Language Selection

English French German Italian Portuguese Spanish

Google funds Linux kernel developers to work exclusively on security

Filed under
Google
Security

Hardly a week goes by without yet another major Windows security problem popping up, while Linux security problems, when looked at closely, usually turn out to be blunders made by incompetent system administration. But Linux can't rest on its laurels. There are real Linux security concerns that need addressing. That's where Google and the Linux Foundation come in with a new plan to underwrite two full-time maintainers for Linux kernel security development, Gustavo Silva and Nathan Chancellor.

Silva and Chancellor's exclusive focus will be to maintain and improve kernel security and associated initiatives to ensure Linux's security. There's certainly work to be done.

Read more

Working for NSA but also for real security?

  • Google Provides Funding For Linux Kernel Developers To Focus On Security

    Google is announcing today in cooperation with The Linux Foundation that they are providing funding for two full-time developers to focus solely on security issues.

    Longtime Linux developers Gustavo Silva and Nathan Chancellor are the two that will now be focusing full-time on dealing with Linux security issues.

  • Google Funds Linux Kernel Developers to Focus Exclusively on Security

    Today, Google and the Linux Foundation announced they are prioritizing funds to underwrite two full-time maintainers for Linux kernel security development, Gustavo Silva and Nathan Chancellor.

    Silva and Chancellor’s exclusive focus is to maintain and improve kernel security and associated initiatives in order to ensure the world’s most pervasive open source software project is sustainable for decades to come.

More puff pieces about this...

  • Google invests in open source security by funding Linux kernel developers

    In a nod to the growing importance of open source software, Google today announced that it will underwrite the salaries for two developers who will focus on Linux’s fundamental security.

    The gesture may seem limited, but Google believes targeting the Linux kernel will have a broader impact on Linux’s underlying security. The company hopes other corporations will be inspired to do the same in an attempt to clear a lengthy backlog of items researchers already know need to be addressed.

    The Linux kernel is the basic interface that sits between computer hardware and the software running on it. It has become the cornerstone of a large portion of the open source systems that have been deployed around the world.

  • Google funds two Linux kernel developers to focus on security

    Google and the Linux Foundation are prioritizing funds to underwrite two full-time maintainers for Linux kernel security development.

    Gustavo Silva and Nathan Chancellor will focus on maintaining and improving kernel security and associated initiatives in order to ensure the world's most pervasive open source software project is sustainable for decades to come.

    A recently published open source contributor survey from the Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) has identified a need for additional work on security in open source software. While there are thousands involved in developing the Linux kernel this contribution from Google to underwrite two full-time Linux security maintainers signals the importance of security in the sustainability of open source software.

  • Google Funds Linux Kernel Developers to Focus Exclusively on Security

    "At Google, security is always top of mind and we understand the critical role it plays to the sustainability of open source software," said Dan Lorenc, Staff Software Engineer, Google. "We're honored to support the efforts of both Gustavo Silva and Nathan Chancellor as they work to enhance the security of the Linux kernel."

    Chancellor's work will be focused on triaging and fixing all bugs found with Clang/LLVM compilers while working on establishing continuous integration systems to support this work ongoing. Once those aims are well-established, he plans to begin adding features and polish to the kernel using these compiler technologies. Chancellor has been working on the Linux kernel for four and a half years. Two years ago, Chancellor started contributing to mainline Linux under the ClangBuiltLinux project, which is a collaborative effort to get the Linux kernel building with Clang and LLVM compiler tools.

  • Google funds two Linux Foundation security roles

    The effort support Google’s strategy “to help support the critical open source projects that we’re relying on,” Google software engineer Dan Lorenc told SC Media.

    “We do this in a bunch of ways, but the one that we like most is to work with existing maintainers and existing communities rather than coming in from the outside.”

    Google will fund Gustavo Silva, who already works in a similar role eliminating buffer overflows and bolstering new security tools; and Nathan Chancellor, a new hire, who will focus on the Clang/LLVM compiler.

    Using the Clang compiler for Linux is an accepted secondary option to build the operating system. But, said Lorenc, Clang is not particularly well maintained by full-time staff. Chancellor had been an active contributor to the project, but only in his free time.

  • Google is funding Linux Kernel developers with a special focus on security

    To further bolster the security credentials of the Linux kernel, Google and the Linux Foundation have decided to fund two kernel developers to work exclusively on security-related developments.

    The kernel developers, Gustavo Silva and Nathan Chancellor, are long-time kernel developers and have now been tasked to maintain and improve kernel security along with any associated initiatives.

    “At Google, security is always top of mind and we understand the critical role it plays to the sustainability of open source software,” said Dan Lorenc, Staff Software Engineer, Google. “We’re honored to support the efforts of both Gustavo Silva and Nathan Chancellor as they work to enhance the security of the Linux kernel.”

  • An XDA Recognized Developer is being funded by Google to improve Linux Kernel security

    Google and the Linux Foundation announced plans to provide funds to two Linux kernel security developers, one of whom is Nathan Chancellor, a well-known kernel developer on our forums. The two developers will focus their time on improving kernel security and associated initiatives.

    The news comes on the heels of the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) recently publishing an open-source contributor survey report that identified a need for additional work on security in open-source software. In a press release, the Linux Foundation said Google’s contribution to underwriting two full-time security maintainers signals how important it is to maintain the integrity of open-source software.

  • Google funds Linux maintainers to boost Linux kernel security

    Together with the Linux Foundation, Google announced today that they would fund two Linux kernel developers' efforts as full-time maintainers exclusively focused on improving Linux security.

    "While there are thousands of Linux kernel developers, all of whom take security into consideration as the due course of their work, this contribution from Google to underwrite two full-time Linux security maintainers signals the importance of security in the ongoing sustainability of open-source software," the Linux Foundation said in a statement released today.

  • Google to fund two full-time Linux kernel security developers - SD Times

    Google and the Linux Foundation have announced plans to maintain and improve Linux’s long-term security. As part of the plan, the organizations will prioritize funds to underwrite long-time Linux kernel maintainers Gustavo Silva and Nathan Chancellor as full-time developers focused on Linux kernel security development.

    This decision follows a survey by the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH), which found a need for additional security work on the Linux operating system.

By Microsoft Tim

  • 'We're finding bugs way faster than we can fix them': Google sponsors 2 full-time devs to improve Linux security

    Worried about the security of Linux and open-source code, Google is sponsoring a pair of full-time developers to work on the kernel's security.

    The internet giant builds code from its own repositories rather than downloading outside binaries, though given the pace at which code is being added to Linux, this task is non-trivial. Google's open-source security team lead Dan Lorenc spoke to The Register about its approach, and why it will not use pre-built binaries despite their convenience.

    But first: the two individuals full-time sponsored by Google are Gustavo Silva, whose work includes eliminating some classes of buffer overflow risks and on kernel self-protection, and Nathan Chancellor, who fixes bugs in the Clang/LLVM compilers and improves compiler warnings.

    Both are already working at the Linux Foundation, so what is new? "Gustavo's been working on the Linux kernel at the Linux Foundation for several years now," Lorenc tells us. "We've actually been sponsoring it within the Foundation for a number of years. The main change is that we're trying to talk about it more, to encourage other companies to participate. It's a model that works, we're trying to expand it, find contributors that want to turn this into a full-time thing, and giving them the funding to do that."

  • Google Sponsors 2 Full-Time Devs To Improve Linux Security

    Worried about the security of Linux and open-source code, Google is sponsoring a pair of full-time developers to work on the kernel's security

Linux Kernel security to be boosted by Google funding developers

  • Linux Kernel security to be boosted by Google funding developers | GamingOnLinux

    Linux is pretty secure right? Well, like everything else, there are and have been problems. Google is aware of this and they use Linux for a lot and now they're providing funding to help boost Linux security.

    Announced by the Linux Foundation funding has been provided to prioritize two full-time maintainers, Gustavo Silva and Nathan Chancellor, who will focus solely on Linux Kernel security development to ensure "the world's most pervasive open source software project is sustainable for decades to come".

More from CBS

  • Google: We're funding developers to work full-time on Linux security

    Silva will focus on "eliminating several classes of buffer overflows" as well as fixing bugs and developing defense mechanisms for the Linux kernel, The Linux Foundation said. Meanwhile, Chancellor's work will focus on triaging and fixing all bugs found with Clang/LLVM compilers.

    "I hope that more and more people will start to use the LLVM compiler infrastructure project and contribute fixes to it and the kernel – it will go a long way towards improving Linux security for everyone," said Chancellor.

