Artwork

Konten disediakan oleh Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.
Player FM - Aplikasi Podcast
Offline dengan aplikasi Player FM !

A Little Bit of Rust Goes a Long Way with Android's Jeff Vander Stoep

1:13:55
 
Bagikan
 

Manage episode 445316655 series 2956114
Konten disediakan oleh Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.

You may not be rewriting the world in Rust, but if you follow the findings of the Android team and our guest Jeff Vander Stoep, you'll drive down your memory-unsafety vulnerabilities more than 2X below the industry average over time! 🎉
Transcript: https://securitycryptographywhatever.com/2024/10/15/a-little-bit-of-rust-goes-a-long-way/
Links:
- https://security.googleblog.com/2024/09/eliminating-memory-safety-vulnerabilities-Android.html
- “Safe Coding”: https://dl.acm.org/doi/10.1145/3651621
- “effectiveness of security design”: https://docs.google.com/presentation/d/16LZ6T-tcjgp3T8_N3m0pa5kNA1DwIsuMcQYDhpMU7uU/edit#slide=id.g3e7cac054a_0_89
- https://security.googleblog.com/2024/02/improving-interoperability-between-rust-and-c.html
- https://github.com/google/crubit
- https://github.com/google/autocxx
- https://en.wikipedia.org/wiki/Stagefright_(bug)
- https://security.googleblog.com/2021/04/rust-in-android-platform.html
- https://chromium.googlesource.com/chromium/src/+/master/docs/security/rule-of-2.md
- https://www.usenix.org/conference/usenixsecurity22/presentation/alexopoulos
-https://kb.meinbergglobal.com/kb/time_sync/ntp/ntp_vulnerabilities_reported_2023-04
- https://blog.isosceles.com/the-legacy-of-stagefright/
- https://research.google/pubs/secure-by-design-googles-perspective-on-memory-safety/
- https://www.youtube.com/watch?v=QrrH2lcl9ew
- https://source.android.com/docs/setup/build/rust/building-rust-modules/overview
- https://github.com/rust-lang/rust-bindgen
- https://security.googleblog.com/2021/06/rustc-interop-in-android-platform.html

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

  continue reading

Chapter

1. A Little Bit of Rust Goes a Long Way with Android's Jeff Vander Stoep (00:00:00)

2. Security and Memory Safety in Android (00:00:12)

3. Evaluating Memory Safety and Security Boundaries (00:10:14)

4. Scaling Memory-Safe Code for Security (00:17:04)

5. Assessing Memory Safety for Future Code (00:23:33)

6. Memory Safety and Security Progress (00:28:43)

7. Analyzing Memory Safety Issue Trends (00:35:37)

8. Transitioning to Memory-Safe Code (00:45:39)

9. Practical Approach to Memory Safety (01:00:22)

52 episode

Artwork
iconBagikan
 
Manage episode 445316655 series 2956114
Konten disediakan oleh Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian. Semua konten podcast termasuk episode, grafik, dan deskripsi podcast diunggah dan disediakan langsung oleh Deirdre Connolly, Thomas Ptacek, David Adrian, Deirdre Connolly, Thomas Ptacek, and David Adrian atau mitra platform podcast mereka. Jika Anda yakin seseorang menggunakan karya berhak cipta Anda tanpa izin, Anda dapat mengikuti proses yang diuraikan di sini https://id.player.fm/legal.

You may not be rewriting the world in Rust, but if you follow the findings of the Android team and our guest Jeff Vander Stoep, you'll drive down your memory-unsafety vulnerabilities more than 2X below the industry average over time! 🎉
Transcript: https://securitycryptographywhatever.com/2024/10/15/a-little-bit-of-rust-goes-a-long-way/
Links:
- https://security.googleblog.com/2024/09/eliminating-memory-safety-vulnerabilities-Android.html
- “Safe Coding”: https://dl.acm.org/doi/10.1145/3651621
- “effectiveness of security design”: https://docs.google.com/presentation/d/16LZ6T-tcjgp3T8_N3m0pa5kNA1DwIsuMcQYDhpMU7uU/edit#slide=id.g3e7cac054a_0_89
- https://security.googleblog.com/2024/02/improving-interoperability-between-rust-and-c.html
- https://github.com/google/crubit
- https://github.com/google/autocxx
- https://en.wikipedia.org/wiki/Stagefright_(bug)
- https://security.googleblog.com/2021/04/rust-in-android-platform.html
- https://chromium.googlesource.com/chromium/src/+/master/docs/security/rule-of-2.md
- https://www.usenix.org/conference/usenixsecurity22/presentation/alexopoulos
-https://kb.meinbergglobal.com/kb/time_sync/ntp/ntp_vulnerabilities_reported_2023-04
- https://blog.isosceles.com/the-legacy-of-stagefright/
- https://research.google/pubs/secure-by-design-googles-perspective-on-memory-safety/
- https://www.youtube.com/watch?v=QrrH2lcl9ew
- https://source.android.com/docs/setup/build/rust/building-rust-modules/overview
- https://github.com/rust-lang/rust-bindgen
- https://security.googleblog.com/2021/06/rustc-interop-in-android-platform.html

"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

  continue reading

Chapter

1. A Little Bit of Rust Goes a Long Way with Android's Jeff Vander Stoep (00:00:00)

2. Security and Memory Safety in Android (00:00:12)

3. Evaluating Memory Safety and Security Boundaries (00:10:14)

4. Scaling Memory-Safe Code for Security (00:17:04)

5. Assessing Memory Safety for Future Code (00:23:33)

6. Memory Safety and Security Progress (00:28:43)

7. Analyzing Memory Safety Issue Trends (00:35:37)

8. Transitioning to Memory-Safe Code (00:45:39)

9. Practical Approach to Memory Safety (01:00:22)

52 episode

Minden epizód

×
 
Loading …

Selamat datang di Player FM!

Player FM memindai web untuk mencari podcast berkualitas tinggi untuk Anda nikmati saat ini. Ini adalah aplikasi podcast terbaik dan bekerja untuk Android, iPhone, dan web. Daftar untuk menyinkronkan langganan di seluruh perangkat.

 

Panduan Referensi Cepat

Dengarkan acara ini sambil menjelajah
Putar