4 hours ago
5
The UK's National Health Service (NHS) is ordering all of its technology leaders to temporarily wall off the organization's open source projects over concerns relating to advanced AI and Anthropic's Mythos.
According to guidance shared internally within the organization and seen by The Register, GitHub repositories must be set from public to private by May 11.
The guidance reads: "Public repositories materially increase the risk of unintended disclosure of source code, architectural decisions, configuration detail, and contextual information that may be exploited – particularly given rapid advancements in AI models capable of large-scale code ingestion, inference, and reasoning (e.g. developments such as the Mythos model)."
It also states GitHub repos should not be public "unless there is an explicit and exceptional need." The decision was approved by the NHS' Engineering Board.
An NHS England spokesperson told The Register this was merely a temporary measure enacted while the organization shores up its cybersecurity posture.
"We are temporarily restricting access to some NHS England source code to further strengthen cybersecurity while we assess the impact of rapid developments in AI models," they said.
"We will continue to publish source code where there is a clear need."
NHS sources told us very few of the hundreds of NHS open source repositories contain anything remotely sensitive. Examples of open repos include those dedicated to documentation, architecture diagrams, and codebases for internal tools, such as web apps for managing clinic times.
While there are bugs that an frontier AI model such as Mythos could unearth, there is thought to be very little risk to healthcare services.
The NHS's decision to pull a curtain over its code does, however, mark a significant, albeit temporary, U-turn in its longstanding policy of favoring open source.
Reflecting the policy of the wider British government, the organization's service manual states that all new source code should be made open source and shareable under an appropriate license. Its reasoning lies in how it is funded.
"Public services are built with public money," the manual states. "So unless there's a good reason not to, the code they're based [on] should be made available for other people to reuse and build on.
"Open source code can save teams duplicating effort and help them build better services faster. And publishing source code under an open license means that you're less likely to get locked in to working with a single supplier."
Reports on the NHS deleting web pages devoted to communicating its approach to open source circulated late last year, suggesting it could be wavering.
However, the healthcare org responded by saying this was part of a routine cleanup job related to NHSX and NHS Digital being folded into NHS England.
- Usage-based pricing killing your vibe - here's how to roll your own local AI coding agents
- Microsoft fixes VS Code after app gives Copilot credit for human's work
- Mythos complicates the breakup, says Pentagon CTO, but Anthropic is still barred
- Zed team releases version 1.0 of Rust-built editor: Traditional editor and AI tool
NHS England did not give an estimate for when this temporary closed-sourcing will end, nor did it answer questions about what it deems the most significant threats advanced AI models pose to its open source repos.
Mythos… threat or fud?
Reg readers have no doubt caught the ghost stories swirling around Anthropic's latest AI model, Mythos. It is touted by Anthropic as a model capable of rapidly finding vulnerabilities that skilled human teams would miss. Others see it as over-hyped.
National authorities, including the UK's AI Safety Institute and National Cyber Security Centre, have somewhat validated Anthropic's claims of Mythos representing an advancement beyond the forecasted AI development cycle.
However, others are more sceptical about the purported bug-hunting power. Anthropic has still not yet revealed the number of false positives the model throws up when running vulnerability scans, which is a common issue with AI thus far.
Tests comparing Mythos with open source models have also revealed the proficiency gap is narrower than Anthropic implies.
For now, Mythos is locked behind Project Glasswing, available only to select organizations. But Forrester analysts warn that once powerful models reach the public - and attackers - open source software faces a genuine threat, one that Anthropic's $4 million donation to Project Glasswing is unlikely to meaningfully address.
Former head of open technology at NHSX, Terence Eden, argued that shifting open source repos from public to private will not provide a meaningful defense against advanced AI capabilities.
"[People's open source code] was all ingested for 'training purposes' years ago," he writes in a recent blog. "If it was moderately interesting, then it was backed up by a digital hoarder. It has been archived by various digital libraries. Anyone who wants to do research on your code base can.
"Closing now doesn't meaningfully protect you."
Many of the serious vulnerabilities facing an organization are not necessarily in their respective codebases, he added, but in their software supply chains – their operating systems and libraries, and so on.
"The bigger risk comes not from subtle logic bugs but from phishers, poor password hygiene, and insider threats. Securing your existing systems provides more protection than rushing to close-source your code." ®
English (US) ·