Josh Aas is the Executive Director of ISRG, the nonprofit behind Let’s Encrypt, Divvi Up, and Prossimo. We interviewed him to learn more about Prossimo, an effort to move the Internet’s security-sensitive software infrastructure to memory safe code. Read Prossimo’s latest blog post here. This interview is part of a series where we dive into the struggles and achievements of nonprofit organizations for which Common Good Cyber intends to contribute transformative cybersecurity funding.
1. What is Prossimo? How does it help the security of the Internet? Why should a non-technical person care?
Prossimo is an initiative focused on advancing the creation and adoption of memory-safe code in the Internet’s most critical infrastructure.
Memory safety is a property of some programming languages that prevents programmers from introducing certain types of bugs related to how memory is used. Since memory safety bugs are often security issues, memory safe languages are more secure than languages that are not memory safe.
Memory vulnerabilities have resulted in data breaches, which violate people’s privacy. They have caused significant financial loss, which often trickles down to consumers paying the price. They have affected hospitals and other public services, which puts people’s physical health and safety at risk. And finally, they have been used against human rights defenders in ways that put their lives in jeopardy.
For most of the Internet’s history, people and organizations didn’t have reasonable memory safe options for the fundamental software underlying almost every deployment. Our work has been focused on providing safer options and promoting their adoption.
Many of the software systems that underpin the Internet were written in programming languages like C and C++, which are prone to memory safety vulnerabilities.
By replacing particularly vulnerable code or entire pieces of software with memory-safe alternatives, Prossimo reduces the risk of these vulnerabilities, making the Internet safer for everyone.
Given that more than five billion people routinely access the Internet, reducing memory safety bugs in the software used by all of them has widespread impact on security and privacy. By making the Internet’s infrastructure more secure, Prossimo protects the personal information, financial data, physical safety, and digital lives of billions of people.
2. How has your work affected society or enhanced our community well-being?
Software that is not memory safe is one of the Internet’s most pervasive and dangerous challenges. Our work focuses on moving the foundational components of the global Internet to memory safe code. These foundational components are used by every part of online society, including commerce, public services, and NGOs. Society deserves a more secure and privacy respecting Internet – one that can better protect services, finances, personal information, and lives – and that’s what we aim to deliver.
3. How have you worked to build awareness around memory safety issues and build a community to tackle the problem?
The problem of memory safety is, generally speaking, a well-known and well-established problem. (The first computer virus known to spread “in the wild” was caused by a memory safety error!). However for most of the Internet’s history, people and organizations didn’t have reasonable memory safe options for the fundamental software underlying almost every code deployment. Our work has been focused on providing safer options and promoting their adoption.
For example, we’ve worked hard to build up Rustls, a TLS library (a software component that allows applications to securely communicate by encrypting data transmitted between a client and server) that has excellent performance and great features along with being memory safe. Our aim is for Rustls to replace OpenSSL, the TLS library currently in wide use which is not memory safe code. OpenSSL was made famous by its catastrophic Heartbleed bug that was caused by lack of memory safety. We need to replace OpenSSL with a safer alternative for a safer and more privacy-respecting Internet.
Building up Rustls, or any other open source project, is not just about code contributions. It’s also about building up the community with a strong communication program, helping to create or improve development partnerships with relevant companies and other open source projects, raising money to help fund development, and using connections to make inroads with potential adopters. We help the open source projects that we believe are critical to our mission build up their communities in these ways.
We are excited to see Rustls continue to be adopted by a growing number of companies. We have similar initiatives related to other key parts of Internet infrastructure like DNS, NTP, Reverse Proxy software, and Rust in the Linux kernel.
Conversations like this one are a great example of how we work to build awareness of the importance of memory safety! We’re grateful to Common Good Cyber and our collaborators and champions such as CISA, The Office of the National Cyber Director in the White House, and others who are bringing heightened awareness to the importance of adopting memory safe alternatives. Anjana Rajan, Assistant National Cyber Director at the White House put it well recently when she said, “This may be a multi-decade endeavor that will require all of us, those in government, the private sector, and across the technical community to play our part and that’s why we must begin this work today.”
4. Has Prossimo ever faced funding challenges? What kind of resources, either financial or otherwise, are essential for your survival and continued operations?
Prossimo’s model is opportunistic. A key criteria in determining an initiative’s viability is whether or not there is funding available.
We put in a lot of effort to develop strategies and bring together the best people to execute at an efficient cost, but it’s usually a challenge to find the resources we need to build a new piece of memory safe software. This is primarily because while we’re confident that we can build great software, there is no upfront guarantee that it will see widespread adoption. People can’t adopt software that doesn’t exist, so if we want to move the needle there is some risk involved no matter how good our plans are.
It also takes quite a long time for investments to pay off – core components of the Internet are not replaced quickly – and the timeline for adoption can be beyond the ROI horizon for many funders. These investments are critical though, and we need to be able to think long term if we want a fundamentally more secure and privacy-respecting Internet.
We are fortunate to have staff that adeptly connects our needs with organizations and people that believe in our work, and more importantly, the future positive potential of our work. We’re thankful to organizations like the Sovereign Tech Fund, Craig Newmark Philanthropies, Alpha-Omega, Google, Shopify, and others who have funded our work.
5. What would be the consequences if Prossimo shut down? What would it take to fill that gap or to continue the services you provide if someone else had to start from scratch?
Prossimo is looked to as a leader in building and releasing high performance memory safe software. If Prossimo shut down, momentum for the development and adoption of memory safe software would certainly slow, and vulnerabilities caused by unsafe code would continue to cause widespread damage. We would hope that someone would take up the mantle and continue to drive this change forward.
The foundational software of the Internet is entrenched, in many different ways for many different reasons. Anyone who wants to change it is going to need a combination of skill, ambition, optimism, and capacity for long term commitment. Those are the kinds of people needed to move our work on memory safety forward, and we’re fortunate to know they’re out there because we work with many of them as staff, partners, and community members every day.
Description: Prossimo’s Josh Aas and Sarah Gran recognized along with other industry leaders for their contributions to improving cybersecurity in Director Jen Easterly’s (CISA) 2024 keynote at the Black Hat conference.
