Skip to main content
  1. Home
  2. Computing
  3. News

OpenSSL Foundation president asks for more financial support in the wake of Heartbleed

Konrad Krawczyk
By
openssl foundation president asks financial support wake heartbleed bleeding heart 2
Image used with permission by copyright holder

If the organizations, companies, and governments that employ OpenSSL with their websites want to ensure that their sites stay secure from future threats like Heartbleed down the line, Steve Marquess, the president of the OpenSSL Software Foundation, asks that the entities which use OpenSSL donate more money towards its operations, the LA Times reports. Marquess made the case for additional funding in this blog post.

“While OpenSSL does ‘belong to the people’ it is neither realistic nor appropriate to expect that a few hundred, or even a few thousand, individuals provide all the financial support,” Marquess wrote. “The ones who should be contributing real resources are the commercial companies and governments who use OpenSSL extensively and take it for granted.”

Recommended Videos

Marquess specifically took members of the Fortune 1000, list to task in his note.

“I’m looking at you, Fortune 1000 companies. The ones who include OpenSSL in your firewall/appliance/cloud/financial/security products that you sell for profit, and/or who use it to secure your internal infrastructure and communications. The ones who don’t have to fund an in-house team of programmers to wrangle crypto code, and who then nag us for free consulting services when you can’t figure out how to use it. The ones who have never lifted a finger to contribute to the open source community that gave you this gift. You know who you are.”

Marquess also names the U.S. Department of Defense in his note as an agency that could provide additional funding, calling an investment in OpenSSL a “no-brainer.”

MORE: How to check if your favorite website is vulnerable to Heartbleed

OpenSSL is a data encryption method employed by many websites that safeguard the data you type into your Web browser. OpenSSL contains a function known as a heartbeat option. While a person is visiting a website that encrypts data using OpenSSL, his or her computer periodically sends and receives messages to check whether both his PC and the server on the other end are both still connected, following a pattern similar to a heartbeat. The Heartbleed bug means hackers can send fake heartbeat messages, which can trick a site’s server into relaying data that’s stored in its RAM — including sensitive information such as usernames, passwords, credit card numbers, emails, and more. This web comic also explains how Heartbleed works.

According to Marquess, the OpenSSL Foundation only pulls in about $2,000 per year in donations, with the rest of its funding coming in via support contracts it honors, where part-time technicians assist clients with problems that are specific to them. Overall, the OpenSSL Foundation has never surpassed $1 million in annual funding. On top of that, then OpenSSL is understaffed, according to Marquess, with the entire team consisting of a single full-time staff member, and a handful of part-timers.

Topics
Konrad Krawczyk
Konrad Krawczyk
Former Digital Trends Contributor
Konrad covers desktops, laptops, tablets, sports tech and subjects in between for Digital Trends. Prior to joining DT, he…
In 2024, there’s no contest between DLSS and FSR
Ratchet and Clank Rift Apart on the Samsung Odyssey OLED G8.

In modern PC games, you have the difficult decision between Nvidia's Deep Learning Super Sampling (DLSS) and AMD's FidelityFX Super Resolution (FSR). Both are upscaling tools that promise higher frame rates while using the best graphics cards, but there are some key differences between them.

I've been testing DLSS and FSR for years across dozens of games. Choosing between them isn't easy, but after closely examining the two upscalers so many times, there's a clear winner between them.
FSR vs. DLSS: What's the difference?

Read more
10 best gaming monitors of 2024: tested and reviewed
An OLED demo running on the MSI MPG321URX.

There are a ton of options if you are on the hunt for one of the best gaming monitors, but for us, Alienware's 34 QD-OLED still takes the cake in 2024. It's not the display for everyone, though, and after reviewing dozens of the top gaming monitors, we've settled on a list of displays that offer great gaming performance for any budget or purpose.

We're focused specifically on gaming monitors here, which come with higher refresh rates and adaptive sync features like G-Sync and FreeSync. If you're looking for an all-around display, make sure to browse our list of the best monitors.

Read more
How to type an em dash in Windows
Overhead view of someone typing on a surface laptop.

The em dash is a supremely useful (and fashionable) piece of punctuation used in writing and editing, often in place of a comma, colon, or parenthesis. While you might want to utilize it to make your grammar look fancy, the symbol on a computer can be a little challenging to access if you don’t know how, especially on the Windows operating system.

Fortunately, there are several methods available to insert the em dash punctuation into your text. Check out the following tips to learn how to become more familiar with the em dash on your computer.
Keyboard
The em dash keyboard shortcut is one of the easier methods to access the punctuation. Though it might take a little bit of getting used to, once you master it ,you’ll be an em dash typing master. Turn on Number Lock by pressing the NumLock key on the upper number row of your keyboard. Then hold the Alt key and type the sequence 0151 on the numeric keypad of your keyboard. Release the Alt key and the em dash will appear.

Read more