GDS weighs in on the NHS's decision to retreat from Open Source

The Trigger: An Overreaction to an AI Security Test The incident began when the UK's National Health Service (NHS), participating in an AI security research project called 'Project Glasswing,' had vulnerabilities reported in its open-source code repositories. The NHS's response was to shut down public access to these repositories entirely. This decision immediately drew sharp criticism from developers and open-source advocates, most notably Terence Eden, who has long followed government open-source policy. He deemed it an ill-considered overreaction, akin to demolishing an entire house because someone reported a flaw in its door lock. The Breakdown: A Public 'Rebuke' from Within Government The situation escalated with the public intervention of the UK Government Digital Service (GDS). On May 14, GDS published guidance titled 'AI, open code and vulnerability risk in the public sector.' Its core recommendation: 'Keep open by default.' GDS explicitly stated that making everything private adds additional delivery and policy costs and can reduce reuse and scrutiny. Openness should remain the default posture, with closure used sparingly and deliberately. While the document did not name the NHS, in the subtle culture of the UK Civil Service, this was a direct and public rebuke. Terence Eden used a vivid metaphor: in the Civil Service, being 'invited to a meeting without biscuits' implies a frosty discussion devoid of normal politeness. Making a severe internal disagreement public is even rarer. This indicates that GDS views the NHS's decision not just as a technical error, but as a departure from fundamental public sector principles. Trend Insight: The Changing 'Attack-Defense' Logic of Open Source in the AI Era This event reveals a deeper trend: AI is changing how security vulnerabilities are discovered and responded to, thereby impacting traditional open-source strategies. In the past, vulnerabilities in open-source code relied mainly on human audits and community reports, a relatively slow process. AI security projects like 'Glasswing' mean vulnerabilities can be discovered at scale, automatically. This creates unprecedented pressure for maintainers: they might receive a flood of vulnerability reports overnight. The NHS's 'close the repository' reaction was a panic-driven decision under this pressure—they likely saw closure as the fastest way to eliminate risk. However, GDS's guidance points to another path: we cannot否定 the value of openness just because vulnerabilities are found quickly. The transparency, collaborative innovation, and public oversight that open source brings become even more important in the AI era. AI systems themselves need to be auditable, and public sector algorithmic decisions require public scrutiny. If we move towards closure out of fear of vulnerabilities found by AI, it could create a vicious cycle: the more closed the code, the less external review it gets, potentially leading to greater, undiscovered systemic risks. Practical Value: Insights for Developers and Decision-Makers For IT practitioners and decision-makers, this case offers a clear framework for thinking:

1. Distinguish 'Vulnerability Response' from 'Open Source Strategy': The correct response to discovering vulnerabilities is to fix them, release patches, and update security processes—not to abandon the entire open-source model. This is a tactical issue and should not escalate into a strategic retreat. 2. Assess the True Cost of 'Default Closed': GDS reminds us that privatization has hidden costs—stagnant collaboration, reinventing the wheel, and loss of community trust. In an era where AI accelerates innovation, these costs may be even higher. 3. View AI as an 'Enhancer' for Open Source Security: Instead of fearing AI-discovered vulnerabilities, proactively use AI tools for code auditing, dependency scanning, and threat modeling. Make AI a co-builder of open-source ecosystem security, not a destroyer. A Counterintuitive Angle One angle that might be overlooked is that this incident could be a good thing. It forces the public sector to seriously debate the core value of open source early in the rapid infiltration of AI technology. GDS's clear stance sets an important precedent for other government agencies worldwide—in the AI era, open collaboration is not just a technical choice but a necessary governance principle. The public discussion sparked by this 'meeting without biscuits' may ultimately be far more valuable than the few code repositories that were shut down.