Heartbleed, which is probably the most serious computer-security threat in recent times, stayed undetected for two years. And now, computer security firm FireEye has found that millions of phones running android apps are still vulnerable, with most Hearbleed detectors available on Google Play being unable to affirm the threat. “For the Android platform, we find that roughly 150M downloads of Android apps contain OpenSSL libraries vulnerable to Heartbleed,” FireEye wrote on their blog .
Tech giants like Amazon.com, Cisco Systems, Facebook, Google, IBM, Intel and Microsoft are among a dozen companies that have agreed to be founders of the group, known as Core Infrastructure Initiative. Each will donate $300,000 to the venture.
The non-profit Linux Foundation announced formation of the group on Thursday. It will support development of open source software that makes up critical parts of the world’s technology infrastructure, but whose developers do not necessarily have adequate funding to support their work, said Jim Zemlin, executive director of the Linux Foundation.
In contrast, up untill now OpenSSL was run by Dr Stephen Henson, and had been recieving only 2,000 dollars in donations per year, as Steve Marquess, President of the OpenSSL Software Foundation, wrote in his blog post where he also calls for the many Fortune 1000 companies who use the OpenSSL code to take note.