Apple to Attend White House Meeting to Discuss Security Risks of Open-Source Software

Apple will be among several U.S. tech giants to attend a meeting at the White House today to discuss cybersecurity and possible security threats posed by open-source software, Reuters reports.

apple logo us flag smooth
The meeting will be held by U.S. National Security Advisor Jake Sullivan and will focus on "concerns around the security of open-source software and how it can be improved." The meeting was prompted by concerns around a security vulnerability found in open-source software Log4j.

The vulnerability, which posed a threat to organizations that use Log4j around the world, allowed hackers to control a system and remotely execute malicious code.

According to Sullivan, open-source software such as Log4j presents a "key national security concern" as it is often used and maintained by volunteers. Google, IBM, Meta, Microsoft, and Oracle are also expected to attend the meeting.

Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

AngerDanger Avatar
19 weeks ago
"We're not secure in how much money open-sourced software makes us."
Score: 66 Votes (Like | Disagree)
AngerDanger Avatar
19 weeks ago

I'm waiting for all the rabbit open-source fans to tell us open-source is much safer than closed-source.
The worst part is that because they're so cute, it's hard to evaluate their arguments objectively.



Attachment Image
Score: 52 Votes (Like | Disagree)
bbeagle Avatar
19 weeks ago
I'm waiting for all the rabbid open-source fans to tell us open-source is much safer than closed-source.

It's not that simple. open-source CAN be safer, it can also be less safe. In open-source, the exact code is out there for anyone to look at. This means anyone could see any flaws and fix them. It also means that anyone could see any flaws and exploit them.

In closed-source, you can't see the code. It's a much different process to exploit the code. Much harder. There are also less people who have access to the code to fix any flaws. So, flaws will stick around longer.

It's not simple.
Score: 48 Votes (Like | Disagree)
jdb8167 Avatar
19 weeks ago

The issue is more that there are a certain amount of core libs that everyone has in their builds. I think now its the Wild West because its no one person/ orgs job to check any of these libs or certify them.

We are leaving for too many core components to be looked after by people for free with no incentive to make sure everything is ok.
There is always an XKCD cartoon…

Dependency ('https://xkcd.com/2347/')



Attachment Image
Score: 47 Votes (Like | Disagree)
Kuckuckstein Avatar
19 weeks ago
The entire Linux community is open source, and yet this is a much more secure platform than Windows has been. And Mac OS and their browsers have heavily benefited from the give and take between Unix and Linux (macOS building on a Unix rather than Linux kernel )

I am almost certain that there have been more security faults in proprietary systems than well maintained open source projects, because the drive behind open source is a more idealistic than the industries “quick to market / milk them all”

With that being said, especially when it comes to web development and the package repositories I see there, I am more doubtful and careful with using and relying on them. I feel it often moves too fast and the community has a different background than e.g. hardcore Linux developers.
Score: 38 Votes (Like | Disagree)
Tres Avatar
19 weeks ago

I'm waiting for all the rabbit open-source fans to tell us open-source is much safer than closed-source.

It's not that simple. open-source CAN be safer, it can also be less safe. In open-source, the exact code is out there for anyone to look. This means anyone could see any flaws and fix them. It also means that anyone could see any flaws and exploit them.

In closed-source, you can't see the code. It's a much different process to exploit the code. Much harder. There are also less people who have access to the code to fix any flaws. So, flaws will stick around longer.

It's not simple.
Not a rabid open sores fan at all (except back in my teenage years when I went through a rebellious Linux phase ugh), but obscurity does not imply security.
Score: 34 Votes (Like | Disagree)

Related Stories

appleprivacyad cleaned

iOS 15 Patched Security Hole That Potentially Exposed Users' Private Apple ID Information to Third-Party Apps

Thursday January 20, 2022 3:32 am PST by
Apple patched two significant security vulnerabilities when it released iOS 15 that could have potentially exposed users' private Apple ID information and in-app search history to malicious third-party apps and allowed apps to override user Privacy preferences, Apple has revealed in a recent support document update. With most iOS, macOS, tvOS, and watchOS updates, Apple provides a list of...
iOS App Store General Feature Sqaure Complement

Sideloading Bill Would Allow 'Malware, Scams and Data-Exploitation to Proliferate,' Says Apple

Wednesday February 2, 2022 3:48 pm PST by
The U.S. Senate Judiciary Committee will on Thursday consider the Open App Markets Act, an antitrust bill that would allow for sideloading and alternate app stores. Ahead of the meeting, Apple's head of government affairs in the Americas Tim Powderly sent a letter to committee members, urging them to reject the bill, reports Bloomberg. Powderly repeated a privacy and security argument that...
apple logo cash feature

Apple's Annual Shareholders Meeting to Take Place Virtually on March 4

Thursday January 6, 2022 1:44 pm PST by
Apple's annual shareholders meeting is set to take place Friday, March 4 at 9:00 a.m. Pacific Time, Apple said today in an SEC filing. Shareholders meetings are normally held in person at Apple Park, but this year's meeting, like last year's, will take place virtually and will be open to a greater number of shareholders because there are no space restrictions. Those who want to attend, vote, ...
iOS App Store General Feature JoeBlue

Upcoming EU Sideloading Bill Would 'Cripple the Privacy and Security Protections' iPhone Users Expect, Says Apple

