Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch

  • henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    3
    ·
    2 months ago

    Counter point: how has code churn varied across those years? My understanding is that changes in Android are becoming more incremental which might mean that less code is being written over time, too.

    • veroxii
      link
      fedilink
      English
      arrow-up
      6
      ·
      2 months ago

      Yeah. Just about any code base will mature tremendously over 6 years.