Google has initiated the development of a fork of OpenSSL, called BoringSSL. The internetgigant states that it is a modified version of the cryptographic software for its own products, such as Android and Chrome.
Initially based Google ssl implementations on the software of OpenSSL on top of his own patches, but this would no longer be practical: Android and Chrome would be more and more custom software require, while the Google-supplied patches not always been processed in the releases of OpenSSL. Due to the increasing complexity of this way of software developing is chosen to be a fork of OpenSSL to proceed, which is intended, in particular, seems to be for use in Google’s own products.
OpenSSL was recently in the news by the Heartbleed bug, which ensured that an attacker sharing the memory of a server could read. Consequently, sensitive data may be intercepted. Earlier this month it was once again discovered a bug, that a man-in-the-middle attack is made possible. A lot of great sites and services were affected by the bugs, including Android and Chrome from Google.
Comments
(79)