Thursday March 17, 2022 10:38 am PDT by
The European Union is set to introduce new legislation as soon as this month that would significantly affect how the App Store operates in Europe, reports The Wall Street Journal. The Digital Markets Act has been in development for some time and the finalized version that could be completed as soon as this month will allow for sideloading and alternate app store options. Apple will be...
iOS App Store General Feature JoeBlue

U.S. Senate Judiciary Committee Approves Another Antitrust Bill That Would Allow Sideloading on iPhone

Thursday February 3, 2022 8:32 am PST by
The U.S. Senate Judiciary Committee today approved the bipartisan Open App Markets Act, an antitrust bill that would allow for alternative app stores and alternative in-app payment systems on the iPhone. The bill will now head to the Senate floor for a vote. Apple had urged the U.S. Senate Judiciary Committee to reject the bill, arguing that sideloading would pose privacy and security risks...
powerdir exploit microsoft

Microsoft Discovered New 'Powerdir' macOS Vulnerability, Fixed in 12.1 Update

Monday January 10, 2022 9:17 am PST by
Microsoft's 365 Defender Research Team this morning published details on a new "Powerdir" macOS vulnerability that let an attacker bypass the Transparency, Consent, and Control technology to gain unauthorized access to protected data. Apple already addressed the CVE-2021-30970 vulnerability in the macOS Monterey 12.1 update that was released in December, so users who have updated to the...
iOS App Store General Feature JoeBlue

U.S. Bills Allowing Sideloading Would Cause Consumers to Be Hit With 'Malware, Ransomware, and Scams,' Says Apple

Tuesday January 18, 2022 11:42 am PST by
U.S. bills that would require major changes to the App Store would ultimately cause consumers to be targeted with malware, ransomware, and scams, Apple's Senior Director of Government Affairs Timothy Powderly said in a letter that was sent today to the Senate Judiciary Committee and that was obtained by MacRumors. Apple sent the letter as the Judiciary Committee prepares to consider the Amer...
iOS 15 General Feature Blue

Apple Releases iOS 15.3.1 and iPadOS 15.3.1 With Security Updates and Bug Fixes

Thursday February 10, 2022 10:10 am PST by
Apple today released iOS 15.3.1 and iPadOS 15.3.1, two minor updates to the iOS and iPadOS operating systems released in September 2021. iOS and iPadOS 15.3.1 come two weeks after the release of iOS and iPadOS 15.3. The iOS 15.3.1 and iPadOS 15.3.1 updates can be downloaded for free and the software is available on all eligible devices over-the-air in the Settings app. To access the new...

Popular Stories

apple ar headset concept 1

Apple's Headset Said to Feature 14 Cameras Enabling Lifelike Avatars, Jony Ive Has Remained Involved With Design

Friday May 20, 2022 6:50 am PDT by
Earlier this week, The Information's Wayne Ma outlined struggles that Apple has faced during the development of its long-rumored AR/VR headset. Now, in a follow-up report, he has shared several additional details about the wearable device. Apple headset render created by Ian Zelbo based on The Information reporting For starters, one of the headset's marquee features is said to be lifelike...
iPhone 14 Purple Lineup Feature

Will the iPhone 14 Be a Disappointment?

Saturday May 21, 2022 9:00 am PDT by
With around four months to go before Apple is expected to unveil the iPhone 14 lineup, the overwhelming majority of rumors related to the new devices so far have focused on the iPhone 14 Pro, rather than the standard iPhone 14 – leading to questions about how different the iPhone 14 will actually be from its predecessor, the iPhone 13. The iPhone 14 Pro and iPhone 14 Pro Max are expected...
sony headphones 1

Sony's New WH-1000XM5 Headphones vs. Apple's AirPods Max

Friday May 20, 2022 12:18 pm PDT by
Sony this week came out with an updated version of its popular over-ear noise canceling headphones, so we picked up a pair to compare them to the AirPods Max to see which headphones are better and whether it's worth buying the $400 WH-1000XM5 from Sony over Apple's $549 AirPods Max. Subscribe to the MacRumors YouTube channel for more videos. First of all, the AirPods Max win out when it comes ...
studio display 3

Apple's Rumored 27-Inch Mini-LED Display Now Said to Launch in October

Friday May 20, 2022 8:07 am PDT by
Apple now plans to release a new 27-inch display with mini-LED backlighting in October due to the Shanghai lockdown, which has resulted in production of the display being delayed, according to display industry consultant Ross Young. In a tweet, Young said Apple is in the process of moving production of the display from Quanta Computer to a different supplier and/or location, resulting in a...
HomePodandMini feature green

Kuo: Apple to Release New HomePod in Late 2022 or Early 2023

Friday May 20, 2022 8:55 am PDT by
Apple is working on an updated version of the HomePod that could come in the fourth quarter of 2022 or the first quarter of 2023, according to Apple analyst Ming-Chi Kuo. Kuo says that there "may not be much innovation in hardware design" for the new HomePod, and there is no word on what size the device will be and if it will be a HomePod mini successor or a larger speaker. Apple would ...
airtag purple

Best Apple Deals of the Week: Save on AirTag, AirPods 3, and iPads

Friday May 20, 2022 8:01 am PDT by
Solid markdowns on the AirTag, AirPods 3, and a few iPad models were introduced this week, and below you'll find all of the best deals of the past few days that are still available to purchase. AirTag Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. What's the...