1. Computing

Mozilla launches new fund to help keep open-source software secure

By

mozilla apple google microsoft lawsuit headquarters
The Mozilla Foundation has launched the Secure Open Source (SOS) Fund to help fund audits of open-source software.

SOS, which is part of the Mozilla Open Source Support (MOSS) program, is making $500,000 available to open-source software makers to ensure that their work is clear of any bugs, and to avoid a repeat of Heartbleed or Shellshock.

“The SOS Fund will provide security auditing, remediation, and verification for key open-source software projects,” said Chris Riley, head of public policy at Mozilla. The fund is starting at half a million dollars but the Mozilla Foundation is encouraging companies and government to put money forward to fund software security research.

The SOS Fund will work in three stages. Mozilla with enlist and pay for the services of security firms to carry out audits on other people’s code. After the audit is completed Mozilla will work with the code creator to implement the fixes. And Mozilla will pay for this remediation to be verified to ensure that all bugs have been fixed thoroughly.

This process has already been carried out on three different open-source software projects to identify vulnerabilities. “In those audits we uncovered and addressed a total of 43 bugs, including one critical vulnerability and two issues with a widely used image file format,” said Riley. “These initial results confirm our investment hypothesis, and we’re excited to learn more as we open for applications.” Applications for funding are open now.

Open-source software relies on collaboration and user involvement to identify and act on bugs. This has become more and more important as open source has become the norm compared to several years ago. However a robust security audit still costs money, and for many smaller software developers this can be prohibitively expensive. For these developers, Mozilla’s new fund will be welcome news but the fund will need more backers in the future to keep it alive and available to a wide audience of software creators.

Editors' Recommendations

The best console emulators (NES, SNES, Genesis, and more)

Want to browse the web privately? Here’s how to do it for real

how to browse the web privately anonymous header

How to install Kodi on your iPhone or iPad

re engineer humanity evan selinger interview caucasian woman using cell phone in bed

Annoying Google Pixel 4 problems and how to fix them

pixel 4 front and back design

How to care for your laptop’s battery and extend its life

has laptop battery life really improved improvment macro

These are the best laser printer deals for November 2020

brother dcp l250dw laser printer amazon deal monochrome

How to change your language in Google Chrome

Best graphics card for video editing

These are the best cheap Chromebook deals for November 2020

The best USB-C cables for 2020

How to create and set custom ringtones for your Android phone

The best cheap Razer deals for November 2020: Laptops, monitors, and more

Razer Blade 15 Advanced

How to send a text message from your email account

how to send a text from your email account

The best cheap HP laptop deals for November 2020

The best photo printers for 2020