Technology giants like Google, Microsoft and Facebook have finally decide to bind together to create a collaborative effort to secure OpenSSL, following the massive Heartbleed vulnerability that not only presented many opportunities for exploitation by hackers, but gave the government backdoor access into the majority of online services.
Heartbleed might have caught people off guard with its scope, but not many people were surprised by its actual existence. OpenSSL has been underfunded and under monitored since the beginning of its use.
Now a collaboration of massive technology companies will be working together to both fund and run a better program, sponsoring the security and further development of the OpenSSL platform.
The project will be administrated by The Linux Foundation, to keep it from falling under a single corporate banner.
The Core Infrastructure Initiative is a multi-million dollar project organized by The Linux Foundation to fund open source projects that are in the critical path for core computing and Internet functions, a statement from the Foundation read.
Galvanized by the Heartbleed OpenSSL crisis, the Initiative’s funds will be administered by The Linux Foundation and a steering group comprised of backers of the project as well as key open source developers and other industry stakeholders.
A full $3.9 million has been pledged, with additional monetary support from various companies globally for this cause.
The primary backers are: Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, VMware and The Linux Foundation.
Our global economy is built on top of many open source projects, Jim Zemlin said.
Just as The Linux Foundation has funded Linus Torvalds to be able to focus 100% on Linux development, we will now be able to support additional developers and maintainers to work full-time supporting other essential open source projects. We are thankful for these industry leaders’ commitment to ensuring the continued growth and reliability of critical open source projects such as OpenSSL.
The exposure of this bug should have happened years ago, if it is what it takes to get major companies on board. With so much money going into funding securing this and other opensource projects, and consumer opinion becoming ever more cynical of certain practices by the government in particular, it is clear that open source technology is the way of the future.
Source: Linux Foundation