BSDCan'06For the past four days I've been at BSDCan'06, talking to other FreeBSD developers and users, meeting the rest of the FreeBSD Security Team, attending talks (mostly from other FreeBSD developers), and presenting my paper.
To quickly summarize the paper: Difficult questions often arise when handling security problems, and they usually result from poor specifications. We're never going to convince everybody to write formal specifications for every interface they provide; but as far as security is concerned, what we really need is clear and precise specifications not for what a program should do, but instead for what it is guaranteed to do. In short, we need to add "fine print" into our API contracts, and define a security flaw to be any bug which violates the guarantees provided in the fine print.
Now that the conference is over, I'm going to spend the day touring Ottawa before my evening flight back to Vancouver; on Monday I'll start work on rewriting FreeBSD Update.
blog comments powered by Disqus