Sign In

Communications of the ACM

ACM TechNews

Microsoft, Google, Other Tech Giants ­nite to Prevent Next Heartbleed


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
No Heartbleed permitted.

Giant tech companies have committed to contributing millions of dollars to the Core Infrastructure Initiative, which is aimed at improving open source software.

Credit: medialets.com

Microsoft, Google, and other tech giants have committed to contribute more than $3 million to the Core Infrastructure Initiative, which was launched to improve open source software.

The disclosure of the Heartbleed bug in the OpenSSL encryption tool stimulated recruitment for the initiative, which Linux Foundation executive director Jim Zemlin says should reduce the risk of similar bugs cropping up. "We have to provide resources in a way that allows [open source developers] to operate the way they have been operating, in a way that allows them to do it full time without having to worry about their next meal," he notes.

The initiative will study a wide swath of open source efforts and determine which ones could receive significant funding, with OpenSSL being the first project under consideration, according to the Linux Foundation. Zemlin says project proposals would be presented to a steering committee that would then hold a vote on funding apportionment.

Shortly following Heartbleed's disclosure, some companies suggested professionally testing open source software projects. Canonical founder Mark Shuttleworth views the initiative as a first step in establishing institutions that can police open source software, and points to the need to create other institutions designed to ensure access to such resources for cybersecurity stakeholders.

From The Wall Street Journal
View Full Article - May Require Paid Subscription

 

Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA


 

No entries found