Evidently big companies love free software too. And, apparently have no interest in donating to it.
From what I can tell; openSSL is as solid as most of what’s out there. It’s not uncommon for sites ond/or ecosystems to be compromised. It happens. What’s really needed is competition with openSSL. It shouldn’t be a single point of failure. This is modern procedure for you. Trust, take advantage and blame.
Despite its critical role in Internet security, the software is written and maintained largely by Laurie and three other people who live in Europe, as well as a few contributors. Together, they earned less than $1 million last year for their work on OpenSSL from a mix of contract work and donations, said Steve Marquess, president of OpenSSL Software Foundation, which raises money for the programmers.
1 million dollars between 4 people… that isnt a small sum.
That’s not how it works. That’s just the people who review the committed code. The funding has to provide infrastructure for the entire process. I doubt that it’s just paychecks for a hand full of people writing code.