Technology Firms Pledge Support for Open Source After Heartbleed

Thursday, 24 Apr 2014 08:44 AM


  Comment  |
   Contact  |
|  A   A  
  Copy Shortlink

At least 10 large technology companies, including Google Inc., Facebook Inc. and Cisco Systems Inc., have pledged to invest at least $300,000 each in the next three years to maintain open-source software after the Heartbleed security bug exposed the lack of funding for such projects.

The Linux Foundation said today that it will get annual contributions of $100,000 from each company, with a minimum commitment of three years. The other companies are Dell Inc., Fujitsu Ltd., International Business Machines Corp., Intel Corp., Microsoft Corp., NetApp Inc. and VMware Inc. More are expected to join, said Jennifer Cloer, a spokeswoman at the foundation, which works to spread open-source software that helps power server computers and mobile devices.

The Linux Foundation said the first project under consideration to receive funds is OpenSSL, the encryption software that was revealed to have a vulnerability earlier this month that sent Internet companies racing to apply a fix. The flaw, discovered by researchers at Google and a cybersecurity firm in Finland called Codenomicon, could have let hackers pull data from the memory of computer servers, even over encrypted connections.

Bloomberg News reported that the National Security Agency had known about the bug for two years and regularly used it to gather intelligence. Canada’s revenue agency said hackers exploiting the flaw took 900 social security numbers.

Asymmetrical Relationship

Heartbleed also underscored an asymmetrical relationship that many technology companies have with open-source software, which has code that developers can customize. While companies use open-source programs heavily and contribute code back to the community, they often give very little money to the organizations responsible for maintaining the software. That can lead to funding gaps that let serious errors in programming code go unnoticed.

The Linux Foundation said the OpenSSL project has typically only received $2,000 a year in donations. Many open-source programmers are volunteers.

Heartbleed wasn’t as widespread as initially thought. Codenomicon researchers said it could have affected as many as two-thirds of the world’s almost 1 billion active websites. The company whose data that estimate was based on later said the figure was about 500,000, since not every site that could have used OpenSSL to enable secure communications did.


© Copyright 2014 Bloomberg News. All rights reserved.

  Comment  |
   Contact  |
  Copy Shortlink
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
Zip Code:
Privacy: We never share your email.
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
Top Stories
You May Also Like

EU Presses Google for Global 'Right to Be Forgotten'

Wednesday, 26 Nov 2014 21:36 PM

The European Union is pressing tech giant Google to expand the right to be forgotten to all its search tools.
A r . . .

Robot Submarine Finds Antarctic Ice Thicker Than Believed

Wednesday, 26 Nov 2014 16:52 PM

Global warming theories just took a major hit with a surprising discovery by British, U.S. and Australian researchers wh . . .

FAA: Pilot Close Calls With Drones Growing Rapidly

Wednesday, 26 Nov 2014 14:15 PM

Close calls of drones flying near airplanes and crowds in the U.S. have surged this year to more than 40 a month, accord . . .

Most Commented

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

America's News Page
©  Newsmax Media, Inc.
All Rights Reserved