How the Linux Foundation's CII Is Securing the Internet
VIDEO: Jim Zemlin, executive director of the Linux Foundation, explains how millions of dollars he helped raise are going toward preventing the next open-source Heartbleed.The Heartbleed flaw that was first publicly disclosed in April of this year, was in some respects a black eye on the open-source community. Heartbleed is a flaw in the open-source OpenSSL cryptographic library that had wide ranging impact across the infrastructure of the Internet. In the aftermath of Heartbleed, a new effort emerged called the Core Infrastructure Initiative (CII) to help fund developers wanting to improve security across critical open-source infrastructure technologies. In a video interview with eWEEK, Jim Zemlin, executive director of the Linux Foundation, explains how CII works and what can be done to improve open-source security. Zemlin noted that in the case of OpenSSL, though it plays a critical role in Internet infrastructure, it was not receiving the level of support that is commensurate with the role it plays. There are other open-source efforts beyond just OpenSSL that could also benefit from increased financial support, he added.
CII has the financial support of a number of leading IT organizations, including IBM, Intel, Dell, Cisco, Google, Hewlett-Packard, Qualcomm, VMware, Amazon, Facebook and Microsoft.