# Open Source Software Risk Frameworks



## Phishfry (Sep 24, 2022)

They always make these bills sound so innocuous.
Such as "The Patriot Act".
In reality they are exactly opposite their title.









						Senators propose open source software risk framework in new bill
					

CISA would develop the framework for agencies and, voluntarily, critical infrastructure owners and operators in response to the Log4j vulnerability.




					www.fedscoop.com
				




This is the punch line:


> The Securing Open Source Software Act would further have CISA hire open source software experts to help address cyber incidents


Another jobs program? Wait until they find out what working with the government is really like...

Once they figure out that people can donate code anonymously they will stop that.
Just like blockchain, we have to 'know your customer'. Anonymous is dangerous to USGov.
They forbid you seek privacy why destroying our democracy.

I imagine the Great Blue Firewall coming soon to a peering station near you.
You must not be a patriot if you don't use the Great Blue Firewall.


----------



## Phishfry (Nov 19, 2022)

> Additionally, regulations do not authorize the use of free software when paid software is available,


Seems they didn't get the memo.








						Russia-based Pushwoosh tricks US Army into running its code
					

Russian data trackers … what could possibly go wrong?




					www.theregister.com


----------

