Memory Safety for Skeptics

https://queue.acm.org/detail.cfm?id=3773095

#HackerNews #MemorySafety #Skeptics #Cybersecurity #SoftwareDevelopment #ACMQueue

I'm joining @cheri_alliance@cheri_alliance@infosec.exchange as an ambassador, working to transform cybersecurity at its foundation.

Memory safety bugs cause 70% of cyber vulnerabilities, leading to disasters like OpenSSL Heartbleed and the 2024 CrowdStrike outage ($5.4 billion in losses). CHERI technology, developed over 15 years by Cambridge University and SRI International, prevents these attacks through hardware-enforced memory protection rather than endless software patches.

The momentum is extraordinary. The UK government invested £80 million alongside £200 million from industry, with backing from DSIT, NCSC/GCHQ, DSTL, and DARPA. Industry giants Google, Microsoft, and Arm have joined alongside BT Group and Siemens, recognizing that hardware-level security is no longer optional.

I'm particularly excited about our working groups porting critical operating systems to CHERI. FreeBSD, FreeRTOS, Zephyr, and seL4 have all been ported to run on CHERI hardware, with teams actively developing and maintaining these implementations. This ecosystem work ensures CHERI can protect everything from embedded IoT devices to enterprise servers, making memory safety accessible across the entire computing stack.

Microsoft found CHERI would have prevented two-thirds of their 2019 vulnerabilities. The technology is practical too – existing software often needs less than 0.03% code changes to become memory-safe. As we deploy AI and connect critical infrastructure, we can't afford to keep patching symptoms. CHERI addresses the root cause.

Join us in building secure-by-design systems. The Alliance welcomes all who share this vision. Let's stop playing defense and fundamentally solve memory safety.

#Cybersecurity #CHERI #MemorySafety #SecureByDesign

I'm joining @cheri_alliance@cheri_alliance@infosec.exchange as an ambassador, working to transform cybersecurity at its foundation.

Memory safety bugs cause 70% of cyber vulnerabilities, leading to disasters like OpenSSL Heartbleed and the 2024 CrowdStrike outage ($5.4 billion in losses). CHERI technology, developed over 15 years by Cambridge University and SRI International, prevents these attacks through hardware-enforced memory protection rather than endless software patches.

The momentum is extraordinary. The UK government invested £80 million alongside £200 million from industry, with backing from DSIT, NCSC/GCHQ, DSTL, and DARPA. Industry giants Google, Microsoft, and Arm have joined alongside BT Group and Siemens, recognizing that hardware-level security is no longer optional.

I'm particularly excited about our working groups porting critical operating systems to CHERI. FreeBSD, FreeRTOS, Zephyr, and seL4 have all been ported to run on CHERI hardware, with teams actively developing and maintaining these implementations. This ecosystem work ensures CHERI can protect everything from embedded IoT devices to enterprise servers, making memory safety accessible across the entire computing stack.

Microsoft found CHERI would have prevented two-thirds of their 2019 vulnerabilities. The technology is practical too – existing software often needs less than 0.03% code changes to become memory-safe. As we deploy AI and connect critical infrastructure, we can't afford to keep patching symptoms. CHERI addresses the root cause.

Join us in building secure-by-design systems. The Alliance welcomes all who share this vision. Let's stop playing defense and fundamentally solve memory safety.

#Cybersecurity #CHERI #MemorySafety #SecureByDesign

The CHERI Alliance is all about bringing the computing world together to adopt CHERI security technology.

We’re a mix of industry partners, open-source contributors, researchers, and governments, all working to make CHERI more accessible and widely used.

Check out who’s already on board: https://cheri-alliance.org/member/

We’ve got active working groups tackling everything from software porting to system integration and standards - all helping the community adopt and build with CHERI more effectively. Take a look: https://cheri-alliance.org/who-we-are/working-groups/

Curious? Keen to get involved? Here’s how to join us: https://cheri-alliance.org/memberships/

#CHERI#CyberSecurity#MemorySafety#InfoSec

The CHERI Alliance is all about bringing the computing world together to adopt CHERI security technology.

We’re a mix of industry partners, open-source contributors, researchers, and governments, all working to make CHERI more accessible and widely used.

Check out who’s already on board: https://cheri-alliance.org/member/

We’ve got active working groups tackling everything from software porting to system integration and standards - all helping the community adopt and build with CHERI more effectively. Take a look: https://cheri-alliance.org/who-we-are/working-groups/

Curious? Keen to get involved? Here’s how to join us: https://cheri-alliance.org/memberships/

#CHERI#CyberSecurity#MemorySafety#InfoSec

👋 Hey infosec.exchange! We’re the CHERI Alliance — excited to join the community!

🔐 We’re all about CHERI (Capability Hardware Enhanced RISC Instructions) — a powerful hardware-based approach to making memory safety and software security actually enforceable, by design.

💡 CHERI helps stop things like buffer overflows and use-after-free bugs before they cause trouble — with hardware-enforced protections built right into the architecture.

We’re here to:
- Share news about the CHERI community in general
- Talk about what our members are building with CHERI
- Connect with folks who care about deep, meaningful security improvements
Check us out 👉 cherialliance.org

Give us a follow if this sounds like your kind of thing!

#CHERI#MemorySafety#SecureByDesign#InfoSec#CyberSecurity#HardwareSecurity

👋 Hey infosec.exchange! We’re the CHERI Alliance — excited to join the community!

🔐 We’re all about CHERI (Capability Hardware Enhanced RISC Instructions) — a powerful hardware-based approach to making memory safety and software security actually enforceable, by design.

💡 CHERI helps stop things like buffer overflows and use-after-free bugs before they cause trouble — with hardware-enforced protections built right into the architecture.

We’re here to:
- Share news about the CHERI community in general
- Talk about what our members are building with CHERI
- Connect with folks who care about deep, meaningful security improvements
Check us out 👉 cherialliance.org

Give us a follow if this sounds like your kind of thing!

#CHERI#MemorySafety#SecureByDesign#InfoSec#CyberSecurity#HardwareSecurity