Article
Was the 2006 Debian SSL Debacle a System Accident?
Proceedings of the IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS) (2013, Berlin, Germany)
Abstract
In this paper we examine in detail the Debian OpenSSL Debacle from the perspectives of a system accident, a concept derived from the work of Charles Perrow [1]. This event left users of Debian and its derivatives with seriously compromised cryptographic capabilities. We identify some common failings that might be problematic in other software development projects and offers some suggestions to help develop code more securely.
Meeting Name
IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems, IDAACS 2013 (2013: Sep. 12-14, Berlin, Germany)
Department(s)
Computer Science
Keywords and Phrases
- Debian,
- Open SSL,
- Security breaches,
- Software development projects,
- SSL,
- System accidents,
- Cryptography,
- Data acquisition,
- Software engineering,
- Accidents
International Standard Book Number (ISBN)
978-1479914265
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2013 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.
Publication Date
9-1-2013
Publication Date
01 Sep 2013
Disciplines
Citation Information
George Markowsky. "Was the 2006 Debian SSL Debacle a System Accident?" Proceedings of the IEEE 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems (IDAACS) (2013, Berlin, Germany) Vol. 2 (2013) p. 624 - 629 Available at: http://works.bepress.com/george-markowsky/17/