Facebook, Microsoft and Google have joined together with other tech giants to create the Core Infrastructure Initiative, aiming to prevent the next Heartbleed bug.
The Core Infrastructure Initiative has been formed by the Linux Foundation and is devoted to preventing potential major bugs like Heartbleed in the future.
It will focus on funding development of critical software infrastructure that requires financial aid.
“After we’re done updating our software and swapping our certificates, what can we learn? What can be done differently?” said Core Infrastructure Initiative executive director, Jim Zemlin about the aftermath of Heartbleed. “Obviously, in retrospect, I wish we had done this a long time ago.”
The Linux Foundation itself will hold the money, but members like Facebook, Microsoft, Google and IBM will decide where that money goes.
“Maintaining the health of the community projects that produce software critical to the security and safety of Internet commerce is in everyone’s interest,” said Professor Eben Moglen of Columbia Law School, Founding Director of the Software Freedom Law Centre. “The Linux Foundation, and the companies joining this Initiative, are enabling these dedicated programmers to continue maintaining and improving the free and open source software that makes the Net work safely for us all.”
Each member of the Core Infrastructure Initiative has committed to donating a minimum $100,000 each year for the next three years to begin with. Twelve companies are already on board, meaning the Initiative has already secured $3.6 million in funding that will be amassed over three years.
Of course, Open SSL will be addressed first by the Initiative, but the group also has PGP, OpenCrytolab and ModSSL in its site for potential future projects.
“Hopefully, five years from now when we look back, we’ll say one of the things we learned was how important it is to have these decisions proactively,” added Zemlin.