Two recent events have shed light on some fundamental issues in getting security in Open Source projects. One of them is a serious bug referred to as "Heartbleed", and the other is the first part of a security audit of the TrueCrypt encryption program. By looking at both of these together and doing a Lessons Learned we can draw some conclusions about what is needed to have security in Open Source projects.
Links:
Unless otherwise stated, our shows are released under a Creative Commons Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) license.
The HPR Website Design is released to the Public Domain.