What Desktop Innovation Needs to Succeed
Open Source Feminism: The Unfinished Revolution
Why Debian Is the Gold Standard of Upstream Desktop Linux
Yesterday's Man: The Fall of Richard Stallman
What's the Future of Free Software?
July 14th, 2016

David A. Wheeler: Working to Prevent the Next Heartbleed

The Heartbleed bug revealed that some important open source projects were so understaffed that they were unable to properly implement best security practices. The Linux Foundation’s Core Infrastructure Initiative , formed to help open source projects have the ability to adopt these practices, uses a lot of carrot and very little stick.

The FOSS Force Video Interview

David A. Wheeler’s personal website contains more than a book’s worth of Linux and Unix security advice — along with many random observations about this and that, with an emphasis on free and open source software. He was recently selected as technical lead for an important Linux Foundation security project. Is Wheeler famous? Surprisingly not, since he’s not a publicity seeker. But maybe he should be. Many less-accomplished people are.

Wheeler started writing about Linux and Unix security in the last millenium, and he’s never stopped. Now he’s the technical lead for the Linux Foundation’s Core Infrastructure Initiative Badge Project, which is a certification that says a software project is following a set of best practice rules that make sure its developers and maintainers put some major thought into security — and that’s it’s easy to report bugs, and that bug reports get acted upon sooner rather than later.

All basic stuff, right? So it is, but too many projects don’t think about security nearly as much as they should, says Wheeler, who is eminently qualified to lead this effort. As his short bio says, “He has a PhD in Information Technology, a Master’s in Computer Science, a certificate in Information Security, and a B.S. in Electronics Engineering, all from George Mason University (GMU). He lives in Northern Virginia.” (Disclosure: I’ve known Wheeler and followed his work for many years. You can learn a lot from this man. I have.)

Robin "Roblimo" Miller is a freelance writer and former editor-in-chief at Open Source Technology Group, the company that owned SourceForge, freshmeat, Linux.com, NewsForge, ThinkGeek and Slashdot, and until recently served as a video editor at Slashdot. Now he's mostly retired, but still works part-time as an editorial consultant for Grid Dynamics, and (obviously) writes for FOSS Force.

Comments are closed.