Rustls Looks to Provide a Memory-Safe Replacement for OpenSSL

Source: thenewstack.io

Rustls Looks to Provide a Memory-Safe Replacement for OpenSSL

Category: Microsoft, android

OpenSSL, as with many systems-level applications, is written primarily in C, and a big part of the issue at hand is that languages such as C and C++ are not memory safe, which can lead to security vulnerabilities. In 2019, for example, Microsoft disclosed that nearly 70% of all security vulnerabilities in their products were a result of memory safety issues. In the case of OpenSSL, there have been many vulnerabilities due to memory safety issues; the Heartbleed bug is just one such infamous vulnerability.

Already, ISRG has replaced OpenSSL with Rustls in the Apache HTTP Server and Curl, and now the organization is working to further that movement. Another big issue is that the API that’s used with OpenSSL is very complicated, so people using open SSL tend to make mistakes in their implementation because of how confusing and complicated the OpenSSL API is,” said Aas.
Read Full Article On thenewstack.io
Achieve superior email deliverability with ToastMail! Our AI-driven tool warms up inboxes, monitors reputation, and ensures emails reach their intended destination. Sign up today for a spam-free future.

Related Articles

Remediating the October 2018 Git Security Vulnerability – Microsoft DevOps Blog
Remediating the October 2018 Git Security Vulnerability – Microsoft DevOps Blog
Microsoft Puts Upgrade Plan in DevOps Motion
Microsoft Puts Upgrade Plan in DevOps Motion
Getting started with Universal Packages – Microsoft DevOps Blog
Getting started with Universal Packages – Microsoft DevOps Blog
Community Partners
CrowdSec
Autonomous.ai | Best Standing Desks & Ergonomic Office Chairs

Scala Hosting

Mailjet

Become a Partner?
DevOps Careers
    • Add a Job?