Debian Testing Looking for Security Staff

Mar 13, 2008

The free Debian Linux distribution is looking for Security staff for its "testing" branch.

As Nico Golde from the Testing Security Team writes in a message posted on a mailing list, currently just one or two developers are keeping an eye on security in the testing branch. The situation has become more aggravated because one of the team members has been hit by a computer defect.

The Testing Security team aims to achieve a reasonable measure of security for all users who declined the "testing" branch of the Debian distribution on their computers. Typical users include developers who prefer more recent software, but also end users.

Golde emphasizes bent you do not need to be a registered Debian developer to help the security team. The only basic requirements are some working knowledge of security mechanisms and vulnerabilities, familiarity with the Subversion version control system and of course enough time. A security issue occurs every two to three days. In order to find the vulnerability of team traces new input in the CVE Security directory and in Debian’s Bugtracker. The Debian Security Tracker is used to trace vulnerabilities. An introduction to this tool is provided by the "Narrative Introduction" in the Subversion repository.

If you also have programming experience and know-how to build Debian packages, your contribution will definitely be welcome: after all, the Security team creates updated packages with fixes for vulnerabilities.

If you fulfill at least some of these requirements and are interested in an interesting task, you can contact the Testing Security Team via its mailing list. As an alternative contact you can also use the IRC channel "#debian-security" on irc.oftc.net.

Related content

  • Grendel Scan 1.0: Automatic Security Check for Web Applications

    Grendel Scan version 1.0, a Web application testing tools, was introduced at the Defcon Security Conference in Las Vegas.

  • PHP Security Principles

    Many web attacks are the result of programmer error. Sloppy code testing leaves a door open for the uninvited.

  • Qubes OS

    Most operating systems claim to be secure; however, most fail terribly. Newcomer Qubes OS tries a different approach, relying on a microkernel and pervasive virtualization.

  • Free Software Projects

    Free software covers such a diverse range of utilities, applications, and projects, that it can be hard to find the perfect tool. We pick the best of the bunch. This month we examine Bluefish, Bidwatcher, KWappen, Capi4BSD, and current events at the Debian project.

  • Ubuntu Linux

    Linux comes in many packages – from no-charge distributions to expensive enterprise offerings. Ubuntu Linux is somewhere in between – a free Debian derivative with support options for the enterprise.

comments powered by Disqus

Issue 166/2014

Buy this issue as a PDF

Digital Issue: Price $9.99
(incl. VAT)

News