Security News > 2020 > January > Google Open Sources Code for Security Key Devices
Google on Thursday announced that it has released the source code for a project named OpenSK in an effort to allow users to create their own security key devices.
Specifically, the company hopes that researchers, manufacturers of security keys and even enthusiasts will help develop new features and accelerate the adoption of these authentication devices.
The OpenSK firmware can be used with a Nordic chip, which supports a dedicated hardware crypto core, along with all major transport protocols, including Bluetooth, NFC and USB. Google has also made available the design for a security key enclosure that can be created using 3D printers.
"Under the hood, OpenSK is written in Rust and runs on TockOS to provide better isolation and cleaner OS abstractions in support of security. Rust's strong memory safety and zero-cost abstractions makes the code less vulnerable to logical attacks. TockOS, with its sandboxed architecture, offers the isolation between the security key applet, the drivers, and kernel that is needed to build defense-in-depth," Google explained.
Google announced earlier this month that it has simplified the enrollment process for its Advanced Protection Program, which is designed to help high-risk users add an extra layer of protection to their account through the use of security keys.
News URL
Related news
- Sara: Open-source RouterOS security inspector (source)
- What’s Next for Open Source Software Security in 2025? (source)
- GitHub CISO on security strategy and collaborating with the open-source community (source)
- Fleet: Open-source platform for IT and security teams (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Orbit: Open-source Nuclei security scanning and automation platform (source)
- Misconfig Mapper: Open-source tool to uncover security misconfigurations (source)