#Heartbleed #OpenSSL Bug Reveals the True Cost of #OpenSource Software


heartbleedThe vast majority of those taking advantage of free, open-source software such as OpenSSL do nothing to contribute to its development—and that’s part of the problem.

Every day brings new reports of the threats posed by the Heartbleed bug. But the discovery of Heartbleed has also unearthed a scandal that’s plagued the open-source community for years. The scandal is that giant enterprises are doing nothing to contribute to the development, testing and validation of the free software on which they depend. They are takers, pure and simple. Nothing makes this more obvious than the details revealed by the German developer who was responsible for the bug in the first place, Dr. Robin Seggelmann. Dr. Seggelmann, it appears, was spending his end-of-the-year holiday working to fix bugs in the first version of OpenSSL, the encryption software that was becoming a standard on the Internet. While he was at it, Seggelmann developed a way to create a heartbeat function that could keep encrypted sessions open rather than timing out over time.

Read more at http://www.eweek.com/security/heartbleed-openssl-bug-reveals-the-true-cost-of-open-source-software.html

Advertisements

One thought on “#Heartbleed #OpenSSL Bug Reveals the True Cost of #OpenSource Software

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s