Forwarded from: William Knowles <wkat_private> http://news.com.com/2100-1016-997393.html By Robert Lemos Staff Writer, CNET News.com April 17, 2003 The unused portion of a grant from the Defense Advanced Research Projects Agency to fund development of the open-source operating system OpenBSD has been pulled for unspecified reasons. The project's leader, Theo de Raadt, said Thursday he was informed by email that the remaining portion of the $2.3 million grant has been pulled. An email from a professor who is managing the grant did not provide a reason, but de Raadt said he believes the cancellation was prompted by concerns about the money going to too many foreign developers and antiwar statements that de Raadt made to reporters. "They decided that they didn't want (our project) anymore," de Raadt said Thursday, less than hour after he received notification. "This is it. It's over." DARPA, the arm of the U.S. Department of Defense that funds research and development and is best known for funding the project that later became the Internet, awarded the grant in 2001 as part of its Composable High-Assurance Trusted Systems (CHATS) projects, said de Raadt. About $1 million had been allotted to add new security features to OpenBSD, an open-source OS that many consider to be the most secure free implementation of a Unix-like system. The project had finished most of the work in the first three months of the grant and had been recently using the money to fund more security enhancements to the software, de Raadt said at a recent security conference. A University of Pennsylvania computer science professor, Jonathan Smith, had originally applied for the grant under the title, "Portable Open-Source Security Enhancements," or POSSE. About $500,000 of the money went to several U.K. researchers to do a vulnerability analysis on OpenSSL, a widely used program for encrypting communications, especially to and from Web sites. A handful of flaws were found, de Raadt said. Smith refused to comment on the funding, citing the sensitivity of the issue. An email to the POSSE project’s DARPA representative wasn't answered. Earlier this week, de Raadt said he was told that officials from DARPA were concerned about statements appearing in press reports that indicated most of the grant was being funneled to foreign researchers, an apparent no-no for government-funded projects. Moreover, de Raadt believed that the U.S. government took exception to comments he made indicating that the money spent on his project meant that fewer cruise missiles were being built. "In the U.S., today, free speech is just a myth," de Raadt said. He estimated that about 85 percent of the money has already been spent and that the remaining portion would have continued the project for another six months. "The only money that I got was my salary," he said. With nearly 60 OpenBSD hackers traveling to Canada to take part in a hackathon--a week's worth of solid programming sessions--the project now finds itself about $30,000 short of the money it needs to house the attendees. "We are left in the lurch very seriously...and will need to struggle to keep our conference facilities in some way," de Raadt said. The project will ship version 3.3 of the OpenBSD system on Friday. An acknowledgment of the role that DARPA played, which was to appear on the back of the box, will instead be covered by a sticker, he said. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Fri Apr 18 2003 - 08:00:08 PDT