The Open Source Technology Improvement Fund is a corporate non-profit organization that connects open-source security projects with much needed funding and logistical support. This core value is driven by public fund-raising and by soliciting donations from corporate and government donors.
Why the OSTIF is important:
Now more than ever, the world realizes the need for strong open-source security software. Because of the lack of a profit motive, open-source programs are woefully underfunded and their resources are lacking, despite their central role in the Internet. This leaves crucial Internet infrastructure susceptible to bugs, poor documentation, poor performance, slow release schedules, and even espionage. Raising money through various funding sources allows the OSTIF to fund and support the most critical open-source projects, with the aim of strengthening the Internet for the world.
How the OSTIF enhances the security of the world:
OSTIF hires professional auditors and organizes communication between application developers and the audit team.
Developers provide code to auditors to evaluate for vulnerabilities.
Auditors supply the developers with the results of the evaluation and assist with fixing/strengthening the code to make the software strong and trustworthy.
The updated code is released to the public and OSTIF begins providing a bug bounty. This allows people from all over the world to have an opportunity to evaluate the code for themselves and find vulnerabilities for rewards.
The developers continue to upgrade and strengthen the software before starting the next audit.
We enhance the worlds security software by providing crucial support and resources to major and noteworthy open-source projects. Success involves a 3 point strategy.
- Bug Bounties – The OSTIF creates bounties that will be paid out to anyone who finds a major security bug in any of our supported projects. These grants incentivize the world to comb through the code of our projects and look for problems, dramatically improving the worlds confidence in the integrity and security of the projects.
- Direct Code Improvements Through Grants – The OSTIF gives grants to worthy projects in order to facilitate code changes to make improvements or upgrades to existing projects, allowing them to advance in quality, features, or proper documentation of code at a much faster pace.
- Professional Audits – The OSTIF gives grants to well-known professionals to audit code and look for bugs, back doors, or other errata. This will add another layer of confidence to the integrity and security of the projects.
Education – The OSTIF builds public knowledge about how to use open-source software to protect their digital privacy and secure their data.
Through these avenues the Open Source Technology Improvement Fund improves the critical security infrastructure of the Internet and be a force for strong security and privacy in the world.