DTX Manchester DTX Manchester
  • About Us
Sunday, 17 January, 2021
IT Security Guru
CTX Manchester 2020 banner ad
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Linux Foundation recruits tech heavyweights to fix open source

by The Gurus
April 25, 2014
in Editor's News
Share on FacebookShare on Twitter

A project to fund and support critical elements of the global information infrastructure is being backed by major technology names.
 
Formed by The Linux Foundation and backed by companies including Cisco, Microsoft, Dell, Google and Facebook, the initiative will collaboratively identify and fund open source projects that are in need of assistance.
 
Following the OpenSSL Heartbleed flaw revelations, the first project under consideration to receive funds from the Initiative will be OpenSSL, which could receive fellowship funding for key developers as well as other resources to assist the project in improving its security, enabling outside reviews, and improving responsiveness to patch requests.
 
Jim Zemlin, executive director of The Linux Foundation, said: “We are expanding the work we already do for the Linux kernel to other projects that may need support. Our global economy is built on top of many open source projects. Just as The Linux Foundation has funded Linus Torvalds to be able to focus 100 per cent on Linux development, we will now be able to support additional developers and maintainers to work full-time supporting other essential open source projects.
 
“We are thankful for these industry leaders’ commitment to ensuring the continued growth and reliability of critical open source projects such as OpenSSL.”
 
The initiative’s funds will be administered by The Linux Foundation and a steering group comprised of backers of the project, while support will include funding for fellowships for key developers to work full-time on open source projects, security audits, computing and test infrastructure, travel, face-to-face meeting coordination and other support.
 
Marty Roesch, VP and chief architect of the security business group at Cisco, and CTO and founder of Sourcefire, told IT Security Guru that the great thing about open source is you can have a group of people who are very dedicated on poor infrastructure, pick it up and help the core OpenSSL team out very quickly and transparently.
 
“It demonstrates the power of the open source way of doing things. Knowing all open source software has bugs – my open source software has bugs over the years and sometimes they exist for a long time as some of the bugs can be subtle,” he said.
 
“In open source we have the many eyes concept and they are discovering and rooting out bugs rapidly, we have an open discussion on the scope of the bug and determine whether we have seen it replicated anywhere else and what can be done to get rid of those bugs throughout an entire project.”
 
Imad Sousou, vice president and general manager of the Intel Open Source Technology Center, said: “Intel is committed to support the development of open source technology and Linux. As an active and long term contributor to open source community, Intel believes the Core Infrastructure Initiative can help provide long term, sustainable support to Linux, the world’s most important open source standard.”
 
Steve Lipner, partner director of software security at Microsoft, said: “Security is an industry-wide concern requiring industry-wide collaboration. The Core Infrastructure Initiative aligns with our participation in open source and the advancement of secure development across all platforms, devices and services.”
 
John Engates, CTO of Rackspace, said: “Open source code powers everything we do online. We look forward to working with the Linux Foundation, our other comp
any partners, and the open source community to make sure these projects get the support they need.”
 
In an email to IT Security Guru, TK Keanini, CTO of Lancope, said: “This news is generally good news as funding has been surprisingly low for such critical security functionality, but we need to be careful it does not swing the other way. Too much money too fast can also be toxic to these efforts so what is important is that the right governance be put in place and the Linux Foundation has a solid track record in getting this balance right.
 
“The reality is that even well-funded open source projects sometimes produce critical vulnerabilities. To be clear, this does not remove the chance that a Heartbleed like vulnerability will ever appear, it just makes it harder for it to be released and undiscovered for a very long period.”

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: FacebookGoogleLinuxMicrosoftOpen Source
ShareTweetShare
Previous Post

Verizon DBIR: Industry reaction

Next Post

Sewol ferry inspires malicious email campaign

Subscribe
Notify of
guest
guest
1 Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
trackback
In defence of open source software - IT SECURITY GURU
April 13, 2015 2:52 pm

[…] praised the work of the Linux Foundation to fix OpenSSL in future, saying it makes sense as it is users saying “we are companies using a […]

0

Recent News

game

400,000 customer details compromised in Resident Evil and Street Fighter gaming company ransomware attack

January 15, 2021

XSS vulnerability affects government websites

January 15, 2021

COVID-19 State of Remote Work Survey: 34% of Workers Felt Pressure to Return to the Office

January 15, 2021
CCTV used to spy

Ethics Officer Facing Cyberstalking Charge

January 15, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
1
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept