Textpattern CMS support forum
New initiative to secure open-source software
The good part
The Linux Foundation said today it’s presiding over a new foundation that brings some of the world’s most important open-source security initiatives under a new umbrella.
The newly launched Open Source Security Foundation will host security projects such as the Core Infrastructure Initiative, which was set up in response to the infamous Heartbleed vulnerability discovered in the Open SSL protocol in 2014, and the Open Source Security Coalition, founded by GitHub Inc.’s Security Lab in 2019.
The bad part:
OpenSSF’s founding members include some of tech’s biggest names, such as GitHub, Google LLC, IBM Corp., Intel Corp., Microsoft Corp., Red Hat Inc., Uber Technologies Inc. and VMware Inc.
When corporations, that are creating vulnerable software, and are already guilty of security related privacy intrusions are on the top, I do not think that anything good will come out of it. I believe on the bottom-up approach. This is not it.
Re: New initiative to secure open-source software
I certainly share your worries here. The way I read and understand that press release, beneath the lofty words…: “we’ll all work together, open source etc, but we’ll make sure what comes out of this doesn’t affect our bottom line (our wallet)”.
Where is that emoji for a solar powered submarine when you need it ?