Google could easily throw a pile of engineers at fixing OpenSSL, but it’d never be in their interest to do it, because they’d be handing Facebook and LinkedIn and Amazon a pile of free money in unspent remediation costs

This is a strange thing to say, in light of the fact that it was a Google engineer who found heartbleed. Not to mention boringssl.