Apple, Amazon, IBM to discuss open software security at White House
Executives from technology firms including Apple are to attend a White House cybersecurity meeting on Thursday, following multiple attacks on the US that exploited open-source software.
Thursday January 13's meeting has been prompted specifically by the discovery of a vulnerability in the open-source Log4j software, which is used internationally for logging of data in applications. White House National Security Advisor Jake Sullivan wrote to Big Tech CEOs in December, saying such open-source software is a "key national security concern."
The meeting with deputy national security advisor Anne Neueberger will discuss how the security of open-source software can be improved, according to a report by Reuters on Thursday morning. Alongside Apple, Amazon, and IBM, it is expected to include executives from Microsoft, Meta, Oracle, and agencies such as the Department of Defense.
This discussion also comes after incidents including the 2021 SolarWinds hack which accessed government emails and phones. It also follows the breach of the US Treasury Department in 2020.
It's not clear who will be participating in the meeting as representatives from the companies. The meeting is also expected to be virtual.
Read on AppleInsider
Thursday January 13's meeting has been prompted specifically by the discovery of a vulnerability in the open-source Log4j software, which is used internationally for logging of data in applications. White House National Security Advisor Jake Sullivan wrote to Big Tech CEOs in December, saying such open-source software is a "key national security concern."
The meeting with deputy national security advisor Anne Neueberger will discuss how the security of open-source software can be improved, according to a report by Reuters on Thursday morning. Alongside Apple, Amazon, and IBM, it is expected to include executives from Microsoft, Meta, Oracle, and agencies such as the Department of Defense.
This discussion also comes after incidents including the 2021 SolarWinds hack which accessed government emails and phones. It also follows the breach of the US Treasury Department in 2020.
It's not clear who will be participating in the meeting as representatives from the companies. The meeting is also expected to be virtual.
Read on AppleInsider
Comments
Software security has been an ongoing activity for decades. Securing open source software generally has been a group effort performed by programmers who actually care about security instead of making money selling PPI and advertising. Inviting many of the listed companies is a joke because they really don’t care about securing anything. DoD is there because every US government agency ends up using security configurations they (slowly) develop. US government computer users gave up trying to stop malware years ago, they (we) simply worked on mitigating the issues after they happened. It’s like the fire department. Wait for a fire and be ready to put it out quickly because there’s no way to stop every fire before it happens. There will always be people writing software that attacks computer systems just like there will always be people who break the law. Neither will ever be completely stopped.
in general, I wouldn’t expect anything to come out of this meeting directly. Maybe they’ll learn how ubiquitous and foundational open source is.