Language Selection

English French German Italian Portuguese Spanish

Google funds Linux kernel developers to work exclusively on security

Filed under
Google
Security

Hardly a week goes by without yet another major Windows security problem popping up, while Linux security problems, when looked at closely, usually turn out to be blunders made by incompetent system administration. But Linux can't rest on its laurels. There are real Linux security concerns that need addressing. That's where Google and the Linux Foundation come in with a new plan to underwrite two full-time maintainers for Linux kernel security development, Gustavo Silva and Nathan Chancellor.

Silva and Chancellor's exclusive focus will be to maintain and improve kernel security and associated initiatives to ensure Linux's security. There's certainly work to be done.

Read more

Working for NSA but also for real security?

  • Google Provides Funding For Linux Kernel Developers To Focus On Security

    Google is announcing today in cooperation with The Linux Foundation that they are providing funding for two full-time developers to focus solely on security issues.

    Longtime Linux developers Gustavo Silva and Nathan Chancellor are the two that will now be focusing full-time on dealing with Linux security issues.

  • Google Funds Linux Kernel Developers to Focus Exclusively on Security

    Today, Google and the Linux Foundation announced they are prioritizing funds to underwrite two full-time maintainers for Linux kernel security development, Gustavo Silva and Nathan Chancellor.

    Silva and Chancellor’s exclusive focus is to maintain and improve kernel security and associated initiatives in order to ensure the world’s most pervasive open source software project is sustainable for decades to come.

More puff pieces about this...

  • Google invests in open source security by funding Linux kernel developers

    In a nod to the growing importance of open source software, Google today announced that it will underwrite the salaries for two developers who will focus on Linux’s fundamental security.

    The gesture may seem limited, but Google believes targeting the Linux kernel will have a broader impact on Linux’s underlying security. The company hopes other corporations will be inspired to do the same in an attempt to clear a lengthy backlog of items researchers already know need to be addressed.

    The Linux kernel is the basic interface that sits between computer hardware and the software running on it. It has become the cornerstone of a large portion of the open source systems that have been deployed around the world.

  • Google funds two Linux kernel developers to focus on security

    Google and the Linux Foundation are prioritizing funds to underwrite two full-time maintainers for Linux kernel security development.

    Gustavo Silva and Nathan Chancellor will focus on maintaining and improving kernel security and associated initiatives in order to ensure the world's most pervasive open source software project is sustainable for decades to come.

    A recently published open source contributor survey from the Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) has identified a need for additional work on security in open source software. While there are thousands involved in developing the Linux kernel this contribution from Google to underwrite two full-time Linux security maintainers signals the importance of security in the sustainability of open source software.

  • Google Funds Linux Kernel Developers to Focus Exclusively on Security

    "At Google, security is always top of mind and we understand the critical role it plays to the sustainability of open source software," said Dan Lorenc, Staff Software Engineer, Google. "We're honored to support the efforts of both Gustavo Silva and Nathan Chancellor as they work to enhance the security of the Linux kernel."

    Chancellor's work will be focused on triaging and fixing all bugs found with Clang/LLVM compilers while working on establishing continuous integration systems to support this work ongoing. Once those aims are well-established, he plans to begin adding features and polish to the kernel using these compiler technologies. Chancellor has been working on the Linux kernel for four and a half years. Two years ago, Chancellor started contributing to mainline Linux under the ClangBuiltLinux project, which is a collaborative effort to get the Linux kernel building with Clang and LLVM compiler tools.

  • Google funds two Linux Foundation security roles

    The effort support Google’s strategy “to help support the critical open source projects that we’re relying on,” Google software engineer Dan Lorenc told SC Media.

    “We do this in a bunch of ways, but the one that we like most is to work with existing maintainers and existing communities rather than coming in from the outside.”

    Google will fund Gustavo Silva, who already works in a similar role eliminating buffer overflows and bolstering new security tools; and Nathan Chancellor, a new hire, who will focus on the Clang/LLVM compiler.

