Going Keyless Everywhere
The Heartbleed vulnerability, discovered over five years ago, exposed the personal data of users on almost every website online due to a tiny bug in a cryptography library called OpenSSL. This incident highlighted the fragility of internet security and led to the emergence of remote memory disclosure vulnerabilities such as Cloudbleed and NetSpectre. To protect private keys from future Heartbleed-like vulnerabilities, Cloudflare redesigned its main product using process isolation and Keyless SSL. Memory safety is crucial for businesses with an online component, and while perfect security is not possible, measures like these can help mitigate risks.
Company
Cloudflare
Date published
Nov. 1, 2019
Author(s)
Nick Sullivan, Chris Broglie
Word count
2990
Hacker News points
None found.
Language
English