id	author	title	date	pages	extension	mime	words	sentences	flesch	summary	cache	txt
security-googleblog-com-3840		Google Online Security Blog: Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source			.html	application/xhtml+xml	3870	400	67	Google Online Security Blog: Know, Prevent, Fix: A framework for shifting the discussion around vulnerabilities in open source The security of open source software has rightfully garnered the industry's attention, but solutions require consensus about the challenges and cooperation in the execution. Solutions come faster when the problem is well-framed; we propose a framework ("Know, Prevent, Fix") for how the industry can think about vulnerabilities in open source and concrete areas to address first, including: Increased transparency and review for critical software: For software that is critical to security, we need to agree on development processes that ensure sufficient review, avoid unilateral changes, and transparently lead to well-defined, verifiable official versions. The following framework and goals are proposed with the intention of sparking industry-wide discussion and progress on the security of open source software. Improving the development processes for critical software is related to vulnerability prevention, but deserves its own discussion further down in our post.	./cache/security-googleblog-com-3840.html	./txt/security-googleblog-com-3840.txt