The Complete Magazine on Open Source

Linux Foundation invests in securing open source projects

/ 1481 0

open source project security

The Linux Foundation has extended its Core Infrastructure Initiative (CII) to help developers to continue contributing towards critical security improvements of the open source projects. The latest grant actively is aimed at helping developers working on Debian GNU/Linux and FreeBSD.

To ensure that binaries of major open source projects are temper-free, the CII has renewed its financial support for the Reproducible Builds Project. The initiative helps developers with best practices to ensure binaries generated by compilation are identical and compatible with open source code that is used to build it.

“Support from CII will allow us to expand our efforts to work on longer-term commitments such as upstream patches requiring significant technical and time investment, as well as work on the infrastructure required to make Reproducible Builds both meaningful and approachable for end-users,” said Debian developer Chris Lamb, who is one of the beneficiaries of the grant.

Reproducible Builds ensure the verification of such flaws that may have been introduced during the compilation process. This prevents the installation of backdoor introducing malware on machines.

This is not the first time when the Linux Foundation has stepped up to support developers and improve the security of open source projects. In fact, the CII has funded many open source contributors for their efforts. Levsen and Jeremy Bobbio were supported by the initiative last year. Both the developers helped in eliminating unnecessary variations from guid processes of free software projects.

Apart from the Linux Foundation, a large number of global organisations like, Amazon Web Services, Intel, Microsoft, Facebook, Dell, Google, HP, IBM, RockSpace, Salesforce and VMware, are supporting the CII.