POSSE project

The Portable Open Source Security Elements (POSSE) project was a co-operative venture between the University of Pennsylvania Distributed Systems Laboratory, the OpenBSD project and others. It received funding through a grant from the United States Defense Advanced Research Projects Agency (DARPA). The project's goal was to increase the security of some open source projects, including Apache and OpenSSL. The project ran from 2001 to April 2003, when the grant from DARPA was prematurely terminated.

Overview

This was a security initiative directed by the University of Pennsylvania Distributed Systems Laboratory and paid for through the Composable High Assurance Trusted Systems programme. POSSE was a US$2,125,000 grant "to introduce advanced security features used in special-purpose government computers into standard office PCs."[1] The United States government hoped to benefit from the availability of better security features in affordable, standardized computers and software. OpenBSD was selected as "the computing world’s most secure forum for the development of open-source software" and approximately US$1,000,000 was allotted to its development.

Colleagues in the POSSE project included Theo de Raadt, the founder and leader of the OpenBSD Project, Ben Laurie of the Apache Software Foundation and OpenSSL Group, and numerous faculty and graduate students from the University of Pennsylvania.[1]

In April 2003, speaking in an interview to the Canadian newspaper The Globe and Mail, Theo de Raadt remarked on the occupation of Iraq: "I try to convince myself that our grant means a half of a cruise missile doesn't get built."[2] Jonathan Smith, the head of the POSSE project, stated that US military officials had expressed discomfort with this comment. DARPA's funding for the project was subsequently terminated. It was theorized that the US government disapproved of de Raadt's comments and that they led to the decision to cancel the grant. However, DARPA spokeswoman Jan Walker claimed that it was triggered by "recent world events and specifically the evolving threat posed by increasingly capable nation-states."[2]

References

  1. ^ a b "$2.1 Million: Integrate Security Features into Computers". University of Pennsylvania Almanac. Retrieved 26 May 2016.
  2. ^ a b Lee, Jennifer (24 April 2003). "Canadian Programmer Says U.S. Cut Funding After Comments". New York Times. Retrieved 25 May 2016.