MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
code
Recherche

Eliminating Memory Safety Vulnerabilities at the Source (Google Security Blog)

jeudi 26 septembre 2024, 08:58 , par LWN.net
Here's a
post on the Google Security Blog on how switching to a memory-safe
language can quickly reduce vulnerabilities in a project, even if a large
body of older code persists.

This leads to two important takeaways:

The problem is overwhelmingly with new code, necessitating a
fundamental change in how we develop code.
Code matures and gets safer with time, exponentially, making the
returns on investments like rewrites diminish over time as code gets
older.

For example, based on the average vulnerability lifetimes, 5-year-old code
has a 3.4x (using lifetimes from the study) to 7.4x (using lifetimes
observed in Android and Chromium) lower vulnerability density than new
code.
Lire la suite sur LWN.net
https://lwn.net/Articles/991775/

Voir aussi

code Google teste les extensions pour Chrome Android… mais pas pour les smartphones 01net 8 Oct
security Le Google Play Store va devoir faire sa révolution, contraint et forcé par la justice US 01net 8 Oct
lifetimes Google brings better bricking to Androids, to curtail crims TheRegister 8 Oct
blog Fintech OpenBB Aims To Be More Than an 'Open Source Bloomberg Terminal' Slashdot 8 Oct
google Epic judge orders Google to let rivals set up app stores TheRegister 8 Oct
vulnerabilities Google vows to fight Epic Games court ruling to protect Android’s open platform and user choice BetaNews 8 Oct
older Drasi : le nouveau projet open-source de Microsoft TooLinux 8 Oct
eliminating Google must crack open Android for third-party stores, rules Epic judge OS News 7 Oct
vulnerability Google Ordered To Make Sweeping Changes, Open Android App Store To Rivals Slashdot 7 Oct
using Google Testing a Version of Chrome for Android With Extensions Support Slashdot 7 Oct
time Kaspersky viré du Play Store de Google comme un malpropre Génération-NT 7 Oct
gets Une alerte Google Pay envoyée par erreur fait paniquer les utilisateurs 01net 7 Oct
source Security updates for Monday LWN.net 7 Oct
memory Google's Grip on Search Slips as TikTok and AI Startup Mount Challenge Slashdot 7 Oct
how Android : Google déploie ses nouveautés antivol Génération-NT 7 Oct
code Open source isn’t going to save AI InfoWorld 7 Oct
security Google removes Kaspersky apps from its store BetaNews 7 Oct
lifetimes Hyundai devient la voiture autonome de Google 01net 7 Oct
blog Google vient d’exclure l’antivirus Kaspersky du Play Store 01net 7 Oct
google Google introduit des coches bleues dans les résultats de recherche : voici pourquoi ZDNet.fr 7 Oct
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
ven. 15 nov. - 21:17 CET