OpenSSL and Linux: A Tale of Two Open-Source Projects

49

The Heartbleed bug has cast a bright and not entirely flattering light on the open-source movement’s incentive model.

When a crucial and ubiquitous piece of security code like OpenSSL — left vulnerable for two years by the Heartbleed flaw — can be accessed by all the world’s programming muscle, but only has one full-time developer and generates less than $2,000 in donations a year, clearly something is amiss.

But then there’s Linux.

Read more at New York Times Bits Blog.