Tech giants commit millions to fund open-source projects in wake of Heartbleed

The Linux Foundation is launching a project to support and maintain critical open-source projects since the discovery of the Heartbleed bug that left potentially sensitive Internet traffic around the world vulnerable.

The program, known as the Core Infrastructure Initiative, will bring together some of the biggest names in tech. Amazon, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, Qualcomm and VMWare have each pledged $100,000 a year over the next three years to the project, according to the New York Times. The companies will select representatives  to help choose which projects the group will support. The projects could include funding developers to work on security audits and test computer infrastructure.

It's starting with OpenSSL. Just a few weeks ago the Heartbleed coding bug was discovered in the popular encryption protocol after existing for two years in the wild.

Although it's relied upon by some major tech companies and many other entities, including governments, OpenSSL is maintained by a group of fewer than a dozen encryption enthusiasts around the world and just one full-time employee, who works out of a home office near Frederick, Md. In the year leading up to the bug's discovery, the group had received less than $2,000 in donations.

"Open source historically has produced high quality and highly secure software," the Foundation said in a statement announcing the project. "But as all software has grown in complexity  –  with interoperability between highly complex systems now the standard – the needs for developer support has grown."

Andrea Peterson covers technology policy for The Washington Post, with an emphasis on cybersecurity, consumer privacy, transparency, surveillance and open government.
Comments
Show Comments
Most Read Business
Next Story
Brian Fung · April 24