Google says open source software should be more secure
In conjunction with a White House meeting on Thursday at which technology companies discussed the security of open source software, Google proposed three initiatives to strengthen national cybersecurity.
The meeting was arranged last month by US national security adviser Jake Sullivan, amid the scramble to fix the Log4j vulnerabilities that occupied far too many people over the holidays. Sullivan asked invited firms – a group that included Amazon, Apple, Google, IBM, Microsoft, and Oracle – to share ideas on how the security of open source projects might be improved.
Google chief legal officer Kent Walker in a blog post said that just as the government and industry have worked to shore up shoddy legacy systems and software, the Log4j repair process – still ongoing – has demonstrated that open source software needs the same attention as critical infrastructure.
"For too long, the software community has taken comfort in the assumption that open source software is generally secure due to its transparency and the assumption that 'many eyes' were watching to detect and resolve problems," said Walker. "But in fact, while some projects do have many eyes on them, others have few or none at all."
Leave a Comment
Related Posts
/image%2F6283631%2F20210518%2Fob_919b9b_ubuntu-software-center-in-kali-linux.jpeg)
Recent Posts
Turbocharging Meta Llama 3 Performance with NVIDIA TensorRT-LLM and NVIDIA Triton Inference Server
Comment
PROOF POINTS: Stanford’s Jo Boaler talks about her new book ‘MATH-ish’ and takes on her critics
Comment
Open Source Community Unites to Build CRA-Compliant Cybersecurity Processes - The Apache Software Foundation Blog
Comment
:quality(75)/https%3A%2F%2Fdev.lareviewofbooks.org%2Fwp-content%2Fuploads%2F2024%2F04%2FThe-Blind-Spot.jpeg)
