- POSSE project
The Portable Open Source Security Elements, or POSSE project, was a co-operative venture between the
University of Pennsylvania Distributed Systems Laboratory, theOpenBSD project and others. It received funding through a grant from theUnited States Defense Advanced Research Projects Agency , or DARPA. The project's goal was to increase the security of someopen source projects, including Apache andOpenSSL . The project ran from2001 until April2003 , when the grant from DARPA was prematurely terminated.This was a security initiative directed by the University of Pennsylvania Distributed Systems Laboratory and paid for through the Composable High Assurance Trusted Systems programme. POSSE was a US$2,125,000 grant designed "to introduce advanced security features used in special-purpose government computers into standard office PCs." The United States government hoped to benefit from the availability of better security features in affordable, standardized computers and software. OpenBSD was selected as "the computing world’s most secure forum for the development of open-source software" and approximately $1,000,000 was allotted to its development. In addition, by applying the security auditing concepts used in OpenBSD to other projects like OpenSSL, POSSE helped to increase the overall security of free and open source software.
In April
2003 , speaking in an interview to a Canadian newspaper, theGlobe and Mail , the founder and leader of the OpenBSD andOpenSSH projects,Theo de Raadt remarked on the occupation of Iraq: "I try to convince myself that our grant means a half of acruise missile doesn't get built." Jonathan Smith, the head of the POSSE project, stated that US military officials had expressed discomfort with this comment. DARPA's funding for the project was subsequently terminated. It was theorised that the US government disapproved of these comments and that they led to the decision to cancel the grant [http://lwn.net/Articles/29937/] . The government, however, explained it as being "due to world events and the evolving threat posed by increasingly capable nation-states." This may be related to the fact that many of the beneficiaries of the grant were developers in foreign nations, such as theUnited Kingdom .Colleagues in the POSSE project included Jonathan M. Smith of the University of Pennsylvania; Theo de Raadt, project founder and leader of
OpenBSD ; Michael B. Greenwald, assistant professor of Computer and Information Science at the University of Pennsylvania; Sotiris Ioannidis and Stefan Miltchev, graduate students at the Distributed Systems Lab of the Computer and Information Science department at the University of Pennsylvania;Ben Laurie , a former mathematician at Cambridge University and technical director of AL Digital Ltd, a director of theApache Software Foundation and core team member of theOpenSSL Group; and Angelos Keromytis, at the time an assistant professor of computer science atColumbia University and an OpenBSD core developer.External links
* [http://www.cis.upenn.edu/~dsl/POSSE/ The POSSE Project homepage]
* [http://web.archive.org/*/www.cis.upenn.edu/~dsl/POSSE/ The POSSE Project homepage] , archived
* [http://news.com.com/2100-1016-997393.html News article describing the termination of the grant funding POSSE development (April 17, 2003)]
* [http://www.workers.org/ww/2003/darpa0501.php Worker's World, May 1, 2003: Pentagon punishes software developer for anti-war comments]
Wikimedia Foundation. 2010.