Mozilla launches US$ 500,000 fund to make open source secure
With the aim of enhancing security within the open source software world, Mozilla has announced the launch of its Secure Open Source (SOS) Fund. This is part of the Mozilla Open Source Support programme and has initial funding of US$ 500,000.
Mozilla aims to use the SOS Fund to cover audits of some popular open source libraries and programs. Additionally, it is expecting participation from companies and governments worldwide to take open source security to new levels.
“From Google and Microsoft to the United Nations, open source code is now tightly woven into the fabric of the software that powers the world,” Chris Riley, head of public policy, Mozilla, wrote in a blog post. “Indeed, much of the Internet – including the network infrastructure that supports it – runs using open source technologies. As the Internet moves from connecting browsers to connecting devices (cars and medical equipment), software security becomes a life and death consideration,” Riley’s post went on to add.
Under the new fund, Mozilla will contract with professional security firms to audit project codes. The browser maker will also jointly work with project t maintainers to support and implement fixes as well as manage disclosure.
To encourage secure practices to protect open source solutions in the market, the company is set to pay for the remediation work directly through the fund.
Riley says that Mozilla has already tested the newly designed process for securing open source. The company addressed a total of 43 bugs in three different pieces of open source software, indicating the potential scope and success of such a development.
Mozilla’s move to launch a special fund to secure open source is certainly vital for the software industry.