Linux专家称 开源软件日益吸引黑客

Linux expert warns of open source's growing appeal to hackers

Linux专家警告开源软件日益吸引黑客

purple endurer注：1、warn of:警告(发出);2、appeal to:对...有吸引力；对...产生吸引力》

by John McCormick

作者：John McCormick

翻译；Purple Endurer

英文来源：http://articles.techrepublic.com.com/5100-1009_11-6130846.html?tag=nl.e101

Tags: Linux | Open source | Hacking | Security threats | Patches

标签： Linux | 开源 | Hacking | 安全威胁 | 补丁

Takeaway: Alan Cox, a well-respected Linux developer, warned attendees of London's LinuxWorld that open source software is becoming more attractive to commercial hackers. In this edition of the IT Locksmith, John McCormick fills you in on Cox's statement and tells you about a new organization aiming to stop zero-day exploits.

导读：很受尊敬的Linux开发人员Alan Cox，警告参加伦敦Linux世界会议的人员，开源软件对商业黑客正越来越有吸引力。在本期IT锁匠里，John McCormick向你传输Cox的声明，并告诉你一个新组织旨在停止零日攻击。

purple endurer注：1、attractive to:对…具有吸引力的;2、fill in:填写

A Linux guru cautions that open source's growing popularity is attracting the unwanted attention of more hackers. Meanwhile, a new organization aims to stop zero-day exploits by making patches available sooner.

一位Linux领袖警告，开源软件的日益流行对更多黑客有不必要的吸引力。同时，一个新组织旨在通过更迅速地制作补丁来停止零日攻击。

Details

详情

Linux expert Alan Cox warned attendees of London's LinuxWorld conference last week that hackers were putting a lot of money and effort into cracking Linux and other open source projects. Cox, who works for Red Hat, was especially critical of uninformed media statements about how open source software is more secure and reliable. While some well-known open source projects are e secure, the same doesn't hold true for lesser known projects.

Linux开发人员Alan Cox警告参加上周伦敦Linux世界会议的人员，黑客正投入更多的资金和努力破解Linux和其它开源项目。为红帽子工作的Cox,特别批判了声称开源软件如何更安全理工可靠的不知情媒体。尽管一些众所周知的开源项目确实安全，但对一些不太为人所知的项目则未必如此。

purple endurer注：1、critical of:对…挑剔的

2、 It is universal truth that holds true for the whole world.这是一条放之四海而皆准的普遍真理。

The veteran developer also took a shot at the European Commission's Software Quality Observatory for Open Source Software (SQO-OSS). The newly launched project aims to monitor the quality of open source development. It will release the core code under the BSD license.

这位老练的开发人员也回应了SQO-OSS。这个新启动的项目旨在监视开源发展的质量。它将在BSD许可协议下发行核心代码。

purple endurer注：1、take a shot:开枪，照相，投球;2、European Commission：欧盟委员会3、Software Quality Observatory for Open Source Software（SQO-OSS）该联盟是由研究机构、从事开放源代码项目的机构组成的，它一半的资金来自成员机构，另一半资金则来自欧盟委员会。SQO-OSS的目标之一是提供源代码质量标准，帮助证明开放源代码适合在企业部署。它还将根据自己的检测发布报告，为开放源代码软件打分.

Several observers say that SQO-OSS, which boasts a 2.47 million Euro budget, focuses on the wrong metrics of quality and security, particularly by counting all bugs as equal. The overall goal of SQO-OSS is to improve the acceptance and competitiveness of EU software development projects by demonstrating their security. For a list of the project's goals, check out this fact sheet.

若干观察家说号称247万欧元预算的SQO-OSS，把注意力集中在错误的质量和安全标准上，特别是不分大小地计算所有的bug。SQO-OSS的总目标是通过展示安全性来增强欧盟软件开发项目的认同和竞争能力。按项目目标列表检验情况。

purple endurer注：1、check out:离开(登记,检验,合格,计算总价并收钱,开支票付款,死);2、fact sheet:情况说明书．

Less than zero?