Technology Firms Pledge Support for Open Source After Heartbleed

Thursday, 24 Apr 2014 08:44 AM

 

Share:
  Comment  |
   Contact Us  |
  Print  
|  A   A  
  Copy Shortlink

At least 10 large technology companies, including Google Inc., Facebook Inc. and Cisco Systems Inc., have pledged to invest at least $300,000 each in the next three years to maintain open-source software after the Heartbleed security bug exposed the lack of funding for such projects.

The Linux Foundation said today that it will get annual contributions of $100,000 from each company, with a minimum commitment of three years. The other companies are Dell Inc., Fujitsu Ltd., International Business Machines Corp., Intel Corp., Microsoft Corp., NetApp Inc. and VMware Inc. More are expected to join, said Jennifer Cloer, a spokeswoman at the foundation, which works to spread open-source software that helps power server computers and mobile devices.

The Linux Foundation said the first project under consideration to receive funds is OpenSSL, the encryption software that was revealed to have a vulnerability earlier this month that sent Internet companies racing to apply a fix. The flaw, discovered by researchers at Google and a cybersecurity firm in Finland called Codenomicon, could have let hackers pull data from the memory of computer servers, even over encrypted connections.

Bloomberg News reported that the National Security Agency had known about the bug for two years and regularly used it to gather intelligence. Canada’s revenue agency said hackers exploiting the flaw took 900 social security numbers.

Asymmetrical Relationship

Heartbleed also underscored an asymmetrical relationship that many technology companies have with open-source software, which has code that developers can customize. While companies use open-source programs heavily and contribute code back to the community, they often give very little money to the organizations responsible for maintaining the software. That can lead to funding gaps that let serious errors in programming code go unnoticed.

The Linux Foundation said the OpenSSL project has typically only received $2,000 a year in donations. Many open-source programmers are volunteers.

Heartbleed wasn’t as widespread as initially thought. Codenomicon researchers said it could have affected as many as two-thirds of the world’s almost 1 billion active websites. The company whose data that estimate was based on later said the figure was about 500,000, since not every site that could have used OpenSSL to enable secure communications did.

 

© Copyright 2014 Bloomberg News. All rights reserved.

Share:
  Comment  |
   Contact Us  |
  Print  
  Copy Shortlink
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
 
Email:
Country
Zip Code:
Privacy: We never share your email.
 
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
Top Stories
You May Also Like

China Launches Experimental Moon Orbiter

Friday, 24 Oct 2014 06:41 AM

China launched an experimental spacecraft on Friday to fly around the moon and back to Earth in preparation for the coun . . .

Australian Doctors Transplant 'dead' Hearts in Surgical Breakthrough

Friday, 24 Oct 2014 06:40 AM

Australian surgeons said Friday they have used hearts which had stopped beating in successful transplants, in what they  . . .

Former Rep. Walker: Climate Change More Politics Than Science

Thursday, 23 Oct 2014 15:42 PM

The issue of man-made climate change has become more of a political matter than a scientific one, former Pennsylvania Re . . .

Most Commented

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved