Google just gave open source a major show of support

Open source software to get full security support from Google

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Googlehas just givenopen source softwarea major boost with the launch of dedicated security and support teams.

The “Open Source Maintenance Crew” will be new team of developers will work on security issues related to open source projects, such as configuring updates.

The announcement came at the White House Open Source Security Summit, where Google joined the Open Source Security Foundation (OpenSSF) and the Linux Foundation to discuss issues surrounding open source security.

Why the move?

Back in December 2021, White House national security adviser Jake Sullivan senta letterto the CEOs of US tech companies after theLog4Shellvulnerability in Apache’s popular open source java logging framework Log4j was identified.

The vulnerability was used to install malware, for cryptomining, to add the devices to the Mirai and Muhstik botnets, to drop Cobalt Strike beacons, to scan for information disclosure, or for lateral movement throughout the affected network according to ablog postbyMicrosoft.

“This problem of securing open-source software is not just about money, for many critical open-source projects it is about the amount of people involved and how much time they can spend on the work,” said Principal Engineer of Open Source Security at Google, Abhishek Arya.

“Even with more funding, we need capacity to direct that money to the right goals. This is a people problem as well as a money problem.”

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

He added: “To meaningfully address this challenge, Google resourced the ‘Open Source Maintenance Crew’ with the idea that an entity such as OpenSSF could administer the group and serve as a matchmaker for critical projects.”

Almost all devs are struggling to switch to open-source>Nvidia launches open source GPU kernel modules for Linux>Thousands of open-source projects taken down by disgruntled developer

The move comes as open source adoption is building momentum and support within the IT community, with use cases likeonline collaborationfuelling its popularity.

The recent2022 State of Open Source Report, conducted by OpenLogic, surveyed 2,660 professionals and their organizations which use open source tools, finding over a quarter (27%) said they had no reservations at all about such tools, while only 13.9% were concerned about them being unsecured and untested.

Will McCurdy has been writing about technology for over five years. He has a wide range of specialities including cybersecurity, fintech, cryptocurrencies, blockchain, cloud computing, payments, artificial intelligence, retail technology, and venture capital investment. He has previously written for AltFi, FStech, Retail Systems, and National Technology News and is an experienced podcast and webinar host, as well as an avid long-form feature writer.

7 myths about email security everyone should stop believing

Best Usenet client of 2024

How to turn off Meta AI