Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.
Politics
posted by hubie on Monday July 18 2022, @02:44PM   Printer-friendly
from the wait-until-they-hear-about-NTP dept.

The MIT Technology Review writes in a long form article about how DARPA has rediscovered Free and Open Source Software, or at least the latter, and how it is now found everywhere across the board. As far as the Internet and the World Wide Web goes, its ubiquity has been a given since they were founded on it, but nowadays even at least 70% of closed source, proprietary products also contain lots of it. DARPA is worried about the kernel Linux in particular and the vetting process for adding code to the project specifically.

Now DARPA, the US military's research arm, wants to understand the collision of code and community that makes these open-source projects work, in order to better understand the risks they face. The goal is to be able to effectively recognize malicious actors and prevent them from disrupting or corrupting crucially important open-source code before it's too late.

DARPA's "SocialCyber" program is an 18-month-long, multimillion-dollar project that will combine sociology with recent technological advances in artificial intelligence to map, understand, and protect these massive open-source communities and the code they create. It's different from most previous research because it combines automated analysis of both the code and the social dimensions of open-source software.

"The open-source ecosystem is one of the grandest enterprises in human history," says Sergey Bratus, the DARPA program manager behind the project.

"It's now grown from enthusiasts to a global endeavor forming the basis of global infrastructure, of the internet itself, of critical industries and mission-critical systems pretty much everywhere," he says. "The systems that run our industry, power grids, shipping, transportation."

Recently, software appears to have been occupying a lot of attention over in Washington, DC. Unfortunately occasional lines in mainstream articles indicate that it is M$ and M$ lobbyists are steering the policy discussion there. It appears that they are spending an enormous amount of time in direct contact with politicians and policy makers, all the while log4j is still getting milked by them as a distraction from all the actively exploited vulnerabilities in their own products.


Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2, Insightful) by SomeRandomGeek on Monday July 18 2022, @03:12PM (5 children)

    by SomeRandomGeek (856) on Monday July 18 2022, @03:12PM (#1261562)

    Eventually, the government will figure out that if they are concerned about the security of open source software, they can contribute to securing it.
    They can contribute directly. But also, they currently "ensure" the security of closed source software by setting security standards for the private companies that they buy from. The government could easily change those standards to include those private companies contributing the to the security of open source software included in their products.

    • (Score: 4, Insightful) by crafoo on Monday July 18 2022, @04:52PM (2 children)

      by crafoo (6639) on Monday July 18 2022, @04:52PM (#1261589)

      it's so adorable that you think your government even considers your best interests.

      > Eventually, the government will figure out that if they are concerned about the security of open source software, they can contribute to securing it.

      No they won't and that's not their goal in the first place. That's just the story.

      Imagine your typical DMV, but with guns and a massive sense of entitlement and arrogance.

      • (Score: 2) by Freeman on Monday July 18 2022, @05:48PM

        by Freeman (732) on Monday July 18 2022, @05:48PM (#1261598) Journal

        You've just described Texas DMVs. Okay, they probably can't take their guns with them to work.

        --
        Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"
      • (Score: 2) by JoeMerchant on Monday July 18 2022, @08:10PM

        by JoeMerchant (3937) on Monday July 18 2022, @08:10PM (#1261628)

        There are some basic personality profile differences between the military and the DMV, yes both have outsized entitlement, but DMV isn't inclined to think in terms of deadly force. If they were they would move faster and also not grant operators licenses to so many 80+ year olds.

        --
        🌻🌻 [google.com]
    • (Score: 5, Insightful) by RS3 on Monday July 18 2022, @05:12PM

      by RS3 (6367) on Monday July 18 2022, @05:12PM (#1261592)

      I believe they did and that's what SELinux is: https://www.redhat.com/en/topics/linux/what-is-selinux [redhat.com]

    • (Score: 3, Insightful) by JoeMerchant on Monday July 18 2022, @08:13PM

      by JoeMerchant (3937) on Monday July 18 2022, @08:13PM (#1261629)

      >those standards to include those private companies contributing the to the security of open source software included in their products.

      This is coming to medical devices as we speak.

      If open source is scary, closed source should be terrifying.

      --
      🌻🌻 [google.com]
  • (Score: 3, Touché) by sgleysti on Monday July 18 2022, @03:49PM (3 children)

    by sgleysti (56) Subscriber Badge on Monday July 18 2022, @03:49PM (#1261574)

    The MIT Technology Review writes in a long form article

    This is a good article on an important topic, but it's not a long form article. It's normal length. Just saying.

    • (Score: 1) by Runaway1956 on Monday July 18 2022, @04:27PM (2 children)

      by Runaway1956 (2926) Subscriber Badge on Monday July 18 2022, @04:27PM (#1261585) Journal

      For politicians, anything over 50 words is "long form". All they want is the 3 to 10 word soundbyte.

      --
      “I have become friends with many school shooters” - Tampon Tim Walz
      • (Score: -1, Redundant) by Anonymous Coward on Monday July 18 2022, @04:44PM (1 child)

        by Anonymous Coward on Monday July 18 2022, @04:44PM (#1261588)

        For Republican politicians, anything over 50 words is "long form".
        TFTFY

        • (Score: 1, Redundant) by Runaway1956 on Monday July 18 2022, @05:56PM

          by Runaway1956 (2926) Subscriber Badge on Monday July 18 2022, @05:56PM (#1261600) Journal

          You know, I think you might be correct. And, Democrats are limited to 16 words.

          --
          “I have become friends with many school shooters” - Tampon Tim Walz
  • (Score: 3, Offtopic) by jasassin on Monday July 18 2022, @04:27PM

    by jasassin (3566) <jasassin@gmail.com> on Monday July 18 2022, @04:27PM (#1261586) Homepage Journal

    It’s the assholes that do this kind of shit are the reason why we can’t have nice things. I can understand wanting to steal cryptocurrency, and I personally couldn’t give a shit less, but the malware just to fuck with shit really grinds my gears. It’s like the asshats that key super expensive cars because they are jealous or envious or whatever is going through their stupid pissant minds. The thought of doing that kind of thing has never crossed my mind.

    Fuck cryptocurrency, but stealing is wrong.

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
  • (Score: 2) by PiMuNu on Monday July 18 2022, @08:48PM

    by PiMuNu (3823) on Monday July 18 2022, @08:48PM (#1261639)

    ROFL

  • (Score: 3, Funny) by bmimatt on Tuesday July 19 2022, @12:15AM

    by bmimatt (5050) on Tuesday July 19 2022, @12:15AM (#1261676)

    ...we are here to help.

  • (Score: 2, Funny) by pD-brane on Tuesday July 19 2022, @06:39PM

    by pD-brane (6728) on Tuesday July 19 2022, @06:39PM (#1261783)

    Would it not be more efficient and in line with their principles if the US government just prosecute Lennart Poettering without due process, or did he already flee to Russia?

(1)