Quote
Dealing with Bitcoin's infrastructure code rot
I was recently on a startup panel at Inside Bitcoins in NYC. There, I noted my concern that there was some rot forming in the open source side of the Bitcoin world. The observation was that there has been a lot of funding for startups (in the tens or perhaps hundreds of millions), and at the same time, a lot of the Bitcoin open source projects were faltering, not being actively maintained, and really having a hard time securing funding.
I got the impression my warnings seemed a little odd when I mentioned this, so in a weird twist on what became every sysadmin's nightmare for a few weeks, I felt pretty validated when not more than 8 hours later, OpenSSL Heartbleed broke out. OpenSSL is a similar story - it's a very old open source project that a lot of people depend on, and has fallen into disrepair due to lack of funding and support. The incredibly talented OpenBSD team has recently forked OpenSSL into a separate project called LibreSSL, and are working to clean up the mess that is OpenSSL (you can see a chronicle of the madness here). And despite the fact that OpenBSD is working on this (and other incredibly important contributions like OpenSSH), they too are having similar problems raising funding to work on these projects. Open Source can be a pretty tough world sometimes, unfortunately. But we all continue to work on it, in our own way, because we believe in it. We believe that this is the best way to write useful software that people can really trust, and in the process help everyone in the community.....
I was recently on a startup panel at Inside Bitcoins in NYC. There, I noted my concern that there was some rot forming in the open source side of the Bitcoin world. The observation was that there has been a lot of funding for startups (in the tens or perhaps hundreds of millions), and at the same time, a lot of the Bitcoin open source projects were faltering, not being actively maintained, and really having a hard time securing funding.
I got the impression my warnings seemed a little odd when I mentioned this, so in a weird twist on what became every sysadmin's nightmare for a few weeks, I felt pretty validated when not more than 8 hours later, OpenSSL Heartbleed broke out. OpenSSL is a similar story - it's a very old open source project that a lot of people depend on, and has fallen into disrepair due to lack of funding and support. The incredibly talented OpenBSD team has recently forked OpenSSL into a separate project called LibreSSL, and are working to clean up the mess that is OpenSSL (you can see a chronicle of the madness here). And despite the fact that OpenBSD is working on this (and other incredibly important contributions like OpenSSH), they too are having similar problems raising funding to work on these projects. Open Source can be a pretty tough world sometimes, unfortunately. But we all continue to work on it, in our own way, because we believe in it. We believe that this is the best way to write useful software that people can really trust, and in the process help everyone in the community.....
http://blog.coinpunk.com/?id=allshipsrising#allshipsrising