Feedback
Tech

After Heartbleed, Tech Giants Team Up to Avoid Redux

The "Heartbleed" bug in a widely used software system rocked the Internet earlier this month, and major tech companies are teaming up to try to avoid a repeat.

Thirteen big tech firms — including Google, Facebook, Amazon and Microsoft — announced Thursday that they will join a project called Core Infrastructure Initiative, meant to fund important open-source technology with at least $3.9 million over three years.

That would include OpenSSL, the software that many sites use to encrypt and transmit online data. Researchers discovered a major bug in the system that they dubbed "Heartbleed."

OpenSSL and other open-source projects are, well, open: Developers can hop into a project and work on what they like to help build free software. The system is meant to avoid mishaps because several developers are checking one another's code.

But some of those projects don't get much support. In OpenSSL's case, an estimated 60 to 70 percent of the world's web servers use the tech — but according to the project's foundation president, the project receives only about $2,000 a year in donations and has only one dedicated staffer working on it.

The Core Infrastructure Initiative, a partnership between major techs and the nonprofit Linux Foundation, aims to give OpenSSL and projects like it more funding.

Amazon, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Qualcomm, Rackspace, and VMWare have pledged $100,000 a year for at least three years, according to the New York Times.

That money will be used to fund fellowships for developers, security audits, travel and other resources the open-source projects may need. The group's backers, along with a team of other industry members including developers, will decide how to split the funds.