Google software engineers are looking into ways of eliminating memory management-related bugs from Chrome.
As I’ve said before, I’m working on a book about lifetimes. Or maybe it’s just a long series - I haven’t decided the specifics yet. Like every one of my series/book things, it’s long, and it starts...
In this guest blog, Zhenpeng Lin details the three-month evaluation he performed of AUTOSLAB during a research internship with Open Source Security, Inc. AUTOSLAB is a compiler-plugin-enhanced feature of grsecurity introduced in 2020 that provides some interesting security and debug properties. The evaluation covers the completeness of AUTOSLAB's approach, how exploitation is changed, and how it affects performance.
Caddy-SSH is a general-purpose, memory-safe SSH server built in Go
The essence of software engineering is making trade-offs, and sometimesengineers even trade away security for other priorities. When it comes torunning untrusted code from unknown sources, however, exceptionally strongsecurity is simply ...
Rust, not related to the video game also called Rust, is a promising systems programming language with novel features ideally suited for game development. Exposure and awareness within the game developer community, however, remains limited. In this post, I provide a gentle introduction to Rust and attempt to justify its place on your radar.
Note: I am cross-posting this article to my personal blog. The original ison the Bytecode Allianceblog.
This is a list of materials (documents, services, and so on) released by the Open Source Security Foundation (OpenSSF) Best Practices Working Group (WG).