News

Fast Company: Following Discovery of Heartbleed Bug, OpenSSL Will Undergo Security Audit

The Linux Foundation announced Thursday that it will distribute funding from new backers to perform a security audit on OpenSSL's code base and add two full-time core engineers to the open-source security project.

Network World: Core Infrastructure Initiative to delve into security of OpenSSL, OpenSSH, Network Time Protocol

The Linux Foundation today announced the first protocols that it wants to address as part of its open-source code testing and security review. Not surprisingly, OpenSSL, where the infamous Heartbleed bug was discovered, is among them.

Read more at Network World

Wall Street Journal: Heartbleed Flaw is First Task of New Software Group

The group created last month to support open source software in need has announced funding for four initial projects, among them a full security audit of the computer code that sprouted the Heartbleed bug.

The Core Infrastructure Initiative will fund a full audit of OpenSSL, an open source encryption tool used by a large portion of the Internet. Separately, funds will help support two full-time OpenSSL developers.

Read more at Wall Street Journal

PCWorld: Tech giants throw money at OpenSSL in response to Heartbleed

OpenSSL is getting funded for two full-time developers and a security audit in an attempt to prevent another devastating bug like Heartbleed.

Venture Beat: Everyone uses OpenSSL, but nobody’s willing to fix it — except the Linux Foundation

If you remember the recent Heartbleed outbreak, you probably also remember the sheer panic it induced in the tech industry and users of many popular websites.

The Linux Foundation subsequently created the Core Infrastructure Initiative to help prevent further outbreaks, and today it’s announced two new backers and the first projects getting funding.

InfoWorld: Linux Foundation adds more Internet protocols to its protection list

It was easy enough to cry havoc or wring one's hands when the OpenSSL vulnerability Heartbleed came along. It was harder to actually do something about the problems of protecting critical pieces of Internet infrastructure. But the Linux Foundation decided a more holistic effort would be worth it, so it rallied together various parties to create the CII (Core Infrastructure Initiative)

The Register: Linux Foundation flings two full-time developers at OpenSSL

The Linux Foundation's new elite tech repair team has named its initial areas of focus as it works to find and seal holes in widely-used open source software.

The Linux Foundation announced on Thursday that members of the "Core Infrastructure Initiative" (CII) will dedicate resources to working on the Network Time Protocol, OpenSSH, and OpenSSL to hunt down and fix flaws in the tech that helps tie the internet together.

eWeek: Linux Foundation Aims to Prevent Next Heartbleed, Recruits Tech Giants

IBM, Intel, Cisco, Dell, Facebook, Microsoft and others join the Linux Foundation's Core Infrastructure Initiative to prevent future crises like Heartbleed.

The Linux Foundation has assembled many of the world's leading IT vendors together in a new effort to fund core infrastructure projects and help prevent another Heartbleed from ever happening again.

Read more at eWeek

TIME: Google, Amazon, Microsoft Plan $3.6M for Open Source Projects After Heartbleed Bug

Google, Amazon, and Microsoft are among a collection of technology giants backing a $3.6 million effort to support open source projectsthat are notoriously underfunded despite serving as a cornerstone of Internet security.

Gigaom: Linux Foundation rounds up vendor posse to save OpenSSL

One thing we learned from the Heartbleed security crisis — other than that we need to be more password savvy — is that OpenSSL is a very important open-source project that has been used by lots of tech giants but gets funded by very few of them.

Read more at Gigaom. 

Syndicate content