AV1 is an increasingly important video format and it needs a memory safe, high performance decoder. We worked with the team at Immunant to develop rav1d. Performance is critical in this context, so we've asked Stephen Crane, CTO of Immunant, to explain their efforts in achieving performance parity. If you'd like to dig deeper, check out our recent blog post about how we ported the C AV1 decoder to Rust. Josh Aas, Head of ISRG's Prossimo project rav1d is a port of the high performance dav1d AV...| Prossimo
In March of 2023 we announced that we were starting work on a safer high performance AV1 decoder called rav1d, written in Rust. We partnered with Immunant to do the engineering work. By September of 2024 rav1d was basically complete and we learned a lot during the process. Today rav1d works well—it passes all the same tests as the dav1d decoder it is based on, which is written in C. It’s possible to build and run Chromium with it.| Prossimo
AV1 is an increasingly important video format and it needs a memory safe, high performance decoder. We worked with the team at Immunant to develop rav1d, a Rust-based port of dav1d, a C decoder. This is the first of two blog posts about how the team approached this effort. Josh Aas, Head of ISRG's Prossimo project Complex data parsing is one of the most security-critical operations in modern software. Browsers must decode untrusted audio and video inputs encoded with extremely complicated for...| www.memorysafety.org
Securing the Web: Rustls on track to outperform OpenSSL Prossimo is funding the development of Rustls, a high-quality TLS implementation written in Rust, with the aim of replacing less safe alternatives such as OpenSSL. This article goes into recent developments in performance tracking for Rustls and provides a performance comparison between Rustls 0.22.0 and OpenSSL 3.2.0 - the latest releases of both projects at the time of writing. Our investment in benchmarking has helped confirm that Rus...| www.memorysafety.org
The sudo utility represents a critical privilege boundary, so it should be memory safe. We rewrote it in Rust with partners at Tweede golf and Ferrous Systems. Ruben Nijveld from the Tweede golf team offers his perspective here on one of the greatest challenges we faced when developing software that can be widely adopted: Rust crate dependencies. Josh Aas, Head of ISRG's Prossimo project When sudo-rs development started, we added several dependencies using Rust's crates ecosystem to quickly r...| Prossimo
As of today, the Rustls TLS library is using AWS Libcrypto for Rust (aws-lc-rs) for cryptography by default, with the option to enable FIPS support. This removes a major roadblock for safer TLS in many organizations. Over the past couple of years it became clear to us that in order to bring the best possible version of Rustls to a wider audience, we would need to make changes to the cryptographic support offered.| Prossimo
Memory safety is a property of some programming languages that prevents programmers from introducing certain types of bugs related to how memory is used. Since memory safety bugs are often security issues, memory safe languages are more secure than languages that are not memory safe. Memory safe languages include Rust, Go, C#, Java, Swift, Python, and JavaScript. Languages that are not memory safe include C, C++, and assembly. Types of Memory Safety Bugs To begin understanding memory safety b...| Prossimo
Support for using Rust in the Linux Kernel was recently merged by Linus Torvalds. This is important because Rust is memory safe, meaning that code written in Rust does not suffer from things like buffer overflows, use-after-free, and other memory management vulnerabilities that plague software written in unsafe languages like C and C++. Being able to use Rust in the Linux kernel is an incredible milestone on the road to a more secure future for the Internet and everything else that depends he...| www.memorysafety.org
Who We Are Prossimo is an Internet Security Research Group (ISRG) project. ISRG couldn't do it alone though. We have a strong community of developers, maintainers, advisors, and funders helping us out! Goals Our first goal is to move the Internet's security-sensitive software infrastructure to memory safe code. Many of the most critical software vulnerabilities are memory safety issues in C and C++ code. While there are ways to reduce the risk, including fuzzing and static analysis, such miti...| Prossimo