Google, Microsoft and other joint investment open source projects, prevent Heartbleed similar holes


in recent stage and a series of privacy caused by Heartbleed vulnerability safety emergency report is pass. Due to the wide application of OpenSLL, at that time the affected site users is countless.

recently, including Google, Microsoft, Facebook, several technology giant teamed up to launch called Core Infrastructure Initiative (CII) project, aimed at enhancing the software Infrastructure security, prevent similar Heartbleed such widespread holes appear again.

CII project first put forward by the Linux foundation, the main members in addition to the above mentioned Google, Microsoft, Facebook and hardware equipment giant Intel, Fujitsu, too, such as the amazon AWS cloud service enterprise. CII three-year project, each company to spend at least $100000 a year, to the basis of software development, improve, and protective. The SEC has 12 members, it is conceivable at present the project will accumulate funds of $3.6 million.

the Linux foundation will not be in charge of the operation of the investment fund, the Linux foundation Zemlin said like money, a member of the SEC is to determine the whole project to the people.

when it comes to the goal of CII, executive director Jim Zemlin said, after an outbreak of Heartbleed loopholes in the industry in addition to rush repair should be thinking.” We must take some actions to CII this project would have to do.”

obviously Heartbleed loopholes exist let OpenSSL became the primary object of protection, of course, ModSSL, PGP, as well as OpenCryptolab basic protocol that is within the scope of protection. At the same time, the main members of each meeting will determine the new protection. Look back Zemlin said, in the hope that after five years, will be more sure launch CII decision is how right now.

Via: