Michael Gracie

When I say “hit” I don’t mean getting hammered either.

Novell just announced that they are going to be releasing their AppArmor intrusion prevention software under the GPL. The product will likely get some improvements from the OS community, albeit at the expense of Homeland Security adding many line items on the Linux side of their less than accurately represented vulnerabilities list.

You gotta wonder, however, if the whole US-CERT list thing was a public relations move, as Homeland Security just made a grant to three groups to improve open source security. Yep. Over a million bucks is going to Stanford University, Coverity, and Symantec to work on OS bugs. The Stanford/Coverity bit makes total sense to me - Coverity has a service that allows you to upload your C/C++ code to their system, at which time they scrub the heck out it looking for unnecessary complexity and the potential pitfalls that go along with that. The technology, by the way, came out of Stanford. I guess Symantec is just along for the ride.

Immunix, a security software firm concentrating on Linux apps, has been purchased by Novell. No intense speculation here - Novell is building on its Linux portfolio, and having security software in its SUSE distros makes tons of sense.