Story broken by New Scientist today, but it’s been in the unofficial rumour mill all week for those working inside NHSE.
Terence Eden has put out a good explanatory blog post
There is an open letter if you feel you would like to sign and share it.
From what I read, fear over mythos hacking capabilities has been greatly exaggerated, so I’m wondering if that’s the real motivation of closing source code
I agree - I think if we were to investigate the professional composition and affiliations of those that were on (and influencing) the NHSE Engineering Board, we might find conflicts of interests. The board’s membership is not public as far as I am aware.
I will watch Terence Eden’s FOI request with interest.
On Mythos, I also agree, the AISI have published this useful evaluation, which shows incremental improvement in the model’s ability to find and exploit vulnerabilities, but it is not so dramatic as to need a blanket code lockdown, especially when locking down code is not actually helpful.
I still wonder why people think that helps, its literally discouraged by most of the It sec bodies.