{"id":220285,"date":"2026-05-26T10:37:00","date_gmt":"2026-05-26T14:37:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/26\/students-tackle-openssl-issues-to-help-keep-the-internet-encrypted\/"},"modified":"2026-05-26T11:05:12","modified_gmt":"2026-05-26T15:05:12","slug":"students-tackle-openssl-issues-to-help-keep-the-internet-encrypted","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/26\/students-tackle-openssl-issues-to-help-keep-the-internet-encrypted\/","title":{"rendered":"Students tackle OpenSSL issues to help keep the internet encrypted"},"content":{"rendered":"<p><a href=\"https:\/\/www.rit.edu\/news\/students-tackle-openssl-issues-help-keep-internet-encrypted\">Students tackle OpenSSL issues to help keep the internet encrypted<\/a><\/p>\n<p><a href=\"https:\/\/www.rit.edu\/news\/students-tackle-openssl-issues-help-keep-internet-encrypted\">https:\/\/www.rit.edu\/news\/students-tackle-openssl-issues-help-keep-internet-encrypted<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-26 10:37:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.rit.edu\">www.rit.edu<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n\t\t\t\t\t\t\t\t\t\tAs part of a cybersecurity course, RIT students are helping ensure that internet communications stay secure.<\/p>\n<p>For three semesters, students have been patching issues with OpenSSL\u2014a free and open-source library and toolkit that provides encryption for computer networks. Many of the student\u2019s submitted code changes have been merged into the critical library that powers about two-thirds of all websites and internet servers.<\/p>\n<p>\u201cOpenSSL is kind of the backbone of the internet and even if you didn\u2019t know about it, you\u2019ve most likely used it to protect data when accessing a website,\u201d said Jose Luis Gonzalez, a fourth-year cybersecurity major, who took the course. \u201cIt\u2019s really rewarding and cool to know that I\u2019ve contributed to it.\u201d<\/p>\n<p>RIT Professor Billy Brumley teaches the Open Source Software Security course. For the main class project, students find open issues on OpenSSL\u2019s GitHub and write code that could be integrated into the system. At any time, there are more than 1,000 open reported issues on OpenSSL that anyone can help fix.<\/p>\n<p>Brumley, the Kevin O\u2019Sullivan Endowed Professor in Cybersecurity, said he has built his industry and research career on OpenSSL. He\u2019s also part of the Business Advisory Committee with OpenSSL.<\/p>\n<p>OpenSSL started in 1998 as a transparent and universally accessible infrastructure for internet security. Today, major technology, financial, and infrastructure companies\u2014including Google, Amazon, Microsoft, Cisco, and Meta\u2014rely on OpenSSL for secure communication.<\/p>\n<p>In 2014, OpenSSL went through reform after being the subject of one of the largest security flaws in internet history. It was called Heartbleed and it allowed hackers to silently extract passwords, private cryptographic keys, and other sensitive data from server memory.<\/p>\n<p>\u201cEarly in my career, I enjoyed offensive security and finding vulnerabilities\u2014like many students,\u201d said Brumley. \u201cI thought I could report a problem and someone would just magically fix it. But realistically, knowing how to fix things yourself is equally as important for security professionals.\u201d<\/p>\n<p>Brumely said many students are aware of OpenSSL but have never used it. He explained that addressing pull requests is a good way for students to prepare for industry and to learn C\u2014an older programming language that is often still used in healthcare and infrastructure due to its stability.<\/p>\n<p>How student code helps test security <\/p>\n<p>\u201cAt first, the idea of working on OpenSSL was daunting,\u201d said Gonzalez, who is completing a Combined accelerated BS\/MS degree option in cybersecurity.<\/p>\n<p>His team identified an issues worth looking into. His task was to create a regression test to the codebase that could run whenever certain changes are made to OpenSSL.<\/p>\n<p>\u201cWhen you encounter a troublesome issue, it\u2019s important to have a test for it so you know the problem isn\u2019t happening again,\u201d said Gonzalez. \u201cYou don\u2019t want new updates to reintroduce the issue.\u201d<\/p>\n<p>For Gonzalez, the two-and-a-half-month experience was a learning process. First, he figured out the design, programmed the test, and sent it in for review by an OpenSSL team. After several back and forths to solve crashing issues, spelling mistakes, and cleaning up code to be consistent with the repository, his work was integrated.<\/p>\n<p>\u201cNow, every time someone pushes a new change, the test I wrote is going to run,\u201d said Gonzalez. \u201cIt\u2019s really rewarding that my contribution is going to persist through.\u201d<\/p>\n<p>This year, 20 pull requests from the RIT class were merged. Brumley said around 60 projects have been merged by RIT students throughout all his courses. As a thank you, OpenSSL sent swag for the students.<\/p>\n<p>Gonzalez is now completing an internship as a security engineer at Amazon. He said that he wears his OpenSSL T-shirt around the office in Austin, Texas and it\u2019s a nice conversation starter. It\u2019s also good for his r\u00e9sum\u00e9 and he hopes to contribute again someday.<\/p>\n<p>Brumley will be teaching the course again during the Fall 2026 semester. In the future, he also hopes to set up co-ops with the OpenSSL Corp.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Students tackle OpenSSL issues to help keep the internet encrypted https:\/\/www.rit.edu\/news\/students-tackle-openssl-issues-help-keep-internet-encrypted Publish Date: 2026-05-26 10:37:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":220286,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.rit.edu\/sites\/rit.edu\/files\/styles\/full\/https\/cdn.rit.edu\/images\/news\/2026-05\/WEBJoseGonzalez.jpg?itok=BZhufud8","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24],"class_list":["post-220285","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220285"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=220285"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220285\/revisions"}],"predecessor-version":[{"id":220287,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/220285\/revisions\/220287"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/220286"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=220285"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=220285"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=220285"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}