https://lwn.net/Articles/1070864/
Terence Eden reports that the UK's National Health Service (NHS) is preparing to close almost all of its open-source repositories as a response to LLM tools, such as Anthropic's Mythos, becoming more sophisticated at finding security vulnerabilities. He does not, to put it mildly, agree with the decision:
The majority of code repos published by the NHS are not meaningfully affected by any advance in security scanning. They're mostly data sets, internal tools, guidance, research tools, front-end design and the like. There is nothing in them which could realistically lead to a security incident.
When I was working at NHSX during the pandemic, we were so confident of the safety and necessity of open source, we made sure the Covid Contact Tracing app was open sourced the minute it was available to the public. That was a nationally mandated app, installed on millions of phones, subject to intense scrutiny from hostile powers - and yet, despite publishing the code, architecture and documentation, the open source code caused zero security incidents.
Furthermore, this new guidance is in direct contradiction to the UK's Tech Code of Practice point 3 "Be open and use open source" which insists on code being open.
(Score: 5, Informative) by JoeMerchant on Monday May 04, @07:51PM (5 children)
The Conservative and Unionist Party has historically driven shifts in NHS data policy by transitioning from a "coding in the open" ethos toward a more centralized and commercialized framework, often under the guise of modernization and security. Since returning to power in 2010, Conservative-led governments have repeatedly attempted to consolidate patient data into large, centralized repositories—such as the scrapped care.data program (2013-2016) and the more recent General Practitioner Data for Planning and Research (GPDPR) initiative—while facing criticism for failing to adequately consult the public on how their records might be shared with third-party, private-sector firms. This trajectory culminated in the 2026 directive to close open-source repositories, a move framed as a defense against AI-driven security risks like "Mythos," but viewed by critics as the final step in a long-term strategy to replace transparent, publicly funded software with proprietary, private-sector partnerships like the Palantir Federated Data Platform. By consistently prioritizing "health and wealth" agendas that position NHS data as a commercial asset, the party has overseen a shift in the institution's character from a purely public service to one that operates in increasingly close, and often opaque, partnerships with the private sector.
🌻🌻🌻🌻 [google.com]
(Score: 4, Funny) by Anonymous Coward on Monday May 04, @08:41PM
Conservative and Unionist National Treasures, each and every one.
(Score: 2) by jb on Tuesday May 05, @08:27AM (3 children)
Umm, Britain has had a Labour government for almost two years now, so how on earth could a "Conservative ... trajectory culminate in the 2026 directive..."? The Convervatives haven't been in power since July 2024.
Pretty hard to miss that transition: the Starmer government's various scandals have been reported worldwide just as much the previous (Johnson) government's various scandals were.
(Score: 4, Informative) by JoeMerchant on Tuesday May 05, @11:31AM (2 children)
Just because the majority party switches doesn't instantly obliterate all initiatives of the new #2.
🌻🌻🌻🌻 [google.com]
(Score: 0, Insightful) by Anonymous Coward on Tuesday May 05, @12:19PM (1 child)
If they cared about it, they would have changed it. Now they can hide behind the policies they support and point at the other party; "they did it!". Same with the online "safety" act.
(Score: 3, Touché) by JoeMerchant on Tuesday May 05, @04:44PM
>Now they can hide behind the policies they support and point at the other party; "they did it!".
Yup.
Also, there's a very real thing: Political Capital.
You're in, you're "in control" - but every move against the grain costs you, you only get so many "bold initiatives" before you're out. Choose wisely.
🌻🌻🌻🌻 [google.com]