In computer business news, despite the great reputation open source has developed, new findings from Fortify Software have proven that even open source is susceptible to security breaches.  A new type of Trojan was recently discovered called “build-process injection” that lets hackers put in malicious code into programs while they are being designed.

According to computer business experts, with this Trojan, hackers can replace source code waiting to be entered into the program with different versions, so the virus can start compromising the program before it even goes to testing.

As an example, the software might depend on external parts from the open source server.  Those looking to attack the program could target the server or the DNS and send it to a malicious server.  Of course, the actual software could also be damaged.  And if the software still manages to make it through the test phase, the malware could attack during the production phase.     

Computer business experts at Fortify have compiled a paper that details the new open source Trojan and is releasing it to developers to help them find the threat.  This new rule pack offers support for CWE, the emerging standard that shows common languages that can be used to find problems.    

For more information on this computer business story, including weigh-ins from open source programmers and others affected by this Trojan, please visit the attached link.

Added By:  Computer Consulting Kit