Google Wants To Secure Open Source Software Together With The US Government

Abdul Ghani

Google has long been looking for ways to better secure open-source software. After the Log4J gap, governments are now also coming into play.

https://img.particlenews.com/image.php?url=3pQXPM_0dltCTf900
US Government (Open Source Security)Karolina Grabowska From Pexels

In a rather unusual step, the IT group Google is calling on the US government to take a more active role in securing open-source software. Kent Walker, President of Global Affairs and Chief Legal Officer at Google and Alphabet, writes on the company's blog. This was apparently preceded by a kind of security conference with the US government in the White House in response to the serious Log4J gap that was discovered at the end of last year.

Walker writes: "For too long, the software community has consoled itself with the assumption that open source software is generally safe because of its transparency, and with the assumption that 'many eyes' are looking to identify problems and to see them solve. But while some projects have many eyes on them, others have few or none." Log4J has now shown that the code is used in countless projects around the world, but is only maintained by a few developers in their spare time.

This finding is unlikely to be new to Google. After all, the company has been working on various initiatives to better secure the open-source ecosystem for some time. For example, the group is a founding member of the Open Source Security Foundation (OpenSSF), which strives for a uniform and above all coordinated security practice. As part of this work, Google has already identified critical open source projects.

Marketplace For Care

This is exactly the direction in which Google wants to work with governments at best. "We need a public-private partnership to compile a list of critical open source projects - with criticality determined based on the impact and importance of a project - to help prioritize and allocate resources for key security assessments and -Improvements to help."

The group already has clear plans on how to ultimately deal with these findings. Referring to the White House meeting, it said, "We proposed creating an organization to serve as a marketplace for open source maintenance, bringing together corporate volunteers with the critical projects that need support most. Google is ready To add resources to this effort. "

Comments / 2

Published by

Member Of Freelancers Union (USA), Freelance Writer!, and Digital Creator. Ghani Mengal is an enthusiast Freelance blogger and digital marketer. His content has been published and featured on many popular blogs, websites, and publications. Including TeelFeed, LifeHack.org, Data-Driven Investor, TextSniper, Scientific Publication The Predict, The Startup, The Ascent, Heart Affairs, Illumination, And The List goes on.

N/A
1222 followers

More from Abdul Ghani

Comments / 0