Vendors to fund open source initiative to prevent future HeartBleeds
Linux Foundation and leading vendors will fund critical open source projects
A new initiative involving the Linux Foundation and a number of leading IT vendors has been established to try to prevent flaws in open source software, such as HeartBleed, from causing critical issues in future.
The Core Infrastructure Initiative will be funded by donations from vendors, to contribute to open source projects that are in the critical path for core computing and Internet functions. So far around $3m has been raised for the Initiative.
Supporters include Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, and VMware.
The aim of the initiative is to provide funding to open source projects in critical areas which are in need of assistance, while allowing the developers to continue their work under the community norms that have made open source so successful.
The first focus for the initiative will be to support the OpenSSL project, where faulty coding resulted in the HeartBleed flaw which has cost millions of dollars to remedy.
Despite OpenSSL securing around two-thirds of the world's websites, the development group behind it only received an average of $2,000 in funding donations each year.
"We are expanding the work we already do for the Linux kernel to other projects that may need support," said Jim Zemlin, executive director of The Linux Foundation. "Our global economy is built on top of many open source projects. Just as The Linux Foundation has funded Linus Torvalds to be able to focus 100% on Linux development, we will now be able to support additional developers and maintainers to work full-time supporting other essential open source projects. We are thankful for these industry leaders' commitment to ensuring the continued growth and reliability of critical open source projects such as OpenSSL."
"Maintaining the health of the community projects that produce software critical to the security and safety of Internet commerce is in everyone's interest," said Professor Eben Moglen of Columbia Law School, Founding Director of the Software Freedom Law Center. "The Linux Foundation, and the companies joining this Initiative, are enabling these dedicated programmers to continue maintaining and improving the free and open source software that makes the Net work safely for us all. This is business and community collaboration in the public interest, and we should all be grateful to The Linux Foundation for making it happen."