    Using the Clang compiler for Linux is an accepted secondary option to build the operating system. But, said Lorenc, Clang is not particularly well maintained by full-time staff. Chancellor had been an active contributor to the project, but only in his free time.

  • Google is funding Linux Kernel developers with a special focus on security

    To further bolster the security credentials of the Linux kernel, Google and the Linux Foundation have decided to fund two kernel developers to work exclusively on security-related developments.

    The kernel developers, Gustavo Silva and Nathan Chancellor, are long-time kernel developers and have now been tasked to maintain and improve kernel security along with any associated initiatives.

    “At Google, security is always top of mind and we understand the critical role it plays to the sustainability of open source software,” said Dan Lorenc, Staff Software Engineer, Google. “We’re honored to support the efforts of both Gustavo Silva and Nathan Chancellor as they work to enhance the security of the Linux kernel.”

  • An XDA Recognized Developer is being funded by Google to improve Linux Kernel security

    Google and the Linux Foundation announced plans to provide funds to two Linux kernel security developers, one of whom is Nathan Chancellor, a well-known kernel developer on our forums. The two developers will focus their time on improving kernel security and associated initiatives.

    The news comes on the heels of the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) recently publishing an open-source contributor survey report that identified a need for additional work on security in open-source software. In a press release, the Linux Foundation said Google’s contribution to underwriting two full-time security maintainers signals how important it is to maintain the integrity of open-source software.

  • Google funds Linux maintainers to boost Linux kernel security

    Together with the Linux Foundation, Google announced today that they would fund two Linux kernel developers' efforts as full-time maintainers exclusively focused on improving Linux security.

    "While there are thousands of Linux kernel developers, all of whom take security into consideration as the due course of their work, this contribution from Google to underwrite two full-time Linux security maintainers signals the importance of security in the ongoing sustainability of open-source software," the Linux Foundation said in a statement released today.

  • Google to fund two full-time Linux kernel security developers - SD Times

    Google and the Linux Foundation have announced plans to maintain and improve Linux’s long-term security. As part of the plan, the organizations will prioritize funds to underwrite long-time Linux kernel maintainers Gustavo Silva and Nathan Chancellor as full-time developers focused on Linux kernel security development.

    This decision follows a survey by the Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH), which found a need for additional security work on the Linux operating system.

By Microsoft Tim

  • 'We're finding bugs way faster than we can fix them': Google sponsors 2 full-time devs to improve Linux security

    Worried about the security of Linux and open-source code, Google is sponsoring a pair of full-time developers to work on the kernel's security.

    The internet giant builds code from its own repositories rather than downloading outside binaries, though given the pace at which code is being added to Linux, this task is non-trivial. Google's open-source security team lead Dan Lorenc spoke to The Register about its approach, and why it will not use pre-built binaries despite their convenience.

    But first: the two individuals full-time sponsored by Google are Gustavo Silva, whose work includes eliminating some classes of buffer overflow risks and on kernel self-protection, and Nathan Chancellor, who fixes bugs in the Clang/LLVM compilers and improves compiler warnings.

    Both are already working at the Linux Foundation, so what is new? "Gustavo's been working on the Linux kernel at the Linux Foundation for several years now," Lorenc tells us. "We've actually been sponsoring it within the Foundation for a number of years. The main change is that we're trying to talk about it more, to encourage other companies to participate. It's a model that works, we're trying to expand it, find contributors that want to turn this into a full-time thing, and giving them the funding to do that."

  • Google Sponsors 2 Full-Time Devs To Improve Linux Security

    Worried about the security of Linux and open-source code, Google is sponsoring a pair of full-time developers to work on the kernel's security

Linux Kernel security to be boosted by Google funding developers

  • Linux Kernel security to be boosted by Google funding developers | GamingOnLinux

    Linux is pretty secure right? Well, like everything else, there are and have been problems. Google is aware of this and they use Linux for a lot and now they're providing funding to help boost Linux security.

    Announced by the Linux Foundation funding has been provided to prioritize two full-time maintainers, Gustavo Silva and Nathan Chancellor, who will focus solely on Linux Kernel security development to ensure "the world's most pervasive open source software project is sustainable for decades to come".

More from CBS

  • Google: We're funding developers to work full-time on Linux security

    Silva will focus on "eliminating several classes of buffer overflows" as well as fixing bugs and developing defense mechanisms for the Linux kernel, The Linux Foundation said. Meanwhile, Chancellor's work will focus on triaging and fixing all bugs found with Clang/LLVM compilers.

    "I hope that more and more people will start to use the LLVM compiler infrastructure project and contribute fixes to it and the kernel – it will go a long way towards improving Linux security for everyone," said Chancellor.

    The move comes roughly six months after the formation of the Open Source Security Foundation (OpenSSF), a collective of big tech industry players working to improve the security of open-source software as it becomes pervasive in big industry applications, including data centers and critical infrastructure.

By IT PRO

Google Funding For Linux Security

  • Google Funding For Linux Security

    Back in December we reported on Google's involvement in a new project from the Open Source Security Foundation to measure the criticality of open source projects as the first step on an undertaking to ensure that projects that are heavily relied on get the resources they need, see Taking Open Source Criticality Seriously. This funding, which is also motivated by findings from the 2020 FOSS Contributor Survey which identified a need for additional work on security in open source software, aims to ensure the long-term sustainability of Linux which is acknowledged as the world's most pervasive open source software as well as being among the top five in terms of its criticality score.

EnterpriseTalk

  • Google Funds Linux Kernel Developers to Focus Exclusively on Security

    The Linux Foundation’s Open Source Security Foundation (OpenSSF) and the Laboratory for Innovation Science at Harvard (LISH) recently published an open source contributor survey report that identified a need for additional work on security in open source software, which includes the massively pervasive Linux operating system.

    Linux is fueled by more than 20,000 contributors and as of August 2020, one million commits. While there are thousands of Linux kernel developers, all of whom take security into consideration as the due course of their work, this contribution from Google to underwrite two full-time Linux security maintainers signals the importance of security in the ongoing sustainability of open source software.

Two more...

  • Security News in Review: Google Funding Security Development for Linux Kernel

    We’re back after a skipped Security News in Review last week. In this week’s edition of our roundup of the biggest cybersecurity news stories, we have reporting on ransomware attacks shutting down Underwriters Laboratories and a payment processor widely used by state and municipal governments, as well as a report on Google partnering with the Linux Foundation to hire two people whose sole job will be to improve the security of the Linux kernel.

    Read on for the latest Security News in Review, and let us know if we missed anything.

  • Google to Underwrite Contributors to Linux Security

    Google and the Linux Foundation announced this week they will underwrite two full-time maintainers for Linux kernel security development.

    Gustavo Silva is currently working full time on eliminating several classes of buffer overflows by transforming all instances of zero-length and one-element arrays into flexible-array members, which is the preferred and least error-prone mechanism to declare such variable-length types. He is also actively focusing on fixing bugs before they hit the mainline, while also proactively developing defense mechanisms that cut off whole classes of vulnerabilities. Silva sent his first kernel patch in 2010 and is an active member of the Kernel Self Protection Project (KSPP).

    Nathan Chancellor will be focused on triaging and fixing all bugs found with Clang/LLVM compilers while working on establishing continuous integration (CI) systems to support this work. He has been working on the Linux kernel for four and a half years.

Belated puff piece connected to LF

  • Google, Linux Foundation Fund Linux Kernel Developers To Focus Exclusively On Security

    Google and the Linux Foundation announced that they are prioritizing funds to underwrite two full-time maintainers for Linux kernel security development, Gustavo Silva and Nathan Chancellor.

    Silva and Chancellor’s exclusive focus will be to maintain and improve kernel security and associated initiatives in order to ensure the world’s most pervasive open source software project is sustainable for decades to come.

