tldrdaily.news logo
Tag

Memory Safety

All articles tagged with #memory safety

WhatsApp Scales Up Security with Rust-Powered Media Checks
security1 month ago

WhatsApp Scales Up Security with Rust-Powered Media Checks

WhatsApp deployed a Rust-based media library across billions of devices, replacing 160k lines of C++ with 90k lines of Rust to boost memory-safety and performance. Sparked by the Stagefright vulnerability, the rollout used fuzzing and tests to ensure compatibility, and introduced Kaleidoscope checks to flag dangerous, non-conformant, or spoofed files. The effort spans Android, iOS, Mac, Web, wearables, and more—the largest Rust deployment on client-side platforms—and signals broader Rust adoption for defense-in-depth security.

via Engineering at Meta|
#kaleidoscope#memory-safety#rust
Introducing TrapC: A Memory-Safe Fork of C to Combat Software Vulnerabilities
technology1 year ago

Introducing TrapC: A Memory-Safe Fork of C to Combat Software Vulnerabilities

Robin Rowe, a former computer science professor, has announced TrapC, a memory-safe fork of the C programming language, aimed at eliminating memory safety bugs like segfaults and buffer overruns. TrapC maintains compatibility with C's application binary interface (ABI) and is designed to be safer and easier to learn than Rust. The TrapC compiler is expected to be released as open source in 2025, with Rowe's startup, Trasec, supporting its development. This initiative addresses the national security concern over memory safety vulnerabilities in C and C++.

via The Register|
#c-programming#memory-safety#open-source
US Pushes for Transition to Memory-Safe Programming Languages by 2026
technology1 year ago

US Pushes for Transition to Memory-Safe Programming Languages by 2026

The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are urging software developers to transition from memory-unsafe languages like C and C++ to safer alternatives such as Rust, Java, and Python, due to the high risk of security vulnerabilities. Despite the push, the transition is challenging due to the complexity of converting existing codebases, potential performance slowdowns, and the cost of new tools. While CISA emphasizes the long-term security benefits, the shift is expected to be slow, with significant changes unlikely before the 2030s.

via The Register|
#c#cisa#memory-safety
"Rust: The Secure Solution for Software Development, Say Five Eyes Agencies"
technology2 years ago

"Rust: The Secure Solution for Software Development, Say Five Eyes Agencies"

The US Cybersecurity and Infrastructure Agency (CISA) is urging business and technical leaders to prioritize memory safety in software development, as memory safety errors often lead to significant damage. CISA, along with other cyber security authorities, is calling on software manufacturers to implement memory safe languages (MSLs) and create memory safe roadmaps to eliminate vulnerabilities. The move comes after a year of criticism towards C/C++ and praise for memory safe languages like Rust. Microsoft has committed $10 million to Rust tooling, and CISA advises organizations to move away from C/C++ due to the prevalence of memory safety vulnerabilities, even with training. CISA suggests using languages like C#, Go, Java, Python, Rust, and Swift for memory safe code.

via The Register|
#cc#cisa#memory-safety
Sudo and su utilities rewritten in Rust for Unix-like systems.
technology2 years ago

Sudo and su utilities rewritten in Rust for Unix-like systems.

Two core Unix-like utilities, sudo and su, are being rewritten in Rust by a joint team from Ferrous Systems and Tweede Golf, with support from Amazon Web Services, as part of a wider effort to replace critical but aging infrastructure pieces with memory-safe counterparts. The team believes that sudo, which was first developed in the 1980s and is written in C, has experienced many vulnerabilities related to memory safety issues. The project's work plan and milestones are posted, and you can track the work on GitHub.

via Ars Technica|
#memory-safety#rust#su
Microsoft Implements Memory-safe Rust for Core Windows Code Rewrite
technology2 years ago

Microsoft Implements Memory-safe Rust for Core Windows Code Rewrite

Microsoft is rewriting core Windows libraries in Rust programming language to catch and squash memory safety bugs before the code lands in the hands of users. Rust is focused on memory safety and similar protections, which reduces the number of bad bugs in the resulting code. Rust is already being used by Google and Microsoft is planning to have Windows booting with Rust in the kernel in the next several weeks or months.

via Slashdot|
#memory-safety#microsoft#programming-language
Microsoft enhances Windows security and performance with Rust.
technology2 years ago

Microsoft enhances Windows security and performance with Rust.

Microsoft is rewriting core Windows libraries in Rust programming language to catch and squash memory safety bugs before the code lands in the hands of users. Rust is focused on memory safety and similar protections, which cuts down on the number of bad bugs in the resulting code. The Rust renovation of Windows began in 2020 with DWriteCore, and now the latest version of Windows 11 boots with the Rust version. Microsoft's adoration of Rust does have limits, but even qualified support from Microsoft is making Rust more capable through code contributions, and that benefits the entire open source community.

via The Register|
#memory-safety#microsoft#programming-language