SecAppDev 2020 Lecture Details
How Rust helps us make safer and more secure code
Tuesday March 10, 14:00 - 15:30
Rust promises to help us write better, safer code, but how exactly does it do so? Marketing can only convince us of so much. Join us to learn about the details for yourself.
We will dive into specific aspects of Rust that help make programs safer by default. Learn how Rust's lifetimes and borrowing semantics help prevent programming mistakes that are all-too-common in many prevalent low-level programming languages. See how these same techniques extend to thornier problems like multithreading. Rust is no silver bullet, so we will also discuss places it won't help, and we'll cover some well-known security issues and discuss whether Rust would have mitigated the problems.
Programming in languages like C or C++ is fraught with peril, but we are no longer restricted by a handful of weak choices; we have better options.
Systems programmers who want a better language or higher-level programmers looking for performance.
Knowledge of languages like C or C++ and how they allow certain types of security vulnerabilities is useful but not required.
Co-founder, Integer 32
Jake Goulding started his career writing performance-minded C code before pivoting to web applications in Ruby on Rails. He is a member of the Rust Infrastructure Team, maintainer of the Rust Playground, and manages several Rust crates in the areas of error handling, parsing, XML, hashing, and assembly intrinsics. He may be best known for being the number 1 contributor on the Rust tag on Stack Overflow.
Related low-level security sessions
Hands-on introduction to Rust
Haven't done any Rust? Want to know what makes Rust so special? Want the ability to ask two highly experienced Rust developers nuanced questions? Join us as we go hands-on with Rust, starting from an empty file and learning about the Rust ecosystem, pervasive and unique-to-Rust concepts, and areas where Rust truly shines.
Low-level security Thursday March 12, 09:00 - 17:30
Trusted Execution and how far you can trust it
Lecture by Jan Tobias Muehlberg
Modern processors provide Trusted Execution Environments that allow you to protect software components even from an untrusted operating system. Learn when and how to use them!
Low-level security Wednesday March 11, 09:00 - 10:30
Security of embedded devices - an introduction
Lecture by Lennert Wouters
This session introduces the main components of the embedded device ecosystem and some of the common security pitfalls. We do this by looking at real world examples and by demonstrating easy to use techniques.
Low-level security Friday March 13, 09:00 - 10:30