Google yakakumbira US kuti iite yakakosha yakavhurika sosi mapurojekiti akachengeteka

Mushure me "Summit on open-source security" yakarongwa kuWhite House, Google yakakumbira kutora chikamu kukuru kwe hurumende mukuzivikanwa uye kuchengetedzwa kweyakavhurika sosi software mapurojekiti.

Kuburikidza nechinyorwa cheKent Walker, mutungamiri wepasi rose uye mukuru wezvemitemo weGoogle, uyo akadaro mune blog post kuti kubatana kwepedyo kunodiwa pakati pebazi rakazvimirira nehurumende kuti ive nechokwadi chekuwedzera mari uye hutungamiriri hwekuchengetedza yakavhurika sosi software.

"Tinoda mubatanidzwa weveruzhinji newakavanzika kuti utarise runyorwa rwemapurojekiti akakosha akavhurwa sosi, nekutsoropodza kwakatemwa zvichibva pakupesvedzera kweprojekiti uye kukosha, kubatsira kuisa pamberi uye kugovera zviwanikwa zveakanyanya kukosha ongororo yekuchengetedzwa uye magadzirirwo akanyorwa naWalker.

Nenguva refu, mubatanidzwa iwoyo unofanirwa kugadzira nzira nyowani dzekuona yakavhurika sosi software inogona kuunza systemic njodzi, zvichibva pamabatiro ainoita nemapurojekiti akakosha, kuitira kuti itarisire mwero wekuchengetedza unodiwa kuve nechokwadi chekuchengetedza kwayo. Walker akawedzera.

Google inodawo kuti hurumende nemaindasitiri vauye pamwe chete kuti vagadzire zviyero kuitira kuchengetedza, kugadzirisa, kutanga, uye kuyedzwa kweyakavhurika sosi software.

Ndizvozvo kuona kuti zvivakwa zvenyika nezvimwe zvakakosha masisitimu vanogona kuvimba nemapurojekiti aya. Walker akati zviyero zvinofanirwa kuvandudzwa kuburikidza nehurongwa hwekubatana hunosimbisa kudzokororwa kazhinji, kuyedzwa kunoenderera uye kutendeseka kwakasimbiswa.

Pakupedzisira, Walkerr ndakakumbira imwe mari kubva kuhurumende nemasangano akazvimirira. Akataura kuti makambani mazhinji anotungamira nemasangano haatomboziva kuti ingani yezvivakwa zvavo zvakakosha zvakavakirwa pamapurojekiti akavhurika.

Kugadzirisa izvozvo, yakadana kuwedzera kuziva pamwe nekugadzirwa kwemusika wekuvhura sosi kugadzirisa izvo zvaizobatanidza vanozvipira kubva kumakambani nemasangano ane mapurojekiti akakosha anoda rutsigiro. Walker akavimbisa kuti Google yakagadzirira kutsigira chirongwa chakadaro.

Kushaikwa kwezvishandiso zvekuchengetedza uye kuchengetedzeka kweyakavhurika sosi software inyaya yakasimudzwa munguva yakapfuura, asi yakamukazve mwedzi uno zvichitevera kuwanikwa kwechikanganiso chakakomba muLog4j Java raibhurari, imwe yematambudziko makuru ecybersecurity. mumakore achangopfuura. Iyo Log4j raibhurari ndeye yakavhurika sosi, inonyanya kuvandudzwa uye inochengetwa nevashandi vasina kubhadhara.

"Open source software code inowanikwa kune veruzhinji, yemahara kuti chero munhu ashandise, gadzirisa, kana kuongorora," Walker akanyora. “Ndiko kusaka zvakawanda zvezvivakwa zvakakosha uye masisitimu ekuchengetedza nyika achibatanidza. Asi hapana kugovewa zviri pamutemo kwezviwanikwa uye zvishoma zvinodikanwa kana zviyero zvekuchengetedza iyo yakakosha kodhi yakachengeteka. Muchokwadi, basa rakawanda rekuchengetedza nekuvandudza kuchengetedzeka kwenzvimbo yakavhurika, kusanganisira kugadzirisa kusagona kunozivikanwa, rinoitwa nekuzvidira, ad hoc hwaro.

Mari zhinji yekuvhura sosi software inowanzobva kune zvipo vanhu vanobva kuvatsigiri kana kubva kumakambani ezvemichina anotsamira paari. Semuenzaniso, Google nguva pfupi yadarika yakapa madhora zana emamiriyoni kuLinux Foundation's Secure Open Source bounty chirongwa, icho chine chinangwa chekupa muripo wemari kuvagadziri vanovandudza chengetedzo yemapurojekiti akakosha.

Kana ari iye, iyekune Red Hat unit yeBMM Corp., vane vatungamiri vakapinda musangano weWhite House National Security Council, Vati vanotsigira zviri kuitwa nehurumende kuvandudza kuchengetedzwa kwemhando dzese dzesoftware.

"Dingindira rakakosha remusangano raive kucherechedzwa kuti yakavhurika sosi software yakamhanyisa kukurumidza kwehunyanzvi hwekuvandudza tekinoroji, inopa mabhenefiti makuru munharaunda nehupfumi, uye inogona kuenda kure mukuvandudza kuvimba uye kuchengetedzwa kwecyber," akadaro Red Hat.

"Tinotarisira kushanda neDhipatimendi uye neruzhinji seti yevatori vechikamu pamatanho anotevera uye ticharamba takatarisa kutsigira vatengi vedu nekusimbisa yakavhurika sosi ecosystem."

Finalmente Kana iwe uchifarira kuziva zvakawanda nezvazvo, unogona kutarisa ruzivo mu inotevera chinongedzo.


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Mhinduro, siya zvako

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira data: AB Internet Networks 2008 SL
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

  1.   Diego ChiGerman Gonzalez akadaro

    Zvingave zvakanaka dai Google yakaisa muenzaniso nekuzivisa rutsigiro rwechimwe cheaya mapurojekiti ainotaura nezvawo.