Your Threat Model is Bad and You Should Feel Bad
- Herbert Bos | Vrije Universiteit Amsterdam
- Developing Secure Systems Summit – Online Seminar Series: Fall 2020
This presentation will explain how to create bad threat models (just keep doing what you’re doing), why abstractions are the work of the devil (and a necessary evil), and what happens when processor flaws meet traditional software exploitation (nothing good). I will illustrate my arguments with stick figures and an explanation of our recent BlindSide attack.
Speaker Details
Herbert Bos is full professor at Vrije Universiteit Amsterdam where he co-leads the VUSec Systems Security group. He is very proud of his current and former students whose research results have led to three PWNIE Awards as well as changes in all major operating systems, all browsers and all Intel CPUs. He is no fan of climate skeptics and xenophobes. He likes the Beatles.
Watch Next
-
Session: Compute & Trust (Systems)
- Ashish Panwar,
- Aditya Desai,
- Abhilash Jindal
-
Multimodal & Embodied Intelligence (S1), Panel on Multimodal AI: Progress, Pitfalls, Possibilities
- Madhava Krishna,
- Sriram Ganapathy,
- Somak Aditya
-
Session on Compute & Trust (Security)
- Krishna Pillutla,
- Danish Pruthi
-
Session on Reasoning
- Hongxiang Fan,
- Nagarajan Natarajan
-
Session on Retrieval
- Lokesh Nagalapatti,
- Soumen Chakrabarti
-
Session on Inclusive AI: Data, Models, Evaluation
- Niloy Ganguly,
- Danish Pruthi,
- Sunayana Sitaram
-
-
-
-