|
|
Log in / Subscribe / Register

Eden: NHS goes to war against open source

[Posted May 1, 2026 by jzb]

Terence Eden reports that the UK's National Health Service (NHS) is preparing to close almost all of its open-source repositories as a response to LLM tools, such as Anthropic's Mythos, becoming more sophisticated at finding security vulnerabilities. He does not, to put it mildly, agree with the decision:

The majority of code repos published by the NHS are not meaningfully affected by any advance in security scanning. They're mostly data sets, internal tools, guidance, research tools, front-end design and the like. There is nothing in them which could realistically lead to a security incident.

When I was working at NHSX during the pandemic, we were so confident of the safety and necessity of open source, we made sure the Covid Contact Tracing app was open sourced the minute it was available to the public. That was a nationally mandated app, installed on millions of phones, subject to intense scrutiny from hostile powers - and yet, despite publishing the code, architecture and documentation, the open source code caused zero security incidents.

Furthermore, this new guidance is in direct contradiction to the UK's Tech Code of Practice point 3 "Be open and use open source" which insists on code being open.


to post comments

English NHS, not (necessarily) all of UK

Posted May 1, 2026 20:21 UTC (Fri) by csamuel (✭ supporter ✭, #2624) [Link] (1 responses)

The UK NHS is devolved to the constituent countries of the UK and this post appears to relate solely to the English NHS.

I don't know if the Welsh, Scottish or Northern Irish instances have similar thoughts, or not.

English NHS, not (necessarily) all of UK

Posted May 6, 2026 14:59 UTC (Wed) by jriddell (subscriber, #3916) [Link]

To be fair to LWN, it's NHS England who insist on using the NHS.uk domain name and branding. People more fussy about these things have brought them up with Terence in the past but it doesn't feel like it's worth making too big a fuss about especially given NHS Scotland seems to just copy most of the English content on its websites and continues to use the .scot.nhs.uk domain.

Closed source also has similar problems

Posted May 1, 2026 21:07 UTC (Fri) by Lennie (subscriber, #49641) [Link] (7 responses)

It's silly for people to think open source code is the problem here.

If you have a binary or source, you can have an AI search for flaws.

Point an AI agent at a disassembler and it will happily go find flaws and write an exploit.

Closed source also has similar problems

Posted May 1, 2026 23:16 UTC (Fri) by k8to (guest, #15413) [Link] (2 responses)

We've had tools that work with binaries for at least thirty years. Closed code hasn't been safe for a generation. Doesn't stop the fools.

Closed source also has similar problems

Posted May 2, 2026 12:24 UTC (Sat) by zeekec (subscriber, #2414) [Link]

It does mean that they don't have to worry about handling fixes from the open-source community.

Closed source also has similar problems

Posted May 6, 2026 12:48 UTC (Wed) by Lennie (subscriber, #49641) [Link]

Hut we now have tools (LLMs) which can read much more and faster than a human and have lots of knowledge of previous bug types.

Closed source also has similar problems

Posted May 3, 2026 9:29 UTC (Sun) by bof (subscriber, #110741) [Link]

So we need processors that decrypt binaries into caches using locked per machine secrets, and installers that generate "pesonalized" binaries from secure vendor app stores on the fly.

(not!)

Closed source also has similar problems

Posted May 3, 2026 16:09 UTC (Sun) by jd (guest, #26381) [Link]

It's presumably about fears by those managers who don't understand such things and possibly politicians who are seeking to get rich quick via contracts to private companies for closed-source versions (that might well actually end up being pre-compiled copies of the open source software). I hope I'm being overly cynical here.

Closed source also has similar problems

Posted May 6, 2026 14:46 UTC (Wed) by nim-nim (subscriber, #34454) [Link] (1 responses)

Some points
1. it’s not as simple as “point an AI agent at a disassembler”
2. all the companies trying to woe 3-letter-agencies with their AI are definitely working on it
3. it’s a lot less dangerous legal-wise to claim an exploit against some FLOSS software, than to do the same with some proprietary binary-only software protected by expensive lawyers
4. you need to publish an exploit against some binary-only proprietary software to prove the tech works, because otherwise people will say the agent had access to the source code via training or something else
5. therefore don’t expect public proof the tech works as soon as it starts working

However some people are definitely in damage control mode and “this can’t work (yet)” mode today :
https://www.penligent.ai/hackinglabs/anthropic-mythos-str...

Closed source also has similar problems

Posted May 10, 2026 10:20 UTC (Sun) by lyda (subscriber, #7429) [Link]

So based on those points we can determine that state actors will very soon have exploits for NHS software that no one will know about.

Solid plan.

Stupid disclosure policies are coming too

Posted May 2, 2026 13:23 UTC (Sat) by bjackman (subscriber, #109548) [Link] (3 responses)

This phenomenon dovetails nicely with the sockpuppet.org post from a few weeks ago [0]:

> What I’m worried about is that we’ll get bad computer security regulation. Our industry has agreed for decades about the ethics of vulnerability research. Specifically: that it’s computer science. Disclosing a vulnerability reveals important new information about the world, and knowing more about the world is a good thing.
>
> Security researchers are kidding themselves if they assume policymakers see it the same way.

I fear we are in for a few years of highly impactful, completely idiotic policy decisions from powerful morons who are too pigheaded to consult with security experts.

[0] https://sockpuppet.org/blog/2026/03/30/vulnerability-rese...

Stupid disclosure policies are coming too

Posted May 3, 2026 13:25 UTC (Sun) by ballombe (subscriber, #9523) [Link] (2 responses)

They might have consulted military security experts. This is a typical reaction.

Stupid disclosure policies are coming too

Posted May 5, 2026 10:06 UTC (Tue) by tao (subscriber, #17563) [Link]

A much more likely scenario is that they've listened to lobbyists from proprietary software companies.

Stupid disclosure policies are coming too

Posted May 7, 2026 1:41 UTC (Thu) by davecb (subscriber, #1574) [Link]

They might have consulted military security experts. This is a typical reaction.

The military isn't that stupid. They (we) balance needs. For example, "Flash" messages, indicating you had encountered the enemy, were immediately sent, unencrypted . The enemy, you understand, knew you were there from all the bullets whizzing by.

Other messages, where security was more important than immediacy, were encrypted.
Modern radios have fairly good real-time scrambling/frequency-hopping via the SAVILLE algorithm, so you get immediacy as well as some security.

I'll bet a whole nickel they've been talking to proprietary-security vendors.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds