Welcome!

News Feed Item

The Linux Foundation's Core Infrastructure Initiative Announces New Backers, First Projects to Receive Support and Advisory Board Members

Additional Founding Members Adobe, Bloomberg, HP, Huawei and Salesforce.com Join CII; Network Time Protocol, OpenSSH and OpenSSL First Projects to Receive Support; Open Crypto Audit Project to Conduct Security Audit of OpenSSL; Advisory Board Members Incl

SAN FRANCISCO, CA -- (Marketwired) -- 05/29/14 -- The Core Infrastructure Initiative (CII), a project hosted by The Linux Foundation that enables technology companies, industry stakeholders and esteemed developers to collaboratively identify and fund open source projects that are in need of assistance, today announced five new backers, the first projects to receive funding from the Initiative and the Advisory Board members who will help identify critical infrastructure projects most in need of support.

CII provides funding for fellowships for key developers to work fulltime on open source projects, security audits, computing and test infrastructure, travel, face-to-face meeting coordination and other support. The Steering Committee, comprised of members of the Initiative, and the Advisory Board of industry stakeholders and esteemed developers, are tasked with identifying underfunded open source projects that support critical infrastructure, and administering the funds through The Linux Foundation.

The computing industry has increasingly come to rely upon shared source code to foster innovation. But as this shared code has become ever more critical to society and more complex to build and maintain, there are certain projects that have not received the level of support commensurate with their importance. CII changes funding requests from the reactive post-crisis asks of today to proactive reviews identifying the needs of the most important projects. By raising funds at a neutral organization like The Linux Foundation, the industry can effectively give these projects the support they need while ensuring that open source projects retain their independence and community-based dynamism.

"All software development requires support and funding. Open source software is no exception and warrants a level of support on par with the dominant role it plays supporting today's global information infrastructure," said Jim Zemlin, executive director at The Linux Foundation. "CII implements the same collaborative approach that is used to build software to help fund the most critical projects. The aim of CII is to move from the reactive, crisis-driven responses to a measured, proactive way to identify and fund those projects that are in need. I am thrilled that we now have a forum to connect those in need with those with funds."

Additional Backers Represent Overwhelming Support for Open Source Projects
Additional founding members of CII include Adobe, Bloomberg, HP, Huawei and salesforce.com. These companies represent the ongoing and overwhelming support for the open source software that provides the foundation for today's global infrastructure. They join other members of CII who include Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace and VMware. Comments from some of the newest members are included below.

Range of Projects Prioritized for First Round of Funding
Upon an initial review of critical open source software projects, the CII Steering Committee has prioritized Network Time Protocol, OpenSSH and OpenSSL for the first round of funding. OpenSSL will receive funds from CII for two, fulltime core developers. The OpenSSL project is accepting additional donations, which can be coordinated directly with the OpenSSL Foundation (contact at [email protected]).

The Open Crypto Audit Project (OCAP) will also receive funding in order to conduct a security audit of the OpenSSL code base. Other projects are under consideration and will be funded as assessments are completed and budget allows.

Esteemed Industry Experts Will Advise CII on Projects Most in Need
The CII Advisory Board will inform the CII Steering Committee about the open source projects most in need of support. With highly esteemed experts from the developer, security and legal communities, the CII Advisory Board plays an important role in prioritizing projects and individuals who are building the software that runs our lives.

Alan Cox is a longtime Linux kernel developer and has been recognized by the Free Software Foundation for advancing free software.

Matthew Green is a Research Professor of Computer Science at the Johns Hopkins University and a co-founder of the Open Crypto Audit Project. His research focuses on computer security and cryptography, and particularly the way that cryptography can be used to promote individual privacy.

"Whether we acknowledge it or not, the security of today's Internet depends on a small number of open source projects. This initiative puts the resources in place to ensure the long-term viability of those projects. It makes us all more secure," said Green.

Dan Meredith is a director at Radio Free Asia's Open Technology Fund. He has been an activist and technologist exploring emerging trends intersecting human rights, transparency, global communication policy, the Internet, and information security for over a decade.

Eben Moglen is a professor of law and legal history at Columbia University and is the founder, director-counsel and chairman of Software Freedom Law Center. He is considered the foremost expert on open source legal practices and represents a variety of open source projects and developers.

Bruce Schneier is a fellow at the Berkman Center for Internet & Society at Harvard Law School and a well-recognized expert on computer security and privacy. He is also a fellow at New America Foundation's Open Technology Institute.

Schneier commented on the Core Infrastructure Initiative: "This is an important step towards improving the security of the Internet. I'm happy to see the technology companies that rely on the security of open source software investing in that security."

Eric Sears is a Program Officer for Human Rights for MacArthur Foundation. His grant-making portfolio includes efforts to strengthen digital free expression and privacy through advancing a more open and secure Internet.

Ted T'so has been recognized as the first Linux kernel developer in North America and today is a file system developer at Google who also works on Kerberos v5 and /dev/random. T'so is also a member of the Internet Engineering Task Force and serves on its Security Area Directorate.

Member Comments
Adobe
"Adobe believes that open development and open source software are fundamental building blocks for software development," said Dave McAllister, director of open source at Adobe. "The Core Infrastructure Initiative allows us to extend our support through a neutral forum that can prioritize underfunded yet critical projects. We're excited to be a part of this work."

Bloomberg
"Open source software provides a critical foundation for the technologies we build for our clients," said Shawn Edwards, CTO, Bloomberg. "We are proud to support the Core Infrastructure Initiative so we can contribute to building the foundational technologies that make future innovation possible."

HP
"HP strongly believes in the quality of open source software, as evidenced by its use, participation in, and support of open source projects and software," said Eileen Evans, vice president and deputy general counsel, cloud and open source, HP. "As a member of the Core Infrastructure Initiative, HP will lend its expertise and resources to further improve the technology of open source global information infrastructure, and in particular, work to reduce the likelihood of security-related incidents."

Salesforce.com
"Open source software has fueled the advancements we've seen over the last decade in cloud ​and mobile ​computing," said Parker Harris, co-founder, salesforce.com. "That is why supporting the Linux Foundation's Core Infrastructure Initiative is an absolute necessity in today's software industry, and salesforce.com is delighted to contribute to this effort and foster the next generation of open source computing innovation."

Anyone can donate to the Core Infrastructure Initiative fund. To join or donate or find out more information about the Core Infrastructure please visit https://www.linuxfoundation.org/programs/core-infrastructure-initiative

About The Linux Foundation
The Linux Foundation is a nonprofit consortium dedicated to fostering the growth of Linux and collaborative software development. Founded in 2000, the organization sponsors the work of Linux creator Linus Torvalds and promotes, protects and advances the Linux operating system and collaborative software development by marshaling the resources of its members and the open source community. The Linux Foundation provides a neutral forum for collaboration and education by hosting Collaborative Projects, Linux conferences, including LinuxCon and generating original research and content that advances the understanding of Linux and collaborative software development. More information can be found at http://www.linuxfoundation.org.

The Linux Foundation, Linux Standard Base, MeeGo, Tizen and Yocto Project are trademarks of The Linux Foundation. OpenBEL is a trademark of OpenBEL Consortium. OpenDaylight is a trademark of the OpenDaylight Project, Linux is a trademark of Linus Torvalds

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Choosing the right cloud for your workloads is a balancing act that can cost your organization time, money and aggravation - unless you get it right the first time. Economics, speed, performance, accessibility, administrative needs and security all play a vital role in dictating your approach to the cloud. Without knowing the right questions to ask, you could wind up paying for capacity you'll never need or underestimating the resources required to run your applications.
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now ...
Security, data privacy, reliability, and regulatory compliance are critical factors when evaluating whether to move business applications from in-house, client-hosted environments to a cloud platform. Quality assurance plays a vital role in ensuring that the appropriate level of risk assessment, verification, and validation takes place to ensure business continuity during the migration to a new cloud platform.
"Splunk basically takes machine data and we make it usable, valuable and accessible for everyone. The way that plays in DevOps is - we need to make data-driven decisions to delivering applications," explained Andi Mann, Chief Technology Advocate at Splunk and @DevOpsSummit Conference Chair, in this SYS-CON.tv interview at @DevOpsSummit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
In his session at @DevOpsSummit at 19th Cloud Expo, Robert Doyle, lead architect at eCube Systems, will examine the issues and need for an agile infrastructure and show the advantages of capturing developer knowledge in an exportable file for migration into production. He will introduce the use of NXTmonitor, a next-generation DevOps tool that captures application environments, dependencies and start/stop procedures in a portable configuration file with an easy-to-use GUI. In addition to captur...
Who are you? How do you introduce yourself? Do you use a name, or do you greet a friend by the last four digits of his social security number? Assuming you don’t, why are we content to associate our identity with 10 random digits assigned by our phone company? Identity is an issue that affects everyone, but as individuals we don’t spend a lot of time thinking about it. In his session at @ThingsExpo, Ben Klang, Founder & President of Mojo Lingo, discussed the impact of technology on identity. Sho...
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...
A critical component of any IoT project is what to do with all the data being generated. This data needs to be captured, processed, structured, and stored in a way to facilitate different kinds of queries. Traditional data warehouse and analytical systems are mature technologies that can be used to handle certain kinds of queries, but they are not always well suited to many problems, particularly when there is a need for real-time insights.
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...