If you remember the recent Heartbleed outbreak, you probably also remember the sheer panic it induced in the tech industry and users of many popular websites.
The Linux Foundation subsequently created the Core Infrastructure Initiative to help prevent further outbreaks, and today it’s announced two new backers and the first projects getting funding.
As a refresher, a bug named Heartbleed was discovered in the popular encryption library OpenSSL last month. Essentially, the bug meant that attackers could tune into communications between those websites and browsers. OpenSSL is an open-source project, meaning that the Linux Foundation and others in the community are able to work collaboratively to improve its security.
The first projects the CII will fund are Network Time Protocol, OpenSSH, OpenSSL, and the Open Crypto Audit Project (OCAP). OpenSSL will receive enough funds to get two full-time core developers.
The OCAP will get funding to conduct a security audit of the OpenSSL code base, presumably courtesy of Heartbleed which, it turned out, had been around for more than two years before Neel Mehta of Google Security and Codenomicon engineers independently discovered it.
The audit’s high priority is likely due to this fact. OpenSSL is a very popular library, and while someone has to step in and make sure no other bugs are lurking in the shadows, leaving it to a private entity (like a company) would be counter to the idea of open source, hence the foundation’s initiative to help.
“All software development requires support and funding. Open source software is no exception and warrants a level of support on par with the dominant role it plays supporting today’s global information infrastructure,” said Linux Foundation executive director Jim Zemlin in an official statement.
“CII implements the same collaborative approach that is used to build software to help fund the most critical projects. The aim of CII is to move from the reactive, crisis-driven responses to a measured, proactive way to identify and fund those projects that are in need. I am thrilled that we now have a forum to connect those in need with those with funds,” he said.
Adobe, Bloomberg, HP, Huawei, and Salesforce are also joining the CII’s current backers and founders which include Amazon Web Services, Cisco, Dell, Facebook, Google, Microsoft, Intel, and a few others.
The CII will continue to review and select critical open source projects in need of funding and resources.
HP is an American multinational information technology corporation headquartered in Palo Alto, California, USA that provides products, technologies, softwares, solutions and services to cons... All HP news »
Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company’s platform and application services include... All Salesforce.com news »
Whether it's a smartphone or tablet app, a game, a video, a digital magazine, a website, or an online experience, chances are that it was touched by Adobe technology. Our tools and services ... All Adobe news »
Bloomberg, the global business and financial information and news leader, gives influential decision makers a critical edge by connecting them to a dynamic network of information, people and... All Bloomberg news »
Huawei is a leading global ICT solutions provider. Through our dedication to customer-centric innovation and strong partnerships, we have established end-to-end capabilities and strengths ac... All Huawei Technologies news »
More than 20 years ago, Linus Torvalds sparked an open source revolution with a short email declaring he was doing a new project “just for fun.” Today, Linux powers 98% of the world’s ... All The Linux Foundation news »