Skip to main content

Google invests in open source security by funding Linux kernel developers

Join us in Atlanta on April 10th and explore the landscape of security workforce. We will explore the vision, benefits, and use cases of AI for security teams. Request an invite here.


In a nod to the growing importance of open source software, Google today announced that it will underwrite the salaries for two developers who will focus on Linux’s fundamental security.

The gesture may seem limited, but Google believes targeting the Linux kernel will have a broader impact on Linux’s underlying security. The company hopes other corporations will be inspired to do the same in an attempt to clear a lengthy backlog of items researchers already know need to be addressed.

The Linux kernel is the basic interface that sits between computer hardware and the software running on it. It has become the cornerstone of a large portion of the open source systems that have been deployed around the world.

And the issue has taken on greater urgency for Google, which has progressively been adopting more open source software. Google notably contributed Kubernetes to the Linux Foundation, and the system has become a lynchpin of the cloud-native computing movement.

VB Event

The AI Impact Tour – Atlanta

Continuing our tour, we’re headed to Atlanta for the AI Impact Tour stop on April 10th. This exclusive, invite-only event, in partnership with Microsoft, will feature discussions on how generative AI is transforming the security workforce. Space is limited, so request an invite today.
Request an invite

But that work has also driven home the urgent need for greater security in open source tools, according to Google staff software engineer Dan Lorenc.

Google has been generally expanding its focus on security as part of a move to make Google Cloud offerings more attractive to companies holding ultra-sensitive data.

“It’s hopefully a proactive response,” Lorenc said. “We’re trying to get ahead of the rise of supply chain attacks.”

The Linux Foundation’s Open Source Security Foundation (OpenSSF) partnered with the Laboratory for Innovation Science at Harvard (LISH) on a recent report that emphasized the need for greater open source security, including for Linux.

Lorenc said that as Linux has become increasingly fundamental to supply chains and other large systems, it has naturally become a bigger target for cyber criminals. Lots of companies now sell security solutions, but shoring up the Linux kernel is seen as a way to toughen basic security.

Via the foundation, Linux is maintained and developed by an estimated 20,000 contributors working on their own time. While many of these individuals have some interest in security, Google’s move could help make security a bigger priority.

The funds will allow two maintainers, Gustavo Silva and Nathan Chancellor, to focus on Linux kernel security development. The pair have been among the most active contributors and will now be able to commit themselves on a full-time basis.

VB Daily - get the latest in your inbox

Thanks for subscribing. Check out more VB newsletters here.

An error occured.