MELISSA BLOCK, HOST:
And now to the issue of cyber security. Google, Intel, Facebook and many other tech giants are pooling their money together, for the first time, to fix a glaring hole. Today, they're launching a new multimillion-dollar fund to protect open source code. It's the code that anyone can use for free and that often gets overused and under-protected.
From member station KQED in San Francisco, Aarti Shahani has this report.
AARTI SHAHANI, BYLINE: A recent crisis known as the Heartbleed bug was a wake-up call to tech companies. And this new fund is an admission of guilt.
CHRIS DIBONA: I think we got a little too comfortable as a community of software developers. And we shouldn't be.
SHAHANI: Chris DiBona is director of open source at Google.
DIBONA: We should really pay way more attention to the quality of our security software and of these core bits.
SHAHANI: Open source software is core to the business of many high-tech firms. But for years and years, they've been using it for free. Take OpenSSL, the code that got hit by the Heartbleed bug. The majority of websites, from the Fortune 500s to the moms-and-pops, use OpenSSL to send encrypted data safely between users and servers. But Google and others put zero dollars into the maintenance and upkeep of the software. The goal now is to come together...
DIBONA: And try to root out these problems before they become problems of the scale of Heartbleed, and other holes that are probably lurking out there in the software we all depend on.
SHAHANI: Open source is getting more popular. And companies are seeing that when software gets reviewed and edited by many eyeballs, it can be a lot stronger than private, proprietary code. One of the best-funded open source projects in the world is Linux. Jim Zemlin is the executive director of the Linux Foundation, and he put in the phone calls to make this new fund happen.
JIM ZEMLIN: It was inspired by Winston Churchill, who said: Never let a good crisis go to waste.
SHAHANI: This pledge of relief money is kind of like when nation-states get together after a tsunami or hurricane and each puts in a little bit.
ZEMLIN: Each of the companies is contributing $100,000 per year, with a minimum three-year commitment, so it's a long-term commitment, at least long term in technology scale.
SHAHANI: Zemlin says the foundation will make sure the money goes to the collective good and not just one company's bottom line. For NPR News, I'm Aarti Shahani in San Francisco.
NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.