Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple, Amazon, IBM to discuss open software security at White House

William Gallagher |

Last updated

Executives from technology firms including Apple are to attend a White House cybersecurity meeting on Thursday, following multiple attacks on the US that exploited open-source software.

Thursday January 13's meeting has been prompted specifically by the discovery of a vulnerability in the open-source Log4j software, which is used internationally for logging of data in applications. White House National Security Advisor Jake Sullivan wrote to Big Tech CEOs in December, saying such open-source software is a "key national security concern."

The meeting with deputy national security advisor Anne Neueberger will discuss how the security of open-source software can be improved, according to a report by Reuters on Thursday morning. Alongside Apple, Amazon, and IBM, it is expected to include executives from Microsoft, Meta, Oracle, and agencies such as the Department of Defense.

This discussion also comes after incidents including the 2021 SolarWinds hack which accessed government emails and phones. It also follows the breach of the US Treasury Department in 2020.

It's not clear who will be participating in the meeting as representatives from the companies. The meeting is also expected to be virtual.

7 Comments

🎄
crowley 15 Years · 10431 comments
About

It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software.  Especially when no representatives from organisations with greater stature in the open source community are mentioned.  No one from Apache or Red Hat?

🌟
Stabitha_Christie 3 Years · 582 comments
About

crowley said:
It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software.  Especially when no representatives from organisations with greater stature in the open source community are mentioned.  No one from Apache or Red Hat?

IBM owns Red Hat so they are included. 

❄️
crowley 15 Years · 10431 comments
About

Stabitha_Christie said:
crowley said:
It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software.  Especially when no representatives from organisations with greater stature in the open source community are mentioned.  No one from Apache or Red Hat?
IBM owns Red Hat so they are included. 

Good point!  Forgot about that  :s

🌟
rob53 13 Years · 3316 comments
About

crowley said:
Stabitha_Christie said:
crowley said:
It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software.  Especially when no representatives from organisations with greater stature in the open source community are mentioned.  No one from Apache or Red Hat?
IBM owns Red Hat so they are included. 
Good point!  Forgot about that  :s

And we trust IBM for what reason?

Software security has been an ongoing activity for decades. Securing open source software generally has been a group effort performed by programmers who actually care about security instead of making money selling PPI and advertising. Inviting many of the listed companies is a joke because they really don’t care about securing anything. DoD is there because every US government agency ends up using security configurations they (slowly) develop. US government computer users gave up trying to stop malware years ago, they (we) simply worked on mitigating the issues after they happened. It’s like the fire department. Wait for a fire and be ready to put it out quickly because there’s no way to stop every fire before it happens. There will always be people writing software that attacks computer systems just like there will always be people who break the law. Neither will ever be completely stopped. 

🌟
larryjw 9 Years · 1036 comments
About

Linux is open source and is ubiquitous. What about the Apache server. Everyone uses it. 

Java is open source. Oracle now owns it but also supports the open source version. 

There isn’t much of anything that doesn’t contain or use open source software somewhere in its stack. 

Who is missing from this list? I’d guess likely FSF and Apache representatives and academics and professionals that the ACM and IEEE might send. And heavy weights like Linus Torvalds and Tim Berners Lee. 

NASEM (National Academy of Science, Engineering, and Medicine) have often produce excellent policy and product in short time, I’d like to see something from them. However, this organization seems to be a creature of Congress, though established by Abraham Lincoln.

in general, I wouldn’t expect anything to come out of this meeting directly. Maybe they’ll learn how ubiquitous and foundational open source is. 

Read More on our Forums ->
 

Sponsored Content

article thumbnail

Is Incogni legit? Find out how to protect your privacy online and avoid scams

Top Stories

article thumbnail

Ending Google search partnership would hamstring Apple, says Eddy Cue

article thumbnail

Apple's updated M4 MacBook Air could arrive sooner than expected

article thumbnail

The dream of an all-glass iPhone will have to wait a bit longer

article thumbnail

iPhone 18 Pro expected to have a variable aperture camera system

article thumbnail

Holiday 2024 MacBook Buyer's Guide — Which Mac laptop you should buy?

article thumbnail

Score a 15-inch MacBook Air for $1,099 in year-end price war