Security for Human Beings: Protecting Ubuntu
Kees Cook, Ubuntu Software Engineer, Canonical Ltd.
Date: Thursday, July 26
Time: 1:45pm - 2:30pm
What goes on in the day-to-day life of a Security Engineer? Between patching, building, and testing, you've got to audit code and help build new technologies. This talk will outline the work involved in keeping Ubuntu secure while showing off some common attacks and countermeasures.
Defining security: vulnerabilities are just bugs, so what makes these bugs so special? Different problems call for different solutions, and not everything is an emergency.
Being paranoid: no one wants their code to have a vulnerability in it, but we're only human. Writing secure code means thinking like a bad-guy, and getting creative about how you do your testing.
Security technologies: safe distros try to proactively protect themselves against all that pesky installed software. Get a taste of using stronger stack boundries, stirring up memory locations, and using mandatory access controls. Even if there's a bug in the code, maybe now it can't be turned into a vulnerability.
Researching security: get a list of recommended reading, fun tools, and tricky problems. Knowing how to break your code is the key to knowing how to secure your code.