2011 stories
·
10 followers

Sandwich Helix

1 Comment and 4 Shares
The number one rule of string manipulation is that you’ve got to specify your encodings.
Read the whole story
llucax
26 days ago
reply
Berlin
Share this story
Delete
1 public comment
jth
18 days ago
reply
42
Saint Paul, MN, USA

Therapy is now horrible

1 Share
Therapy is now horrible

Intrusive thoughts and more.

View on my website

Read the whole story
llucax
38 days ago
reply
Berlin
Share this story
Delete

Late Cenozoic

1 Comment and 4 Shares
Our nucleic acid recovery techinques found a great deal of homo sapiens DNA incorporated into the fossils, particularly the ones containing high levels of resin, leading to the theory that these dinosaurs preyed on the once-dominant primates.
Read the whole story
llucax
55 days ago
reply
Berlin
Share this story
Delete
1 public comment
iustinp
56 days ago
reply
Ha ha ha!
Switzerland

CrowdStrike

1 Comment and 5 Shares
We were going to try swordfighting, but all my compiling is on hold.
Read the whole story
llucax
122 days ago
reply
Berlin
Share this story
Delete
1 public comment
marcrichter
123 days ago
reply
Oooh, reference to a classic! 🚀
tbd

Saturday Morning Breakfast Cereal - Onions

2 Shares


Click here to go see the bonus panel!

Hovertext:
Drawing all those stupid onions was worth it for the phrase keystone onion.


Today's News:
Read the whole story
llucax
132 days ago
reply
Berlin
Share this story
Delete

More Memory Safety for Let’s Encrypt: Deploying ntpd-rs

1 Share

When we look at the general security posture of Let’s Encrypt, one of the things that worries us most is how much of the operating system and network infrastructure is written in unsafe languages like C and C++. The CA software itself is written in memory safe Golang, but from our server operating systems to our network equipment, lack of memory safety routinely leads to vulnerabilities that need patching.

Partially for the sake of Let’s Encrypt, and partially for the sake of the wider Internet, we started a new project called Prossimo in 2020. Prossimo’s goal is to make some of the most critical software infrastructure for the Internet memory safe. Since then we’ve invested in a range of software components including the Rustls TLS library, Hickory DNS, River reverse proxy, sudo-rs, Rust support for the Linux kernel, and ntpd-rs.

Let’s Encrypt has now taken a step that was a long time in the making: we’ve deployed ntpd-rs, the first piece of memory safe software from Prossimo that has made it into the Let’s Encrypt infrastructure.

Most operating systems use the Network Time Protocol (NTP) to accurately determine what time it is. Keeping track of time is a critical task for an operating system, and since it involves interacting with the Internet it’s important to make sure NTP implementations are secure.

In April of 2022, Prossimo started work on a memory safe and generally more secure NTP implementation called ntpd-rs. Since then, the implementation has matured and is now maintained by Project Pendulum. In April of 2024 ntpd-rs was deployed to the Let’s Encrypt staging environment, and as of now it’s in production.

Over the next few years we plan to continue replacing C or C++ software with memory safe alternatives in the Let’s Encrypt infrastructure: OpenSSL and its derivatives with Rustls, our DNS software with Hickory, Nginx with River, and sudo with sudo-rs. Memory safety is just part of the overall security equation, but it’s an important part and we’re glad to be able to make these improvements.

We depend on contributions from our community of users and supporters in order to provide our services. If your company or organization would like to sponsor Let’s Encrypt please email us at sponsor@letsencrypt.org. We ask that you make an individual contribution if it is within your means.

Read the whole story
llucax
148 days ago
reply
Berlin
Share this story
Delete
Next Page of Stories