Open source security software projects are plagued with a manpower issue. This is because open-source software fills a critical role in the world’s data security, but the nature of all of the source code being readily available makes it open to copying, which removes the profit motive. Software firms will not devote significant resources to projects that cannot make them money.
This leads to the issues that most savvy people think of when they think of open-source software. Your mind immediately goes to underfunded projects with limited resources and a tiny staff getting a project into a “barely works” state and maintaining that low bar of functionality. You think of limited features, slow development, bugs, and bad user interfaces making the software unfriendly to all but the most technically trained user. You think of software that simply isn’t worth your time or trouble.
Funding a full time staff is the real solution to this problem. Crowdsourcing funding and granting it to these projects helps them improve faster and take on real issues like usability instead of basic functionality being the apex of what they can accomplish.
The OSTIF funds projects on a results-oriented basis. The goal is to take long standing issues and finally resolve them, or to devote more resources to developing new features. The grants will be given out on the condition that new staff will be hired, or existing staff will devote greater time to the project, and milestones will be reached to attain continued funding. The specifics of these contracts are transparent and posted publicly in our Transparency blog.