Tags: technology | firms | open | source

Technology Firms Pledge Support for Open Source After Heartbleed

Thursday, 24 Apr 2014 08:44 AM


At least 10 large technology companies, including Google Inc., Facebook Inc. and Cisco Systems Inc., have pledged to invest at least $300,000 each in the next three years to maintain open-source software after the Heartbleed security bug exposed the lack of funding for such projects.

The Linux Foundation said today that it will get annual contributions of $100,000 from each company, with a minimum commitment of three years. The other companies are Dell Inc., Fujitsu Ltd., International Business Machines Corp., Intel Corp., Microsoft Corp., NetApp Inc. and VMware Inc. More are expected to join, said Jennifer Cloer, a spokeswoman at the foundation, which works to spread open-source software that helps power server computers and mobile devices.

The Linux Foundation said the first project under consideration to receive funds is OpenSSL, the encryption software that was revealed to have a vulnerability earlier this month that sent Internet companies racing to apply a fix. The flaw, discovered by researchers at Google and a cybersecurity firm in Finland called Codenomicon, could have let hackers pull data from the memory of computer servers, even over encrypted connections.

Bloomberg News reported that the National Security Agency had known about the bug for two years and regularly used it to gather intelligence. Canada’s revenue agency said hackers exploiting the flaw took 900 social security numbers.

Asymmetrical Relationship

Heartbleed also underscored an asymmetrical relationship that many technology companies have with open-source software, which has code that developers can customize. While companies use open-source programs heavily and contribute code back to the community, they often give very little money to the organizations responsible for maintaining the software. That can lead to funding gaps that let serious errors in programming code go unnoticed.

The Linux Foundation said the OpenSSL project has typically only received $2,000 a year in donations. Many open-source programmers are volunteers.

Heartbleed wasn’t as widespread as initially thought. Codenomicon researchers said it could have affected as many as two-thirds of the world’s almost 1 billion active websites. The company whose data that estimate was based on later said the figure was about 500,000, since not every site that could have used OpenSSL to enable secure communications did.


© Copyright 2015 Bloomberg News. All rights reserved.

Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Zip Code:
Privacy: We never share your email.
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
Top Stories
You May Also Like

Edward Snowden: Apple iPhone With Secret iFeature Allows Government to Spy on You

Saturday, 24 Jan 2015 23:37 PM

Former National Security Agency contractor Edward Snowden won't use an Apple iPhone because he says it has special soft . . .

Botched Tut Mask Repair 'Reversible': German Conservator

Saturday, 24 Jan 2015 12:32 PM

The damage caused by a botched repair of the mask of Tutankhamun that left dried glue on the priceless relic may be undo . . .

Gates Sees 'Miracle' Tools for AIDS by 2030 in Vaccine and Drugs

Saturday, 24 Jan 2015 07:10 AM

Two new tools to fight AIDS should be available by 2030 in the form of a vaccine and new intense drug treatments, ending . . .

Most Commented

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved