• Newest series
• Arts & Entertainment
• Astrology
• Automotive
• Baseball
• Basketball
• Business & Finance
• Careers
• Comedy
• Educational
• Environment
• Faith
• Family & Parenting
• Food & Wine
• Football
• Foreign Language
• Health, Mind, Body
• Hobbies & Crafts
• Hockey
• Home & Garden
• Industry
• Interview
• Local & Community
• Marketing
• News
• Opinion
• People
• Podcasting
• Politics
• Public Service
• Radio Shows
• Real Estate
• Religion
• Science
• Sexuality
• Sports
• Technology
• Travel
• Twittergrams
• World
• Written Word

Foneshow delivers audio content directly to your cell phone. With automatic notification, the content is always fresh; it's great for news, finance, and sports programming. You don't need a data plan or a smart phone to use Foneshow!

Subscribe to this Foneshow... CNET News.com: Security Bites Backdoors, pharming, botnets, phishing, rootkits,viruses, worms. Feeling vulnerable? CNET.com's Robert Vamosi will tell you about the latest security threats, what's coming, and how to protect your system. Visit the blog at http://securitybites.cnet.com. © 2008 CNET.com • Podcast home page

1 Enter  your cell #  and  Enter your  password  and   Forgot? We just sent a new password to your phone! Please enter  your e-mail address and  ZIP code  and  Thanks! Almost done... 2 You'll get a text message ...got it? If it doesn't come within a minute or so, click here to start over. or click here to start over. 3 Just dial and listen! On most phones, you can just hit "Send" to call a phone number in a text message. It's important! If you don't call the number, you're not really subscribed!

< List shows

Security Bites 109: Open source security

Date: 07/25/2008
Length: 00:18:54

For years, one of the arguments for using open source software instead of proprietary software held that open source was more secure. After all, having thousands of eyes looking at the code can't but help find and mitigate potentially dangerous bugs. A new report from Fortify challenges that assertion

Open source software an be found in over half of the enterprises today. And open source code can be found within the Mac OS 10 operating system. But how are open source vulnerabilities and, more importantly, their patches handled?

This week report from Fortify found that while vulnerabilities exist and are reported within the open source community, not every open source project had a clearly defined contact or security alias. Nor was it clear what the process would be for issuing a patch, or how the projects conduct their own vulnerability assessments. The report looked at several known open source projects such as JBoss and Tomcat.

CNET's Robert Vamosi spoke by phone with Roger Thornton, CTO at Fortify about the report and its findings.

Listen now: Download today's podcast

Foneshow does not charge for this service, but standard or other charges may apply from your carrier. Please check your plan to make sure. To stop receiving text messages at anytime, text STOP to 44636. For help, text HELP to 44636 or email support@4info.net.

• User information
• Subscriber login
  
• How to use Foneshow •
• Copyright notices

• About the company
• About •
• Team •
• Blog •
• Contact us
  
• Jobs •
• Press •
• Terms of service