[Cryptography] Apple and OpenSSL

tpb-crypto at laposte.net tpb-crypto at laposte.net
Tue Apr 22 16:15:54 EDT 2014 

> Message du 22/04/14 21:55
> De : "Marshall Clow" 
> 
> On Apr 21, 2014, at 7:34 AM, tpb-crypto at laposte.net wrote:
> 
> >> Message du 19/04/14 07:14
> >> De : "Ben Laurie" 
> >> 
> >> On 19 April 2014 01:35, Jerry Leichter wrote:
> >>> Be aware that this is a strongly pro-Apple site, and that comes through plainly in the article. Still, it's an interesting history of how one company has been dealing with the issue of crypto software.
> >>> 
> >>> http://appleinsider.com/articles/14/04/18/how-apple-dodged-the-heartbleed-bullet
> >> 
> >> "Building its own security software meant that Apple and its
> >> developers were no longer captive to the external development issues
> >> and eccentricities related to the OpenSSL open source project, which
> >> despite its critical importance and broad use by the industry, was
> >> being funded through donations and was, incredibly, maintained by a
> >> very small team of just four core developers."
> >> 
> >> "Incredible". How could Apple have possibly helped with that? I can't imagine.
> >> 
> > 
> > Apple executives think that any help they give to the open source community will help their competitors to get an edge over Apple. Yet Apple executives don't have qualms to get the competitors' collaborative work and put in their products.
> > 
> > Much like it happened in the 80's, now the only way Apple will go is down.
> > 
> > In an environment where collaboration is fundamental, free riders will inevitably be left alone to die.
> 
> http://www.llvm.org
> 
> Apple has 10s of people working on it, and most (I believe) of their output goes into the open source repo.
> And this has been true for several years.
> 

LLVM is still a drop in the ocean and was created to compete with other popular open source solutions. How about Apple funding projects? Putting a few employees to it is not the only thing that makes Open Source prosper.

Why does Apple puts its "money" on an Open Source project that offers much less cross-platform compatibility than other Open Source alternatives? I'm sure FSF would love some Apple money to pay devs for GCC ... but that is used by Apple competitors too. That is a no, no, no to Apple.

How many donations Apple offered to keep FreeBSD - which it sucked whole to create its MacOS?

More information about the cryptography mailing list