Top vendors join to bolster OpenSSL, other open source projects, after Heartbleed
Cisco, Dell, Facebook, IBM, Intel, Google and Microsoft are among those backing the initiative via the Linux Foundation
IDG News Service - Reeling from the Heartbleed security fiasco, major IT vendors including Microsoft, IBM, Intel, Google and Cisco are backing a Linux Foundation initiative designed to boost open source projects considered critical to the industry.
Under the Core Infrastructure Initiative, these and other tech vendors such as Fujitsu, Facebook, NetApp, Rackspace and VMware will support open source projects with funding and expertise.
Unsurprisingly, the first such project on the list for consideration is OpenSSL, the cryptographic library used by millions of websites to encrypt their communications via SSL (Secure Sockets Layer) and TLS (Transport Layer Security) whose Heartbleed vulnerability sent the entire IT industry into emergency mode earlier this month.
On April 7, it was revealed that a severe flaw that existed since December 2011 in several versions of the OpenSSL had been patched, sending thousands of companies scrambling in turn to patch their websites.
If exploited, the flaw could allow an attacker to steal critical data, such as account and password information, from affected systems.
Open source software projects, like OpenSSL, are developed by communities of volunteer coders, and often only have a handful of full-time staffers working on them. This was the case with OpenSSL.
OpenSSL could receive funding "for key developers" and other resources to improve its security, according to The Linux Foundation, which is organizing the multi-million dollar initiative.
"We are expanding the work we already do for the Linux kernel to other projects that may need support," said Jim Zemlin, executive director of The Linux Foundation, in a statement. "Our global economy is built on top of many open source projects."
Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- The Truth About Virtual Computing for CAD If you're a user of graphics-intensive software such as 3D modeling, simulation and analysis, and visualization, you might be skeptical about moving to...
- Why Are Customers Really Deploying an NGFW? It seems every IT Security expert is talking about the NGFW, but what are people really doing? This webcast covers 5 real-world customer... All Cyberwarfare White Papers | Webcasts