- These iOS 13 features will have you racing to update your iPhone on Sept. 19 5 Years Ago
- Trump calls for investigation into Obama’s Netflix deal—gets memed instead 5 Years Ago
- Students won’t be disciplined for blackface photo, university says 5 Years Ago
- Twitch star gets shot at during live stream in apparent robbery attempt Today 10:20 AM
- Conservatives cry ‘fake news’ as New York Times adds correction to Kavanaugh report Today 10:10 AM
- New York to ban sale of most flavored e-cigarettes Today 8:45 AM
- How to watch ‘Dancing with the Stars’ season 28 Today 8:06 AM
- Watch the new ‘Jurassic World’ short film ‘Battle at Big Rock’ Today 8:04 AM
- Who is Corn Pop? Here are all the theories about the gang leader from Joe Biden’s past Sunday 4:37 PM
- Fresh sexual misconduct allegations against Kavanaugh spur calls for impeachment Sunday 3:28 PM
- Mike Pence says a Triple Crown-winning racehorse bit him Sunday 12:51 PM
- Disney CEO Bob Iger leaves Apple board amid streaming wars Sunday 12:01 PM
- Influencer Destiny Marquez faces backlash for berating Forever 21 employee Sunday 10:32 AM
- Chelsea Handler tackles systemic racism in ‘Hello, Privilege. It’s Me, Chelsea’ Sunday 9:18 AM
- Gun control proposal: Trump, lawmakers considering background check-conducting app Sunday 9:05 AM
Facebook, Google pledge $3.9 million for open-source initiative
The Internet security initiative has garnered support from Facebook, Amazon, Cisco, Dell, and Google.
Some of the biggest names in the tech industry have have each pledged $100,000 per year over the next three years to fund open-source projects essential to Internet security in a program called the “Core Infrastructure Initiative” that will deliver at least $3.9 million in support.
The effort is being coordinated by the Linux Foundation, which itself supports the open-source Linux operating system, and has garnered support from Facebook, Amazon, Cisco, Dell, Google, IBM, Intel, Microsoft, and VMWare, among others.
Heartbleed, one of the worst security flaws to ever hit the Internet, began when a small, overworked team of mostly volunteers on the OpenSSL Software Foundation let a simple, devastating mistake pass for over two years.
Open-source software means, in theory, that anyone can look at the code under a program’s hood to check for errors or problems. Too often, however, it means that tiny groups of volunteers are stuck with crucial work that the rest of the Internet depends upon but largely ignores.
“Heartbleed is further evidence that we don’t have our house in order when it comes to Internet security,” Edward Felten, a computer security expert at Princeton University, told the New York Times when the bug was discovered.
Since then, there has been a push to get the world’s biggest tech firms to offer “real no-strings attached-funding,” as Johns Hopkins University Research Professor and Cryptographer Matthew Green wrote, to open-source projects like OpenSSL so that the volunteers would be able to do their job well.
“This is not just about the money, but the forum,” Jim Zemlin, executive director of the Linux Foundation, told the Times on Wednesday. “Instead of responding to a crisis retroactively, this is an opportunity to identify crucial open-source projects in advance. Right now, nobody is having that conversation, and it’s an important conversation to have.”
The OpenSSL project has received about $17,000 in donations, mostly from individuals, since Heartbleed was discovered.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.