Microsoft, Facebook, Google and others have formed the Core Infrastructure Initiative which is a multi-million dollar project that is aimed to fund open source projects that are in the critical path for core computing functions. They want to prevent events such as the recent Heartbleed OpenSSL crisis. Read more about it below. What is the Core Infrastructure Initiative? The Core Infrastructure Initiative is a multi-million dollar project to fund and support critical elements of the global information infrastructure. It is organized by The Linux Foundation and supported by Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, RackSpace, and VMware. CII enables technology companies to collaboratively identify and fund open source projects that are in need of assistance, while allowing the developers to continue their work under the community norms that have made open source so successful. The first project under consideration to recieve funds from the Initiative will be OpenSSL, which ...

Read More →

The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. Popular internet services like Yahoo Mail, Yahoo Messenger and many others are affected by this bug. Microsoft today confirmed that Microsoft Account and Microsoft Azure, along with most Microsoft Services, were not impacted by the OpenSSL vulnerability. The Heartbleed vulnerability in OpenSSL (CVE-2014-0160) has received a significant amount of attention recently.  While the discovered issue is specific to OpenSSL, many customers are wondering whether this affects Microsoft’s offerings, specifically Microsoft Azure. Microsoft Account and Microsoft Azure, along with most Microsoft Services, were not impacted by the OpenSSL vulnerability. Windows’ implementation of SSL/TLS was also not impacted. Microsoft Azure Web Sites, Microsoft Azure Pack Web Sites and Microsoft Azure Web Roles do not use OpenSSL to terminate SSL ...

Read More →