New: enable viewer-created translations and captions on your YouTube channel!
Use the following code to embed this video. See our usage guide for more details on embedding.
Paste this in your document somewhere (closest to the closing body tag is preferable):
Paste this inside your HTML body, where you want to include the widget:
<div class="amara-embed" data-url="http://www.youtube.com/watch?v=rRg2vuwF1hY" data-team="null"></div>
A survey of BSD kernel vulnerabilities.
In this presentation I start off asking the question „How come there are only a handful of BSD security kernel bugs advisories released every year?“ and then proceed to try and look at some data from several sources.
It should come as no surprise that those sources are fairly limited and somewhat outdated.
The presentation then moves on to try and collect some data ourselves. This is done by actively investigating and auditing. Code review, fuzzing, runtime testing on all 3 major BSD distributions [NetBSD/OpenBSD/FreeBSD]. This is done by first investigating what would be good places where the bugs might be. Once determined, a detailed review is performed of these places. Samples and demos will be shown.
I end the presentation with some results and conclusions. I will list what the outcome was in terms of bugs found, and who – based on the data I now have – among the three main BSD distributions can be seen as the clear winner and loser. I will go into detail about the code quality observed and give some pointers on how to improve some code. Lastly I will try and answer the question I set out to answer („How come there are only a handful of BSD security kernel bugs advisories released every year?“).
Ilja van Sprundel