xine colleague James Courtier-Dutton informs of a curious story via the xine-devel mailing list: Homeland Security helps secure open-source code. It seems that the U.S. Department of Homeland Security wants to run code audits on a number of increasingly-used multimedia applications. On the TODO list are xine and MPlayer.
It’s weird to think the government is commissioning to improve code I helped write. But multimedia players are certainly not exempt from security bugs– one of my more humbling experiences was when a code audit made be students of D.J. Bernstein’s security class found a careless buffer overflow condition in one of xine demuxer modules.