YoVDO

A Systematic Evaluation of OpenBSD's Mitigations

Offered By: media.ccc.de via YouTube

Tags

Conference Talks Courses Cybersecurity Courses Operating System Security Courses Threat Modeling Courses

Course Description

Overview

Explore a systematic evaluation of OpenBSD's security mitigations in this 53-minute conference talk from the 36th Chaos Communication Congress (36C3). Delve into a comprehensive analysis of OpenBSD's advertised security features, examining their effectiveness, performance impacts, and potential vulnerabilities. Learn about various mitigations such as privilege separation, Unveil, ASLR, RETGUARD, and TCP SYN cookies. Gain insights into the rationale behind these security measures, their origins, and how they compare to implementations in other operating systems. Discover the importance of threat modeling and evidence-based security claims in operating system design. Evaluate OpenBSD's reputation as a secure operating system through a rational and systematic approach, considering factors like complexity, inspectability, and ease of bypass.

Syllabus

Intro
OpenBSD?
Expectations
How do we measure exploit mitigations anyway?
Privilege separation and privilege drop
Example: rootless Xorg
Unveil
Hyperwhat?
Spectre v1, v2 and v3
AS(L)R
Position Independent Code/Executable
Libc/libcrypto symbols randomisation
Library order randomisation
Userland heap management
Rop gadgets removal, but why?
RETGUARD 2018
TCP SYN cookies
Development practices
Conclusion


Taught by

media.ccc.de

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube
Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube
Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube
What's New in Grails 2.0
ChariotSolutions via YouTube
Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube