Fifty Years of Open Source Software Supply Chain Security (Queue)

by
corbet
from LWN.net on (#6WF5T)
ACM Queue looks atthe security problem in the light of a report on Multics security thatwas published in 1974.

We are all struggling with a massive shift that has happened in thepast 10 or 20 years in the software industry. For decades, softwarereuse was only a lofty goal. Now it's very real. Modernprogramming environments such as Go, Node, and Rust have made ittrivial to reuse work by others, but our instincts aboutresponsible behaviors have not yet adapted to this new reality.

The fact that the 1974 Multics review anticipated many of theproblems we face today is evidence that these problems arefundamental and have no easy answers. We must work to makecontinuous improvements to open source software supply chainsecurity, making attacks more and more difficult and expensive.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments