OpenSSL founder warns more support and funding needed to prevent another Heartbleed
Major users of OpenSSL need to flash cash to avoid more bugs
One of the founders of OpenSSL has slammed the industry for not giving the project more financial support in the wake of the Heartbleed disaster.
Steve Marquess, OpenSSL Software Foundation president said in a blog post that the OpenSSL needed money for half a dozen full-time employees rather than the one it has currently.
Donations have been coming into the OpenSSL Software Foundation after last week's discovery of a major flaw in OpenSSL, dubbed Heartbleed, but these have been mostly from individuals and only to the tune of $9,000.
The ones who have never lifted a finger to contribute to the open source community that gave you this gift. You know who you are.
OpenSSL is a critical part of the infrastructure of the internet and Marquess said that the project had "nowhere near enough to properly sustain the manpower levels needed to support such a complex and critical software product."
He castigated Fortune 1000 companies for using the software but not stumping up cash to support the product.
"The ones who include OpenSSL in your firewall/appliance/cloud/financial/security products that you sell for profit, and/or who use it to secure your internal infrastructure and communications," fumed Marquess.
"The ones who don't have to fund an in-house team of programmers to wrangle crypto code, and who then nag us for free consulting services when you can't figure out how to use it."
At present, the foundation relies on support contracts to fund work on the project. Annual contracts start at $20,000. Donations also bring in around $2,000 a year normally.
Marquess said that at least six people needed to be working on the project, instead of the current sole employee, to be able to "concentrate on the care and feeding of OpenSSL without having to hustle commercial work".
"If you're a corporate or government decision maker in a position to do something about it, give it some thought. Please. I'm getting old and weary and I'd like to retire someday," he pleaded.
Top 5 challenges of migrating applications to the cloud
Explore how VMware Cloud on AWS helps to address common cloud migration challengesDownload now
3 reasons why now is the time to rethink your network
Changing requirements call for new solutionsDownload now
All-flash buyer’s guide
Tips for evaluating Solid-State ArraysDownload now
Enabling enterprise machine and deep learning with intelligent storage
The power of AI can only be realised through efficient and performant delivery of dataDownload now