Don't Get Owned by Dependencies - How Firefox Uses WebAssembly for Protection

Explore how Firefox utilizes WebAssembly to protect itself from exploitable libraries in this 30-minute conference talk. Learn about the innovative approach to mitigating memory safety vulnerabilities in third-party C libraries, a major source of zero-day attacks in modern applications. Discover the journey of migrating Firefox to an architecture where these libraries run in lightweight in-memory sandboxes powered by WebAssembly, a feature that has been in production since 2020. Delve into the challenges faced during implementation and understand RLBox, the language-level framework developed to address these issues. Gain insights into real-world applications of RLBox in Firefox, examine the performance impact of sandboxing, and find out how to apply these tools to your own projects for enhanced security.

Don't Get Owned by Dependencies: How Firefox Uses Wasm to Protect Itself from... - Shravan Narayan