Late arrival

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Best Apps to Install on Linux Mint in 2021

Linux Mint is a popular Linux distro alongside Ubuntu. There is not much difference between the functionalities and features of the two. Hence, the various app that is compatible with Ubuntu also works effortlessly on Linux Mint. The advantage of using Linux distros and apps is that most are free and open-source. As Linux Mint is an alternative to Ubuntu, you can find an alternative to every popular and widely used app. Thus, there is no scarcity of apps in each category. However, finding a reliable app is not an easy task because of so many options. Read more

KDE Frameworks 5.81 Released with KHamburgerMenu, Various Improvements

The biggest new feature in the KDE Frameworks 5.81 release is the implementation of a new, custom hamburger menu called KHamburgerMenu, which will be shown on QWidgets-based apps whenever the main menubar is hidden. The KDE Project plans to adopt the KHamburgerMenu for all KDE apps as it offers several advantages, including an alternative app menu in case you hide the default menubar by accident, more freedom when you want to take full advantage of the maximum vertical space, more compact design with only relevant menu items, as well as support for relocating, renaming, removing, or even changing its icon. Read more

today's leftovers

  • Radeon Vulkan Driver Adds Option Of Rendering Less For ~30% Greater Performance - Phoronix

    If your current Vulkan-based Radeon Linux gaming performance isn't cutting it and a new GPU is out of your budget or you have been unable to find a desired GPU upgrade in stock, the Mesa RADV driver has added an option likely of interest to you... Well, at least moving forward with this feature being limited to RDNA2 GPUs for now. RADV as Mesa's Radeon Vulkan driver has added an option to allow Variable Rate Shading (VRS) via an environment variable override. This RADV addition is inspired by the likes of NVIDIA DLSS for trading rendering quality for better performance but in its current form is a "baby step" before being comparable to DLSS quality and functionality.

  • Bas Nieuwenhuizen: A First Foray into Rendering Less

    In RADV we just added an option to speed up rendering by rendering less pixels. These kinds of techniques have become more common over the past decade with techniques such as checkerboarding, TAA based upscaling and recently DLSS. Fundamentally all they do is trading off rendering quality for rendering cost and many of them include some amount of postprocessing to try to change the curve of that tradeoff. Most notably DLSS has been widly successful at that to the point many people claim it is barely a quality regression. Of course increasing GPU performance by up to 50% or so with barely any quality regression seems like must have and I think it would be pretty cool if we could have the same improvements on Linux. I think it has the potential to be a game changer, making games playable on APUs or playing with really high resolution or framerates on desktops. [...] VRS is by far the easiest thing to make work in almost all games. Most alternatives like checkerboarding, TAA and DLSS need modified render target size, significant shader fixups, or even a proprietary integration with games. Making changes that deeply is getting more complicated the more advanced the game is. If we want to reduce render resolution (which would be a key thing in e.g. checkerboarding or DLSS) it is very hard to confidently tie all resolution dependent things together. For example a big cost for some modern games is raytracing, but the information flow to the main render targets can be very hard to track automatically and hence such a thing would require a lot of investigation or a bunch of per game customizations.

  • Dota 2 version 7.29 is out with the new Dawnbreaker melee hero

    Valve has put out a major upgrade for their popular free to play MOBA with Dota 2 getting Dawnbreaker. This brand new hero is focused on melee, with a low-skill entry level so it should be suitable for a lot of players. You can see a dedicated hero page for Dawnbreaker here. "Dawnbreaker shines in the heart of battle, happily crushing enemies with her celestial hammer and healing nearby allies. She revels in hurling her hammer through multiple foes and then converging with it in a blazing wake, always waiting to tap her true cosmic power to fly to the aid of her teammates — eager to rout her enemies on the battlefield no matter where they are."

  • Grape times ahead with the release of Wine 6.6 noting plenty of fixes

    No wine-ing about the puns please. Jokes aside, the tasty compatibility tech that is Wine has a new development release available today with Wine 6.6. For newer readers and Linux users here's a refresher - Wine is a compatibility layer built for operating systems like Linux, macOS and BSD. The idea is to allow other platforms to run games and applications only built and supported for Windows. It's also part of what makes up Steam Play Proton. Once a year or so, a new stable release is made.

