OStatic

Over the past few years, implementing security properly has become a big issue for software applications of all stripes, including open source applications and platforms. That's why I noted with interest a couple of blog posts on the topic from leaders behind two high-profile open source projects: Firefox and Drupal. In a piece called Learning From Mozilla Security on InternetNews, Jonathan Nightingale of Mozilla's security team, who has the title Human Shield, provides some instructive examples of the lengths Mozilla goes to to keep Firefox secure (and security is the reason some people use the browser). Meanwhile, Dries Buytaert, founder of the open source Drupal content management system, has a post up on strategic steps he wants to put in place for a security team to police Drupal and its many modules.?

Google Chrome users should take note of a blog post from Mark Larson, Chrome's Program Manager, calling out a fix for a serious security problem in the browser. The problem affects the non-developer, stable version of Chrome and allows the possibility of cross-site scripting attacks, which are becoming more and more common. The problem is now fixed in the new version 1.0.154.59 download.?