The Portable Open Source Security Elements (POSSE) project was a co-operative venture between the

University of Pennsylvania The University of Pennsylvania (also known as Penn or UPenn) is a private research university in Philadelphia. It is the fourth-oldest institution of higher education in the United States and is ranked among the highest-regarded universitie ...

Distributed Systems Laboratory, the

OpenBSD OpenBSD is a security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by forking NetBSD 1.0. According to the website, the OpenBSD project em ...

project and others. It received funding through a grant from the

United States The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...

Defense Advanced Research Projects Agency The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military. Originally known as the Adv ...

(DARPA). The project's goal was to increase the security of some

open source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use the source code, design documents, or content of the product. The open-source model is a decentralized sof ...

projects, including

Apache The Apache () are a group of culturally related Native American tribes in the Southwestern United States, which include the Chiricahua, Jicarilla, Lipan, Mescalero, Mimbreño, Ndendahe (Bedonkohe or Mogollon and Nednhi or Carrizaleño an ...

and

OpenSSL OpenSSL is a software library for applications that provide secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used by Internet servers, including the majority of HTT ...

. The project ran from 2001 to April 2003, when the grant from DARPA was prematurely terminated.

Overview

This was a security initiative directed by the University of Pennsylvania Distributed Systems Laboratory and paid for through the Composable High Assurance Trusted Systems programme. POSSE was a US$2,125,000 grant "to introduce advanced security features used in special-purpose government computers into standard office PCs." The United States government hoped to benefit from the availability of better security features in affordable, standardized computers and software. OpenBSD was selected as "the computing world’s most secure forum for the development of open-source software" and approximately US$1,000,000 was allotted to its development. Colleagues in the POSSE project included

Theo de Raadt Theo de Raadt (; ; born May 19, 1968) is a South African-born software engineer who lives in Calgary, Alberta, Canada. He is the founder and leader of the OpenBSD and OpenSSH projects and was also a founding member of NetBSD. In 2004, De Raadt wo ...

, the founder and leader of the

Project,

Ben Laurie Ben Laurie is an English software engineer. He is currently the Director of Security at The Bunker Secure Hosting. Laurie wrote Apache-SSL, the basis of most SSL-enabled versions of the Apache HTTP Server. He developed the MUD ''Gods'', which was ...

of the

Apache Software Foundation The Apache Software Foundation (ASF) is an American nonprofit corporation (classified as a 501(c)(3) organization in the United States) to support a number of open source software projects. The ASF was formed from a group of developers of the A ...

and

Group, and numerous faculty and graduate students from the

. In April 2003, speaking in an interview to the Canadian newspaper ''

The Globe and Mail ''The Globe and Mail'' is a Canadian newspaper printed in five cities in western and central Canada. With a weekly readership of approximately 2 million in 2015, it is Canada's most widely read newspaper on weekdays and Saturdays, although it ...

'', Theo de Raadt remarked on the

occupation of Iraq Occupation of Iraq or Iraq occupation may refer to: * Occupation of Iraq (2003–2011) (occupation by American, British and Italian forces) * Mandatory Iraq (Iraq under British Administration, 1921–1932) * Northern Iraq offensive (June 2014) ...

: "I try to convince myself that our grant means a half of a

cruise missile A cruise missile is a guided missile used against terrestrial or naval targets that remains in the atmosphere and flies the major portion of its flight path at approximately constant speed. Cruise missiles are designed to deliver a large warhe ...

doesn't get built." Jonathan Smith, the head of the POSSE project, stated that US military officials had expressed discomfort with this comment. DARPA's funding for the project was subsequently terminated. It was theorized that the US government disapproved of de Raadt's comments and that they led to the decision to cancel the grant. However, DARPA spokeswoman Jan Walker explained it was triggered by "recent world events and specifically the evolving threat posed by increasingly capable nation-states."

References

{{Reflist

External links

The POSSE Project homepage

CNET, 17 April 2003: Defense agency pulls OpenBSD funding

LWN.net, 23 April 2003: DARPA Cancels OpenBSD Funding

Worker's World, 1 May 2003: Pentagon punishes software developer for anti-war comments
DARPA OpenBSD