The discovery of the Heartbleed zero-day bug in OpenSSL earlier this month has caused concern about the overall security of the Internet. Today, the Linux Foundation announced the formation of a new group that has pledged to help prevent issues such as Heartbleed from happening again.
Microsoft, Google, Intel, Amazon, Facebook, Dell, IBM and others have joined the group, called the Core Infrastructure Initiative, whose primary goal is to get its members to help fund open source projects that need assistance. The first such effort from the group to be funded will be to assist OpenSSL. The Core Infrastructure Initiative's members will try to put money in projects to help improve its security, along with improvements in releasing patches faster and to get outside reviews of OpenSSL.
In his own statement about his company's involvement with the group, Steve Lipner, the partner director of software security at Microsoft, said:
Security is an industry-wide concern requiring industry-wide collaboration. The Core Infrastructure Initiative aligns with our participation in open source and the advancement of secure development across all platforms, devices and services.
In addition to the official members of the group, anyone else can donate money that will be used by the Linux Foundation and/or the Core Infrastructure Initiative's projects.