dell's Multimedia Mini PC Ships With Ubuntu
- What Lies Ahead for Chrome OS?
By way of Heise Online comes word that Tor, the internet anonymization system, has hit a milestone of nearly mythical proportions -- there are currently no known bugs in the Tor code.
Tor began scanning its development releases in September using Coverity, a bug detection application developed by Stanford University in collaboration with the US Department of Homeland Security. In September, Coverity revealed 171 issues in Tor's code base, ranging from "annoying yet not critical" sloppiness to bugs capable of causing crashes that would prove challenging to debug. By December, Tor had lowered this number to 15, and last week, Coverity testing revealed that the project had successfully eliminated the last known issues.
Coverity, as the Tor blog states, is a "serious company with a serious 'enterprise' pricing structure," but it offers its services free of charge to qualifying open source projects. Founded in 2006, Coverity focused on Linux, Apache, BIND DNS server code and Firefox in its first scans. The list of projects included at this point is diverse in purpose and platform.
It is no small feat to eradicate critical bugs without inadvertently starting a few little fires in the newly fixed code, and the fact that Tor has done this so quickly and efficiently speaks volumes about the dedication of the people involved in the project. Analysis tools such as Coverity undoubtedly help ease the discovery process, but it's the interest and drive of the wider community that yields real results.
