What's Making These Biggest Of Tech Rivals To Collaborate And Work With Each Other?

The enemy of a super-massive tech company's enemy is its friend, as this unlikely collective setting out to defend the Internet makes quite clear.

Cover image via

In the wake of the Heartbleed bug, 12 tech giants have come together to back a new project to ensure the security of critical open-source projects

Image via

Google, Microsoft, Facebook and several other tech giants have teamed to create an initiative that will be used to fund important open-source projects that are in need of financial assistance such as OpenSSL, which was recently plagued by the discovery of the Heartbleed bug.

Heartbleed is one of the biggest and widespread vulnerabilities in the history of the modern web. The problem stemmed from an errant line of code in the open-source project OpenSSL. About 66% of web servers rely on OpenSSL to encrypt data and keep things secure.

The bug in OpenSSL meant that the secret-encryption keys — which are what ensures that your passwords and other data are securely transmitted — could be stolen from a web server without anyone knowing. The bug existed in OpenSSL for more than two years before being publicly patched and announced.

The project, called the Core Infrastructure Initiative formed by the Linux Foundation, will fund open source projects and the critical software infrastructure

The program, dubbed the Core Infrastructure Initiative, is an an offshoot of Linux Foundation and designed to "fund open source projects that are in the critical path for core computing functions," according to a description on its website.

The group will work with "an advisory board of esteemed open source developers to identify and fund open source projects in need."

Executive director Jim Zemlin says that after the Heartbleed, it was clear something needed to change

Jim Zemlin, executive director of the Linux Foundation

Image via

"After we're done updating our software and swapping our certificates, what can we learn? What can be done differently," he says. "Obviously, in retrospect, I wish we had done this a long time ago."

The Linux Foundation isn't directing the money; Zemlin describes their role as more "a place to hold the money" while the members decide where it needs to go

Those members include giants like Google, Microsoft, and Facebook, along with hardware companies like Intel and Fujitsu, and cloud services groups like Rackspace and Amazon Web Services.

Each one is committed to donating at least $100,000 a year for the next three years. With twelve companies already on board, that means the company has already amassed $3.6 million in funding to be doled out as the project progresses.

Unsurprisingly, the OpenSSL project will be the first to receive fellowship funding from the initiative

The idea behind the fellowships is to allow key developers to work on these projects full-time. Besides the funding, the projects that will receive support from the initiative will also get other forms of assistance to improve their security, including outside reviews, security audits, computing and test infrastructure, travel and other support.

But Open SSL is not the only item. ModSSL, PGP and OpenCryptolab were also mentioned as potential projects the initiative might support. More importantly, the founders hope the project will unearth new priorities once all the stakeholders are meeting regularly.

"Hopefully, five years from now when we look back," Zemlin says, "we'll say one of the things we learned was how important it is to have these decisions proactively"

Google, Facebook, and Microsoft are teaming up to prevent another Heartbleed.

Image via

Other Heartbleed related stories on SAYS:

You may be interested in: