Tech giants spend millions to stop another Heartbleed
Published: 25th Apr 2014 11:21:45
The world's biggest technology firms will donate money to fund the support of OpenSSL, the software at the centre of the Heartbleed bug.
Heartbleed was one of the worst internet flaws ever uncovered.
The maintenance of the software, which secures around two-thirds of the world's websites, was done by a group of volunteers with very little funding.
The new group set up by the Linux Foundation has a dozen contributors and has so far raised around $3m (£1.7m).
As well as maintaining OpenSSL it will also support development of other crucial open-source software.
Firms supporting the initiative include Google, Facebook, Microsoft, Intel, IBM, Cisco and Amazon. Each will donate $300,000 over the next three years.
It is kind of weird that such crucial software is run by a group of hobbyists on a shoestring budget”
The industry has been forced to step up after Heartbleed brought chaos to the tech sector.
Experts estimate that the Heartbleed bug will cost businesses tens of million of dollars in lost productivity as they update systems with safer versions of OpenSSL.
"Sometimes it takes a crisis to do the right thing," Linux Foundation executive director Jim Zemlin told journalists.
The bug exposed more than just people's passwords and credit card details. It also highlighted that the crucial piece of software is maintained by a small group of developers who receive donations averaging about $2,000 a year to support the project.
"It is kind of weird that such crucial software is run by a group of hobbyists on a shoestring budget," said Mikko Hypponen, chief research officer with security firm F-Secure.
"This software was invisible, behind the scenes and there are very few volunteers who have the skill and willingness to work on a project like this. There is no recognition, no money and it is very difficult."
The details that have emerged about how the vulnerability came about speaks volumes about how little the industry has cared about the software that was securing their websites, he added.
"The fact that the code change which caused the bug was done by an individual working at 23:00 on a New Year's Eve says a lot. The code simply wasn't reviewed enough and it went undetected for two years," he added.
"Now there is formal and monetary support from the industry I hope we will see a change not just for OpenSSL but for other crucial open source software."
At 08:59:38 in Northern IrelandA 32-year-old man has been shot in both legs in Londonderry.
At 08:59:34 in WalesThree primary schools could merge as part of plans to cut the number of surplus places on Anglesey.
At 08:57:34 in SportNew Manchester United manager Louis van Gaal has criticised the club's pre-season tour schedule in America.
At 08:57:21 in EntertainmentThe inquest into the death of TV presenter, Peaches Geldof, is due to present its findings later.
At 08:56:46 in EnglandThe council-commissioned review of the "Trojan Horse" allegations "ought to be reviewed itself", teachers have said.
At 08:37:00 in SportConsidered a master of qualifying, Mercedes' Lewis Hamilton has seen things conspire against him during the one-hour session in the past five races.
At 08:29:26 in BusinessThe UK's disability benefits system requires a "fundamental redesign" because flaws in the process are so "grave", a report by MPs has said.
At 08:14:47 in BusinessOutsourcing group Capita has said half-year profits grew 16% to £238m after winning major contracts worth £1.3bn.
At 08:09:25 in EnglandGiants are set to roam the streets of Liverpool as the city gives itself over to Royal de Luxe's Memories of August 1914.
At 07:59:44 in WalesPlans for a giant solar park with 180,000 electricity-generating panels are being recommended for approval by Flintshire councillors.
Harvard CitationBBC News, 2014. Tech giants spend millions to stop another Heartbleed [Online] (Updated 25th Apr 2014)
Available at: http://www.ukwirednews.com/news/1564047/Tech+giants+spend+millions+to+stop+another+Heartbleed [Accessed 23rd Jul 2014]
News In Other Categories
A 32-year-old man has been shot in both legs in Londonderry.
Part of a city in north-west China has been sealed off and dozens of people placed in quarantine after a man died of bubonic plague, state media said.
The Queen will formally open the 20th Commonwealth Games in Glasgow later in front of a 40,000 crowd at Celtic Park.
US video game publisher Electronic Arts (EA) has reported a 51% jump in profit for the April-to-June quarter, boosted by strong sales of titles like Titanfall and FIFA 2014.
The UK's disability benefits system requires a "fundamental redesign" because flaws in the process are so "grave", a report by MPs has said.
The inquest into the death of TV presenter, Peaches Geldof, is due to present its findings later.