Security News

The White House is asking the technical community to switch to using memory-safe programming languages - such as Rust, Python, Swift, C#, Java, and Go - to prevent memory corruption vulnerabilities from entering the digital ecosystem. To help with the transition, the White House Office of the National Cyber Director has released a report outlining why memory-safe programming languages and memory-safe hardware is needed, and outlines formal methods to give software developers greater assurance that entire classes of vulnerabilities - not just memory safety bugs - are absent.

The White House Office of the National Cyber Director urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. Such vulnerabilities are coding errors or weaknesses within software that can lead to memory management issues when memory can be accessed, written, allocated, or deallocated.

According to the letter, a surveillance program now known as Data Analytical Services has for more than a decade allowed federal, state, and local law enforcement agencies to mine the details of Americans' calls, analyzing the phone records of countless people who are not suspected of any crime, including victims. Using a technique known as chain analysis, the program targets not only those in direct phone contact with a criminal suspect but anyone with whom those individuals have been in contact as well.

The executive order features wide-ranging guidance on maintaining safety, civil rights and privacy within government agencies while promoting AI innovation and competition throughout the U.S. Although the executive order doesn't specify generative artificial intelligence, it was likely issued in reaction to the proliferation of generative AI, which has become a hot topic since the public release of OpenAI's ChatGPT in November 2022. Any company developing " any foundation model that poses a serious risk to national security, national economic security, or national public health and safety " must keep the U.S. government informed of their training and red team safety tests, the executive order states.

Order the development of a National Security Memorandum that directs further actions on AI and security, to be developed by the National Security Council and White House Chief of Staff. Protect Americans' privacy by prioritizing federal support for accelerating the development and use of privacy-preserving techniques-including ones that use cutting-edge AI and that let AI systems be trained while preserving the privacy of the training data.

Assurances include watermarking, reporting about capabilities and risks, investing in safeguards to prevent bias and more. Some of the largest generative AI companies operating in the U.S. plan to watermark their content, a fact sheet from the White House revealed on Friday, July 21.

The new AI cyber challenge will have a number of different phases. Interested would-be competitors can now submit their proposals to the Small Business Innovation Research program for evaluation and, eventually, selected teams will participate in a 2024 "Qualifying event." During that event, the top 20 teams will be invited to a semifinal competition at that year's DEF CON, another large cybersecurity conference, where the field will be further whittled down.

Representatives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI recently convened at the White House for a meeting with President Biden with the stated mission of "Ensuring the responsible development and distribution of artificial intelligence technologies". To continue to research the potential societal risks posed by AI and its various applications To develop AI technologies designed to address society's most significant and pressing challenges.

The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States' most important software, such as code that helps run the internet and critical infrastructure. The AI Cyber Challenge will challenge competitors across the United States, to identify and fix software vulnerabilities using AI. Led by the Defense Advanced Research Projects Agency, this competition will include collaboration with several top AI companies - Anthropic, Google, Microsoft, and OpenAI - who are lending their expertise and making their cutting-edge technology available for this challenge.

The White House has weighed in on the Section 702 debate, urging lawmakers to reauthorize, "Without new and operationally damaging restrictions," the controversial snooping powers before they expire at the end of the year. Section 702 of the Foreign Intelligence Surveillance Act allows the American government to monitor electronic communications of foreign persons outside of the United States [PDF], and people they confer with, including US persons.