Security researchers unearth bugs, developers ship the patch. When they work together, we have synergy that leads to secure code. I honesty mean synergy too, the definition of the term is: “cooperation giving rise to a whole that is greater than the simple sum of its parts.”
If the goal is to have fewer insecure systems on the internet, then we must work together. Even if it means going beyond expectations.
I can write the patch if I have to, but it is not my code.
I can do this thanks to open source. This process would be impossible for closed source projects. I just hope the open source community embraces my help.
If you have an open source project and are in need of help with writing a security bug, please reach out and we can work something out. If you are a business, please expect to pay a nominal fee. Either way, FOSS or for pay, please feel comfortable reaching out to me.
I hope to continue these posts and efforts, sharing publicly the process and responses I get in this effort. Join me on the journey to see what happens as I write security bug patches.
-
Patching add-commentsNever assume, always confirm. The most prevalent security bug in web applications […]
-
Patching webmaster-tools-verificationAPIs are one of the best features of web applications. I see […]
-
Patching wsm-downloaderRemember never to trust user inputs. It’s a common mistake, when writing […]
-
Patching thecartpressThis was the first plugin I unsolicited wrote a patch for. The […]
-
Open Source Psychopomping.I have become a psychopomp, or at least I act as one […]