filmov
tv
CppCon 2019: Matthew Butler “If You Can't Open It, You Don't Own It”
Показать описание
—
—
—
For the past 30 years, we have dealt with penetrations into secure systems almost exclusively from the software layer: applications and operating systems. With the advent of side channel exploits like Spectre, Meltdown and Foreshadow, hardware designs are now battlefields. In this talk, we’ll look at four real-world hardware attacks that changed the way we think about secure systems and see how hardware exploit strategies drive software exploit strategies.
And what that means for the future of Modern C++.
We’ll explore four lines of attack:
Roots of Trust,
Side channels exploits,
How physical access creates opportunities, and
How our supply chains often create our greatest vulnerabilities.
As the Standards Committee puts the final touches on C++20 this year, we’ll use these as the framework to get an inside look at the committee’s efforts to build a safer, more resilient language. We’ll see:
How new language features, like Concepts, Contracts and Ranges, help (or hurt) our ability to write secure software.
How Undefined Behavior is explicitly used by compiler developers to generate high performance machine code and what that means for software security.
Which proposals coming for C++23, like Zero-overhead deterministic exceptions and secure_clear, will help address some of the worst vulnerabilities in the language.
This talk is about how our language and design choices affect our system’s ability to withstand attack. It’s also about how the evolution of the language is addressing the insecure world it operates in and the places where it still falls short.
—
Matthew Butler
Laurel Lye LLC
Matthew Butler has spent the last three decades as a systems architect and software engineer developing systems for network security, law enforcement and the military. He primarily works in signals intelligence using C, C++ and Modern C++ to build systems running on hardware platforms ranging from embedded micro-controllers to FPGAs to large-scale airborne platforms. Much of his experience has come in either building systems that defend against attackers or building highly sensitive systems that are targets. He is actively involved in the C++ community and is on various planning committees for C++Now and CppCon as well as being a speaker at both. He is also a member of the ISO C++ Standards Committee.
Over the past thirty years, he has learned the harsh lessons on how we often write systems that fail, not because they don't scale, but because they aren't designed to be secure.
—
*-----*
*-----*
—
—
For the past 30 years, we have dealt with penetrations into secure systems almost exclusively from the software layer: applications and operating systems. With the advent of side channel exploits like Spectre, Meltdown and Foreshadow, hardware designs are now battlefields. In this talk, we’ll look at four real-world hardware attacks that changed the way we think about secure systems and see how hardware exploit strategies drive software exploit strategies.
And what that means for the future of Modern C++.
We’ll explore four lines of attack:
Roots of Trust,
Side channels exploits,
How physical access creates opportunities, and
How our supply chains often create our greatest vulnerabilities.
As the Standards Committee puts the final touches on C++20 this year, we’ll use these as the framework to get an inside look at the committee’s efforts to build a safer, more resilient language. We’ll see:
How new language features, like Concepts, Contracts and Ranges, help (or hurt) our ability to write secure software.
How Undefined Behavior is explicitly used by compiler developers to generate high performance machine code and what that means for software security.
Which proposals coming for C++23, like Zero-overhead deterministic exceptions and secure_clear, will help address some of the worst vulnerabilities in the language.
This talk is about how our language and design choices affect our system’s ability to withstand attack. It’s also about how the evolution of the language is addressing the insecure world it operates in and the places where it still falls short.
—
Matthew Butler
Laurel Lye LLC
Matthew Butler has spent the last three decades as a systems architect and software engineer developing systems for network security, law enforcement and the military. He primarily works in signals intelligence using C, C++ and Modern C++ to build systems running on hardware platforms ranging from embedded micro-controllers to FPGAs to large-scale airborne platforms. Much of his experience has come in either building systems that defend against attackers or building highly sensitive systems that are targets. He is actively involved in the C++ community and is on various planning committees for C++Now and CppCon as well as being a speaker at both. He is also a member of the ISO C++ Standards Committee.
Over the past thirty years, he has learned the harsh lessons on how we often write systems that fail, not because they don't scale, but because they aren't designed to be secure.
—
*-----*
*-----*
0:59:22
0:59:22
1:23:07
1:23:07
1:22:39
1:02:08
0:12:41
1:22:39
1:02:08
1:27:25
1:02:22
0:52:23
1:27:25
0:59:25
0:31:33
0:59:56
0:30:43
1:02:31
0:04:49
1:00:07
0:48:46
0:50:54
0:54:53
0:25:49