Is Memory Safety In the Room With US?
Halvar Flake
The vast majority of historical vulnerabilities were related to memory unsafety. Nowadays, we have two sorts of ways of achieving memory safety - either going the way of garbage-collected languages, or by way of a type system with a borrow checker. What does this buy us? What does this mean in the context of a browser with a JIT? What does this mean for trust boundaries such as the userspace-kernel boundary? What does this mean for communication between different compute cores in a modern system, as we are moving more towards heterogeneous compute?
The talk will discuss what memory safety can and cannot achieve for security in modern systems, and where a good amount of room-for-error remains.
SPEAKER BIO:
Halvar Flake is a security researcher and entrepreneur well-known for his contributions to the theory and practice of vulnerability development and software reverse engineering. He won what was then Germany's biggest privately financed research prize in the natural sciences in 2006 (the Horst-Goertz Prize) for work on graph-based code similarity; started and ran a company to commercialize this research that got acquired by Google, and has worked on a wide range of topics - from the very practical (turning security patches into attacks) and quite concrete (turning physics-induced DRAM bitflips into useful attacks) to the rather theoretical (attempting to clarify the theoretical foundations of exploitation). After working at Google Project Zero, he cofounded startup optimyze, which was acquired by Elastic Security in 2021.
