Techly NewsGet the app

Get the latest tech news

Secure Software Supply Chains, Urges Former Go Lead Russ Cox


Writing in Communications of the ACM, former Go tech lead Russ Cox warns we need to keep improving defenses of software supply chains, highlighting "promising approaches that should be more widely used" and "areas where more work is needed." There are important steps we can take today, such as adopt...

We also need to find ways to fund open source development to make it less susceptible to takeover by the mere offer of free help. [Cox first cites the XKCD cartoon "Dependencies," calling it "a disturbingly accurate assessment of the situation..."] "The XZ attack is the clearest possible demonstration that the problem is not fixed. The article also emphasized the importance of finding and fixing vulnerabilities quickly, arguing that software attacks must be made more difficult and expensive.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Cox

Cox

Photo of go lead

go lead

Related news:

News photo

Utah Gov. Cox: Social media is a societal cancer

News photo

Internet Access Providers Aren't Bound by DMCA Unmasking Subpoenas–In Re Cox

News photo

The $34.5 Billion-Dollar Deal That Started With a Love Letter

« Hi No Youjin
Trump Suggests Murdochs Will Have Role in New TikTok Deal »