Advertisement
Australia markets close in 4 hours 50 minutes

  • ALL ORDS

    7,839.00
    +7.10 (+0.09%)
     

  • ASX 200

    7,575.30
    +5.40 (+0.07%)
     

  • AUD/USD

    0.6528
    +0.0001 (+0.01%)
     

  • OIL

    79.26
    +0.26 (+0.33%)
     

  • GOLD

    2,335.50
    +24.50 (+1.06%)
     

  • Bitcoin AUD

    88,246.20
    -3,846.23 (-4.18%)
     

  • CMC Crypto 200

    1,268.84
    -70.22 (-5.24%)
     

  • AUD/EUR

    0.6091
    +0.0008 (+0.12%)
     

  • AUD/NZD

    1.1019
    +0.0019 (+0.17%)
     

  • NZX 50

    11,840.29
    -27.29 (-0.23%)
     

  • NASDAQ

    17,318.55
    -122.14 (-0.70%)
     

  • FTSE

    8,121.24
    -22.89 (-0.28%)
     

  • Dow Jones

    37,903.29
    +87.37 (+0.23%)
     

  • DAX

    17,932.17
    -186.15 (-1.03%)
     

  • Hang Seng

    17,763.03
    0.00 (0.00%)
     

  • NIKKEI 225

    38,121.58
    -152.47 (-0.40%)
     

White House Enlists Software Industry to Improve Open-Source Security

Andrew Martin
·1-min read

(Bloomberg) -- White House officials are asking major software companies and developers to work with them to improve the security of open-source software, according to an administration official.

Most Read from Bloomberg

The invitation follows the disclosure of a vulnerability in popular open-source Apache software that cybersecurity officials have described as one of the most serious in recent memory.

ADVERTISEMENT

In a letter Thursday, National Security Advisor Jake Sullivan invited major players in the software industry to discuss initiatives to improve open-source software security, the official said. Dozens of open-source software projects have become crucial components of global commerce and are mostly maintained by volunteers.

The effort will start with a one-day discussion in January hosted by Anne Neuberger, the deputy national security advisor for cyber and emerging technology, according to the official.

In the letter, Sullivan wrote that open-source software has accelerated the pace of innovation but pointed out that the fact that it is broadly used and maintained by volunteers is a “combination that is a key national security concern, as we are experiencing with the Log4j vulnerability,” the official said.

Log4j is a piece of software that developers can put into applications to log anything from mundane operations to critical alerts. It is maintained by a group of volunteer programmers as part of the nonprofit Apache Software Foundation.

The flaw, which could allow a hacker to remotely take over a computer, was discovered last month by an employee at Alibaba Group Holding’s Ltd. cloud-security team.

Most Read from Bloomberg Businessweek

©2021 Bloomberg L.P.