SecurityFocus: Trustworthy Open-Source Computing
Dec 19, 2003, 02:00 (4 Talkback[s])
(Other stories by Hal Flynn)
"When I was in the military, one of the things I learned about
was holding a perimeter. The perimeter could be around anything: a
camp, a hill, a beer garden, or whatever. The perimeter was your
position on the battlefield, and you were obligated to defend it to
keep everything inside the perimeter safe.
"Under no circumstance were you to ever let your perimeter get
overrun. If you were forced to defend it, you fought with
superhuman strength. If you thought your perimeter was going to be
overrun, you called any and everybody that you thought could help:
air support, artillery, armor... anybody.
"We've seen exactly this kind of exercise in the open-source
world in the last few weeks, though not necessarily from the same
school of training or thought. Two high-profile projects
experienced compromises. They announced it to the community,
essentially letting everybody know that their perimeters had been
overrun, and that they needed all the help they could get..."