Will the cyber resilience act kill open source ? (en.m.wikipedia.org)

submitted 1 year ago by jungekatz@lib.lgbt to c/opensource@lemmy.ml

34 comments fedilink hide all child comments

Since the EU is bringing an act , that needs the products distributed to be flawless , and it applies to open source products too , if a single of their contributor / donor works for a corporate , what will be the future of FOSS in europe with this ?

you are viewing a single comment's thread
view the rest of the comments

[-] vsis@feddit.cl 24 points 1 year ago

Companies need to conduct cyber risk assessments before a product is put on the market and throughout its lifecycle effectively manage its vulnerabilities, regularly test it, and so on. Products assessed as 'critical' will need to undergo external audits.

I have not read the proposal. Legal language makes me want to rip my own eyes off.

The only winners I see are those security auditors and similar providers.

Privative corpos from USA and China will arrive with all "security assesments" and "auditions" in place, and still have backdoors lol

[-] jungekatz@lib.lgbt 5 points 1 year ago

They prepared a list of software that need mandatory audit , like browsers and all !

this post was submitted on 15 Aug 2023

98 points (92.2% liked)

Open Source

31358 readers

146 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

Cloak@lemmy.ml

kevincox@lemmy.ml

CrypticCoffee@lemmy.ml

Lettuceeatlettuce@lemmy.ml