MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
code
Search

Eliminating Memory Safety Vulnerabilities at the Source (Google Security Blog)

Thursday September 26, 2024. 08:58 AM , from LWN.net
Here's a
post on the Google Security Blog on how switching to a memory-safe
language can quickly reduce vulnerabilities in a project, even if a large
body of older code persists.

This leads to two important takeaways:

The problem is overwhelmingly with new code, necessitating a
fundamental change in how we develop code.
Code matures and gets safer with time, exponentially, making the
returns on investments like rewrites diminish over time as code gets
older.

For example, based on the average vulnerability lifetimes, 5-year-old code
has a 3.4x (using lifetimes from the study) to 7.4x (using lifetimes
observed in Android and Chromium) lower vulnerability density than new
code.
Read more at LWN.net
https://lwn.net/Articles/991775/

Related News

code Google brings better bricking to Androids, to curtail crims TheRegisterOct 8
security Fintech OpenBB Aims To Be More Than an 'Open Source Bloomberg Terminal' SlashdotOct 8
lifetimes Epic judge orders Google to let rivals set up app stores TheRegisterOct 8
blog Google vows to fight Epic Games court ruling to protect Android’s open platform and user choice BetaNewsOct 8
google Google must crack open Android for third-party stores, rules Epic judge OS NewsOct 7
vulnerabilities Google Ordered To Make Sweeping Changes, Open Android App Store To Rivals SlashdotOct 7
older Google Testing a Version of Chrome for Android With Extensions Support SlashdotOct 7
eliminating Security updates for Monday LWN.netOct 7
vulnerability Google's Grip on Search Slips as TikTok and AI Startup Mount Challenge SlashdotOct 7
using Open source isn’t going to save AI InfoWorldOct 7
time Google removes Kaspersky apps from its store BetaNewsOct 7
gets Google Starts Adding Anti-Theft Locking Features to Android Phones SlashdotOct 6
source iOS and Android Security Scare: Two Apps Found Supporting 'Pig Butchering' Scheme SlashdotOct 6
memory Windows Security vs. Microsoft Defender: Important differences you should know PC WorldOct 5
how People Are Using Google Study Software To Make AI Podcasts SlashdotOct 5
code Google Vows To Stop Linking To New Zealand News If Forced To Pay For Content SlashdotOct 5
security Google Is Testing Verified Checkmarks In Search SlashdotOct 5
lifetimes Google ships Gemini 1.5 Flash-8B AI model InfoWorldOct 4
blog Google’s ad-tech antitrust trial: Wrapping up the case for the defense ComputerWorldOct 4
google Google is killing its one-click app to run Chrome OS in a VM on Android devices OS NewsOct 4
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Nov, Fri 15 - 21:51 CET