Founder of Have I Been Pwned? (HIBP) Troy Hunt announced that after a series of unsuccessful attempts to sell the project, about which he told this spring, he decided to open its source code.
Let me remind you that HIBP, founded in 2013, is a service for verifying credentials for compromise. Collecting information about various data breaches, Troy Hunt created a unique database, the services and API of which are currently used by many sites and software (including Firefox and LastPass) in order to promptly notify their customers of a possible compromise.
Hunt writesthat over the past years he has invested a lot of effort, time and resources into the project, but he cannot continue to develop HIBP on his own and then he can no longer. According to him, the community's contribution to the development of Have I Been Pwned has always been considerable, and recently it has only increased.
“Every byte of data loaded into the system in recent years has been provided free of charge by someone who has decided to improve the security landscape for all of us,” writes Troy Hunt. – The philosophy of HIBP has always been to support the community, and now I want the community to support HIBP. Open source is the most obvious way to do this. All the essential elements of HIBP will be put into the hands of people who can help maintain the service, no matter what happens to me. "
The process of moving to an open source model promises to be not the easiest, so Hunt says it will take some time, and has not named any specific timeline yet.
“In addition, there is also an aspect of privacy: among these leaks there is my personal data, and probably yours too, because billions of people have already suffered from data leaks. Regardless of how widely this information circulates, I still have to ensure confidentiality control for the very data on leaks, even if the project's code base becomes more transparent, ”the expert sums up.