George Barnes, the former deputy director of the National Security Agency, who spent 36 years at the National Security Agency and is now working as a senior consultant and Investor in flexible laboratories. Parins says that infiltrators inside Russian intelligence agencies can see Ezeson a possible opportunity to abuse future.
“It is a completely effective symbol. There is no known weakness around it, and therefore no other company has specified anything wrong,” says Barnes. “However, the people who already possess it under the curtain of VK, which is tight with the Kremlin,” he says. “If you are sitting there in GRU or FSB and looking at the list of opportunities washing … this is perfect. He is lying there,” says Barnes, referring to military and home security agencies in Russia.
VK Group did not respond to WIRED to comment on Easyjson. The US Department of Defense did not respond to a request to comment on the inclusion of Easyjson in preparing its programs.
“NSA does not comment on this specified program,” says a National Security Agency spokesman. “The NSA Security Cooperation Center welcomes NSA with advice from the private sector – upon receiving advice, the National Security Agency’s clothes are raised on our heads to understand the threat completely, and if confirmed, it shares any relevant relief with society.” A spokesman for the US Security Security Agency and the US infrastructure, which has I faced disturbances Under the second Trump administration, he says: “We will refer you to the associated laboratories.”
Github, a Microsoft’s software instructor, says that although it will investigate issues and take measures where its policies are broken, it is not aware of the harmful symbol in Easyjson and VK is not punished. The treatment of other technology companies for VK. After Britain imposed leaders Russian banks that have risks In VK in September 2022, for example, Apple removed its social media application from its application store.
DAN Lorenc, CEO of Chainguard Security Company, says that with Easyjson, the ties with Russia are in “normal view” and that there is a risk of cybersecurity “slightly higher” than those in other software libraries, “says Dan Lorenc, CEO of Chainguard Security Company. He adds that the red flags about other open source technology may not be very clear.
“In the area of the total open sources, you do not necessarily know where people are most of the time,” says Lorink. “The symbol is what we must trust, the symbol and the systems used to build this symbol. People are important, but we are not only in a world in which we can push confidence to individuals,” says Lorink.
With the full conquest of Russia to Ukraine, there was an increasing audit on the use of open source systems and the impact of sanctions on the entities involved in development. In October of last year, to praise Kernel Linux Remove 11 Russian developers Those who participated in the Souce Open project, widespread penalties as a reason for change. Then in January this year, Linux issued instructions Covering how international sanctions can affect the open source, saying that developers should be cautious about interacting with him and the nature of interactions.
https://media.wired.com/photos/681395ffdfa44b47ade570c8/191:100/w_1280,c_limit/vk-opensource-sec-1237852326.jpg
Source link