Tech giants spend millions to stop another Heartbleed
Published: 25th Apr 2014 11:21:45
The world's biggest technology firms will donate money to fund the support of OpenSSL, the software at the centre of the Heartbleed bug.
Heartbleed was one of the worst internet flaws ever uncovered.
The maintenance of the software, which secures around two-thirds of the world's websites, was done by a group of volunteers with very little funding.
The new group set up by the Linux Foundation has a dozen contributors and has so far raised around $3m (£1.7m).
As well as maintaining OpenSSL it will also support development of other crucial open-source software.
Firms supporting the initiative include Google, Facebook, Microsoft, Intel, IBM, Cisco and Amazon. Each will donate $300,000 over the next three years.
It is kind of weird that such crucial software is run by a group of hobbyists on a shoestring budget”
The industry has been forced to step up after Heartbleed brought chaos to the tech sector.
Experts estimate that the Heartbleed bug will cost businesses tens of million of dollars in lost productivity as they update systems with safer versions of OpenSSL.
"Sometimes it takes a crisis to do the right thing," Linux Foundation executive director Jim Zemlin told journalists.
The bug exposed more than just people's passwords and credit card details. It also highlighted that the crucial piece of software is maintained by a small group of developers who receive donations averaging about $2,000 a year to support the project.
"It is kind of weird that such crucial software is run by a group of hobbyists on a shoestring budget," said Mikko Hypponen, chief research officer with security firm F-Secure.
"This software was invisible, behind the scenes and there are very few volunteers who have the skill and willingness to work on a project like this. There is no recognition, no money and it is very difficult."
The details that have emerged about how the vulnerability came about speaks volumes about how little the industry has cared about the software that was securing their websites, he added.
"The fact that the code change which caused the bug was done by an individual working at 23:00 on a New Year's Eve says a lot. The code simply wasn't reviewed enough and it went undetected for two years," he added.
"Now there is formal and monetary support from the industry I hope we will see a change not just for OpenSSL but for other crucial open source software."
At 08:04:03 in BusinessProfit at Lloyds Banking Group has fallen by nearly 50% to £863m in the first six months of the year compared to the previous six months.
At 08:03:36 in Northern IrelandThree men who were questioned over a series of racist attacks in east Belfast have been released on police bail pending further inquiries.
At 07:41:58 in EnglandCouncillors have approved plans for 750 homes to be built in north Devon on land part-owned by artist Damien Hirst.
At 07:41:08 in BusinessOil giant Royal Dutch Shell has described its performance as "robust" after its second-quarter profits more than doubled.
At 07:40:34 in SportCardiff City boss Ole Gunnar Solskjaer says he is a better manager for having gone through the trauma of relegation.
At 07:39:25 in HeadlinesAt least 19 bathers have drowned and four are still missing in rough seas off the Pakistani city of Karachi despite a ban on sea swimming during the monsoon, officials say.
At 07:38:17 in SportSerena Williams returned to action for the first time since pulling out of Wimbledon with a straight-sets win over Karolina Pliskova in Stanford, USA.
At 07:37:41 in BusinessBritish Gas has reported a sharp drop in profits for the first half of the year due to warmer weather.
At 07:37:13 in HeadlinesIsrael is calling up 16,000 extra reservists to bolster its military as the conflict in Gaza continues.
At 07:37:05 in ScotlandA motorbike rider has been detained by police following a collision with a six-year-old girl.
Harvard CitationBBC News, 2014. Tech giants spend millions to stop another Heartbleed [Online] (Updated 25th Apr 2014)
Available at: http://www.ukwirednews.com/news/1564047/Tech+giants+spend+millions+to+stop+another+Heartbleed [Accessed 31st Jul 2014]
News In Other Categories
Councillors have approved plans for 750 homes to be built in north Devon on land part-owned by artist Damien Hirst.
Move over, Iron Man. Get the door, Thor. There's a new team of comic book superheroes coming our way - and this time they've got a raccoon.
A motorbike rider has been detained by police following a collision with a six-year-old girl.
Border, immigration and customs staff feel unprepared to deal with people coming to the UK with possible cases of the Ebola virus, a union leader says.
With the doors to its brand new £1million training centre officially open, one of the UK's leading apprentice training providers, Bristol based S&B Automotive Academy, is showcasing its world-class facilities by launching a series of foreign student exchanges for the first time in its 41-year history. To get a flavour of what life is like as an apprentice in the UK, the Academy hosted 16 apprentice engineers and bus drivers from the G9 Automotive College in Hamburg, Germany, as part of a Europe-wide vocational training initiative called the ‘Leonardo Programme’ with support from the European Social Fund. In a reciprocal arrangement, S&B will be sending nine apprentices to Germany during February 2012 so that they can get an appreciation of life in the automotive industry on the Continent. A further three German exchange groups are being planned for next year. Designed to assist the development of vocational skills and training across Europe, including work placements for trainees, the Leonardo Programme has a budget of €1.75bn, which is helping to encourage UK organisations to work with their counterparts abroad. In what is expected to be another challenging year for employers in the UK automotive sector, S&B’s Chief Executive, Jon Winter, claims that the exchange initiative will bring many benefits to the Academy and its apprentices: “In a world of global automotive brands, it’s important for our learners to understand the international context of the industry they have chosen to make their career. This new exchange programme will enable apprentices and Academy staff alike to achieve a better understanding of the challenges and opportunities within the automotive arena in Europe. With the Academy’s influence also extending to the USA and Asia, there’s every possibility that this initiative could move further afield in the future.” Continued Winter: “The need for skilled technicians across the world is on the increase and we actively encourage our apprentices to look at broader horizons during their training. Many of them have already learned the phrase ‘Vorsprung durch Gelehrtheit’, quite simply, ‘Advancement through learning.” In the 2010/11 academic year, S&B doubled the number of successful Apprenticeships over the previous year with some 350 apprentices graduating from the Academy. At the same time, achievement levels reached an all-time high with an overall success rate of 85%. For those learners on the Advanced Apprenticeship three-year programme, success rates were even higher, at over 98%. PHOTO CAPTION: As part of their exchange visit, S&B Automotive Academy arranged for the German apprentices to visit Hampshire bus operator, Bluestar, at its Barton Park depot. The students are pictured with S&B’s Andy West (3rd right) and Steve Prewett, Bluestar’s Area Engineering Manager (2nd right). Ends http://www.sandbaa.com
Three men who were questioned over a series of racist attacks in east Belfast have been released on police bail pending further inquiries.