Affiliate Disclosure

If you buy through our links, we may get a commission. Read our ethics policy.

Apple, Amazon, IBM to discuss open software security at White House

Executives from technology firms including Apple are to attend a White House cybersecurity meeting on Thursday, following multiple attacks on the US that exploited open-source software.

Thursday January 13's meeting has been prompted specifically by the discovery of a vulnerability in the open-source Log4j software, which is used internationally for logging of data in applications. White House National Security Advisor Jake Sullivan wrote to Big Tech CEOs in December, saying such open-source software is a "key national security concern."

The meeting with deputy national security advisor Anne Neueberger will discuss how the security of open-source software can be improved, according to a report by Reuters on Thursday morning. Alongside Apple, Amazon, and IBM, it is expected to include executives from Microsoft, Meta, Oracle, and agencies such as the Department of Defense.

This discussion also comes after incidents including the 2021 SolarWinds hack which accessed government emails and phones. It also follows the breach of the US Treasury Department in 2020.

It's not clear who will be participating in the meeting as representatives from the companies. The meeting is also expected to be virtual.

Follow AppleInsider on Google News

7 Comments

crowley

said about 2 years ago

It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software. Especially when no representatives from organisations with greater stature in the open source community are mentioned. No one from Apache or Red Hat?

Stabitha_Christie

said about 2 years ago

crowley said:

It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software. Especially when no representatives from organisations with greater stature in the open source community are mentioned. No one from Apache or Red Hat?

IBM owns Red Hat so they are included.

crowley

said about 2 years ago

Stabitha_Christie said:

crowley said:

It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software. Especially when no representatives from organisations with greater stature in the open source community are mentioned. No one from Apache or Red Hat?

IBM owns Red Hat so they are included.

Good point! Forgot about that :s

rob53

said about 2 years ago

crowley said:

Stabitha_Christie said:

crowley said:

It seems a bit suspect to invite vendors with major vested interests in their own proprietary software to an event to discuss improvements to open source software. Especially when no representatives from organisations with greater stature in the open source community are mentioned. No one from Apache or Red Hat?

IBM owns Red Hat so they are included.

Good point! Forgot about that :s

And we trust IBM for what reason?

Software security has been an ongoing activity for decades. Securing open source software generally has been a group effort performed by programmers who actually care about security instead of making money selling PPI and advertising. Inviting many of the listed companies is a joke because they really don’t care about securing anything. DoD is there because every US government agency ends up using security configurations they (slowly) develop. US government computer users gave up trying to stop malware years ago, they (we) simply worked on mitigating the issues after they happened. It’s like the fire department. Wait for a fire and be ready to put it out quickly because there’s no way to stop every fire before it happens. There will always be people writing software that attacks computer systems just like there will always be people who break the law. Neither will ever be completely stopped.

larryjw

said about 2 years ago

Linux is open source and is ubiquitous. What about the Apache server. Everyone uses it.

Java is open source. Oracle now owns it but also supports the open source version.

There isn’t much of anything that doesn’t contain or use open source software somewhere in its stack.

Who is missing from this list? I’d guess likely FSF and Apache representatives and academics and professionals that the ACM and IEEE might send. And heavy weights like Linus Torvalds and Tim Berners Lee.

NASEM (National Academy of Science, Engineering, and Medicine) have often produce excellent policy and product in short time, I’d like to see something from them. However, this organization seems to be a creature of Congress, though established by Abraham Lincoln.

in general, I wouldn’t expect anything to come out of this meeting directly. Maybe they’ll learn how ubiquitous and foundational open source is.

Read More on our Forums

Sponsored Content

article thumbnail

Clean junk files from your Mac with Intego Washing Machine X9

Top Stories

article thumbnail

Apple's iOS 18 AI will be on-device preserving privacy, and not server-side

article thumbnail

Drama about emulators on the App Store has only just begun

article thumbnail

When to expect every Mac to get the AI-based M4 processor

article thumbnail

Apple uses a unique method to stream and present immersive video

article thumbnail

The best game controllers for iPhone, iPad, Mac, and Apple TV

article thumbnail

Deals: get a free $40 gift card with a Costco membership