What's Making These Biggest Of Tech Rivals To Collaborate And Work With Each Other?
The enemy of a super-massive tech company's enemy is its friend, as this unlikely collective setting out to defend the Internet makes quite clear.
By Sadho Ram — 25 Apr 2014, 07:14 PM — Updated over 10 years ago
In the wake of the Heartbleed bug, 12 tech giants have come together to back a new project to ensure the security of critical open-source projects
Google, Microsoft, Facebook and several other tech giants have teamed to create an initiative that will be used to fund important open-source projects that are in need of financial assistance such as OpenSSL, which was recently plagued by the discovery of the Heartbleed bug.
Heartbleed is one of the biggest and widespread vulnerabilities in the history of the modern web. The problem stemmed from an errant line of code in the open-source project OpenSSL. About 66% of web servers rely on OpenSSL to encrypt data and keep things secure.
mashable.com
The bug in OpenSSL meant that the secret-encryption keys — which are what ensures that your passwords and other data are securely transmitted — could be stolen from a web server without anyone knowing. The bug existed in OpenSSL for more than two years before being publicly patched and announced.
wired.com
The project, called the Core Infrastructure Initiative formed by the Linux Foundation, will fund open source projects and the critical software infrastructure
The program, dubbed the Core Infrastructure Initiative, is an an offshoot of Linux Foundation and designed to "fund open source projects that are in the critical path for core computing functions," according to a description on its website.
theverge.com
The group will work with "an advisory board of esteemed open source developers to identify and fund open source projects in need."
mashable.com
Executive director Jim Zemlin says that after the Heartbleed, it was clear something needed to change
"After we're done updating our software and swapping our certificates, what can we learn? What can be done differently," he says. "Obviously, in retrospect, I wish we had done this a long time ago."
theverge.com
The Linux Foundation isn't directing the money; Zemlin describes their role as more "a place to hold the money" while the members decide where it needs to go
Those members include giants like Google, Microsoft, and Facebook, along with hardware companies like Intel and Fujitsu, and cloud services groups like Rackspace and Amazon Web Services.
readwrite.com
Each one is committed to donating at least $100,000 a year for the next three years. With twelve companies already on board, that means the company has already amassed $3.6 million in funding to be doled out as the project progresses.
wired.com
Unsurprisingly, the OpenSSL project will be the first to receive fellowship funding from the initiative
The idea behind the fellowships is to allow key developers to work on these projects full-time. Besides the funding, the projects that will receive support from the initiative will also get other forms of assistance to improve their security, including outside reviews, security audits, computing and test infrastructure, travel and other support.
techcrunch.com
But Open SSL is not the only item. ModSSL, PGP and OpenCryptolab were also mentioned as potential projects the initiative might support. More importantly, the founders hope the project will unearth new priorities once all the stakeholders are meeting regularly.
theverge.com
