Reflections on Decades of Defending Imperfect Software
"Perfect" (bug-free) software is impractically expensive and slow to produce, and so the vast bulk of consumer and enterprise software products are shipped when they are "good enough" but far from bug-free. As a consequence, there has been a constant struggle to keep attackers from exploiting these chronically inevitable bugs. Much of that attention has been on memory corruption attacks against type-unsafe C/C++ programs, but in recent years has expanded to the web, where most development is done in dynamically typed scripting languages. This talk will review the evolution of increasingly sophisticated memory corruption defenses followed by attackers discovering how to bypass them, and how the mitigations have caused attackers to choose to exploit other, non-memory-corruption threats, and some surprising similarities between the memory corruption issue and the scripting issues.
Crispin Cowan entered the security arena in 1998 at the Seventh USENIX Security Symposium with the StackGuard paper, which introduced stack canaries for buffer overflow protection, a technique now used on nearly all platforms. From 1999 to 2007 he was the founding CTO of Immunix, which was acquired by Novell in 2005 to incorporate AppArmor into SUSE Linux. Since 2008, Crispin has worked for Microsoft, continuing his work adding security value to existing operating systems, but now doing it for Windows. Crispin is especially interested in usable security and effective sandboxing, and so has contributed to improving usability in UAC and to building the app container feature to allow users to run Windows Store Apps with confidence. Crispins contribution to the recent Windows 8.1 release has been enhancing the systematic security reviews to ensure that all Windows features ship with appropriate security considerations in mind. He holds a Ph.D. from the University of Western Ontario and a Master's in Mathematics from the University of Waterloo.
To watch the recorded presentation, register at:http://www.tvworldwide.com/events/nsf/140717/.