The UK’s National Health Service is preparing to close access to almost all of its open source repositories in response to new security risks. Such risks are caused by significant progress in the ability to identify vulnerabilities using large language models such as Claude Mythos.
Terence Eden (Terence Eden), who participated in the promotion of open standards and open source software in UK government agencies, considers the decision erroneous and contrary to the current regulations in the UK “Tech Code of Practice“, which prescribes the use of open development models and the use of open source. According to Terence, the risk is overestimated and for most repositories, access to which they intend to restrict, scanning with AI tools does not create new security risks, since these repositories mainly host data sets, manuals, interface layouts, as well as internal and research tools that are not involved in public services.
With the participation of Terence, backup copies of the repositories of the UK health service were organized. If repositories are deleted, they will be republished elsewhere because the public licenses under which the content is distributed allow this.