Stop Trusting Trust
Trust in software one did not build might be practically impossible, leaving the task of establishing and rigorously enforcing tolerable levels of distrust in others’ code. Working to improve the security of software and managing these levels of distrust is critical for private-sector enterprise as well as sensitive defense and intelligence organizations.
Breaking Trust: The Project
Trust in software one did not build may be practically impossible, leaving the task of establishing and rigorously enforcing tolerable levels of distrust in others’ code. Working to improve the security of software and managing these levels of distrust is critical for private sector enterprise as well as sensitive defense and intelligence organizations. This project remains ongoing to highlight the need for a more coherent policy response together with action from industry and open-source communities.
Projects
O$$ Security: Does More Money for Open Source Software Mean Better Security? A Proof of Concept
A proof-of-concept study looking for correlation between open source software project funding and security practices at scale.
The Cyber Statecraft Initiative, part of the Atlantic Council Tech Programs, works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.