Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Heartbleed
patching up

Google, Microsoft and co join forces to prevent the next Heartbleed from happening

The Core Infrastructure Initiative will invest in open source projects that play an important role in web security, and is backed by companies like Google, Facebook and Microsoft.

AFTER THE DISCOVERY of Heartbleed earlier this month, a flaw in OpenSSL which affected two-thirds of the web, a number of major tech companies are teaming up to help prevent a similar situation from happening again.

The Core Infrastructure Initiative, which was formed by the Linux Foundation, is a new project which will fund open source projects that are critical for core computing and internet functions.

One of the problems it will address is how a large number of crucial open source software projects are under-funded and under-resourced. OpenSSL, which is used by two-thirds of the web, has only received $2,000 per year in donations despite playing a major role in web encryption.

Twelve companies have backed the initiative including Dell, Microsoft, Google, Facebook, Intel, Amazon Web Services, HP, and IBM. Each company have each pledged $100,000 a year over the next three years to the initiative, meaning it has $3.6 million to pledge to projects during this period.

Support from the initiative will include funding for fellowships for key developers to work full-time on open source projects, security audits, computing and test infrastructure, travel, face-to-face meeting coordination and other support.

Funds will be administered by The Linux Foundation and a steering group comprised of backers of the project as well as key open source developers and other industry stakeholders.

The first project under consideration to receive funds from the initiative will be OpenSSL, the encryption tool at the centre of Heartbleed, and will consider other open source projects over time.

Read: ‘Heartbleed’ security bug leaves encrypted web servers at risk >

Read: The rate of cybercrime is on the rise, with some firms losing nearly €4 million because of it >

Your Voice
Readers Comments
6
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.