Announcement

Collapse
No announcement yet.

Linux Foundation Announces A Core Infrastructure Initiative

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Linux Foundation Announces A Core Infrastructure Initiative

    Phoronix: Linux Foundation Announces A Core Infrastructure Initiative

    The Linux Foundation has announced a multi-million dollar Core Infrastructure Initiative to fund critical open-source projects. The first project receiving money from this pool is OpenSSL...

    http://www.phoronix.com/vr.php?view=MTY3MjE

  • #2
    Hmmm....OpenSSL, not LibreSSL? I thought OpenSSL was irrevocably broken?

    Comment


    • #3
      "Core Infrastructure Initiative"? Aww, I was hoping it would be called "Pacemaker"

      Originally posted by kaprikawn View Post
      Hmmm....OpenSSL, not LibreSSL? I thought OpenSSL was irrevocably broken?
      Not if you throw money at it it's not!

      Comment


      • #4
        Originally posted by kaprikawn View Post
        Hmmm....OpenSSL, not LibreSSL? I thought OpenSSL was irrevocably broken?
        It's clearly not LibreSSL. Linux Foundation should not accept the terms in which the investment is done; they have to protect the freedom of the libre community and they should administer that investment money in the projects they are genuinely and scientifically interested on. If all those companies have real interest in patching OpenSSL, they should bring their own developers to upload patches to the project. What I believe they are attempting is to control the interest of development for their own benefit.

        Comment


        • #5
          Competition

          The HeartBlead bug showed us that there was a lack of competition on SSL layer software. Too many considered OpenSSL the best even tough it had many disadvantages. And this is why ot became almost omnipresent.

          OpenBSD will ensure that OpenSSL have some competition and the Linux Foundation will ensure that OpenSSL stand a change in this competition.

          You can always argue that this should have happened long ago. But that argument won't fix anything.

          They are fixing this now, and that is good.

          Comment


          • #6
            Where the F is HP at?

            Big names in the industry - but where the f is HP? They had over 30 bugtraq advisories last 2 weeks, all concerning the heartbleed bug. If there's anyone who should throw in monies to improve on OpenSSL it's definitely HP who takes it all, gives nothing back.

            Comment


            • #7
              Originally posted by arabek View Post
              Big names in the industry - but where the f is HP? They had over 30 bugtraq advisories last 2 weeks, all concerning the heartbleed bug. If there's anyone who should throw in monies to improve on OpenSSL it's definitely HP who takes it all, gives nothing back.
              Just as i wrote - 4 more came in with the same heartbleed bug as the cause... HP, what's your game!?

              @Michael - might want to reach out to them for comment?

              EDIT: for reference: http://insecure.org/search.html?cx=p...leed&sa=Search

              Comment


              • #8
                Yes, please, give some money to the Xfce devs so they can work full time on it. And let's not forget Gimp, Inkscape, Blender, LibreOffice, Openshot, Wine and others.

                Better development tools would be nice too. Something like Eclipse (a multi-purpose IDE) but without the bloat.

                Comment


                • #9
                  Originally posted by wargames View Post
                  Yes, please, give some money to the Xfce devs so they can work full time on it. And let's not forget Gimp, Inkscape, Blender, LibreOffice, Openshot, Wine and others.

                  Better development tools would be nice too. Something like Eclipse (a multi-purpose IDE) but without the bloat.
                  I'm all for that.

                  Comment


                  • #10
                    Gimp, Libreoffice and the others aren't exactly "Core Internet infrastructure" this fund was meant for :P

                    Comment


                    • #11
                      Re: OpenSSL/LibreSSL discussion.

                      Right now I think there's plenty of room for both OpenSSL and LibreSSL. Eventually we might end up with a merger of some kind, or they might differentiate enough to just have the multiple options, who knows? Look at the good that's come from having something (LLVM/Clang) competing with GCC finally.

                      Comment


                      • #12
                        What about GnuTLS???

                        Comment


                        • #13
                          Funding people who failed, to fail with more vigor?

                          Am I the only one, who thinks that funding a structurally failed enterprise is only going to yield more fail, more efficiently?

                          To be entirely honest, this whole idea is thoroughly sickening from my point of view.

                          The only way to fix OpenSSL is to throw it away, period.

                          More practically, though, a temporary ABI shim is needed -- and LibreSSL fits the bill perfectly.

                          In the long run, an API not designed by idiots is needed -- such as NaCl by Dan Bernstein:

                          http://nacl.cr.yp.to/

                          Comment


                          • #14
                            Originally posted by wargames View Post
                            Yes, please, give some money to the Xfce devs so they can work full time on it. And let's not forget Gimp, Inkscape, Blender, LibreOffice, Openshot, Wine and others.

                            Better development tools would be nice too. Something like Eclipse (a multi-purpose IDE) but without the bloat.
                            If you want to see projects like Blender, GIMP, Krita, Inkscape and LibreOffice improved you could consider supporting the blender feature film project http://gooseberry.blender.org/ which aims to hire developers to improve these projects thoughout the process of making the movie.
                            Last edited by tarceri; 04-24-2014, 06:41 PM.

                            Comment


                            • #15
                              Originally posted by cutterjohn
                              no, libressl is theo's little pet project, while openssl is what is actually used...

                              which is better, IMNHO openssl, as I'm tired of theo's whinging about everything and anything, he's about as bad as zealot freetards with about as much relevance.
                              I agree. The OpenSSL people have been working on it as a side project for ages and got jack for gratitude. Minuscule amount of donations and rarely a though as long as it worked. In a way this problem highlighted this and now they get the proper attention.

                              The OpenBSD folks are just jumping the wagon of mixed publicity. It's good if they continue their fork as some competition is always good but it would be very a-holish to turn the back on the OpenSSL team who were working away with little gratitude for all this years.

                              We should at least give them the benefit of the doubt and see what they can accomplish with proper funding and the ability to focus on writing OpenSSL instead of consulting all the time to keep afloat.

                              Comment

                              Working...
                              X