Google comes with a fork of OpenSSL called BoringSSL

Google has initiated the development of a fork of OpenSSL, called BoringSSL. The internetgigant states that it is a modified version of the cryptographic software for its own products, such as Android and Chrome.

The start of the BoringSSL project by Google developer Adam Langley announced on his blog. Today, the company has source code posted online. In the longer term, the developed code can be incorporated in the Chromium project; it opensourceproject that Google has set up for the development of his web browser. BoringSSL, whose name is not yet determined, is a modified version of OpenSSL which Google several patches has been implemented. According to Langley, these adjustments are required for products such as Android and Chrome.

Initially based Google ssl implementations on the software of OpenSSL on top of his own patches, but this would no longer be practical: Android and Chrome would be more and more custom software require, while the Google-supplied patches not always been processed in the releases of OpenSSL. Due to the increasing complexity of this way of software developing is chosen to be a fork of OpenSSL to proceed, which is intended, in particular, seems to be for use in Google’s own products.

OpenSSL was recently in the news by the Heartbleed bug, which ensured that an attacker sharing the memory of a server could read. Consequently, sensitive data may be intercepted. Earlier this month it was once again discovered a bug, that a man-in-the-middle attack is made possible. A lot of great sites and services were affected by the bugs, including Android and Chrome from Google.

Comments
(79)