Fireside Chat: The State of Memory Safety

Moderator: Amira Dhalla, Consumer Reports
Panelists: Yael Grauer, Consumer Reports; Alex Gaynor, Federal Trade Commission; Josh Aas, Internet Security Research Group and Prossimo

The most ubiquitous kind of vulnerability that plagues modern computing is the memory safety vulnerability—where the underlying programming language doesn't inherently protect data structures in memory. When "memory unsafe" code fails, it can allow attackers access to arbitrary pieces of system memory, and potentially execution of malicious code. Over the years, writing code in memory safe languages, "sandboxing" memory unsafe code, and raising awareness around memory unsafety have been important steps in more generally protecting computerized and networked systems against this class of threats. But where are we at? What is the current state of memory unsafety? Join Yael and Amira from Consumer Reports, who are currently working on a report surveying the landscape of memory safety, in a fireside conversation with Alex Gaynor and Josh Aas, two key informants on the quest to squash this pernicious class of bugs.

View the full Enigma 2023 program at https://www.usenix.org/conference/eni...