Top vendors join to bolster OpenSSL, other open source projects, after Heartbleed
Cisco, Dell, Facebook, IBM, Intel, Google and Microsoft are among those backing the initiative via the Linux Foundation
IDG News Service - Reeling from the Heartbleed security fiasco, major IT vendors including Microsoft, IBM, Intel, Google and Cisco are backing a Linux Foundation initiative designed to boost open source projects considered critical to the industry.
Under the Core Infrastructure Initiative, these and other tech vendors such as Fujitsu, Facebook, NetApp, Rackspace and VMware will support open source projects with funding and expertise.
Unsurprisingly, the first such project on the list for consideration is OpenSSL, the cryptographic library used by millions of websites to encrypt their communications via SSL (Secure Sockets Layer) and TLS (Transport Layer Security) whose Heartbleed vulnerability sent the entire IT industry into emergency mode earlier this month.
On April 7, it was revealed that a severe flaw that existed since December 2011 in several versions of the OpenSSL had been patched, sending thousands of companies scrambling in turn to patch their websites.
If exploited, the flaw could allow an attacker to steal critical data, such as account and password information, from affected systems.
Open source software projects, like OpenSSL, are developed by communities of volunteer coders, and often only have a handful of full-time staffers working on them. This was the case with OpenSSL.
OpenSSL could receive funding "for key developers" and other resources to improve its security, according to The Linux Foundation, which is organizing the multi-million dollar initiative.
"We are expanding the work we already do for the Linux kernel to other projects that may need support," said Jim Zemlin, executive director of The Linux Foundation, in a statement. "Our global economy is built on top of many open source projects."
Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- Budd Van Lines Moves Data Closer to Home Shipping and logistics company Budd Van Lines uses Infinio to improve performance on their VDI environment. The company employs a virtualized datacenter based...
- Storage Performance with Cost Control As IT groups expand their server virtualization initiatives, central storage performance can become the bottleneck and create poor end user experience.
- What Does it Take to Deliver a Superior Customer Experience? The Two Top-Rated Online Retailers, B&H Photo and Crutchfield Electronics, Share Their Secrets Discuss practical CX tools and service methods such as contact center agents and the use of realtime speech analytics to help contact center...
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Cyberwarfare White Papers | Webcasts