Google has called on the US government to play a more proactive role in identifying and protecting open source projects critical to internet security. In one the company released following the White House summit on Thursday, Kent Walker, president of global affairs and general counsel for Google and Alphabet, said the country needs a public-private partnership that will work to fund and endow properly the most essential open source software. projects.
“For too long, the software community has taken comfort in assuming that open source software is generally safe because of its transparency and in assuming that ‘many eyes’ are watching to detect and fix problems,” he said. he declares. “But in fact, while some projects have a lot of eyes on them, others have few or none at all.”
According to Walker, the partnership would examine the influence and significance of a project to determine its importance to the wider ecosystem. Looking to the future, he says the industry needs new ways to identify software that may ultimately pose a systemic risk to Internet security.
Walker said there was also a greater need for public and private funding, noting that Google is ready to contribute to an organization that matches volunteers from companies like her with critical projects that need support the most. “Open source software is a connective tissue for much of the online world – it deserves the same attention and funding that we give to our roads and bridges,” he said.
The importance of open source software has been the subject of much discussion following the discovery of the Log4Shell vulnerability. Log4j is one of the most popular and widely used logging libraries, with services like Steam and iCloud running. A security researcher, who helped stop the spread of WannaCry, called the vulnerability “extremely bad” because it left millions of apps open to attack.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through any of these links, we may earn an affiliate commission.