Probably something like openssl. It is responsible for so much of the security provided by TLS that we take for granted on the web and is maintained by just a few people.
It is used by over two thirds of websites and a single vulnerability in it cause cause widespread damage.
From humble beginnings at an MSP, I've adventured through life as a sysadmin, into an engineer, and finally landed as a developer focused on fixing problems with automation.
Not sure how much "appreciation" openssl deserves these days. I think the general rule is you don't implement security yourself and everyone has taken that to an extreme with the particular tool.
Probably something like openssl. It is responsible for so much of the security provided by TLS that we take for granted on the web and is maintained by just a few people.
It is used by over two thirds of websites and a single vulnerability in it cause cause widespread damage.
There's a lot of other critical infrastructure software that falls in this category too.
Not sure how much "appreciation" openssl deserves these days. I think the general rule is you don't implement security yourself and everyone has taken that to an extreme with the particular tool.
OpenSSL was run by mainly 2 people, and only 1 could almost be fully employed. Where was big tech to support these people?
Sure, there have been a bunch of major bugs in it. Just like other SSL/TLS libraries.
So yes, OpenSSL is underappreciated.