Top Tech Firms and U.S. to Meet on Open-Source Software Security

(Bloomberg) — Some of the world’s largest technology firms are meeting at the White House on Thursday in an effort to improve open-source software security, U.S. officials said.

Companies such as Amazon Inc., Apple Inc., Meta Platforms Inc. and Google Inc. will join senior leaders from a wide swath of federal agencies, including the Pentagon, the National Science Foundation, the Commerce Department and the Department of Homeland Security.

The gathering comes weeks after the discovery of a flaw in widely used Log4j software, which threatened untold millions of computer systems around the globe by making them vulnerable to hackers. The flaw also laid bare the reliance on open-source software and the bands of volunteers who often maintain it. 

Other firms expected to join the session include Microsoft Corp., International Business Machines Corp. and Oracle Corp., officials said. National Security Adviser Jake Sullivan invited the companies last month in an effort to improve upon open-source security. 

Log4j helps monitor (or “log”) anything from mundane operations to critical alerts in untold pieces of software globally. It’s maintained by a handful of unpaid programmers as part of the nonprofit Apache Software Foundation, and is one of dozens of open-source projects that have become a crucial component of global commerce. 

Left unfixed, the flaw could allow a hacker to remotely overtake a computer.

More stories like this are available on bloomberg.com

©2022 Bloomberg L.P.

Close Bitnami banner
Bitnami