OpenSSL and Linux: A Tale of Two Open-Source Projects

The Heartbleed bug has cast a bright and not entirely flattering light on the open-source movement’s incentive model. When a crucial and ubiquitous piece of security code like OpenSSL — left vulnerable for two years by the Heartbleed flaw — can be accessed by all the world’s programming muscle, but only has one full-time developer and generates less than $ 2,000 in donations a year, clearly something is amiss. But then there’s Linux.
LXer Linux News