Going Keyless Everywhere

The Heartbleed vulnerability, discovered over five years ago, exposed the personal data of users on almost every website online due to a tiny bug in a cryptography library called OpenSSL. This incident highlighted the fragility of internet security and led to the emergence of remote memory disclosure vulnerabilities such as Cloudbleed and NetSpectre. To protect private keys from future Heartbleed-like vulnerabilities, Cloudflare redesigned its main product using process isolation and Keyless SSL. Memory safety is crucial for businesses with an online component, and while perfect security is not possible, measures like these can help mitigate risks.