Discover Security Projects News
'We're finding bugs way faster than we can fix them': Google sponsors 2 full-time devs to improve Linux security
Google has demonstrated serious concern about the security of Linux and open-source code, and is sponsoring a pair of full-time developers to work on the kernel's security.
The internet giant builds code from its own repositories rather than downloading outside binaries, though given the pace at which code is being added to Linux, this task is non-trivial. Google's open-source security team lead Dan Lorenc spoke to The Register about its approach, and why it will not use pre-built binaries despite their convenience.
But first: the two individuals full-time sponsored by Google are Gustavo Silva, whose work includes eliminating some classes of buffer overflow risks and on kernel self-protection, and Nathan Chancellor, who fixes bugs in the Clang/LLVM compilers and improves compiler warnings.