Remember how we managed to raise €1 million to demonstrate security and freedom aren’t opposites? For the next two weeks now (until July 8, 2016), you can decide which project you think should be the first to receive a code review as part of the FOSSA pilot project.

After the discovery of the “Heartbleed” vulnerabilities in the widely used Free Software cryptography library OpenSSL in 2014, my Swedish Greens/EFA colleague Max Andersson and I proposed a pilot project to get the EU to contribute to the security of Open Source projects. Both European institutions and the European public (companies as well as individuals) rely on Free and Open Source Software (FOSS).

Progress so far

The project started in January 2015 and runs until October this year, when the results of the first code review will be published. So far, according to the info published by the project team within the Commission, the project has created an inventory methodology for software and standards used in the European institutions and compared software development methodologies in the institutions and in FOSS projects.

Your choice

The next big project step is the choice of software project to be reviewed – and the choice is yours! The project team has now published a public poll to choose one out of 18 free software projects or alternatively propose additional ones. Popular projects such as VLC Media Player, KeePass, and Git are among the suggestions. When making your choice, consider the potential impact an undiscovered vulnerability in each project would have.

The poll closes July 8, 2016.

Vote now: Which software should the EU review?

A permanent budget item?

Security audits of free software should become a permanent EU budget item

Tweet this!

Pilot projects (PP) are a way for the Parliament to propose new items for the EU’s budget. Each year, the overall budget for PP s is €40 million. If a (usually two-year) pilot project works out, it can be continued in a so-called preparatory action (PA), with a maximum duration of three years, and then has a chance of being permanently added to the EU budget. The yearly budget for PA s is €50 million. (From the Working Document on Pilot projects and Preparatory actions in budget 2016 and 2017.)

My colleague Max and I will propose to continue the project as a PA in the following years, and subsequently as a general budget item. The Free and Open Source Software Audit is an important contribution to ensure the reliability and security of the IT infrastructure we all rely on.

To the extent possible under law, the creator has waived all copyright and related or neighboring rights to this work.