Top lawmaker asks White House to address open-source software risks
4 months ago
- #open-source software
- #national security
- #cybersecurity
- Senate Intelligence Committee Chair Tom Cotton raises concerns about U.S. dependence on open-source software (OSS) and its cybersecurity risks.
- Cotton cites incidents like the XZ Utils crisis and Chinese contributions to OSS as examples of vulnerabilities.
- He urges the National Cyber Director to monitor foreign influence and track contributions from adversary nations.
- The Office of the National Cyber Director (ONCD) is developing a new national cyber strategy, but OSS's role is unclear.
- U.S. policymakers have long worried about OSS maintenance, often handled by overworked volunteers.
- The Biden administration previously pledged $11 million for OSS security, but ONCD's current stance is uncertain.
- Private-sector pressure may influence government investment in OSS security.