Friday, June 10, 2011

My SSTIC 2011 slides

A few days ago I had a privilege to give an opening keynote at the SSTIC conference in Rennes, France, which is believed by many to be the most important security conference in France. You can find my slides here.

SSTIC seems to be a very interesting conference indeed, with a strong emphasis on system-level security, which is quite unusual these days where most conferences focus on networking, apps, and web-apps. What a pity all those interestingly-looking talks have been encoded in an obscure language used only by some 3% of the population of the planet...

Anyway, it was a pleasure to talk to some ANSSI people I met before the conference (one of the organizers of the event) who really seemed to understand well the challenges we face with building secure operating systems, and generally seemed well versed in the topic. Perhaps some other nations should learn from France, instead of proposing ridiculous and superficial means that can't really solve any real problem.

13 comments:

Ven said...

Hi

I skimmed through the preso, the ideas are great, do you by chance had the audio recorded during the preso? I am sure there would have been more said than what is in the Preso and it will make it easier to understand some concepts too..

Anonymous said...

"an obscure language used only by some 3% of the population of the planet"

They won't invite you anymore. They're touchy on their culture.

phocean said...

Thanks!
I have followed your blog for a while, so it was a nice surprise to see you giving a talk here.
I hope you will come to the next edition.
The fact is that SSTIC has always been French centered, so it is good to see some international speaker like you coming now.
Oh, and French is probably obscure, but somehow less than Polish is, right? :)

Joanna Rutkowska said...

@Ven: no, there is no audio available AFAIK.

@phocean: that's exactly the reason why I haven't written any technical paper in polish.

Ben said...

@Anonymous: we really appreciate Joanna's comment on SSTIC and she is welcome to the next editions of the conference! Consider that the talks obfuscation technique that we use is the "French touch" of the conference (although we are aware that it considerably limits the audience...)

lyecdevf said...

I like how you stated at the end that aggression is not any long term solution. Indeed that is true but what gets to me as a security minded person is how people easily dismiss even the most basic security measures. I have seen people remove AV's because of annoying pop ups. Although I am sure that is not what the conference was about but I think you can not find a solution to a problem that most do not see.

Joanna Rutkowska said...

@lyecdevf: did I actually say something like this? I could swear I didn't. Perhaps you've been watching my alter ego in a parallel universe? Or they had been changing something in the Matrix? Have you also seen a black cat? ;)

Joanna Rutkowska said...

Oh, perhaps you were referring to my statement about the ridiculous law proposal in the blog post? My intention was not to criticize it because of its offensive nature, but rather because of it being completely superficial in terms of not being able to solve any practical problem. I'm not a hippie, really...

Joanna Rutkowska said...

To clarify this further: it's clear that US is clueless about not only how to secure their infrastructure, but also how to trace down the actual attackers. In this case proposing a military counter-strike law is just ridiculous.

Do I think aggression/offence can be used for defence/protection -- in same cases probably yes, but only when we clearly now the attacker.

lyecdevf said...

Indeed it seems some times like some one has been changing some thing in the matrix when we read such proposals of military action. Who would they attack if a bunch of skidds got lucky and bounced there connection over several places?

I am glad you are not a hippie though. I would not want to see you waiving a flag with a group of peace marchers in front of some US embassy if there was such at attack some time in the future.

Juan F. said...

I am really sorry Joanna for asking this question in this post, but what do you think is going to be the future of virtual introspection? I have read stuff about xenacces, but it seems very limited. Do you think in the future we are going to be able to analyze virtual systems without making any changes to them while they are running. I am sorry I am new to all this virtual introspection. Thank you and gyou have a great blog.

konst said...

Haven't seen the slides yet but are you aware that much of what you are trying to do with Qubes has also been done with the Genode framework with the NOVA microhypervisor and/or the L4/Fiasco.OC microkernel?

http://www.hypervisor.org

http://genode.org

There's an iso demo in those links.

konst said...

Forgot to add this youtube presentation of Genode

http://www.youtube.com/watch?v=Z1IMV3FJO7Q

maybe Qubes and Gneode can use each others ideas/code?+