Just a week after the crowd-sourced bug bounty collective Bugcrowd launched a campaign to raise funds to conduct a thorough code audit of OpenSSL in the wake of the Heartbleed vulnerability disclosure, The Linux Foundation announced they are teaming up with leading tech firms to fund and support security for “critical elements of the global information infrastructure.”
The project, known as the Core Infrastructure Initiative, is a collaborative to help prevent another chaotic episode like the OpenSSL vulnerability that affected nearly everyone in the world to some degree, and will make improving the security of OpenSSL it’s first objective.
“The Core Infrastructure Initiative is a multi-million dollar project organized by The Linux Foundation to fund open source projects that are in the critical path for core computing and Internet functions. Galvanized by the Heartbleed OpenSSL crisis, the Initiative’s funds will be administered by The Linux Foundation and a steering group comprised of backers of the project as well as key open source developers and other industry stakeholders,” the group stated.
“Support from the initiative will include funding for fellowships for key developers to work full-time on open source projects, security audits, computing and test infrastructure, travel, face-to-face meeting coordination and other support.”
Founding backers of the initiative include tech giants Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, and VMware, who will work with The Linux Foundation to identify and fund critical open source projects that are in need of financial and technical assistance.
“Maintaining the health of the community projects that produce software critical to the security and safety of Internet commerce is in everyone’s interest,” said Professor Eben Moglen of Columbia Law School, Founding Director of the Software Freedom Law Center.
“The Linux Foundation, and the companies joining this Initiative, are enabling these dedicated programmers to continue maintaining and improving the free and open source software that makes the Net work safely for us all. This is business and community collaboration in the public interest, and we should all be grateful to The Linux Foundation for making it happen.”
Read More Here…