Ask HN: What has happend to the Core Infrastructure Initiative?
When Heartbleed was disclosed in 2014 the industry woke up and noted that a lot of the Internet relies on old, unreviewed, and buggy code.
The Core Infrastructure Initiative was founded to fund audits and improvements to core open source components.
Looking at it 7 years later, not much seems to have happened.
The last announcement on https://www.coreinfrastructure.org/news/ is 3 years old and pretty vague.
The "full list of grants" linked to on https://www.coreinfrastructure.org/faq/ returns HTTP 404.
The Open Crypto Audit Project is said to have received a grant to audit the openssl code, but their home page https://opencryptoaudit.org/ has not been updated for 6 years and no results of the openssl audit are shown (if it ever happened).
Do we need the next heartbleed until the industry wakes up again for a short moment?
0 comments
[ 3.4 ms ] story [ 10.5 ms ] threadNo comments yet.