How to secure critical open-source code against memory safety exploits by automating code hardening at scale| Institute for Progress
The views expressed in Shorenstein Center Discussion Papers are those of the author(s) and do not necessarily reflect those of Harvard Kennedy School, Harvard University or the organizations and institutions with whom the authors are affiliated. Discussion Papers have not undergone formal review and approval. Such papers are included in this series to elicit feedback …| Shorenstein Center
It's memory-safe, with a few caveats| www.theregister.com
Bjarne Stroustrup says standards committee needs to show it can respond to memory safety push| www.theregister.com
Protecting devices from malicious use is often a cat-and-mouse game between security researchers identifying software vulnerabilities (CVEs) and product-makers patching them before attackers can exploit them. As a result, devices can no longer be developed, shipped and forgotten. Instead, manufacturers must commit to keeping those devices up to date and free from critical vulnerabilities for …| www.thegoodpenguin.co.uk
Someone was giving away stickers reading “Somebody Should Do Something” at the WG21 C++ Standardization meeting held in Wrocław last week, and it makes for a pretty good tagline for that meeting.| cor3ntin.github.io
Technical writeups by Meta’s Security folks, including Red Team.| Meta Red Team X
Who We Are Prossimo is an Internet Security Research Group (ISRG) project. ISRG couldn't do it alone though. We have a strong community of developers, maintainers, advisors, and funders helping us out! Goals Our first goal is to move the Internet's security-sensitive software infrastructure to memory safe code. Many of the most critical software vulnerabilities are memory safety issues in C and C++ code. While there are ways to reduce the risk, including fuzzing and static analysis, such miti...| Prossimo