Techly NewsGet the app

Get the latest tech news

More Memory Safety for Let's Encrypt: Deploying ntpd-rs


When we look at the general security posture of Let’s Encrypt, one of the things that worries us most is how much of the operating system and network infrastructure is written in unsafe languages like C and C++. The CA software itself is written in memory safe Golang, but from our server operating systems to our network equipment, lack of memory safety routinely leads to vulnerabilities that need patching. Partially for the sake of Let’s Encrypt, and partially for the sake of the wider Internet, we started a new project called Prossimo in 2020.

When we look at the general security posture of Let’s Encrypt, one of the things that worries us most is how much of the operating system and network infrastructure is written in unsafe languages like C and C++. Keeping track of time is a critical task for an operating system, and since it involves interacting with the Internet it’s important to make sure NTP implementations are secure. In April of 2022, Prossimo started work on a memory safe and generally more secure NTP implementation called ntpd-rs.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Memory Safety

Memory Safety

Photo of let

let

Related news:

News photo

Circle C++ with memory safety

« The case for not sanitising fairy tales
Snowflake breach snowballs as more victims, perps, come forward »