The Linux Foundation Aims To Prevent Future Heartbleed Bugs [...]
The Linux Foundation Aims To Prevent Future Heartbleed Bugs With Its Core Infrastructure Initiative
📅 - The Linux Foundation has brought some of the biggest tech companies together in an effort to prevent another bug such as Heartbleed from happening again.
The companies have joined together to each pledge $100,000 a year for the next three years to the Core Infrastructure Initiative, a group formed by the Linux Foundation, reports the New York Times.
The tech giants involved in the initiative include Amazon, Microsoft, Google, Facebook, NetApp, Rackspace, Qualcomm, VMWare, IBM, Intel, Dell, Cisco, and Fujitsu.
Money given by each company will be used to help developers work on open-source projects full time, pay for security audits, and computing and testing infrastructure.
“This is not just about the money, but the forum,” said executive director of the Linux Foundation, Jim Zemlin. “Instead of responding to a crisis retroactively, this is an opportunity to identify crucial open-source projects in advance. Right now, nobody is having that conversation, and it's an important conversation to have.”
The Core Infrastructure Initiative will start with OpenSSL, which was where researchers discovered the security flaw two weeks ago. More than two thirds of Internet servers use the OpenSSL encryption tool that is managed by only a small volunteer staff and one full-time developer.
In the past two weeks, numerous groups dedicated to funding security audits for open source software has been formed. For example, OpenBSD has raised $17,000 in donations to fund these audits in order to find and fix future security flaws.
The companies have joined together to each pledge $100,000 a year for the next three years to the Core Infrastructure Initiative, a group formed by the Linux Foundation, reports the New York Times.
The tech giants involved in the initiative include Amazon, Microsoft, Google, Facebook, NetApp, Rackspace, Qualcomm, VMWare, IBM, Intel, Dell, Cisco, and Fujitsu.
Money given by each company will be used to help developers work on open-source projects full time, pay for security audits, and computing and testing infrastructure.
“This is not just about the money, but the forum,” said executive director of the Linux Foundation, Jim Zemlin. “Instead of responding to a crisis retroactively, this is an opportunity to identify crucial open-source projects in advance. Right now, nobody is having that conversation, and it's an important conversation to have.”
The Core Infrastructure Initiative will start with OpenSSL, which was where researchers discovered the security flaw two weeks ago. More than two thirds of Internet servers use the OpenSSL encryption tool that is managed by only a small volunteer staff and one full-time developer.
In the past two weeks, numerous groups dedicated to funding security audits for open source software has been formed. For example, OpenBSD has raised $17,000 in donations to fund these audits in order to find and fix future security flaws.
Reads: 1797 | Category: General | Source: TheHN : The Hosting News
Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!