Google swapped OpenSSL in Chrome for personal fork




Google goes OpenSSL swap for BoringSSL his own fork of the OpenSSL Project. In addition, changes in the OpenSSL code be implemented. According to Google, it is more practical to have. Their own fork of OpenSSL

Google Chrome Google OpenSSL, used to date one of the widely used ssl / tls-suites, Google Chrome, Chrome OS and Android. It introduced Google itself patches by that by OpenSSL not adopted. The search giant is now, however, a different approach: the company integrates its own OpenSSL fork BoringSSL in Chrome.

In addition, the company will incoming patches from the OpenSSL team still introduce and bugfixes pass on the same team. Also with LibreSSL, a fork of the OpenSSL project by OpenBSD, bugs and patches will be shared. It is not yet known when BoringSSL will be added. In the stable version of Chrome Should also get Android BoringSSL instead of OpenSSL over time.

It is unclear how the decision was motivated by Heart Bleed, a major bug in OpenSSL which attackers could read. Internal server memory The BoringSSL project was started before that bug came to light.


In: Technology & Gadgets Asked By: [15564 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »