This February, the Preliminary Report and Census II of Open Source Software, Titulado Vulnerabilities in the Core by the Linux Foundation with the help of the Basic Infrastructure Initiative and the Harvard Laboratory for Innovation Science, among many other organizations.
The purpose of this Census was to identify the components of Free and Open Source Software (FOSS) most commonly used in production applications, after examining them for detect potential vulnerabilities, in order to adopt measures aimed at maintaining its long-term health and safety.
Taking the time and participating in such work is very important, since the stakes are high, in favor of the security of Open Source Software. With millions of people (users), both in homes and in organizations, public and private, around the world relying on him, and the appearance or discovery of more and more vulnerabilities or security flaws, in various systems or platforms, putting the whole world at risk, it is essential to collaborate to support, protect and strengthen el Open Source Software.
Hence, the importance of the existence and work of the Basic or Central Infrastructure Initiative, since it adopts a collaborative and preventive approach to strengthen cybersecurity, in partnership with many industry giants, for the benefit of strengthen the security of key open source projects.
The Basic Infrastructure Initiative
What is it?
La Basic (or Central) Infrastructure InitiativeThe simplemente IIC by the acronym of his name in English "Core Infrastructure Initiative", is a multi-million dollar project to finance and support critical elements of the global information infrastructure.
It is organized by the Linux Foundation and is supported by global tech giantssuch as Amazon Web Services, Adobe, Bloomberg, Cisco, Dell, Facebook, Fujitsu, Google, Hitachi, HP, Huawei, IBM, Intel, Microsoft, NetApp, NEC, Qualcomm, RackSpace, salesforce.com, and VMware.
La IIC was formed in response to the heartbleed security crisis; However, the Initiative's efforts are not limited to issues related to the cryptanalysis. It ranges from point solutions to holistic solutions, for the Open Source security.
Furthermore, the IIC allows technology companies identify and finance in collaboration the Open Source projects who need assistance, while allowing developers to continue their work under the community standards that have made the Open Source be so successful.
Open Source projects benefited
The first project to receive funding from the IIC was OpenSSL, which received funding in the form of key developer grants, as well as other resources to help the project improve its security, enable external testing, and improve responsiveness to patch requests. Furthermore, in collaboration with the Open Cryptographic Audit Project, and next to NCC Group audited the code of OpenSSL.
Other projects that have received support from the IIC have been:
- Network Time Protocol
- OpenSSH
- GnuPG
- Frama-C
- Fuzzing project
Importance
Since currently the Free Software and Open Source facilitates the adoption of new technologies, in Organizations, public and private, so they can be more competitive and profitable at present, at minimal or no costs. And this therefore favors human and social growth and development, both for employees, workers, families and citizens in general. The existence and function of organizations such as IIC are of vital importance, so that all this is carried out in the safest and most reliable way for everyone.
“FLOSS was long viewed as the domain of computer hobbyists and handymen. However, it has now become an integral component of the modern economy and fundamental to everyday technologies such as smartphones, cars, the Internet of Things, and numerous pieces of critical infrastructure. Understanding which components are the most used and the most vulnerable will allow us to help ensure the continued health of the ecosystem and the digital economy. ” Quote from Frank Nagle, Harvard Business School Professor and Co-Director of the Census II report.
Conclusion
We hope this "useful little post" on «Iniciativa de Infraestructura Básica (Core Infrastructure Initiative)»
, an interesting initiative of the «Fundación Linux»
together with business organizations that support and use open source software, focused on making it safer, of great interest and utility, for the entire «Comunidad de Software Libre y Código Abierto»
and of great contribution to the diffusion of the wonderful, gigantic and growing ecosystem of applications of «GNU/Linux»
.
And for more information, always do not hesitate to visit any Online library as OpenLibra y jedit to read books (PDFs) on this topic or others knowledge areas. For now, if you liked this «publicación»
, don't stop sharing it with others, in your Favorite websites, channels, groups, or communities of social networks, preferably free and open as Mastodon, or secure and private like Telegram.
Or simply visit our home page at DesdeLinux or join the official Channel Telegram from DesdeLinux to read and vote for this or other interesting publications on «Software Libre»
, «Código Abierto»
, «GNU/Linux»
and other topics related to «Informática y la Computación»
, and the «Actualidad tecnológica»
.