Posted on 09/24/2022 7:16:22 AM PDT by Right Wing Vegan
U.S. Senators Gary Peters (D-MI) and Rob Portman (R-OH), Chairman and Ranking Member of the Homeland Security and Governmental Affairs Committee, have introduced bipartisan legislation to help protect federal and critical infrastructure systems by strengthening the security of open source software. The legislation comes after a hearing convened by Peters and Portman on the Log4j incident earlier this year, and would direct the Cybersecurity and Infrastructure Security Agency (CISA) to help ensure that open source software is used safely and securely by the federal government, critical infrastructure, and others. A vulnerability discovered in Log4j – which is widely used open source code – affected millions of computers worldwide, including critical infrastructure and federal systems. This led top cybersecurity experts to call it one of the most severe and widespread cybersecurity vulnerabilities ever seen.
“Open source software is the bedrock of the digital world and the Log4j vulnerability demonstrated just how much we rely on it. This incident presented a serious threat to federal systems and critical infrastructure companies – including banks, hospitals, and utilities – that Americans rely on each and every day for essential services,” said Senator Peters. “This commonsense, bipartisan legislation will help secure open source software and further fortify our cybersecurity defenses against cybercriminals and foreign adversaries who launch incessant attacks on networks across the nation.”
“As we saw with the log4shell vulnerability, the computers, phones, and websites we all use every day contain open source software that is vulnerable to cyberattack,” said Senator Portman. “The bipartisan Securing Open Source Software Act will ensure that the U.S. government anticipates and mitigates security vulnerabilities in open source software to protect Americans’ most sensitive data.”
“This important legislation will, for the first time ever, codify open source software as public infrastructure,” said Trey Herr, Director, Cyber Statecraft Initiative, Scowcroft Center for Strategy and Security, the Atlantic Council. “If signed into law, it would serve as a historic step for wider federal support for the health and security of open source software. I am encouraged by the leadership of Senators Peters and Portman on this issue.”
The overwhelming majority of computers in the world rely on open source code – freely available code that anyone can contribute to, develop, and use to create websites, applications, and more. It is maintained by a community of individuals and organizations. The federal government, one of the largest users of open source software in the world, must be able to manage its own risk and also help support the security of open source software in the private sector and the rest of the public sector.
The Securing Open Source Software Act would direct CISA to develop a risk framework to evaluate how open source code is used by the federal government. CISA would also evaluate how the same framework could be voluntarily used by critical infrastructure owners and operators. This could identify ways to mitigate risks in systems that use open source software. The legislation also requires CISA to hire professionals with experience developing open source software to ensure that government and the community work hand-in-hand and are prepared to address incidents like the Log4j vulnerability. Additionally, the legislation requires the Office of Management and Budget (OMB) to issue guidance to federal agencies on the secure usage of open source software and establishes a software security subcommittee on the CISA Cybersecurity Advisory Committee.
Read more at the Senate Committee on Homeland Security and Governmental Affairs
Following the basic rule that all legislation is named the opposite of its actual result, I bet that the real effect of this is to make Linux and other open source software too expensive to use and thus come back to Windows.
Government only gets involved these days to Screw Thing Up
That’s a good a good bet. The idea that government is interested in people being secure in their person, papers, and effects is laughable.
Following the basic rule that all legislation is named the opposite of its actual result...
—
This!
Indeed.
But when has it really been different?
“to make Linux and other open source software too expensive to use and thus come back to Windows”
Bingo
Gotta keep India employed with US taxpayer $$$
This has all the wording for tyranny. “secure, safety, ect.”
No details on what it actually does.
but it’s OK to hire as many Chinese Spies at Los Alamos as they can find
As if proprietary software never has security holes!
That’s a fact.
“This important legislation will, for the first time ever, codify open source software as public infrastructure”
...ok, that doesn’t sound good at all.
Bkmk
Open Source Software is free so they can’t charge money it’s part of the licensing and saves Government Billions and that can’t happen ,LOL
That was my thought as well.
Microsoft and Apple are both hardcore woke companies, as well as Adobe, Google, and many others. It benefits left wing government to keep people paying money into these - what are essentially - laundering machines for left wing corporate goals. It is in the left's best interests to keep these companies funded.
I spent some time trying to convince most of the conservatives within my reach that switching was a benefit for us.
Of course, nobody listened. Well, now, here's the legislation to lock us out.
We simply don't have a lot of activists in our midst. Nobody was going to switch, and it doesn't matter how woke these companies are. Apple could've come out plain as day and said "kill whitey" and nobody was going to move.
Woke was not motivating enough, in and of itself.
I wonder which megatech company wrote this bill? Do you think the politicians sit around thinking up stuff like this? No.
Probably,a good idea to make install disks of,the most recent Linux flavors that one would want, just incase they do muck up Linux or make it too expensive to get. Only problem though would be no updates if that happens, but still.
THAT'S RIGHT. We're the Government and we're here to help you. Run for your lives!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.