What goes on in the day-to-day life of a Security Engineer? Between patching, building, and testing, you've got to audit code and help build new technologies. This talk will outline the work involved in keeping Ubuntu secure while showing off some common attacks and countermeasures.

Defining security: vulnerabilities are just bugs, so what makes these bugs so special? Different problems call for different solutions, and not everything is an emergency.

Being paranoid: no one wants their code to have a vulnerability in it, but we're only human. Writing secure code means thinking like a bad-guy, and getting creative about how you do your testing.

Software abuse: load JavaScript where it isn't expected, inject some SQL while no one is looking, display fonts so large you get root access, overwrite files unexpectedly, make sleep(1) print to stdout, and, if all else fails, break the parser on some audio, video, or image decoders.

Security technologies: safe distros try to proactively protect themselves against all that pesky installed software. Get a taste of using stronger stack boundries, stirring up memory locations, and using mandatory access controls. Even if there's a bug in the code, maybe now it can't be turned into a vulnerability.

Researching security: get a list of recommended reading, fun tools, and tricky problems. Knowing how to break your code is the key to knowing how to secure your code.