- by Admin
Google wants to increase government collaboration to secure open-source
Google says that it wants to increase government collaboration to help secure open source after participating in a White House summit.
On Thursday, Google participated in the White House Open Source Software Security Summit with the aim of building on its work with the Administration to strengthen America collective cybersecurity through critical areas like open-source software.
The past year has been particularly bad for open-source security problems, with several even making national headlines. This year has not begun much better.
Open-source is broken
While it was technically uncovered in December, the fallout from the Log4j vulnerability has continued into the new year. A vulnerability with the open source logging library commonly used by apps and services across the internet enables attackers to break into systems, steal passwords and logins, extract data, and infect networks with malicious software.
The Log4j vulnerability appears to have been entirely accidental and has since been patched, although many apps and services are yet to implement it. However, some open-source issues are introduced on purpose.
Just earlier this week, Developer reported on an open-source developer that corrupted two of his popular libraries to indefinitely print gibberish messages to the consoles of users of apps making use of the libraries rendering them useless. Then, of course, there was that whole SolarWinds fiasco last year.
Open-source is key to modern software development. The benefits are numerous: helping to speed up releases, avoid vendor lock-in, lower costs, increase transparency, and many projects have a great community spirit (many also do not, but we will stick to the positives!)
According to Synopsys 2021 Open Source Security and Risk Analysis (OSSRA) report, 98 percent of the audited codebases contained at least one open-source component and 75 percent of all codebases were composed of open-source.
However, 84 percent of codebases were found to have at least one vulnerability; with an average of 158 per codebase. The average vulnerability found was 2.2 years old.
The lack of payment for his work is one reason the aforementioned open-source developer corrupted his own libraries.
Respectfully, I am no longer going to support Fortune 500s (and other smaller sized companies) with my free work, he wrote in a post on his project GitHub. Take this as an opportunity to send me a six-figure yearly contract or fork the project and have someone else work on it.
- GitHub AI-powered Copilot will help you write code for $10 a month
- Xcode Cloud is now available to all developers
- The board of Twitter has agreed to a $44bn takeover offer from the billionaire Elon Musk.
- Netflix just lost subscribers for the first time in over a decade
- Zoom thumbs-up and raise-hand gesture recognition now works in its desktop apps
- Tesla earned over $3 billion in profit in the first quarter
- Apple MagSafe Battery Pack can charge iPhones faster with a new firmware update
- ELON MUSK WANTS TO BUY TWITTER: HERE IS EVERYTHING YOU NEED TO KNOW
- Instagram shuffles hashtag content in a new test that removes its recent tab
- Why Software System Integration Can Be Beneficial for You?
- What is the Hype About Crypto and NFTs?
- Using Web Scraping To Improve Your SEO
- Most Important Mobile App Development Questions to Ask
- Is the Cybersecurity Critical for Business Executives?
- How to Perform User Acceptance Testing (UAT)
- How To Protect Your Company From Hackers in 2022
- Email Marketing Benefits and Challenges for B2B Businesses in 2022
- Google Meet is getting in-meeting emoji reactions and a picture-in-picture mode
- Alexa can now notify you about deals up to a day in advance
- Apple fixes iOS battery drain bug with 15.4.1 update
- Apple newest subscription service is an IT management package for small businesses
- The best deals on true wireless earbuds right now
- THE REAL MAGIC MOUSE IS MADE BY LOGITECH, NOT APPLE
- Data leak from Russian delivery app shows dining habits of the secret police
- Verizon and Meta partner up to unlock the metaverse potential
- The Metaverse Is on the Way: Here's What You Need to Know
- Apple Might Start Leasing iPhones. Here is Why Thats a Good Idea
- Best Credit Cards With No Foreign Transaction Fees for April 2022
- Ex-Apple Employee Charged With Defrauding Tech Giant of $10M
- Stack Overflow enhances Content Health to end outdated knowledge
- Amazon Smart Air Quality Monitor could be a lot smarter
- Facebook is locking out people who did not activate Facebook Protect
- PayPal is making more features freely available to Ukrainians
- Brazilian court orders Apple and Google to block Telegram over disinformation
- Google Android app will finally let you delete the last 15 minutes of your search history
- Google forces YouTube Vanced to shut down due to legal reasons
- You can now install Windows 11 on a Surface Duo
- Google Takeout will get more ways to securely transfer files across different services
- A top Wikipedia editor has been arrested in Belarus
- Instagram is finally letting livestreamers add moderators
- Russia will ban Instagram on March 14th
- This is the latest of several privacy updates Apple's announced for its AirTags item trackers since they were released last year.
- Amazon dropping mask requirement for vaccinated workers at warehouses
- These Browser Privacy Extensions Can Help Protect You
- Netflix Has Suspended All of Its Services in Russia
- A Dead Rocket Just Crashed Into the Moon, and Scientists Are Thrilled
- Several major tech companies expect workers to be back in the office soon.
- The cellular IoT market will exceed $61B by 2026
- Humans struggle to distinguish between real and AI-generated faces
- What is VMware Workspace ONE, and why should you give it a go?
- Google is ditching Material Design components on iOS
- 2021 Stack Overflow Survey: React.js takes the web framework crown, Python is in-demand, and devs still love Rust
- App Store apps can now be published as "unlisted"
- GitHub Mermaid support enables developers to quickly create diagrams
- Google wants to increase government collaboration to secure open-source
- Intel Shows Off the Chip Tech That Will Power Your PC in 2025
- State Officials Warn of Apple AirTag Stalking Danger
- Skype users in the US can now make 911 calls from their computers
- Did you know?
- Is realityOS Apples newest operating system?
- Announcing Flutter for Windows
- Laravel 9 is Now Released!
- 4 most important features coming in ES2022 that you should know about
- How One Apple Programmer Got Apps Talking to Each Other
- Computer Scientists Find a Key Research Algorithm's Limits
- AI Can Write Code Like Humans
- Apple Said to Buy Startup That Makes Music With Artificial Intelligence
- Cryptojacking Solution to Detect Mining Malware on Virtual Machines
- Facebook owner Meta sees biggest ever stock market loss