The Heartbleed bug was a major vulnerability in the open-source program that was used to encrypt data across roughly two-thirds of the Internet. After the bug was discovered, it was also found that this has been an issue for almost two years, meaning many web users’ private or sensitive information could have been exposed.
That’s why, this week, the nonprofit group Linux Foundation created the Core Infrastructure Initiative (CII), a program that will support programmers to make sure they get the resources they need to efficiently manage their projects. OpenSSL, the open-source program that was infected by Heartbleed, was run by a small team of programmers who didn’t have time to test it with any regularity. CII hopes to provide them with the necessary funds to properly staff and run the project.
Facebook and the 11 other companies in the group have each pledged a minimum of $100,000 a year to the effort for the next three years.
“This is not just about the money, but the forum,” Jim Zemlin, executive director of the Linux Foundation, told The New York Times. “Instead of responding to a crisis retroactively, this is an opportunity to identify crucial open-source projects in advance. Right now, nobody is having that conversation, and it’s an important conversation to have.”