Top vendors join to bolster OpenSSL, other open source projects, after Heartbleed
Cisco, Dell, Facebook, IBM, Intel, Google and Microsoft are among those backing the initiative via the Linux Foundation
IDG News Service - Reeling from the Heartbleed security fiasco, major IT vendors including Microsoft, IBM, Intel, Google and Cisco are backing a Linux Foundation initiative designed to boost open source projects considered critical to the industry.
Under the Core Infrastructure Initiative, these and other tech vendors such as Fujitsu, Facebook, NetApp, Rackspace and VMware will support open source projects with funding and expertise.
Unsurprisingly, the first such project on the list for consideration is OpenSSL, the cryptographic library used by millions of websites to encrypt their communications via SSL (Secure Sockets Layer) and TLS (Transport Layer Security) whose Heartbleed vulnerability sent the entire IT industry into emergency mode earlier this month.
On April 7, it was revealed that a severe flaw that existed since December 2011 in several versions of the OpenSSL had been patched, sending thousands of companies scrambling in turn to patch their websites.
If exploited, the flaw could allow an attacker to steal critical data, such as account and password information, from affected systems.
Open source software projects, like OpenSSL, are developed by communities of volunteer coders, and often only have a handful of full-time staffers working on them. This was the case with OpenSSL.
OpenSSL could receive funding "for key developers" and other resources to improve its security, according to The Linux Foundation, which is organizing the multi-million dollar initiative.
"We are expanding the work we already do for the Linux kernel to other projects that may need support," said Jim Zemlin, executive director of The Linux Foundation, in a statement. "Our global economy is built on top of many open source projects."
Juan Carlos Perez covers enterprise communication/collaboration suites, operating systems, browsers and general technology breaking news for The IDG News Service. Follow Juan on Twitter at @JuanCPerezIDG.
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- Platfora Big Data Analytics for Network Security Platfora amplifies the effectiveness of network security analysis, providing Big Data Analytics capability to augment existing security infrastructure for known threats, and advanced...
- Capabilities You Need in an IP Address Management Solution A mismanaged IP space can cripple an otherwise healthy network. Take a moment to understand what you need in an enterprise-ready IPAM solution.
- IPv6 Fundamentals IPv6 is needed to sustain the growth of the Internet. The transition from IPv4 will require planning and likely some degree of support...
- Maximizing Availability for the Modern Data Center Check out this information-packed resource center for help in maximizing the availability of your data center - from overcoming challenges to choosing the...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will... All Cyberwarfare White Papers | Webcasts