Apple to Attend White House Meeting to Discuss Security Risks of Open-Source Software

Apple will be among several U.S. tech giants to attend a meeting at the White House today to discuss cybersecurity and possible security threats posed by open-source software, Reuters reports.

apple logo us flag smooth
The meeting will be held by U.S. National Security Advisor Jake Sullivan and will focus on "concerns around the security of open-source software and how it can be improved." The meeting was prompted by concerns around a security vulnerability found in open-source software Log4j.

The vulnerability, which posed a threat to organizations that use Log4j around the world, allowed hackers to control a system and remotely execute malicious code.

According to Sullivan, open-source software such as Log4j presents a "key national security concern" as it is often used and maintained by volunteers. Google, IBM, Meta, Microsoft, and Oracle are also expected to attend the meeting.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

AngerDanger Avatar
1 week ago
"We're not secure in how much money open-sourced software makes us."
Score: 66 Votes (Like | Disagree)
AngerDanger Avatar
1 week ago

I'm waiting for all the rabbit open-source fans to tell us open-source is much safer than closed-source.
The worst part is that because they're so cute, it's hard to evaluate their arguments objectively.



Attachment Image
Score: 52 Votes (Like | Disagree)
bbeagle Avatar
1 week ago
I'm waiting for all the rabbid open-source fans to tell us open-source is much safer than closed-source.

It's not that simple. open-source CAN be safer, it can also be less safe. In open-source, the exact code is out there for anyone to look at. This means anyone could see any flaws and fix them. It also means that anyone could see any flaws and exploit them.

In closed-source, you can't see the code. It's a much different process to exploit the code. Much harder. There are also less people who have access to the code to fix any flaws. So, flaws will stick around longer.

It's not simple.
Score: 48 Votes (Like | Disagree)
jdb8167 Avatar
1 week ago

The issue is more that there are a certain amount of core libs that everyone has in their builds. I think now its the Wild West because its no one person/ orgs job to check any of these libs or certify them.

We are leaving for too many core components to be looked after by people for free with no incentive to make sure everything is ok.
There is always an XKCD cartoon…

Dependency ('https://xkcd.com/2347/')



Attachment Image
Score: 47 Votes (Like | Disagree)
Kuckuckstein Avatar
1 week ago
The entire Linux community is open source, and yet this is a much more secure platform than Windows has been. And Mac OS and their browsers have heavily benefited from the give and take between Unix and Linux (macOS building on a Unix rather than Linux kernel )

I am almost certain that there have been more security faults in proprietary systems than well maintained open source projects, because the drive behind open source is a more idealistic than the industries “quick to market / milk them all”

With that being said, especially when it comes to web development and the package repositories I see there, I am more doubtful and careful with using and relying on them. I feel it often moves too fast and the community has a different background than e.g. hardcore Linux developers.
Score: 38 Votes (Like | Disagree)
Tres Avatar
1 week ago

I'm waiting for all the rabbit open-source fans to tell us open-source is much safer than closed-source.

It's not that simple. open-source CAN be safer, it can also be less safe. In open-source, the exact code is out there for anyone to look. This means anyone could see any flaws and fix them. It also means that anyone could see any flaws and exploit them.

In closed-source, you can't see the code. It's a much different process to exploit the code. Much harder. There are also less people who have access to the code to fix any flaws. So, flaws will stick around longer.

It's not simple.
Not a rabid open sores fan at all (except back in my teenage years when I went through a rebellious Linux phase ugh), but obscurity does not imply security.
Score: 34 Votes (Like | Disagree)

Related Stories

apple logo cash feature

Apple's Annual Shareholders Meeting to Take Place Virtually on March 4

Thursday January 6, 2022 1:44 pm PST by
Apple's annual shareholders meeting is set to take place Friday, March 4 at 9:00 a.m. Pacific Time, Apple said today in an SEC filing. Shareholders meetings are normally held in person at Apple Park, but this year's meeting, like last year's, will take place virtually and will be open to a greater number of shareholders because there are no space restrictions. Those who want to attend, vote, ...
powerdir exploit microsoft

Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update

Monday January 10, 2022 9:17 am PST by
Microsoft's 365 Defender Research Team this morning published details on a new "Powerdir" macOS vulnerability that let an attacker bypass the Transparency, Consent, and Control technology to gain unauthorized access to protected data. Apple already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update that was released in December, so users who have updated to the...
apple open source site

Apple Launches Redesigned Open Source Website

Wednesday December 8, 2021 1:19 pm PST by
Apple today introduced a redesigned website for its Open Source projects, which houses Apple's open source work like Swift, WebKit, ResearchKit, FoundationDB, and more. The updated site can be found at opensource.apple.com. The site includes two main sections, including Featured Projects to showcase a selection of Apple's open source work, and a second section for Releases. The Featured...
iOS App Store General Feature JoeBlue

Dutch Regulators to Meet With Dating App Providers to Assess Apple's Plan for Alternate In-App Payment Options

Monday January 17, 2022 9:55 am PST by
The Authority for Consumers and Markets (ACM) in the Netherlands plans to assess Apple's announced plans for allowing dating apps on the App Store in the country to use third-party payment methods, ensuring those plans "meet the requirements" of a previous ruling. Over the weekend, Apple announced that it would exclusively allow dating apps on the App Store in the Netherlands to use...
iPhone 13 Security

Researcher Says Apple Ignored Three Zero-Day Security Vulnerabilities Still Present in iOS 15

Friday September 24, 2021 10:42 am PDT by
In 2019, Apple opened its Security Bounty Program to the public, offering payouts up to $1 million to researchers who share critical iOS, iPadOS, macOS, tvOS, or watchOS security vulnerabilities with Apple, including the techniques used to exploit them. The program is designed to help Apple keep its software platforms as safe as possible. In the time since, reports have surfaced indicating...
chinafoxconn

Apple Plans to Develop Program to Improve Supply Chain Security

Wednesday August 25, 2021 3:53 pm PDT by
Apple CEO Tim Cook this morning attended a cybersecurity meeting with U.S. President Joe Biden and executives from other tech companies like Microsoft, Google, and Amazon. Following the summit, the White House said that the companies in attendance pledged their help to bolster U.S. cybersecurity efforts, with Apple planning to develop a program to make security improvements across its...
iOS App Store General Feature JoeBlue

U.S. Bills Allowing Sideloading Would Cause Consumers to Be Hit With 'Malware, Ransomware, and Scams,' Says Apple

Tuesday January 18, 2022 11:42 am PST by
U.S. bills that would require major changes to the App Store would ultimately cause consumers to be targeted with malware, ransomware, and scams, Apple's Senior Director of Government Affairs Timothy Powderly said in a letter that was sent today to the Senate Judiciary Committee and that was obtained by MacRumors. Apple sent the letter as the Judiciary Committee prepares to consider the Amer...
timcooktulane

Apple CEO Tim Cook to Meet With U.S. President Joe Biden to Discuss Cybersecurity

Monday August 23, 2021 4:16 pm PDT by
Apple CEO Tim Cook is set to join other tech executives in a cybersecurity meeting with U.S. President Joe Biden next week, reports Bloomberg. The meeting will focus on the efforts by private companies to improve cybersecurity following a surge in online attacks over the course of the last year, an official familiar with the event told Bloomberg.The executives could discuss efforts...

Popular Stories

maxresdefault

Review: M1 Max MacBook Pro After Three Months

Wednesday January 19, 2022 11:30 am PST by
It's now been a few months since the M1 Pro and M1 Max MacBook Pro models launched in October, and MacRumors video editor Dan Barbera has been using one of the new machines since they debuted. Over on the MacRumors YouTube channel, Dan has shared a three month review of his MacBook Pro to see how it has held up over time and how it's changed his workflow. Subscribe to the MacRumors YouTube ...
iphone se 2020 top

New iPhone SE Likely to Launch in April Based on Production Timeframe

Wednesday January 19, 2022 6:44 am PST by
Apple suppliers will begin producing display panels for the third-generation iPhone SE this month, with final assembly of the device likely to start in March, according to information shared by display industry consultant Ross Young. Based on this production timeframe, Young believes the third-generation iPhone SE is likely to launch in the second half of April, or perhaps in early May at...
AirPods 3 New Firmware Feature

Apple Updates AirPods 3 Firmware to Version 4C170

Tuesday January 18, 2022 11:46 am PST by
Apple today released a new 4C170 firmware update for the AirPods 3, an update from the prior 4C165 that was made available in December. Apple does not offer details on what's included in new firmware updates for the AirPods‌, so we don't know what improvements or bug fixes the new firmware brings. There is no standard way to upgrade the ‌AirPods‌‌ software, but firmware is...
iPad Air Feature 2 green

New Apple Products Filed in Regulatory Database, Likely Including New iPhone SE and iPad Air

Tuesday January 18, 2022 6:11 am PST by
Apple today filed unreleased iPhone and iPad models in the Eurasian Economic Commission database, as spotted by French blog Consomac. The filings likely represent the rumored third-generation iPhone SE, fifth-generation iPad Air, and potentially more. The unreleased iPhone models have the identifiers A2595, A2783, and A2784, while the unreleased iPad models have the identifiers A2588, A2589, ...
iphone 5g mmwave

U.S. Airlines Warn of 'Catastrophic' Crisis With Impending 5G Rollout, AT&T and Verizon Agree to Delay Around Airports

Tuesday January 18, 2022 10:35 am PST by
Verizon and AT&T's upcoming rollout of new C-Band 5G technology could cause chaos and lead to widespread delays of passenger and cargo flights, major U.S. airlines said on Monday in a letter sent to the White House National Economic Council, the FAA, and the FCC (via Reuters). "Unless our major hubs are cleared to fly, the vast majority of the traveling and shipping public will essentially...
microsoft office icons

Microsoft Releases Office for Mac Update With Full Apple Silicon Support in Excel

Tuesday January 18, 2022 4:15 am PST by
Microsoft has released a new version of its Office for Mac productivity suite that includes an updated Excel app with 100% native support for Apple silicon machines. According to the release notes accompanying version 16.57, Excel will now run natively on Macs powered by Apple's M1-series processors without having to use the Rosetta 2 translation layer, which means anyone using a Mac with an ...
appleeducation

Apple's US Education Store Now Requires Institution Verification to Buy Discounted Products

Wednesday January 19, 2022 2:22 am PST by
Apple is now requiring that customers in the United States verify that they're active students, teachers, or staff members at an educational institution in order to access education discounts on products. Previously, little verification was needed for customers to purchase products through Apple's education store in the United States. Apple's education stores offer models of the iPad and Mac ...
iPhone 14 Mock pill and hole thumb

ProMotion Now Expected to Remain Exclusive to iPhone 14 Pro Models, Not Expand to Entire Lineup

Sunday January 16, 2022 8:56 am PST by
Continuing the tradition set with the iPhone 13 Pro, only the highest-end iPhone 14 models will feature Apple's ProMotion display technology, according to a respected display analyst. Ross Young, who on multiple occasions has detailed accurate information about Apple's future products, said in a tweet that ProMotion will not be expanded to the entire iPhone 14 lineup and will remain...
Beyond iPhone 13 Better Blue Face ID

Rumored iPhone 14 Pro Feature Delayed Until Next Year

Wednesday January 19, 2022 3:00 am PST by
Apple's long-rumored under-display Face ID technology will not be coming to the iPhone 14 Pro, according to recent reports. Based on the latest rumors, it now looks unlikely that the 6.1-inch iPhone 14 Pro and 6.7-inch iPhone 14 Pro Max will feature Face ID technology under the display as several reports claimed over the past year. Display industry consultant Ross Young, who often reveals ...