Of what use is an operating system if all it does is to make you look forward to the next release - simply because umpteen bugs have been introduced by all the new features in the current version?

Finding bugs in your code can be quite nasty—especially if you don’t know where to look. However, finding bugs automatically does not require astronaut training. I think it’s time to leave that “pleasure” to free (as in freedom) automatic static code review tools like the ones reviewed in this series of articles.

"Over the last few years, I’ve come to accept the fact that regardless of my attempts to quit this job, I am fundamentally a programmer. I wrote a book about security, I am the Editor In Chief of Free Software Magazine, but in the end I am still just a programmer. A lucky one, I must admit. Until last month, I had been blessed by the fact that either the software I wrote was owned by somebody else after a short contract (and therefore it didn’t matter to me once I had completed it: somebody else eventually took it over), or that what I programmed had been created just for myself (I was the only user of the software… bliss!). This changed when I became a free software programmer. I have recently released what I consider an important project: Drigg.

Mozilla has patched a pair of nasty flaws in its Firefox browser, two weeks after security researchers first started posting code that showed how the flaws could be exploited in attacks.

Though it might not seem that way, the top 10 most vulnerable software vendors - and, yes, that includes Microsoft - are contributing a smaller percentage of all vulnerability disclosures per year compared to five years ago.

OpenBSD founder Theo de Raadt has been making a lot of noise over a change in Intel’s current generation Core 2 microprocessor goes as far to claim that this will lead to serious security flaws. Linus Torvalds by contrast has given a completely opposite view of the situation

"When Mark Shuttleworth, Ubuntu founder and CEO of Canonical Ltd., spoke at the Linux Foundation Collaboration Summit at the Googleplex, he didn't talk about Ubuntu, patents, or hardware vendor partnerships. Instead he devoted his keynote speech to the importance of collaboration in fixing bugs and getting timely patches out to Linux users."