Google called on the US government to take a more proactive role in identifying and protecting open source projects that are critical to Internet security. In a statement released by the company following Thursday’s White House summit, Kent Walker, president of global affairs and chief legal officer at Google and Alphabet, said the country needs a public-private partnership that will properly fund and employ the open core. Source projects.
“For far too long,” he said, “the software community has been comfortable in assuming that open source software is generally secure because of its transparency and the assumption that ‘many eyes’ have been watching to discover and solve problems.” “But in reality, while some projects have a lot of eyes on them, others have little or none at all.”
According to Walker, the partnership will consider the impact and importance of the project to determine how important it is to the broader ecosystem. Looking ahead, he says the industry needs new ways to identify software that may pose a systemic risk to Internet security.
There is also a need for more public and private funding, Walker said, noting that Google is ready to contribute to an organization that brings together volunteers from companies like itself with critical projects that need the most support. “Open source software is the connective tissue of much of the internet world – it deserves the same focus and funding we give our roads and bridges,” he said.
The importance of open source software has been the subject of much discussion after the discovery of the Log4Shell vulnerability. Log4j is one of the most popular and most used logging libraries, with services like Steam and iCloud based on it. The security researcher, who helped stop the spread of WannaCry, described the vulnerability as “very bad” because it left millions of apps vulnerable to attack.
All products recommended by Engadget are handpicked by our editorial team, independently of the parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.