Microsoft, Google, and other tech giants have committed to contribute more than $3 million to the Core Infrastructure Initiative, which was launched to improve open source software.
The disclosure of the Heartbleed bug in the OpenSSL encryption tool stimulated recruitment for the initiative, which Linux Foundation executive director Jim Zemlin says should reduce the risk of similar bugs cropping up. "We have to provide resources in a way that allows [open source developers] to operate the way they have been operating, in a way that allows them to do it full time without having to worry about their next meal," he notes.
The initiative will study a wide swath of open source efforts and determine which ones could receive significant funding, with OpenSSL being the first project under consideration, according to the Linux Foundation. Zemlin says project proposals would be presented to a steering committee that would then hold a vote on funding apportionment.
Shortly following Heartbleed's disclosure, some companies suggested professionally testing open source software projects. Canonical founder Mark Shuttleworth views the initiative as a first step in establishing institutions that can police open source software, and points to the need to create other institutions designed to ensure access to such resources for cybersecurity stakeholders.
From The Wall Street Journal
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found