Site   Web

April 25, 2014

Tech Titans Team Up to Eradicate HeartBleed-Like Bugs

Image courtesy of (digitalart)/

The technology industry’s largest companies are banding together to fund critical open source projects to make the Internet a safer place to surf.

Headed by the Linux Foundation, the newly formed Core Infrastructure Initiative is the industry’s joint response to Heartbleed, a bug found in OpenSSL, the open-source software package broadly used to encrypt Web communications.

Other founding members of the initiative — which will see millions of dollars put toward open source projects — are Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, RackSpace and VMware.

The goal of the group is to “change funding requests from the reactive post-crisis asks of today to proactive reviews identifying the needs of the most important projects.”

Not surprisingly, OpenSSL — which received only about $2,000 per year in donations — is first on the group’s funding consideration list.

If approved, OpenSSL “could receive fellowship funding for key developers as well as other resources to assist the project in improving its security, enabling outside reviews, and improving responsiveness to patch requests,” reads a Linux Foundation press release.

All funding will be administered by The Linux Foundation and a steering group made up of project backers, key open source developers and other industry stakeholders.

“We are expanding the work we already do for the Linux kernel to other projects that may need support,” said Linux Foundation executive director Jim Zemlin. “Our global economy is built on top of many open source projects. Just as The Linux Foundation has funded Linus Torvalds to be able to focus 100 percent on Linux development, we will now be able to support additional developers and maintainers to work full-time supporting other essential open source projects. We are thankful for these industry leaders’ commitment to ensuring the continued growth and reliability of critical open source projects such as OpenSSL.”

Facebook engineering director of traffic and edge, Doug Beaver, said the social network is “excited” to support open source and its developers.

“This initiative will help ensure that these core components of internet infrastructure get the assistance they need to respond to new threats and to reach new levels of scale,” Beaver said.

Microsoft agreed, describing open source as “an industry-wide concern requiring industry-wide collaboration.”

To join, donate or find out more information about the Core Infrastructure, click here. 


Jennifer Cowan is the Managing Editor for SiteProNews.