David Chisnall (*Now with 50% more sarcasm!*)<p>The <span class="h-card" translate="no"><a href="https://infosec.exchange/@cheri_alliance" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cheri_alliance</span></a></span> has around a thousand followers on LinkedIn and just joined the Fediverse today. Let’s see how quickly we can get them to more than that here!</p><p><a href="https://infosec.exchange/tags/CHERI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CHERI</span></a> <a href="https://infosec.exchange/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a> <a href="https://infosec.exchange/tags/HardwareSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HardwareSecurity</span></a> <a href="https://infosec.exchange/tags/FollowFriday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FollowFriday</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
223active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#memorysafety
2 posts · 2 participants · 0 posts today
CHERI Alliance<p>👋 Hey infosec.exchange! We’re the CHERI Alliance — excited to join the community!</p><p>🔐 We’re all about CHERI (Capability Hardware Enhanced RISC Instructions) — a powerful hardware-based approach to making memory safety and software security actually enforceable, by design.</p><p>💡 CHERI helps stop things like buffer overflows and use-after-free bugs before they cause trouble — with hardware-enforced protections built right into the architecture.</p><p>We’re here to:<br>- Share news about the CHERI community in general<br>- Talk about what our members are building with CHERI<br>- Connect with folks who care about deep, meaningful security improvements<br>Check us out 👉 cherialliance.org</p><p>Give us a follow if this sounds like your kind of thing!</p><p><a href="https://infosec.exchange/tags/CHERI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CHERI</span></a> <a href="https://infosec.exchange/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a> <a href="https://infosec.exchange/tags/SecureByDesign" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureByDesign</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/HardwareSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HardwareSecurity</span></a></p>
Sovereign Tech Agency<p>Memory-related bugs form the majority of impactful vulnerabilities, and eliminating them requires that all stakeholders, from government to industry to academia and technical communities do their part. </p><p>As follow up, we’re working towards a second meeting to get more organizations, developers, and users of memory-safe and secure technologies on-board. Please reach out if you’re interested in participating in the next workshop. </p><p>Thanks to everyone who joined us!</p><p><a href="https://mastodon.social/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a></p><p>(2/2)</p>
LavX News<p>Exploring Memory Safety Features in Zig: A Developer's Guide</p><p>Zig is carving out its niche in the programming landscape with a robust approach to memory safety that combines manual management with sophisticated safety mechanisms. This article delves into Zig's c...</p><p><a href="https://news.lavx.hu/article/exploring-memory-safety-features-in-zig-a-developer-s-guide" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.lavx.hu/article/exploring</span><span class="invisible">-memory-safety-features-in-zig-a-developer-s-guide</span></a></p><p><a href="https://ioc.exchange/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a> <a href="https://ioc.exchange/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://ioc.exchange/tags/ZigProgramming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZigProgramming</span></a> <a href="https://ioc.exchange/tags/SystemsProgramming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SystemsProgramming</span></a> <a href="https://ioc.exchange/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a></p>
OpenSSF<p>The <a href="https://social.lfx.dev/tags/OpenSSF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSSF</span></a> Memory Safety SIG just released the <a href="https://social.lfx.dev/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a> Continuum!<br>Practical steps to tackle memory safety risks and strengthen <a href="https://social.lfx.dev/tags/OSSSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OSSSecurity</span></a> — no matter where you are today.<br>👉 Read more: https://<a href="https://openssf.org/blog/2025/04/28/announcing-the-release-of-the-memory-safety-continuum/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">openssf.org/blog/2025/04/28/an</span><span class="invisible">nouncing-the-release-of-the-memory-safety-continuum/</span></a></p>
Camdon<p>I don't know who needs to hear this but if you bounds-check your user input and panic with a message that says "buffer overflow" and no other information you have achieved some minimal form of <a href="https://infosec.exchange/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a> but you're still a jerk</p>
David Chisnall (*Now with 50% more sarcasm!*)<p>I have lost count of the number of people at Embedded World who have asked me ’what is memory safety?'</p><p>If anyone is wondering how embedded security is going...</p><p><a href="https://infosec.exchange/tags/EmbeddedWorld" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EmbeddedWorld</span></a> <a href="https://infosec.exchange/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a> <a href="https://infosec.exchange/tags/CHERI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CHERI</span></a></p>
