Technology Firms Pledge Support for Open Source After Heartbleed

Thursday, 24 Apr 2014 08:44 AM

 

Share:
  Comment  |
   Contact Us  |
  Print  
|  A   A  
  Copy Shortlink

At least 10 large technology companies, including Google Inc., Facebook Inc. and Cisco Systems Inc., have pledged to invest at least $300,000 each in the next three years to maintain open-source software after the Heartbleed security bug exposed the lack of funding for such projects.

The Linux Foundation said today that it will get annual contributions of $100,000 from each company, with a minimum commitment of three years. The other companies are Dell Inc., Fujitsu Ltd., International Business Machines Corp., Intel Corp., Microsoft Corp., NetApp Inc. and VMware Inc. More are expected to join, said Jennifer Cloer, a spokeswoman at the foundation, which works to spread open-source software that helps power server computers and mobile devices.

The Linux Foundation said the first project under consideration to receive funds is OpenSSL, the encryption software that was revealed to have a vulnerability earlier this month that sent Internet companies racing to apply a fix. The flaw, discovered by researchers at Google and a cybersecurity firm in Finland called Codenomicon, could have let hackers pull data from the memory of computer servers, even over encrypted connections.

Bloomberg News reported that the National Security Agency had known about the bug for two years and regularly used it to gather intelligence. Canada’s revenue agency said hackers exploiting the flaw took 900 social security numbers.

Asymmetrical Relationship

Heartbleed also underscored an asymmetrical relationship that many technology companies have with open-source software, which has code that developers can customize. While companies use open-source programs heavily and contribute code back to the community, they often give very little money to the organizations responsible for maintaining the software. That can lead to funding gaps that let serious errors in programming code go unnoticed.

The Linux Foundation said the OpenSSL project has typically only received $2,000 a year in donations. Many open-source programmers are volunteers.

Heartbleed wasn’t as widespread as initially thought. Codenomicon researchers said it could have affected as many as two-thirds of the world’s almost 1 billion active websites. The company whose data that estimate was based on later said the figure was about 500,000, since not every site that could have used OpenSSL to enable secure communications did.

 

© Copyright 2014 Bloomberg News. All rights reserved.

Share:
  Comment  |
   Contact Us  |
  Print  
  Copy Shortlink
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
 
Email:
Retype Email:
Country
Zip Code:
Privacy: We never share your email.
 
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
You May Also Like

Al Jazeera Blasts Al Gore as Fight Over TV Deal Gets Nasty

Tuesday, 19 Aug 2014 18:20 PM

Al Jazeera on Tuesday rejected allegations from Al Gore and Joel Hyatt, the founders of Current TV, saying they were fal . . .

Uber Hires Former Obama Adviser Plouffe to Counter Opponents

Tuesday, 19 Aug 2014 15:16 PM

(Updates with Kalanick comments in seventh paragraph.)Aug. 19 (Bloomberg) -- Uber Technologies Inc. is adding to its exe . . .

98 Percent of California Still at 'Severe' Drought Level or Worse

Monday, 18 Aug 2014 19:34 PM

Even though California's drought is no longer worsening, 98 percent of the state is at least at the Severe level, the  . . .

Most Commented

Newsmax, Moneynews, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, NewsmaxWorld, NewsmaxHealth, are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved