If the OpenSSL Heartbleed taught the community anything, it’s that it needs to work together at a scale that has never been done before. And who can organize it better than The Linux Foundation?
The Linux Foundation has announced one of the biggest collaboration projects ever put together, and everything is done with a single purpose: to fund open source projects that are in need of assistance. The number of companies involved so far is impressive, and these are just the first ones: Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, Vmware, and The Linux Foundation.
Unlike previous projects that have been put together, not only by The Linux Foundation, this is about the collective good of all the open source beneficiaries. All of these companies have understood that they may be at risk if they don't invest in the future and in open source.
“The Core Infrastructure Initiative is a multi-million dollar project organized by The Linux Foundation to fund open source projects that are in the critical path for core computing and Internet functions. Galvanized by the Heartbleed OpenSSL crisis, the Initiative’s funds will be administered by The Linux Foundation and a steering group comprised of backers of the project as well as key open source developers and other industry stakeholders.”
“Support from the initiative will include funding for fellowships for key developers to work full-time on open source projects, security audits, computing and test infrastructure, travel, face-to-face meeting coordination and other support,” reads the announcement.
The Linux Foundation intends to run it like it does the Linux kernel, which is actually the biggest collaboration enterprise on the face of the planet. It has thousands of people from different companies working together with the goal of releasing free and open source software, the Linux kernel.
The problem that sparked the initiative was the Heartbleed vulnerability that was discovered in the OpenSSL library. It affected so many companies and online services that it's actually a miracle the damage wasn’t worse.
The Linux Foundation has explained that, with The Core Infrastructure Initiative, important projects like OpenSSL will be able to get the proper funding, which in turn will enable the developers to quickly fix the issues, improve security, enable outside reviews, and to improve responsiveness to patch requests.
The list of companies that have joined the project is still open and it's very likely that more will come into the fold. Who knows, maybe in time it will even surpass the Linux kernel in number of contributors.