    The move comes roughly six months after the formation of the Open Source Security Foundation (OpenSSF), a collective of big tech industry players working to improve the security of open-source software as it becomes pervasive in big industry applications, including data centers and critical infrastructure.

By IT PRO

Google Funding For Linux Security

  • Google Funding For Linux Security

    Back in December we reported on Google's involvement in a new project from the Open Source Security Foundation to measure the criticality of open source projects as the first step on an undertaking to ensure that projects that are heavily relied on get the resources they need, see Taking Open Source Criticality Seriously. This funding, which is also motivated by findings from the 2020 FOSS Contributor Survey which identified a need for additional work on security in open source software, aims to ensure the long-term sustainability of Linux which is acknowledged as the world's most pervasive open source software as well as being among the top five in terms of its criticality score.

EnterpriseTalk

  • Google Funds Linux Kernel Developers to Focus Exclusively on Security

    The Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) recently published an open source contributor survey report that identified a need for additional work on security in open source software, which includes the massively pervasive Linux operating system.

    Linux is fueled by more than 20,000 contributors and as of August 2020, one million commits. While there are thousands of Linux kernel developers, all of whom take security into consideration as the due course of their work, this contribution from Google to underwrite two full-time Linux security maintainers signals the importance of security in the ongoing sustainability of open source software.

Two more...

  • Security News in Review: Google Funding Security Development for Linux Kernel

    We’re back after a skipped Security News in Review last week. In this week’s edition of our roundup of the biggest cybersecurity news stories, we have reporting on ransomware attacks shutting down Underwriters Laboratories and a payment processor widely used by state and municipal governments, as well as a report on Google partnering with the Linux Foundation to hire two people whose sole job will be to improve the security of the Linux kernel.

    Read on for the latest Security News in Review, and let us know if we missed anything.

  • Google to Underwrite Contributors to Linux Security

    Google and the Linux Foundation announced this week they will underwrite two full-time maintainers for Linux kernel security development.

    Gustavo Silva is currently working full time on eliminating several classes of buffer overflows by transforming all instances of zero-length and one-element arrays into flexible-array members, which is the preferred and least error-prone mechanism to declare such variable-length types. He is also actively focusing on fixing bugs before they hit the mainline, while also proactively developing defense mechanisms that cut off whole classes of vulnerabilities. Silva sent his first kernel patch in 2010 and is an active member of the Kernel Self Protection Project (KSPP).

    Nathan Chancellor will be focused on triaging and fixing all bugs found with Clang/LLVM compilers while working on establishing continuous integration (CI) systems to support this work. He has been working on the Linux kernel for four and a half years.

Belated puff piece connected to LF

  • Google, Linux Foundation Fund Linux Kernel Developers To Focus Exclusively On Security

    Google and the Linux Foundation announced that they are prioritizing funds to underwrite two full-time maintainers for Linux kernel security development, Gustavo Silva and Nathan Chancellor.

    Silva and Chancellor’s exclusive focus will be to maintain and improve kernel security and associated initiatives in order to ensure the world’s most pervasive open source software project is sustainable for decades to come.

Late arrival

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

GNOME’s Very Own “GNOME OS” is Not a Linux Distro for Everyone [Review]

Whenever a major release for GNOME arrives, it is always tempting to try it out as soon as possible. But, to get your hands on it first to test it, you had to mostly rely on Fedora Rawhide (development branch). However, a development branch isn’t always hassle-free. So, it wasn’t the most convenient solution to try the latest GNOME. Now, by testing, I don’t mean just for users but also being able to test design changes for the developers as well. Read more

GNOME’s Very Own “GNOME OS” is Not a Linux Distro for Everyone

Few people know that GNOME has its very own Linux distribution aptly named GNOME OS. Curious? Here’s an overview of this distribution. Read more

Android Leftovers

Top 14 Terminal Emulators for Linux (With Extra Features or Amazing Looks)

By default, all Linux distributions already come pre-installed with a terminal application or terminal emulator (correct technical term). Of course, depending on the desktop environment, it will look and feel different. Here’s the thing about Linux. You are not restricted to what your distribution provides. You can opt for an alternative application of your choice. Terminal is no different. There are several impressive terminal emulators that offer unique features for a better user experience or for better looks. Here, I will be compiling a list of such interesting terminal applications that you can try on your Linux distribution. Read more