theruran 💻 🌐 :cereal_killer:<p>is <a href="https://hackers.town/tags/Fortran" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortran</span></a> memory safe?</p><p>I don't think I have ever heard of a CVE in Fortran code.</p><p><a href="https://hackers.town/tags/memorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorySafety</span></a></p>
Robotics & Autonomous Sytems<p>Thrilled to announce the kickoff of the <a href="https://social.rma.ac.be/tags/DEFRA_FORCES" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DEFRA_FORCES</span></a> project! </p><p>🚀 We're enhancing <a href="https://social.rma.ac.be/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> in defence robotics by advancing memory-safe robotics with <a href="https://social.rma.ac.be/tags/RustLang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RustLang</span></a>. We will develop tools to transpile from C/C++. </p><p>Partners: @vub @rma @thales. </p><p><a href="https://social.rma.ac.be/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.rma.ac.be/tags/robotics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>robotics</span></a> <a href="https://social.rma.ac.be/tags/defensetech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defensetech</span></a> <a href="https://social.rma.ac.be/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a></p>
Alice<p><a href="https://infosec.exchange/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a> <a href="https://infosec.exchange/tags/nerdhumor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nerdhumor</span></a> courtesy of <span class="h-card" translate="no"><a href="https://bird.makeup/users/halvarflake" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>halvarflake</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@DistrictCon" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>DistrictCon</span></a></span> 😆</p>
Gary Wong<p>My <a href="https://mastodon.nz/tags/computing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>computing</span></a> is far too important for me to be pacified by mere <a href="https://mastodon.nz/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a>. I demand actual <a href="https://mastodon.nz/tags/correctness" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>correctness</span></a>.</p>
theruran 💻 🌐 :cereal_killer:<p>that's a big whoopsy: all the Ada links here use fucking :WindowsFire: Outlook.com tracking URLs</p><p><a href="https://www.nist.gov/itl/ssd/software-quality-group/safer-languages" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">nist.gov/itl/ssd/software-qual</span><span class="invisible">ity-group/safer-languages</span></a></p><p><a href="https://hackers.town/tags/Ada" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ada</span></a> <a href="https://hackers.town/tags/memorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorySafety</span></a></p>
Marco Ivaldi<p>Story-time: C++, bounds checking, performance, and compilers</p><p><a href="https://chandlerc.blog/posts/2024/11/story-time-bounds-checking/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">chandlerc.blog/posts/2024/11/s</span><span class="invisible">tory-time-bounds-checking/</span></a></p><p>See also: Retrofitting spatial safety to hundreds of millions of lines of C++</p><p><a href="https://security.googleblog.com/2024/11/retrofitting-spatial-safety-to-hundreds.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">security.googleblog.com/2024/1</span><span class="invisible">1/retrofitting-spatial-safety-to-hundreds.html</span></a></p><p><a href="https://infosec.exchange/tags/c" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>c</span></a> <a href="https://infosec.exchange/tags/cpp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cpp</span></a> <a href="https://infosec.exchange/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a></p>
Chandler Carruth<p>Had a bunch of thoughts about the recent safety stuff, way more than fit in social media post... Blog post story time! (It's a bit of a ramble, sorry about that...)</p><p><a href="https://chandlerc.blog/posts/2024/11/story-time-bounds-checking/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">chandlerc.blog/posts/2024/11/s</span><span class="invisible">tory-time-bounds-checking/</span></a></p><p><a href="https://hachyderm.io/tags/LLVM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLVM</span></a> <a href="https://hachyderm.io/tags/Clang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Clang</span></a> <a href="https://hachyderm.io/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a></p>
Marco Ivaldi<p>Safe C++</p><p>// by Sean Baxter and Christian Mazakas</p><p><a href="https://www.open-std.org/jtc1/sc22/wg21/docs/papers/2024/p3390r0.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">open-std.org/jtc1/sc22/wg21/do</span><span class="invisible">cs/papers/2024/p3390r0.html</span></a></p><p><a href="https://infosec.exchange/tags/cpp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cpp</span></a> <a href="https://infosec.exchange/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a></p>
Ivan Lozano<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@dmnk" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dmnk</span></a></span> and I wrote about how to incrementally adopt rust in existing firmware/bare-metal code bases.</p><p><a href="https://security.googleblog.com/2024/09/deploying-rust-in-existing-firmware.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">security.googleblog.com/2024/0</span><span class="invisible">9/deploying-rust-in-existing-firmware.html</span></a></p><p><a href="https://infosec.exchange/tags/rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rust</span></a> <a href="https://infosec.exchange/tags/firmwaresecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>firmwaresecurity</span></a> <a href="https://infosec.exchange/tags/embeddedsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>embeddedsecurity</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a></p>
tarakiyee<p>This is a long read, don't click the link before you have your coffee/tea/mountain dew code red/beverage of choice ready! </p><p>In this blogpost, I try to explain why we at <span class="h-card" translate="no"><a href="https://mastodon.social/@sovtechfund" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sovtechfund</span></a></span> are investing in <a href="https://mastodon.online/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a> and reflect a bit on the awe inspiring work of critical infrastructure maintainer partners, as well as where we are at the moment and the long way ahead. </p><p><a href="https://www.sovereigntechfund.de/news/on-rust-memory-safety-open-source-infrastructure/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">sovereigntechfund.de/news/on-r</span><span class="invisible">ust-memory-safety-open-source-infrastructure/</span></a></p>
Sovereign Tech Agency<p>Addressing <a href="https://mastodon.social/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a> in critical infrastructure is a complex issue with multiple approaches. The Sovereign Tech Fund supports several initiatives, and technologist <span class="h-card" translate="no"><a href="https://mastodon.online/@tarakiyee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tarakiyee</span></a></span> reflects on the long road ahead in a blog post “On Rust, Memory Safety, and Open Source Infrastructure” <br> <br><a href="https://www.sovereigntechfund.de/news/on-rust-memory-safety-open-source-infrastructure/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">sovereigntechfund.de/news/on-r</span><span class="invisible">ust-memory-safety-open-source-infrastructure/</span></a></p>
hannah aubry<p>Incredible to see the adoption trajectory for <span class="h-card" translate="no"><a href="https://social.rust-lang.org/@rust" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rust</span></a></span> as demonstrated by GitHub stars in <span class="h-card" translate="no"><a href="https://hachyderm.io/@jdno" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jdno</span></a></span>’s talk at <a href="https://fosstodon.org/tags/RustNationUK24" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RustNationUK24</span></a>! Not to mention these anecdotes: <br>- <a href="https://fosstodon.org/tags/USGov" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USGov</span></a> recommending use of <a href="https://fosstodon.org/tags/RustLang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RustLang</span></a> for <a href="https://fosstodon.org/tags/MemorySafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MemorySafety</span></a> <br>- Adoption by <a href="https://fosstodon.org/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> in <a href="https://fosstodon.org/tags/Windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Windows</span></a> and <a href="https://fosstodon.org/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a><br>Rust’s future is bright and so is the internet’s because of it. <a href="https://fosstodon.org/tags/Fastly" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fastly</span></a> <span class="h-card" translate="no"><a href="https://fastly.social/@devs" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>devs</span></a></span> is so proud to support the <a href="https://fosstodon.org/tags/RustFoundation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RustFoundation</span></a> (and thanks so much for the shout JD 🤗)</p>
Ivan Lozano<p>We posted another thing!</p><p><a href="https://security.googleblog.com/2024/03/address-sanitizer-for-bare-metal.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">security.googleblog.com/2024/0</span><span class="invisible">3/address-sanitizer-for-bare-metal.html</span></a></p><p><a href="https://infosec.exchange/tags/addresssanitizer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>addresssanitizer</span></a> <a href="https://infosec.exchange/tags/firmware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>firmware</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://infosec.exchange/tags/memorysafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>memorysafety</span></a> <a href="https://infosec.exchange/tags/android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>android</span></a> <a href="https://infosec.exchange/tags/androidsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>androidsecurity</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload