April 28, 2014
More than a dozen companies have joined the Core Infrastructure Initiative to provide funding to open source projects, starting with OpenSSL. The Linux Foundation, Amazon, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, Qualcomm, and VMWare have each pledged $100,000 over the next three years to pay for full-time developers, security audits, computing and testing infrastructure, and more to help financially strapped open source projects.
The Core Infrastructure Initiative comes on the heels of the Heartbleed Internet security bug in OpenSSL. This fatal flaw in the OpenSSL compromised the usernames and passwords of millions of accounts on websites big and small. Heartbleed shed light on open source projects’ dire need for resources.
Currently, open source projects have led to the creation of major software like Linux and Firefox with a limited supply of human capital. Many are run and organized by a small group of volunteers who work together to build and maintain free software.
The new initiative will not only help increase funding, but also increase awareness. “This is not just about the money, but the forum,” Jim Zemlin, executive director of Linux Foundation, said in The New York Times. “Instead of responding to a crisis retroactively, this is an opportunity to identify crucial open-source projects in advance. Right now, nobody is having that conversation, and it’s an important conversation to have.”
The Linux Foundation is spearheading the Core Infrastructure Initiative.
In addition to companies, the public has also taken action to help support open source projects since Heartbleed was revealed. The OpenSSL Project has received $17,000 in donations and a number of volunteers from OpenBSD helped find and fix mistakes in the OpenSSL code.