|
|
|
|
|
|
by thelambentonion
3496 days ago
|
|
|
Regarding secure software, there are at least some efforts to make writing formally verified software more approachable. The seL4 project has produced a formally verified microkernel, open sourced along with end-to-end proofs of correctness [0]. On the web front, Project Everest [1] is attempting to produce a full, verified HTTPS stack. The miTLS sub-project has made good headway in providing development and reference implementations of 'safe' TLS [2]. These are only a few projects, but imo they're a huge step in the right direction for producing software solutions that have a higher level of engineering rigor. [0] https://wiki.sel4.systems/FrequentlyAskedQuestions [1] https://project-everest.github.io [2] n.b. I'm not crypto-savvy, so I can't comment on what is or isn't 'safe' as any more than an interested layperson. |
|
|