Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday April 24 2014, @04:50PM   Printer-friendly

It's often said that "you get what you pay for", but when it comes to free software, this doesn't apply. You often get a lot more. However, you do get what someone pays for. Software development takes time and money, and without substantial donations, sponsorship, etc., a free-software project will be limited to what volunteers can achieve in their own time.

According to an article in Ars Technica, the security software OpenSSL has one full-time employee and receives about $2000 a year in donations. It's therefore not surprising that bugs aren't always caught before they cause problems.

Based on the recent, and serious, "heartbleed" bug, this state of affairs needs to change and, according to that same article, is about to change. The Linux Foundation is launching the Core Infrastructure Initiative with some decent financial backing. "Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Qualcomm, Rackspace, and VMware have all pledged to commit at least $100,000 a year for at least three years".

OpenSSL will not be the only project to receive a share of this money, but it was the inspiration for the initiative and will be the first under consideration. The funding will "not come with strings attached", according to Linux Foundation Executive Director Jim Zemlin.

One could argue it's much cheaper to support something like OpenSSL than to clean up the mess when a small and underfunded team fail to catch important bugs in a timely manner.

Which other projects would be cheaper in the long run (for all concerned) if they received more financial support?

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by Grishnakh on Thursday April 24 2014, @05:35PM

    by Grishnakh (2831) on Thursday April 24 2014, @05:35PM (#35685)

    What I don't understand is why Microsoft is involved here at all. Isn't their answer going to just be "use our software!!!"? Why would they fund an open-source foundation, esp. the Linux Foundation?

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 3, Informative) by Anonymous Coward on Thursday April 24 2014, @06:08PM

    by Anonymous Coward on Thursday April 24 2014, @06:08PM (#35700)

    MS is bonkers about compatibility. They spend tons of time making sure their stuff 'just works' with '3rd party'. For example samba. They spend tons of time making sure they do not break it.

    Basically their customers use it. So they use it. And 'just use our $tuff' is a bad answer when your customer just dropped several million on support contracts and CALs. Which can in turn get you thrown out and loosing out to 'free'.

    They may even use it themselves in there somewhere and have an interest in making sure it works.

    MS is a company that makes money. They can and do slimy things. But as a software company they actually have pretty cool stuff. Do not dismiss your 'enemy' for they are strong.

    • (Score: 1) by GeminiDomino on Thursday April 24 2014, @07:13PM

      by GeminiDomino (661) on Thursday April 24 2014, @07:13PM (#35728)

      MS is bonkers about compatibility. They spend tons of time making sure their stuff 'just works' with '3rd party'. For example samba. They spend tons of time making sure they do not break it.

      Since then? The last time I heard about MS and Samba, the former was having its peepee slapped in the EU for intentionally breaking it.

      --
      "We've been attacked by the intelligent, educated segment of our culture"
  • (Score: 3, Informative) by Sir Garlon on Thursday April 24 2014, @06:17PM

    by Sir Garlon (1264) on Thursday April 24 2014, @06:17PM (#35705)

    If I had to guess, I'd say they are probably using Linux-based appliances in their cloud data centers. I'm not really a network guy so I'll not speculate on exactly what.

    --
    [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
    • (Score: 2) by Grishnakh on Thursday April 24 2014, @06:31PM

      by Grishnakh (2831) on Thursday April 24 2014, @06:31PM (#35712)

      Isn't that totally against their Windows-everywhere philosophy? When they bought up Hotmail, they moved that from FreeBSD to Windows as fast as they could (and then had problems, had to go back to FreeBSD, then got the problems sorted out, probably with a bunch more hardware, and moved to Windows permanently).

      • (Score: 2) by Sir Garlon on Thursday April 24 2014, @07:18PM

        by Sir Garlon (1264) on Thursday April 24 2014, @07:18PM (#35731)

        I said "appliances" not "servers." Things like load balancers, routers, you know, low-level stuff. I'd be surprised if there are Windows versions of everything they need.

        --
        [Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
    • (Score: 2) by HiThere on Thursday April 24 2014, @08:31PM

      by HiThere (866) Subscriber Badge on Thursday April 24 2014, @08:31PM (#35772) Journal

      You give them more credit for honesty and upright behavior than I do. If they say something my first reaction is usually "Now how does this lie benefit them?" It's not always the right reaction, but it's right often enough to have saved me a few times.

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
  • (Score: 2) by frojack on Thursday April 24 2014, @06:32PM

    by frojack (1554) on Thursday April 24 2014, @06:32PM (#35714) Journal

    Microsoft is a MAJOR Linux contributor. They contribute tons of code and patches.

    Most of the stuff Microsoft works on in linux is under one form or other of the GPL, and as such does not find its way into Windows itself.

    Openssl is one of those packages that they may have lifted in its entirety and ported to Windows because Openssl has a BSD style license. (I haven't actually researched this).

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 2, Informative) by bryan on Thursday April 24 2014, @06:44PM

      by bryan (29) <bryan@pipedot.org> on Thursday April 24 2014, @06:44PM (#35720) Homepage Journal

      Nearly all of Microsoft's patches to Linux are from its VM team. They want to improve Windows' ability to run Linux VMs in Microsoft's "cloud" offering.

      • (Score: 3, Insightful) by frojack on Thursday April 24 2014, @07:23PM

        by frojack (1554) on Thursday April 24 2014, @07:23PM (#35735) Journal

        You might be right about that, It appears I was going on year old information:

        http://www.theregister.co.uk/2013/09/16/linux_foun dation_kernel_report_2013/ [theregister.co.uk]

        --
        No, you are mistaken. I've always had this sig.
        • (Score: 0) by Anonymous Coward on Thursday April 24 2014, @07:42PM

          by Anonymous Coward on Thursday April 24 2014, @07:42PM (#35745)

          Next time, do the background fact check FIRST and THEN post the bold controversial comment. I know I'm guilty myself of occasionally doing this backwards...

    • (Score: 2) by Grishnakh on Thursday April 24 2014, @06:57PM

      by Grishnakh (2831) on Thursday April 24 2014, @06:57PM (#35724)

      Microsoft hasn't contributed anything at all to Linux, except for drivers to make it run on their own VM.

      You might be right about them lifting OpenSSL thought.