Google, Facebook, Amazon unite in a bid to ensure Heartbleed doesn't happen again

By Sooraj Shah
24 Apr 2014 View Comments
heartbleed

Internet and technology giants are uniting to support ‘critical' open source projects in the aftermath of the Heartbleed OpenSSL crisis.

Amazon Web Services, Google, Cisco, Microsoft, IBM, Intel, Facebook, Dell, VMware, Rackspace, Fujtisu, Qualcomm and NetApp are backing the ‘Core Infrastructure Initiative', which is formed and run by The Linux Foundation.

Further reading

The aim of the initiative is to enable technology firms to collaborate so that they can identify and fund open source projects that are in need of assistance.

When Computing questioned who was to blame for the Heartbleed bug, the consensus was that many of the big companies that were using the OpenSSL code for their own benefit weren't funding or helping to maintain and test the software.

Despite a recent Coverty Open Scan study of software quality suggesting that open source code quality is superior to proprietary code quality, it has grown in complexity and therefore needs support.

The first project under consideration to receive funds from the initiative will be OpenSSL, which to date has only received about $2,000 per year in donations. Support from the initiative can include funding for fellowships for key developers to work full time on the open source project, security audits, computing and test infrastructure, travel, face-to-face meeting coordination, and other support.

Jim Zemlin, executive director of The Linux Foundation, said that the organisation will now be able to support additional developers and maintainers to work full-time supporting other essential open source projects.

The importance of open source software was highlighted by several of the founding members of the programme.

Facebook's engineering director of traffic and edge, Doug Beaver, said open source "makes today's computing infrastructure possible", while Dell Software CTO Don Ferguson emphasised that protecting the work of open source developers and projects is "of the highest priority".

Meanwhile, Colin Kincaid, VP product management and architecture at Cisco, stated that supporting dedicated open source collaborators and contributors is "vital to the success and growth of innovation".

The initiative's funds will be administered by the Linux Foundation, a steering group comprised of backers of the project, key open source developers and other industry stakeholders.

"We are thankful for these industry leaders' commitment to ensuring the continued growth and reliability of critical open source projects such as OpenSSL," The Linux Foundation's Zemlin said.

The organisation said it expects more sponsors to join in the coming weeks and months.

Reader comments
blog comments powered by Disqus
Newsletters
Is it time to open Windows?

Computing believes that Microsoft will start offering Windows free of charge by 2017. Is this a good thing for the enterprise?

55 %
16 %
6 %
20 %
3 %