After Heartbleed, tech giants team up to fund open-source projects
Google, Microsoft, Facebook and several other tech giants have teamed to create an initiative that will be used to fund important open-source projects that are in need of financial assistance such as OpenSSL, which was recently plagued by the discovery of the Heartbleed bug.
A dozen companies are pledging $100,000 a year for three years to support the Core Infrastructure Initiative, which will identify key open-source projects and direct funds their way. Already, at least $3.9 million has been secured.
The funds will be used to support full-time staffers, security audits, computing and test infrastructure, travel, and more.
The initiative was organized by the Linux Foundation, which provides support for Linux, the popular open-source computer operating system.
“We will now be able to support additional developers and maintainers to work full-time supporting other essential open source projects,” the Linux Foundation said in a statement. “We are thankful for these industry leaders’ commitment to ensuring the continued growth and reliability of critical open source projects such as OpenSSL.”
Also supporting the initiative are Amazon Web Services, Cisco, Dell, Fujitsu, IBM, Intel, NetApp, Rackspace and VMware.
The first open-source project that is set to receive funds will be OpenSSL, a technology used to secure data on most of the world’s websites.
Earlier this month, security researchers announced that they had discovered Heartbleed, a bug within OpenSSL that made it possible for hackers to easily steal sensitive data from websites.
The bug came about as a result of a programming error by the OpenSSL Software Foundation, the organization that manages the technology. The foundation relies on donations and volunteers to manage and develop OpenSSL. It currently has only one full-time staffer.
Following the error, the president of the OpenSSL Software Foundation called on businesses and governments to assist the organization with funds so that future bugs like Heartbleed can be detected earlier on.
The Core Infrastructure Initiative aims to provide OpenSSL and other open-source projects with that type of help.