Open-source software was one of the main agendas of a recent meeting at the White House, wherein the potential national security risks it poses were discussed in light of the recent Log4j attacks. 

Log4j Security Vulnerability Could Shut Down Internet? Experts Claim It's a Big Concern
(Photo : Photo credit should read JONATHAN NACKSTRAND/AFP via Getty Images)
Joel Kjellgren, Data Center Manager walks in one of the server rooms at the new Facebook Data Center, its first outside the US on November 7, 2013 in Lulea, in Swedish Lapland. The company began construction on the facility in October 2011 and went live on June 12, 2013 and are 100% run on hydro power.

The meeting involved executives from several Big Tech establishments like Facebook, Microsoft, Google, Amazon, and Apple, among others, meeting with several officials of the Biden administration, according to Gizmodo

Open-source programs and the code they have (which can be used or edited by anybody) is now being deliberated on regarding its apparent lack of official oversight. This links back to the recent Log4j attacks, which saw multiple companies beef up their cybersecurity measures to protect against hackers who might be using the website logging framework. 

For the uninitiated, Log4j is classified as open-source. Big Tech basically advised the White House that this kind of software should now be under close watch, as it could pose a potential threat to national security. 

Kent Walker, who serves as the President of Global Affairs and Chief Legal Officer of Google, stated that open-source programs are no longer that secure, which is a direct opposite of how the public has viewed it over the years. 

Originally, open-source code was seen as secure because it is transparent, with "many eyes" watching it to detect, analyze, and solve any problems. But Walker argues that while some projects are indeed closely monitored, others barely have anyone or anything overseeing them. 

Developer Gets Suspended After Intentionally Sabotaging GitHub and Other Open-Source Libraries
(Photo : Pankaj Patel from Unsplash)
Developer Gets Suspended After Intentionally Sabotaging GitHub and Other Open-Source Libraries

National security advisor Jake Sullivan agrees. He described open-source security as a critical national security issue, in a report by The Verge detailing the meeting between the White House and Big Tech. 

This news comes after the Biden administration called for the improvement of the United States' cybersecurity infrastructure back in August of last year. In the meeting, Google and Microsoft pledged a massive $30 billion in funding to help in the efforts. 

Read Also: Cyber Security Trends around Ransomware and Cyber Insurance in 2022

Is Open-Source Software Really THAT Dangerous? 

In the wrong yet capable hands, open-source programs can do far more damage than you think. This is actually why numerous developers of these programs have clamored for official regulation for years. 

There are multiple risks posed by this kind of software, according to Infocyte. First and foremost is the overall transparency of the code. Almost everything about these programs is public knowledge-even their security vulnerabilities. 

M1 MacBooks Compatible with Linux | Open-Sourced Endless Capabilities
(Photo : Image from Sai Kiran Anagani on Unsplash)
M1 MacBooks Compatible with Linux | Open-Sourced Endless Capabilities

Anybody with ill intent (and the programming skills to boot) could easily look up the software, exploit these vulnerabilities, and do almost anything they want. They can even choose to breach digital infrastructure that run critical sectors such as healthcare, finance, and even national defense. 

This is already evident in recent news. A developer named Marak Squires was recently suspended after he allegedly corrupted GitHub and Npm open-source libraries. Squires, who is a relative nobody, basically proved that almost anyone out there can tamper with the software and cause widespread digital havoc. 

For more updates on this topic, just check back here at Tech Times. 

Related Article: Log4j Flaw Now Being Used to Exploit New NightSky Ransomware on VMware Horizon Platform

This article is owned by Tech Times 

Written by RJ Pierce 

ⓒ 2021 All rights reserved. Do not reproduce without permission.