  • Friday’s Fedora Facts: 2021-14

    Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)! The Final freeze is underway. The F34 Final Go/No-Go meeting is Thursday. I have weekly office hours on Wednesdays in the morning and afternoon (US/Eastern time) in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else. See the upcoming meetings for more information.

  • A developer goes to the Masters: Day 1 inside the digital ops center [Ed: IBM is OK with the word "Master" again, contrary to spin]
  • Rancher Platform Partner, Weka delivers Stateful Storage for Containers at Scale

    Containers rose to the mainstream primarily due to workload portability and immutability advantages. Kubernetes became the primary orchestration tool and was initially supporting stateless applications, commonly referred to as the cattle vs. pets approach. However, data-centric applications need stateful-ness while still leveraging the cattle vs. pet approach. Microservices, Containers, and Kubernetes are now moving mainstream as increasingly more stateful applications are adopting them.

  • SUSE for your agile data platform, featuring Microsoft SQL Server[Ed: SUSE is just a worthless proprietary software reseller for SAP and Microsoft (their salesperson from SAP signing anti-RMS petition makes perfect sense and proves us correct about SUSE's motivations)]
  • What's the point of open source without contributors? Turns out, there are several [Ed: Mac Asay isn't even using it himself, just lecturing others what to do while working for Jeff Bezos]
  • Am I FLoCed? A New Site to Test Google's Invasive Experiment

    FLoC is a terrible idea that should not be implemented. Google’s experimentation with FLoC is also deeply flawed . We hope that this site raises awareness about where the future of Chrome seems to be heading, and why it shouldn't.

    FLoC takes most of your browsing history in Chrome, and analyzes it to assign you to a category or “cohort.” This identification is then sent to any website you visit that requests it, in essence telling them what kind of person Google thinks you are. For the time being, this ID changes every week, hence leaking new information about you as your browsing habits change. You can read a more detailed explanation here .

    Because this ID changes, you will want to visit https://amifloced.org often to see those changes.

  • The Brave browser basics: what it does, how it differs from rivals

    Boutique browsers try to scratch out a living by finding a niche underserved by the usual suspects. Brave is one of those browsers.

    Brave has gotten more attention than most alternate browsers, partly because a co-founder was one of those who kick-started Mozilla's Firefox, partly because of its very unusual — some say parasitical — business model.

Devices/Embedded Hardware

  • 3.5-inch SBC features Comet Lake-S

    Aaeon’s 3.5-inch Linux-ready “GENE-CML5” SBC supplies an up to octa-core 10th Gen Core CPU plus up to 64GB DDR4, 2x SATA, 2x GbE, 2x USB 3.2 Gen2, DP, VGA, M.2 M-key, and PCIe x4. Aaeon has posted a preliminary product page for what appears to be the first 3.5-inch SBC built around Intel’s 10th Gen Comet Lake-S. In fact, this is one of the first Comet Lake SBCs of any kind, following a few early entries like Portwell’s WADE-8212 Mini-ITX board.

  • Play your retro console on a modern TV
  • Olimex RP2040-PICO-PC “computer” to feature RP2040-Py Raspberry Pi Pico compatible module

    We previously wrote it was possible to create a Raspberry Pi RP2040 board with HDMI using DVI and programmable IOs to output video up to 640×480 at 60 Hz with the microcontroller’s Cortex-M0+ cores clocked at 252 MHz. At the time, we also noted Olimex was working on such a board with RP2040-PICO-PC designed to create a small Raspberry Pi RP2040 computer with HDMI/DVI video output. The Bulgarian company has now manufactured the first prototype, but due to supply issues with the Raspberry Pi Pico board, they also designed their own RP2040-PICO module since they’ve got a reel of Raspberry Pi RP2040 microcontrollers.

  • Our most complex Open Source Hardware board made with KiCad – the octa core iMX8 Quad Max – Tukhla is completely routed and now on prototype production

    We started this project June-July 2020. Due to the Covid19 the development took 10 months although only 6 month of active work was done, due to lock downs, ill developers and so on troubles.

    Now the board is completely routed and has these features: [...]